[ros-dev] [ros-diffs] [reactos] 02/03: [MBEDTLS] Update to version 2.7.6. CORE-15280
Thomas Faber
thomas.faber at reactos.org
Sat Jan 5 10:56:45 UTC 2019
It's 2.7.6. The 2.7.9 update will follow shortly, so I've updated the
ticket.
Thanks,
Thomas
On 2019-01-05 11:20, Pierre Schweitzer wrote:
> Hey Thomas,
>
> Is that an upgrade to 2.7.6 or 2.7.9?
> Your commit reads the first one, while Jira associated ticket reads the
> second one.
>
> Cheers,
> Pierre
>
> Le 05/01/2019 à 10:36, Thomas Faber a écrit :
>> https://git.reactos.org/?p=reactos.git;a=commitdiff;h=d9e6c9b539327f861c3068e89cfe80f0004ee4c5
>>
>> commit d9e6c9b539327f861c3068e89cfe80f0004ee4c5
>> Author: Thomas Faber <thomas.faber at reactos.org>
>> AuthorDate: Wed Oct 31 16:00:34 2018 +0100
>> Commit: Thomas Faber <thomas.faber at reactos.org>
>> CommitDate: Sat Jan 5 09:20:35 2019 +0100
>>
>> [MBEDTLS] Update to version 2.7.6. CORE-15280
>>
>> Note: this disables the MBEDTLS_DEPRECATED_REMOVED configuration value,
>> because we require the now-deprecated MD5 & SHA functions for bcrypt.
>> ---
>> dll/3rdparty/mbedtls/CMakeLists.txt | 1 +
>> dll/3rdparty/mbedtls/aes.c | 238 ++--
>> dll/3rdparty/mbedtls/asn1write.c | 5 +-
>> dll/3rdparty/mbedtls/bignum.c | 24 +-
>> dll/3rdparty/mbedtls/ccm.c | 39 +-
>> dll/3rdparty/mbedtls/cipher.c | 24 +-
>> dll/3rdparty/mbedtls/cmac.c | 12 +-
>> dll/3rdparty/mbedtls/ctr_drbg.c | 116 +-
>> dll/3rdparty/mbedtls/debug.c | 2 +-
>> dll/3rdparty/mbedtls/dhm.c | 62 +-
>> dll/3rdparty/mbedtls/ecdh.c | 4 +
>> dll/3rdparty/mbedtls/ecdsa.c | 13 +
>> dll/3rdparty/mbedtls/ecjpake.c | 5 +-
>> dll/3rdparty/mbedtls/ecp.c | 11 +-
>> dll/3rdparty/mbedtls/entropy.c | 136 ++-
>> dll/3rdparty/mbedtls/error.c | 135 ++-
>> dll/3rdparty/mbedtls/gcm.c | 200 ++--
>> dll/3rdparty/mbedtls/hmac_drbg.c | 15 +-
>> dll/3rdparty/mbedtls/md.c | 109 +-
>> dll/3rdparty/mbedtls/md2.c | 119 +-
>> dll/3rdparty/mbedtls/md4.c | 132 ++-
>> dll/3rdparty/mbedtls/md5.c | 163 ++-
>> dll/3rdparty/mbedtls/md_wrap.c | 171 +--
>> dll/3rdparty/mbedtls/memory_buffer_alloc.c | 31 +-
>> dll/3rdparty/mbedtls/net_sockets.c | 18 +-
>> dll/3rdparty/mbedtls/oid.c | 45 +
>> dll/3rdparty/mbedtls/pem.c | 125 +-
>> dll/3rdparty/mbedtls/pk.c | 7 +-
>> dll/3rdparty/mbedtls/pk_wrap.c | 49 +-
>> dll/3rdparty/mbedtls/pkcs5.c | 26 +-
>> dll/3rdparty/mbedtls/pkparse.c | 229 +++-
>> dll/3rdparty/mbedtls/pkwrite.c | 110 +-
>> dll/3rdparty/mbedtls/platform.c | 15 +-
>> dll/3rdparty/mbedtls/ripemd160.c | 157 ++-
>> dll/3rdparty/mbedtls/rsa.c | 1244 ++++++++++++++------
>> dll/3rdparty/mbedtls/rsa_internal.c | 489 ++++++++
>> dll/3rdparty/mbedtls/sha1.c | 175 ++-
>> dll/3rdparty/mbedtls/sha256.c | 182 ++-
>> dll/3rdparty/mbedtls/sha512.c | 184 ++-
>> dll/3rdparty/mbedtls/ssl_cache.c | 1 +
>> dll/3rdparty/mbedtls/ssl_ciphersuites.c | 6 +-
>> dll/3rdparty/mbedtls/ssl_cli.c | 301 ++---
>> dll/3rdparty/mbedtls/ssl_srv.c | 189 ++-
>> dll/3rdparty/mbedtls/ssl_tls.c | 923 +++++++++++----
>> dll/3rdparty/mbedtls/threading.c | 12 +
>> dll/3rdparty/mbedtls/timing.c | 131 ++-
>> dll/3rdparty/mbedtls/version_features.c | 42 +-
>> dll/3rdparty/mbedtls/x509.c | 23 +-
>> dll/3rdparty/mbedtls/x509_crl.c | 65 +-
>> dll/3rdparty/mbedtls/x509_crt.c | 114 +-
>> dll/3rdparty/mbedtls/x509_csr.c | 29 +-
>> dll/3rdparty/mbedtls/x509write_crt.c | 78 +-
>> dll/3rdparty/mbedtls/x509write_csr.c | 23 +-
>> sdk/include/reactos/libs/mbedtls/aes.h | 366 +++---
>> sdk/include/reactos/libs/mbedtls/aesni.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/arc4.h | 38 +-
>> sdk/include/reactos/libs/mbedtls/asn1.h | 20 +-
>> sdk/include/reactos/libs/mbedtls/asn1write.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/base64.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/bignum.h | 11 +-
>> sdk/include/reactos/libs/mbedtls/blowfish.h | 4 +-
>> sdk/include/reactos/libs/mbedtls/bn_mul.h | 20 +-
>> sdk/include/reactos/libs/mbedtls/camellia.h | 4 +-
>> sdk/include/reactos/libs/mbedtls/ccm.h | 153 ++-
>> sdk/include/reactos/libs/mbedtls/certs.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/check_config.h | 7 +-
>> sdk/include/reactos/libs/mbedtls/cipher.h | 561 +++++----
>> sdk/include/reactos/libs/mbedtls/cipher_internal.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/cmac.h | 184 +--
>> sdk/include/reactos/libs/mbedtls/compat-1.3.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/config.h | 141 ++-
>> sdk/include/reactos/libs/mbedtls/ctr_drbg.h | 254 ++--
>> sdk/include/reactos/libs/mbedtls/debug.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/des.h | 51 +
>> sdk/include/reactos/libs/mbedtls/dhm.h | 1114 +++++++++++++++---
>> sdk/include/reactos/libs/mbedtls/ecdh.h | 239 ++--
>> sdk/include/reactos/libs/mbedtls/ecdsa.h | 286 +++--
>> sdk/include/reactos/libs/mbedtls/ecjpake.h | 21 +-
>> sdk/include/reactos/libs/mbedtls/ecp.h | 6 +-
>> sdk/include/reactos/libs/mbedtls/ecp_internal.h | 5 +-
>> sdk/include/reactos/libs/mbedtls/entropy.h | 4 +-
>> sdk/include/reactos/libs/mbedtls/entropy_poll.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/error.h | 40 +-
>> sdk/include/reactos/libs/mbedtls/gcm.h | 241 ++--
>> sdk/include/reactos/libs/mbedtls/havege.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/hmac_drbg.h | 5 +-
>> sdk/include/reactos/libs/mbedtls/md.h | 371 +++---
>> sdk/include/reactos/libs/mbedtls/md2.h | 191 ++-
>> sdk/include/reactos/libs/mbedtls/md4.h | 196 ++-
>> sdk/include/reactos/libs/mbedtls/md5.h | 194 ++-
>> sdk/include/reactos/libs/mbedtls/md_internal.h | 15 +-
>> .../reactos/libs/mbedtls/memory_buffer_alloc.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/net.h | 9 +-
>> sdk/include/reactos/libs/mbedtls/net_sockets.h | 8 +-
>> sdk/include/reactos/libs/mbedtls/oid.h | 21 +-
>> sdk/include/reactos/libs/mbedtls/padlock.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/pem.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/pk.h | 16 +-
>> sdk/include/reactos/libs/mbedtls/pk_internal.h | 5 +-
>> sdk/include/reactos/libs/mbedtls/pkcs11.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/pkcs12.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/pkcs5.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/platform.h | 111 +-
>> sdk/include/reactos/libs/mbedtls/platform_time.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/ripemd160.h | 125 +-
>> sdk/include/reactos/libs/mbedtls/rsa.h | 1166 ++++++++++++------
>> sdk/include/reactos/libs/mbedtls/rsa_internal.h | 228 ++++
>> sdk/include/reactos/libs/mbedtls/sha1.h | 248 +++-
>> sdk/include/reactos/libs/mbedtls/sha256.h | 215 +++-
>> sdk/include/reactos/libs/mbedtls/sha512.h | 221 +++-
>> sdk/include/reactos/libs/mbedtls/ssl.h | 117 +-
>> sdk/include/reactos/libs/mbedtls/ssl_cache.h | 3 +-
>> .../reactos/libs/mbedtls/ssl_ciphersuites.h | 5 +-
>> sdk/include/reactos/libs/mbedtls/ssl_cookie.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/ssl_internal.h | 70 +-
>> sdk/include/reactos/libs/mbedtls/ssl_ticket.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/threading.h | 7 +-
>> sdk/include/reactos/libs/mbedtls/timing.h | 30 +-
>> sdk/include/reactos/libs/mbedtls/version.h | 13 +-
>> sdk/include/reactos/libs/mbedtls/x509.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/x509_crl.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/x509_crt.h | 31 +-
>> sdk/include/reactos/libs/mbedtls/x509_csr.h | 3 +-
>> sdk/include/reactos/libs/mbedtls/xtea.h | 4 +-
>> 124 files changed, 10395 insertions(+), 3822 deletions(-)
>>
>> diff --git a/dll/3rdparty/mbedtls/CMakeLists.txt b/dll/3rdparty/mbedtls/CMakeLists.txt
>> index 0fbb59bbf4..7a5210bdef 100644
>> --- a/dll/3rdparty/mbedtls/CMakeLists.txt
>> +++ b/dll/3rdparty/mbedtls/CMakeLists.txt
>> @@ -54,6 +54,7 @@ list(APPEND SOURCE
>> platform.c
>> ripemd160.c
>> rsa.c
>> + rsa_internal.c
>> sha1.c
>> sha256.c
>> sha512.c
>> diff --git a/dll/3rdparty/mbedtls/aes.c b/dll/3rdparty/mbedtls/aes.c
>> index dadfbe3c68..fed58bbc01 100644
>> --- a/dll/3rdparty/mbedtls/aes.c
>> +++ b/dll/3rdparty/mbedtls/aes.c
>> @@ -767,12 +767,14 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
>> }
>> #endif /* !MBEDTLS_AES_ENCRYPT_ALT */
>>
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
>> const unsigned char input[16],
>> unsigned char output[16] )
>> {
>> mbedtls_internal_aes_encrypt( ctx, input, output );
>> }
>> +#endif /* !MBEDTLS_DEPRECATED_REMOVED */
>>
>> /*
>> * AES-ECB block decryption
>> @@ -833,12 +835,14 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
>> }
>> #endif /* !MBEDTLS_AES_DECRYPT_ALT */
>>
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
>> const unsigned char input[16],
>> unsigned char output[16] )
>> {
>> mbedtls_internal_aes_decrypt( ctx, input, output );
>> }
>> +#endif /* !MBEDTLS_DEPRECATED_REMOVED */
>>
>> /*
>> * AES-ECB block encryption/decryption
>> @@ -1237,9 +1241,11 @@ static const int aes_test_ctr_len[3] =
>> */
>> int mbedtls_aes_self_test( int verbose )
>> {
>> - int ret = 0, i, j, u, v;
>> + int ret = 0, i, j, u, mode;
>> + unsigned int keybits;
>> unsigned char key[32];
>> unsigned char buf[64];
>> + const unsigned char *aes_tests;
>> #if defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB)
>> unsigned char iv[16];
>> #endif
>> @@ -1265,45 +1271,52 @@ int mbedtls_aes_self_test( int verbose )
>> for( i = 0; i < 6; i++ )
>> {
>> u = i >> 1;
>> - v = i & 1;
>> + keybits = 128 + u * 64;
>> + mode = i & 1;
>>
>> if( verbose != 0 )
>> - mbedtls_printf( " AES-ECB-%3d (%s): ", 128 + u * 64,
>> - ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>> + mbedtls_printf( " AES-ECB-%3d (%s): ", keybits,
>> + ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>>
>> memset( buf, 0, 16 );
>>
>> - if( v == MBEDTLS_AES_DECRYPT )
>> + if( mode == MBEDTLS_AES_DECRYPT )
>> {
>> - mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
>> -
>> - for( j = 0; j < 10000; j++ )
>> - mbedtls_aes_crypt_ecb( &ctx, v, buf, buf );
>> -
>> - if( memcmp( buf, aes_test_ecb_dec[u], 16 ) != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - ret = 1;
>> - goto exit;
>> - }
>> + ret = mbedtls_aes_setkey_dec( &ctx, key, keybits );
>> + aes_tests = aes_test_ecb_dec[u];
>> }
>> else
>> {
>> - mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
>> -
>> - for( j = 0; j < 10000; j++ )
>> - mbedtls_aes_crypt_ecb( &ctx, v, buf, buf );
>> + ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
>> + aes_tests = aes_test_ecb_enc[u];
>> + }
>>
>> - if( memcmp( buf, aes_test_ecb_enc[u], 16 ) != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> + /*
>> + * AES-192 is an optional feature that may be unavailable when
>> + * there is an alternative underlying implementation i.e. when
>> + * MBEDTLS_AES_ALT is defined.
>> + */
>> + if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 )
>> + {
>> + mbedtls_printf( "skipped\n" );
>> + continue;
>> + }
>> + else if( ret != 0 )
>> + {
>> + goto exit;
>> + }
>>
>> - ret = 1;
>> + for( j = 0; j < 10000; j++ )
>> + {
>> + ret = mbedtls_aes_crypt_ecb( &ctx, mode, buf, buf );
>> + if( ret != 0 )
>> goto exit;
>> - }
>> + }
>> +
>> + if( memcmp( buf, aes_tests, 16 ) != 0 )
>> + {
>> + ret = 1;
>> + goto exit;
>> }
>>
>> if( verbose != 0 )
>> @@ -1320,55 +1333,64 @@ int mbedtls_aes_self_test( int verbose )
>> for( i = 0; i < 6; i++ )
>> {
>> u = i >> 1;
>> - v = i & 1;
>> + keybits = 128 + u * 64;
>> + mode = i & 1;
>>
>> if( verbose != 0 )
>> - mbedtls_printf( " AES-CBC-%3d (%s): ", 128 + u * 64,
>> - ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>> + mbedtls_printf( " AES-CBC-%3d (%s): ", keybits,
>> + ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>>
>> memset( iv , 0, 16 );
>> memset( prv, 0, 16 );
>> memset( buf, 0, 16 );
>>
>> - if( v == MBEDTLS_AES_DECRYPT )
>> + if( mode == MBEDTLS_AES_DECRYPT )
>> {
>> - mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
>> -
>> - for( j = 0; j < 10000; j++ )
>> - mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf );
>> -
>> - if( memcmp( buf, aes_test_cbc_dec[u], 16 ) != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - ret = 1;
>> - goto exit;
>> - }
>> + ret = mbedtls_aes_setkey_dec( &ctx, key, keybits );
>> + aes_tests = aes_test_cbc_dec[u];
>> }
>> else
>> {
>> - mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
>> + ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
>> + aes_tests = aes_test_cbc_enc[u];
>> + }
>> +
>> + /*
>> + * AES-192 is an optional feature that may be unavailable when
>> + * there is an alternative underlying implementation i.e. when
>> + * MBEDTLS_AES_ALT is defined.
>> + */
>> + if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 )
>> + {
>> + mbedtls_printf( "skipped\n" );
>> + continue;
>> + }
>> + else if( ret != 0 )
>> + {
>> + goto exit;
>> + }
>>
>> - for( j = 0; j < 10000; j++ )
>> + for( j = 0; j < 10000; j++ )
>> + {
>> + if( mode == MBEDTLS_AES_ENCRYPT )
>> {
>> unsigned char tmp[16];
>>
>> - mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf );
>> -
>> memcpy( tmp, prv, 16 );
>> memcpy( prv, buf, 16 );
>> memcpy( buf, tmp, 16 );
>> }
>>
>> - if( memcmp( prv, aes_test_cbc_enc[u], 16 ) != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - ret = 1;
>> + ret = mbedtls_aes_crypt_cbc( &ctx, mode, 16, iv, buf, buf );
>> + if( ret != 0 )
>> goto exit;
>> - }
>> +
>> + }
>> +
>> + if( memcmp( buf, aes_tests, 16 ) != 0 )
>> + {
>> + ret = 1;
>> + goto exit;
>> }
>>
>> if( verbose != 0 )
>> @@ -1386,45 +1408,52 @@ int mbedtls_aes_self_test( int verbose )
>> for( i = 0; i < 6; i++ )
>> {
>> u = i >> 1;
>> - v = i & 1;
>> + keybits = 128 + u * 64;
>> + mode = i & 1;
>>
>> if( verbose != 0 )
>> - mbedtls_printf( " AES-CFB128-%3d (%s): ", 128 + u * 64,
>> - ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>> + mbedtls_printf( " AES-CFB128-%3d (%s): ", keybits,
>> + ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>>
>> memcpy( iv, aes_test_cfb128_iv, 16 );
>> - memcpy( key, aes_test_cfb128_key[u], 16 + u * 8 );
>> + memcpy( key, aes_test_cfb128_key[u], keybits / 8 );
>>
>> offset = 0;
>> - mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
>> + ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
>> + /*
>> + * AES-192 is an optional feature that may be unavailable when
>> + * there is an alternative underlying implementation i.e. when
>> + * MBEDTLS_AES_ALT is defined.
>> + */
>> + if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 )
>> + {
>> + mbedtls_printf( "skipped\n" );
>> + continue;
>> + }
>> + else if( ret != 0 )
>> + {
>> + goto exit;
>> + }
>>
>> - if( v == MBEDTLS_AES_DECRYPT )
>> + if( mode == MBEDTLS_AES_DECRYPT )
>> {
>> memcpy( buf, aes_test_cfb128_ct[u], 64 );
>> - mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf );
>> -
>> - if( memcmp( buf, aes_test_cfb128_pt, 64 ) != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - ret = 1;
>> - goto exit;
>> - }
>> + aes_tests = aes_test_cfb128_pt;
>> }
>> else
>> {
>> memcpy( buf, aes_test_cfb128_pt, 64 );
>> - mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf );
>> + aes_tests = aes_test_cfb128_ct[u];
>> + }
>>
>> - if( memcmp( buf, aes_test_cfb128_ct[u], 64 ) != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> + ret = mbedtls_aes_crypt_cfb128( &ctx, mode, 64, &offset, iv, buf, buf );
>> + if( ret != 0 )
>> + goto exit;
>>
>> - ret = 1;
>> - goto exit;
>> - }
>> + if( memcmp( buf, aes_tests, 64 ) != 0 )
>> + {
>> + ret = 1;
>> + goto exit;
>> }
>>
>> if( verbose != 0 )
>> @@ -1442,51 +1471,41 @@ int mbedtls_aes_self_test( int verbose )
>> for( i = 0; i < 6; i++ )
>> {
>> u = i >> 1;
>> - v = i & 1;
>> + mode = i & 1;
>>
>> if( verbose != 0 )
>> mbedtls_printf( " AES-CTR-128 (%s): ",
>> - ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>> + ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
>>
>> memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 );
>> memcpy( key, aes_test_ctr_key[u], 16 );
>>
>> offset = 0;
>> - mbedtls_aes_setkey_enc( &ctx, key, 128 );
>> + if( ( ret = mbedtls_aes_setkey_enc( &ctx, key, 128 ) ) != 0 )
>> + goto exit;
>> +
>> + len = aes_test_ctr_len[u];
>>
>> - if( v == MBEDTLS_AES_DECRYPT )
>> + if( mode == MBEDTLS_AES_DECRYPT )
>> {
>> - len = aes_test_ctr_len[u];
>> memcpy( buf, aes_test_ctr_ct[u], len );
>> -
>> - mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
>> - buf, buf );
>> -
>> - if( memcmp( buf, aes_test_ctr_pt[u], len ) != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - ret = 1;
>> - goto exit;
>> - }
>> + aes_tests = aes_test_ctr_pt[u];
>> }
>> else
>> {
>> - len = aes_test_ctr_len[u];
>> memcpy( buf, aes_test_ctr_pt[u], len );
>> + aes_tests = aes_test_ctr_ct[u];
>> + }
>>
>> - mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
>> - buf, buf );
>> -
>> - if( memcmp( buf, aes_test_ctr_ct[u], len ) != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> + ret = mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter,
>> + stream_block, buf, buf );
>> + if( ret != 0 )
>> + goto exit;
>>
>> - ret = 1;
>> - goto exit;
>> - }
>> + if( memcmp( buf, aes_tests, len ) != 0 )
>> + {
>> + ret = 1;
>> + goto exit;
>> }
>>
>> if( verbose != 0 )
>> @@ -1500,6 +1519,9 @@ int mbedtls_aes_self_test( int verbose )
>> ret = 0;
>>
>> exit:
>> + if( ret != 0 && verbose != 0 )
>> + mbedtls_printf( "failed\n" );
>> +
>> mbedtls_aes_free( &ctx );
>>
>> return( ret );
>> diff --git a/dll/3rdparty/mbedtls/asn1write.c b/dll/3rdparty/mbedtls/asn1write.c
>> index ba31c05909..00b5e7ad4f 100644
>> --- a/dll/3rdparty/mbedtls/asn1write.c
>> +++ b/dll/3rdparty/mbedtls/asn1write.c
>> @@ -85,7 +85,9 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len
>> return( 4 );
>> }
>>
>> +#if SIZE_MAX > 0xFFFFFFFF
>> if( len <= 0xFFFFFFFF )
>> +#endif
>> {
>> if( *p - start < 5 )
>> return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
>> @@ -98,7 +100,9 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len
>> return( 5 );
>> }
>>
>> +#if SIZE_MAX > 0xFFFFFFFF
>> return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
>> +#endif
>> }
>>
>> int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
>> @@ -234,7 +238,6 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
>> int ret;
>> size_t len = 0;
>>
>> - // TODO negative values and values larger than 128
>> // DER format assumes 2s complement for numbers, so the leftmost bit
>> // should be 0 for positive numbers and 1 for negative numbers.
>> //
>> diff --git a/dll/3rdparty/mbedtls/bignum.c b/dll/3rdparty/mbedtls/bignum.c
>> index ab510e2df5..49441d19b8 100644
>> --- a/dll/3rdparty/mbedtls/bignum.c
>> +++ b/dll/3rdparty/mbedtls/bignum.c
>> @@ -65,6 +65,11 @@ static void mbedtls_mpi_zeroize( mbedtls_mpi_uint *v, size_t n ) {
>> volatile mbedtls_mpi_uint *p = v; while( n-- ) *p++ = 0;
>> }
>>
>> +/* Implementation that should never be optimized out by the compiler */
>> +static void mbedtls_zeroize( void *v, size_t n ) {
>> + volatile unsigned char *p = v; while( n-- ) *p++ = 0;
>> +}
>> +
>> #define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */
>> #define biL (ciL << 3) /* bits in limb */
>> #define biH (ciL << 2) /* half limb size */
>> @@ -674,16 +679,20 @@ cleanup:
>> int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen )
>> {
>> int ret;
>> - size_t i, j, n;
>> + size_t i, j;
>> + size_t const limbs = CHARS_TO_LIMBS( buflen );
>>
>> - for( n = 0; n < buflen; n++ )
>> - if( buf[n] != 0 )
>> - break;
>> + /* Ensure that target MPI has exactly the necessary number of limbs */
>> + if( X->n != limbs )
>> + {
>> + mbedtls_mpi_free( X );
>> + mbedtls_mpi_init( X );
>> + MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) );
>> + }
>>
>> - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, CHARS_TO_LIMBS( buflen - n ) ) );
>> MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
>>
>> - for( i = buflen, j = 0; i > n; i--, j++ )
>> + for( i = buflen, j = 0; i > 0; i--, j++ )
>> X->p[j / ciL] |= ((mbedtls_mpi_uint) buf[i - 1]) << ((j % ciL) << 3);
>>
>> cleanup:
>> @@ -1616,7 +1625,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi
>> mbedtls_mpi RR, T, W[ 2 << MBEDTLS_MPI_WINDOW_SIZE ], Apos;
>> int neg;
>>
>> - if( mbedtls_mpi_cmp_int( N, 0 ) < 0 || ( N->p[0] & 1 ) == 0 )
>> + if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 || ( N->p[0] & 1 ) == 0 )
>> return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
>>
>> if( mbedtls_mpi_cmp_int( E, 0 ) < 0 )
>> @@ -1884,6 +1893,7 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
>> MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( X, buf, size ) );
>>
>> cleanup:
>> + mbedtls_zeroize( buf, sizeof( buf ) );
>> return( ret );
>> }
>>
>> diff --git a/dll/3rdparty/mbedtls/ccm.c b/dll/3rdparty/mbedtls/ccm.c
>> index b974aec829..07c1ab7029 100644
>> --- a/dll/3rdparty/mbedtls/ccm.c
>> +++ b/dll/3rdparty/mbedtls/ccm.c
>> @@ -51,6 +51,8 @@
>> #endif /* MBEDTLS_PLATFORM_C */
>> #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
>>
>> +#if !defined(MBEDTLS_CCM_ALT)
>> +
>> /* Implementation that should never be optimized out by the compiler */
>> static void mbedtls_zeroize( void *v, size_t n ) {
>> volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
>> @@ -350,6 +352,7 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
>> return( 0 );
>> }
>>
>> +#endif /* !MBEDTLS_CCM_ALT */
>>
>> #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
>> /*
>> @@ -357,7 +360,8 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
>> */
>>
>> #define NB_TESTS 3
>> -
>> +#define CCM_SELFTEST_PT_MAX_LEN 24
>> +#define CCM_SELFTEST_CT_MAX_LEN 32
>> /*
>> * The data is the same for all tests, only the used length changes
>> */
>> @@ -377,7 +381,7 @@ static const unsigned char ad[] = {
>> 0x10, 0x11, 0x12, 0x13
>> };
>>
>> -static const unsigned char msg[] = {
>> +static const unsigned char msg[CCM_SELFTEST_PT_MAX_LEN] = {
>> 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
>> 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
>> 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
>> @@ -388,7 +392,7 @@ static const size_t add_len[NB_TESTS] = { 8, 16, 20 };
>> static const size_t msg_len[NB_TESTS] = { 4, 16, 24 };
>> static const size_t tag_len[NB_TESTS] = { 4, 6, 8 };
>>
>> -static const unsigned char res[NB_TESTS][32] = {
>> +static const unsigned char res[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = {
>> { 0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d },
>> { 0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62,
>> 0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d,
>> @@ -402,7 +406,13 @@ static const unsigned char res[NB_TESTS][32] = {
>> int mbedtls_ccm_self_test( int verbose )
>> {
>> mbedtls_ccm_context ctx;
>> - unsigned char out[32];
>> + /*
>> + * Some hardware accelerators require the input and output buffers
>> + * would be in RAM, because the flash is not accessible.
>> + * Use buffers on the stack to hold the test vectors data.
>> + */
>> + unsigned char plaintext[CCM_SELFTEST_PT_MAX_LEN];
>> + unsigned char ciphertext[CCM_SELFTEST_CT_MAX_LEN];
>> size_t i;
>> int ret;
>>
>> @@ -421,27 +431,32 @@ int mbedtls_ccm_self_test( int verbose )
>> if( verbose != 0 )
>> mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 );
>>
>> + memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
>> + memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN );
>> + memcpy( plaintext, msg, msg_len[i] );
>> +
>> ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i],
>> - iv, iv_len[i], ad, add_len[i],
>> - msg, out,
>> - out + msg_len[i], tag_len[i] );
>> + iv, iv_len[i], ad, add_len[i],
>> + plaintext, ciphertext,
>> + ciphertext + msg_len[i], tag_len[i] );
>>
>> if( ret != 0 ||
>> - memcmp( out, res[i], msg_len[i] + tag_len[i] ) != 0 )
>> + memcmp( ciphertext, res[i], msg_len[i] + tag_len[i] ) != 0 )
>> {
>> if( verbose != 0 )
>> mbedtls_printf( "failed\n" );
>>
>> return( 1 );
>> }
>> + memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
>>
>> ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i],
>> - iv, iv_len[i], ad, add_len[i],
>> - res[i], out,
>> - res[i] + msg_len[i], tag_len[i] );
>> + iv, iv_len[i], ad, add_len[i],
>> + ciphertext, plaintext,
>> + ciphertext + msg_len[i], tag_len[i] );
>>
>> if( ret != 0 ||
>> - memcmp( out, msg, msg_len[i] ) != 0 )
>> + memcmp( plaintext, msg, msg_len[i] ) != 0 )
>> {
>> if( verbose != 0 )
>> mbedtls_printf( "failed\n" );
>> diff --git a/dll/3rdparty/mbedtls/cipher.c b/dll/3rdparty/mbedtls/cipher.c
>> index ff6f3cadeb..e36445f975 100644
>> --- a/dll/3rdparty/mbedtls/cipher.c
>> +++ b/dll/3rdparty/mbedtls/cipher.c
>> @@ -58,10 +58,6 @@
>> #define mbedtls_free free
>> #endif
>>
>> -#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
>> -#define MBEDTLS_CIPHER_MODE_STREAM
>> -#endif
>> -
>> /* Implementation that should never be optimized out by the compiler */
>> static void mbedtls_zeroize( void *v, size_t n ) {
>> volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
>> @@ -327,8 +323,10 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
>> /*
>> * If there is not enough data for a full block, cache it.
>> */
>> - if( ( ctx->operation == MBEDTLS_DECRYPT &&
>> + if( ( ctx->operation == MBEDTLS_DECRYPT && NULL != ctx->add_padding &&
>> ilen <= block_size - ctx->unprocessed_len ) ||
>> + ( ctx->operation == MBEDTLS_DECRYPT && NULL == ctx->add_padding &&
>> + ilen < block_size - ctx->unprocessed_len ) ||
>> ( ctx->operation == MBEDTLS_ENCRYPT &&
>> ilen < block_size - ctx->unprocessed_len ) )
>> {
>> @@ -374,9 +372,17 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
>> return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
>> }
>>
>> + /* Encryption: only cache partial blocks
>> + * Decryption w/ padding: always keep at least one whole block
>> + * Decryption w/o padding: only cache partial blocks
>> + */
>> copy_len = ilen % block_size;
>> - if( copy_len == 0 && ctx->operation == MBEDTLS_DECRYPT )
>> + if( copy_len == 0 &&
>> + ctx->operation == MBEDTLS_DECRYPT &&
>> + NULL != ctx->add_padding)
>> + {
>> copy_len = block_size;
>> + }
>>
>> memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
>> copy_len );
>> @@ -518,14 +524,14 @@ static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
>> if( NULL == input || NULL == data_len )
>> return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
>>
>> - bad = 0xFF;
>> + bad = 0x80;
>> *data_len = 0;
>> for( i = input_len; i > 0; i-- )
>> {
>> prev_done = done;
>> - done |= ( input[i-1] != 0 );
>> + done |= ( input[i - 1] != 0 );
>> *data_len |= ( i - 1 ) * ( done != prev_done );
>> - bad &= ( input[i-1] ^ 0x80 ) | ( done == prev_done );
>> + bad ^= input[i - 1] * ( done != prev_done );
>> }
>>
>> return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
>> diff --git a/dll/3rdparty/mbedtls/cmac.c b/dll/3rdparty/mbedtls/cmac.c
>> index c72c58f009..0809e2fef2 100644
>> --- a/dll/3rdparty/mbedtls/cmac.c
>> +++ b/dll/3rdparty/mbedtls/cmac.c
>> @@ -67,6 +67,8 @@
>> #endif /* MBEDTLS_SELF_TEST */
>> #endif /* MBEDTLS_PLATFORM_C */
>>
>> +#if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)
>> +
>> /* Implementation that should never be optimized out by the compiler */
>> static void mbedtls_zeroize( void *v, size_t n ) {
>> volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
>> @@ -166,7 +168,9 @@ exit:
>>
>> return( ret );
>> }
>> +#endif /* !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST) */
>>
>> +#if !defined(MBEDTLS_CMAC_ALT)
>> static void cmac_xor_block( unsigned char *output, const unsigned char *input1,
>> const unsigned char *input2,
>> const size_t block_size )
>> @@ -470,6 +474,8 @@ exit:
>> }
>> #endif /* MBEDTLS_AES_C */
>>
>> +#endif /* !MBEDTLS_CMAC_ALT */
>> +
>> #if defined(MBEDTLS_SELF_TEST)
>> /*
>> * CMAC test data for SP800-38B
>> @@ -767,7 +773,7 @@ static int cmac_test_subkeys( int verbose,
>> int block_size,
>> int num_tests )
>> {
>> - int i, ret;
>> + int i, ret = 0;
>> mbedtls_cipher_context_t ctx;
>> const mbedtls_cipher_info_t *cipher_info;
>> unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
>> @@ -828,6 +834,7 @@ static int cmac_test_subkeys( int verbose,
>> mbedtls_cipher_free( &ctx );
>> }
>>
>> + ret = 0;
>> goto exit;
>>
>> cleanup:
>> @@ -849,7 +856,7 @@ static int cmac_test_wth_cipher( int verbose,
>> int num_tests )
>> {
>> const mbedtls_cipher_info_t *cipher_info;
>> - int i, ret;
>> + int i, ret = 0;
>> unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
>>
>> cipher_info = mbedtls_cipher_info_from_type( cipher_type );
>> @@ -883,6 +890,7 @@ static int cmac_test_wth_cipher( int verbose,
>> if( verbose != 0 )
>> mbedtls_printf( "passed\n" );
>> }
>> + ret = 0;
>>
>> exit:
>> return( ret );
>> diff --git a/dll/3rdparty/mbedtls/ctr_drbg.c b/dll/3rdparty/mbedtls/ctr_drbg.c
>> index e032d58d22..7994b53383 100644
>> --- a/dll/3rdparty/mbedtls/ctr_drbg.c
>> +++ b/dll/3rdparty/mbedtls/ctr_drbg.c
>> @@ -21,7 +21,7 @@
>> * This file is part of mbed TLS (https://tls.mbed.org)
>> */
>> /*
>> - * The NIST SP 800-90 DRBGs are described in the following publucation.
>> + * The NIST SP 800-90 DRBGs are described in the following publication.
>> *
>> * http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
>> */
>> @@ -96,11 +96,15 @@ int mbedtls_ctr_drbg_seed_entropy_len(
>> /*
>> * Initialize with an empty key
>> */
>> - mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS );
>> + if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
>> + {
>> + return( ret );
>> + }
>>
>> if( ( ret = mbedtls_ctr_drbg_reseed( ctx, custom, len ) ) != 0 )
>> + {
>> return( ret );
>> -
>> + }
>> return( 0 );
>> }
>>
>> @@ -150,6 +154,7 @@ static int block_cipher_df( unsigned char *output,
>> unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE];
>> unsigned char *p, *iv;
>> mbedtls_aes_context aes_ctx;
>> + int ret = 0;
>>
>> int i, j;
>> size_t buf_len, use_len;
>> @@ -182,7 +187,10 @@ static int block_cipher_df( unsigned char *output,
>> for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ )
>> key[i] = i;
>>
>> - mbedtls_aes_setkey_enc( &aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS );
>> + if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
>> + {
>> + goto exit;
>> + }
>>
>> /*
>> * Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data
>> @@ -201,7 +209,10 @@ static int block_cipher_df( unsigned char *output,
>> use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ?
>> MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len;
>>
>> - mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain );
>> + if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain ) ) != 0 )
>> + {
>> + goto exit;
>> + }
>> }
>>
>> memcpy( tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE );
>> @@ -215,20 +226,40 @@ static int block_cipher_df( unsigned char *output,
>> /*
>> * Do final encryption with reduced data
>> */
>> - mbedtls_aes_setkey_enc( &aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS );
>> + if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
>> + {
>> + goto exit;
>> + }
>> iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE;
>> p = output;
>>
>> for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
>> {
>> - mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
>> + if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv ) ) != 0 )
>> + {
>> + goto exit;
>> + }
>> memcpy( p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE );
>> p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
>> }
>> -
>> +exit:
>> mbedtls_aes_free( &aes_ctx );
>> + /*
>> + * tidy up the stack
>> + */
>> + mbedtls_zeroize( buf, sizeof( buf ) );
>> + mbedtls_zeroize( tmp, sizeof( tmp ) );
>> + mbedtls_zeroize( key, sizeof( key ) );
>> + mbedtls_zeroize( chain, sizeof( chain ) );
>> + if( 0 != ret )
>> + {
>> + /*
>> + * wipe partial seed from memory
>> + */
>> + mbedtls_zeroize( output, MBEDTLS_CTR_DRBG_SEEDLEN );
>> + }
>>
>> - return( 0 );
>> + return( ret );
>> }
>>
>> static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
>> @@ -237,6 +268,7 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
>> unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
>> unsigned char *p = tmp;
>> int i, j;
>> + int ret = 0;
>>
>> memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
>>
>> @@ -252,7 +284,10 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
>> /*
>> * Crypt counter block
>> */
>> - mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p );
>> + if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p ) ) != 0 )
>> + {
>> + return( ret );
>> + }
>>
>> p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
>> }
>> @@ -263,7 +298,10 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
>> /*
>> * Update key and counter
>> */
>> - mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS );
>> + if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
>> + {
>> + return( ret );
>> + }
>> memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE );
>>
>> return( 0 );
>> @@ -291,6 +329,7 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
>> {
>> unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
>> size_t seedlen = 0;
>> + int ret;
>>
>> if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ||
>> len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len )
>> @@ -321,12 +360,18 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
>> /*
>> * Reduce to 384 bits
>> */
>> - block_cipher_df( seed, seed, seedlen );
>> + if( ( ret = block_cipher_df( seed, seed, seedlen ) ) != 0 )
>> + {
>> + return( ret );
>> + }
>>
>> /*
>> * Update state
>> */
>> - ctr_drbg_update_internal( ctx, seed );
>> + if( ( ret = ctr_drbg_update_internal( ctx, seed ) ) != 0 )
>> + {
>> + return( ret );
>> + }
>> ctx->reseed_counter = 1;
>>
>> return( 0 );
>> @@ -356,15 +401,22 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
>> ctx->prediction_resistance )
>> {
>> if( ( ret = mbedtls_ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 )
>> + {
>> return( ret );
>> -
>> + }
>> add_len = 0;
>> }
>>
>> if( add_len > 0 )
>> {
>> - block_cipher_df( add_input, additional, add_len );
>> - ctr_drbg_update_internal( ctx, add_input );
>> + if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 )
>> + {
>> + return( ret );
>> + }
>> + if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
>> + {
>> + return( ret );
>> + }
>> }
>>
>> while( output_len > 0 )
>> @@ -379,7 +431,10 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
>> /*
>> * Crypt counter block
>> */
>> - mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp );
>> + if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp ) ) != 0 )
>> + {
>> + return( ret );
>> + }
>>
>> use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE :
>> output_len;
>> @@ -391,7 +446,10 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
>> output_len -= use_len;
>> }
>>
>> - ctr_drbg_update_internal( ctx, add_input );
>> + if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
>> + {
>> + return( ret );
>> + }
>>
>> ctx->reseed_counter++;
>>
>> @@ -432,20 +490,20 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
>> goto exit;
>>
>> if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != MBEDTLS_CTR_DRBG_MAX_INPUT )
>> - {
>> ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
>> - goto exit;
>> - }
>> -
>> - ret = 0;
>> + else
>> + ret = 0;
>>
>> exit:
>> + mbedtls_zeroize( buf, sizeof( buf ) );
>> +
>> fclose( f );
>> return( ret );
>> }
>>
>> int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
>> {
>> + int ret = 0;
>> FILE *f;
>> size_t n;
>> unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
>> @@ -464,14 +522,16 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char
>> }
>>
>> if( fread( buf, 1, n, f ) != n )
>> - {
>> - fclose( f );
>> - return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
>> - }
>> + ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
>> + else
>> + mbedtls_ctr_drbg_update( ctx, buf, n );
>>
>> fclose( f );
>>
>> - mbedtls_ctr_drbg_update( ctx, buf, n );
>> + mbedtls_zeroize( buf, sizeof( buf ) );
>> +
>> + if( ret != 0 )
>> + return( ret );
>>
>> return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) );
>> }
>> diff --git a/dll/3rdparty/mbedtls/debug.c b/dll/3rdparty/mbedtls/debug.c
>> index 502d0a31c5..92daafe9a8 100644
>> --- a/dll/3rdparty/mbedtls/debug.c
>> +++ b/dll/3rdparty/mbedtls/debug.c
>> @@ -93,7 +93,7 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
>>
>> va_start( argp, format );
>> #if defined(_WIN32)
>> -#if defined(_TRUNCATE)
>> +#if defined(_TRUNCATE) && !defined(__MINGW32__)
>> ret = _vsnprintf_s( str, DEBUG_BUF_SIZE, _TRUNCATE, format, argp );
>> #else
>> ret = _vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
>> diff --git a/dll/3rdparty/mbedtls/dhm.c b/dll/3rdparty/mbedtls/dhm.c
>> index 5f825ba52f..c48fc82d2a 100644
>> --- a/dll/3rdparty/mbedtls/dhm.c
>> +++ b/dll/3rdparty/mbedtls/dhm.c
>> @@ -59,6 +59,7 @@
>> #define mbedtls_free free
>> #endif
>>
>> +#if !defined(MBEDTLS_DHM_ALT)
>> /* Implementation that should never be optimized out by the compiler */
>> static void mbedtls_zeroize( void *v, size_t n ) {
>> volatile unsigned char *p = v; while( n-- ) *p++ = 0;
>> @@ -95,6 +96,9 @@ static int dhm_read_bignum( mbedtls_mpi *X,
>> *
>> * Parameter should be: 2 <= public_param <= P - 2
>> *
>> + * This means that we need to return an error if
>> + * public_param < 2 or public_param > P-2
>> + *
>> * For more information on the attack, see:
>> * http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf
>> * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643
>> @@ -102,17 +106,17 @@ static int dhm_read_bignum( mbedtls_mpi *X,
>> static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P )
>> {
>> mbedtls_mpi L, U;
>> - int ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
>> + int ret = 0;
>>
>> mbedtls_mpi_init( &L ); mbedtls_mpi_init( &U );
>>
>> MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &L, 2 ) );
>> MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) );
>>
>> - if( mbedtls_mpi_cmp_mpi( param, &L ) >= 0 &&
>> - mbedtls_mpi_cmp_mpi( param, &U ) <= 0 )
>> + if( mbedtls_mpi_cmp_mpi( param, &L ) < 0 ||
>> + mbedtls_mpi_cmp_mpi( param, &U ) > 0 )
>> {
>> - ret = 0;
>> + ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
>> }
>>
>> cleanup:
>> @@ -189,10 +193,15 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
>> /*
>> * export P, G, GX
>> */
>> -#define DHM_MPI_EXPORT(X,n) \
>> - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, p + 2, n ) ); \
>> - *p++ = (unsigned char)( n >> 8 ); \
>> - *p++ = (unsigned char)( n ); p += n;
>> +#define DHM_MPI_EXPORT( X, n ) \
>> + do { \
>> + MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( ( X ), \
>> + p + 2, \
>> + ( n ) ) ); \
>> + *p++ = (unsigned char)( ( n ) >> 8 ); \
>> + *p++ = (unsigned char)( ( n ) ); \
>> + p += ( n ); \
>> + } while( 0 )
>>
>> n1 = mbedtls_mpi_size( &ctx->P );
>> n2 = mbedtls_mpi_size( &ctx->G );
>> @@ -203,7 +212,7 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
>> DHM_MPI_EXPORT( &ctx->G , n2 );
>> DHM_MPI_EXPORT( &ctx->GX, n3 );
>>
>> - *olen = p - output;
>> + *olen = p - output;
>>
>> ctx->len = n1;
>>
>> @@ -215,6 +224,28 @@ cleanup:
>> return( 0 );
>> }
>>
>> +/*
>> + * Set prime modulus and generator
>> + */
>> +int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
>> + const mbedtls_mpi *P,
>> + const mbedtls_mpi *G )
>> +{
>> + int ret;
>> +
>> + if( ctx == NULL || P == NULL || G == NULL )
>> + return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
>> +
>> + if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ||
>> + ( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 )
>> + {
>> + return( MBEDTLS_ERR_DHM_SET_GROUP_FAILED + ret );
>> + }
>> +
>> + ctx->len = mbedtls_mpi_size( &ctx->P );
>> + return( 0 );
>> +}
>> +
>> /*
>> * Import the peer's public value G^Y
>> */
>> @@ -402,10 +433,11 @@ cleanup:
>> */
>> void mbedtls_dhm_free( mbedtls_dhm_context *ctx )
>> {
>> - mbedtls_mpi_free( &ctx->pX); mbedtls_mpi_free( &ctx->Vf ); mbedtls_mpi_free( &ctx->Vi );
>> - mbedtls_mpi_free( &ctx->RP ); mbedtls_mpi_free( &ctx->K ); mbedtls_mpi_free( &ctx->GY );
>> - mbedtls_mpi_free( &ctx->GX ); mbedtls_mpi_free( &ctx->X ); mbedtls_mpi_free( &ctx->G );
>> - mbedtls_mpi_free( &ctx->P );
>> + mbedtls_mpi_free( &ctx->pX ); mbedtls_mpi_free( &ctx->Vf );
>> + mbedtls_mpi_free( &ctx->Vi ); mbedtls_mpi_free( &ctx->RP );
>> + mbedtls_mpi_free( &ctx->K ); mbedtls_mpi_free( &ctx->GY );
>> + mbedtls_mpi_free( &ctx->GX ); mbedtls_mpi_free( &ctx->X );
>> + mbedtls_mpi_free( &ctx->G ); mbedtls_mpi_free( &ctx->P );
>>
>> mbedtls_zeroize( ctx, sizeof( mbedtls_dhm_context ) );
>> }
>> @@ -544,7 +576,10 @@ static int load_file( const char *path, unsigned char **buf, size_t *n )
>> if( fread( *buf, 1, *n, f ) != *n )
>> {
>> fclose( f );
>> +
>> + mbedtls_zeroize( *buf, *n + 1 );
>> mbedtls_free( *buf );
>> +
>> return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
>> }
>>
>> @@ -579,6 +614,7 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path )
>> }
>> #endif /* MBEDTLS_FS_IO */
>> #endif /* MBEDTLS_ASN1_PARSE_C */
>> +#endif /* MBEDTLS_DHM_ALT */
>>
>> #if defined(MBEDTLS_SELF_TEST)
>>
>> diff --git a/dll/3rdparty/mbedtls/ecdh.c b/dll/3rdparty/mbedtls/ecdh.c
>> index 553ac03506..8056d090eb 100644
>> --- a/dll/3rdparty/mbedtls/ecdh.c
>> +++ b/dll/3rdparty/mbedtls/ecdh.c
>> @@ -40,6 +40,7 @@
>>
>> #include <string.h>
>>
>> +#if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
>> /*
>> * Generate public key: simple wrapper around mbedtls_ecp_gen_keypair
>> */
>> @@ -49,7 +50,9 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp
>> {
>> return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
>> }
>> +#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
>>
>> +#if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
>> /*
>> * Compute shared secret (SEC1 3.3.1)
>> */
>> @@ -83,6 +86,7 @@ cleanup:
>>
>> return( ret );
>> }
>> +#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
>>
>> /*
>> * Initialize context
>> diff --git a/dll/3rdparty/mbedtls/ecdsa.c b/dll/3rdparty/mbedtls/ecdsa.c
>> index 69b587a29e..e97e6cb433 100644
>> --- a/dll/3rdparty/mbedtls/ecdsa.c
>> +++ b/dll/3rdparty/mbedtls/ecdsa.c
>> @@ -67,6 +67,7 @@ cleanup:
>> return( ret );
>> }
>>
>> +#if !defined(MBEDTLS_ECDSA_SIGN_ALT)
>> /*
>> * Compute ECDSA signature of a hashed message (SEC1 4.1.3)
>> * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message)
>> @@ -83,6 +84,10 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
>> if( grp->N.p == NULL )
>> return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
>>
>> + /* Make sure d is in range 1..n-1 */
>> + if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 )
>> + return( MBEDTLS_ERR_ECP_INVALID_KEY );
>> +
>> mbedtls_ecp_point_init( &R );
>> mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t );
>>
>> @@ -155,6 +160,7 @@ cleanup:
>>
>> return( ret );
>> }
>> +#endif /* MBEDTLS_ECDSA_SIGN_ALT */
>>
>> #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
>> /*
>> @@ -194,6 +200,7 @@ cleanup:
>> }
>> #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
>>
>> +#if !defined(MBEDTLS_ECDSA_VERIFY_ALT)
>> /*
>> * Verify ECDSA signature of hashed message (SEC1 4.1.4)
>> * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
>> @@ -279,6 +286,7 @@ cleanup:
>>
>> return( ret );
>> }
>> +#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
>>
>> /*
>> * Convert a signature (given by context) to ASN.1
>> @@ -394,6 +402,9 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
>> &ctx->Q, &r, &s ) ) != 0 )
>> goto cleanup;
>>
>> + /* At this point we know that the buffer starts with a valid signature.
>> + * Return 0 if the buffer just contains the signature, and a specific
>> + * error code if the valid signature is followed by more data. */
>> if( p != end )
>> ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH;
>>
>> @@ -404,6 +415,7 @@ cleanup:
>> return( ret );
>> }
>>
>> +#if !defined(MBEDTLS_ECDSA_GENKEY_ALT)
>> /*
>> * Generate key pair
>> */
>> @@ -413,6 +425,7 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
>> return( mbedtls_ecp_group_load( &ctx->grp, gid ) ||
>> mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );
>> }
>> +#endif /* MBEDTLS_ECDSA_GENKEY_ALT */
>>
>> /*
>> * Set context from an mbedtls_ecp_keypair
>> diff --git a/dll/3rdparty/mbedtls/ecjpake.c b/dll/3rdparty/mbedtls/ecjpake.c
>> index 4f4a102925..a205746aac 100644
>> --- a/dll/3rdparty/mbedtls/ecjpake.c
>> +++ b/dll/3rdparty/mbedtls/ecjpake.c
>> @@ -38,6 +38,8 @@
>>
>> #include <string.h>
>>
>> +#if !defined(MBEDTLS_ECJPAKE_ALT)
>> +
>> /*
>> * Convert a mbedtls_ecjpake_role to identifier string
>> */
>> @@ -301,7 +303,7 @@ cleanup:
>> */
>> static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info,
>> const mbedtls_ecp_group *grp,
>> - const int pf,
>> + const int pf,
>> const mbedtls_ecp_point *G,
>> const mbedtls_mpi *x,
>> const mbedtls_ecp_point *X,
>> @@ -766,6 +768,7 @@ cleanup:
>> #undef ID_MINE
>> #undef ID_PEER
>>
>> +#endif /* ! MBEDTLS_ECJPAKE_ALT */
>>
>> #if defined(MBEDTLS_SELF_TEST)
>>
>> diff --git a/dll/3rdparty/mbedtls/ecp.c b/dll/3rdparty/mbedtls/ecp.c
>> index 055e70e409..bd473604eb 100644
>> --- a/dll/3rdparty/mbedtls/ecp.c
>> +++ b/dll/3rdparty/mbedtls/ecp.c
>> @@ -1450,7 +1450,12 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
>>
>> cleanup:
>>
>> - if( T != NULL && ! p_eq_g )
>> + /* There are two cases where T is not stored in grp:
>> + * - P != G
>> + * - An intermediate operation failed before setting grp->T
>> + * In either case, T must be freed.
>> + */
>> + if( T != NULL && T != grp->T )
>> {
>> for( i = 0; i < pre_len; i++ )
>> mbedtls_ecp_point_free( &T[i] );
>> @@ -1955,7 +1960,6 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
>> {
>> /* SEC1 3.2.1: Generate d such that 1 <= n < N */
>> int count = 0;
>> - unsigned char rnd[MBEDTLS_ECP_MAX_BYTES];
>>
>> /*
>> * Match the procedure given in RFC 6979 (deterministic ECDSA):
>> @@ -1966,8 +1970,7 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
>> */
>> do
>> {
>> - MBEDTLS_MPI_CHK( f_rng( p_rng, rnd, n_size ) );
>> - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( d, rnd, n_size ) );
>> + MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) );
>> MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_size - grp->nbits ) );
>>
>> /*
>> diff --git a/dll/3rdparty/mbedtls/entropy.c b/dll/3rdparty/mbedtls/entropy.c
>> index c88fc51fa2..4e37cd8a3d 100644
>> --- a/dll/3rdparty/mbedtls/entropy.c
>> +++ b/dll/3rdparty/mbedtls/entropy.c
>> @@ -70,21 +70,26 @@ static void mbedtls_zeroize( void *v, size_t n ) {
>>
>> void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
>> {
>> - memset( ctx, 0, sizeof(mbedtls_entropy_context) );
>> + ctx->source_count = 0;
>> + memset( ctx->source, 0, sizeof( ctx->source ) );
>>
>> #if defined(MBEDTLS_THREADING_C)
>> mbedtls_mutex_init( &ctx->mutex );
>> #endif
>>
>> + ctx->accumulator_started = 0;
>> #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
>> - mbedtls_sha512_starts( &ctx->accumulator, 0 );
>> + mbedtls_sha512_init( &ctx->accumulator );
>> #else
>> - mbedtls_sha256_starts( &ctx->accumulator, 0 );
>> + mbedtls_sha256_init( &ctx->accumulator );
>> #endif
>> #if defined(MBEDTLS_HAVEGE_C)
>> mbedtls_havege_init( &ctx->havege_data );
>> #endif
>>
>> + /* Reminder: Update ENTROPY_HAVE_STRONG in the test files
>> + * when adding more strong entropy sources here. */
>> +
>> #if defined(MBEDTLS_TEST_NULL_ENTROPY)
>> mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL,
>> 1, MBEDTLS_ENTROPY_SOURCE_STRONG );
>> @@ -115,6 +120,7 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
>> mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL,
>> MBEDTLS_ENTROPY_BLOCK_SIZE,
>> MBEDTLS_ENTROPY_SOURCE_STRONG );
>> + ctx->initial_entropy_run = 0;
>> #endif
>> #endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
>> }
>> @@ -127,7 +133,17 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx )
>> #if defined(MBEDTLS_THREADING_C)
>> mbedtls_mutex_free( &ctx->mutex );
>> #endif
>> - mbedtls_zeroize( ctx, sizeof( mbedtls_entropy_context ) );
>> +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
>> + mbedtls_sha512_free( &ctx->accumulator );
>> +#else
>> + mbedtls_sha256_free( &ctx->accumulator );
>> +#endif
>> +#if defined(MBEDTLS_ENTROPY_NV_SEED)
>> + ctx->initial_entropy_run = 0;
>> +#endif
>> + ctx->source_count = 0;
>> + mbedtls_zeroize( ctx->source, sizeof( ctx->source ) );
>> + ctx->accumulator_started = 0;
>> }
>>
>> int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
>> @@ -174,13 +190,16 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id
>> unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE];
>> size_t use_len = len;
>> const unsigned char *p = data;
>> + int ret = 0;
>>
>> if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE )
>> {
>> #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
>> - mbedtls_sha512( data, len, tmp, 0 );
>> + if( ( ret = mbedtls_sha512_ret( data, len, tmp, 0 ) ) != 0 )
>> + goto cleanup;
>> #else
>> - mbedtls_sha256( data, len, tmp, 0 );
>> + if( ( ret = mbedtls_sha256_ret( data, len, tmp, 0 ) ) != 0 )
>> + goto cleanup;
>> #endif
>> p = tmp;
>> use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
>> @@ -189,15 +208,35 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id
>> header[0] = source_id;
>> header[1] = use_len & 0xFF;
>>
>> + /*
>> + * Start the accumulator if this has not already happened. Note that
>> + * it is sufficient to start the accumulator here only because all calls to
>> + * gather entropy eventually execute this code.
>> + */
>> #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
>> - mbedtls_sha512_update( &ctx->accumulator, header, 2 );
>> - mbedtls_sha512_update( &ctx->accumulator, p, use_len );
>> + if( ctx->accumulator_started == 0 &&
>> + ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
>> + goto cleanup;
>> + else
>> + ctx->accumulator_started = 1;
>> + if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
>> + goto cleanup;
>> + ret = mbedtls_sha512_update_ret( &ctx->accumulator, p, use_len );
>> #else
>> - mbedtls_sha256_update( &ctx->accumulator, header, 2 );
>> - mbedtls_sha256_update( &ctx->accumulator, p, use_len );
>> + if( ctx->accumulator_started == 0 &&
>> + ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
>> + goto cleanup;
>> + else
>> + ctx->accumulator_started = 1;
>> + if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
>> + goto cleanup;
>> + ret = mbedtls_sha256_update_ret( &ctx->accumulator, p, use_len );
>> #endif
>>
>> - return( 0 );
>> +cleanup:
>> + mbedtls_zeroize( tmp, sizeof( tmp ) );
>> +
>> + return( ret );
>> }
>>
>> int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
>> @@ -244,7 +283,7 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
>> if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source,
>> buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen ) ) != 0 )
>> {
>> - return( ret );
>> + goto cleanup;
>> }
>>
>> /*
>> @@ -252,15 +291,20 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
>> */
>> if( olen > 0 )
>> {
>> - entropy_update( ctx, (unsigned char) i, buf, olen );
>> + if( ( ret = entropy_update( ctx, (unsigned char) i,
>> + buf, olen ) ) != 0 )
>> + return( ret );
>> ctx->source[i].size += olen;
>> }
>> }
>>
>> if( have_one_strong == 0 )
>> - return( MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE );
>> + ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;
>>
>> - return( 0 );
>> +cleanup:
>> + mbedtls_zeroize( buf, sizeof( buf ) );
>> +
>> + return( ret );
>> }
>>
>> /*
>> @@ -335,33 +379,52 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
>> memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
>>
>> #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
>> - mbedtls_sha512_finish( &ctx->accumulator, buf );
>> + /*
>> + * Note that at this stage it is assumed that the accumulator was started
>> + * in a previous call to entropy_update(). If this is not guaranteed, the
>> + * code below will fail.
>> + */
>> + if( ( ret = mbedtls_sha512_finish_ret( &ctx->accumulator, buf ) ) != 0 )
>> + goto exit;
>>
>> /*
>> * Reset accumulator and counters and recycle existing entropy
>> */
>> - memset( &ctx->accumulator, 0, sizeof( mbedtls_sha512_context ) );
>> - mbedtls_sha512_starts( &ctx->accumulator, 0 );
>> - mbedtls_sha512_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
>> + mbedtls_sha512_free( &ctx->accumulator );
>> + mbedtls_sha512_init( &ctx->accumulator );
>> + if( ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
>> + goto exit;
>> + if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, buf,
>> + MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
>> + goto exit;
>>
>> /*
>> * Perform second SHA-512 on entropy
>> */
>> - mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 );
>> + if( ( ret = mbedtls_sha512_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
>> + buf, 0 ) ) != 0 )
>> + goto exit;
>> #else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
>> - mbedtls_sha256_finish( &ctx->accumulator, buf );
>> + if( ( ret = mbedtls_sha256_finish_ret( &ctx->accumulator, buf ) ) != 0 )
>> + goto exit;
>>
>> /*
>> * Reset accumulator and counters and recycle existing entropy
>> */
>> - memset( &ctx->accumulator, 0, sizeof( mbedtls_sha256_context ) );
>> - mbedtls_sha256_starts( &ctx->accumulator, 0 );
>> - mbedtls_sha256_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
>> + mbedtls_sha256_free( &ctx->accumulator );
>> + mbedtls_sha256_init( &ctx->accumulator );
>> + if( ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
>> + goto exit;
>> + if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, buf,
>> + MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
>> + goto exit;
>>
>> /*
>> * Perform second SHA-256 on entropy
>> */
>> - mbedtls_sha256( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 );
>> + if( ( ret = mbedtls_sha256_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
>> + buf, 0 ) ) != 0 )
>> + goto exit;
>> #endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
>>
>> for( i = 0; i < ctx->source_count; i++ )
>> @@ -372,6 +435,8 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
>> ret = 0;
>>
>> exit:
>> + mbedtls_zeroize( buf, sizeof( buf ) );
>> +
>> #if defined(MBEDTLS_THREADING_C)
>> if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
>> return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
>> @@ -384,7 +449,7 @@ exit:
>> int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx )
>> {
>> int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
>> - unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ];
>> + unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
>>
>> /* Read new seed and write it to NV */
>> if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
>> @@ -395,9 +460,9 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx )
>>
>> /* Manually update the remaining stream with a separator value to diverge */
>> memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
>> - mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
>> + ret = mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
>>
>> - return( 0 );
>> + return( ret );
>> }
>> #endif /* MBEDTLS_ENTROPY_NV_SEED */
>>
>> @@ -423,12 +488,15 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p
>> ret = 0;
>>
>> exit:
>> + mbedtls_zeroize( buf, sizeof( buf ) );
>> +
>> fclose( f );
>> return( ret );
>> }
>>
>> int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path )
>> {
>> + int ret = 0;
>> FILE *f;
>> size_t n;
>> unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ];
>> @@ -444,14 +512,16 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *
>> n = MBEDTLS_ENTROPY_MAX_SEED_SIZE;
>>
>> if( fread( buf, 1, n, f ) != n )
>> - {
>> - fclose( f );
>> - return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
>> - }
>> + ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
>> + else
>> + ret = mbedtls_entropy_update_manual( ctx, buf, n );
>>
>> fclose( f );
>>
>> - mbedtls_entropy_update_manual( ctx, buf, n );
>> + mbedtls_zeroize( buf, sizeof( buf ) );
>> +
>> + if( ret != 0 )
>> + return( ret );
>>
>> return( mbedtls_entropy_write_seed_file( ctx, path ) );
>> }
>> diff --git a/dll/3rdparty/mbedtls/error.c b/dll/3rdparty/mbedtls/error.c
>> index f80125ad81..bc135a7ad8 100644
>> --- a/dll/3rdparty/mbedtls/error.c
>> +++ b/dll/3rdparty/mbedtls/error.c
>> @@ -47,6 +47,10 @@
>> #include "mbedtls/aes.h"
>> #endif
>>
>> +#if defined(MBEDTLS_ARC4_C)
>> +#include "mbedtls/arc4.h"
>> +#endif
>> +
>> #if defined(MBEDTLS_BASE64_C)
>> #include "mbedtls/base64.h"
>> #endif
>> @@ -71,6 +75,10 @@
>> #include "mbedtls/cipher.h"
>> #endif
>>
>> +#if defined(MBEDTLS_CMAC_C)
>> +#include "mbedtls/cmac.h"
>> +#endif
>> +
>> #if defined(MBEDTLS_CTR_DRBG_C)
>> #include "mbedtls/ctr_drbg.h"
>> #endif
>> @@ -103,6 +111,18 @@
>> #include "mbedtls/md.h"
>> #endif
>>
>> +#if defined(MBEDTLS_MD2_C)
>> +#include "mbedtls/md2.h"
>> +#endif
>> +
>> +#if defined(MBEDTLS_MD4_C)
>> +#include "mbedtls/md4.h"
>> +#endif
>> +
>> +#if defined(MBEDTLS_MD5_C)
>> +#include "mbedtls/md5.h"
>> +#endif
>> +
>> #if defined(MBEDTLS_NET_C)
>> #include "mbedtls/net_sockets.h"
>> #endif
>> @@ -131,10 +151,26 @@
>> #include "mbedtls/pkcs5.h"
>> #endif
>>
>> +#if defined(MBEDTLS_RIPEMD160_C)
>> +#include "mbedtls/ripemd160.h"
>> +#endif
>> +
>> #if defined(MBEDTLS_RSA_C)
>> #include "mbedtls/rsa.h"
>> #endif
>>
>> +#if defined(MBEDTLS_SHA1_C)
>> +#include "mbedtls/sha1.h"
>> +#endif
>> +
>> +#if defined(MBEDTLS_SHA256_C)
>> +#include "mbedtls/sha256.h"
>> +#endif
>> +
>> +#if defined(MBEDTLS_SHA512_C)
>> +#include "mbedtls/sha512.h"
>> +#endif
>> +
>> #if defined(MBEDTLS_SSL_TLS_C)
>> #include "mbedtls/ssl.h"
>> #endif
>> @@ -176,7 +212,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> if( use_ret == -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) )
>> mbedtls_snprintf( buf, buflen, "CIPHER - The selected feature is not available" );
>> if( use_ret == -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA) )
>> - mbedtls_snprintf( buf, buflen, "CIPHER - Bad input parameters to function" );
>> + mbedtls_snprintf( buf, buflen, "CIPHER - Bad input parameters" );
>> if( use_ret == -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED) )
>> mbedtls_snprintf( buf, buflen, "CIPHER - Failed to allocate memory" );
>> if( use_ret == -(MBEDTLS_ERR_CIPHER_INVALID_PADDING) )
>> @@ -186,12 +222,14 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> if( use_ret == -(MBEDTLS_ERR_CIPHER_AUTH_FAILED) )
>> mbedtls_snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" );
>> if( use_ret == -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT) )
>> - mbedtls_snprintf( buf, buflen, "CIPHER - The context is invalid, eg because it was free()ed" );
>> + mbedtls_snprintf( buf, buflen, "CIPHER - The context is invalid. For example, because it was freed" );
>> + if( use_ret == -(MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "CIPHER - Cipher hardware accelerator failed" );
>> #endif /* MBEDTLS_CIPHER_C */
>>
>> #if defined(MBEDTLS_DHM_C)
>> if( use_ret == -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA) )
>> - mbedtls_snprintf( buf, buflen, "DHM - Bad input parameters to function" );
>> + mbedtls_snprintf( buf, buflen, "DHM - Bad input parameters" );
>> if( use_ret == -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED) )
>> mbedtls_snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" );
>> if( use_ret == -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED) )
>> @@ -207,7 +245,11 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> if( use_ret == -(MBEDTLS_ERR_DHM_ALLOC_FAILED) )
>> mbedtls_snprintf( buf, buflen, "DHM - Allocation of memory failed" );
>> if( use_ret == -(MBEDTLS_ERR_DHM_FILE_IO_ERROR) )
>> - mbedtls_snprintf( buf, buflen, "DHM - Read/write of file failed" );
>> + mbedtls_snprintf( buf, buflen, "DHM - Read or write of file failed" );
>> + if( use_ret == -(MBEDTLS_ERR_DHM_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "DHM - DHM hardware accelerator failed" );
>> + if( use_ret == -(MBEDTLS_ERR_DHM_SET_GROUP_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "DHM - Setting the modulus and generator failed" );
>> #endif /* MBEDTLS_DHM_C */
>>
>> #if defined(MBEDTLS_ECP_C)
>> @@ -226,7 +268,9 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> if( use_ret == -(MBEDTLS_ERR_ECP_INVALID_KEY) )
>> mbedtls_snprintf( buf, buflen, "ECP - Invalid private or public key" );
>> if( use_ret == -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) )
>> - mbedtls_snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" );
>> + mbedtls_snprintf( buf, buflen, "ECP - The buffer contains a valid signature followed by more data" );
>> + if( use_ret == -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "ECP - ECP hardware accelerator failed" );
>> #endif /* MBEDTLS_ECP_C */
>>
>> #if defined(MBEDTLS_MD_C)
>> @@ -238,6 +282,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> mbedtls_snprintf( buf, buflen, "MD - Failed to allocate memory" );
>> if( use_ret == -(MBEDTLS_ERR_MD_FILE_IO_ERROR) )
>> mbedtls_snprintf( buf, buflen, "MD - Opening or reading of file failed" );
>> + if( use_ret == -(MBEDTLS_ERR_MD_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "MD - MD hardware accelerator failed" );
>> #endif /* MBEDTLS_MD_C */
>>
>> #if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
>> @@ -289,7 +335,9 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> if( use_ret == -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) )
>> mbedtls_snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" );
>> if( use_ret == -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH) )
>> - mbedtls_snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" );
>> + mbedtls_snprintf( buf, buflen, "PK - The buffer contains a valid signature followed by more data" );
>> + if( use_ret == -(MBEDTLS_ERR_PK_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "PK - PK hardware accelerator failed" );
>> #endif /* MBEDTLS_PK_C */
>>
>> #if defined(MBEDTLS_PKCS12_C)
>> @@ -322,7 +370,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> if( use_ret == -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED) )
>> mbedtls_snprintf( buf, buflen, "RSA - Something failed during generation of a key" );
>> if( use_ret == -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED) )
>> - mbedtls_snprintf( buf, buflen, "RSA - Key failed to pass the library's validity check" );
>> + mbedtls_snprintf( buf, buflen, "RSA - Key failed to pass the validity check of the library" );
>> if( use_ret == -(MBEDTLS_ERR_RSA_PUBLIC_FAILED) )
>> mbedtls_snprintf( buf, buflen, "RSA - The public key operation failed" );
>> if( use_ret == -(MBEDTLS_ERR_RSA_PRIVATE_FAILED) )
>> @@ -333,6 +381,10 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> mbedtls_snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" );
>> if( use_ret == -(MBEDTLS_ERR_RSA_RNG_FAILED) )
>> mbedtls_snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" );
>> + if( use_ret == -(MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION) )
>> + mbedtls_snprintf( buf, buflen, "RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality" );
>> + if( use_ret == -(MBEDTLS_ERR_RSA_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "RSA - RSA hardware accelerator failed" );
>> #endif /* MBEDTLS_RSA_C */
>>
>> #if defined(MBEDTLS_SSL_TLS_C)
>> @@ -520,8 +572,17 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> mbedtls_snprintf( buf, buflen, "AES - Invalid key length" );
>> if( use_ret == -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH) )
>> mbedtls_snprintf( buf, buflen, "AES - Invalid data input length" );
>> + if( use_ret == -(MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE) )
>> + mbedtls_snprintf( buf, buflen, "AES - Feature not available. For example, an unsupported AES key size" );
>> + if( use_ret == -(MBEDTLS_ERR_AES_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "AES - AES hardware accelerator failed" );
>> #endif /* MBEDTLS_AES_C */
>>
>> +#if defined(MBEDTLS_ARC4_C)
>> + if( use_ret == -(MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "ARC4 - ARC4 hardware accelerator failed" );
>> +#endif /* MBEDTLS_ARC4_C */
>> +
>> #if defined(MBEDTLS_ASN1_PARSE_C)
>> if( use_ret == -(MBEDTLS_ERR_ASN1_OUT_OF_DATA) )
>> mbedtls_snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" );
>> @@ -568,6 +629,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> #if defined(MBEDTLS_BLOWFISH_C)
>> if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH) )
>> mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid key length" );
>> + if( use_ret == -(MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "BLOWFISH - Blowfish hardware accelerator failed" );
>> if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH) )
>> mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid data input length" );
>> #endif /* MBEDTLS_BLOWFISH_C */
>> @@ -577,29 +640,40 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid key length" );
>> if( use_ret == -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH) )
>> mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid data input length" );
>> + if( use_ret == -(MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "CAMELLIA - Camellia hardware accelerator failed" );
>> #endif /* MBEDTLS_CAMELLIA_C */
>>
>> #if defined(MBEDTLS_CCM_C)
>> if( use_ret == -(MBEDTLS_ERR_CCM_BAD_INPUT) )
>> - mbedtls_snprintf( buf, buflen, "CCM - Bad input parameters to function" );
>> + mbedtls_snprintf( buf, buflen, "CCM - Bad input parameters to the function" );
>> if( use_ret == -(MBEDTLS_ERR_CCM_AUTH_FAILED) )
>> mbedtls_snprintf( buf, buflen, "CCM - Authenticated decryption failed" );
>> + if( use_ret == -(MBEDTLS_ERR_CCM_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "CCM - CCM hardware accelerator failed" );
>> #endif /* MBEDTLS_CCM_C */
>>
>> +#if defined(MBEDTLS_CMAC_C)
>> + if( use_ret == -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "CMAC - CMAC hardware accelerator failed" );
>> +#endif /* MBEDTLS_CMAC_C */
>> +
>> #if defined(MBEDTLS_CTR_DRBG_C)
>> if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) )
>> mbedtls_snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" );
>> if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG) )
>> - mbedtls_snprintf( buf, buflen, "CTR_DRBG - Too many random requested in single call" );
>> + mbedtls_snprintf( buf, buflen, "CTR_DRBG - The requested random buffer length is too big" );
>> if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG) )
>> - mbedtls_snprintf( buf, buflen, "CTR_DRBG - Input too large (Entropy + additional)" );
>> + mbedtls_snprintf( buf, buflen, "CTR_DRBG - The input (entropy + additional data) is too large" );
>> if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR) )
>> - mbedtls_snprintf( buf, buflen, "CTR_DRBG - Read/write error in file" );
>> + mbedtls_snprintf( buf, buflen, "CTR_DRBG - Read or write error in file" );
>> #endif /* MBEDTLS_CTR_DRBG_C */
>>
>> #if defined(MBEDTLS_DES_C)
>> if( use_ret == -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH) )
>> mbedtls_snprintf( buf, buflen, "DES - The data input has an invalid length" );
>> + if( use_ret == -(MBEDTLS_ERR_DES_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "DES - DES hardware accelerator failed" );
>> #endif /* MBEDTLS_DES_C */
>>
>> #if defined(MBEDTLS_ENTROPY_C)
>> @@ -618,6 +692,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> #if defined(MBEDTLS_GCM_C)
>> if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) )
>> mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" );
>> + if( use_ret == -(MBEDTLS_ERR_GCM_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "GCM - GCM hardware accelerator failed" );
>> if( use_ret == -(MBEDTLS_ERR_GCM_BAD_INPUT) )
>> mbedtls_snprintf( buf, buflen, "GCM - Bad input parameters to function" );
>> #endif /* MBEDTLS_GCM_C */
>> @@ -633,6 +709,21 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> mbedtls_snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" );
>> #endif /* MBEDTLS_HMAC_DRBG_C */
>>
>> +#if defined(MBEDTLS_MD2_C)
>> + if( use_ret == -(MBEDTLS_ERR_MD2_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "MD2 - MD2 hardware accelerator failed" );
>> +#endif /* MBEDTLS_MD2_C */
>> +
>> +#if defined(MBEDTLS_MD4_C)
>> + if( use_ret == -(MBEDTLS_ERR_MD4_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "MD4 - MD4 hardware accelerator failed" );
>> +#endif /* MBEDTLS_MD4_C */
>> +
>> +#if defined(MBEDTLS_MD5_C)
>> + if( use_ret == -(MBEDTLS_ERR_MD5_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "MD5 - MD5 hardware accelerator failed" );
>> +#endif /* MBEDTLS_MD5_C */
>> +
>> #if defined(MBEDTLS_NET_C)
>> if( use_ret == -(MBEDTLS_ERR_NET_SOCKET_FAILED) )
>> mbedtls_snprintf( buf, buflen, "NET - Failed to open a socket" );
>> @@ -670,6 +761,26 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> mbedtls_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
>> #endif /* MBEDTLS_PADLOCK_C */
>>
>> +#if defined(MBEDTLS_RIPEMD160_C)
>> + if( use_ret == -(MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "RIPEMD160 - RIPEMD160 hardware accelerator failed" );
>> +#endif /* MBEDTLS_RIPEMD160_C */
>> +
>> +#if defined(MBEDTLS_SHA1_C)
>> + if( use_ret == -(MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "SHA1 - SHA-1 hardware accelerator failed" );
>> +#endif /* MBEDTLS_SHA1_C */
>> +
>> +#if defined(MBEDTLS_SHA256_C)
>> + if( use_ret == -(MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "SHA256 - SHA-256 hardware accelerator failed" );
>> +#endif /* MBEDTLS_SHA256_C */
>> +
>> +#if defined(MBEDTLS_SHA512_C)
>> + if( use_ret == -(MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "SHA512 - SHA-512 hardware accelerator failed" );
>> +#endif /* MBEDTLS_SHA512_C */
>> +
>> #if defined(MBEDTLS_THREADING_C)
>> if( use_ret == -(MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE) )
>> mbedtls_snprintf( buf, buflen, "THREADING - The selected feature is not available" );
>> @@ -682,6 +793,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
>> #if defined(MBEDTLS_XTEA_C)
>> if( use_ret == -(MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH) )
>> mbedtls_snprintf( buf, buflen, "XTEA - The data input has an invalid length" );
>> + if( use_ret == -(MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED) )
>> + mbedtls_snprintf( buf, buflen, "XTEA - XTEA hardware accelerator failed" );
>> #endif /* MBEDTLS_XTEA_C */
>> // END generated code
>>
>> diff --git a/dll/3rdparty/mbedtls/gcm.c b/dll/3rdparty/mbedtls/gcm.c
>> index 2f34930f4c..85a2907571 100644
>> --- a/dll/3rdparty/mbedtls/gcm.c
>> +++ b/dll/3rdparty/mbedtls/gcm.c
>> @@ -48,6 +48,7 @@
>> #endif
>>
>> #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
>> +#include "mbedtls/aes.h"
>> #if defined(MBEDTLS_PLATFORM_C)
>> #include "mbedtls/platform.h"
>> #else
>> @@ -56,6 +57,8 @@
>> #endif /* MBEDTLS_PLATFORM_C */
>> #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
>>
>> +#if !defined(MBEDTLS_GCM_ALT)
>> +
>> /*
>> * 32-bit integer manipulation macros (big endian)
>> */
>> @@ -510,6 +513,8 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx )
>> mbedtls_zeroize( ctx, sizeof( mbedtls_gcm_context ) );
>> }
>>
>> +#endif /* !MBEDTLS_GCM_ALT */
>> +
>> #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
>> /*
>> * AES-GCM test vectors from:
>> @@ -746,34 +751,48 @@ int mbedtls_gcm_self_test( int verbose )
>> int i, j, ret;
>> mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
>>
>> - mbedtls_gcm_init( &ctx );
>> -
>> for( j = 0; j < 3; j++ )
>> {
>> int key_len = 128 + 64 * j;
>>
>> for( i = 0; i < MAX_TESTS; i++ )
>> {
>> + mbedtls_gcm_init( &ctx );
>> +
>> if( verbose != 0 )
>> mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
>> - key_len, i, "enc" );
>> -
>> - mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
>> + key_len, i, "enc" );
>> +
>> + ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
>> + key_len );
>> + /*
>> + * AES-192 is an optional feature that may be unavailable when
>> + * there is an alternative underlying implementation i.e. when
>> + * MBEDTLS_AES_ALT is defined.
>> + */
>> + if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && key_len == 192 )
>> + {
>> + mbedtls_printf( "skipped\n" );
>> + break;
>> + }
>> + else if( ret != 0 )
>> + {
>> + goto exit;
>> + }
>>
>> ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT,
>> - pt_len[i],
>> - iv[iv_index[i]], iv_len[i],
>> - additional[add_index[i]], add_len[i],
>> - pt[pt_index[i]], buf, 16, tag_buf );
>> + pt_len[i],
>> + iv[iv_index[i]], iv_len[i],
>> + additional[add_index[i]], add_len[i],
>> + pt[pt_index[i]], buf, 16, tag_buf );
>> + if( ret != 0 )
>> + goto exit;
>>
>> - if( ret != 0 ||
>> - memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
>> - memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
>> + if ( memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
>> + memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
>> {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> + ret = 1;
>> + goto exit;
>> }
>>
>> mbedtls_gcm_free( &ctx );
>> @@ -781,26 +800,31 @@ int mbedtls_gcm_self_test( int verbose )
>> if( verbose != 0 )
>> mbedtls_printf( "passed\n" );
>>
>> + mbedtls_gcm_init( &ctx );
>> +
>> if( verbose != 0 )
>> mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
>> - key_len, i, "dec" );
>> + key_len, i, "dec" );
>>
>> - mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
>> + ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
>> + key_len );
>> + if( ret != 0 )
>> + goto exit;
>>
>> ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT,
>> - pt_len[i],
>> - iv[iv_index[i]], iv_len[i],
>> - additional[add_index[i]], add_len[i],
>> - ct[j * 6 + i], buf, 16, tag_buf );
>> + pt_len[i],
>> + iv[iv_index[i]], iv_len[i],
>> + additional[add_index[i]], add_len[i],
>> + ct[j * 6 + i], buf, 16, tag_buf );
>> +
>> + if( ret != 0 )
>> + goto exit;
>>
>> - if( ret != 0 ||
>> - memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
>> + if( memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
>> memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
>> {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> + ret = 1;
>> + goto exit;
>> }
>>
>> mbedtls_gcm_free( &ctx );
>> @@ -808,66 +832,51 @@ int mbedtls_gcm_self_test( int verbose )
>> if( verbose != 0 )
>> mbedtls_printf( "passed\n" );
>>
>> + mbedtls_gcm_init( &ctx );
>> +
>> if( verbose != 0 )
>> mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
>> - key_len, i, "enc" );
>> + key_len, i, "enc" );
>>
>> - mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
>> + ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
>> + key_len );
>> + if( ret != 0 )
>> + goto exit;
>>
>> ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT,
>> - iv[iv_index[i]], iv_len[i],
>> - additional[add_index[i]], add_len[i] );
>> + iv[iv_index[i]], iv_len[i],
>> + additional[add_index[i]], add_len[i] );
>> if( ret != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> - }
>> + goto exit;
>>
>> if( pt_len[i] > 32 )
>> {
>> size_t rest_len = pt_len[i] - 32;
>> ret = mbedtls_gcm_update( &ctx, 32, pt[pt_index[i]], buf );
>> if( ret != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> - }
>> + goto exit;
>>
>> ret = mbedtls_gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32,
>> buf + 32 );
>> if( ret != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> - }
>> + goto exit;
>> }
>> else
>> {
>> ret = mbedtls_gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf );
>> if( ret != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> - }
>> + goto exit;
>> }
>>
>> ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
>> - if( ret != 0 ||
>> - memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
>> + if( ret != 0 )
>> + goto exit;
>> +
>> + if( memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
>> memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
>> {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> + ret = 1;
>> + goto exit;
>> }
>>
>> mbedtls_gcm_free( &ctx );
>> @@ -875,80 +884,75 @@ int mbedtls_gcm_self_test( int verbose )
>> if( verbose != 0 )
>> mbedtls_printf( "passed\n" );
>>
>> + mbedtls_gcm_init( &ctx );
>> +
>> if( verbose != 0 )
>> mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
>> - key_len, i, "dec" );
>> + key_len, i, "dec" );
>>
>> - mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
>> + ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
>> + key_len );
>> + if( ret != 0 )
>> + goto exit;
>>
>> ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT,
>> iv[iv_index[i]], iv_len[i],
>> additional[add_index[i]], add_len[i] );
>> if( ret != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> - }
>> + goto exit;
>>
>> if( pt_len[i] > 32 )
>> {
>> size_t rest_len = pt_len[i] - 32;
>> ret = mbedtls_gcm_update( &ctx, 32, ct[j * 6 + i], buf );
>> if( ret != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> - }
>> + goto exit;
>>
>> ret = mbedtls_gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32,
>> - buf + 32 );
>> + buf + 32 );
>> if( ret != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> - }
>> + goto exit;
>> }
>> else
>> {
>> - ret = mbedtls_gcm_update( &ctx, pt_len[i], ct[j * 6 + i], buf );
>> + ret = mbedtls_gcm_update( &ctx, pt_len[i], ct[j * 6 + i],
>> + buf );
>> if( ret != 0 )
>> - {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> - }
>> + goto exit;
>> }
>>
>> ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
>> - if( ret != 0 ||
>> - memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
>> + if( ret != 0 )
>> + goto exit;
>> +
>> + if( memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
>> memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
>> {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> + ret = 1;
>> + goto exit;
>> }
>>
>> mbedtls_gcm_free( &ctx );
>>
>> if( verbose != 0 )
>> mbedtls_printf( "passed\n" );
>> -
>> }
>> }
>>
>> if( verbose != 0 )
>> mbedtls_printf( "\n" );
>>
>> - return( 0 );
>> + ret = 0;
>> +
>> +exit:
>> + if( ret != 0 )
>> + {
>> + if( verbose != 0 )
>> + mbedtls_printf( "failed\n" );
>> + mbedtls_gcm_free( &ctx );
>> + }
>> +
>> + return( ret );
>> }
>>
>> #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
>> diff --git a/dll/3rdparty/mbedtls/hmac_drbg.c b/dll/3rdparty/mbedtls/hmac_drbg.c
>> index 2826cc204f..cda64a2713 100644
>> --- a/dll/3rdparty/mbedtls/hmac_drbg.c
>> +++ b/dll/3rdparty/mbedtls/hmac_drbg.c
>> @@ -366,11 +366,14 @@ int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const cha
>>
>> exit:
>> fclose( f );
>> + mbedtls_zeroize( buf, sizeof( buf ) );
>> +
>> return( ret );
>> }
>>
>> int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path )
>> {
>> + int ret = 0;
>> FILE *f;
>> size_t n;
>> unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ];
>> @@ -389,14 +392,16 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch
>> }
>>
>> if( fread( buf, 1, n, f ) != n )
>> - {
>> - fclose( f );
>> - return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
>> - }
>> + ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
>> + else
>> + mbedtls_hmac_drbg_update( ctx, buf, n );
>>
>> fclose( f );
>>
>> - mbedtls_hmac_drbg_update( ctx, buf, n );
>> + mbedtls_zeroize( buf, sizeof( buf ) );
>> +
>> + if( ret != 0 )
>> + return( ret );
>>
>> return( mbedtls_hmac_drbg_write_seed_file( ctx, path ) );
>> }
>> diff --git a/dll/3rdparty/mbedtls/md.c b/dll/3rdparty/mbedtls/md.c
>> index fa63762ec7..e41c367c74 100644
>> --- a/dll/3rdparty/mbedtls/md.c
>> +++ b/dll/3rdparty/mbedtls/md.c
>> @@ -252,9 +252,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx )
>> if( ctx == NULL || ctx->md_info == NULL )
>> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>>
>> - ctx->md_info->starts_func( ctx->md_ctx );
>> -
>> - return( 0 );
>> + return( ctx->md_info->starts_func( ctx->md_ctx ) );
>> }
>>
>> int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
>> @@ -262,9 +260,7 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si
>> if( ctx == NULL || ctx->md_info == NULL )
>> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>>
>> - ctx->md_info->update_func( ctx->md_ctx, input, ilen );
>> -
>> - return( 0 );
>> + return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
>> }
>>
>> int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
>> @@ -272,9 +268,7 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
>> if( ctx == NULL || ctx->md_info == NULL )
>> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>>
>> - ctx->md_info->finish_func( ctx->md_ctx, output );
>> -
>> - return( 0 );
>> + return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
>> }
>>
>> int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
>> @@ -283,9 +277,7 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si
>> if( md_info == NULL )
>> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>>
>> - md_info->digest_func( input, ilen, output );
>> -
>> - return( 0 );
>> + return( md_info->digest_func( input, ilen, output ) );
>> }
>>
>> #if defined(MBEDTLS_FS_IO)
>> @@ -308,20 +300,20 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne
>> if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
>> goto cleanup;
>>
>> - md_info->starts_func( ctx.md_ctx );
>> + if( ( ret = md_info->starts_func( ctx.md_ctx ) ) != 0 )
>> + goto cleanup;
>>
>> while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
>> - md_info->update_func( ctx.md_ctx, buf, n );
>> + if( ( ret = md_info->update_func( ctx.md_ctx, buf, n ) ) != 0 )
>> + goto cleanup;
>>
>> if( ferror( f ) != 0 )
>> - {
>> ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
>> - goto cleanup;
>> - }
>> -
>> - md_info->finish_func( ctx.md_ctx, output );
>> + else
>> + ret = md_info->finish_func( ctx.md_ctx, output );
>>
>> cleanup:
>> + mbedtls_zeroize( buf, sizeof( buf ) );
>> fclose( f );
>> mbedtls_md_free( &ctx );
>>
>> @@ -331,6 +323,7 @@ cleanup:
>>
>> int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
>> {
>> + int ret;
>> unsigned char sum[MBEDTLS_MD_MAX_SIZE];
>> unsigned char *ipad, *opad;
>> size_t i;
>> @@ -340,9 +333,12 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
>>
>> if( keylen > (size_t) ctx->md_info->block_size )
>> {
>> - ctx->md_info->starts_func( ctx->md_ctx );
>> - ctx->md_info->update_func( ctx->md_ctx, key, keylen );
>> - ctx->md_info->finish_func( ctx->md_ctx, sum );
>> + if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
>> + goto cleanup;
>> + if( ( ret = ctx->md_info->update_func( ctx->md_ctx, key, keylen ) ) != 0 )
>> + goto cleanup;
>> + if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, sum ) ) != 0 )
>> + goto cleanup;
>>
>> keylen = ctx->md_info->size;
>> key = sum;
>> @@ -360,12 +356,16 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
>> opad[i] = (unsigned char)( opad[i] ^ key[i] );
>> }
>>
>> - mbedtls_zeroize( sum, sizeof( sum ) );
>> + if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
>> + goto cleanup;
>> + if( ( ret = ctx->md_info->update_func( ctx->md_ctx, ipad,
>> + ctx->md_info->block_size ) ) != 0 )
>> + goto cleanup;
>>
>> - ctx->md_info->starts_func( ctx->md_ctx );
>> - ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
>> +cleanup:
>> + mbedtls_zeroize( sum, sizeof( sum ) );
>>
>> - return( 0 );
>> + return( ret );
>> }
>>
>> int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
>> @@ -373,13 +373,12 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu
>> if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
>> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>>
>> - ctx->md_info->update_func( ctx->md_ctx, input, ilen );
>> -
>> - return( 0 );
>> + return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
>> }
>>
>> int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
>> {
>> + int ret;
>> unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
>> unsigned char *opad;
>>
>> @@ -388,17 +387,22 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
>>
>> opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
>>
>> - ctx->md_info->finish_func( ctx->md_ctx, tmp );
>> - ctx->md_info->starts_func( ctx->md_ctx );
>> - ctx->md_info->update_func( ctx->md_ctx, opad, ctx->md_info->block_size );
>> - ctx->md_info->update_func( ctx->md_ctx, tmp, ctx->md_info->size );
>> - ctx->md_info->finish_func( ctx->md_ctx, output );
>> -
>> - return( 0 );
>> + if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, tmp ) ) != 0 )
>> + return( ret );
>> + if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
>> + return( ret );
>> + if( ( ret = ctx->md_info->update_func( ctx->md_ctx, opad,
>> + ctx->md_info->block_size ) ) != 0 )
>> + return( ret );
>> + if( ( ret = ctx->md_info->update_func( ctx->md_ctx, tmp,
>> + ctx->md_info->size ) ) != 0 )
>> + return( ret );
>> + return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
>> }
>>
>> int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
>> {
>> + int ret;
>> unsigned char *ipad;
>>
>> if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
>> @@ -406,15 +410,16 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
>>
>> ipad = (unsigned char *) ctx->hmac_ctx;
>>
>> - ctx->md_info->starts_func( ctx->md_ctx );
>> - ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
>> -
>> - return( 0 );
>> + if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
>> + return( ret );
>> + return( ctx->md_info->update_func( ctx->md_ctx, ipad,
>> + ctx->md_info->block_size ) );
>> }
>>
>> -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
>> - const unsigned char *input, size_t ilen,
>> - unsigned char *output )
>> +int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
>> + const unsigned char *key, size_t keylen,
>> + const unsigned char *input, size_t ilen,
>> + unsigned char *output )
>> {
>> mbedtls_md_context_t ctx;
>> int ret;
>> @@ -425,15 +430,19 @@ int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key,
>> mbedtls_md_init( &ctx );
>>
>> if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
>> - return( ret );
>> + goto cleanup;
>>
>> - mbedtls_md_hmac_starts( &ctx, key, keylen );
>> - mbedtls_md_hmac_update( &ctx, input, ilen );
>> - mbedtls_md_hmac_finish( &ctx, output );
>> + if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 )
>> + goto cleanup;
>> + if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 )
>> + goto cleanup;
>> + if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 )
>> + goto cleanup;
>>
>> +cleanup:
>> mbedtls_md_free( &ctx );
>>
>> - return( 0 );
>> + return( ret );
>> }
>>
>> int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
>> @@ -441,9 +450,7 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
>> if( ctx == NULL || ctx->md_info == NULL )
>> return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
>>
>> - ctx->md_info->process_func( ctx->md_ctx, data );
>> -
>> - return( 0 );
>> + return( ctx->md_info->process_func( ctx->md_ctx, data ) );
>> }
>>
>> unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
>> diff --git a/dll/3rdparty/mbedtls/md2.c b/dll/3rdparty/mbedtls/md2.c
>> index 9e0c43dabf..7ce86f9302 100644
>> --- a/dll/3rdparty/mbedtls/md2.c
>> +++ b/dll/3rdparty/mbedtls/md2.c
>> @@ -107,16 +107,25 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst,
>> /*
>> * MD2 context setup
>> */
>> -void mbedtls_md2_starts( mbedtls_md2_context *ctx )
>> +int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx )
>> {
>> memset( ctx->cksum, 0, 16 );
>> memset( ctx->state, 0, 46 );
>> memset( ctx->buffer, 0, 16 );
>> ctx->left = 0;
>> +
>> + return( 0 );
>> }
>>
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md2_starts( mbedtls_md2_context *ctx )
>> +{
>> + mbedtls_md2_starts_ret( ctx );
>> +}
>> +#endif
>> +
>> #if !defined(MBEDTLS_MD2_PROCESS_ALT)
>> -void mbedtls_md2_process( mbedtls_md2_context *ctx )
>> +int mbedtls_internal_md2_process( mbedtls_md2_context *ctx )
>> {
>> int i, j;
>> unsigned char t = 0;
>> @@ -148,14 +157,26 @@ void mbedtls_md2_process( mbedtls_md2_context *ctx )
>> ( ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t] );
>> t = ctx->cksum[i];
>> }
>> +
>> + return( 0 );
>> }
>> +
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md2_process( mbedtls_md2_context *ctx )
>> +{
>> + mbedtls_internal_md2_process( ctx );
>> +}
>> +#endif
>> #endif /* !MBEDTLS_MD2_PROCESS_ALT */
>>
>> /*
>> * MD2 process buffer
>> */
>> -void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen )
>> +int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
>> + const unsigned char *input,
>> + size_t ilen )
>> {
>> + int ret;
>> size_t fill;
>>
>> while( ilen > 0 )
>> @@ -174,16 +195,30 @@ void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, s
>> if( ctx->left == 16 )
>> {
>> ctx->left = 0;
>> - mbedtls_md2_process( ctx );
>> + if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
>> + return( ret );
>> }
>> }
>> +
>> + return( 0 );
>> }
>>
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md2_update( mbedtls_md2_context *ctx,
>> + const unsigned char *input,
>> + size_t ilen )
>> +{
>> + mbedtls_md2_update_ret( ctx, input, ilen );
>> +}
>> +#endif
>> +
>> /*
>> * MD2 final digest
>> */
>> -void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] )
>> +int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
>> + unsigned char output[16] )
>> {
>> + int ret;
>> size_t i;
>> unsigned char x;
>>
>> @@ -192,36 +227,70 @@ void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] )
>> for( i = ctx->left; i < 16; i++ )
>> ctx->buffer[i] = x;
>>
>> - mbedtls_md2_process( ctx );
>> + if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
>> + return( ret );
>>
>> memcpy( ctx->buffer, ctx->cksum, 16 );
>> - mbedtls_md2_process( ctx );
>> + if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
>> + return( ret );
>>
>> memcpy( output, ctx->state, 16 );
>> +
>> + return( 0 );
>> +}
>> +
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md2_finish( mbedtls_md2_context *ctx,
>> + unsigned char output[16] )
>> +{
>> + mbedtls_md2_finish_ret( ctx, output );
>> }
>> +#endif
>>
>> #endif /* !MBEDTLS_MD2_ALT */
>>
>> /*
>> * output = MD2( input buffer )
>> */
>> -void mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
>> +int mbedtls_md2_ret( const unsigned char *input,
>> + size_t ilen,
>> + unsigned char output[16] )
>> {
>> + int ret;
>> mbedtls_md2_context ctx;
>>
>> mbedtls_md2_init( &ctx );
>> - mbedtls_md2_starts( &ctx );
>> - mbedtls_md2_update( &ctx, input, ilen );
>> - mbedtls_md2_finish( &ctx, output );
>> +
>> + if( ( ret = mbedtls_md2_starts_ret( &ctx ) ) != 0 )
>> + goto exit;
>> +
>> + if( ( ret = mbedtls_md2_update_ret( &ctx, input, ilen ) ) != 0 )
>> + goto exit;
>> +
>> + if( ( ret = mbedtls_md2_finish_ret( &ctx, output ) ) != 0 )
>> + goto exit;
>> +
>> +exit:
>> mbedtls_md2_free( &ctx );
>> +
>> + return( ret );
>> }
>>
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md2( const unsigned char *input,
>> + size_t ilen,
>> + unsigned char output[16] )
>> +{
>> + mbedtls_md2_ret( input, ilen, output );
>> +}
>> +#endif
>> +
>> #if defined(MBEDTLS_SELF_TEST)
>>
>> /*
>> * RFC 1319 test vectors
>> */
>> -static const char md2_test_str[7][81] =
>> +static const unsigned char md2_test_str[7][81] =
>> {
>> { "" },
>> { "a" },
>> @@ -229,10 +298,15 @@ static const char md2_test_str[7][81] =
>> { "message digest" },
>> { "abcdefghijklmnopqrstuvwxyz" },
>> { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
>> - { "12345678901234567890123456789012345678901234567890123456789012" \
>> + { "12345678901234567890123456789012345678901234567890123456789012"
>> "345678901234567890" }
>> };
>>
>> +static const size_t md2_test_strlen[7] =
>> +{
>> + 0, 1, 3, 14, 26, 62, 80
>> +};
>> +
>> static const unsigned char md2_test_sum[7][16] =
>> {
>> { 0x83, 0x50, 0xE5, 0xA3, 0xE2, 0x4C, 0x15, 0x3D,
>> @@ -256,7 +330,7 @@ static const unsigned char md2_test_sum[7][16] =
>> */
>> int mbedtls_md2_self_test( int verbose )
>> {
>> - int i;
>> + int i, ret = 0;
>> unsigned char md2sum[16];
>>
>> for( i = 0; i < 7; i++ )
>> @@ -264,15 +338,14 @@ int mbedtls_md2_self_test( int verbose )
>> if( verbose != 0 )
>> mbedtls_printf( " MD2 test #%d: ", i + 1 );
>>
>> - mbedtls_md2( (unsigned char *) md2_test_str[i],
>> - strlen( md2_test_str[i] ), md2sum );
>> + ret = mbedtls_md2_ret( md2_test_str[i], md2_test_strlen[i], md2sum );
>> + if( ret != 0 )
>> + goto fail;
>>
>> if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 )
>> {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> + ret = 1;
>> + goto fail;
>> }
>>
>> if( verbose != 0 )
>> @@ -283,6 +356,12 @@ int mbedtls_md2_self_test( int verbose )
>> mbedtls_printf( "\n" );
>>
>> return( 0 );
>> +
>> +fail:
>> + if( verbose != 0 )
>> + mbedtls_printf( "failed\n" );
>> +
>> + return( ret );
>> }
>>
>> #endif /* MBEDTLS_SELF_TEST */
>> diff --git a/dll/3rdparty/mbedtls/md4.c b/dll/3rdparty/mbedtls/md4.c
>> index 2a66db49ec..f53efa8243 100644
>> --- a/dll/3rdparty/mbedtls/md4.c
>> +++ b/dll/3rdparty/mbedtls/md4.c
>> @@ -100,7 +100,7 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst,
>> /*
>> * MD4 context setup
>> */
>> -void mbedtls_md4_starts( mbedtls_md4_context *ctx )
>> +int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx )
>> {
>> ctx->total[0] = 0;
>> ctx->total[1] = 0;
>> @@ -109,10 +109,20 @@ void mbedtls_md4_starts( mbedtls_md4_context *ctx )
>> ctx->state[1] = 0xEFCDAB89;
>> ctx->state[2] = 0x98BADCFE;
>> ctx->state[3] = 0x10325476;
>> +
>> + return( 0 );
>> +}
>> +
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md4_starts( mbedtls_md4_context *ctx )
>> +{
>> + mbedtls_md4_starts_ret( ctx );
>> }
>> +#endif
>>
>> #if !defined(MBEDTLS_MD4_PROCESS_ALT)
>> -void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64] )
>> +int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
>> + const unsigned char data[64] )
>> {
>> uint32_t X[16], A, B, C, D;
>>
>> @@ -213,19 +223,32 @@ void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64]
>> ctx->state[1] += B;
>> ctx->state[2] += C;
>> ctx->state[3] += D;
>> +
>> + return( 0 );
>> +}
>> +
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md4_process( mbedtls_md4_context *ctx,
>> + const unsigned char data[64] )
>> +{
>> + mbedtls_internal_md4_process( ctx, data );
>> }
>> +#endif
>> #endif /* !MBEDTLS_MD4_PROCESS_ALT */
>>
>> /*
>> * MD4 process buffer
>> */
>> -void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen )
>> +int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
>> + const unsigned char *input,
>> + size_t ilen )
>> {
>> + int ret;
>> size_t fill;
>> uint32_t left;
>>
>> if( ilen == 0 )
>> - return;
>> + return( 0 );
>>
>> left = ctx->total[0] & 0x3F;
>> fill = 64 - left;
>> @@ -240,7 +263,10 @@ void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, s
>> {
>> memcpy( (void *) (ctx->buffer + left),
>> (void *) input, fill );
>> - mbedtls_md4_process( ctx, ctx->buffer );
>> +
>> + if( ( ret = mbedtls_internal_md4_process( ctx, ctx->buffer ) ) != 0 )
>> + return( ret );
>> +
>> input += fill;
>> ilen -= fill;
>> left = 0;
>> @@ -248,7 +274,9 @@ void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, s
>>
>> while( ilen >= 64 )
>> {
>> - mbedtls_md4_process( ctx, input );
>> + if( ( ret = mbedtls_internal_md4_process( ctx, input ) ) != 0 )
>> + return( ret );
>> +
>> input += 64;
>> ilen -= 64;
>> }
>> @@ -258,7 +286,18 @@ void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, s
>> memcpy( (void *) (ctx->buffer + left),
>> (void *) input, ilen );
>> }
>> +
>> + return( 0 );
>> +}
>> +
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md4_update( mbedtls_md4_context *ctx,
>> + const unsigned char *input,
>> + size_t ilen )
>> +{
>> + mbedtls_md4_update_ret( ctx, input, ilen );
>> }
>> +#endif
>>
>> static const unsigned char md4_padding[64] =
>> {
>> @@ -271,8 +310,10 @@ static const unsigned char md4_padding[64] =
>> /*
>> * MD4 final digest
>> */
>> -void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] )
>> +int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
>> + unsigned char output[16] )
>> {
>> + int ret;
>> uint32_t last, padn;
>> uint32_t high, low;
>> unsigned char msglen[8];
>> @@ -287,37 +328,74 @@ void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] )
>> last = ctx->total[0] & 0x3F;
>> padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
>>
>> - mbedtls_md4_update( ctx, (unsigned char *) md4_padding, padn );
>> - mbedtls_md4_update( ctx, msglen, 8 );
>> + ret = mbedtls_md4_update_ret( ctx, (unsigned char *)md4_padding, padn );
>> + if( ret != 0 )
>> + return( ret );
>> +
>> + if( ( ret = mbedtls_md4_update_ret( ctx, msglen, 8 ) ) != 0 )
>> + return( ret );
>> +
>>
>> PUT_UINT32_LE( ctx->state[0], output, 0 );
>> PUT_UINT32_LE( ctx->state[1], output, 4 );
>> PUT_UINT32_LE( ctx->state[2], output, 8 );
>> PUT_UINT32_LE( ctx->state[3], output, 12 );
>> +
>> + return( 0 );
>> +}
>> +
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md4_finish( mbedtls_md4_context *ctx,
>> + unsigned char output[16] )
>> +{
>> + mbedtls_md4_finish_ret( ctx, output );
>> }
>> +#endif
>>
>> #endif /* !MBEDTLS_MD4_ALT */
>>
>> /*
>> * output = MD4( input buffer )
>> */
>> -void mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
>> +int mbedtls_md4_ret( const unsigned char *input,
>> + size_t ilen,
>> + unsigned char output[16] )
>> {
>> + int ret;
>> mbedtls_md4_context ctx;
>>
>> mbedtls_md4_init( &ctx );
>> - mbedtls_md4_starts( &ctx );
>> - mbedtls_md4_update( &ctx, input, ilen );
>> - mbedtls_md4_finish( &ctx, output );
>> +
>> + if( ( ret = mbedtls_md4_starts_ret( &ctx ) ) != 0 )
>> + goto exit;
>> +
>> + if( ( ret = mbedtls_md4_update_ret( &ctx, input, ilen ) ) != 0 )
>> + goto exit;
>> +
>> + if( ( ret = mbedtls_md4_finish_ret( &ctx, output ) ) != 0 )
>> + goto exit;
>> +
>> +exit:
>> mbedtls_md4_free( &ctx );
>> +
>> + return( ret );
>> +}
>> +
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md4( const unsigned char *input,
>> + size_t ilen,
>> + unsigned char output[16] )
>> +{
>> + mbedtls_md4_ret( input, ilen, output );
>> }
>> +#endif
>>
>> #if defined(MBEDTLS_SELF_TEST)
>>
>> /*
>> * RFC 1320 test vectors
>> */
>> -static const char md4_test_str[7][81] =
>> +static const unsigned char md4_test_str[7][81] =
>> {
>> { "" },
>> { "a" },
>> @@ -325,10 +403,15 @@ static const char md4_test_str[7][81] =
>> { "message digest" },
>> { "abcdefghijklmnopqrstuvwxyz" },
>> { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
>> - { "12345678901234567890123456789012345678901234567890123456789012" \
>> + { "12345678901234567890123456789012345678901234567890123456789012"
>> "345678901234567890" }
>> };
>>
>> +static const size_t md4_test_strlen[7] =
>> +{
>> + 0, 1, 3, 14, 26, 62, 80
>> +};
>> +
>> static const unsigned char md4_test_sum[7][16] =
>> {
>> { 0x31, 0xD6, 0xCF, 0xE0, 0xD1, 0x6A, 0xE9, 0x31,
>> @@ -352,7 +435,7 @@ static const unsigned char md4_test_sum[7][16] =
>> */
>> int mbedtls_md4_self_test( int verbose )
>> {
>> - int i;
>> + int i, ret = 0;
>> unsigned char md4sum[16];
>>
>> for( i = 0; i < 7; i++ )
>> @@ -360,15 +443,14 @@ int mbedtls_md4_self_test( int verbose )
>> if( verbose != 0 )
>> mbedtls_printf( " MD4 test #%d: ", i + 1 );
>>
>> - mbedtls_md4( (unsigned char *) md4_test_str[i],
>> - strlen( md4_test_str[i] ), md4sum );
>> + ret = mbedtls_md4_ret( md4_test_str[i], md4_test_strlen[i], md4sum );
>> + if( ret != 0 )
>> + goto fail;
>>
>> if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 )
>> {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> + ret = 1;
>> + goto fail;
>> }
>>
>> if( verbose != 0 )
>> @@ -379,6 +461,12 @@ int mbedtls_md4_self_test( int verbose )
>> mbedtls_printf( "\n" );
>>
>> return( 0 );
>> +
>> +fail:
>> + if( verbose != 0 )
>> + mbedtls_printf( "failed\n" );
>> +
>> + return( ret );
>> }
>>
>> #endif /* MBEDTLS_SELF_TEST */
>> diff --git a/dll/3rdparty/mbedtls/md5.c b/dll/3rdparty/mbedtls/md5.c
>> index 758eebeb66..b4bcf76e52 100644
>> --- a/dll/3rdparty/mbedtls/md5.c
>> +++ b/dll/3rdparty/mbedtls/md5.c
>> @@ -99,7 +99,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst,
>> /*
>> * MD5 context setup
>> */
>> -void mbedtls_md5_starts( mbedtls_md5_context *ctx )
>> +int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx )
>> {
>> ctx->total[0] = 0;
>> ctx->total[1] = 0;
>> @@ -108,10 +108,20 @@ void mbedtls_md5_starts( mbedtls_md5_context *ctx )
>> ctx->state[1] = 0xEFCDAB89;
>> ctx->state[2] = 0x98BADCFE;
>> ctx->state[3] = 0x10325476;
>> +
>> + return( 0 );
>> }
>>
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md5_starts( mbedtls_md5_context *ctx )
>> +{
>> + mbedtls_md5_starts_ret( ctx );
>> +}
>> +#endif
>> +
>> #if !defined(MBEDTLS_MD5_PROCESS_ALT)
>> -void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] )
>> +int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
>> + const unsigned char data[64] )
>> {
>> uint32_t X[16], A, B, C, D;
>>
>> @@ -232,19 +242,32 @@ void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64]
>> ctx->state[1] += B;
>> ctx->state[2] += C;
>> ctx->state[3] += D;
>> +
>> + return( 0 );
>> +}
>> +
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md5_process( mbedtls_md5_context *ctx,
>> + const unsigned char data[64] )
>> +{
>> + mbedtls_internal_md5_process( ctx, data );
>> }
>> +#endif
>> #endif /* !MBEDTLS_MD5_PROCESS_ALT */
>>
>> /*
>> * MD5 process buffer
>> */
>> -void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen )
>> +int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
>> + const unsigned char *input,
>> + size_t ilen )
>> {
>> + int ret;
>> size_t fill;
>> uint32_t left;
>>
>> if( ilen == 0 )
>> - return;
>> + return( 0 );
>>
>> left = ctx->total[0] & 0x3F;
>> fill = 64 - left;
>> @@ -258,7 +281,9 @@ void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, s
>> if( left && ilen >= fill )
>> {
>> memcpy( (void *) (ctx->buffer + left), input, fill );
>> - mbedtls_md5_process( ctx, ctx->buffer );
>> + if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
>> + return( ret );
>> +
>> input += fill;
>> ilen -= fill;
>> left = 0;
>> @@ -266,7 +291,9 @@ void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, s
>>
>> while( ilen >= 64 )
>> {
>> - mbedtls_md5_process( ctx, input );
>> + if( ( ret = mbedtls_internal_md5_process( ctx, input ) ) != 0 )
>> + return( ret );
>> +
>> input += 64;
>> ilen -= 64;
>> }
>> @@ -275,59 +302,121 @@ void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, s
>> {
>> memcpy( (void *) (ctx->buffer + left), input, ilen );
>> }
>> +
>> + return( 0 );
>> }
>>
>> -static const unsigned char md5_padding[64] =
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md5_update( mbedtls_md5_context *ctx,
>> + const unsigned char *input,
>> + size_t ilen )
>> {
>> - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
>> - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
>> - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
>> - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
>> -};
>> + mbedtls_md5_update_ret( ctx, input, ilen );
>> +}
>> +#endif
>>
>> /*
>> * MD5 final digest
>> */
>> -void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] )
>> +int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
>> + unsigned char output[16] )
>> {
>> - uint32_t last, padn;
>> + int ret;
>> + uint32_t used;
>> uint32_t high, low;
>> - unsigned char msglen[8];
>>
>> + /*
>> + * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
>> + */
>> + used = ctx->total[0] & 0x3F;
>> +
>> + ctx->buffer[used++] = 0x80;
>> +
>> + if( used <= 56 )
>> + {
>> + /* Enough room for padding + length in current block */
>> + memset( ctx->buffer + used, 0, 56 - used );
>> + }
>> + else
>> + {
>> + /* We'll need an extra block */
>> + memset( ctx->buffer + used, 0, 64 - used );
>> +
>> + if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
>> + return( ret );
>> +
>> + memset( ctx->buffer, 0, 56 );
>> + }
>> +
>> + /*
>> + * Add message length
>> + */
>> high = ( ctx->total[0] >> 29 )
>> | ( ctx->total[1] << 3 );
>> low = ( ctx->total[0] << 3 );
>>
>> - PUT_UINT32_LE( low, msglen, 0 );
>> - PUT_UINT32_LE( high, msglen, 4 );
>> -
>> - last = ctx->total[0] & 0x3F;
>> - padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
>> + PUT_UINT32_LE( low, ctx->buffer, 56 );
>> + PUT_UINT32_LE( high, ctx->buffer, 60 );
>>
>> - mbedtls_md5_update( ctx, md5_padding, padn );
>> - mbedtls_md5_update( ctx, msglen, 8 );
>> + if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
>> + return( ret );
>>
>> + /*
>> + * Output final state
>> + */
>> PUT_UINT32_LE( ctx->state[0], output, 0 );
>> PUT_UINT32_LE( ctx->state[1], output, 4 );
>> PUT_UINT32_LE( ctx->state[2], output, 8 );
>> PUT_UINT32_LE( ctx->state[3], output, 12 );
>> +
>> + return( 0 );
>> +}
>> +
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md5_finish( mbedtls_md5_context *ctx,
>> + unsigned char output[16] )
>> +{
>> + mbedtls_md5_finish_ret( ctx, output );
>> }
>> +#endif
>>
>> #endif /* !MBEDTLS_MD5_ALT */
>>
>> /*
>> * output = MD5( input buffer )
>> */
>> -void mbedtls_md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
>> +int mbedtls_md5_ret( const unsigned char *input,
>> + size_t ilen,
>> + unsigned char output[16] )
>> {
>> + int ret;
>> mbedtls_md5_context ctx;
>>
>> mbedtls_md5_init( &ctx );
>> - mbedtls_md5_starts( &ctx );
>> - mbedtls_md5_update( &ctx, input, ilen );
>> - mbedtls_md5_finish( &ctx, output );
>> +
>> + if( ( ret = mbedtls_md5_starts_ret( &ctx ) ) != 0 )
>> + goto exit;
>> +
>> + if( ( ret = mbedtls_md5_update_ret( &ctx, input, ilen ) ) != 0 )
>> + goto exit;
>> +
>> + if( ( ret = mbedtls_md5_finish_ret( &ctx, output ) ) != 0 )
>> + goto exit;
>> +
>> +exit:
>> mbedtls_md5_free( &ctx );
>> +
>> + return( ret );
>> +}
>> +
>> +#if !defined(MBEDTLS_DEPRECATED_REMOVED)
>> +void mbedtls_md5( const unsigned char *input,
>> + size_t ilen,
>> + unsigned char output[16] )
>> +{
>> + mbedtls_md5_ret( input, ilen, output );
>> }
>> +#endif
>>
>> #if defined(MBEDTLS_SELF_TEST)
>> /*
>> @@ -341,11 +430,11 @@ static const unsigned char md5_test_buf[7][81] =
>> { "message digest" },
>> { "abcdefghijklmnopqrstuvwxyz" },
>> { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
>> - { "12345678901234567890123456789012345678901234567890123456789012" \
>> + { "12345678901234567890123456789012345678901234567890123456789012"
>> "345678901234567890" }
>> };
>>
>> -static const int md5_test_buflen[7] =
>> +static const size_t md5_test_buflen[7] =
>> {
>> 0, 1, 3, 14, 26, 62, 80
>> };
>> @@ -373,7 +462,7 @@ static const unsigned char md5_test_sum[7][16] =
>> */
>> int mbedtls_md5_self_test( int verbose )
>> {
>> - int i;
>> + int i, ret = 0;
>> unsigned char md5sum[16];
>>
>> for( i = 0; i < 7; i++ )
>> @@ -381,14 +470,14 @@ int mbedtls_md5_self_test( int verbose )
>> if( verbose != 0 )
>> mbedtls_printf( " MD5 test #%d: ", i + 1 );
>>
>> - mbedtls_md5( md5_test_buf[i], md5_test_buflen[i], md5sum );
>> + ret = mbedtls_md5_ret( md5_test_buf[i], md5_test_buflen[i], md5sum );
>> + if( ret != 0 )
>> + goto fail;
>>
>> if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 )
>> {
>> - if( verbose != 0 )
>> - mbedtls_printf( "failed\n" );
>> -
>> - return( 1 );
>> + ret = 1;
>> + goto fail;
>> }
>>
>> if( verbose != 0 )
>> @@ -399,6 +488,12 @@ int mbedtls_md5_self_test( int verbose )
>> mbedtls_printf( "\n" );
>>
>> return( 0 );
>> +
>> +fail:
>> + if( verbose != 0 )
>> + mbedtls_printf( "failed\n" );
>> +
>> + return( ret );
>> }
>>
>> #endif /* MBEDTLS_SELF_TEST */
>> diff --git a/dll/3rdparty/mbedtls/md_wrap.c b/dll/3rdparty/mbedtls/md_wrap.c
>> index 49c47d69d1..97067b0425 100644
>> --- a/dll/3rdparty/mbedtls/md_wrap.c
>> +++ b/dll/3rdparty/mbedtls/md_wrap.c
>> @@ -73,20 +73,20 @@
>>
>> #if defined(MBEDTLS_MD2_C)
>>
>> -static void md2_starts_wrap( void *ctx )
>> +static int md2_starts_wrap( void *ctx )
>> {
>> - mbedtls_md2_starts( (mbedtls_md2_context *) ctx );
>> + return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) );
>> }
>>
>> -static void md2_update_wrap( void *ctx, const unsigned char *input,
>> +static int md2_update_wrap( void *ctx, const unsigned char *input,
>> size_t ilen )
>> {
>> - mbedtls_md2_update( (mbedtls_md2_context *) ctx, input, ilen );
>> + return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) );
>> }
>>
>> -static void md2_finish_wrap( void *ctx, unsigned char *output )
>> +static int md2_finish_wrap( void *ctx, unsigned char *output )
>> {
>> - mbedtls_md2_finish( (mbedtls_md2_context *) ctx, output );
>> + return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) );
>> }
>>
>> static void *md2_ctx_alloc( void )
>> @@ -111,11 +111,11 @@ static void md2_clone_wrap( void *dst, const void *src )
>> (const mbedtls_md2_context *) src );
>> }
>>
>> -static void md2_process_wrap( void *ctx, const unsigned char *data )
>> +static int md2_process_wrap( void *ctx, const unsigned char *data )
>> {
>> ((void) data);
>>
>> - mbedtls_md2_process( (mbedtls_md2_context *) ctx );
>> + return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) );
>> }
>>
>> const mbedtls_md_info_t mbedtls_md2_info = {
>> @@ -126,7 +126,7 @@ const mbedtls_md_info_t mbedtls_md2_info = {
>> md2_starts_wrap,
>> md2_update_wrap,
>> md2_finish_wrap,
>> - mbedtls_md2,
>> + mbedtls_md2_ret,
>> md2_ctx_alloc,
>> md2_ctx_free,
>> md2_clone_wrap,
>> @@ -137,20 +137,20 @@ const mbedtls_md_info_t mbedtls_md2_info = {
>>
>> #if defined(MBEDTLS_MD4_C)
>>
>> -static void md4_starts_wrap( void *ctx )
>> +static int md4_starts_wrap( void *ctx )
>> {
>> - mbedtls_md4_starts( (mbedtls_md4_context *) ctx );
>> + return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) );
>> }
>>
>> -static void md4_update_wrap( void *ctx, const unsigned char *input,
>> +static int md4_update_wrap( void *ctx, const unsigned char *input,
>> size_t ilen )
>> {
>> - mbedtls_md4_update( (mbedtls_md4_context *) ctx, input, ilen );
>> + return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) );
>> }
>>
>> -static void md4_finish_wrap( void *ctx, unsigned char *output )
>> +static int md4_finish_wrap( void *ctx, unsigned char *output )
>> {
>> - mbedtls_md4_finish( (mbedtls_md4_context *) ctx, output );
>> + return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) );
>> }
>>
>> static void *md4_ctx_alloc( void )
>> @@ -172,12 +172,12 @@ static void md4_ctx_free( void *ctx )
>> static void md4_clone_wrap( void *dst, const void *src )
>> {
>> mbedtls_md4_clone( (mbedtls_md4_context *) dst,
>> - (const mbedtls_md4_context *) src );
>> + (const mbedtls_md4_context *) src );
>> }
>>
>> -static void md4_process_wrap( void *ctx, const unsigned char *data )
>> +static int md4_process_wrap( void *ctx, const unsigned char *data )
>> {
>> - mbedtls_md4_process( (mbedtls_md4_context *) ctx, data );
>> + return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) );
>> }
>>
>> const mbedtls_md_info_t mbedtls_md4_info = {
>> @@ -188,7 +188,7 @@ const mbedtls_md_info_t mbedtls_md4_info = {
>> md4_starts_wrap,
>> md4_update_wrap,
>> md4_finish_wrap,
>> - mbedtls_md4,
>> + mbedtls_md4_ret,
>> md4_ctx_alloc,
>> md4_ctx_free,
>> md4_clone_wrap,
>> @@ -199,20 +199,20 @@ const mbedtls_md_info_t mbedtls_md4_info = {
>>
>> #if defined(MBEDTLS_MD5_C)
>>
>> -static void md5_starts_wrap( void *ctx )
>> +static int md5_starts_wrap( void *ctx )
>> {
>> - mbedtls_md5_starts( (mbedtls_md5_context *) ctx );
>> + return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) );
>> }
>>
>> -static void md5_update_wrap( void *ctx, const unsigned char *input,
>> +static int md5_update_wrap( void *ctx, const unsigned char *input,
>> size_t ilen )
>> {
>> - mbedtls_md5_update( (mbedtls_md5_context *) ctx, input, ilen );
>> + return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) );
>> }
>>
>> -static void md5_finish_wrap( void *ctx, unsigned char *output )
>> +static int md5_finish_wrap( void *ctx, unsigned char *output )
>> {
>> - mbedtls_md5_finish( (mbedtls_md5_context *) ctx, output );
>> + return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) );
>> }
>>
>> static void *md5_ctx_alloc( void )
>> @@ -234,12 +234,12 @@ static void md5_ctx_free( void *ctx )
>> static void md5_clone_wrap( void *dst, const void *src )
>> {
>> mbedtls_md5_clone( (mbedtls_md5_context *) dst,
>> - (const mbedtls_md5_context *) src );
>> + (const mbedtls_md5_context *) src );
>> }
>>
>> -static void md5_process_wrap( void *ctx, const unsigned char *data )
>> +static int md5_process_wrap( void *ctx, const unsigned char *data )
>> {
>> - mbedtls_md5_process( (mbedtls_md5_context *) ctx, data );
>> + return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) );
>> }
>>
>> const mbedtls_md_info_t mbedtls_md5_info = {
>> @@ -250,7 +250,7 @@ const mbedtls_md_info_t mbedtls_md5_info = {
>> md5_starts_wrap,
>> md5_update_wrap,
>> md5_finish_wrap,
>> - mbedtls_md5,
>> + mbedtls_md5_ret,
>> md5_ctx_alloc,
>> md5_ctx_free,
>> md5_clone_wrap,
>> @@ -261,20 +261,22 @@ const mbedtls_md_info_t mbedtls_md5_info = {
>>
>> #if defined(MBEDTLS_RIPEMD160_C)
>>
>> -static void ripemd160_starts_wrap( void *ctx )
>> +static int ripemd160_starts_wrap( void *ctx )
>> {
>> - mbedtls_ripemd160_starts( (mbedtls_ripemd160_context *) ctx );
>> + return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) );
>> }
>>
>> -static void ripemd160_update_wrap( void *ctx, const unsigned char *input,
>> +static int ripemd160_update_wrap( void *ctx, const unsigned char *input,
>> size_t ilen )
>> {
>> - mbedtls_ripemd160_update( (mbedtls_ripemd160_context *) ctx, input, ilen );
>> + return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx,
>> + input, ilen ) );
>> }
>>
>> -static void ripemd160_finish_wrap( void *ctx, unsigned char *output )
>> +static int ripemd160_finish_wrap( void *ctx, unsigned char *output )
>> {
>> - mbedtls_ripemd160_finish( (mbedtls_ripemd160_context *) ctx, output );
>> + return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx,
>> + output ) );
>> }
>>
>> static void *ripemd160_ctx_alloc( void )
>> @@ -299,9 +301,10 @@ static void ripemd160_clone_wrap( void *dst, const void *src )
>> (const mbedtls_ripemd160_context *) src );
>> }
>>
>> -static void ripemd160_process_wrap( void *ctx, const unsigned char *data )
>> +static int ripemd160_process_wrap( void *ctx, const unsigned char *data )
>> {
>> - mbedtls_ripemd160_process( (mbedtls_ripemd160_context *) ctx, data );
>> + return( mbedtls_internal_ripemd160_process(
>> + (mbedtls_ripemd160_context *) ctx, data ) );
>> }
>>
>> const mbedtls_md_info_t mbedtls_ripemd160_info = {
>> @@ -312,7 +315,7 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = {
>> ripemd160_starts_wrap,
>> ripemd160_update_wrap,
>> ripemd160_finish_wrap,
>> - mbedtls_ripemd160,
>> + mbedtls_ripemd160_ret,
>> ripemd160_ctx_alloc,
>> ripemd160_ctx_free,
>> ripemd160_clone_wrap,
>> @@ -323,20 +326,21 @@ const mbedtls_md_info_t mbedtls_ripemd160_info = {
>>
>> #if defined(MBEDTLS_SHA1_C)
>>
>> -static void sha1_starts_wrap( void *ctx )
>> +static int sha1_starts_wrap( void *ctx )
>> {
>> - mbedtls_sha1_starts( (mbedtls_sha1_context *) ctx );
>> + return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) );
>> }
>>
>> -static void sha1_update_wrap( void *ctx, const unsigned char *input,
>> +static int sha1_update_wrap( void *ctx, const unsigned char *input,
>> size_t ilen )
>> {
>> - mbedtls_sha1_update( (mbedtls_sha1_context *) ctx, input, ilen );
>> + return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx,
>> + input, ilen ) );
>> }
>>
>> -static void sha1_finish_wrap( void *ctx, unsigned char *output )
>> +static int sha1_finish_wrap( void *ctx, unsigned char *output )
>> {
>> - mbedtls_sha1_finish( (mbedtls_sha1_context *) ctx, output );
>> + return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) );
>> }
>>
>> static void *sha1_ctx_alloc( void )
>> @@ -361,9 +365,10 @@ static void sha1_ctx_free( void *ctx )
>> mbedtls_free( ctx );
>> }
>>
>> -static void sha1_process_wrap( void *ctx, const unsigned char *data )
>> +static int sha1_process_wrap( void *ctx, const unsigned char *data )
>> {
>> - mbedtls_sha1_process( (mbedtls_sha1_context *) ctx, data );
>> + return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx,
>> + data ) );
>> }
>>
>> const mbedtls_md_info_t mbedtls_sha1_info = {
>> @@ -374,7 +379,7 @@ const mbedtls_md_info_t mbedtls_sha1_info = {
>> sha1_starts_wrap,
>> sha1_update_wrap,
>> sha1_finish_wrap,
>> - mbedtls_sha1,
>> + mbedtls_sha1_ret,
>> sha1_ctx_alloc,
>> sha1_ctx_free,
>> sha1_clone_wrap,
>> @@ -388,26 +393,28 @@ const mbedtls_md_info_t mbedtls_sha1_info = {
>> */
>> #if defined(MBEDTLS_SHA256_C)
>>
>> -static void sha224_starts_wrap( void *ctx )
>> +static int sha224_starts_wrap( void *ctx )
>> {
>> - mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 1 );
>> + return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) );
>> }
>>
>> -static void sha224_update_wrap( void *ctx, const unsigned char *input,
>> +static int sha224_update_wrap( void *ctx, const unsigned char *input,
>> size_t ilen )
>> {
>> - mbedtls_sha256_update( (mbedtls_sha256_context *) ctx, input, ilen );
>> + return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx,
>> + input, ilen ) );
>> }
>>
>> -static void sha224_finish_wrap( void *ctx, unsigned char *output )
>> +static int sha224_finish_wrap( void *ctx, unsigned char *output )
>> {
>> - mbedtls_sha256_finish( (mbedtls_sha256_context *) ctx, output );
>> + return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx,
>> + output ) );
>> }
>>
>> -static void sha224_wrap( const unsigned char *input, size_t ilen,
>> - unsigned char *output )
>> +static int sha224_wrap( const unsigned char *input, size_t ilen,
>> + unsigned char *output )
>> {
>> - mbedtls_sha256( input, ilen, output, 1 );
>> + return( mbedtls_sha256_ret( input, ilen, output, 1 ) );
>> }
>>
>> static void *sha224_ctx_alloc( void )
>> @@ -432,9 +439,10 @@ static void sha224_clone_wrap( void *dst, const void *src )
>> (const mbedtls_sha256_context *) src );
>> }
>>
>> -static void sha224_process_wrap( void *ctx, const unsigned char *data )
>> +static int sha224_process_wrap( void *ctx, const unsigned char *data )
>> {
>> - mbedtls_sha256_process( (mbedtls_sha256_context *) ctx, data );
>> + return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx,
>> + data ) );
>> }
>>
>> const mbedtls_md_info_t mbedtls_sha224_info = {
>> @@ -452,15 +460,15 @@ const mbedtls_md_info_t mbedtls_sha224_info = {
>> sha224_process_wrap,
>> };
>>
>> -static void sha256_starts_wrap( void *ctx )
>> +static int sha256_starts_wrap( void *ctx )
>> {
>> - mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 0 );
>> + return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) );
>> }
>>
>> -static void sha256_wrap( const unsigned char *input, size_t ilen,
>> - unsigned char *output )
>> +static int sha256_wrap( const unsigned char *input, size_t ilen,
>> + unsigned char *output )
>> {
>> - mbedtls_sha256( input, ilen, output, 0 );
>> + return( mbedtls_sha256_ret( input, ilen, output, 0 ) );
>> }
>>
>> const mbedtls_md_info_t mbedtls_sha256_info = {
>> @@ -482,26 +490,28 @@ const mbedtls_md_info_t mbedtls_sha256_info = {
>>
>> #if defined(MBEDTLS_SHA512_C)
>>
>> -static void sha384_starts_wrap( void *ctx )
>> +static int sha384_starts_wrap( void *ctx )
>> {
>> - mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 1 );
>> + return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) );
>> }
>>
>> -static void sha384_update_wrap( void *ctx, const unsigned char *input,
>> - size_t ilen )
>> +static int sha384_update_wrap( void *ctx, const unsigned char *input,
>> + size_t ilen )
>> {
>> - mbedtls_sha512_update( (mbedtls_sha512_context *) ctx, input, ilen );
>> + return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx,
>> + input, ilen ) );
>> }
>>
>> -static void sha384_finish_wrap( void *ctx, unsigned char *output )
>> +static int sha384_finish_wrap( void *ctx, unsigned char *output )
>> {
>> - mbedtls_sha512_finish( (mbedtls_sha512_context *) ctx, output );
>> + return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx,
>> + output ) );
>> }
>>
>> -static void sha384_wrap( const unsigned char *input, size_t ilen,
>> - unsigned char *output )
>> +static int sha384_wrap( const unsigned char *input, size_t ilen,
>> + unsigned char *output )
>> {
>> - mbedtls_sha512( input, ilen, output, 1 );
>> + return( mbedtls_sha512_ret( input, ilen, output, 1 ) );
>> }
>>
>> static void *sha384_ctx_alloc( void )
>> @@ -526,9 +536,10 @@ static void sha384_clone_wrap( void *dst, const void *src )
>> (const mbedtls_sha512_context *) src );
>> }
>>
>> -static void sha384_process_wrap( void *ctx, const unsigned char *data )
>> +static int sha384_process_wrap( void *ctx, const unsigned char *data )
>> {
>> - mbedtls_sha512_process( (mbedtls_sha512_context *) ctx, data );
>> + return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx,
>> + data ) );
>> }
>>
>> const mbedtls_md_info_t mbedtls_sha384_info = {
>> @@ -546,15 +557,15 @@ const mbedtls_md_info_t mbedtls_sha384_info = {
>> sha384_process_wrap,
>> };
>>
>> -static void sha512_starts_wrap( void *ctx )
>> +static int sha512_starts_wrap( void *ctx )
>> {
>> - mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 0 );
>> + return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) );
>> }
>>
>> -static void sha512_wrap( const unsigned char *input, size_t ilen,
>> - unsigned char *output )
>> +static int sha512_wrap( const unsigned char *input, size_t ilen,
>> + unsigned char *output )
>> {
>> - mbedtls_sha512( input, ilen, output, 0 );
>> + return( mbedtls_sha512_ret( input, ilen, output, 0 ) );
>> }
>>
>> const mbedtls_md_info_t mbedtls_sha512_info = {
>> diff --git a/dll/3rdparty/mbedtls/memory_buffer_alloc.c b/dll/3rdparty/mbedtls/memory_buffer_alloc.c
>> index cf0a2c69c5..73504c05e1 100644
>> --- a/dll/3rdparty/mbedtls/memory_buffer_alloc.c
>> +++ b/dll/3rdparty/mbedtls/memory_buffer_alloc.c
>> @@ -184,9 +184,9 @@ static int verify_header( memory_header *hdr )
>>
>> static int verify_chain()
>> {
>> - memory_header *prv = heap.first, *cur = heap.first->next;
>> + memory_header *prv = heap.first, *cur;
>>
>> - if( verify_header( heap.first ) != 0 )
>> + if( prv == NULL || verify_header( prv ) != 0 )
>> {
>> #if defined(MBEDTLS_MEMORY_DEBUG)
>> mbedtls_fprintf( stderr, "FATAL: verification of first header "
>> @@ -204,6 +204,8 @@ static int verify_chain()
>> return( 1 );
>> }
>>
>> + cur = heap.first->next;
>> +
>> while( cur != NULL )
>> {
>> if( verify_header( cur ) != 0 )
>> @@ -247,7 +249,9 @@ static void *buffer_alloc_calloc( size_t n, size_t size )
>>
>> original_len = len = n * size;
>>
>> - if( n != 0 && len / n != size )
>> + if( n == 0 || size == 0 || len / n != size )
>> + return( NULL );
>> + else if( len > (size_t)-MBEDTLS_MEMORY_ALIGN_MULTIPLE )
>> return( NULL );
>>
>> if( len % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
>> @@ -388,7 +392,7 @@ static void buffer_alloc_free( void *ptr )
>> if( ptr == NULL || heap.buf == NULL || heap.first == NULL )
>> return;
>>
>> - if( p < heap.buf || p > heap.buf + heap.len )
>> + if( p < heap.buf || p >= heap.buf + heap.len )
>> {
>> #if defined(MBEDTLS_MEMORY_DEBUG)
>> mbedtls_fprintf( stderr, "FATAL: mbedtls_free() outside of managed "
>> @@ -520,7 +524,9 @@ void mbedtls_memory_buffer_alloc_status()
>> heap.alloc_count, heap.free_count );
>>
>> if( heap.first->next == NULL )
>> + {
>> mbedtls_fprintf( stderr, "All memory de-allocated in stack buffer\n" );
>> + }
>> else
>> {
>> mbedtls_fprintf( stderr, "Memory currently allocated:\n" );
>> @@ -572,8 +578,7 @@ static void buffer_alloc_free_mutexed( void *ptr )
>>
>> void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len )
>> {
>> - memset( &heap, 0, sizeof(buffer_alloc_ctx) );
>> - memset( buf, 0, len );
>> + memset( &heap, 0, sizeof( buffer_alloc_ctx ) );
>>
>> #if defined(MBEDTLS_THREADING_C)
>> mbedtls_mutex_init( &heap.mutex );
>> @@ -583,20 +588,24 @@ void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len )
>> mbedtls_platform_set_calloc_free( buffer_alloc_calloc, buffer_alloc_free );
>> #endif
>>
>> - if( (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
>> + if( len < sizeof( memory_header ) + MBEDTLS_MEMORY_ALIGN_MULTIPLE )
>> + return;
>> + else if( (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
>> {
>> /* Adjust len first since buf is used in the computation */
>> len -= MBEDTLS_MEMORY_ALIGN_MULTIPLE
>> - - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
>> + - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
>> buf += MBEDTLS_MEMORY_ALIGN_MULTIPLE
>> - - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
>> + - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
>> }
>>
>> + memset( buf, 0, len );
>> +
>> heap.buf = buf;
>> heap.len = len;
>>
>> - heap.first = (memory_header *) buf;
>> - heap.first->size = len - sizeof(memory_header);
>> + heap.first = (memory_header *)buf;
>> + heap.first->size = len - sizeof( memory_header );
>> heap.first->magic1 = MAGIC1;
>> heap.first->magic2 = MAGIC2;
>> heap.first_free = heap.first;
>> diff --git a/dll/3rdparty/mbedtls/net_sockets.c b/dll/3rdparty/mbedtls/net_sockets.c
>> index 6b421999af..99348dc04f 100644
>> --- a/dll/3rdparty/mbedtls/net_sockets.c
>> +++ b/dll/3rdparty/mbedtls/net_sockets.c
>> @@ -47,11 +47,12 @@
>> #if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
>> !defined(EFI32)
>>
>> -#ifdef _WIN32_WINNT
>> +#if !defined(_WIN32_WINNT) || (_WIN32_WINNT < 0x0501)
>> #undef _WIN32_WINNT
>> -#endif
>> /* Enables getaddrinfo() & Co */
>> #define _WIN32_WINNT 0x0501
>> +#endif
>> +
>> #include <ws2tcpip.h>
>>
>> #include <winsock2.h>
>> @@ -65,8 +66,8 @@
>> #endif
>> #endif /* _MSC_VER */
>>
>> -#define read(fd,buf,len) recv(fd,(char*)buf,(int) len,0)
>> -#define write(fd,buf,len) send(fd,(char*)buf,(int) len,0)
>> +#define read(fd,buf,len) recv( fd, (char*)( buf ), (int)( len ), 0 )
>> +#define write(fd,buf,len) send( fd, (char*)( buf ), (int)( len ), 0 )
>> #define close(fd) closesocket(fd)
>>
>> static int wsa_init_done = 0;
>> @@ -87,7 +88,7 @@ static int wsa_init_done = 0;
>> #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
>>
>> /* Some MS functions want int and MSVC warns if we pass size_t,
>> - * but the standard fucntions use socklen_t, so cast only for MSVC */
>> + * but the standard functions use socklen_t, so cast only for MSVC */
>> #if defined(_MSC_VER)
>> #define MSVC_INT_CAST (int)
>> #else
>> @@ -272,13 +273,18 @@ static int net_would_block( const mbedtls_net_context *ctx )
>> */
>> static int net_would_block( const mbedtls_net_context *ctx )
>> {
>> + int err = errno;
>> +
>> /*
>> * Never return 'WOULD BLOCK' on a non-blocking socket
>> */
>> if( ( fcntl( ctx->fd, F_GETFL ) & O_NONBLOCK ) != O_NONBLOCK )
>> + {
>> + errno = err;
>> return( 0 );
>> + }
>>
>> - switch( errno )
>> + switch( errno = err )
>> {
>> #if defined EAGAIN
>> case EAGAIN:
>> diff --git a/dll/3rdparty/mbedtls/oid.c b/dll/3rdparty/mbedtls/oid.c
>> index e6fbb30dcb..962bd189a2 100644
>> --- a/dll/3rdparty/mbedtls/oid.c
>> +++ b/dll/3rdparty/mbedtls/oid.c
>> @@ -627,6 +627,51 @@ static const oid_md_alg_t oid_md_alg[] =
>> FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg)
>> FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg)
>> FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg)
>> +
>> +/*
>> + * For HMAC digestAlgorithm
>> + */
>> +typedef struct {
>> + mbedtls_oid_descriptor_t descriptor;
>> + mbedtls_md_type_t md_hmac;
>> +} oid_md_hmac_t;
>> +
>> +static const oid_md_hmac_t oid_md_hmac[] =
>> +{
>> +#if defined(MBEDTLS_SHA1_C)
>> + {
>> + { ADD_LEN( MBEDTLS_OID_HMAC_SHA1 ), "hmacSHA1", "HMAC-SHA-1" },
>> + MBEDTLS_MD_SHA1,
>> + },
>> +#endif /* MBEDTLS_SHA1_C */
>> +#if defined(MBEDTLS_SHA256_C)
>> + {
>> + { ADD_LEN( MBEDTLS_OID_HMAC_SHA224 ), "hmacSHA224", "HMAC-SHA-224" },
>> + MBEDTLS_MD_SHA224,
>> + },
>> + {
>> + { ADD_LEN( MBEDTLS_OID_HMAC_SHA256 ), "hmacSHA256", "HMAC-SHA-256" },
>> + MBEDTLS_MD_SHA256,
>> + },
>> +#endif /* MBEDTLS_SHA256_C */
>> +#if defined(MBEDTLS_SHA512_C)
>> + {
>> + { ADD_LEN( MBEDTLS_OID_HMAC_SHA384 ), "hmacSHA384", "HMAC-SHA-384" },
>> + MBEDTLS_MD_SHA384,
>> + },
>> + {
>> + { ADD_LEN( MBEDTLS_OID_HMAC_SHA512 ), "hmacSHA512", "HMAC-SHA-512" },
>> + MBEDTLS_MD_SHA512,
>> + },
>> +#endif /* MBEDTLS_SHA512_C */
>> + {
>> + { NULL, 0, NULL, NULL },
>> + MBEDTLS_MD_NONE,
>> + },
>> +};
>> +
>> +FN_OID_TYPED_FROM_ASN1(oid_md_hmac_t, md_hmac, oid_md_hmac)
>> +FN_OID_GET_ATTR1(mbedtls_oid_get_md_hmac, oid_md_hmac_t, md_hmac, mbedtls_md_type_t, md_hmac)
>> #endif /* MBEDTLS_MD_C */
>>
>> #if defined(MBEDTLS_PKCS12_C)
>> diff --git a/dll/3rdparty/mbedtls/pem.c b/dll/3rdparty/mbedtls/pem.c
>> index 2377685228..401c906eec 100644
>> --- a/dll/3rdparty/mbedtls/pem.c
>> +++ b/dll/3rdparty/mbedtls/pem.c
>> @@ -84,31 +84,33 @@ static int pem_get_iv( const unsigned char *s, unsigned char *iv,
>> return( 0 );
>> }
>>
>> -static void pem_pbkdf1( unsigned char *key, size_t keylen,
>> - unsigned char *iv,
>> - const unsigned char *pwd, size_t pwdlen )
>> +static int pem_pbkdf1( unsigned char *key, size_t keylen,
>> + unsigned char *iv,
>> + const unsigned char *pwd, size_t pwdlen )
>> {
>> mbedtls_md5_context md5_ctx;
>> unsigned char md5sum[16];
>> size_t use_len;
>> + int ret;
>>
>> mbedtls_md5_init( &md5_ctx );
>>
>> /*
>> * key[ 0..15] = MD5(pwd || IV)
>> */
>> - mbedtls_md5_starts( &md5_ctx );
>> - mbedtls_md5_update( &md5_ctx, pwd, pwdlen );
>> - mbedtls_md5_update( &md5_ctx, iv, 8 );
>> - mbedtls_md5_finish( &md5_ctx, md5sum );
>> + if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
>> + goto exit;
>> + if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
>> + goto exit;
>> + if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 )
>> + goto exit;
>> + if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
>> + goto exit;
>>
>> if( keylen <= 16 )
>> {
>> memcpy( key, md5sum, keylen );
>> -
>> - mbedtls_md5_free( &md5_ctx );
>> - mbedtls_zeroize( md5sum, 16 );
>> - return;
>> + goto exit;
>> }
>>
>> memcpy( key, md5sum, 16 );
>> @@ -116,11 +118,16 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
>> /*
>> * key[16..23] = MD5(key[ 0..15] || pwd || IV])
>> */
>> - mbedtls_md5_starts( &md5_ctx );
>> - mbedtls_md5_update( &md5_ctx, md5sum, 16 );
>> - mbedtls_md5_update( &md5_ctx, pwd, pwdlen );
>> - mbedtls_md5_update( &md5_ctx, iv, 8 );
>> - mbedtls_md5_finish( &md5_ctx, md5sum );
>> + if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
>> + goto exit;
>> + if( ( ret = mbedtls_md5_update_ret( &md5_ctx, md5sum, 16 ) ) != 0 )
>> + goto exit;
>> + if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
>> + goto exit;
>> + if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 )
>> + goto exit;
>> + if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
>> + goto exit;
>>
>> use_len = 16;
>> if( keylen < 32 )
>> @@ -128,53 +135,68 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
>>
>> memcpy( key + 16, md5sum, use_len );
>>
>> +exit:
>> mbedtls_md5_free( &md5_ctx );
>> mbedtls_zeroize( md5sum, 16 );
>> +
>> + return( ret );
>> }
>>
>> #if defined(MBEDTLS_DES_C)
>> /*
>> * Decrypt with DES-CBC, using PBKDF1 for key derivation
>> */
>> -static void pem_des_decrypt( unsigned char des_iv[8],
>> - unsigned char *buf, size_t buflen,
>> - const unsigned char *pwd, size_t pwdlen )
>> +static int pem_des_decrypt( unsigned char des_iv[8],
>> + unsigned char *buf, size_t buflen,
>> + const unsigned char *pwd, size_t pwdlen )
>> {
>> mbedtls_des_context des_ctx;
>> unsigned char des_key[8];
>> + int ret;
>>
>> mbedtls_des_init( &des_ctx );
>>
>> - pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen );
>> + if( ( ret = pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen ) ) != 0 )
>> + goto exit;
>>
>> - mbedtls_des_setkey_dec( &des_ctx, des_key );
>> - mbedtls_des_crypt_cbc( &des_ctx, MBEDTLS_DES_DECRYPT, buflen,
>> + if( ( ret = mbedtls_des_setkey_dec( &des_ctx, des_key ) ) != 0 )
>> + goto exit;
>> + ret = mbedtls_des_crypt_cbc( &des_ctx, MBEDTLS_DES_DECRYPT, buflen,
>> des_iv, buf, buf );
>>
>> +exit:
>> mbedtls_des_free( &des_ctx );
>> mbedtls_zeroize( des_key, 8 );
>> +
>> + return( ret );
>> }
>>
>> /*
>> * Decrypt with 3DES-CBC, using PBKDF1 for key derivation
>> */
>> -static void pem_des3_decrypt( unsigned char des3_iv[8],
>> - unsigned char *buf, size_t buflen,
>> - const unsigned char *pwd, size_t pwdlen )
>> +static int pem_des3_decrypt( unsigned char des3_iv[8],
>> + unsigned char *buf, size_t buflen,
>> + const unsigned char *pwd, size_t pwdlen )
>> {
>> mbedtls_des3_context des3_ctx;
>> unsigned char des3_key[24];
>> + int ret;
>>
>> mbedtls_des3_init( &des3_ctx );
>>
>> - pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen );
>> + if( ( ret = pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen ) ) != 0 )
>> + goto exit;
>>
>> - mbedtls_des3_set3key_dec( &des3_ctx, des3_key );
>> - mbedtls_des3_crypt_cbc( &des3_ctx, MBEDTLS_DES_DECRYPT, buflen,
>> + if( ( ret = mbedtls_des3_set3key_dec( &des3_ctx, des3_key ) ) != 0 )
>> + goto exit;
>> + ret = mbedtls_des3_crypt_cbc( &des3_ctx, MBEDTLS_DES_DECRYPT, buflen,
>> des3_iv, buf, buf );
>>
>> +exit:
>> mbedtls_des3_free( &des3_ctx );
>> mbedtls_zeroize( des3_key, 24 );
>> +
>> + return( ret );
>> }
>> #endif /* MBEDTLS_DES_C */
>>
>> @@ -182,23 +204,29 @@ static void pem_des3_decrypt( unsigned char des3_iv[8],
>> /*
>> * Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation
>> */
>> -static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
>> - unsigned char *buf, size_t buflen,
>> - const unsigned char *pwd, size_t pwdlen )
>> +static int pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
>> + unsigned char *buf, size_t buflen,
>> + const unsigned char *pwd, size_t pwdlen )
>> {
>> mbedtls_aes_context aes_ctx;
>> unsigned char aes_key[32];
>> + int ret;
>>
>> mbedtls_aes_init( &aes_ctx );
>>
>> - pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen );
>> + if( ( ret = pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen ) ) != 0 )
>> + goto exit;
>>
>> - mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 );
>> - mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_DECRYPT, buflen,
>> + if( ( ret = mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 ) ) != 0 )
>> + goto exit;
>> + ret = mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_DECRYPT, buflen,
>> aes_iv, buf, buf );
>>
>> +exit:
>> mbedtls_aes_free( &aes_ctx );
>> mbedtls_zeroize( aes_key, keylen );
>> +
>> + return( ret );
>> }
>> #endif /* MBEDTLS_AES_C */
>>
>> @@ -333,6 +361,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
>>
>> if( ( ret = mbedtls_base64_decode( buf, len, &len, s1, s2 - s1 ) ) != 0 )
>> {
>> + mbedtls_zeroize( buf, len );
>> mbedtls_free( buf );
>> return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
>> }
>> @@ -343,26 +372,35 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
>> ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
>> if( pwd == NULL )
>> {
>> + mbedtls_zeroize( buf, len );
>> mbedtls_free( buf );
>> return( MBEDTLS_ERR_PEM_PASSWORD_REQUIRED );
>> }
>>
>> + ret = 0;
>> +
>> #if defined(MBEDTLS_DES_C)
>> if( enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC )
>> - pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen );
>> + ret = pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen );
>> else if( enc_alg == MBEDTLS_CIPHER_DES_CBC )
>> - pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen );
>> + ret = pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen );
>> #endif /* MBEDTLS_DES_C */
>>
>> #if defined(MBEDTLS_AES_C)
>> if( enc_alg == MBEDTLS_CIPHER_AES_128_CBC )
>> - pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen );
>> + ret = pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen );
>> else if( enc_alg == MBEDTLS_CIPHER_AES_192_CBC )
>> - pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen );
>> + ret = pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen );
>> else if( enc_alg == MBEDTLS_CIPHER_AES_256_CBC )
>> - pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen );
>> + ret = pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen );
>> #endif /* MBEDTLS_AES_C */
>>
>> + if( ret != 0 )
>> + {
>> + mbedtls_free( buf );
>> + return( ret );
>> + }
>> +
>> /*
>> * The result will be ASN.1 starting with a SEQUENCE tag, with 1 to 3
>> * length bytes (allow 4 to be sure) in all known use cases.
>> @@ -371,10 +409,12 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
>> */
>> if( len <= 2 || buf[0] != 0x30 || buf[1] > 0x83 )
>> {
>> + mbedtls_zeroize( buf, len );
>> mbedtls_free( buf );
>> return( MBEDTLS_ERR_PEM_PASSWORD_MISMATCH );
>> }
>> #else
>> + mbedtls_zeroize( buf, len );
>> mbedtls_free( buf );
>> return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
>> #endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
>> @@ -389,6 +429,8 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
>>
>> void mbedtls_pem_free( mbedtls_pem_context *ctx )
>> {
>> + if( ctx->buf != NULL )
>> + mbedtls_zeroize( ctx->buf, ctx->buflen );
>> mbedtls_free( ctx->buf );
>> mbedtls_free( ctx->info );
>>
>> @@ -402,7 +444,7 @@ int mbedtls_pem_write_buffer( const char *header, const char *footer,
>> unsigned char *buf, size_t buf_len, size_t *olen )
>> {
>> int ret;
>> - unsigned char *encode_buf, *c, *p = buf;
>> + unsigned char *encode_buf = NULL, *c, *p = buf;
>> size_t len = 0, use_len, add_len = 0;
>>
>> mbedtls_base64_encode( NULL, 0, &use_len, der_data, der_len );
>> @@ -414,7 +456,8 @@ int mbedtls_pem_write_buffer( const char *header, const char *footer,
>> return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
>> }
>>
>> - if( ( encode_buf = mbedtls_calloc( 1, use_len ) ) == NULL )
>> + if( use_len != 0 &&
>> + ( ( encode_buf = mbedtls_calloc( 1, use_len ) ) == NULL ) )
>> return( MBEDTLS_ERR_PEM_ALLOC_FAILED );
>>
>> if( ( ret = mbedtls_base64_encode( encode_buf, use_len, &use_len, der_data,
>> diff --git a/dll/3rdparty/mbedtls/pk.c b/dll/3rdparty/mbedtls/pk.c
>> index 1b2f829e3f..a369df2a9e 100644
>> --- a/dll/3rdparty/mbedtls/pk.c
>> +++ b/dll/3rdparty/mbedtls/pk.c
>> @@ -31,8 +31,6 @@
>> #include "mbedtls/pk.h"
>> #include "mbedtls/pk_internal.h"
>>
>> -#include "mbedtls/bignum.h"
>> -
>> #if defined(MBEDTLS_RSA_C)
>> #include "mbedtls/rsa.h"
>> #endif
>> @@ -44,6 +42,7 @@
>> #endif
>>
>> #include <limits.h>
>> +#include <stdint.h>
>>
>> /* Implementation that should never be optimized out by the compiler */
>> static void mbedtls_zeroize( void *v, size_t n ) {
>> @@ -215,10 +214,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
>> int ret;
>> const mbedtls_pk_rsassa_pss_options *pss_opts;
>>
>> -#if defined(MBEDTLS_HAVE_INT64)
>> +#if SIZE_MAX > UINT_MAX
>> if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
>> return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
>> -#endif /* MBEDTLS_HAVE_INT64 */
>> +#endif /* SIZE_MAX > UINT_MAX */
>>
>> if( options == NULL )
>> return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
>> diff --git a/dll/3rdparty/mbedtls/pk_wrap.c b/dll/3rdparty/mbedtls/pk_wrap.c
>> index e7443b23db..2c24799e38 100644
>> --- a/dll/3rdparty/mbedtls/pk_wrap.c
>> +++ b/dll/3rdparty/mbedtls/pk_wrap.c
>> @@ -32,7 +32,6 @@
>>
>> /* Even if RSA not activated, for the sake of RSA-alt */
>> #include "mbedtls/rsa.h"
>> -#include "mbedtls/bignum.h"
>>
>> #include <string.h>
>>
>> @@ -53,6 +52,7 @@
>> #endif
>>
>> #include <limits.h>
>> +#include <stdint.h>
>>
>> #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
>> /* Implementation that should never be optimized out by the compiler */
>> @@ -70,7 +70,8 @@ static int rsa_can_do( mbedtls_pk_type_t type )
>>
>> static size_t rsa_get_bitlen( const void *ctx )
>> {
>> - return( 8 * ((const mbedtls_rsa_context *) ctx)->len );
>> + const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx;
>> + return( 8 * mbedtls_rsa_get_len( rsa ) );
>> }
>>
>> static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
>> @@ -78,21 +79,28 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
>> const unsigned char *sig, size_t sig_len )
>> {
>> int ret;
>> + mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
>> + size_t rsa_len = mbedtls_rsa_get_len( rsa );
>>
>> -#if defined(MBEDTLS_HAVE_INT64)
>> +#if SIZE_MAX > UINT_MAX
>> if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
>> return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
>> -#endif /* MBEDTLS_HAVE_INT64 */
>> +#endif /* SIZE_MAX > UINT_MAX */
>>
>> - if( sig_len < ((mbedtls_rsa_context *) ctx)->len )
>> + if( sig_len < rsa_len )
>> return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
>>
>> - if( ( ret = mbedtls_rsa_pkcs1_verify( (mbedtls_rsa_context *) ctx, NULL, NULL,
>> + if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, NULL,
>> MBEDTLS_RSA_PUBLIC, md_alg,
>> (unsigned int) hash_len, hash, sig ) ) != 0 )
>> return( ret );
>>
>> - if( sig_len > ((mbedtls_rsa_context *) ctx)->len )
>> + /* The buffer contains a valid signature followed by extra data.
>> + * We have a special error code for that so that so that callers can
>> + * use mbedtls_pk_verify() to check "Does the buffer start with a
>> + * valid signature?" and not just "Does the buffer contain a valid
>> + * signature?". */
>> + if( sig_len > rsa_len )
>> return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
>>
>> return( 0 );
>> @@ -103,14 +111,16 @@ static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
>> unsigned char *sig, size_t *sig_len,
>> int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
>> {
>> -#if defined(MBEDTLS_HAVE_INT64)
>> + mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
>> +
>> +#if SIZE_MAX > UINT_MAX
>> if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
>> return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
>> -#endif /* MBEDTLS_HAVE_INT64 */
>> +#endif /* SIZE_MAX > UINT_MAX */
>>
>> - *sig_len = ((mbedtls_rsa_context *) ctx)->len;
>> + *sig_len = mbedtls_rsa_get_len( rsa );
>>
>> - return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
>> + return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
>> md_alg, (unsigned int) hash_len, hash, sig ) );
>> }
>>
>> @@ -119,10 +129,12 @@ static int rsa_decrypt_wrap( void *ctx,
>> unsigned char *output, size_t *olen, size_t osize,
>> int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
>> {
>> - if( ilen != ((mbedtls_rsa_context *) ctx)->len )
>> + mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
>> +
>> + if( ilen != mbedtls_rsa_get_len( rsa ) )
>> return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
>>
>> - return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, f_rng, p_rng,
>> + return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng,
>> MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
>> }
>>
>> @@ -131,13 +143,14 @@ static int rsa_encrypt_wrap( void *ctx,
>> unsigned char *output, size_t *olen, size_t osize,
>> int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
>> {
>> - *olen = ((mbedtls_rsa_context *) ctx)->len;
>> + mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
>> + *olen = mbedtls_rsa_get_len( rsa );
>>
>> if( *olen > osize )
>> return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
>>
>> - return( mbedtls_rsa_pkcs1_encrypt( (mbedtls_rsa_context *) ctx,
>> - f_rng, p_rng, MBEDTLS_RSA_PUBLIC, ilen, input, output ) );
>> + return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC,
>> + ilen, input, output ) );
>> }
>>
>> static int rsa_check_pair_wrap( const void *pub, const void *prv )
>> @@ -417,10 +430,10 @@ static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
>> {
>> mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
>>
>> -#if defined(MBEDTLS_HAVE_INT64)
>> +#if SIZE_MAX > UINT_MAX
>> if( UINT_MAX < hash_len )
>> return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
>> -#endif /* MBEDTLS_HAVE_INT64 */
>> +#endif /* SIZE_MAX > UINT_MAX */
>>
>> *sig_len = rsa_alt->key_len_func( rsa_alt->key );
>>
>> diff --git a/dll/3rdparty/mbedtls/pkcs5.c b/dll/3rdparty/mbedtls/pkcs5.c
>> index 96f7a04064..e62d663d25 100644
>> --- a/dll/3rdparty/mbedtls/pkcs5.c
>> +++ b/dll/3rdparty/mbedtls/pkcs5.c
>> @@ -40,9 +40,12 @@
>> #if defined(MBEDTLS_PKCS5_C)
>>
>> #include "mbedtls/pkcs5.h"
>> +
>> +#if defined(MBEDTLS_ASN1_PARSE_C)
>> #include "mbedtls/asn1.h"
>> #include "mbedtls/cipher.h"
>> #include "mbedtls/oid.h"
>> +#endif /* MBEDTLS_ASN1_PARSE_C */
>>
>> #include <string.h>
>>
>> @@ -53,6 +56,22 @@
>> #define mbedtls_printf printf
>> #endif
>>
>> +#if !defined(MBEDTLS_ASN1_PARSE_C)
>> +int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
>> + const unsigned char *pwd, size_t pwdlen,
>> + const unsigned char *data, size_t datalen,
>> + unsigned char *output )
>> +{
>> + ((void) pbe_params);
>> + ((void) mode);
>> + ((void) pwd);
>> + ((void) pwdlen);
>> + ((void) data);
>> + ((void) datalen);
>> + ((void) output);
>> + return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
>> +}
>> +#else
>> static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
>> mbedtls_asn1_buf *salt, int *iterations,
>> int *keylen, mbedtls_md_type_t *md_type )
>> @@ -98,11 +117,9 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
>> if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 )
>> return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
>>
>> - if( MBEDTLS_OID_CMP( MBEDTLS_OID_HMAC_SHA1, &prf_alg_oid ) != 0 )
>> + if( mbedtls_oid_get_md_hmac( &prf_alg_oid, md_type ) != 0 )
>> return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
>>
>> - *md_type = MBEDTLS_MD_SHA1;
>> -
>> if( p != end )
>> return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
>> MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
>> @@ -215,6 +232,7 @@ exit:
>>
>> return( ret );
>> }
>> +#endif /* MBEDTLS_ASN1_PARSE_C */
>>
>> int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
>> size_t plen, const unsigned char *salt, size_t slen,
>> @@ -233,8 +251,10 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p
>> memset( counter, 0, 4 );
>> counter[3] = 1;
>>
>> +#if UINT_MAX > 0xFFFFFFFF
>> if( iteration_count > 0xFFFFFFFF )
>> return( MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA );
>> +#endif
>>
>> while( key_length )
>> {
>> diff --git a/dll/3rdparty/mbedtls/pkparse.c b/dll/3rdparty/mbedtls/pkparse.c
>> index 569ebf7953..c8da059163 100644
>> --- a/dll/3rdparty/mbedtls/pkparse.c
>> +++ b/dll/3rdparty/mbedtls/pkparse.c
>> @@ -62,12 +62,15 @@
>> #define mbedtls_free free
>> #endif
>>
>> -#if defined(MBEDTLS_FS_IO)
>> +#if defined(MBEDTLS_FS_IO) || \
>> + defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
>> /* Implementation that should never be optimized out by the compiler */
>> static void mbedtls_zeroize( void *v, size_t n ) {
>> volatile unsigned char *p = v; while( n-- ) *p++ = 0;
>> }
>> +#endif
>>
>> +#if defined(MBEDTLS_FS_IO)
>> /*
>> * Load all data from a file into a given buffer.
>> *
>> @@ -103,7 +106,10 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n )
>> if( fread( *buf, 1, *n, f ) != *n )
>> {
>> fclose( f );
>> +
>> + mbedtls_zeroize( *buf, *n );
>> mbedtls_free( *buf );
>> +
>> return( MBEDTLS_ERR_PK_FILE_IO_ERROR );
>> }
>>
>> @@ -177,6 +183,10 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end,
>> {
>> int ret;
>>
>> + if ( end - *p < 1 )
>> + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
>> + MBEDTLS_ERR_ASN1_OUT_OF_DATA );
>> +
>> /* Tag may be either OID or SEQUENCE */
>> params->tag = **p;
>> if( params->tag != MBEDTLS_ASN1_OID
>> @@ -522,18 +532,35 @@ static int pk_get_rsapubkey( unsigned char **p,
>> return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
>> MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
>>
>> - if( ( ret = mbedtls_asn1_get_mpi( p, end, &rsa->N ) ) != 0 ||
>> - ( ret = mbedtls_asn1_get_mpi( p, end, &rsa->E ) ) != 0 )
>> + /* Import N */
>> + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
>> return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
>>
>> - if( *p != end )
>> - return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
>> - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
>> + if( ( ret = mbedtls_rsa_import_raw( rsa, *p, len, NULL, 0, NULL, 0,
>> + NULL, 0, NULL, 0 ) ) != 0 )
>> + return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
>> +
>> + *p += len;
>>
>> - if( ( ret = mbedtls_rsa_check_pubkey( rsa ) ) != 0 )
>> + /* Import E */
>> + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
>> + return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
>> +
>> + if( ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0,
>> + NULL, 0, *p, len ) ) != 0 )
>> return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
>>
>> - rsa->len = mbedtls_mpi_size( &rsa->N );
>> + *p += len;
>> +
>> + if( mbedtls_rsa_complete( rsa ) != 0 ||
>> + mbedtls_rsa_check_pubkey( rsa ) != 0 )
>> + {
>> + return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
>> + }
>> +
>> + if( *p != end )
>> + return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
>> + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
>>
>> return( 0 );
>> }
>> @@ -645,10 +672,13 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
>> const unsigned char *key,
>> size_t keylen )
>> {
>> - int ret;
>> + int ret, version;
>> size_t len;
>> unsigned char *p, *end;
>>
>> + mbedtls_mpi T;
>> + mbedtls_mpi_init( &T );
>> +
>> p = (unsigned char *) key;
>> end = p + keylen;
>>
>> @@ -676,45 +706,88 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
>>
>> end = p + len;
>>
>> - if( ( ret = mbedtls_asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
>> + if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 )
>> {
>> return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
>> }
>>
>> - if( rsa->ver != 0 )
>> + if( version != 0 )
>> {
>> return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION );
>> }
>>
>> - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->N ) ) != 0 ||
>> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->E ) ) != 0 ||
>> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->D ) ) != 0 ||
>> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->P ) ) != 0 ||
>> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->Q ) ) != 0 ||
>> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->DP ) ) != 0 ||
>> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0 ||
>> - ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->QP ) ) != 0 )
>> - {
>> - mbedtls_rsa_free( rsa );
>> - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
>> - }
>> + /* Import N */
>> + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
>> + MBEDTLS_ASN1_INTEGER ) ) != 0 ||
>> + ( ret = mbedtls_rsa_import_raw( rsa, p, len, NULL, 0, NULL, 0,
>> + NULL, 0, NULL, 0 ) ) != 0 )
>> + goto cleanup;
>> + p += len;
>>
>> - rsa->len = mbedtls_mpi_size( &rsa->N );
>> + /* Import E */
>> + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
>> + MBEDTLS_ASN1_INTEGER ) ) != 0 ||
>> + ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0,
>> + NULL, 0, p, len ) ) != 0 )
>> + goto cleanup;
>> + p += len;
>> +
>> + /* Import D */
>> + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
>> + MBEDTLS_ASN1_INTEGER ) ) != 0 ||
>> + ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0,
>> + p, len, NULL, 0 ) ) != 0 )
>> + goto cleanup;
>> + p += len;
>> +
>> + /* Import P */
>> + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
>> + MBEDTLS_ASN1_INTEGER ) ) != 0 ||
>> + ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, p, len, NULL, 0,
>> + NULL, 0, NULL, 0 ) ) != 0 )
>> + goto cleanup;
>> + p += len;
>> +
>> + /* Import Q */
>> + if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
>> + MBEDTLS_ASN1_INTEGER ) ) != 0 ||
>> + ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, p, len,
>> + NULL, 0, NULL, 0 ) ) != 0 )
>> + goto cleanup;
>> + p += len;
>> +
>> + /* Complete the RSA private key */
>> + if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 )
>> + goto cleanup;
>> +
>> + /* Check optional parameters */
>> + if( ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ||
>> + ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ||
>> + ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 )
>> + goto cleanup;
>>
>> if( p != end )
>> {
>> - mbedtls_rsa_free( rsa );
>> - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
>> - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
>> + ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
>> + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ;
>> }
>>
>> - if( ( ret = mbedtls_rsa_check_privkey( rsa ) ) != 0 )
>> +cleanup:
>> +
>> + mbedtls_mpi_free( &T );
>> +
>> + if( ret != 0 )
>> {
>> + /* Wrap error code if it's coming from a lower level */
>> + if( ( ret & 0xff80 ) == 0 )
>> + ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret;
>> + else
>> + ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
>> +
>> mbedtls_rsa_free( rsa );
>> - return( ret );
>> }
>>
>> - return( 0 );
>> + return( ret );
>> }
>> #endif /* MBEDTLS_RSA_C */
>>
>> @@ -790,7 +863,10 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck,
>> mbedtls_ecp_keypair_free( eck );
>> return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
>> }
>> + }
>>
>> + if( p != end )
>> + {
>> /*
>> * Is 'publickey' present? If not, or if we can't read it (eg because it
>> * is compressed), create it from the private key.
>> @@ -846,6 +922,16 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck,
>>
>> /*
>> * Parse an unencrypted PKCS#8 encoded private key
>> + *
>> + * Notes:
>> + *
>> + * - This function does not own the key buffer. It is the
>> + * responsibility of the caller to take care of zeroizing
>> + * and freeing it after use.
>> + *
>> + * - The function is responsible for freeing the provided
>> + * PK context on failure.
>> + *
>> */
>> static int pk_parse_key_pkcs8_unencrypted_der(
>> mbedtls_pk_context *pk,
>> @@ -861,7 +947,7 @@ static int pk_parse_key_pkcs8_unencrypted_der(
>> const mbedtls_pk_info_t *pk_info;
>>
>> /*
>> - * This function parses the PrivatKeyInfo object (PKCS#8 v1.2 = RFC 5208)
>> + * This function parses the PrivateKeyInfo object (PKCS#8 v1.2 = RFC 5208)
>> *
>> * PrivateKeyInfo ::= SEQUENCE {
>> * version Version,
>> @@ -934,16 +1020,22 @@ static int pk_parse_key_pkcs8_unencrypted_der(
>>
>> /*
>> * Parse an encrypted PKCS#8 encoded private key
>> + *
>> + * To save space, the decryption happens in-place on the given key buffer.
>> + * Also, while this function may modify the keybuffer, it doesn't own it,
>> + * and instead it is the responsibility of the caller to zeroize and properly
>> + * free it after use.
>> + *
>> */
>> #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
>> static int pk_parse_key_pkcs8_encrypted_der(
>> mbedtls_pk_context *pk,
>> - const unsigned char *key, size_t keylen,
>> + unsigned char *key, size_t keylen,
>> const unsigned char *pwd, size_t pwdlen )
>> {
>> int ret, decrypted = 0;
>> size_t len;
>> - unsigned char buf[2048];
>> + unsigned char *buf;
>> unsigned char *p, *end;
>> mbedtls_asn1_buf pbe_alg_oid, pbe_params;
>> #if defined(MBEDTLS_PKCS12_C)
>> @@ -951,16 +1043,14 @@ static int pk_parse_key_pkcs8_encrypted_der(
>> mbedtls_md_type_t md_alg;
>> #endif
>>
>> - memset( buf, 0, sizeof( buf ) );
>> -
>> - p = (unsigned char *) key;
>> + p = key;
>> end = p + keylen;
>>
>> if( pwdlen == 0 )
>> return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED );
>>
>> /*
>> - * This function parses the EncryptedPrivatKeyInfo object (PKCS#8)
>> + * This function parses the EncryptedPrivateKeyInfo object (PKCS#8)
>> *
>> * EncryptedPrivateKeyInfo ::= SEQUENCE {
>> * encryptionAlgorithm EncryptionAlgorithmIdentifier,
>> @@ -972,6 +1062,7 @@ static int pk_parse_key_pkcs8_encrypted_der(
>> * EncryptedData ::= OCTET STRING
>> *
>> * The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo
>> + *
>> */
>> if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
>> MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
>> @@ -987,11 +1078,10 @@ static int pk_parse_key_pkcs8_encrypted_der(
>> if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
>> return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
>>
>> - if( len > sizeof( buf ) )
>> - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
>> + buf = p;
>>
>> /*
>> - * Decrypt EncryptedData with appropriate PDE
>> + * Decrypt EncryptedData with appropriate PBE
>> */
>> #if defined(MBEDTLS_PKCS12_C)
>> if( mbedtls_oid_get_pkcs12_pbe_alg( &pbe_alg_oid, &md_alg, &cipher_alg ) == 0 )
>> @@ -1083,10 +1173,8 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
>>
>> if( ret == 0 )
>> {
>> - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
>> - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
>> -
>> - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
>> + pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA );
>> + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
>> ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ),
>> pem.buf, pem.buflen ) ) != 0 )
>> {
>> @@ -1115,10 +1203,9 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
>> key, pwd, pwdlen, &len );
>> if( ret == 0 )
>> {
>> - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == NULL )
>> - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
>> + pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY );
>>
>> - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
>> + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
>> ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
>> pem.buf, pem.buflen ) ) != 0 )
>> {
>> @@ -1183,7 +1270,6 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
>> return( ret );
>> #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
>> #else
>> - ((void) ret);
>> ((void) pwd);
>> ((void) pwdlen);
>> #endif /* MBEDTLS_PEM_PARSE_C */
>> @@ -1196,12 +1282,27 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
>> * error
>> */
>> #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
>> - if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, key, keylen,
>> - pwd, pwdlen ) ) == 0 )
>> {
>> - return( 0 );
>> + unsigned char *key_copy;
>> +
>> + if( keylen == 0 )
>> + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
>> +
>> + if( ( key_copy = mbedtls_calloc( 1, keylen ) ) == NULL )
>> + return( MBEDTLS_ERR_PK_ALLOC_FAILED );
>> +
>> + memcpy( key_copy, key, keylen );
>> +
>> + ret = pk_parse_key_pkcs8_encrypted_der( pk, key_copy, keylen,
>> + pwd, pwdlen );
>> +
>> + mbedtls_zeroize( key_copy, keylen );
>> + mbedtls_free( key_copy );
>> }
>>
>> + if( ret == 0 )
>> + return( 0 );
>> +
>> mbedtls_pk_free( pk );
>>
>> if( ret == MBEDTLS_ERR_PK_PASSWORD_MISMATCH )
>> @@ -1216,29 +1317,35 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
>> mbedtls_pk_free( pk );
>>
>> #if defined(MBEDTLS_RSA_C)
>> - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
>> - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
>>
>> - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
>> - ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), key, keylen ) ) == 0 )
>> + pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA );
>> + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
>> + ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ),
>> + key, keylen ) ) != 0 )
>> + {
>> + mbedtls_pk_free( pk );
>> + }
>> + else
>> {
>> return( 0 );
>> }
>>
>> - mbedtls_pk_free( pk );
>> #endif /* MBEDTLS_RSA_C */
>>
>> #if defined(MBEDTLS_ECP_C)
>> - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == NULL )
>> - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
>>
>> - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
>> - ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), key, keylen ) ) == 0 )
>> + pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY );
>> + if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
>> + ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
>> + key, keylen ) ) != 0 )
>> + {
>> + mbedtls_pk_free( pk );
>> + }
>> + else
>> {
>> return( 0 );
>> }
>>
>> - mbedtls_pk_free( pk );
>> #endif /* MBEDTLS_ECP_C */
>>
>> return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
>> diff --git a/dll/3rdparty/mbedtls/pkwrite.c b/dll/3rdparty/mbedtls/pkwrite.c
>> index ae79cf4131..8e0bb2e605 100644
>> --- a/dll/3rdparty/mbedtls/pkwrite.c
>> +++ b/dll/3rdparty/mbedtls/pkwrite.c
>> @@ -64,13 +64,31 @@
>> * }
>> */
>> static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start,
>> - mbedtls_rsa_context *rsa )
>> + mbedtls_rsa_context *rsa )
>> {
>> int ret;
>> size_t len = 0;
>> + mbedtls_mpi T;
>>
>> - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( p, start, &rsa->E ) );
>> - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( p, start, &rsa->N ) );
>> + mbedtls_mpi_init( &T );
>> +
>> + /* Export E */
>> + if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &T ) ) != 0 ||
>> + ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 )
>> + goto end_of_export;
>> + len += ret;
>> +
>> + /* Export N */
>> + if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL, NULL, NULL, NULL ) ) != 0 ||
>> + ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 )
>> + goto end_of_export;
>> ... 18470 lines suppressed ...
>>
More information about the Ros-dev
mailing list