[ros-dev] [ros-diffs] [reactos] 02/03: [MBEDTLS] Update to version 2.7.6. CORE-15280
Pierre Schweitzer
pierre at reactos.org
Sat Jan 5 10:20:24 UTC 2019
Hey Thomas,
Is that an upgrade to 2.7.6 or 2.7.9?
Your commit reads the first one, while Jira associated ticket reads the
second one.
Cheers,
Pierre
Le 05/01/2019 à 10:36, Thomas Faber a écrit :
> https://git.reactos.org/?p=reactos.git;a=commitdiff;h=d9e6c9b539327f861c3068e89cfe80f0004ee4c5
>
> commit d9e6c9b539327f861c3068e89cfe80f0004ee4c5
> Author: Thomas Faber <thomas.faber at reactos.org>
> AuthorDate: Wed Oct 31 16:00:34 2018 +0100
> Commit: Thomas Faber <thomas.faber at reactos.org>
> CommitDate: Sat Jan 5 09:20:35 2019 +0100
>
> [MBEDTLS] Update to version 2.7.6. CORE-15280
>
> Note: this disables the MBEDTLS_DEPRECATED_REMOVED configuration value,
> because we require the now-deprecated MD5 & SHA functions for bcrypt.
> ---
> dll/3rdparty/mbedtls/CMakeLists.txt | 1 +
> dll/3rdparty/mbedtls/aes.c | 238 ++--
> dll/3rdparty/mbedtls/asn1write.c | 5 +-
> dll/3rdparty/mbedtls/bignum.c | 24 +-
> dll/3rdparty/mbedtls/ccm.c | 39 +-
> dll/3rdparty/mbedtls/cipher.c | 24 +-
> dll/3rdparty/mbedtls/cmac.c | 12 +-
> dll/3rdparty/mbedtls/ctr_drbg.c | 116 +-
> dll/3rdparty/mbedtls/debug.c | 2 +-
> dll/3rdparty/mbedtls/dhm.c | 62 +-
> dll/3rdparty/mbedtls/ecdh.c | 4 +
> dll/3rdparty/mbedtls/ecdsa.c | 13 +
> dll/3rdparty/mbedtls/ecjpake.c | 5 +-
> dll/3rdparty/mbedtls/ecp.c | 11 +-
> dll/3rdparty/mbedtls/entropy.c | 136 ++-
> dll/3rdparty/mbedtls/error.c | 135 ++-
> dll/3rdparty/mbedtls/gcm.c | 200 ++--
> dll/3rdparty/mbedtls/hmac_drbg.c | 15 +-
> dll/3rdparty/mbedtls/md.c | 109 +-
> dll/3rdparty/mbedtls/md2.c | 119 +-
> dll/3rdparty/mbedtls/md4.c | 132 ++-
> dll/3rdparty/mbedtls/md5.c | 163 ++-
> dll/3rdparty/mbedtls/md_wrap.c | 171 +--
> dll/3rdparty/mbedtls/memory_buffer_alloc.c | 31 +-
> dll/3rdparty/mbedtls/net_sockets.c | 18 +-
> dll/3rdparty/mbedtls/oid.c | 45 +
> dll/3rdparty/mbedtls/pem.c | 125 +-
> dll/3rdparty/mbedtls/pk.c | 7 +-
> dll/3rdparty/mbedtls/pk_wrap.c | 49 +-
> dll/3rdparty/mbedtls/pkcs5.c | 26 +-
> dll/3rdparty/mbedtls/pkparse.c | 229 +++-
> dll/3rdparty/mbedtls/pkwrite.c | 110 +-
> dll/3rdparty/mbedtls/platform.c | 15 +-
> dll/3rdparty/mbedtls/ripemd160.c | 157 ++-
> dll/3rdparty/mbedtls/rsa.c | 1244 ++++++++++++++------
> dll/3rdparty/mbedtls/rsa_internal.c | 489 ++++++++
> dll/3rdparty/mbedtls/sha1.c | 175 ++-
> dll/3rdparty/mbedtls/sha256.c | 182 ++-
> dll/3rdparty/mbedtls/sha512.c | 184 ++-
> dll/3rdparty/mbedtls/ssl_cache.c | 1 +
> dll/3rdparty/mbedtls/ssl_ciphersuites.c | 6 +-
> dll/3rdparty/mbedtls/ssl_cli.c | 301 ++---
> dll/3rdparty/mbedtls/ssl_srv.c | 189 ++-
> dll/3rdparty/mbedtls/ssl_tls.c | 923 +++++++++++----
> dll/3rdparty/mbedtls/threading.c | 12 +
> dll/3rdparty/mbedtls/timing.c | 131 ++-
> dll/3rdparty/mbedtls/version_features.c | 42 +-
> dll/3rdparty/mbedtls/x509.c | 23 +-
> dll/3rdparty/mbedtls/x509_crl.c | 65 +-
> dll/3rdparty/mbedtls/x509_crt.c | 114 +-
> dll/3rdparty/mbedtls/x509_csr.c | 29 +-
> dll/3rdparty/mbedtls/x509write_crt.c | 78 +-
> dll/3rdparty/mbedtls/x509write_csr.c | 23 +-
> sdk/include/reactos/libs/mbedtls/aes.h | 366 +++---
> sdk/include/reactos/libs/mbedtls/aesni.h | 3 +-
> sdk/include/reactos/libs/mbedtls/arc4.h | 38 +-
> sdk/include/reactos/libs/mbedtls/asn1.h | 20 +-
> sdk/include/reactos/libs/mbedtls/asn1write.h | 3 +-
> sdk/include/reactos/libs/mbedtls/base64.h | 3 +-
> sdk/include/reactos/libs/mbedtls/bignum.h | 11 +-
> sdk/include/reactos/libs/mbedtls/blowfish.h | 4 +-
> sdk/include/reactos/libs/mbedtls/bn_mul.h | 20 +-
> sdk/include/reactos/libs/mbedtls/camellia.h | 4 +-
> sdk/include/reactos/libs/mbedtls/ccm.h | 153 ++-
> sdk/include/reactos/libs/mbedtls/certs.h | 3 +-
> sdk/include/reactos/libs/mbedtls/check_config.h | 7 +-
> sdk/include/reactos/libs/mbedtls/cipher.h | 561 +++++----
> sdk/include/reactos/libs/mbedtls/cipher_internal.h | 3 +-
> sdk/include/reactos/libs/mbedtls/cmac.h | 184 +--
> sdk/include/reactos/libs/mbedtls/compat-1.3.h | 3 +-
> sdk/include/reactos/libs/mbedtls/config.h | 141 ++-
> sdk/include/reactos/libs/mbedtls/ctr_drbg.h | 254 ++--
> sdk/include/reactos/libs/mbedtls/debug.h | 3 +-
> sdk/include/reactos/libs/mbedtls/des.h | 51 +
> sdk/include/reactos/libs/mbedtls/dhm.h | 1114 +++++++++++++++---
> sdk/include/reactos/libs/mbedtls/ecdh.h | 239 ++--
> sdk/include/reactos/libs/mbedtls/ecdsa.h | 286 +++--
> sdk/include/reactos/libs/mbedtls/ecjpake.h | 21 +-
> sdk/include/reactos/libs/mbedtls/ecp.h | 6 +-
> sdk/include/reactos/libs/mbedtls/ecp_internal.h | 5 +-
> sdk/include/reactos/libs/mbedtls/entropy.h | 4 +-
> sdk/include/reactos/libs/mbedtls/entropy_poll.h | 3 +-
> sdk/include/reactos/libs/mbedtls/error.h | 40 +-
> sdk/include/reactos/libs/mbedtls/gcm.h | 241 ++--
> sdk/include/reactos/libs/mbedtls/havege.h | 3 +-
> sdk/include/reactos/libs/mbedtls/hmac_drbg.h | 5 +-
> sdk/include/reactos/libs/mbedtls/md.h | 371 +++---
> sdk/include/reactos/libs/mbedtls/md2.h | 191 ++-
> sdk/include/reactos/libs/mbedtls/md4.h | 196 ++-
> sdk/include/reactos/libs/mbedtls/md5.h | 194 ++-
> sdk/include/reactos/libs/mbedtls/md_internal.h | 15 +-
> .../reactos/libs/mbedtls/memory_buffer_alloc.h | 3 +-
> sdk/include/reactos/libs/mbedtls/net.h | 9 +-
> sdk/include/reactos/libs/mbedtls/net_sockets.h | 8 +-
> sdk/include/reactos/libs/mbedtls/oid.h | 21 +-
> sdk/include/reactos/libs/mbedtls/padlock.h | 3 +-
> sdk/include/reactos/libs/mbedtls/pem.h | 3 +-
> sdk/include/reactos/libs/mbedtls/pk.h | 16 +-
> sdk/include/reactos/libs/mbedtls/pk_internal.h | 5 +-
> sdk/include/reactos/libs/mbedtls/pkcs11.h | 3 +-
> sdk/include/reactos/libs/mbedtls/pkcs12.h | 3 +-
> sdk/include/reactos/libs/mbedtls/pkcs5.h | 3 +-
> sdk/include/reactos/libs/mbedtls/platform.h | 111 +-
> sdk/include/reactos/libs/mbedtls/platform_time.h | 3 +-
> sdk/include/reactos/libs/mbedtls/ripemd160.h | 125 +-
> sdk/include/reactos/libs/mbedtls/rsa.h | 1166 ++++++++++++------
> sdk/include/reactos/libs/mbedtls/rsa_internal.h | 228 ++++
> sdk/include/reactos/libs/mbedtls/sha1.h | 248 +++-
> sdk/include/reactos/libs/mbedtls/sha256.h | 215 +++-
> sdk/include/reactos/libs/mbedtls/sha512.h | 221 +++-
> sdk/include/reactos/libs/mbedtls/ssl.h | 117 +-
> sdk/include/reactos/libs/mbedtls/ssl_cache.h | 3 +-
> .../reactos/libs/mbedtls/ssl_ciphersuites.h | 5 +-
> sdk/include/reactos/libs/mbedtls/ssl_cookie.h | 3 +-
> sdk/include/reactos/libs/mbedtls/ssl_internal.h | 70 +-
> sdk/include/reactos/libs/mbedtls/ssl_ticket.h | 3 +-
> sdk/include/reactos/libs/mbedtls/threading.h | 7 +-
> sdk/include/reactos/libs/mbedtls/timing.h | 30 +-
> sdk/include/reactos/libs/mbedtls/version.h | 13 +-
> sdk/include/reactos/libs/mbedtls/x509.h | 3 +-
> sdk/include/reactos/libs/mbedtls/x509_crl.h | 3 +-
> sdk/include/reactos/libs/mbedtls/x509_crt.h | 31 +-
> sdk/include/reactos/libs/mbedtls/x509_csr.h | 3 +-
> sdk/include/reactos/libs/mbedtls/xtea.h | 4 +-
> 124 files changed, 10395 insertions(+), 3822 deletions(-)
>
> diff --git a/dll/3rdparty/mbedtls/CMakeLists.txt b/dll/3rdparty/mbedtls/CMakeLists.txt
> index 0fbb59bbf4..7a5210bdef 100644
> --- a/dll/3rdparty/mbedtls/CMakeLists.txt
> +++ b/dll/3rdparty/mbedtls/CMakeLists.txt
> @@ -54,6 +54,7 @@ list(APPEND SOURCE
> platform.c
> ripemd160.c
> rsa.c
> + rsa_internal.c
> sha1.c
> sha256.c
> sha512.c
> diff --git a/dll/3rdparty/mbedtls/aes.c b/dll/3rdparty/mbedtls/aes.c
> index dadfbe3c68..fed58bbc01 100644
> --- a/dll/3rdparty/mbedtls/aes.c
> +++ b/dll/3rdparty/mbedtls/aes.c
> @@ -767,12 +767,14 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
> }
> #endif /* !MBEDTLS_AES_ENCRYPT_ALT */
>
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
> const unsigned char input[16],
> unsigned char output[16] )
> {
> mbedtls_internal_aes_encrypt( ctx, input, output );
> }
> +#endif /* !MBEDTLS_DEPRECATED_REMOVED */
>
> /*
> * AES-ECB block decryption
> @@ -833,12 +835,14 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
> }
> #endif /* !MBEDTLS_AES_DECRYPT_ALT */
>
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
> const unsigned char input[16],
> unsigned char output[16] )
> {
> mbedtls_internal_aes_decrypt( ctx, input, output );
> }
> +#endif /* !MBEDTLS_DEPRECATED_REMOVED */
>
> /*
> * AES-ECB block encryption/decryption
> @@ -1237,9 +1241,11 @@ static const int aes_test_ctr_len[3] =
> */
> int mbedtls_aes_self_test( int verbose )
> {
> - int ret = 0, i, j, u, v;
> + int ret = 0, i, j, u, mode;
> + unsigned int keybits;
> unsigned char key[32];
> unsigned char buf[64];
> + const unsigned char *aes_tests;
> #if defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB)
> unsigned char iv[16];
> #endif
> @@ -1265,45 +1271,52 @@ int mbedtls_aes_self_test( int verbose )
> for( i = 0; i < 6; i++ )
> {
> u = i >> 1;
> - v = i & 1;
> + keybits = 128 + u * 64;
> + mode = i & 1;
>
> if( verbose != 0 )
> - mbedtls_printf( " AES-ECB-%3d (%s): ", 128 + u * 64,
> - ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
> + mbedtls_printf( " AES-ECB-%3d (%s): ", keybits,
> + ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>
> memset( buf, 0, 16 );
>
> - if( v == MBEDTLS_AES_DECRYPT )
> + if( mode == MBEDTLS_AES_DECRYPT )
> {
> - mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
> -
> - for( j = 0; j < 10000; j++ )
> - mbedtls_aes_crypt_ecb( &ctx, v, buf, buf );
> -
> - if( memcmp( buf, aes_test_ecb_dec[u], 16 ) != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - ret = 1;
> - goto exit;
> - }
> + ret = mbedtls_aes_setkey_dec( &ctx, key, keybits );
> + aes_tests = aes_test_ecb_dec[u];
> }
> else
> {
> - mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
> -
> - for( j = 0; j < 10000; j++ )
> - mbedtls_aes_crypt_ecb( &ctx, v, buf, buf );
> + ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
> + aes_tests = aes_test_ecb_enc[u];
> + }
>
> - if( memcmp( buf, aes_test_ecb_enc[u], 16 ) != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> + /*
> + * AES-192 is an optional feature that may be unavailable when
> + * there is an alternative underlying implementation i.e. when
> + * MBEDTLS_AES_ALT is defined.
> + */
> + if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 )
> + {
> + mbedtls_printf( "skipped\n" );
> + continue;
> + }
> + else if( ret != 0 )
> + {
> + goto exit;
> + }
>
> - ret = 1;
> + for( j = 0; j < 10000; j++ )
> + {
> + ret = mbedtls_aes_crypt_ecb( &ctx, mode, buf, buf );
> + if( ret != 0 )
> goto exit;
> - }
> + }
> +
> + if( memcmp( buf, aes_tests, 16 ) != 0 )
> + {
> + ret = 1;
> + goto exit;
> }
>
> if( verbose != 0 )
> @@ -1320,55 +1333,64 @@ int mbedtls_aes_self_test( int verbose )
> for( i = 0; i < 6; i++ )
> {
> u = i >> 1;
> - v = i & 1;
> + keybits = 128 + u * 64;
> + mode = i & 1;
>
> if( verbose != 0 )
> - mbedtls_printf( " AES-CBC-%3d (%s): ", 128 + u * 64,
> - ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
> + mbedtls_printf( " AES-CBC-%3d (%s): ", keybits,
> + ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>
> memset( iv , 0, 16 );
> memset( prv, 0, 16 );
> memset( buf, 0, 16 );
>
> - if( v == MBEDTLS_AES_DECRYPT )
> + if( mode == MBEDTLS_AES_DECRYPT )
> {
> - mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
> -
> - for( j = 0; j < 10000; j++ )
> - mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf );
> -
> - if( memcmp( buf, aes_test_cbc_dec[u], 16 ) != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - ret = 1;
> - goto exit;
> - }
> + ret = mbedtls_aes_setkey_dec( &ctx, key, keybits );
> + aes_tests = aes_test_cbc_dec[u];
> }
> else
> {
> - mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
> + ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
> + aes_tests = aes_test_cbc_enc[u];
> + }
> +
> + /*
> + * AES-192 is an optional feature that may be unavailable when
> + * there is an alternative underlying implementation i.e. when
> + * MBEDTLS_AES_ALT is defined.
> + */
> + if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 )
> + {
> + mbedtls_printf( "skipped\n" );
> + continue;
> + }
> + else if( ret != 0 )
> + {
> + goto exit;
> + }
>
> - for( j = 0; j < 10000; j++ )
> + for( j = 0; j < 10000; j++ )
> + {
> + if( mode == MBEDTLS_AES_ENCRYPT )
> {
> unsigned char tmp[16];
>
> - mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf );
> -
> memcpy( tmp, prv, 16 );
> memcpy( prv, buf, 16 );
> memcpy( buf, tmp, 16 );
> }
>
> - if( memcmp( prv, aes_test_cbc_enc[u], 16 ) != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - ret = 1;
> + ret = mbedtls_aes_crypt_cbc( &ctx, mode, 16, iv, buf, buf );
> + if( ret != 0 )
> goto exit;
> - }
> +
> + }
> +
> + if( memcmp( buf, aes_tests, 16 ) != 0 )
> + {
> + ret = 1;
> + goto exit;
> }
>
> if( verbose != 0 )
> @@ -1386,45 +1408,52 @@ int mbedtls_aes_self_test( int verbose )
> for( i = 0; i < 6; i++ )
> {
> u = i >> 1;
> - v = i & 1;
> + keybits = 128 + u * 64;
> + mode = i & 1;
>
> if( verbose != 0 )
> - mbedtls_printf( " AES-CFB128-%3d (%s): ", 128 + u * 64,
> - ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
> + mbedtls_printf( " AES-CFB128-%3d (%s): ", keybits,
> + ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>
> memcpy( iv, aes_test_cfb128_iv, 16 );
> - memcpy( key, aes_test_cfb128_key[u], 16 + u * 8 );
> + memcpy( key, aes_test_cfb128_key[u], keybits / 8 );
>
> offset = 0;
> - mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
> + ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
> + /*
> + * AES-192 is an optional feature that may be unavailable when
> + * there is an alternative underlying implementation i.e. when
> + * MBEDTLS_AES_ALT is defined.
> + */
> + if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 )
> + {
> + mbedtls_printf( "skipped\n" );
> + continue;
> + }
> + else if( ret != 0 )
> + {
> + goto exit;
> + }
>
> - if( v == MBEDTLS_AES_DECRYPT )
> + if( mode == MBEDTLS_AES_DECRYPT )
> {
> memcpy( buf, aes_test_cfb128_ct[u], 64 );
> - mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf );
> -
> - if( memcmp( buf, aes_test_cfb128_pt, 64 ) != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - ret = 1;
> - goto exit;
> - }
> + aes_tests = aes_test_cfb128_pt;
> }
> else
> {
> memcpy( buf, aes_test_cfb128_pt, 64 );
> - mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf );
> + aes_tests = aes_test_cfb128_ct[u];
> + }
>
> - if( memcmp( buf, aes_test_cfb128_ct[u], 64 ) != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> + ret = mbedtls_aes_crypt_cfb128( &ctx, mode, 64, &offset, iv, buf, buf );
> + if( ret != 0 )
> + goto exit;
>
> - ret = 1;
> - goto exit;
> - }
> + if( memcmp( buf, aes_tests, 64 ) != 0 )
> + {
> + ret = 1;
> + goto exit;
> }
>
> if( verbose != 0 )
> @@ -1442,51 +1471,41 @@ int mbedtls_aes_self_test( int verbose )
> for( i = 0; i < 6; i++ )
> {
> u = i >> 1;
> - v = i & 1;
> + mode = i & 1;
>
> if( verbose != 0 )
> mbedtls_printf( " AES-CTR-128 (%s): ",
> - ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
> + ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>
> memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 );
> memcpy( key, aes_test_ctr_key[u], 16 );
>
> offset = 0;
> - mbedtls_aes_setkey_enc( &ctx, key, 128 );
> + if( ( ret = mbedtls_aes_setkey_enc( &ctx, key, 128 ) ) != 0 )
> + goto exit;
> +
> + len = aes_test_ctr_len[u];
>
> - if( v == MBEDTLS_AES_DECRYPT )
> + if( mode == MBEDTLS_AES_DECRYPT )
> {
> - len = aes_test_ctr_len[u];
> memcpy( buf, aes_test_ctr_ct[u], len );
> -
> - mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
> - buf, buf );
> -
> - if( memcmp( buf, aes_test_ctr_pt[u], len ) != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - ret = 1;
> - goto exit;
> - }
> + aes_tests = aes_test_ctr_pt[u];
> }
> else
> {
> - len = aes_test_ctr_len[u];
> memcpy( buf, aes_test_ctr_pt[u], len );
> + aes_tests = aes_test_ctr_ct[u];
> + }
>
> - mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
> - buf, buf );
> -
> - if( memcmp( buf, aes_test_ctr_ct[u], len ) != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> + ret = mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter,
> + stream_block, buf, buf );
> + if( ret != 0 )
> + goto exit;
>
> - ret = 1;
> - goto exit;
> - }
> + if( memcmp( buf, aes_tests, len ) != 0 )
> + {
> + ret = 1;
> + goto exit;
> }
>
> if( verbose != 0 )
> @@ -1500,6 +1519,9 @@ int mbedtls_aes_self_test( int verbose )
> ret = 0;
>
> exit:
> + if( ret != 0 && verbose != 0 )
> + mbedtls_printf( "failed\n" );
> +
> mbedtls_aes_free( &ctx );
>
> return( ret );
> diff --git a/dll/3rdparty/mbedtls/asn1write.c b/dll/3rdparty/mbedtls/asn1write.c
> index ba31c05909..00b5e7ad4f 100644
> --- a/dll/3rdparty/mbedtls/asn1write.c
> +++ b/dll/3rdparty/mbedtls/asn1write.c
> @@ -85,7 +85,9 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len
> return( 4 );
> }
>
> +#if SIZE_MAX > 0xFFFFFFFF
> if( len <= 0xFFFFFFFF )
> +#endif
> {
> if( *p - start < 5 )
> return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
> @@ -98,7 +100,9 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len
> return( 5 );
> }
>
> +#if SIZE_MAX > 0xFFFFFFFF
> return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
> +#endif
> }
>
> int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
> @@ -234,7 +238,6 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
> int ret;
> size_t len = 0;
>
> - // TODO negative values and values larger than 128
> // DER format assumes 2s complement for numbers, so the leftmost bit
> // should be 0 for positive numbers and 1 for negative numbers.
> //
> diff --git a/dll/3rdparty/mbedtls/bignum.c b/dll/3rdparty/mbedtls/bignum.c
> index ab510e2df5..49441d19b8 100644
> --- a/dll/3rdparty/mbedtls/bignum.c
> +++ b/dll/3rdparty/mbedtls/bignum.c
> @@ -65,6 +65,11 @@ static void mbedtls_mpi_zeroize( mbedtls_mpi_uint *v, size_t n ) {
> volatile mbedtls_mpi_uint *p = v; while( n-- ) *p++ = 0;
> }
>
> +/* Implementation that should never be optimized out by the compiler */
> +static void mbedtls_zeroize( void *v, size_t n ) {
> + volatile unsigned char *p = v; while( n-- ) *p++ = 0;
> +}
> +
> #define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */
> #define biL (ciL << 3) /* bits in limb */
> #define biH (ciL << 2) /* half limb size */
> @@ -674,16 +679,20 @@ cleanup:
> int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen )
> {
> int ret;
> - size_t i, j, n;
> + size_t i, j;
> + size_t const limbs = CHARS_TO_LIMBS( buflen );
>
> - for( n = 0; n < buflen; n++ )
> - if( buf[n] != 0 )
> - break;
> + /* Ensure that target MPI has exactly the necessary number of limbs */
> + if( X->n != limbs )
> + {
> + mbedtls_mpi_free( X );
> + mbedtls_mpi_init( X );
> + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) );
> + }
>
> - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, CHARS_TO_LIMBS( buflen - n ) ) );
> MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
>
> - for( i = buflen, j = 0; i > n; i--, j++ )
> + for( i = buflen, j = 0; i > 0; i--, j++ )
> X->p[j / ciL] |= ((mbedtls_mpi_uint) buf[i - 1]) << ((j % ciL) << 3);
>
> cleanup:
> @@ -1616,7 +1625,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi
> mbedtls_mpi RR, T, W[ 2 << MBEDTLS_MPI_WINDOW_SIZE ], Apos;
> int neg;
>
> - if( mbedtls_mpi_cmp_int( N, 0 ) < 0 || ( N->p[0] & 1 ) == 0 )
> + if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 || ( N->p[0] & 1 ) == 0 )
> return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
>
> if( mbedtls_mpi_cmp_int( E, 0 ) < 0 )
> @@ -1884,6 +1893,7 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
> MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( X, buf, size ) );
>
> cleanup:
> + mbedtls_zeroize( buf, sizeof( buf ) );
> return( ret );
> }
>
> diff --git a/dll/3rdparty/mbedtls/ccm.c b/dll/3rdparty/mbedtls/ccm.c
> index b974aec829..07c1ab7029 100644
> --- a/dll/3rdparty/mbedtls/ccm.c
> +++ b/dll/3rdparty/mbedtls/ccm.c
> @@ -51,6 +51,8 @@
> #endif /* MBEDTLS_PLATFORM_C */
> #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
>
> +#if !defined(MBEDTLS_CCM_ALT)
> +
> /* Implementation that should never be optimized out by the compiler */
> static void mbedtls_zeroize( void *v, size_t n ) {
> volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
> @@ -350,6 +352,7 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
> return( 0 );
> }
>
> +#endif /* !MBEDTLS_CCM_ALT */
>
> #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
> /*
> @@ -357,7 +360,8 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
> */
>
> #define NB_TESTS 3
> -
> +#define CCM_SELFTEST_PT_MAX_LEN 24
> +#define CCM_SELFTEST_CT_MAX_LEN 32
> /*
> * The data is the same for all tests, only the used length changes
> */
> @@ -377,7 +381,7 @@ static const unsigned char ad[] = {
> 0x10, 0x11, 0x12, 0x13
> };
>
> -static const unsigned char msg[] = {
> +static const unsigned char msg[CCM_SELFTEST_PT_MAX_LEN] = {
> 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> @@ -388,7 +392,7 @@ static const size_t add_len[NB_TESTS] = { 8, 16, 20 };
> static const size_t msg_len[NB_TESTS] = { 4, 16, 24 };
> static const size_t tag_len[NB_TESTS] = { 4, 6, 8 };
>
> -static const unsigned char res[NB_TESTS][32] = {
> +static const unsigned char res[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = {
> { 0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d },
> { 0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62,
> 0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d,
> @@ -402,7 +406,13 @@ static const unsigned char res[NB_TESTS][32] = {
> int mbedtls_ccm_self_test( int verbose )
> {
> mbedtls_ccm_context ctx;
> - unsigned char out[32];
> + /*
> + * Some hardware accelerators require the input and output buffers
> + * would be in RAM, because the flash is not accessible.
> + * Use buffers on the stack to hold the test vectors data.
> + */
> + unsigned char plaintext[CCM_SELFTEST_PT_MAX_LEN];
> + unsigned char ciphertext[CCM_SELFTEST_CT_MAX_LEN];
> size_t i;
> int ret;
>
> @@ -421,27 +431,32 @@ int mbedtls_ccm_self_test( int verbose )
> if( verbose != 0 )
> mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 );
>
> + memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
> + memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN );
> + memcpy( plaintext, msg, msg_len[i] );
> +
> ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i],
> - iv, iv_len[i], ad, add_len[i],
> - msg, out,
> - out + msg_len[i], tag_len[i] );
> + iv, iv_len[i], ad, add_len[i],
> + plaintext, ciphertext,
> + ciphertext + msg_len[i], tag_len[i] );
>
> if( ret != 0 ||
> - memcmp( out, res[i], msg_len[i] + tag_len[i] ) != 0 )
> + memcmp( ciphertext, res[i], msg_len[i] + tag_len[i] ) != 0 )
> {
> if( verbose != 0 )
> mbedtls_printf( "failed\n" );
>
> return( 1 );
> }
> + memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
>
> ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i],
> - iv, iv_len[i], ad, add_len[i],
> - res[i], out,
> - res[i] + msg_len[i], tag_len[i] );
> + iv, iv_len[i], ad, add_len[i],
> + ciphertext, plaintext,
> + ciphertext + msg_len[i], tag_len[i] );
>
> if( ret != 0 ||
> - memcmp( out, msg, msg_len[i] ) != 0 )
> + memcmp( plaintext, msg, msg_len[i] ) != 0 )
> {
> if( verbose != 0 )
> mbedtls_printf( "failed\n" );
> diff --git a/dll/3rdparty/mbedtls/cipher.c b/dll/3rdparty/mbedtls/cipher.c
> index ff6f3cadeb..e36445f975 100644
> --- a/dll/3rdparty/mbedtls/cipher.c
> +++ b/dll/3rdparty/mbedtls/cipher.c
> @@ -58,10 +58,6 @@
> #define mbedtls_free free
> #endif
>
> -#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
> -#define MBEDTLS_CIPHER_MODE_STREAM
> -#endif
> -
> /* Implementation that should never be optimized out by the compiler */
> static void mbedtls_zeroize( void *v, size_t n ) {
> volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
> @@ -327,8 +323,10 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
> /*
> * If there is not enough data for a full block, cache it.
> */
> - if( ( ctx->operation == MBEDTLS_DECRYPT &&
> + if( ( ctx->operation == MBEDTLS_DECRYPT && NULL != ctx->add_padding &&
> ilen <= block_size - ctx->unprocessed_len ) ||
> + ( ctx->operation == MBEDTLS_DECRYPT && NULL == ctx->add_padding &&
> + ilen < block_size - ctx->unprocessed_len ) ||
> ( ctx->operation == MBEDTLS_ENCRYPT &&
> ilen < block_size - ctx->unprocessed_len ) )
> {
> @@ -374,9 +372,17 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
> return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
> }
>
> + /* Encryption: only cache partial blocks
> + * Decryption w/ padding: always keep at least one whole block
> + * Decryption w/o padding: only cache partial blocks
> + */
> copy_len = ilen % block_size;
> - if( copy_len == 0 && ctx->operation == MBEDTLS_DECRYPT )
> + if( copy_len == 0 &&
> + ctx->operation == MBEDTLS_DECRYPT &&
> + NULL != ctx->add_padding)
> + {
> copy_len = block_size;
> + }
>
> memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
> copy_len );
> @@ -518,14 +524,14 @@ static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
> if( NULL == input || NULL == data_len )
> return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
>
> - bad = 0xFF;
> + bad = 0x80;
> *data_len = 0;
> for( i = input_len; i > 0; i-- )
> {
> prev_done = done;
> - done |= ( input[i-1] != 0 );
> + done |= ( input[i - 1] != 0 );
> *data_len |= ( i - 1 ) * ( done != prev_done );
> - bad &= ( input[i-1] ^ 0x80 ) | ( done == prev_done );
> + bad ^= input[i - 1] * ( done != prev_done );
> }
>
> return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
> diff --git a/dll/3rdparty/mbedtls/cmac.c b/dll/3rdparty/mbedtls/cmac.c
> index c72c58f009..0809e2fef2 100644
> --- a/dll/3rdparty/mbedtls/cmac.c
> +++ b/dll/3rdparty/mbedtls/cmac.c
> @@ -67,6 +67,8 @@
> #endif /* MBEDTLS_SELF_TEST */
> #endif /* MBEDTLS_PLATFORM_C */
>
> +#if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)
> +
> /* Implementation that should never be optimized out by the compiler */
> static void mbedtls_zeroize( void *v, size_t n ) {
> volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
> @@ -166,7 +168,9 @@ exit:
>
> return( ret );
> }
> +#endif /* !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST) */
>
> +#if !defined(MBEDTLS_CMAC_ALT)
> static void cmac_xor_block( unsigned char *output, const unsigned char *input1,
> const unsigned char *input2,
> const size_t block_size )
> @@ -470,6 +474,8 @@ exit:
> }
> #endif /* MBEDTLS_AES_C */
>
> +#endif /* !MBEDTLS_CMAC_ALT */
> +
> #if defined(MBEDTLS_SELF_TEST)
> /*
> * CMAC test data for SP800-38B
> @@ -767,7 +773,7 @@ static int cmac_test_subkeys( int verbose,
> int block_size,
> int num_tests )
> {
> - int i, ret;
> + int i, ret = 0;
> mbedtls_cipher_context_t ctx;
> const mbedtls_cipher_info_t *cipher_info;
> unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
> @@ -828,6 +834,7 @@ static int cmac_test_subkeys( int verbose,
> mbedtls_cipher_free( &ctx );
> }
>
> + ret = 0;
> goto exit;
>
> cleanup:
> @@ -849,7 +856,7 @@ static int cmac_test_wth_cipher( int verbose,
> int num_tests )
> {
> const mbedtls_cipher_info_t *cipher_info;
> - int i, ret;
> + int i, ret = 0;
> unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
>
> cipher_info = mbedtls_cipher_info_from_type( cipher_type );
> @@ -883,6 +890,7 @@ static int cmac_test_wth_cipher( int verbose,
> if( verbose != 0 )
> mbedtls_printf( "passed\n" );
> }
> + ret = 0;
>
> exit:
> return( ret );
> diff --git a/dll/3rdparty/mbedtls/ctr_drbg.c b/dll/3rdparty/mbedtls/ctr_drbg.c
> index e032d58d22..7994b53383 100644
> --- a/dll/3rdparty/mbedtls/ctr_drbg.c
> +++ b/dll/3rdparty/mbedtls/ctr_drbg.c
> @@ -21,7 +21,7 @@
> * This file is part of mbed TLS (https://tls.mbed.org)
> */
> /*
> - * The NIST SP 800-90 DRBGs are described in the following publucation.
> + * The NIST SP 800-90 DRBGs are described in the following publication.
> *
> * http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
> */
> @@ -96,11 +96,15 @@ int mbedtls_ctr_drbg_seed_entropy_len(
> /*
> * Initialize with an empty key
> */
> - mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS );
> + if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
> + {
> + return( ret );
> + }
>
> if( ( ret = mbedtls_ctr_drbg_reseed( ctx, custom, len ) ) != 0 )
> + {
> return( ret );
> -
> + }
> return( 0 );
> }
>
> @@ -150,6 +154,7 @@ static int block_cipher_df( unsigned char *output,
> unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE];
> unsigned char *p, *iv;
> mbedtls_aes_context aes_ctx;
> + int ret = 0;
>
> int i, j;
> size_t buf_len, use_len;
> @@ -182,7 +187,10 @@ static int block_cipher_df( unsigned char *output,
> for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ )
> key[i] = i;
>
> - mbedtls_aes_setkey_enc( &aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS );
> + if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
> + {
> + goto exit;
> + }
>
> /*
> * Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data
> @@ -201,7 +209,10 @@ static int block_cipher_df( unsigned char *output,
> use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ?
> MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len;
>
> - mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain );
> + if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain ) ) != 0 )
> + {
> + goto exit;
> + }
> }
>
> memcpy( tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE );
> @@ -215,20 +226,40 @@ static int block_cipher_df( unsigned char *output,
> /*
> * Do final encryption with reduced data
> */
> - mbedtls_aes_setkey_enc( &aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS );
> + if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
> + {
> + goto exit;
> + }
> iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE;
> p = output;
>
> for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
> {
> - mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
> + if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv ) ) != 0 )
> + {
> + goto exit;
> + }
> memcpy( p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE );
> p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
> }
> -
> +exit:
> mbedtls_aes_free( &aes_ctx );
> + /*
> + * tidy up the stack
> + */
> + mbedtls_zeroize( buf, sizeof( buf ) );
> + mbedtls_zeroize( tmp, sizeof( tmp ) );
> + mbedtls_zeroize( key, sizeof( key ) );
> + mbedtls_zeroize( chain, sizeof( chain ) );
> + if( 0 != ret )
> + {
> + /*
> + * wipe partial seed from memory
> + */
> + mbedtls_zeroize( output, MBEDTLS_CTR_DRBG_SEEDLEN );
> + }
>
> - return( 0 );
> + return( ret );
> }
>
> static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
> @@ -237,6 +268,7 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
> unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
> unsigned char *p = tmp;
> int i, j;
> + int ret = 0;
>
> memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
>
> @@ -252,7 +284,10 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
> /*
> * Crypt counter block
> */
> - mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p );
> + if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p ) ) != 0 )
> + {
> + return( ret );
> + }
>
> p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
> }
> @@ -263,7 +298,10 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
> /*
> * Update key and counter
> */
> - mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS );
> + if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
> + {
> + return( ret );
> + }
> memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE );
>
> return( 0 );
> @@ -291,6 +329,7 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
> {
> unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
> size_t seedlen = 0;
> + int ret;
>
> if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ||
> len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len )
> @@ -321,12 +360,18 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
> /*
> * Reduce to 384 bits
> */
> - block_cipher_df( seed, seed, seedlen );
> + if( ( ret = block_cipher_df( seed, seed, seedlen ) ) != 0 )
> + {
> + return( ret );
> + }
>
> /*
> * Update state
> */
> - ctr_drbg_update_internal( ctx, seed );
> + if( ( ret = ctr_drbg_update_internal( ctx, seed ) ) != 0 )
> + {
> + return( ret );
> + }
> ctx->reseed_counter = 1;
>
> return( 0 );
> @@ -356,15 +401,22 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
> ctx->prediction_resistance )
> {
> if( ( ret = mbedtls_ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 )
> + {
> return( ret );
> -
> + }
> add_len = 0;
> }
>
> if( add_len > 0 )
> {
> - block_cipher_df( add_input, additional, add_len );
> - ctr_drbg_update_internal( ctx, add_input );
> + if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 )
> + {
> + return( ret );
> + }
> + if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
> + {
> + return( ret );
> + }
> }
>
> while( output_len > 0 )
> @@ -379,7 +431,10 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
> /*
> * Crypt counter block
> */
> - mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp );
> + if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp ) ) != 0 )
> + {
> + return( ret );
> + }
>
> use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE :
> output_len;
> @@ -391,7 +446,10 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
> output_len -= use_len;
> }
>
> - ctr_drbg_update_internal( ctx, add_input );
> + if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
> + {
> + return( ret );
> + }
>
> ctx->reseed_counter++;
>
> @@ -432,20 +490,20 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
> goto exit;
>
> if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != MBEDTLS_CTR_DRBG_MAX_INPUT )
> - {
> ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
> - goto exit;
> - }
> -
> - ret = 0;
> + else
> + ret = 0;
>
> exit:
> + mbedtls_zeroize( buf, sizeof( buf ) );
> +
> fclose( f );
> return( ret );
> }
>
> int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
> {
> + int ret = 0;
> FILE *f;
> size_t n;
> unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
> @@ -464,14 +522,16 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char
> }
>
> if( fread( buf, 1, n, f ) != n )
> - {
> - fclose( f );
> - return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
> - }
> + ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
> + else
> + mbedtls_ctr_drbg_update( ctx, buf, n );
>
> fclose( f );
>
> - mbedtls_ctr_drbg_update( ctx, buf, n );
> + mbedtls_zeroize( buf, sizeof( buf ) );
> +
> + if( ret != 0 )
> + return( ret );
>
> return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) );
> }
> diff --git a/dll/3rdparty/mbedtls/debug.c b/dll/3rdparty/mbedtls/debug.c
> index 502d0a31c5..92daafe9a8 100644
> --- a/dll/3rdparty/mbedtls/debug.c
> +++ b/dll/3rdparty/mbedtls/debug.c
> @@ -93,7 +93,7 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
>
> va_start( argp, format );
> #if defined(_WIN32)
> -#if defined(_TRUNCATE)
> +#if defined(_TRUNCATE) && !defined(__MINGW32__)
> ret = _vsnprintf_s( str, DEBUG_BUF_SIZE, _TRUNCATE, format, argp );
> #else
> ret = _vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
> diff --git a/dll/3rdparty/mbedtls/dhm.c b/dll/3rdparty/mbedtls/dhm.c
> index 5f825ba52f..c48fc82d2a 100644
> --- a/dll/3rdparty/mbedtls/dhm.c
> +++ b/dll/3rdparty/mbedtls/dhm.c
> @@ -59,6 +59,7 @@
> #define mbedtls_free free
> #endif
>
> +#if !defined(MBEDTLS_DHM_ALT)
> /* Implementation that should never be optimized out by the compiler */
> static void mbedtls_zeroize( void *v, size_t n ) {
> volatile unsigned char *p = v; while( n-- ) *p++ = 0;
> @@ -95,6 +96,9 @@ static int dhm_read_bignum( mbedtls_mpi *X,
> *
> * Parameter should be: 2 <= public_param <= P - 2
> *
> + * This means that we need to return an error if
> + * public_param < 2 or public_param > P-2
> + *
> * For more information on the attack, see:
> * http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf
> * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643
> @@ -102,17 +106,17 @@ static int dhm_read_bignum( mbedtls_mpi *X,
> static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P )
> {
> mbedtls_mpi L, U;
> - int ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
> + int ret = 0;
>
> mbedtls_mpi_init( &L ); mbedtls_mpi_init( &U );
>
> MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &L, 2 ) );
> MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) );
>
> - if( mbedtls_mpi_cmp_mpi( param, &L ) >= 0 &&
> - mbedtls_mpi_cmp_mpi( param, &U ) <= 0 )
> + if( mbedtls_mpi_cmp_mpi( param, &L ) < 0 ||
> + mbedtls_mpi_cmp_mpi( param, &U ) > 0 )
> {
> - ret = 0;
> + ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
> }
>
> cleanup:
> @@ -189,10 +193,15 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
> /*
> * export P, G, GX
> */
> -#define DHM_MPI_EXPORT(X,n) \
> - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, p + 2, n ) ); \
> - *p++ = (unsigned char)( n >> 8 ); \
> - *p++ = (unsigned char)( n ); p += n;
> +#define DHM_MPI_EXPORT( X, n ) \
> + do { \
> + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( ( X ), \
> + p + 2, \
> + ( n ) ) ); \
> + *p++ = (unsigned char)( ( n ) >> 8 ); \
> + *p++ = (unsigned char)( ( n ) ); \
> + p += ( n ); \
> + } while( 0 )
>
> n1 = mbedtls_mpi_size( &ctx->P );
> n2 = mbedtls_mpi_size( &ctx->G );
> @@ -203,7 +212,7 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
> DHM_MPI_EXPORT( &ctx->G , n2 );
> DHM_MPI_EXPORT( &ctx->GX, n3 );
>
> - *olen = p - output;
> + *olen = p - output;
>
> ctx->len = n1;
>
> @@ -215,6 +224,28 @@ cleanup:
> return( 0 );
> }
>
> +/*
> + * Set prime modulus and generator
> + */
> +int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
> + const mbedtls_mpi *P,
> + const mbedtls_mpi *G )
> +{
> + int ret;
> +
> + if( ctx == NULL || P == NULL || G == NULL )
> + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
> +
> + if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ||
> + ( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 )
> + {
> + return( MBEDTLS_ERR_DHM_SET_GROUP_FAILED + ret );
> + }
> +
> + ctx->len = mbedtls_mpi_size( &ctx->P );
> + return( 0 );
> +}
> +
> /*
> * Import the peer's public value G^Y
> */
> @@ -402,10 +433,11 @@ cleanup:
> */
> void mbedtls_dhm_free( mbedtls_dhm_context *ctx )
> {
> - mbedtls_mpi_free( &ctx->pX); mbedtls_mpi_free( &ctx->Vf ); mbedtls_mpi_free( &ctx->Vi );
> - mbedtls_mpi_free( &ctx->RP ); mbedtls_mpi_free( &ctx->K ); mbedtls_mpi_free( &ctx->GY );
> - mbedtls_mpi_free( &ctx->GX ); mbedtls_mpi_free( &ctx->X ); mbedtls_mpi_free( &ctx->G );
> - mbedtls_mpi_free( &ctx->P );
> + mbedtls_mpi_free( &ctx->pX ); mbedtls_mpi_free( &ctx->Vf );
> + mbedtls_mpi_free( &ctx->Vi ); mbedtls_mpi_free( &ctx->RP );
> + mbedtls_mpi_free( &ctx->K ); mbedtls_mpi_free( &ctx->GY );
> + mbedtls_mpi_free( &ctx->GX ); mbedtls_mpi_free( &ctx->X );
> + mbedtls_mpi_free( &ctx->G ); mbedtls_mpi_free( &ctx->P );
>
> mbedtls_zeroize( ctx, sizeof( mbedtls_dhm_context ) );
> }
> @@ -544,7 +576,10 @@ static int load_file( const char *path, unsigned char **buf, size_t *n )
> if( fread( *buf, 1, *n, f ) != *n )
> {
> fclose( f );
> +
> + mbedtls_zeroize( *buf, *n + 1 );
> mbedtls_free( *buf );
> +
> return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
> }
>
> @@ -579,6 +614,7 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path )
> }
> #endif /* MBEDTLS_FS_IO */
> #endif /* MBEDTLS_ASN1_PARSE_C */
> +#endif /* MBEDTLS_DHM_ALT */
>
> #if defined(MBEDTLS_SELF_TEST)
>
> diff --git a/dll/3rdparty/mbedtls/ecdh.c b/dll/3rdparty/mbedtls/ecdh.c
> index 553ac03506..8056d090eb 100644
> --- a/dll/3rdparty/mbedtls/ecdh.c
> +++ b/dll/3rdparty/mbedtls/ecdh.c
> @@ -40,6 +40,7 @@
>
> #include <string.h>
>
> +#if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
> /*
> * Generate public key: simple wrapper around mbedtls_ecp_gen_keypair
> */
> @@ -49,7 +50,9 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp
> {
> return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
> }
> +#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
>
> +#if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
> /*
> * Compute shared secret (SEC1 3.3.1)
> */
> @@ -83,6 +86,7 @@ cleanup:
>
> return( ret );
> }
> +#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
>
> /*
> * Initialize context
> diff --git a/dll/3rdparty/mbedtls/ecdsa.c b/dll/3rdparty/mbedtls/ecdsa.c
> index 69b587a29e..e97e6cb433 100644
> --- a/dll/3rdparty/mbedtls/ecdsa.c
> +++ b/dll/3rdparty/mbedtls/ecdsa.c
> @@ -67,6 +67,7 @@ cleanup:
> return( ret );
> }
>
> +#if !defined(MBEDTLS_ECDSA_SIGN_ALT)
> /*
> * Compute ECDSA signature of a hashed message (SEC1 4.1.3)
> * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message)
> @@ -83,6 +84,10 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
> if( grp->N.p == NULL )
> return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
>
> + /* Make sure d is in range 1..n-1 */
> + if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 )
> + return( MBEDTLS_ERR_ECP_INVALID_KEY );
> +
> mbedtls_ecp_point_init( &R );
> mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t );
>
> @@ -155,6 +160,7 @@ cleanup:
>
> return( ret );
> }
> +#endif /* MBEDTLS_ECDSA_SIGN_ALT */
>
> #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
> /*
> @@ -194,6 +200,7 @@ cleanup:
> }
> #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
>
> +#if !defined(MBEDTLS_ECDSA_VERIFY_ALT)
> /*
> * Verify ECDSA signature of hashed message (SEC1 4.1.4)
> * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
> @@ -279,6 +286,7 @@ cleanup:
>
> return( ret );
> }
> +#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
>
> /*
> * Convert a signature (given by context) to ASN.1
> @@ -394,6 +402,9 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
> &ctx->Q, &r, &s ) ) != 0 )
> goto cleanup;
>
> + /* At this point we know that the buffer starts with a valid signature.
> + * Return 0 if the buffer just contains the signature, and a specific
> + * error code if the valid signature is followed by more data. */
> if( p != end )
> ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH;
>
> @@ -404,6 +415,7 @@ cleanup:
> return( ret );
> }
>
> +#if !defined(MBEDTLS_ECDSA_GENKEY_ALT)
> /*
> * Generate key pair
> */
> @@ -413,6 +425,7 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
> return( mbedtls_ecp_group_load( &ctx->grp, gid ) ||
> mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );
> }
> +#endif /* MBEDTLS_ECDSA_GENKEY_ALT */
>
> /*
> * Set context from an mbedtls_ecp_keypair
> diff --git a/dll/3rdparty/mbedtls/ecjpake.c b/dll/3rdparty/mbedtls/ecjpake.c
> index 4f4a102925..a205746aac 100644
> --- a/dll/3rdparty/mbedtls/ecjpake.c
> +++ b/dll/3rdparty/mbedtls/ecjpake.c
> @@ -38,6 +38,8 @@
>
> #include <string.h>
>
> +#if !defined(MBEDTLS_ECJPAKE_ALT)
> +
> /*
> * Convert a mbedtls_ecjpake_role to identifier string
> */
> @@ -301,7 +303,7 @@ cleanup:
> */
> static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info,
> const mbedtls_ecp_group *grp,
> - const int pf,
> + const int pf,
> const mbedtls_ecp_point *G,
> const mbedtls_mpi *x,
> const mbedtls_ecp_point *X,
> @@ -766,6 +768,7 @@ cleanup:
> #undef ID_MINE
> #undef ID_PEER
>
> +#endif /* ! MBEDTLS_ECJPAKE_ALT */
>
> #if defined(MBEDTLS_SELF_TEST)
>
> diff --git a/dll/3rdparty/mbedtls/ecp.c b/dll/3rdparty/mbedtls/ecp.c
> index 055e70e409..bd473604eb 100644
> --- a/dll/3rdparty/mbedtls/ecp.c
> +++ b/dll/3rdparty/mbedtls/ecp.c
> @@ -1450,7 +1450,12 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
>
> cleanup:
>
> - if( T != NULL && ! p_eq_g )
> + /* There are two cases where T is not stored in grp:
> + * - P != G
> + * - An intermediate operation failed before setting grp->T
> + * In either case, T must be freed.
> + */
> + if( T != NULL && T != grp->T )
> {
> for( i = 0; i < pre_len; i++ )
> mbedtls_ecp_point_free( &T[i] );
> @@ -1955,7 +1960,6 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
> {
> /* SEC1 3.2.1: Generate d such that 1 <= n < N */
> int count = 0;
> - unsigned char rnd[MBEDTLS_ECP_MAX_BYTES];
>
> /*
> * Match the procedure given in RFC 6979 (deterministic ECDSA):
> @@ -1966,8 +1970,7 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
> */
> do
> {
> - MBEDTLS_MPI_CHK( f_rng( p_rng, rnd, n_size ) );
> - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( d, rnd, n_size ) );
> + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) );
> MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_size - grp->nbits ) );
>
> /*
> diff --git a/dll/3rdparty/mbedtls/entropy.c b/dll/3rdparty/mbedtls/entropy.c
> index c88fc51fa2..4e37cd8a3d 100644
> --- a/dll/3rdparty/mbedtls/entropy.c
> +++ b/dll/3rdparty/mbedtls/entropy.c
> @@ -70,21 +70,26 @@ static void mbedtls_zeroize( void *v, size_t n ) {
>
> void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
> {
> - memset( ctx, 0, sizeof(mbedtls_entropy_context) );
> + ctx->source_count = 0;
> + memset( ctx->source, 0, sizeof( ctx->source ) );
>
> #if defined(MBEDTLS_THREADING_C)
> mbedtls_mutex_init( &ctx->mutex );
> #endif
>
> + ctx->accumulator_started = 0;
> #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
> - mbedtls_sha512_starts( &ctx->accumulator, 0 );
> + mbedtls_sha512_init( &ctx->accumulator );
> #else
> - mbedtls_sha256_starts( &ctx->accumulator, 0 );
> + mbedtls_sha256_init( &ctx->accumulator );
> #endif
> #if defined(MBEDTLS_HAVEGE_C)
> mbedtls_havege_init( &ctx->havege_data );
> #endif
>
> + /* Reminder: Update ENTROPY_HAVE_STRONG in the test files
> + * when adding more strong entropy sources here. */
> +
> #if defined(MBEDTLS_TEST_NULL_ENTROPY)
> mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL,
> 1, MBEDTLS_ENTROPY_SOURCE_STRONG );
> @@ -115,6 +120,7 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
> mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL,
> MBEDTLS_ENTROPY_BLOCK_SIZE,
> MBEDTLS_ENTROPY_SOURCE_STRONG );
> + ctx->initial_entropy_run = 0;
> #endif
> #endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
> }
> @@ -127,7 +133,17 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx )
> #if defined(MBEDTLS_THREADING_C)
> mbedtls_mutex_free( &ctx->mutex );
> #endif
> - mbedtls_zeroize( ctx, sizeof( mbedtls_entropy_context ) );
> +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
> + mbedtls_sha512_free( &ctx->accumulator );
> +#else
> + mbedtls_sha256_free( &ctx->accumulator );
> +#endif
> +#if defined(MBEDTLS_ENTROPY_NV_SEED)
> + ctx->initial_entropy_run = 0;
> +#endif
> + ctx->source_count = 0;
> + mbedtls_zeroize( ctx->source, sizeof( ctx->source ) );
> + ctx->accumulator_started = 0;
> }
>
> int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
> @@ -174,13 +190,16 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id
> unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE];
> size_t use_len = len;
> const unsigned char *p = data;
> + int ret = 0;
>
> if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE )
> {
> #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
> - mbedtls_sha512( data, len, tmp, 0 );
> + if( ( ret = mbedtls_sha512_ret( data, len, tmp, 0 ) ) != 0 )
> + goto cleanup;
> #else
> - mbedtls_sha256( data, len, tmp, 0 );
> + if( ( ret = mbedtls_sha256_ret( data, len, tmp, 0 ) ) != 0 )
> + goto cleanup;
> #endif
> p = tmp;
> use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
> @@ -189,15 +208,35 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id
> header[0] = source_id;
> header[1] = use_len & 0xFF;
>
> + /*
> + * Start the accumulator if this has not already happened. Note that
> + * it is sufficient to start the accumulator here only because all calls to
> + * gather entropy eventually execute this code.
> + */
> #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
> - mbedtls_sha512_update( &ctx->accumulator, header, 2 );
> - mbedtls_sha512_update( &ctx->accumulator, p, use_len );
> + if( ctx->accumulator_started == 0 &&
> + ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
> + goto cleanup;
> + else
> + ctx->accumulator_started = 1;
> + if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
> + goto cleanup;
> + ret = mbedtls_sha512_update_ret( &ctx->accumulator, p, use_len );
> #else
> - mbedtls_sha256_update( &ctx->accumulator, header, 2 );
> - mbedtls_sha256_update( &ctx->accumulator, p, use_len );
> + if( ctx->accumulator_started == 0 &&
> + ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
> + goto cleanup;
> + else
> + ctx->accumulator_started = 1;
> + if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
> + goto cleanup;
> + ret = mbedtls_sha256_update_ret( &ctx->accumulator, p, use_len );
> #endif
>
> - return( 0 );
> +cleanup:
> + mbedtls_zeroize( tmp, sizeof( tmp ) );
> +
> + return( ret );
> }
>
> int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
> @@ -244,7 +283,7 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
> if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source,
> buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen ) ) != 0 )
> {
> - return( ret );
> + goto cleanup;
> }
>
> /*
> @@ -252,15 +291,20 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
> */
> if( olen > 0 )
> {
> - entropy_update( ctx, (unsigned char) i, buf, olen );
> + if( ( ret = entropy_update( ctx, (unsigned char) i,
> + buf, olen ) ) != 0 )
> + return( ret );
> ctx->source[i].size += olen;
> }
> }
>
> if( have_one_strong == 0 )
> - return( MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE );
> + ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;
>
> - return( 0 );
> +cleanup:
> + mbedtls_zeroize( buf, sizeof( buf ) );
> +
> + return( ret );
> }
>
> /*
> @@ -335,33 +379,52 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
> memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
>
> #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
> - mbedtls_sha512_finish( &ctx->accumulator, buf );
> + /*
> + * Note that at this stage it is assumed that the accumulator was started
> + * in a previous call to entropy_update(). If this is not guaranteed, the
> + * code below will fail.
> + */
> + if( ( ret = mbedtls_sha512_finish_ret( &ctx->accumulator, buf ) ) != 0 )
> + goto exit;
>
> /*
> * Reset accumulator and counters and recycle existing entropy
> */
> - memset( &ctx->accumulator, 0, sizeof( mbedtls_sha512_context ) );
> - mbedtls_sha512_starts( &ctx->accumulator, 0 );
> - mbedtls_sha512_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
> + mbedtls_sha512_free( &ctx->accumulator );
> + mbedtls_sha512_init( &ctx->accumulator );
> + if( ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
> + goto exit;
> + if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, buf,
> + MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
> + goto exit;
>
> /*
> * Perform second SHA-512 on entropy
> */
> - mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 );
> + if( ( ret = mbedtls_sha512_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
> + buf, 0 ) ) != 0 )
> + goto exit;
> #else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
> - mbedtls_sha256_finish( &ctx->accumulator, buf );
> + if( ( ret = mbedtls_sha256_finish_ret( &ctx->accumulator, buf ) ) != 0 )
> + goto exit;
>
> /*
> * Reset accumulator and counters and recycle existing entropy
> */
> - memset( &ctx->accumulator, 0, sizeof( mbedtls_sha256_context ) );
> - mbedtls_sha256_starts( &ctx->accumulator, 0 );
> - mbedtls_sha256_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
> + mbedtls_sha256_free( &ctx->accumulator );
> + mbedtls_sha256_init( &ctx->accumulator );
> + if( ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
> + goto exit;
> + if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, buf,
> + MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
> + goto exit;
>
> /*
> * Perform second SHA-256 on entropy
> */
> - mbedtls_sha256( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 );
> + if( ( ret = mbedtls_sha256_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
> + buf, 0 ) ) != 0 )
> + goto exit;
> #endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
>
> for( i = 0; i < ctx->source_count; i++ )
> @@ -372,6 +435,8 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
> ret = 0;
>
> exit:
> + mbedtls_zeroize( buf, sizeof( buf ) );
> +
> #if defined(MBEDTLS_THREADING_C)
> if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
> return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
> @@ -384,7 +449,7 @@ exit:
> int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx )
> {
> int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
> - unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ];
> + unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
>
> /* Read new seed and write it to NV */
> if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
> @@ -395,9 +460,9 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx )
>
> /* Manually update the remaining stream with a separator value to diverge */
> memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
> - mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
> + ret = mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
>
> - return( 0 );
> + return( ret );
> }
> #endif /* MBEDTLS_ENTROPY_NV_SEED */
>
> @@ -423,12 +488,15 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p
> ret = 0;
>
> exit:
> + mbedtls_zeroize( buf, sizeof( buf ) );
> +
> fclose( f );
> return( ret );
> }
>
> int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path )
> {
> + int ret = 0;
> FILE *f;
> size_t n;
> unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ];
> @@ -444,14 +512,16 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *
> n = MBEDTLS_ENTROPY_MAX_SEED_SIZE;
>
> if( fread( buf, 1, n, f ) != n )
> - {
> - fclose( f );
> - return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
> - }
> + ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
> + else
> + ret = mbedtls_entropy_update_manual( ctx, buf, n );
>
> fclose( f );
>
> - mbedtls_entropy_update_manual( ctx, buf, n );
> + mbedtls_zeroize( buf, sizeof( buf ) );
> +
> + if( ret != 0 )
> + return( ret );
>
> return( mbedtls_entropy_write_seed_file( ctx, path ) );
> }
> diff --git a/dll/3rdparty/mbedtls/error.c b/dll/3rdparty/mbedtls/error.c
> index f80125ad81..bc135a7ad8 100644
> --- a/dll/3rdparty/mbedtls/error.c
> +++ b/dll/3rdparty/mbedtls/error.c
> @@ -47,6 +47,10 @@
> #include "mbedtls/aes.h"
> #endif
>
> +#if defined(MBEDTLS_ARC4_C)
> +#include "mbedtls/arc4.h"
> +#endif
> +
> #if defined(MBEDTLS_BASE64_C)
> #include "mbedtls/base64.h"
> #endif
> @@ -71,6 +75,10 @@
> #include "mbedtls/cipher.h"
> #endif
>
> +#if defined(MBEDTLS_CMAC_C)
> +#include "mbedtls/cmac.h"
> +#endif
> +
> #if defined(MBEDTLS_CTR_DRBG_C)
> #include "mbedtls/ctr_drbg.h"
> #endif
> @@ -103,6 +111,18 @@
> #include "mbedtls/md.h"
> #endif
>
> +#if defined(MBEDTLS_MD2_C)
> +#include "mbedtls/md2.h"
> +#endif
> +
> +#if defined(MBEDTLS_MD4_C)
> +#include "mbedtls/md4.h"
> +#endif
> +
> +#if defined(MBEDTLS_MD5_C)
> +#include "mbedtls/md5.h"
> +#endif
> +
> #if defined(MBEDTLS_NET_C)
> #include "mbedtls/net_sockets.h"
> #endif
> @@ -131,10 +151,26 @@
> #include "mbedtls/pkcs5.h"
> #endif
>
> +#if defined(MBEDTLS_RIPEMD160_C)
> +#include "mbedtls/ripemd160.h"
> +#endif
> +
> #if defined(MBEDTLS_RSA_C)
> #include "mbedtls/rsa.h"
> #endif
>
> +#if defined(MBEDTLS_SHA1_C)
> +#include "mbedtls/sha1.h"
> +#endif
> +
> +#if defined(MBEDTLS_SHA256_C)
> +#include "mbedtls/sha256.h"
> +#endif
> +
> +#if defined(MBEDTLS_SHA512_C)
> +#include "mbedtls/sha512.h"
> +#endif
> +
> #if defined(MBEDTLS_SSL_TLS_C)
> #include "mbedtls/ssl.h"
> #endif
> @@ -176,7 +212,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> if( use_ret == -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) )
> mbedtls_snprintf( buf, buflen, "CIPHER - The selected feature is not available" );
> if( use_ret == -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA) )
> - mbedtls_snprintf( buf, buflen, "CIPHER - Bad input parameters to function" );
> + mbedtls_snprintf( buf, buflen, "CIPHER - Bad input parameters" );
> if( use_ret == -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED) )
> mbedtls_snprintf( buf, buflen, "CIPHER - Failed to allocate memory" );
> if( use_ret == -(MBEDTLS_ERR_CIPHER_INVALID_PADDING) )
> @@ -186,12 +222,14 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> if( use_ret == -(MBEDTLS_ERR_CIPHER_AUTH_FAILED) )
> mbedtls_snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" );
> if( use_ret == -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT) )
> - mbedtls_snprintf( buf, buflen, "CIPHER - The context is invalid, eg because it was free()ed" );
> + mbedtls_snprintf( buf, buflen, "CIPHER - The context is invalid. For example, because it was freed" );
> + if( use_ret == -(MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "CIPHER - Cipher hardware accelerator failed" );
> #endif /* MBEDTLS_CIPHER_C */
>
> #if defined(MBEDTLS_DHM_C)
> if( use_ret == -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA) )
> - mbedtls_snprintf( buf, buflen, "DHM - Bad input parameters to function" );
> + mbedtls_snprintf( buf, buflen, "DHM - Bad input parameters" );
> if( use_ret == -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED) )
> mbedtls_snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" );
> if( use_ret == -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED) )
> @@ -207,7 +245,11 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> if( use_ret == -(MBEDTLS_ERR_DHM_ALLOC_FAILED) )
> mbedtls_snprintf( buf, buflen, "DHM - Allocation of memory failed" );
> if( use_ret == -(MBEDTLS_ERR_DHM_FILE_IO_ERROR) )
> - mbedtls_snprintf( buf, buflen, "DHM - Read/write of file failed" );
> + mbedtls_snprintf( buf, buflen, "DHM - Read or write of file failed" );
> + if( use_ret == -(MBEDTLS_ERR_DHM_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "DHM - DHM hardware accelerator failed" );
> + if( use_ret == -(MBEDTLS_ERR_DHM_SET_GROUP_FAILED) )
> + mbedtls_snprintf( buf, buflen, "DHM - Setting the modulus and generator failed" );
> #endif /* MBEDTLS_DHM_C */
>
> #if defined(MBEDTLS_ECP_C)
> @@ -226,7 +268,9 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> if( use_ret == -(MBEDTLS_ERR_ECP_INVALID_KEY) )
> mbedtls_snprintf( buf, buflen, "ECP - Invalid private or public key" );
> if( use_ret == -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) )
> - mbedtls_snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" );
> + mbedtls_snprintf( buf, buflen, "ECP - The buffer contains a valid signature followed by more data" );
> + if( use_ret == -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "ECP - ECP hardware accelerator failed" );
> #endif /* MBEDTLS_ECP_C */
>
> #if defined(MBEDTLS_MD_C)
> @@ -238,6 +282,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> mbedtls_snprintf( buf, buflen, "MD - Failed to allocate memory" );
> if( use_ret == -(MBEDTLS_ERR_MD_FILE_IO_ERROR) )
> mbedtls_snprintf( buf, buflen, "MD - Opening or reading of file failed" );
> + if( use_ret == -(MBEDTLS_ERR_MD_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "MD - MD hardware accelerator failed" );
> #endif /* MBEDTLS_MD_C */
>
> #if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
> @@ -289,7 +335,9 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> if( use_ret == -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) )
> mbedtls_snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" );
> if( use_ret == -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH) )
> - mbedtls_snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" );
> + mbedtls_snprintf( buf, buflen, "PK - The buffer contains a valid signature followed by more data" );
> + if( use_ret == -(MBEDTLS_ERR_PK_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "PK - PK hardware accelerator failed" );
> #endif /* MBEDTLS_PK_C */
>
> #if defined(MBEDTLS_PKCS12_C)
> @@ -322,7 +370,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> if( use_ret == -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED) )
> mbedtls_snprintf( buf, buflen, "RSA - Something failed during generation of a key" );
> if( use_ret == -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED) )
> - mbedtls_snprintf( buf, buflen, "RSA - Key failed to pass the library's validity check" );
> + mbedtls_snprintf( buf, buflen, "RSA - Key failed to pass the validity check of the library" );
> if( use_ret == -(MBEDTLS_ERR_RSA_PUBLIC_FAILED) )
> mbedtls_snprintf( buf, buflen, "RSA - The public key operation failed" );
> if( use_ret == -(MBEDTLS_ERR_RSA_PRIVATE_FAILED) )
> @@ -333,6 +381,10 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> mbedtls_snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" );
> if( use_ret == -(MBEDTLS_ERR_RSA_RNG_FAILED) )
> mbedtls_snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" );
> + if( use_ret == -(MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION) )
> + mbedtls_snprintf( buf, buflen, "RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality" );
> + if( use_ret == -(MBEDTLS_ERR_RSA_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "RSA - RSA hardware accelerator failed" );
> #endif /* MBEDTLS_RSA_C */
>
> #if defined(MBEDTLS_SSL_TLS_C)
> @@ -520,8 +572,17 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> mbedtls_snprintf( buf, buflen, "AES - Invalid key length" );
> if( use_ret == -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH) )
> mbedtls_snprintf( buf, buflen, "AES - Invalid data input length" );
> + if( use_ret == -(MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE) )
> + mbedtls_snprintf( buf, buflen, "AES - Feature not available. For example, an unsupported AES key size" );
> + if( use_ret == -(MBEDTLS_ERR_AES_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "AES - AES hardware accelerator failed" );
> #endif /* MBEDTLS_AES_C */
>
> +#if defined(MBEDTLS_ARC4_C)
> + if( use_ret == -(MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "ARC4 - ARC4 hardware accelerator failed" );
> +#endif /* MBEDTLS_ARC4_C */
> +
> #if defined(MBEDTLS_ASN1_PARSE_C)
> if( use_ret == -(MBEDTLS_ERR_ASN1_OUT_OF_DATA) )
> mbedtls_snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" );
> @@ -568,6 +629,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> #if defined(MBEDTLS_BLOWFISH_C)
> if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH) )
> mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid key length" );
> + if( use_ret == -(MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "BLOWFISH - Blowfish hardware accelerator failed" );
> if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH) )
> mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid data input length" );
> #endif /* MBEDTLS_BLOWFISH_C */
> @@ -577,29 +640,40 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid key length" );
> if( use_ret == -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH) )
> mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid data input length" );
> + if( use_ret == -(MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "CAMELLIA - Camellia hardware accelerator failed" );
> #endif /* MBEDTLS_CAMELLIA_C */
>
> #if defined(MBEDTLS_CCM_C)
> if( use_ret == -(MBEDTLS_ERR_CCM_BAD_INPUT) )
> - mbedtls_snprintf( buf, buflen, "CCM - Bad input parameters to function" );
> + mbedtls_snprintf( buf, buflen, "CCM - Bad input parameters to the function" );
> if( use_ret == -(MBEDTLS_ERR_CCM_AUTH_FAILED) )
> mbedtls_snprintf( buf, buflen, "CCM - Authenticated decryption failed" );
> + if( use_ret == -(MBEDTLS_ERR_CCM_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "CCM - CCM hardware accelerator failed" );
> #endif /* MBEDTLS_CCM_C */
>
> +#if defined(MBEDTLS_CMAC_C)
> + if( use_ret == -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "CMAC - CMAC hardware accelerator failed" );
> +#endif /* MBEDTLS_CMAC_C */
> +
> #if defined(MBEDTLS_CTR_DRBG_C)
> if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) )
> mbedtls_snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" );
> if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG) )
> - mbedtls_snprintf( buf, buflen, "CTR_DRBG - Too many random requested in single call" );
> + mbedtls_snprintf( buf, buflen, "CTR_DRBG - The requested random buffer length is too big" );
> if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG) )
> - mbedtls_snprintf( buf, buflen, "CTR_DRBG - Input too large (Entropy + additional)" );
> + mbedtls_snprintf( buf, buflen, "CTR_DRBG - The input (entropy + additional data) is too large" );
> if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR) )
> - mbedtls_snprintf( buf, buflen, "CTR_DRBG - Read/write error in file" );
> + mbedtls_snprintf( buf, buflen, "CTR_DRBG - Read or write error in file" );
> #endif /* MBEDTLS_CTR_DRBG_C */
>
> #if defined(MBEDTLS_DES_C)
> if( use_ret == -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH) )
> mbedtls_snprintf( buf, buflen, "DES - The data input has an invalid length" );
> + if( use_ret == -(MBEDTLS_ERR_DES_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "DES - DES hardware accelerator failed" );
> #endif /* MBEDTLS_DES_C */
>
> #if defined(MBEDTLS_ENTROPY_C)
> @@ -618,6 +692,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> #if defined(MBEDTLS_GCM_C)
> if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) )
> mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" );
> + if( use_ret == -(MBEDTLS_ERR_GCM_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "GCM - GCM hardware accelerator failed" );
> if( use_ret == -(MBEDTLS_ERR_GCM_BAD_INPUT) )
> mbedtls_snprintf( buf, buflen, "GCM - Bad input parameters to function" );
> #endif /* MBEDTLS_GCM_C */
> @@ -633,6 +709,21 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> mbedtls_snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" );
> #endif /* MBEDTLS_HMAC_DRBG_C */
>
> +#if defined(MBEDTLS_MD2_C)
> + if( use_ret == -(MBEDTLS_ERR_MD2_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "MD2 - MD2 hardware accelerator failed" );
> +#endif /* MBEDTLS_MD2_C */
> +
> +#if defined(MBEDTLS_MD4_C)
> + if( use_ret == -(MBEDTLS_ERR_MD4_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "MD4 - MD4 hardware accelerator failed" );
> +#endif /* MBEDTLS_MD4_C */
> +
> +#if defined(MBEDTLS_MD5_C)
> + if( use_ret == -(MBEDTLS_ERR_MD5_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "MD5 - MD5 hardware accelerator failed" );
> +#endif /* MBEDTLS_MD5_C */
> +
> #if defined(MBEDTLS_NET_C)
> if( use_ret == -(MBEDTLS_ERR_NET_SOCKET_FAILED) )
> mbedtls_snprintf( buf, buflen, "NET - Failed to open a socket" );
> @@ -670,6 +761,26 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> mbedtls_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
> #endif /* MBEDTLS_PADLOCK_C */
>
> +#if defined(MBEDTLS_RIPEMD160_C)
> + if( use_ret == -(MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "RIPEMD160 - RIPEMD160 hardware accelerator failed" );
> +#endif /* MBEDTLS_RIPEMD160_C */
> +
> +#if defined(MBEDTLS_SHA1_C)
> + if( use_ret == -(MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "SHA1 - SHA-1 hardware accelerator failed" );
> +#endif /* MBEDTLS_SHA1_C */
> +
> +#if defined(MBEDTLS_SHA256_C)
> + if( use_ret == -(MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "SHA256 - SHA-256 hardware accelerator failed" );
> +#endif /* MBEDTLS_SHA256_C */
> +
> +#if defined(MBEDTLS_SHA512_C)
> + if( use_ret == -(MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "SHA512 - SHA-512 hardware accelerator failed" );
> +#endif /* MBEDTLS_SHA512_C */
> +
> #if defined(MBEDTLS_THREADING_C)
> if( use_ret == -(MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE) )
> mbedtls_snprintf( buf, buflen, "THREADING - The selected feature is not available" );
> @@ -682,6 +793,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
> #if defined(MBEDTLS_XTEA_C)
> if( use_ret == -(MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH) )
> mbedtls_snprintf( buf, buflen, "XTEA - The data input has an invalid length" );
> + if( use_ret == -(MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED) )
> + mbedtls_snprintf( buf, buflen, "XTEA - XTEA hardware accelerator failed" );
> #endif /* MBEDTLS_XTEA_C */
> // END generated code
>
> diff --git a/dll/3rdparty/mbedtls/gcm.c b/dll/3rdparty/mbedtls/gcm.c
> index 2f34930f4c..85a2907571 100644
> --- a/dll/3rdparty/mbedtls/gcm.c
> +++ b/dll/3rdparty/mbedtls/gcm.c
> @@ -48,6 +48,7 @@
> #endif
>
> #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
> +#include "mbedtls/aes.h"
> #if defined(MBEDTLS_PLATFORM_C)
> #include "mbedtls/platform.h"
> #else
> @@ -56,6 +57,8 @@
> #endif /* MBEDTLS_PLATFORM_C */
> #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
>
> +#if !defined(MBEDTLS_GCM_ALT)
> +
> /*
> * 32-bit integer manipulation macros (big endian)
> */
> @@ -510,6 +513,8 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx )
> mbedtls_zeroize( ctx, sizeof( mbedtls_gcm_context ) );
> }
>
> +#endif /* !MBEDTLS_GCM_ALT */
> +
> #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
> /*
> * AES-GCM test vectors from:
> @@ -746,34 +751,48 @@ int mbedtls_gcm_self_test( int verbose )
> int i, j, ret;
> mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
>
> - mbedtls_gcm_init( &ctx );
> -
> for( j = 0; j < 3; j++ )
> {
> int key_len = 128 + 64 * j;
>
> for( i = 0; i < MAX_TESTS; i++ )
> {
> + mbedtls_gcm_init( &ctx );
> +
> if( verbose != 0 )
> mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
> - key_len, i, "enc" );
> -
> - mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
> + key_len, i, "enc" );
> +
> + ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
> + key_len );
> + /*
> + * AES-192 is an optional feature that may be unavailable when
> + * there is an alternative underlying implementation i.e. when
> + * MBEDTLS_AES_ALT is defined.
> + */
> + if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && key_len == 192 )
> + {
> + mbedtls_printf( "skipped\n" );
> + break;
> + }
> + else if( ret != 0 )
> + {
> + goto exit;
> + }
>
> ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT,
> - pt_len[i],
> - iv[iv_index[i]], iv_len[i],
> - additional[add_index[i]], add_len[i],
> - pt[pt_index[i]], buf, 16, tag_buf );
> + pt_len[i],
> + iv[iv_index[i]], iv_len[i],
> + additional[add_index[i]], add_len[i],
> + pt[pt_index[i]], buf, 16, tag_buf );
> + if( ret != 0 )
> + goto exit;
>
> - if( ret != 0 ||
> - memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
> - memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
> + if ( memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
> + memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
> {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> + ret = 1;
> + goto exit;
> }
>
> mbedtls_gcm_free( &ctx );
> @@ -781,26 +800,31 @@ int mbedtls_gcm_self_test( int verbose )
> if( verbose != 0 )
> mbedtls_printf( "passed\n" );
>
> + mbedtls_gcm_init( &ctx );
> +
> if( verbose != 0 )
> mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
> - key_len, i, "dec" );
> + key_len, i, "dec" );
>
> - mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
> + ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
> + key_len );
> + if( ret != 0 )
> + goto exit;
>
> ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT,
> - pt_len[i],
> - iv[iv_index[i]], iv_len[i],
> - additional[add_index[i]], add_len[i],
> - ct[j * 6 + i], buf, 16, tag_buf );
> + pt_len[i],
> + iv[iv_index[i]], iv_len[i],
> + additional[add_index[i]], add_len[i],
> + ct[j * 6 + i], buf, 16, tag_buf );
> +
> + if( ret != 0 )
> + goto exit;
>
> - if( ret != 0 ||
> - memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
> + if( memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
> memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
> {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> + ret = 1;
> + goto exit;
> }
>
> mbedtls_gcm_free( &ctx );
> @@ -808,66 +832,51 @@ int mbedtls_gcm_self_test( int verbose )
> if( verbose != 0 )
> mbedtls_printf( "passed\n" );
>
> + mbedtls_gcm_init( &ctx );
> +
> if( verbose != 0 )
> mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
> - key_len, i, "enc" );
> + key_len, i, "enc" );
>
> - mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
> + ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
> + key_len );
> + if( ret != 0 )
> + goto exit;
>
> ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT,
> - iv[iv_index[i]], iv_len[i],
> - additional[add_index[i]], add_len[i] );
> + iv[iv_index[i]], iv_len[i],
> + additional[add_index[i]], add_len[i] );
> if( ret != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> - }
> + goto exit;
>
> if( pt_len[i] > 32 )
> {
> size_t rest_len = pt_len[i] - 32;
> ret = mbedtls_gcm_update( &ctx, 32, pt[pt_index[i]], buf );
> if( ret != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> - }
> + goto exit;
>
> ret = mbedtls_gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32,
> buf + 32 );
> if( ret != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> - }
> + goto exit;
> }
> else
> {
> ret = mbedtls_gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf );
> if( ret != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> - }
> + goto exit;
> }
>
> ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
> - if( ret != 0 ||
> - memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
> + if( ret != 0 )
> + goto exit;
> +
> + if( memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
> memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
> {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> + ret = 1;
> + goto exit;
> }
>
> mbedtls_gcm_free( &ctx );
> @@ -875,80 +884,75 @@ int mbedtls_gcm_self_test( int verbose )
> if( verbose != 0 )
> mbedtls_printf( "passed\n" );
>
> + mbedtls_gcm_init( &ctx );
> +
> if( verbose != 0 )
> mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
> - key_len, i, "dec" );
> + key_len, i, "dec" );
>
> - mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
> + ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
> + key_len );
> + if( ret != 0 )
> + goto exit;
>
> ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT,
> iv[iv_index[i]], iv_len[i],
> additional[add_index[i]], add_len[i] );
> if( ret != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> - }
> + goto exit;
>
> if( pt_len[i] > 32 )
> {
> size_t rest_len = pt_len[i] - 32;
> ret = mbedtls_gcm_update( &ctx, 32, ct[j * 6 + i], buf );
> if( ret != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> - }
> + goto exit;
>
> ret = mbedtls_gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32,
> - buf + 32 );
> + buf + 32 );
> if( ret != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> - }
> + goto exit;
> }
> else
> {
> - ret = mbedtls_gcm_update( &ctx, pt_len[i], ct[j * 6 + i], buf );
> + ret = mbedtls_gcm_update( &ctx, pt_len[i], ct[j * 6 + i],
> + buf );
> if( ret != 0 )
> - {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> - }
> + goto exit;
> }
>
> ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
> - if( ret != 0 ||
> - memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
> + if( ret != 0 )
> + goto exit;
> +
> + if( memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
> memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
> {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> + ret = 1;
> + goto exit;
> }
>
> mbedtls_gcm_free( &ctx );
>
> if( verbose != 0 )
> mbedtls_printf( "passed\n" );
> -
> }
> }
>
> if( verbose != 0 )
> mbedtls_printf( "\n" );
>
> - return( 0 );
> + ret = 0;
> +
> +exit:
> + if( ret != 0 )
> + {
> + if( verbose != 0 )
> + mbedtls_printf( "failed\n" );
> + mbedtls_gcm_free( &ctx );
> + }
> +
> + return( ret );
> }
>
> #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
> diff --git a/dll/3rdparty/mbedtls/hmac_drbg.c b/dll/3rdparty/mbedtls/hmac_drbg.c
> index 2826cc204f..cda64a2713 100644
> --- a/dll/3rdparty/mbedtls/hmac_drbg.c
> +++ b/dll/3rdparty/mbedtls/hmac_drbg.c
> @@ -366,11 +366,14 @@ int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const cha
>
> exit:
> fclose( f );
> + mbedtls_zeroize( buf, sizeof( buf ) );
> +
> return( ret );
> }
>
> int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path )
> {
> + int ret = 0;
> FILE *f;
> size_t n;
> unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ];
> @@ -389,14 +392,16 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch
> }
>
> if( fread( buf, 1, n, f ) != n )
> - {
> - fclose( f );
> - return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
> - }
> + ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
> + else
> + mbedtls_hmac_drbg_update( ctx, buf, n );
>
> fclose( f );
>
> - mbedtls_hmac_drbg_update( ctx, buf, n );
> + mbedtls_zeroize( buf, sizeof( buf ) );
> +
> + if( ret != 0 )
> + return( ret );
>
> return( mbedtls_hmac_drbg_write_seed_file( ctx, path ) );
> }
> diff --git a/dll/3rdparty/mbedtls/md.c b/dll/3rdparty/mbedtls/md.c
> index fa63762ec7..e41c367c74 100644
> --- a/dll/3rdparty/mbedtls/md.c
> +++ b/dll/3rdparty/mbedtls/md.c
> @@ -252,9 +252,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx )
> if( ctx == NULL || ctx->md_info == NULL )
> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>
> - ctx->md_info->starts_func( ctx->md_ctx );
> -
> - return( 0 );
> + return( ctx->md_info->starts_func( ctx->md_ctx ) );
> }
>
> int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
> @@ -262,9 +260,7 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si
> if( ctx == NULL || ctx->md_info == NULL )
> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>
> - ctx->md_info->update_func( ctx->md_ctx, input, ilen );
> -
> - return( 0 );
> + return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
> }
>
> int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
> @@ -272,9 +268,7 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
> if( ctx == NULL || ctx->md_info == NULL )
> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>
> - ctx->md_info->finish_func( ctx->md_ctx, output );
> -
> - return( 0 );
> + return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
> }
>
> int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
> @@ -283,9 +277,7 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si
> if( md_info == NULL )
> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>
> - md_info->digest_func( input, ilen, output );
> -
> - return( 0 );
> + return( md_info->digest_func( input, ilen, output ) );
> }
>
> #if defined(MBEDTLS_FS_IO)
> @@ -308,20 +300,20 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne
> if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
> goto cleanup;
>
> - md_info->starts_func( ctx.md_ctx );
> + if( ( ret = md_info->starts_func( ctx.md_ctx ) ) != 0 )
> + goto cleanup;
>
> while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
> - md_info->update_func( ctx.md_ctx, buf, n );
> + if( ( ret = md_info->update_func( ctx.md_ctx, buf, n ) ) != 0 )
> + goto cleanup;
>
> if( ferror( f ) != 0 )
> - {
> ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
> - goto cleanup;
> - }
> -
> - md_info->finish_func( ctx.md_ctx, output );
> + else
> + ret = md_info->finish_func( ctx.md_ctx, output );
>
> cleanup:
> + mbedtls_zeroize( buf, sizeof( buf ) );
> fclose( f );
> mbedtls_md_free( &ctx );
>
> @@ -331,6 +323,7 @@ cleanup:
>
> int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
> {
> + int ret;
> unsigned char sum[MBEDTLS_MD_MAX_SIZE];
> unsigned char *ipad, *opad;
> size_t i;
> @@ -340,9 +333,12 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
>
> if( keylen > (size_t) ctx->md_info->block_size )
> {
> - ctx->md_info->starts_func( ctx->md_ctx );
> - ctx->md_info->update_func( ctx->md_ctx, key, keylen );
> - ctx->md_info->finish_func( ctx->md_ctx, sum );
> + if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
> + goto cleanup;
> + if( ( ret = ctx->md_info->update_func( ctx->md_ctx, key, keylen ) ) != 0 )
> + goto cleanup;
> + if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, sum ) ) != 0 )
> + goto cleanup;
>
> keylen = ctx->md_info->size;
> key = sum;
> @@ -360,12 +356,16 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
> opad[i] = (unsigned char)( opad[i] ^ key[i] );
> }
>
> - mbedtls_zeroize( sum, sizeof( sum ) );
> + if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
> + goto cleanup;
> + if( ( ret = ctx->md_info->update_func( ctx->md_ctx, ipad,
> + ctx->md_info->block_size ) ) != 0 )
> + goto cleanup;
>
> - ctx->md_info->starts_func( ctx->md_ctx );
> - ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
> +cleanup:
> + mbedtls_zeroize( sum, sizeof( sum ) );
>
> - return( 0 );
> + return( ret );
> }
>
> int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
> @@ -373,13 +373,12 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu
> if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>
> - ctx->md_info->update_func( ctx->md_ctx, input, ilen );
> -
> - return( 0 );
> + return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
> }
>
> int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
> {
> + int ret;
> unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
> unsigned char *opad;
>
> @@ -388,17 +387,22 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
>
> opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
>
> - ctx->md_info->finish_func( ctx->md_ctx, tmp );
> - ctx->md_info->starts_func( ctx->md_ctx );
> - ctx->md_info->update_func( ctx->md_ctx, opad, ctx->md_info->block_size );
> - ctx->md_info->update_func( ctx->md_ctx, tmp, ctx->md_info->size );
> - ctx->md_info->finish_func( ctx->md_ctx, output );
> -
> - return( 0 );
> + if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, tmp ) ) != 0 )
> + return( ret );
> + if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
> + return( ret );
> + if( ( ret = ctx->md_info->update_func( ctx->md_ctx, opad,
> + ctx->md_info->block_size ) ) != 0 )
> + return( ret );
> + if( ( ret = ctx->md_info->update_func( ctx->md_ctx, tmp,
> + ctx->md_info->size ) ) != 0 )
> + return( ret );
> + return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
> }
>
> int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
> {
> + int ret;
> unsigned char *ipad;
>
> if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
> @@ -406,15 +410,16 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
>
> ipad = (unsigned char *) ctx->hmac_ctx;
>
> - ctx->md_info->starts_func( ctx->md_ctx );
> - ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
> -
> - return( 0 );
> + if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
> + return( ret );
> + return( ctx->md_info->update_func( ctx->md_ctx, ipad,
> + ctx->md_info->block_size ) );
> }
>
> -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
> - const unsigned char *input, size_t ilen,
> - unsigned char *output )
> +int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
> + const unsigned char *key, size_t keylen,
> + const unsigned char *input, size_t ilen,
> + unsigned char *output )
> {
> mbedtls_md_context_t ctx;
> int ret;
> @@ -425,15 +430,19 @@ int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key,
> mbedtls_md_init( &ctx );
>
> if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
> - return( ret );
> + goto cleanup;
>
> - mbedtls_md_hmac_starts( &ctx, key, keylen );
> - mbedtls_md_hmac_update( &ctx, input, ilen );
> - mbedtls_md_hmac_finish( &ctx, output );
> + if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 )
> + goto cleanup;
> + if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 )
> + goto cleanup;
> + if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 )
> + goto cleanup;
>
> +cleanup:
> mbedtls_md_free( &ctx );
>
> - return( 0 );
> + return( ret );
> }
>
> int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
> @@ -441,9 +450,7 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
> if( ctx == NULL || ctx->md_info == NULL )
> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>
> - ctx->md_info->process_func( ctx->md_ctx, data );
> -
> - return( 0 );
> + return( ctx->md_info->process_func( ctx->md_ctx, data ) );
> }
>
> unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
> diff --git a/dll/3rdparty/mbedtls/md2.c b/dll/3rdparty/mbedtls/md2.c
> index 9e0c43dabf..7ce86f9302 100644
> --- a/dll/3rdparty/mbedtls/md2.c
> +++ b/dll/3rdparty/mbedtls/md2.c
> @@ -107,16 +107,25 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst,
> /*
> * MD2 context setup
> */
> -void mbedtls_md2_starts( mbedtls_md2_context *ctx )
> +int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx )
> {
> memset( ctx->cksum, 0, 16 );
> memset( ctx->state, 0, 46 );
> memset( ctx->buffer, 0, 16 );
> ctx->left = 0;
> +
> + return( 0 );
> }
>
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md2_starts( mbedtls_md2_context *ctx )
> +{
> + mbedtls_md2_starts_ret( ctx );
> +}
> +#endif
> +
> #if !defined(MBEDTLS_MD2_PROCESS_ALT)
> -void mbedtls_md2_process( mbedtls_md2_context *ctx )
> +int mbedtls_internal_md2_process( mbedtls_md2_context *ctx )
> {
> int i, j;
> unsigned char t = 0;
> @@ -148,14 +157,26 @@ void mbedtls_md2_process( mbedtls_md2_context *ctx )
> ( ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t] );
> t = ctx->cksum[i];
> }
> +
> + return( 0 );
> }
> +
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md2_process( mbedtls_md2_context *ctx )
> +{
> + mbedtls_internal_md2_process( ctx );
> +}
> +#endif
> #endif /* !MBEDTLS_MD2_PROCESS_ALT */
>
> /*
> * MD2 process buffer
> */
> -void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen )
> +int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
> + const unsigned char *input,
> + size_t ilen )
> {
> + int ret;
> size_t fill;
>
> while( ilen > 0 )
> @@ -174,16 +195,30 @@ void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, s
> if( ctx->left == 16 )
> {
> ctx->left = 0;
> - mbedtls_md2_process( ctx );
> + if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
> + return( ret );
> }
> }
> +
> + return( 0 );
> }
>
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md2_update( mbedtls_md2_context *ctx,
> + const unsigned char *input,
> + size_t ilen )
> +{
> + mbedtls_md2_update_ret( ctx, input, ilen );
> +}
> +#endif
> +
> /*
> * MD2 final digest
> */
> -void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] )
> +int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
> + unsigned char output[16] )
> {
> + int ret;
> size_t i;
> unsigned char x;
>
> @@ -192,36 +227,70 @@ void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] )
> for( i = ctx->left; i < 16; i++ )
> ctx->buffer[i] = x;
>
> - mbedtls_md2_process( ctx );
> + if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
> + return( ret );
>
> memcpy( ctx->buffer, ctx->cksum, 16 );
> - mbedtls_md2_process( ctx );
> + if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
> + return( ret );
>
> memcpy( output, ctx->state, 16 );
> +
> + return( 0 );
> +}
> +
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md2_finish( mbedtls_md2_context *ctx,
> + unsigned char output[16] )
> +{
> + mbedtls_md2_finish_ret( ctx, output );
> }
> +#endif
>
> #endif /* !MBEDTLS_MD2_ALT */
>
> /*
> * output = MD2( input buffer )
> */
> -void mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
> +int mbedtls_md2_ret( const unsigned char *input,
> + size_t ilen,
> + unsigned char output[16] )
> {
> + int ret;
> mbedtls_md2_context ctx;
>
> mbedtls_md2_init( &ctx );
> - mbedtls_md2_starts( &ctx );
> - mbedtls_md2_update( &ctx, input, ilen );
> - mbedtls_md2_finish( &ctx, output );
> +
> + if( ( ret = mbedtls_md2_starts_ret( &ctx ) ) != 0 )
> + goto exit;
> +
> + if( ( ret = mbedtls_md2_update_ret( &ctx, input, ilen ) ) != 0 )
> + goto exit;
> +
> + if( ( ret = mbedtls_md2_finish_ret( &ctx, output ) ) != 0 )
> + goto exit;
> +
> +exit:
> mbedtls_md2_free( &ctx );
> +
> + return( ret );
> }
>
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md2( const unsigned char *input,
> + size_t ilen,
> + unsigned char output[16] )
> +{
> + mbedtls_md2_ret( input, ilen, output );
> +}
> +#endif
> +
> #if defined(MBEDTLS_SELF_TEST)
>
> /*
> * RFC 1319 test vectors
> */
> -static const char md2_test_str[7][81] =
> +static const unsigned char md2_test_str[7][81] =
> {
> { "" },
> { "a" },
> @@ -229,10 +298,15 @@ static const char md2_test_str[7][81] =
> { "message digest" },
> { "abcdefghijklmnopqrstuvwxyz" },
> { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
> - { "12345678901234567890123456789012345678901234567890123456789012" \
> + { "12345678901234567890123456789012345678901234567890123456789012"
> "345678901234567890" }
> };
>
> +static const size_t md2_test_strlen[7] =
> +{
> + 0, 1, 3, 14, 26, 62, 80
> +};
> +
> static const unsigned char md2_test_sum[7][16] =
> {
> { 0x83, 0x50, 0xE5, 0xA3, 0xE2, 0x4C, 0x15, 0x3D,
> @@ -256,7 +330,7 @@ static const unsigned char md2_test_sum[7][16] =
> */
> int mbedtls_md2_self_test( int verbose )
> {
> - int i;
> + int i, ret = 0;
> unsigned char md2sum[16];
>
> for( i = 0; i < 7; i++ )
> @@ -264,15 +338,14 @@ int mbedtls_md2_self_test( int verbose )
> if( verbose != 0 )
> mbedtls_printf( " MD2 test #%d: ", i + 1 );
>
> - mbedtls_md2( (unsigned char *) md2_test_str[i],
> - strlen( md2_test_str[i] ), md2sum );
> + ret = mbedtls_md2_ret( md2_test_str[i], md2_test_strlen[i], md2sum );
> + if( ret != 0 )
> + goto fail;
>
> if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 )
> {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> + ret = 1;
> + goto fail;
> }
>
> if( verbose != 0 )
> @@ -283,6 +356,12 @@ int mbedtls_md2_self_test( int verbose )
> mbedtls_printf( "\n" );
>
> return( 0 );
> +
> +fail:
> + if( verbose != 0 )
> + mbedtls_printf( "failed\n" );
> +
> + return( ret );
> }
>
> #endif /* MBEDTLS_SELF_TEST */
> diff --git a/dll/3rdparty/mbedtls/md4.c b/dll/3rdparty/mbedtls/md4.c
> index 2a66db49ec..f53efa8243 100644
> --- a/dll/3rdparty/mbedtls/md4.c
> +++ b/dll/3rdparty/mbedtls/md4.c
> @@ -100,7 +100,7 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst,
> /*
> * MD4 context setup
> */
> -void mbedtls_md4_starts( mbedtls_md4_context *ctx )
> +int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx )
> {
> ctx->total[0] = 0;
> ctx->total[1] = 0;
> @@ -109,10 +109,20 @@ void mbedtls_md4_starts( mbedtls_md4_context *ctx )
> ctx->state[1] = 0xEFCDAB89;
> ctx->state[2] = 0x98BADCFE;
> ctx->state[3] = 0x10325476;
> +
> + return( 0 );
> +}
> +
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md4_starts( mbedtls_md4_context *ctx )
> +{
> + mbedtls_md4_starts_ret( ctx );
> }
> +#endif
>
> #if !defined(MBEDTLS_MD4_PROCESS_ALT)
> -void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64] )
> +int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
> + const unsigned char data[64] )
> {
> uint32_t X[16], A, B, C, D;
>
> @@ -213,19 +223,32 @@ void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64]
> ctx->state[1] += B;
> ctx->state[2] += C;
> ctx->state[3] += D;
> +
> + return( 0 );
> +}
> +
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md4_process( mbedtls_md4_context *ctx,
> + const unsigned char data[64] )
> +{
> + mbedtls_internal_md4_process( ctx, data );
> }
> +#endif
> #endif /* !MBEDTLS_MD4_PROCESS_ALT */
>
> /*
> * MD4 process buffer
> */
> -void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen )
> +int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
> + const unsigned char *input,
> + size_t ilen )
> {
> + int ret;
> size_t fill;
> uint32_t left;
>
> if( ilen == 0 )
> - return;
> + return( 0 );
>
> left = ctx->total[0] & 0x3F;
> fill = 64 - left;
> @@ -240,7 +263,10 @@ void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, s
> {
> memcpy( (void *) (ctx->buffer + left),
> (void *) input, fill );
> - mbedtls_md4_process( ctx, ctx->buffer );
> +
> + if( ( ret = mbedtls_internal_md4_process( ctx, ctx->buffer ) ) != 0 )
> + return( ret );
> +
> input += fill;
> ilen -= fill;
> left = 0;
> @@ -248,7 +274,9 @@ void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, s
>
> while( ilen >= 64 )
> {
> - mbedtls_md4_process( ctx, input );
> + if( ( ret = mbedtls_internal_md4_process( ctx, input ) ) != 0 )
> + return( ret );
> +
> input += 64;
> ilen -= 64;
> }
> @@ -258,7 +286,18 @@ void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, s
> memcpy( (void *) (ctx->buffer + left),
> (void *) input, ilen );
> }
> +
> + return( 0 );
> +}
> +
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md4_update( mbedtls_md4_context *ctx,
> + const unsigned char *input,
> + size_t ilen )
> +{
> + mbedtls_md4_update_ret( ctx, input, ilen );
> }
> +#endif
>
> static const unsigned char md4_padding[64] =
> {
> @@ -271,8 +310,10 @@ static const unsigned char md4_padding[64] =
> /*
> * MD4 final digest
> */
> -void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] )
> +int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
> + unsigned char output[16] )
> {
> + int ret;
> uint32_t last, padn;
> uint32_t high, low;
> unsigned char msglen[8];
> @@ -287,37 +328,74 @@ void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] )
> last = ctx->total[0] & 0x3F;
> padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
>
> - mbedtls_md4_update( ctx, (unsigned char *) md4_padding, padn );
> - mbedtls_md4_update( ctx, msglen, 8 );
> + ret = mbedtls_md4_update_ret( ctx, (unsigned char *)md4_padding, padn );
> + if( ret != 0 )
> + return( ret );
> +
> + if( ( ret = mbedtls_md4_update_ret( ctx, msglen, 8 ) ) != 0 )
> + return( ret );
> +
>
> PUT_UINT32_LE( ctx->state[0], output, 0 );
> PUT_UINT32_LE( ctx->state[1], output, 4 );
> PUT_UINT32_LE( ctx->state[2], output, 8 );
> PUT_UINT32_LE( ctx->state[3], output, 12 );
> +
> + return( 0 );
> +}
> +
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md4_finish( mbedtls_md4_context *ctx,
> + unsigned char output[16] )
> +{
> + mbedtls_md4_finish_ret( ctx, output );
> }
> +#endif
>
> #endif /* !MBEDTLS_MD4_ALT */
>
> /*
> * output = MD4( input buffer )
> */
> -void mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
> +int mbedtls_md4_ret( const unsigned char *input,
> + size_t ilen,
> + unsigned char output[16] )
> {
> + int ret;
> mbedtls_md4_context ctx;
>
> mbedtls_md4_init( &ctx );
> - mbedtls_md4_starts( &ctx );
> - mbedtls_md4_update( &ctx, input, ilen );
> - mbedtls_md4_finish( &ctx, output );
> +
> + if( ( ret = mbedtls_md4_starts_ret( &ctx ) ) != 0 )
> + goto exit;
> +
> + if( ( ret = mbedtls_md4_update_ret( &ctx, input, ilen ) ) != 0 )
> + goto exit;
> +
> + if( ( ret = mbedtls_md4_finish_ret( &ctx, output ) ) != 0 )
> + goto exit;
> +
> +exit:
> mbedtls_md4_free( &ctx );
> +
> + return( ret );
> +}
> +
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md4( const unsigned char *input,
> + size_t ilen,
> + unsigned char output[16] )
> +{
> + mbedtls_md4_ret( input, ilen, output );
> }
> +#endif
>
> #if defined(MBEDTLS_SELF_TEST)
>
> /*
> * RFC 1320 test vectors
> */
> -static const char md4_test_str[7][81] =
> +static const unsigned char md4_test_str[7][81] =
> {
> { "" },
> { "a" },
> @@ -325,10 +403,15 @@ static const char md4_test_str[7][81] =
> { "message digest" },
> { "abcdefghijklmnopqrstuvwxyz" },
> { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
> - { "12345678901234567890123456789012345678901234567890123456789012" \
> + { "12345678901234567890123456789012345678901234567890123456789012"
> "345678901234567890" }
> };
>
> +static const size_t md4_test_strlen[7] =
> +{
> + 0, 1, 3, 14, 26, 62, 80
> +};
> +
> static const unsigned char md4_test_sum[7][16] =
> {
> { 0x31, 0xD6, 0xCF, 0xE0, 0xD1, 0x6A, 0xE9, 0x31,
> @@ -352,7 +435,7 @@ static const unsigned char md4_test_sum[7][16] =
> */
> int mbedtls_md4_self_test( int verbose )
> {
> - int i;
> + int i, ret = 0;
> unsigned char md4sum[16];
>
> for( i = 0; i < 7; i++ )
> @@ -360,15 +443,14 @@ int mbedtls_md4_self_test( int verbose )
> if( verbose != 0 )
> mbedtls_printf( " MD4 test #%d: ", i + 1 );
>
> - mbedtls_md4( (unsigned char *) md4_test_str[i],
> - strlen( md4_test_str[i] ), md4sum );
> + ret = mbedtls_md4_ret( md4_test_str[i], md4_test_strlen[i], md4sum );
> + if( ret != 0 )
> + goto fail;
>
> if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 )
> {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> + ret = 1;
> + goto fail;
> }
>
> if( verbose != 0 )
> @@ -379,6 +461,12 @@ int mbedtls_md4_self_test( int verbose )
> mbedtls_printf( "\n" );
>
> return( 0 );
> +
> +fail:
> + if( verbose != 0 )
> + mbedtls_printf( "failed\n" );
> +
> + return( ret );
> }
>
> #endif /* MBEDTLS_SELF_TEST */
> diff --git a/dll/3rdparty/mbedtls/md5.c b/dll/3rdparty/mbedtls/md5.c
> index 758eebeb66..b4bcf76e52 100644
> --- a/dll/3rdparty/mbedtls/md5.c
> +++ b/dll/3rdparty/mbedtls/md5.c
> @@ -99,7 +99,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst,
> /*
> * MD5 context setup
> */
> -void mbedtls_md5_starts( mbedtls_md5_context *ctx )
> +int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx )
> {
> ctx->total[0] = 0;
> ctx->total[1] = 0;
> @@ -108,10 +108,20 @@ void mbedtls_md5_starts( mbedtls_md5_context *ctx )
> ctx->state[1] = 0xEFCDAB89;
> ctx->state[2] = 0x98BADCFE;
> ctx->state[3] = 0x10325476;
> +
> + return( 0 );
> }
>
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md5_starts( mbedtls_md5_context *ctx )
> +{
> + mbedtls_md5_starts_ret( ctx );
> +}
> +#endif
> +
> #if !defined(MBEDTLS_MD5_PROCESS_ALT)
> -void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] )
> +int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
> + const unsigned char data[64] )
> {
> uint32_t X[16], A, B, C, D;
>
> @@ -232,19 +242,32 @@ void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64]
> ctx->state[1] += B;
> ctx->state[2] += C;
> ctx->state[3] += D;
> +
> + return( 0 );
> +}
> +
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md5_process( mbedtls_md5_context *ctx,
> + const unsigned char data[64] )
> +{
> + mbedtls_internal_md5_process( ctx, data );
> }
> +#endif
> #endif /* !MBEDTLS_MD5_PROCESS_ALT */
>
> /*
> * MD5 process buffer
> */
> -void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen )
> +int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
> + const unsigned char *input,
> + size_t ilen )
> {
> + int ret;
> size_t fill;
> uint32_t left;
>
> if( ilen == 0 )
> - return;
> + return( 0 );
>
> left = ctx->total[0] & 0x3F;
> fill = 64 - left;
> @@ -258,7 +281,9 @@ void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, s
> if( left && ilen >= fill )
> {
> memcpy( (void *) (ctx->buffer + left), input, fill );
> - mbedtls_md5_process( ctx, ctx->buffer );
> + if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
> + return( ret );
> +
> input += fill;
> ilen -= fill;
> left = 0;
> @@ -266,7 +291,9 @@ void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, s
>
> while( ilen >= 64 )
> {
> - mbedtls_md5_process( ctx, input );
> + if( ( ret = mbedtls_internal_md5_process( ctx, input ) ) != 0 )
> + return( ret );
> +
> input += 64;
> ilen -= 64;
> }
> @@ -275,59 +302,121 @@ void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, s
> {
> memcpy( (void *) (ctx->buffer + left), input, ilen );
> }
> +
> + return( 0 );
> }
>
> -static const unsigned char md5_padding[64] =
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md5_update( mbedtls_md5_context *ctx,
> + const unsigned char *input,
> + size_t ilen )
> {
> - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
> - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
> - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
> - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
> -};
> + mbedtls_md5_update_ret( ctx, input, ilen );
> +}
> +#endif
>
> /*
> * MD5 final digest
> */
> -void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] )
> +int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
> + unsigned char output[16] )
> {
> - uint32_t last, padn;
> + int ret;
> + uint32_t used;
> uint32_t high, low;
> - unsigned char msglen[8];
>
> + /*
> + * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
> + */
> + used = ctx->total[0] & 0x3F;
> +
> + ctx->buffer[used++] = 0x80;
> +
> + if( used <= 56 )
> + {
> + /* Enough room for padding + length in current block */
> + memset( ctx->buffer + used, 0, 56 - used );
> + }
> + else
> + {
> + /* We'll need an extra block */
> + memset( ctx->buffer + used, 0, 64 - used );
> +
> + if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
> + return( ret );
> +
> + memset( ctx->buffer, 0, 56 );
> + }
> +
> + /*
> + * Add message length
> + */
> high = ( ctx->total[0] >> 29 )
> | ( ctx->total[1] << 3 );
> low = ( ctx->total[0] << 3 );
>
> - PUT_UINT32_LE( low, msglen, 0 );
> - PUT_UINT32_LE( high, msglen, 4 );
> -
> - last = ctx->total[0] & 0x3F;
> - padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
> + PUT_UINT32_LE( low, ctx->buffer, 56 );
> + PUT_UINT32_LE( high, ctx->buffer, 60 );
>
> - mbedtls_md5_update( ctx, md5_padding, padn );
> - mbedtls_md5_update( ctx, msglen, 8 );
> + if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
> + return( ret );
>
> + /*
> + * Output final state
> + */
> PUT_UINT32_LE( ctx->state[0], output, 0 );
> PUT_UINT32_LE( ctx->state[1], output, 4 );
> PUT_UINT32_LE( ctx->state[2], output, 8 );
> PUT_UINT32_LE( ctx->state[3], output, 12 );
> +
> + return( 0 );
> +}
> +
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md5_finish( mbedtls_md5_context *ctx,
> + unsigned char output[16] )
> +{
> + mbedtls_md5_finish_ret( ctx, output );
> }
> +#endif
>
> #endif /* !MBEDTLS_MD5_ALT */
>
> /*
> * output = MD5( input buffer )
> */
> -void mbedtls_md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
> +int mbedtls_md5_ret( const unsigned char *input,
> + size_t ilen,
> + unsigned char output[16] )
> {
> + int ret;
> mbedtls_md5_context ctx;
>
> mbedtls_md5_init( &ctx );
> - mbedtls_md5_starts( &ctx );
> - mbedtls_md5_update( &ctx, input, ilen );
> - mbedtls_md5_finish( &ctx, output );
> +
> + if( ( ret = mbedtls_md5_starts_ret( &ctx ) ) != 0 )
> + goto exit;
> +
> + if( ( ret = mbedtls_md5_update_ret( &ctx, input, ilen ) ) != 0 )
> + goto exit;
> +
> + if( ( ret = mbedtls_md5_finish_ret( &ctx, output ) ) != 0 )
> + goto exit;
> +
> +exit:
> mbedtls_md5_free( &ctx );
> +
> + return( ret );
> +}
> +
> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
> +void mbedtls_md5( const unsigned char *input,
> + size_t ilen,
> + unsigned char output[16] )
> +{
> + mbedtls_md5_ret( input, ilen, output );
> }
> +#endif
>
> #if defined(MBEDTLS_SELF_TEST)
> /*
> @@ -341,11 +430,11 @@ static const unsigned char md5_test_buf[7][81] =
> { "message digest" },
> { "abcdefghijklmnopqrstuvwxyz" },
> { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
> - { "12345678901234567890123456789012345678901234567890123456789012" \
> + { "12345678901234567890123456789012345678901234567890123456789012"
> "345678901234567890" }
> };
>
> -static const int md5_test_buflen[7] =
> +static const size_t md5_test_buflen[7] =
> {
> 0, 1, 3, 14, 26, 62, 80
> };
> @@ -373,7 +462,7 @@ static const unsigned char md5_test_sum[7][16] =
> */
> int mbedtls_md5_self_test( int verbose )
> {
> - int i;
> + int i, ret = 0;
> unsigned char md5sum[16];
>
> for( i = 0; i < 7; i++ )
> @@ -381,14 +470,14 @@ int mbedtls_md5_self_test( int verbose )
> if( verbose != 0 )
> mbedtls_printf( " MD5 test #%d: ", i + 1 );
>
> - mbedtls_md5( md5_test_buf[i], md5_test_buflen[i], md5sum );
> + ret = mbedtls_md5_ret( md5_test_buf[i], md5_test_buflen[i], md5sum );
> + if( ret != 0 )
> + goto fail;
>
> if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 )
> {
> - if( verbose != 0 )
> - mbedtls_printf( "failed\n" );
> -
> - return( 1 );
> + ret = 1;
> + goto fail;
> }
>
> if( verbose != 0 )
> @@ -399,6 +488,12 @@ int mbedtls_md5_self_test( int verbose )
> mbedtls_printf( "\n" );
>
> return( 0 );
> +
> +fail:
> + if( verbose != 0 )
> + mbedtls_printf( "failed\n" );
> +
> + return( ret );
> }
>
> #endif /* MBEDTLS_SELF_TEST */
> diff --git a/dll/3rdparty/mbedtls/md_wrap.c b/dll/3rdparty/mbedtls/md_wrap.c
> index 49c47d69d1..97067b0425 100644
> --- a/dll/3rdparty/mbedtls/md_wrap.c
> +++ b/dll/3rdparty/mbedtls/md_wrap.c
> @@ -73,20 +73,20 @@
>
> #if defined(MBEDTLS_MD2_C)
>
> -static void md2_starts_wrap( void *ctx )
> +static int md2_starts_wrap( void *ctx )
> {
> - mbedtls_md2_starts( (mbedtls_md2_context *) ctx );
> + return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) );
> }
>
> -static void md2_update_wrap( void *ctx, const unsigned char *input,
> +static int md2_update_wrap( void *ctx, const unsigned char *input,
> size_t ilen )
> {
> - mbedtls_md2_update( (mbedtls_md2_context *) ctx, input, ilen );
> + return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) );
> }
>
> -static void md2_finish_wrap( void *ctx, unsigned char *output )
> +static int md2_finish_wrap( void *ctx, unsigned char *output )
> {
> - mbedtls_md2_finish( (mbedtls_md2_context *) ctx, output );
> + return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) );
> }
>
> static void *md2_ctx_alloc( void )
> @@ -111,11 +111,11 @@ static void md2_clone_wrap( void *dst, const void *src )
> (const mbedtls_md2_context *) src );
> }
>
> -static void md2_process_wrap( void *ctx, const unsigned char *data )
> +static int md2_process_wrap( void *ctx, const unsigned char *data )
> {
> ((void) data);
>
> - mbedtls_md2_process( (mbedtls_md2_context *) ctx );
> + return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) );
> }
>
> const mbedtls_md_info_t mbedtls_md2_info = {
> @@ -126,7 +126,7 @@ const mbedtls_md_info_t mbedtls_md2_info = {
> md2_starts_wrap,
> md2_update_wrap,
> md2_finish_wrap,
> - mbedtls_md2,
> + mbedtls_md2_ret,
> md2_ctx_alloc,
> md2_ctx_free,
> md2_clone_wrap,
> @@ -137,20 +137,20 @@ const mbedtls_md_info_t mbedtls_md2_info = {
>
> #if defined(MBEDTLS_MD4_C)
>
> -static void md4_starts_wrap( void *ctx )
> +static int md4_starts_wrap( void *ctx )
> {
> - mbedtls_md4_starts( (mbedtls_md4_context *) ctx );
> + return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) );
> }
>
> -static void md4_update_wrap( void *ctx, const unsigned char *input,
> +static int md4_update_wrap( void *ctx, const unsigned char *input,
> size_t ilen )
> {
> - mbedtls_md4_update( (mbedtls_md4_context *) ctx, input, ilen );
> + return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) );
> }
>
> -static void md4_finish_wrap( void *ctx, unsigned char *output )
> +static int md4_finish_wrap( void *ctx, unsigned char *output )
> {
> - mbedtls_md4_finish( (mbedtls_md4_context *) ctx, output );
> + return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) );
> }
>
> static void *md4_ctx_alloc( void )
> @@ -172,12 +172,12 @@ static void md4_ctx_free( void *ctx )
> static void md4_clone_wrap( void *dst, const void *src )
> {
> mbedtls_md4_clone( (mbedtls_md4_context *) dst,
> - (const mbedtls_md4_context *) src );
> + (const mbedtls_md4_context *) src );
> }
>
> -static void md4_process_wrap( void *ctx, const unsigned char *data )
> +static int md4_process_wrap( void *ctx, const unsigned char *data )
> {
> - mbedtls_md4_process( (mbedtls_md4_context *) ctx, data );
> + return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) );
> }
>
> const mbedtls_md_info_t mbedtls_md4_info = {
> @@ -188,7 +188,7 @@ const mbedtls_md_info_t mbedtls_md4_info = {
> md4_starts_wrap,
> md4_update_wrap,
> md4_finish_wrap,
> - mbedtls_md4,
> + mbedtls_md4_ret,
> md4_ctx_alloc,
> md4_ctx_free,
> md4_clone_wrap,
> @@ -199,20 +199,20 @@ const mbedtls_md_info_t mbedtls_md4_info = {
>
> #if defined(MBEDTLS_MD5_C)
>
> -static void md5_starts_wrap( void *ctx )
> +static int md5_starts_wrap( void *ctx )
> {
> - mbedtls_md5_starts( (mbedtls_md5_context *) ctx );
> + return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) );
> }
>
> -static void md5_update_wrap( void *ctx, const unsigned char *input,
> +static int md5_update_wrap( void *ctx, const unsigned char *input,
> size_t ilen )
> {
> - mbedtls_md5_update( (mbedtls_md5_context *) ctx, input, ilen );
> + return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) );
> }
>
> -static void md5_finish_wrap( void *ctx, unsigned char *output )
> +static int md5_finish_wrap( void *ctx, unsigned char *output )
> {
> - mbedtls_md5_finish( (mbedtls_md5_context *) ctx, output );
> + return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) );
> }
>
> static void *md5_ctx_alloc( void )
> @@ -234,12 +234,12 @@ static void md5_ctx_free( void *ctx )
> static void md5_clone_wrap( void *dst, const void *src )
> {
> mbedtls_md5_clone( (mbedtls_md5_context *) dst,
> - (const mbedtls_md5_context *) src );
> + (const mbedtls_md5_context *) src );
> }
>
> -static void md5_process_wrap( void *ctx, const unsigned char *data )
> +static int md5_process_wrap( void *ctx, const unsigned char *data )
> {
> - mbedtls_md5_process( (mbedtls_md5_context *) ctx, data );
> + return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) );
> }
>
> const mbedtls_md_info_t mbedtls_md5_info = {
> @@ -250,7 +250,7 @@ const mbedtls_md_info_t mbedtls_md5_info = {
> md5_starts_wrap,
> md5_update_wrap,
> md5_finish_wrap,
> - mbedtls_md5,
> + mbedtls_md5_ret,
> md5_ctx_alloc,
> md5_ctx_free,
> md5_clone_wrap,
> @@ -261,20 +261,22 @@ const mbedtls_md_info_t mbedtls_md5_info = {
>
> #if defined(MBEDTLS_RIPEMD160_C)
>
> -static void ripemd160_starts_wrap( void *ctx )
> +static int ripemd160_starts_wrap( void *ctx )
> {
> - mbedtls_ripemd160_starts( (mbedtls_ripemd160_context *) ctx );
> + return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) );
> }
>
> -static void ripemd160_update_wrap( void *ctx, const unsigned char *input,
> +static int ripemd160_update_wrap( void *ctx, const unsigned char *input,
> size_t ilen )
> {
> - mbedtls_ripemd160_update( (mbedtls_ripemd160_context *) ctx, input, ilen );
> + return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx,
> + input, ilen ) );
> }
>
> -static void ripemd160_finish_wrap( void *ctx, unsigned char *output )
> +static int ripemd160_finish_wrap( void *ctx, unsigned char *output )
> {
> - mbedtls_ripemd160_finish( (mbedtls_ripemd160_context *) ctx, output );
> + return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx,
> + output ) );
> }
>
> static void *ripemd160_ctx_alloc( void )
> @@ -299,9 +301,10 @@ static void ripemd160_clone_wrap( void *dst, const void *src )
> (const mbedtls_ripemd160_context *) src );
> }
>
> -static void ripemd160_process_wrap( void *ctx, const unsigned char *data )
> +static int ripemd160_process_wrap( void *ctx, const unsigned char *data )
> {
> - mbedtls_ripemd160_process( (mbedtls_ripemd160_context *) ctx, data );
> + return( mbedtls_internal_ripemd160_process(
> + (mbedtls_ripemd160_context *) ctx, data ) );
> }
>
> const mbedtls_md_info_t mbedtls_ripemd160_info = {
> @@ -312,7 +315,7 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = {
> ripemd160_starts_wrap,
> ripemd160_update_wrap,
> ripemd160_finish_wrap,
> - mbedtls_ripemd160,
> + mbedtls_ripemd160_ret,
> ripemd160_ctx_alloc,
> ripemd160_ctx_free,
> ripemd160_clone_wrap,
> @@ -323,20 +326,21 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = {
>
> #if defined(MBEDTLS_SHA1_C)
>
> -static void sha1_starts_wrap( void *ctx )
> +static int sha1_starts_wrap( void *ctx )
> {
> - mbedtls_sha1_starts( (mbedtls_sha1_context *) ctx );
> + return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) );
> }
>
> -static void sha1_update_wrap( void *ctx, const unsigned char *input,
> +static int sha1_update_wrap( void *ctx, const unsigned char *input,
> size_t ilen )
> {
> - mbedtls_sha1_update( (mbedtls_sha1_context *) ctx, input, ilen );
> + return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx,
> + input, ilen ) );
> }
>
> -static void sha1_finish_wrap( void *ctx, unsigned char *output )
> +static int sha1_finish_wrap( void *ctx, unsigned char *output )
> {
> - mbedtls_sha1_finish( (mbedtls_sha1_context *) ctx, output );
> + return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) );
> }
>
> static void *sha1_ctx_alloc( void )
> @@ -361,9 +365,10 @@ static void sha1_ctx_free( void *ctx )
> mbedtls_free( ctx );
> }
>
> -static void sha1_process_wrap( void *ctx, const unsigned char *data )
> +static int sha1_process_wrap( void *ctx, const unsigned char *data )
> {
> - mbedtls_sha1_process( (mbedtls_sha1_context *) ctx, data );
> + return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx,
> + data ) );
> }
>
> const mbedtls_md_info_t mbedtls_sha1_info = {
> @@ -374,7 +379,7 @@ const mbedtls_md_info_t mbedtls_sha1_info = {
> sha1_starts_wrap,
> sha1_update_wrap,
> sha1_finish_wrap,
> - mbedtls_sha1,
> + mbedtls_sha1_ret,
> sha1_ctx_alloc,
> sha1_ctx_free,
> sha1_clone_wrap,
> @@ -388,26 +393,28 @@ const mbedtls_md_info_t mbedtls_sha1_info = {
> */
> #if defined(MBEDTLS_SHA256_C)
>
> -static void sha224_starts_wrap( void *ctx )
> +static int sha224_starts_wrap( void *ctx )
> {
> - mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 1 );
> + return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) );
> }
>
> -static void sha224_update_wrap( void *ctx, const unsigned char *input,
> +static int sha224_update_wrap( void *ctx, const unsigned char *input,
> size_t ilen )
> {
> - mbedtls_sha256_update( (mbedtls_sha256_context *) ctx, input, ilen );
> + return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx,
> + input, ilen ) );
> }
>
> -static void sha224_finish_wrap( void *ctx, unsigned char *output )
> +static int sha224_finish_wrap( void *ctx, unsigned char *output )
> {
> - mbedtls_sha256_finish( (mbedtls_sha256_context *) ctx, output );
> + return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx,
> + output ) );
> }
>
> -static void sha224_wrap( const unsigned char *input, size_t ilen,
> - unsigned char *output )
> +static int sha224_wrap( const unsigned char *input, size_t ilen,
> + unsigned char *output )
> {
> - mbedtls_sha256( input, ilen, output, 1 );
> + return( mbedtls_sha256_ret( input, ilen, output, 1 ) );
> }
>
> static void *sha224_ctx_alloc( void )
> @@ -432,9 +439,10 @@ static void sha224_clone_wrap( void *dst, const void *src )
> (const mbedtls_sha256_context *) src );
> }
>
> -static void sha224_process_wrap( void *ctx, const unsigned char *data )
> +static int sha224_process_wrap( void *ctx, const unsigned char *data )
> {
> - mbedtls_sha256_process( (mbedtls_sha256_context *) ctx, data );
> + return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx,
> + data ) );
> }
>
> const mbedtls_md_info_t mbedtls_sha224_info = {
> @@ -452,15 +460,15 @@ const mbedtls_md_info_t mbedtls_sha224_info = {
> sha224_process_wrap,
> };
>
> -static void sha256_starts_wrap( void *ctx )
> +static int sha256_starts_wrap( void *ctx )
> {
> - mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 0 );
> + return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) );
> }
>
> -static void sha256_wrap( const unsigned char *input, size_t ilen,
> - unsigned char *output )
> +static int sha256_wrap( const unsigned char *input, size_t ilen,
> + unsigned char *output )
> {
> - mbedtls_sha256( input, ilen, output, 0 );
> + return( mbedtls_sha256_ret( input, ilen, output, 0 ) );
> }
>
> const mbedtls_md_info_t mbedtls_sha256_info = {
> @@ -482,26 +490,28 @@ const mbedtls_md_info_t mbedtls_sha256_info = {
>
> #if defined(MBEDTLS_SHA512_C)
>
> -static void sha384_starts_wrap( void *ctx )
> +static int sha384_starts_wrap( void *ctx )
> {
> - mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 1 );
> + return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) );
> }
>
> -static void sha384_update_wrap( void *ctx, const unsigned char *input,
> - size_t ilen )
> +static int sha384_update_wrap( void *ctx, const unsigned char *input,
> + size_t ilen )
> {
> - mbedtls_sha512_update( (mbedtls_sha512_context *) ctx, input, ilen );
> + return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx,
> + input, ilen ) );
> }
>
> -static void sha384_finish_wrap( void *ctx, unsigned char *output )
> +static int sha384_finish_wrap( void *ctx, unsigned char *output )
> {
> - mbedtls_sha512_finish( (mbedtls_sha512_context *) ctx, output );
> + return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx,
> + output ) );
> }
>
> -static void sha384_wrap( const unsigned char *input, size_t ilen,
> - unsigned char *output )
> +static int sha384_wrap( const unsigned char *input, size_t ilen,
> + unsigned char *output )
> {
> - mbedtls_sha512( input, ilen, output, 1 );
> + return( mbedtls_sha512_ret( input, ilen, output, 1 ) );
> }
>
> static void *sha384_ctx_alloc( void )
> @@ -526,9 +536,10 @@ static void sha384_clone_wrap( void *dst, const void *src )
> (const mbedtls_sha512_context *) src );
> }
>
> -static void sha384_process_wrap( void *ctx, const unsigned char *data )
> +static int sha384_process_wrap( void *ctx, const unsigned char *data )
> {
> - mbedtls_sha512_process( (mbedtls_sha512_context *) ctx, data );
> + return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx,
> + data ) );
> }
>
> const mbedtls_md_info_t mbedtls_sha384_info = {
> @@ -546,15 +557,15 @@ const mbedtls_md_info_t mbedtls_sha384_info = {
> sha384_process_wrap,
> };
>
> -static void sha512_starts_wrap( void *ctx )
> +static int sha512_starts_wrap( void *ctx )
> {
> - mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 0 );
> + return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) );
> }
>
> -static void sha512_wrap( const unsigned char *input, size_t ilen,
> - unsigned char *output )
> +static int sha512_wrap( const unsigned char *input, size_t ilen,
> + unsigned char *output )
> {
> - mbedtls_sha512( input, ilen, output, 0 );
> + return( mbedtls_sha512_ret( input, ilen, output, 0 ) );
> }
>
> const mbedtls_md_info_t mbedtls_sha512_info = {
> diff --git a/dll/3rdparty/mbedtls/memory_buffer_alloc.c b/dll/3rdparty/mbedtls/memory_buffer_alloc.c
> index cf0a2c69c5..73504c05e1 100644
> --- a/dll/3rdparty/mbedtls/memory_buffer_alloc.c
> +++ b/dll/3rdparty/mbedtls/memory_buffer_alloc.c
> @@ -184,9 +184,9 @@ static int verify_header( memory_header *hdr )
>
> static int verify_chain()
> {
> - memory_header *prv = heap.first, *cur = heap.first->next;
> + memory_header *prv = heap.first, *cur;
>
> - if( verify_header( heap.first ) != 0 )
> + if( prv == NULL || verify_header( prv ) != 0 )
> {
> #if defined(MBEDTLS_MEMORY_DEBUG)
> mbedtls_fprintf( stderr, "FATAL: verification of first header "
> @@ -204,6 +204,8 @@ static int verify_chain()
> return( 1 );
> }
>
> + cur = heap.first->next;
> +
> while( cur != NULL )
> {
> if( verify_header( cur ) != 0 )
> @@ -247,7 +249,9 @@ static void *buffer_alloc_calloc( size_t n, size_t size )
>
> original_len = len = n * size;
>
> - if( n != 0 && len / n != size )
> + if( n == 0 || size == 0 || len / n != size )
> + return( NULL );
> + else if( len > (size_t)-MBEDTLS_MEMORY_ALIGN_MULTIPLE )
> return( NULL );
>
> if( len % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
> @@ -388,7 +392,7 @@ static void buffer_alloc_free( void *ptr )
> if( ptr == NULL || heap.buf == NULL || heap.first == NULL )
> return;
>
> - if( p < heap.buf || p > heap.buf + heap.len )
> + if( p < heap.buf || p >= heap.buf + heap.len )
> {
> #if defined(MBEDTLS_MEMORY_DEBUG)
> mbedtls_fprintf( stderr, "FATAL: mbedtls_free() outside of managed "
> @@ -520,7 +524,9 @@ void mbedtls_memory_buffer_alloc_status()
> heap.alloc_count, heap.free_count );
>
> if( heap.first->next == NULL )
> + {
> mbedtls_fprintf( stderr, "All memory de-allocated in stack buffer\n" );
> + }
> else
> {
> mbedtls_fprintf( stderr, "Memory currently allocated:\n" );
> @@ -572,8 +578,7 @@ static void buffer_alloc_free_mutexed( void *ptr )
>
> void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len )
> {
> - memset( &heap, 0, sizeof(buffer_alloc_ctx) );
> - memset( buf, 0, len );
> + memset( &heap, 0, sizeof( buffer_alloc_ctx ) );
>
> #if defined(MBEDTLS_THREADING_C)
> mbedtls_mutex_init( &heap.mutex );
> @@ -583,20 +588,24 @@ void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len )
> mbedtls_platform_set_calloc_free( buffer_alloc_calloc, buffer_alloc_free );
> #endif
>
> - if( (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
> + if( len < sizeof( memory_header ) + MBEDTLS_MEMORY_ALIGN_MULTIPLE )
> + return;
> + else if( (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
> {
> /* Adjust len first since buf is used in the computation */
> len -= MBEDTLS_MEMORY_ALIGN_MULTIPLE
> - - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
> + - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
> buf += MBEDTLS_MEMORY_ALIGN_MULTIPLE
> - - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
> + - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
> }
>
> + memset( buf, 0, len );
> +
> heap.buf = buf;
> heap.len = len;
>
> - heap.first = (memory_header *) buf;
> - heap.first->size = len - sizeof(memory_header);
> + heap.first = (memory_header *)buf;
> + heap.first->size = len - sizeof( memory_header );
> heap.first->magic1 = MAGIC1;
> heap.first->magic2 = MAGIC2;
> heap.first_free = heap.first;
> diff --git a/dll/3rdparty/mbedtls/net_sockets.c b/dll/3rdparty/mbedtls/net_sockets.c
> index 6b421999af..99348dc04f 100644
> --- a/dll/3rdparty/mbedtls/net_sockets.c
> +++ b/dll/3rdparty/mbedtls/net_sockets.c
> @@ -47,11 +47,12 @@
> #if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
> !defined(EFI32)
>
> -#ifdef _WIN32_WINNT
> +#if !defined(_WIN32_WINNT) || (_WIN32_WINNT < 0x0501)
> #undef _WIN32_WINNT
> -#endif
> /* Enables getaddrinfo() & Co */
> #define _WIN32_WINNT 0x0501
> +#endif
> +
> #include <ws2tcpip.h>
>
> #include <winsock2.h>
> @@ -65,8 +66,8 @@
> #endif
> #endif /* _MSC_VER */
>
> -#define read(fd,buf,len) recv(fd,(char*)buf,(int) len,0)
> -#define write(fd,buf,len) send(fd,(char*)buf,(int) len,0)
> +#define read(fd,buf,len) recv( fd, (char*)( buf ), (int)( len ), 0 )
> +#define write(fd,buf,len) send( fd, (char*)( buf ), (int)( len ), 0 )
> #define close(fd) closesocket(fd)
>
> static int wsa_init_done = 0;
> @@ -87,7 +88,7 @@ static int wsa_init_done = 0;
> #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
>
> /* Some MS functions want int and MSVC warns if we pass size_t,
> - * but the standard fucntions use socklen_t, so cast only for MSVC */
> + * but the standard functions use socklen_t, so cast only for MSVC */
> #if defined(_MSC_VER)
> #define MSVC_INT_CAST (int)
> #else
> @@ -272,13 +273,18 @@ static int net_would_block( const mbedtls_net_context *ctx )
> */
> static int net_would_block( const mbedtls_net_context *ctx )
> {
> + int err = errno;
> +
> /*
> * Never return 'WOULD BLOCK' on a non-blocking socket
> */
> if( ( fcntl( ctx->fd, F_GETFL ) & O_NONBLOCK ) != O_NONBLOCK )
> + {
> + errno = err;
> return( 0 );
> + }
>
> - switch( errno )
> + switch( errno = err )
> {
> #if defined EAGAIN
> case EAGAIN:
> diff --git a/dll/3rdparty/mbedtls/oid.c b/dll/3rdparty/mbedtls/oid.c
> index e6fbb30dcb..962bd189a2 100644
> --- a/dll/3rdparty/mbedtls/oid.c
> +++ b/dll/3rdparty/mbedtls/oid.c
> @@ -627,6 +627,51 @@ static const oid_md_alg_t oid_md_alg[] =
> FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg)
> FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg)
> FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg)
> +
> +/*
> + * For HMAC digestAlgorithm
> + */
> +typedef struct {
> + mbedtls_oid_descriptor_t descriptor;
> + mbedtls_md_type_t md_hmac;
> +} oid_md_hmac_t;
> +
> +static const oid_md_hmac_t oid_md_hmac[] =
> +{
> +#if defined(MBEDTLS_SHA1_C)
> + {
> + { ADD_LEN( MBEDTLS_OID_HMAC_SHA1 ), "hmacSHA1", "HMAC-SHA-1" },
> + MBEDTLS_MD_SHA1,
> + },
> +#endif /* MBEDTLS_SHA1_C */
> +#if defined(MBEDTLS_SHA256_C)
> + {
> + { ADD_LEN( MBEDTLS_OID_HMAC_SHA224 ), "hmacSHA224", "HMAC-SHA-224" },
> + MBEDTLS_MD_SHA224,
> + },
> + {
> + { ADD_LEN( MBEDTLS_OID_HMAC_SHA256 ), "hmacSHA256", "HMAC-SHA-256" },
> + MBEDTLS_MD_SHA256,
> + },
> +#endif /* MBEDTLS_SHA256_C */
> +#if defined(MBEDTLS_SHA512_C)
> + {
> + { ADD_LEN( MBEDTLS_OID_HMAC_SHA384 ), "hmacSHA384", "HMAC-SHA-384" },
> + MBEDTLS_MD_SHA384,
> + },
> + {
> + { ADD_LEN( MBEDTLS_OID_HMAC_SHA512 ), "hmacSHA512", "HMAC-SHA-512" },
> + MBEDTLS_MD_SHA512,
> + },
> +#endif /* MBEDTLS_SHA512_C */
> + {
> + { NULL, 0, NULL, NULL },
> + MBEDTLS_MD_NONE,
> + },
> +};
> +
> +FN_OID_TYPED_FROM_ASN1(oid_md_hmac_t, md_hmac, oid_md_hmac)
> +FN_OID_GET_ATTR1(mbedtls_oid_get_md_hmac, oid_md_hmac_t, md_hmac, mbedtls_md_type_t, md_hmac)
> #endif /* MBEDTLS_MD_C */
>
> #if defined(MBEDTLS_PKCS12_C)
> diff --git a/dll/3rdparty/mbedtls/pem.c b/dll/3rdparty/mbedtls/pem.c
> index 2377685228..401c906eec 100644
> --- a/dll/3rdparty/mbedtls/pem.c
> +++ b/dll/3rdparty/mbedtls/pem.c
> @@ -84,31 +84,33 @@ static int pem_get_iv( const unsigned char *s, unsigned char *iv,
> return( 0 );
> }
>
> -static void pem_pbkdf1( unsigned char *key, size_t keylen,
> - unsigned char *iv,
> - const unsigned char *pwd, size_t pwdlen )
> +static int pem_pbkdf1( unsigned char *key, size_t keylen,
> + unsigned char *iv,
> + const unsigned char *pwd, size_t pwdlen )
> {
> mbedtls_md5_context md5_ctx;
> unsigned char md5sum[16];
> size_t use_len;
> + int ret;
>
> mbedtls_md5_init( &md5_ctx );
>
> /*
> * key[ 0..15] = MD5(pwd || IV)
> */
> - mbedtls_md5_starts( &md5_ctx );
> - mbedtls_md5_update( &md5_ctx, pwd, pwdlen );
> - mbedtls_md5_update( &md5_ctx, iv, 8 );
> - mbedtls_md5_finish( &md5_ctx, md5sum );
> + if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
> + goto exit;
> + if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
> + goto exit;
> + if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 )
> + goto exit;
> + if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
> + goto exit;
>
> if( keylen <= 16 )
> {
> memcpy( key, md5sum, keylen );
> -
> - mbedtls_md5_free( &md5_ctx );
> - mbedtls_zeroize( md5sum, 16 );
> - return;
> + goto exit;
> }
>
> memcpy( key, md5sum, 16 );
> @@ -116,11 +118,16 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
> /*
> * key[16..23] = MD5(key[ 0..15] || pwd || IV])
> */
> - mbedtls_md5_starts( &md5_ctx );
> - mbedtls_md5_update( &md5_ctx, md5sum, 16 );
> - mbedtls_md5_update( &md5_ctx, pwd, pwdlen );
> - mbedtls_md5_update( &md5_ctx, iv, 8 );
> - mbedtls_md5_finish( &md5_ctx, md5sum );
> + if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
> + goto exit;
> + if( ( ret = mbedtls_md5_update_ret( &md5_ctx, md5sum, 16 ) ) != 0 )
> + goto exit;
> + if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
> + goto exit;
> + if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 )
> + goto exit;
> + if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
> + goto exit;
>
> use_len = 16;
> if( keylen < 32 )
> @@ -128,53 +135,68 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
>
> memcpy( key + 16, md5sum, use_len );
>
> +exit:
> mbedtls_md5_free( &md5_ctx );
> mbedtls_zeroize( md5sum, 16 );
> +
> + return( ret );
> }
>
> #if defined(MBEDTLS_DES_C)
> /*
> * Decrypt with DES-CBC, using PBKDF1 for key derivation
> */
> -static void pem_des_decrypt( unsigned char des_iv[8],
> - unsigned char *buf, size_t buflen,
> - const unsigned char *pwd, size_t pwdlen )
> +static int pem_des_decrypt( unsigned char des_iv[8],
> + unsigned char *buf, size_t buflen,
> + const unsigned char *pwd, size_t pwdlen )
> {
> mbedtls_des_context des_ctx;
> unsigned char des_key[8];
> + int ret;
>
> mbedtls_des_init( &des_ctx );
>
> - pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen );
> + if( ( ret = pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen ) ) != 0 )
> + goto exit;
>
> - mbedtls_des_setkey_dec( &des_ctx, des_key );
> - mbedtls_des_crypt_cbc( &des_ctx, MBEDTLS_DES_DECRYPT, buflen,
> + if( ( ret = mbedtls_des_setkey_dec( &des_ctx, des_key ) ) != 0 )
> + goto exit;
> + ret = mbedtls_des_crypt_cbc( &des_ctx, MBEDTLS_DES_DECRYPT, buflen,
> des_iv, buf, buf );
>
> +exit:
> mbedtls_des_free( &des_ctx );
> mbedtls_zeroize( des_key, 8 );
> +
> + return( ret );
> }
>
> /*
> * Decrypt with 3DES-CBC, using PBKDF1 for key derivation
> */
> -static void pem_des3_decrypt( unsigned char des3_iv[8],
> - unsigned char *buf, size_t buflen,
> - const unsigned char *pwd, size_t pwdlen )
> +static int pem_des3_decrypt( unsigned char des3_iv[8],
> + unsigned char *buf, size_t buflen,
> + const unsigned char *pwd, size_t pwdlen )
> {
> mbedtls_des3_context des3_ctx;
> unsigned char des3_key[24];
> + int ret;
>
> mbedtls_des3_init( &des3_ctx );
>
> - pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen );
> + if( ( ret = pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen ) ) != 0 )
> + goto exit;
>
> - mbedtls_des3_set3key_dec( &des3_ctx, des3_key );
> - mbedtls_des3_crypt_cbc( &des3_ctx, MBEDTLS_DES_DECRYPT, buflen,
> + if( ( ret = mbedtls_des3_set3key_dec( &des3_ctx, des3_key ) ) != 0 )
> + goto exit;
> + ret = mbedtls_des3_crypt_cbc( &des3_ctx, MBEDTLS_DES_DECRYPT, buflen,
> des3_iv, buf, buf );
>
> +exit:
> mbedtls_des3_free( &des3_ctx );
> mbedtls_zeroize( des3_key, 24 );
> +
> + return( ret );
> }
> #endif /* MBEDTLS_DES_C */
>
> @@ -182,23 +204,29 @@ static void pem_des3_decrypt( unsigned char des3_iv[8],
> /*
> * Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation
> */
> -static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
> - unsigned char *buf, size_t buflen,
> - const unsigned char *pwd, size_t pwdlen )
> +static int pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
> + unsigned char *buf, size_t buflen,
> + const unsigned char *pwd, size_t pwdlen )
> {
> mbedtls_aes_context aes_ctx;
> unsigned char aes_key[32];
> + int ret;
>
> mbedtls_aes_init( &aes_ctx );
>
> - pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen );
> + if( ( ret = pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen ) ) != 0 )
> + goto exit;
>
> - mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 );
> - mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_DECRYPT, buflen,
> + if( ( ret = mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 ) ) != 0 )
> + goto exit;
> + ret = mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_DECRYPT, buflen,
> aes_iv, buf, buf );
>
> +exit:
> mbedtls_aes_free( &aes_ctx );
> mbedtls_zeroize( aes_key, keylen );
> +
> + return( ret );
> }
> #endif /* MBEDTLS_AES_C */
>
> @@ -333,6 +361,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
>
> if( ( ret = mbedtls_base64_decode( buf, len, &len, s1, s2 - s1 ) ) != 0 )
> {
> + mbedtls_zeroize( buf, len );
> mbedtls_free( buf );
> return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
> }
> @@ -343,26 +372,35 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
> ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
> if( pwd == NULL )
> {
> + mbedtls_zeroize( buf, len );
> mbedtls_free( buf );
> return( MBEDTLS_ERR_PEM_PASSWORD_REQUIRED );
> }
>
> + ret = 0;
> +
> #if defined(MBEDTLS_DES_C)
> if( enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC )
> - pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen );
> + ret = pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen );
> else if( enc_alg == MBEDTLS_CIPHER_DES_CBC )
> - pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen );
> + ret = pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen );
> #endif /* MBEDTLS_DES_C */
>
> #if defined(MBEDTLS_AES_C)
> if( enc_alg == MBEDTLS_CIPHER_AES_128_CBC )
> - pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen );
> + ret = pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen );
> else if( enc_alg == MBEDTLS_CIPHER_AES_192_CBC )
> - pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen );
> + ret = pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen );
> else if( enc_alg == MBEDTLS_CIPHER_AES_256_CBC )
> - pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen );
> + ret = pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen );
> #endif /* MBEDTLS_AES_C */
>
> + if( ret != 0 )
> + {
> + mbedtls_free( buf );
> + return( ret );
> + }
> +
> /*
> * The result will be ASN.1 starting with a SEQUENCE tag, with 1 to 3
> * length bytes (allow 4 to be sure) in all known use cases.
> @@ -371,10 +409,12 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
> */
> if( len <= 2 || buf[0] != 0x30 || buf[1] > 0x83 )
> {
> + mbedtls_zeroize( buf, len );
> mbedtls_free( buf );
> return( MBEDTLS_ERR_PEM_PASSWORD_MISMATCH );
> }
> #else
> + mbedtls_zeroize( buf, len );
> mbedtls_free( buf );
> return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
> #endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
> @@ -389,6 +429,8 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
>
> void mbedtls_pem_free( mbedtls_pem_context *ctx )
> {
> + if( ctx->buf != NULL )
> + mbedtls_zeroize( ctx->buf, ctx->buflen );
> mbedtls_free( ctx->buf );
> mbedtls_free( ctx->info );
>
> @@ -402,7 +444,7 @@ int mbedtls_pem_write_buffer( const char *header, const char *footer,
> unsigned char *buf, size_t buf_len, size_t *olen )
> {
> int ret;
> - unsigned char *encode_buf, *c, *p = buf;
> + unsigned char *encode_buf = NULL, *c, *p = buf;
> size_t len = 0, use_len, add_len = 0;
>
> mbedtls_base64_encode( NULL, 0, &use_len, der_data, der_len );
> @@ -414,7 +456,8 @@ int mbedtls_pem_write_buffer( const char *header, const char *footer,
> return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
> }
>
> - if( ( encode_buf = mbedtls_calloc( 1, use_len ) ) == NULL )
> + if( use_len != 0 &&
> + ( ( encode_buf = mbedtls_calloc( 1, use_len ) ) == NULL ) )
> return( MBEDTLS_ERR_PEM_ALLOC_FAILED );
>
> if( ( ret = mbedtls_base64_encode( encode_buf, use_len, &use_len, der_data,
> diff --git a/dll/3rdparty/mbedtls/pk.c b/dll/3rdparty/mbedtls/pk.c
> index 1b2f829e3f..a369df2a9e 100644
> --- a/dll/3rdparty/mbedtls/pk.c
> +++ b/dll/3rdparty/mbedtls/pk.c
> @@ -31,8 +31,6 @@
> #include "mbedtls/pk.h"
> #include "mbedtls/pk_internal.h"
>
> -#include "mbedtls/bignum.h"
> -
> #if defined(MBEDTLS_RSA_C)
> #include "mbedtls/rsa.h"
> #endif
> @@ -44,6 +42,7 @@
> #endif
>
> #include <limits.h>
> +#include <stdint.h>
>
> /* Implementation that should never be optimized out by the compiler */
> static void mbedtls_zeroize( void *v, size_t n ) {
> @@ -215,10 +214,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
> int ret;
> const mbedtls_pk_rsassa_pss_options *pss_opts;
>
> -#if defined(MBEDTLS_HAVE_INT64)
> +#if SIZE_MAX > UINT_MAX
> if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
> return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
> -#endif /* MBEDTLS_HAVE_INT64 */
> +#endif /* SIZE_MAX > UINT_MAX */
>
> if( options == NULL )
> return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
> diff --git a/dll/3rdparty/mbedtls/pk_wrap.c b/dll/3rdparty/mbedtls/pk_wrap.c
> index e7443b23db..2c24799e38 100644
> --- a/dll/3rdparty/mbedtls/pk_wrap.c
> +++ b/dll/3rdparty/mbedtls/pk_wrap.c
> @@ -32,7 +32,6 @@
>
> /* Even if RSA not activated, for the sake of RSA-alt */
> #include "mbedtls/rsa.h"
> -#include "mbedtls/bignum.h"
>
> #include <string.h>
>
> @@ -53,6 +52,7 @@
> #endif
>
> #include <limits.h>
> +#include <stdint.h>
>
> #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
> /* Implementation that should never be optimized out by the compiler */
> @@ -70,7 +70,8 @@ static int rsa_can_do( mbedtls_pk_type_t type )
>
> static size_t rsa_get_bitlen( const void *ctx )
> {
> - return( 8 * ((const mbedtls_rsa_context *) ctx)->len );
> + const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx;
> + return( 8 * mbedtls_rsa_get_len( rsa ) );
> }
>
> static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
> @@ -78,21 +79,28 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
> const unsigned char *sig, size_t sig_len )
> {
> int ret;
> + mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
> + size_t rsa_len = mbedtls_rsa_get_len( rsa );
>
> -#if defined(MBEDTLS_HAVE_INT64)
> +#if SIZE_MAX > UINT_MAX
> if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
> return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
> -#endif /* MBEDTLS_HAVE_INT64 */
> +#endif /* SIZE_MAX > UINT_MAX */
>
> - if( sig_len < ((mbedtls_rsa_context *) ctx)->len )
> + if( sig_len < rsa_len )
> return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
>
> - if( ( ret = mbedtls_rsa_pkcs1_verify( (mbedtls_rsa_context *) ctx, NULL, NULL,
> + if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, NULL,
> MBEDTLS_RSA_PUBLIC, md_alg,
> (unsigned int) hash_len, hash, sig ) ) != 0 )
> return( ret );
>
> - if( sig_len > ((mbedtls_rsa_context *) ctx)->len )
> + /* The buffer contains a valid signature followed by extra data.
> + * We have a special error code for that so that so that callers can
> + * use mbedtls_pk_verify() to check "Does the buffer start with a
> + * valid signature?" and not just "Does the buffer contain a valid
> + * signature?". */
> + if( sig_len > rsa_len )
> return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
>
> return( 0 );
> @@ -103,14 +111,16 @@ static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
> unsigned char *sig, size_t *sig_len,
> int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
> {
> -#if defined(MBEDTLS_HAVE_INT64)
> + mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
> +
> +#if SIZE_MAX > UINT_MAX
> if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
> return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
> -#endif /* MBEDTLS_HAVE_INT64 */
> +#endif /* SIZE_MAX > UINT_MAX */
>
> - *sig_len = ((mbedtls_rsa_context *) ctx)->len;
> + *sig_len = mbedtls_rsa_get_len( rsa );
>
> - return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
> + return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
> md_alg, (unsigned int) hash_len, hash, sig ) );
> }
>
> @@ -119,10 +129,12 @@ static int rsa_decrypt_wrap( void *ctx,
> unsigned char *output, size_t *olen, size_t osize,
> int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
> {
> - if( ilen != ((mbedtls_rsa_context *) ctx)->len )
> + mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
> +
> + if( ilen != mbedtls_rsa_get_len( rsa ) )
> return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
>
> - return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, f_rng, p_rng,
> + return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng,
> MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
> }
>
> @@ -131,13 +143,14 @@ static int rsa_encrypt_wrap( void *ctx,
> unsigned char *output, size_t *olen, size_t osize,
> int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
> {
> - *olen = ((mbedtls_rsa_context *) ctx)->len;
> + mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
> + *olen = mbedtls_rsa_get_len( rsa );
>
> if( *olen > osize )
> return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
>
> - return( mbedtls_rsa_pkcs1_encrypt( (mbedtls_rsa_context *) ctx,
> - f_rng, p_rng, MBEDTLS_RSA_PUBLIC, ilen, input, output ) );
> + return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC,
> + ilen, input, output ) );
> }
>
> static int rsa_check_pair_wrap( const void *pub, const void *prv )
> @@ -417,10 +430,10 @@ static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
> {
> mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
>
> -#if defined(MBEDTLS_HAVE_INT64)
> +#if SIZE_MAX > UINT_MAX
> if( UINT_MAX < hash_len )
> return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
> -#endif /* MBEDTLS_HAVE_INT64 */
> +#endif /* SIZE_MAX > UINT_MAX */
>
> *sig_len = rsa_alt->key_len_func( rsa_alt->key );
>
> diff --git a/dll/3rdparty/mbedtls/pkcs5.c b/dll/3rdparty/mbedtls/pkcs5.c
> index 96f7a04064..e62d663d25 100644
> --- a/dll/3rdparty/mbedtls/pkcs5.c
> +++ b/dll/3rdparty/mbedtls/pkcs5.c
> @@ -40,9 +40,12 @@
> #if defined(MBEDTLS_PKCS5_C)
>
> #include "mbedtls/pkcs5.h"
> +
> +#if defined(MBEDTLS_ASN1_PARSE_C)
> #include "mbedtls/asn1.h"
> #include "mbedtls/cipher.h"
> #include "mbedtls/oid.h"
> +#endif /* MBEDTLS_ASN1_PARSE_C */
>
> #include <string.h>
>
> @@ -53,6 +56,22 @@
> #define mbedtls_printf printf
> #endif
>
> +#if !defined(MBEDTLS_ASN1_PARSE_C)
> +int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
> + const unsigned char *pwd, size_t pwdlen,
> + const unsigned char *data, size_t datalen,
> + unsigned char *output )
> +{
> + ((void) pbe_params);
> + ((void) mode);
> + ((void) pwd);
> + ((void) pwdlen);
> + ((void) data);
> + ((void) datalen);
> + ((void) output);
> + return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
> +}
> +#else
> static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
> mbedtls_asn1_buf *salt, int *iterations,
> int *keylen, mbedtls_md_type_t *md_type )
> @@ -98,11 +117,9 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
> if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 )
> return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
>
> - if( MBEDTLS_OID_CMP( MBEDTLS_OID_HMAC_SHA1, &prf_alg_oid ) != 0 )
> + if( mbedtls_oid_get_md_hmac( &prf_alg_oid, md_type ) != 0 )
> return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
>
> - *md_type = MBEDTLS_MD_SHA1;
> -
> if( p != end )
> return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
> MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
> @@ -215,6 +232,7 @@ exit:
>
> return( ret );
> }
> +#endif /* MBEDTLS_ASN1_PARSE_C */
>
> int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
> size_t plen, const unsigned char *salt, size_t slen,
> @@ -233,8 +251,10 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p
> memset( counter, 0, 4 );
> counter[3] = 1;
>
> +#if UINT_MAX > 0xFFFFFFFF
> if( iteration_count > 0xFFFFFFFF )
> return( MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA );
> +#endif
>
> while( key_length )
> {
> diff --git a/dll/3rdparty/mbedtls/pkparse.c b/dll/3rdparty/mbedtls/pkparse.c
> index 569ebf7953..c8da059163 100644
> --- a/dll/3rdparty/mbedtls/pkparse.c
> +++ b/dll/3rdparty/mbedtls/pkparse.c
> @@ -62,12 +62,15 @@
> #define mbedtls_free free
> #endif
>
> -#if defined(MBEDTLS_FS_IO)
> +#if defined(MBEDTLS_FS_IO) || \
> + defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
> /* Implementation that should never be optimized out by the compiler */
> static void mbedtls_zeroize( void *v, size_t n ) {
> volatile unsigned char *p = v; while( n-- ) *p++ = 0;
> }
> +#endif
>
> +#if defined(MBEDTLS_FS_IO)
> /*
> * Load all data from a file into a given buffer.
> *
> @@ -103,7 +106,10 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n )
> if( fread( *buf, 1, *n, f ) != *n )
> {
> fclose( f );
> +
> + mbedtls_zeroize( *buf, *n );
> mbedtls_free( *buf );
> +
> return( MBEDTLS_ERR_PK_FILE_IO_ERROR );
> }
>
> @@ -177,6 +183,10 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end,
> {
> int ret;
>
> + if ( end - *p < 1 )
> + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
> + MBEDTLS_ERR_ASN1_OUT_OF_DATA );
> +
> /* Tag may be either OID or SEQUENCE */
> params->tag = **p;
> if( params->tag != MBEDTLS_ASN1_OID
> @@ -522,18 +532,35 @@ static int pk_get_rsapubkey( unsigned char **p,
> return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
> MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
>
> - if( ( ret = mbedtls_asn1_get_mpi( p, end, &rsa->N ) ) != 0 ||
> - ( ret = mbedtls_asn1_get_mpi( p, end, &rsa->E ) ) != 0 )
> + /* Import N */
> + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
> return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
>
> - if( *p != end )
> - return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
> - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
> + if( ( ret = mbedtls_rsa_import_raw( rsa, *p, len, NULL, 0, NULL, 0,
> + NULL, 0, NULL, 0 ) ) != 0 )
> + return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
> +
> + *p += len;
>
> - if( ( ret = mbedtls_rsa_check_pubkey( rsa ) ) != 0 )
> + /* Import E */
> + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
> + return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
> +
> + if( ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0,
> + NULL, 0, *p, len ) ) != 0 )
> return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
>
> - rsa->len = mbedtls_mpi_size( &rsa->N );
> + *p += len;
> +
> + if( mbedtls_rsa_complete( rsa ) != 0 ||
> + mbedtls_rsa_check_pubkey( rsa ) != 0 )
> + {
> + return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
> + }
> +
> + if( *p != end )
> + return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
> + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
>
> return( 0 );
> }
> @@ -645,10 +672,13 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
> const unsigned char *key,
> size_t keylen )
> {
> - int ret;
> + int ret, version;
> size_t len;
> unsigned char *p, *end;
>
> + mbedtls_mpi T;
> + mbedtls_mpi_init( &T );
> +
> p = (unsigned char *) key;
> end = p + keylen;
>
> @@ -676,45 +706,88 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
>
> end = p + len;
>
> - if( ( ret = mbedtls_asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
> + if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 )
> {
> return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
> }
>
> - if( rsa->ver != 0 )
> + if( version != 0 )
> {
> return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION );
> }
>
> - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->N ) ) != 0 ||
> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->E ) ) != 0 ||
> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->D ) ) != 0 ||
> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->P ) ) != 0 ||
> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->Q ) ) != 0 ||
> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->DP ) ) != 0 ||
> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0 ||
> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->QP ) ) != 0 )
> - {
> - mbedtls_rsa_free( rsa );
> - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
> - }
> + /* Import N */
> + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
> + MBEDTLS_ASN1_INTEGER ) ) != 0 ||
> + ( ret = mbedtls_rsa_import_raw( rsa, p, len, NULL, 0, NULL, 0,
> + NULL, 0, NULL, 0 ) ) != 0 )
> + goto cleanup;
> + p += len;
>
> - rsa->len = mbedtls_mpi_size( &rsa->N );
> + /* Import E */
> + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
> + MBEDTLS_ASN1_INTEGER ) ) != 0 ||
> + ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0,
> + NULL, 0, p, len ) ) != 0 )
> + goto cleanup;
> + p += len;
> +
> + /* Import D */
> + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
> + MBEDTLS_ASN1_INTEGER ) ) != 0 ||
> + ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0,
> + p, len, NULL, 0 ) ) != 0 )
> + goto cleanup;
> + p += len;
> +
> + /* Import P */
> + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
> + MBEDTLS_ASN1_INTEGER ) ) != 0 ||
> + ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, p, len, NULL, 0,
> + NULL, 0, NULL, 0 ) ) != 0 )
> + goto cleanup;
> + p += len;
> +
> + /* Import Q */
> + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
> + MBEDTLS_ASN1_INTEGER ) ) != 0 ||
> + ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, p, len,
> + NULL, 0, NULL, 0 ) ) != 0 )
> + goto cleanup;
> + p += len;
> +
> + /* Complete the RSA private key */
> + if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 )
> + goto cleanup;
> +
> + /* Check optional parameters */
> + if( ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ||
> + ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ||
> + ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 )
> + goto cleanup;
>
> if( p != end )
> {
> - mbedtls_rsa_free( rsa );
> - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
> - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
> + ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
> + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ;
> }
>
> - if( ( ret = mbedtls_rsa_check_privkey( rsa ) ) != 0 )
> +cleanup:
> +
> + mbedtls_mpi_free( &T );
> +
> + if( ret != 0 )
> {
> + /* Wrap error code if it's coming from a lower level */
> + if( ( ret & 0xff80 ) == 0 )
> + ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret;
> + else
> + ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
> +
> mbedtls_rsa_free( rsa );
> - return( ret );
> }
>
> - return( 0 );
> + return( ret );
> }
> #endif /* MBEDTLS_RSA_C */
>
> @@ -790,7 +863,10 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck,
> mbedtls_ecp_keypair_free( eck );
> return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
> }
> + }
>
> + if( p != end )
> + {
> /*
> * Is 'publickey' present? If not, or if we can't read it (eg because it
> * is compressed), create it from the private key.
> @@ -846,6 +922,16 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck,
>
> /*
> * Parse an unencrypted PKCS#8 encoded private key
> + *
> + * Notes:
> + *
> + * - This function does not own the key buffer. It is the
> + * responsibility of the caller to take care of zeroizing
> + * and freeing it after use.
> + *
> + * - The function is responsible for freeing the provided
> + * PK context on failure.
> + *
> */
> static int pk_parse_key_pkcs8_unencrypted_der(
> mbedtls_pk_context *pk,
> @@ -861,7 +947,7 @@ static int pk_parse_key_pkcs8_unencrypted_der(
> const mbedtls_pk_info_t *pk_info;
>
> /*
> - * This function parses the PrivatKeyInfo object (PKCS#8 v1.2 = RFC 5208)
> + * This function parses the PrivateKeyInfo object (PKCS#8 v1.2 = RFC 5208)
> *
> * PrivateKeyInfo ::= SEQUENCE {
> * version Version,
> @@ -934,16 +1020,22 @@ static int pk_parse_key_pkcs8_unencrypted_der(
>
> /*
> * Parse an encrypted PKCS#8 encoded private key
> + *
> + * To save space, the decryption happens in-place on the given key buffer.
> + * Also, while this function may modify the keybuffer, it doesn't own it,
> + * and instead it is the responsibility of the caller to zeroize and properly
> + * free it after use.
> + *
> */
> #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
> static int pk_parse_key_pkcs8_encrypted_der(
> mbedtls_pk_context *pk,
> - const unsigned char *key, size_t keylen,
> + unsigned char *key, size_t keylen,
> const unsigned char *pwd, size_t pwdlen )
> {
> int ret, decrypted = 0;
> size_t len;
> - unsigned char buf[2048];
> + unsigned char *buf;
> unsigned char *p, *end;
> mbedtls_asn1_buf pbe_alg_oid, pbe_params;
> #if defined(MBEDTLS_PKCS12_C)
> @@ -951,16 +1043,14 @@ static int pk_parse_key_pkcs8_encrypted_der(
> mbedtls_md_type_t md_alg;
> #endif
>
> - memset( buf, 0, sizeof( buf ) );
> -
> - p = (unsigned char *) key;
> + p = key;
> end = p + keylen;
>
> if( pwdlen == 0 )
> return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED );
>
> /*
> - * This function parses the EncryptedPrivatKeyInfo object (PKCS#8)
> + * This function parses the EncryptedPrivateKeyInfo object (PKCS#8)
> *
> * EncryptedPrivateKeyInfo ::= SEQUENCE {
> * encryptionAlgorithm EncryptionAlgorithmIdentifier,
> @@ -972,6 +1062,7 @@ static int pk_parse_key_pkcs8_encrypted_der(
> * EncryptedData ::= OCTET STRING
> *
> * The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo
> + *
> */
> if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
> MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
> @@ -987,11 +1078,10 @@ static int pk_parse_key_pkcs8_encrypted_der(
> if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
> return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
>
> - if( len > sizeof( buf ) )
> - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
> + buf = p;
>
> /*
> - * Decrypt EncryptedData with appropriate PDE
> + * Decrypt EncryptedData with appropriate PBE
> */
> #if defined(MBEDTLS_PKCS12_C)
> if( mbedtls_oid_get_pkcs12_pbe_alg( &pbe_alg_oid, &md_alg, &cipher_alg ) == 0 )
> @@ -1083,10 +1173,8 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
>
> if( ret == 0 )
> {
> - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
> - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
> -
> - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
> + pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA );
> + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
> ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ),
> pem.buf, pem.buflen ) ) != 0 )
> {
> @@ -1115,10 +1203,9 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
> key, pwd, pwdlen, &len );
> if( ret == 0 )
> {
> - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == NULL )
> - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
> + pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY );
>
> - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
> + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
> ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
> pem.buf, pem.buflen ) ) != 0 )
> {
> @@ -1183,7 +1270,6 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
> return( ret );
> #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
> #else
> - ((void) ret);
> ((void) pwd);
> ((void) pwdlen);
> #endif /* MBEDTLS_PEM_PARSE_C */
> @@ -1196,12 +1282,27 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
> * error
> */
> #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
> - if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, key, keylen,
> - pwd, pwdlen ) ) == 0 )
> {
> - return( 0 );
> + unsigned char *key_copy;
> +
> + if( keylen == 0 )
> + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
> +
> + if( ( key_copy = mbedtls_calloc( 1, keylen ) ) == NULL )
> + return( MBEDTLS_ERR_PK_ALLOC_FAILED );
> +
> + memcpy( key_copy, key, keylen );
> +
> + ret = pk_parse_key_pkcs8_encrypted_der( pk, key_copy, keylen,
> + pwd, pwdlen );
> +
> + mbedtls_zeroize( key_copy, keylen );
> + mbedtls_free( key_copy );
> }
>
> + if( ret == 0 )
> + return( 0 );
> +
> mbedtls_pk_free( pk );
>
> if( ret == MBEDTLS_ERR_PK_PASSWORD_MISMATCH )
> @@ -1216,29 +1317,35 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
> mbedtls_pk_free( pk );
>
> #if defined(MBEDTLS_RSA_C)
> - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
> - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
>
> - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
> - ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), key, keylen ) ) == 0 )
> + pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA );
> + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
> + ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ),
> + key, keylen ) ) != 0 )
> + {
> + mbedtls_pk_free( pk );
> + }
> + else
> {
> return( 0 );
> }
>
> - mbedtls_pk_free( pk );
> #endif /* MBEDTLS_RSA_C */
>
> #if defined(MBEDTLS_ECP_C)
> - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == NULL )
> - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
>
> - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
> - ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), key, keylen ) ) == 0 )
> + pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY );
> + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
> + ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
> + key, keylen ) ) != 0 )
> + {
> + mbedtls_pk_free( pk );
> + }
> + else
> {
> return( 0 );
> }
>
> - mbedtls_pk_free( pk );
> #endif /* MBEDTLS_ECP_C */
>
> return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
> diff --git a/dll/3rdparty/mbedtls/pkwrite.c b/dll/3rdparty/mbedtls/pkwrite.c
> index ae79cf4131..8e0bb2e605 100644
> --- a/dll/3rdparty/mbedtls/pkwrite.c
> +++ b/dll/3rdparty/mbedtls/pkwrite.c
> @@ -64,13 +64,31 @@
> * }
> */
> static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start,
> - mbedtls_rsa_context *rsa )
> + mbedtls_rsa_context *rsa )
> {
> int ret;
> size_t len = 0;
> + mbedtls_mpi T;
>
> - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( p, start, &rsa->E ) );
> - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( p, start, &rsa->N ) );
> + mbedtls_mpi_init( &T );
> +
> + /* Export E */
> + if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &T ) ) != 0 ||
> + ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 )
> + goto end_of_export;
> + len += ret;
> +
> + /* Export N */
> + if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL, NULL, NULL, NULL ) ) != 0 ||
> + ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 )
> + goto end_of_export;
> ... 18470 lines suppressed ...
>
--
Pierre Schweitzer <pierre at reactos.org>
System & Network Administrator
Senior Kernel Developer
ReactOS Deutschland e.V.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://reactos.org/pipermail/ros-dev/attachments/20190105/3b72cc37/attachment-0001.sig>
More information about the Ros-dev
mailing list