3 lib/mbedtls-2.26.0/configs/config-suite-b.h → lib/mbedtls-2.27.0/configs/config-suite-b.h
View file
@@ -80,8 +80,7 @@
#define MBEDTLS_AES_ROM_TABLES

/* Save RAM by adjusting to our exact needs */
#define MBEDTLS_ECP_MAX_BITS 384
#define MBEDTLS_MPI_MAX_SIZE 48 // 384 bits is 48 bytes
#define MBEDTLS_MPI_MAX_SIZE 48 // 48 bytes for a 384-bit elliptic curve

/* Save RAM at the expense of speed, see ecp.h */
#define MBEDTLS_ECP_WINDOW_SIZE 2
0 ...ls-2.26.0/configs/config-symmetric-only.h → ...ls-2.27.0/configs/config-symmetric-only.h
View file
File renamed without changes.
3 lib/mbedtls-2.26.0/configs/config-thread.h → lib/mbedtls-2.27.0/configs/config-thread.h
View file
@@ -81,8 +81,7 @@
#define MBEDTLS_AES_ROM_TABLES

/* Save RAM by adjusting to our exact needs */
#define MBEDTLS_ECP_MAX_BITS 256
#define MBEDTLS_MPI_MAX_SIZE 32 // 256 bits is 32 bytes
#define MBEDTLS_MPI_MAX_SIZE 32 // 32 bytes for a 256-bit elliptic curve

/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
0 lib/mbedtls-2.26.0/dco.txt → lib/mbedtls-2.27.0/dco.txt
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/.gitignore → lib/mbedtls-2.27.0/include/.gitignore
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/CMakeLists.txt → lib/mbedtls-2.27.0/include/CMakeLists.txt
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/aes.h → lib/mbedtls-2.27.0/include/mbedtls/aes.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/aesni.h → lib/mbedtls-2.27.0/include/mbedtls/aesni.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/arc4.h → lib/mbedtls-2.27.0/include/mbedtls/arc4.h
View file
File renamed without changes.
8 lib/mbedtls-2.26.0/include/mbedtls/aria.h → lib/mbedtls-2.27.0/include/mbedtls/aria.h
View file
@@ -61,14 +61,14 @@
/* MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED is deprecated and should not be used. */
#define MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED -0x0058 /**< ARIA hardware accelerator failed. */

#if !defined(MBEDTLS_ARIA_ALT)
// Regular implementation
//

#ifdef __cplusplus
extern "C" {
#endif

#if !defined(MBEDTLS_ARIA_ALT)
// Regular implementation
//

/**
* \brief The ARIA context-type definition.
*/
0 lib/mbedtls-2.26.0/include/mbedtls/asn1.h → lib/mbedtls-2.27.0/include/mbedtls/asn1.h
View file
File renamed without changes.
0 ...bedtls-2.26.0/include/mbedtls/asn1write.h → ...bedtls-2.27.0/include/mbedtls/asn1write.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/base64.h → lib/mbedtls-2.27.0/include/mbedtls/base64.h
View file
File renamed without changes.
38 lib/mbedtls-2.26.0/include/mbedtls/bignum.h → lib/mbedtls-2.27.0/include/mbedtls/bignum.h
View file
@@ -871,6 +871,44 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );

/** Generate a random number uniformly in a range.
*
* This function generates a random number between \p min inclusive and
* \p N exclusive.
*
* The procedure complies with RFC 6979 §3.3 (deterministic ECDSA)
* when the RNG is a suitably parametrized instance of HMAC_DRBG
* and \p min is \c 1.
*
* \note There are `N - min` possible outputs. The lower bound
* \p min can be reached, but the upper bound \p N cannot.
*
* \param X The destination MPI. This must point to an initialized MPI.
* \param min The minimum value to return.
* It must be nonnegative.
* \param N The upper bound of the range, exclusive.
* In other words, this is one plus the maximum value to return.
* \p N must be strictly larger than \p min.
* \param f_rng The RNG function to use. This must not be \c NULL.
* \param p_rng The RNG parameter to be passed to \p f_rng.
*
* \return \c 0 if successful.
* \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
* \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p min or \p N is invalid
* or if they are incompatible.
* \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if the implementation was
* unable to find a suitable value within a limited number
* of attempts. This has a negligible probability if \p N
* is significantly larger than \p min, which is the case
* for all usual cryptographic applications.
* \return Another negative error code on failure.
*/
int mbedtls_mpi_random( mbedtls_mpi *X,
mbedtls_mpi_sint min,
const mbedtls_mpi *N,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );

/**
* \brief Compute the greatest common divisor: G = gcd(A, B)
*
0 ...mbedtls-2.26.0/include/mbedtls/blowfish.h → ...mbedtls-2.27.0/include/mbedtls/blowfish.h
View file
File renamed without changes.
40 lib/mbedtls-2.26.0/include/mbedtls/bn_mul.h → lib/mbedtls-2.27.0/include/mbedtls/bn_mul.h
View file
@@ -44,6 +44,46 @@

#include "mbedtls/bignum.h"


/*
* Conversion macros for embedded constants:
* build lists of mbedtls_mpi_uint's from lists of unsigned char's grouped by 8, 4 or 2
*/
#if defined(MBEDTLS_HAVE_INT32)

#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \
( (mbedtls_mpi_uint) (a) << 0 ) | \
( (mbedtls_mpi_uint) (b) << 8 ) | \
( (mbedtls_mpi_uint) (c) << 16 ) | \
( (mbedtls_mpi_uint) (d) << 24 )

#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \
MBEDTLS_BYTES_TO_T_UINT_4( a, b, 0, 0 )

#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ), \
MBEDTLS_BYTES_TO_T_UINT_4( e, f, g, h )

#else /* 64-bits */

#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
( (mbedtls_mpi_uint) (a) << 0 ) | \
( (mbedtls_mpi_uint) (b) << 8 ) | \
( (mbedtls_mpi_uint) (c) << 16 ) | \
( (mbedtls_mpi_uint) (d) << 24 ) | \
( (mbedtls_mpi_uint) (e) << 32 ) | \
( (mbedtls_mpi_uint) (f) << 40 ) | \
( (mbedtls_mpi_uint) (g) << 48 ) | \
( (mbedtls_mpi_uint) (h) << 56 )

#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \
MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 )

#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \
MBEDTLS_BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 )

#endif /* bits in mbedtls_mpi_uint */

#if defined(MBEDTLS_HAVE_ASM)

#ifndef asm
0 ...mbedtls-2.26.0/include/mbedtls/camellia.h → ...mbedtls-2.27.0/include/mbedtls/camellia.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/ccm.h → lib/mbedtls-2.27.0/include/mbedtls/ccm.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/certs.h → lib/mbedtls-2.27.0/include/mbedtls/certs.h
View file
File renamed without changes.
0 ...mbedtls-2.26.0/include/mbedtls/chacha20.h → ...mbedtls-2.27.0/include/mbedtls/chacha20.h
View file
File renamed without changes.
0 ...edtls-2.26.0/include/mbedtls/chachapoly.h → ...edtls-2.27.0/include/mbedtls/chachapoly.h
View file
File renamed without changes.
5 ...tls-2.26.0/include/mbedtls/check_config.h → ...tls-2.27.0/include/mbedtls/check_config.h
View file
@@ -55,9 +55,8 @@
#endif
#endif /* _WIN32 */

#if defined(TARGET_LIKE_MBED) && \
( defined(MBEDTLS_NET_C) || defined(MBEDTLS_TIMING_C) )
#error "The NET and TIMING modules are not available for mbed OS - please use the network and timing functions provided by mbed OS"
#if defined(TARGET_LIKE_MBED) && defined(MBEDTLS_NET_C)
#error "The NET module is not available for mbed OS - please use the network functions provided by Mbed OS"
#endif

#if defined(MBEDTLS_DEPRECATED_WARNING) && \
0 lib/mbedtls-2.26.0/include/mbedtls/cipher.h → lib/mbedtls-2.27.0/include/mbedtls/cipher.h
View file
File renamed without changes.
0 ...-2.26.0/include/mbedtls/cipher_internal.h → ...-2.27.0/include/mbedtls/cipher_internal.h
View file
File renamed without changes.
18 lib/mbedtls-2.26.0/include/mbedtls/cmac.h → lib/mbedtls-2.27.0/include/mbedtls/cmac.h
View file
@@ -77,6 +77,12 @@ struct mbedtls_cmac_context_t
* the input data.
* Must be called with an initialized cipher context.
*
* \note When the CMAC implementation is supplied by an alternate
* implementation (through #MBEDTLS_CMAC_ALT), some ciphers
* may not be supported by that implementation, and thus
* return an error. Alternate implementations must support
* AES-128 and AES-256, and may support AES-192 and 3DES.
*
* \param ctx The cipher context used for the CMAC operation, initialized
* as one of the following types: MBEDTLS_CIPHER_AES_128_ECB,
* MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB,
@@ -154,6 +160,11 @@ int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
* The CMAC result is calculated as
* output = generic CMAC(cmac key, input buffer).
*
* \note When the CMAC implementation is supplied by an alternate
* implementation (through #MBEDTLS_CMAC_ALT), some ciphers
* may not be supported by that implementation, and thus
* return an error. Alternate implementations must support
* AES-128 and AES-256, and may support AES-192 and 3DES.
*
* \param cipher_info The cipher information.
* \param key The CMAC key.
@@ -198,6 +209,13 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
/**
* \brief The CMAC checkup routine.
*
* \note In case the CMAC routines are provided by an alternative
* implementation (i.e. #MBEDTLS_CMAC_ALT is defined), the
* checkup routine will succeed even if the implementation does
* not support the less widely used AES-192 or 3DES primitives.
* The self-test requires at least AES-128 and AES-256 to be
* supported by the underlying implementation.
*
* \return \c 0 on success.
* \return \c 1 on failure.
*/
0 ...edtls-2.26.0/include/mbedtls/compat-1.3.h → ...edtls-2.27.0/include/mbedtls/compat-1.3.h
View file
File renamed without changes.
29 lib/mbedtls-2.26.0/include/mbedtls/config.h → lib/mbedtls-2.27.0/include/mbedtls/config.h
View file
@@ -427,7 +427,7 @@
* be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
* must stay untouched.
*
* \note If you use the AES_xxx_ALT macros, then is is recommended to also set
* \note If you use the AES_xxx_ALT macros, then it is recommended to also set
* MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
* tables.
*
@@ -1338,6 +1338,22 @@
*/
#define MBEDTLS_PKCS1_V21

/** \def MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
*
* Enable support for platform built-in keys. If you enable this feature,
* you must implement the function mbedtls_psa_platform_get_builtin_key().
* See the documentation of that function for more information.
*
* Built-in keys are typically derived from a hardware unique key or
* stored in a secure element.
*
* Requires: MBEDTLS_PSA_CRYPTO_C.
*
* \warning This interface is experimental and may change or be removed
* without notice.
*/
//#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS

/** \def MBEDTLS_PSA_CRYPTO_CLIENT
*
* Enable support for PSA crypto client.
@@ -1881,7 +1897,7 @@
/**
* \def MBEDTLS_SSL_DTLS_SRTP
*
* Enable support for negotation of DTLS-SRTP (RFC 5764)
* Enable support for negotiation of DTLS-SRTP (RFC 5764)
* through the use_srtp extension.
*
* \note This feature provides the minimum functionality required
@@ -2615,6 +2631,11 @@
* Enable the CMAC (Cipher-based Message Authentication Code) mode for block
* ciphers.
*
* \note When #MBEDTLS_CMAC_ALT is active, meaning that the underlying
* implementation of the CMAC algorithm is provided by an alternate
* implementation, that alternate implementation may opt to not support
* AES-192 or 3DES as underlying block ciphers for the CMAC operation.
*
* Module: library/cmac.c
*
* Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
@@ -3595,8 +3616,8 @@
//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */

/* ECP options */
//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups. Normally determined automatically from the configured curves. */
//#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */

/* Entropy options */
262 ...edtls-2.26.0/include/mbedtls/config_psa.h → ...edtls-2.27.0/include/mbedtls/config_psa.h
View file
@@ -38,6 +38,30 @@
extern "C" {
#endif



/****************************************************************/
/* De facto synonyms */
/****************************************************************/

#if defined(PSA_WANT_ALG_ECDSA_ANY) && !defined(PSA_WANT_ALG_ECDSA)
#define PSA_WANT_ALG_ECDSA PSA_WANT_ALG_ECDSA_ANY
#elif !defined(PSA_WANT_ALG_ECDSA_ANY) && defined(PSA_WANT_ALG_ECDSA)
#define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA
#endif

#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW
#elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW PSA_WANT_ALG_RSA_PKCS1V15_SIGN
#endif



/****************************************************************/
/* Require built-in implementations based on PSA requirements */
/****************************************************************/

#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)

#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
@@ -231,16 +255,23 @@ extern "C" {
(defined(PSA_WANT_ALG_CBC_NO_PADDING) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \
(defined(PSA_WANT_ALG_CBC_PKCS7) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7))
!defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \
(defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC))
#define PSA_HAVE_SOFT_BLOCK_MODE 1
#endif

#if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \
(defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM))
#define PSA_HAVE_SOFT_BLOCK_AEAD 1
#endif

#if defined(PSA_WANT_KEY_TYPE_AES)
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
#define PSA_HAVE_SOFT_KEY_TYPE_AES 1
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
defined(PSA_HAVE_SOFT_BLOCK_MODE)
defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
defined(PSA_HAVE_SOFT_BLOCK_AEAD)
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
#define MBEDTLS_AES_C
#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
@@ -258,7 +289,8 @@ extern "C" {
#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */
#if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \
defined(PSA_HAVE_SOFT_BLOCK_MODE)
defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
defined(PSA_HAVE_SOFT_BLOCK_AEAD)
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
#define MBEDTLS_CAMELLIA_C
#endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */
@@ -295,6 +327,21 @@ extern "C" {
#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
#endif /* PSA_WANT_ALG_STREAM_CIPHER */

#if defined(PSA_WANT_ALG_CBC_MAC)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC)
#error "CBC-MAC is not yet supported via the PSA API in Mbed TLS."
#define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1
#endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */
#endif /* PSA_WANT_ALG_CBC_MAC */

#if defined(PSA_WANT_ALG_CMAC)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \
defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
#define MBEDTLS_CMAC_C
#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
#endif /* PSA_WANT_ALG_CMAC */

#if defined(PSA_WANT_ALG_CTR)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \
defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
@@ -348,20 +395,155 @@ extern "C" {
#endif
#endif /* PSA_WANT_ALG_CBC_PKCS7 */

#if defined(PSA_WANT_ALG_CCM)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \
defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
#define MBEDTLS_CCM_C
#endif
#endif /* PSA_WANT_ALG_CCM */

#if defined(PSA_WANT_ALG_GCM)
#if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \
defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA)
#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
#define MBEDTLS_GCM_C
#endif
#endif /* PSA_WANT_ALG_GCM */

#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
#define MBEDTLS_CHACHAPOLY_C
#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */

#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)
#define MBEDTLS_ECP_DP_BP256R1_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 */
#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */

#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)
#define MBEDTLS_ECP_DP_BP384R1_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 */
#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */

#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)
#define MBEDTLS_ECP_DP_BP512R1_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 */
#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */

#if defined(PSA_WANT_ECC_MONTGOMERY_255)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)
#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 */
#endif /* PSA_WANT_ECC_MONTGOMERY_255 */

#if defined(PSA_WANT_ECC_MONTGOMERY_448)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448)
/*
* Curve448 is not yet supported via the PSA API in Mbed TLS
* (https://github.com/ARMmbed/mbedtls/issues/4249).
*/
#error "Curve448 is not yet supported via the PSA API in Mbed TLS."
#define MBEDTLS_ECP_DP_CURVE448_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 */
#endif /* PSA_WANT_ECC_MONTGOMERY_448 */

#if defined(PSA_WANT_ECC_SECP_R1_192)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)
#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 */
#endif /* PSA_WANT_ECC_SECP_R1_192 */

#if defined(PSA_WANT_ECC_SECP_R1_224)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)
#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 */
#endif /* PSA_WANT_ECC_SECP_R1_224 */

#if defined(PSA_WANT_ECC_SECP_R1_256)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 */
#endif /* PSA_WANT_ECC_SECP_R1_256 */

#if defined(PSA_WANT_ECC_SECP_R1_384)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)
#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 */
#endif /* PSA_WANT_ECC_SECP_R1_384 */

#if defined(PSA_WANT_ECC_SECP_R1_521)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)
#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 */
#endif /* PSA_WANT_ECC_SECP_R1_521 */

#if defined(PSA_WANT_ECC_SECP_K1_192)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)
#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 */
#endif /* PSA_WANT_ECC_SECP_K1_192 */

#if defined(PSA_WANT_ECC_SECP_K1_224)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)
/*
* SECP224K1 is buggy via the PSA API in Mbed TLS
* (https://github.com/ARMmbed/mbedtls/issues/3541).
*/
#error "SECP224K1 is buggy via the PSA API in Mbed TLS."
#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 */
#endif /* PSA_WANT_ECC_SECP_K1_224 */

#if defined(PSA_WANT_ECC_SECP_K1_256)
#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256)
#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 */
#endif /* PSA_WANT_ECC_SECP_K1_256 */



/****************************************************************/
/* Infer PSA requirements from Mbed TLS capabilities */
/****************************************************************/

#else /* MBEDTLS_PSA_CRYPTO_CONFIG */

/*
* Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
* is not defined
*/

#if defined(MBEDTLS_CCM_C)
#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1
#define PSA_WANT_ALG_CCM 1
#endif /* MBEDTLS_CCM_C */

#if defined(MBEDTLS_CMAC_C)
#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
#define PSA_WANT_ALG_CMAC 1
#endif /* MBEDTLS_CMAC_C */

#if defined(MBEDTLS_ECDH_C)
#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1
#define PSA_WANT_ALG_ECDH 1
@@ -370,6 +552,7 @@ extern "C" {
#if defined(MBEDTLS_ECDSA_C)
#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
#define PSA_WANT_ALG_ECDSA 1
#define PSA_WANT_ALG_ECDSA_ANY 1

// Only add in DETERMINISTIC support if ECDSA is also enabled
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
@@ -386,6 +569,11 @@ extern "C" {
#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
#endif /* MBEDTLS_ECP_C */

#if defined(MBEDTLS_GCM_C)
#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1
#define PSA_WANT_ALG_GCM 1
#endif /* MBEDTLS_GCM_C */

#if defined(MBEDTLS_HKDF_C)
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
#define PSA_WANT_ALG_HMAC 1
@@ -429,6 +617,7 @@ extern "C" {
#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1
#endif /* MBEDTLSS_PKCS1_V15 */
#if defined(MBEDTLS_PKCS1_V21)
#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1
@@ -531,6 +720,73 @@ extern "C" {
#define PSA_WANT_ALG_XTS 1
#endif

#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1
#define PSA_WANT_ECC_BRAINPOOL_P_R1_256
#endif

#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1
#define PSA_WANT_ECC_BRAINPOOL_P_R1_384
#endif

#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1
#define PSA_WANT_ECC_BRAINPOOL_P_R1_512
#endif

#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1
#define PSA_WANT_ECC_MONTGOMERY_255
#endif

/* Curve448 is not yet supported via the PSA API (https://github.com/ARMmbed/mbedtls/issues/4249) */
#if 0 && defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1
#define PSA_WANT_ECC_MONTGOMERY_448
#endif

#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1
#define PSA_WANT_ECC_SECP_R1_192
#endif

#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1
#define PSA_WANT_ECC_SECP_R1_224
#endif

#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1
#define PSA_WANT_ECC_SECP_R1_256
#endif

#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1
#define PSA_WANT_ECC_SECP_R1_384
#endif

#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1
#define PSA_WANT_ECC_SECP_R1_521
#endif

#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1
#define PSA_WANT_ECC_SECP_K1_192
#endif

/* SECP224K1 is buggy via the PSA API (https://github.com/ARMmbed/mbedtls/issues/3541) */
#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1
#define PSA_WANT_ECC_SECP_K1_224
#endif

#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1
#define PSA_WANT_ECC_SECP_K1_256
#endif

#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */

/* These features are always enabled. */
0 ...mbedtls-2.26.0/include/mbedtls/ctr_drbg.h → ...mbedtls-2.27.0/include/mbedtls/ctr_drbg.h
View file
File renamed without changes.
13 lib/mbedtls-2.26.0/include/mbedtls/debug.h → lib/mbedtls-2.27.0/include/mbedtls/debug.h
View file
@@ -94,8 +94,13 @@
*/
#if defined(__has_attribute)
#if __has_attribute(format)
#if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1
#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \
__attribute__((format (printf, string_index, first_to_check)))
__attribute__((__format__ (gnu_printf, string_index, first_to_check)))
#else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */
#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \
__attribute__((format(printf, string_index, first_to_check)))
#endif
#else /* __has_attribute(format) */
#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)
#endif /* __has_attribute(format) */
@@ -115,14 +120,14 @@
*
* This module provides debugging functions.
*/
#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1800)
#if (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800)
#include <inttypes.h>
#define MBEDTLS_PRINTF_SIZET PRIuPTR
#define MBEDTLS_PRINTF_LONGLONG "I64d"
#else /* defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1800) */
#else /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
#define MBEDTLS_PRINTF_SIZET "zu"
#define MBEDTLS_PRINTF_LONGLONG "lld"
#endif /* defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1800) */
#endif /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */

#ifdef __cplusplus
extern "C" {
0 lib/mbedtls-2.26.0/include/mbedtls/des.h → lib/mbedtls-2.27.0/include/mbedtls/des.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/dhm.h → lib/mbedtls-2.27.0/include/mbedtls/dhm.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/ecdh.h → lib/mbedtls-2.27.0/include/mbedtls/ecdh.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/ecdsa.h → lib/mbedtls-2.27.0/include/mbedtls/ecdsa.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/ecjpake.h → lib/mbedtls-2.27.0/include/mbedtls/ecjpake.h
View file
File renamed without changes.
61 lib/mbedtls-2.26.0/include/mbedtls/ecp.h → lib/mbedtls-2.27.0/include/mbedtls/ecp.h
View file
@@ -96,6 +96,7 @@ extern "C" {
* - Add it at the end of this enum, otherwise you'll break the ABI by
* changing the numerical value for existing curves.
* - Increment MBEDTLS_ECP_DP_MAX below if needed.
* - Update the calculation of MBEDTLS_ECP_MAX_BITS_MIN below.
* - Add the corresponding MBEDTLS_ECP_DP_xxx_ENABLED macro definition to
* config.h.
* - List the curve as a dependency of MBEDTLS_ECP_C and
@@ -171,6 +172,40 @@ typedef struct mbedtls_ecp_point
}
mbedtls_ecp_point;

/* Determine the minimum safe value of MBEDTLS_ECP_MAX_BITS. */
#if !defined(MBEDTLS_ECP_C)
#define MBEDTLS_ECP_MAX_BITS_MIN 0
/* Note: the curves must be listed in DECREASING size! */
#elif defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 521
#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 512
#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 448
#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 384
#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 384
#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 256
#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 256
#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 256
#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 255
#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 225 // n is slightly above 2^224
#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 224
#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 192
#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
#define MBEDTLS_ECP_MAX_BITS_MIN 192
#else
#error "MBEDTLS_ECP_C enabled, but no curve?"
#endif

#if !defined(MBEDTLS_ECP_ALT)
/*
* default mbed TLS elliptic curve arithmetic implementation
@@ -245,11 +280,23 @@ mbedtls_ecp_group;
* \{
*/

#if !defined(MBEDTLS_ECP_MAX_BITS)
#if defined(MBEDTLS_ECP_MAX_BITS)

#if MBEDTLS_ECP_MAX_BITS < MBEDTLS_ECP_MAX_BITS_MIN
#error "MBEDTLS_ECP_MAX_BITS is smaller than the largest supported curve"
#endif

#elif defined(MBEDTLS_ECP_C)
/**
* The maximum size of the groups, that is, of \c N and \c P.
*/
#define MBEDTLS_ECP_MAX_BITS 521 /**< The maximum size of groups, in bits. */
#define MBEDTLS_ECP_MAX_BITS MBEDTLS_ECP_MAX_BITS_MIN

#else
/* MBEDTLS_ECP_MAX_BITS is not relevant without MBEDTLS_ECP_C, but set it
* to a nonzero value so that code that unconditionally allocates an array
* of a size based on it keeps working if built without ECC support. */
#define MBEDTLS_ECP_MAX_BITS 1
#endif

#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
@@ -258,7 +305,8 @@ mbedtls_ecp_group;
#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
/*
* Maximum "window" size used for point multiplication.
* Default: 6.
* Default: a point where higher memory usage yields disminishing performance
* returns.
* Minimum value: 2. Maximum value: 7.
*
* Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
@@ -275,7 +323,7 @@ mbedtls_ecp_group;
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/
#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< The maximum window size used. */
#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< The maximum window size used. */
#endif /* MBEDTLS_ECP_WINDOW_SIZE */

#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
@@ -466,8 +514,7 @@ mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp );

/**
* \brief This function retrieves the information defined in
* mbedtls_ecp_curve_info() for all supported curves in order
* of preference.
* mbedtls_ecp_curve_info() for all supported curves.
*
* \note This function returns information about all curves
* supported by the library. Some curves may not be
@@ -1180,7 +1227,7 @@ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
*
* \param grp_id The ECP group identifier.
* \param key The destination key.
* \param buf The the buffer containing the binary representation of the
* \param buf The buffer containing the binary representation of the
* key. (Big endian integer for Weierstrass curves, byte
* string for Montgomery curves.)
* \param buflen The length of the buffer in bytes.
0 ...tls-2.26.0/include/mbedtls/ecp_internal.h → ...tls-2.27.0/include/mbedtls/ecp_internal.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/entropy.h → lib/mbedtls-2.27.0/include/mbedtls/entropy.h
View file
File renamed without changes.
0 ...tls-2.26.0/include/mbedtls/entropy_poll.h → ...tls-2.27.0/include/mbedtls/entropy_poll.h
View file
File renamed without changes.
53 lib/mbedtls-2.26.0/include/mbedtls/error.h → lib/mbedtls-2.27.0/include/mbedtls/error.h
View file
@@ -30,6 +30,11 @@

#include <stddef.h>

#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif

/**
* Error code layout.
*
@@ -114,6 +119,54 @@ extern "C" {
#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */
#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */

/**
* \brief Combines a high-level and low-level error code together.
*
* Wrapper macro for mbedtls_error_add(). See that function for
* more details.
*/
#define MBEDTLS_ERROR_ADD( high, low ) \
mbedtls_error_add( high, low, __FILE__, __LINE__ )

#if defined(MBEDTLS_TEST_HOOKS)
/**
* \brief Testing hook called before adding/combining two error codes together.
* Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS.
*/
extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int );
#endif

/**
* \brief Combines a high-level and low-level error code together.
*
* This function can be called directly however it is usually
* called via the #MBEDTLS_ERROR_ADD macro.
*
* While a value of zero is not a negative error code, it is still an
* error code (that denotes success) and can be combined with both a
* negative error code or another value of zero.
*
* \note When invasive testing is enabled via #MBEDTLS_TEST_HOOKS, also try to
* call \link mbedtls_test_hook_error_add \endlink.
*
* \param high high-level error code. See error.h for more details.
* \param low low-level error code. See error.h for more details.
* \param file file where this error code addition occurred.
* \param line line where this error code addition occurred.
*/
static inline int mbedtls_error_add( int high, int low,
const char *file, int line )
{
#if defined(MBEDTLS_TEST_HOOKS)
if( *mbedtls_test_hook_error_add != NULL )
( *mbedtls_test_hook_error_add )( high, low, file, line );
#endif
(void)file;
(void)line;

return( high + low );
}

/**
* \brief Translate a mbed TLS error code into a string representation,
* Result is truncated if necessary and always includes a terminating
0 lib/mbedtls-2.26.0/include/mbedtls/gcm.h → lib/mbedtls-2.27.0/include/mbedtls/gcm.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/havege.h → lib/mbedtls-2.27.0/include/mbedtls/havege.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/hkdf.h → lib/mbedtls-2.27.0/include/mbedtls/hkdf.h
View file
File renamed without changes.
0 ...bedtls-2.26.0/include/mbedtls/hmac_drbg.h → ...bedtls-2.27.0/include/mbedtls/hmac_drbg.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/md.h → lib/mbedtls-2.27.0/include/mbedtls/md.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/md2.h → lib/mbedtls-2.27.0/include/mbedtls/md2.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/md4.h → lib/mbedtls-2.27.0/include/mbedtls/md4.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/md5.h → lib/mbedtls-2.27.0/include/mbedtls/md5.h
View file
File renamed without changes.
0 ...dtls-2.26.0/include/mbedtls/md_internal.h → ...dtls-2.27.0/include/mbedtls/md_internal.h
View file
File renamed without changes.
0 ...6.0/include/mbedtls/memory_buffer_alloc.h → ...7.0/include/mbedtls/memory_buffer_alloc.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/net.h → lib/mbedtls-2.27.0/include/mbedtls/net.h
View file
File renamed without changes.
0 ...dtls-2.26.0/include/mbedtls/net_sockets.h → ...dtls-2.27.0/include/mbedtls/net_sockets.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/nist_kw.h → lib/mbedtls-2.27.0/include/mbedtls/nist_kw.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/oid.h → lib/mbedtls-2.27.0/include/mbedtls/oid.h
View file
File renamed without changes.
2 lib/mbedtls-2.26.0/include/mbedtls/padlock.h → lib/mbedtls-2.27.0/include/mbedtls/padlock.h
View file
@@ -71,7 +71,7 @@ extern "C" {
*
* \param feature The feature to detect
*
* \return 1 if CPU has support for the feature, 0 otherwise
* \return non-zero if CPU has support for the feature, 0 otherwise
*/
int mbedtls_padlock_has_support( int feature );

0 lib/mbedtls-2.26.0/include/mbedtls/pem.h → lib/mbedtls-2.27.0/include/mbedtls/pem.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/pk.h → lib/mbedtls-2.27.0/include/mbedtls/pk.h
View file
File renamed without changes.
0 ...dtls-2.26.0/include/mbedtls/pk_internal.h → ...dtls-2.27.0/include/mbedtls/pk_internal.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/pkcs11.h → lib/mbedtls-2.27.0/include/mbedtls/pkcs11.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/pkcs12.h → lib/mbedtls-2.27.0/include/mbedtls/pkcs12.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/pkcs5.h → lib/mbedtls-2.27.0/include/mbedtls/pkcs5.h
View file
File renamed without changes.
0 ...mbedtls-2.26.0/include/mbedtls/platform.h → ...mbedtls-2.27.0/include/mbedtls/platform.h
View file
File renamed without changes.
0 ...ls-2.26.0/include/mbedtls/platform_time.h → ...ls-2.27.0/include/mbedtls/platform_time.h
View file
File renamed without changes.
0 ...ls-2.26.0/include/mbedtls/platform_util.h → ...ls-2.27.0/include/mbedtls/platform_util.h
View file
File renamed without changes.
0 ...mbedtls-2.26.0/include/mbedtls/poly1305.h → ...mbedtls-2.27.0/include/mbedtls/poly1305.h
View file
File renamed without changes.
7 ...mbedtls-2.26.0/include/mbedtls/psa_util.h → ...mbedtls-2.27.0/include/mbedtls/psa_util.h
View file
@@ -92,8 +92,8 @@ static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
case MBEDTLS_MODE_CBC:
if( taglen == 0 )
return( PSA_ALG_CBC_NO_PADDING );
/* Intentional fallthrough for taglen != 0 */
/* fallthrough */
else
return( 0 );
default:
return( 0 );
}
@@ -151,7 +151,8 @@ static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg
case MBEDTLS_MD_RIPEMD160:
return( PSA_ALG_RIPEMD160 );
#endif
case MBEDTLS_MD_NONE: /* Intentional fallthrough */
case MBEDTLS_MD_NONE:
return( 0 );
default:
return( 0 );
}
0 ...bedtls-2.26.0/include/mbedtls/ripemd160.h → ...bedtls-2.27.0/include/mbedtls/ripemd160.h
View file
File renamed without changes.
101 lib/mbedtls-2.26.0/include/mbedtls/rsa.h → lib/mbedtls-2.27.0/include/mbedtls/rsa.h
View file
@@ -976,12 +976,69 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
* \brief This function performs a PKCS#1 v2.1 PSS signature
* operation (RSASSA-PSS-SIGN).
*
* \note The \p hash_id in the RSA context is the one used for the
* encoding. \p md_alg in the function call is the type of hash
* that is encoded. According to <em>RFC-3447: Public-Key
* \note The \c hash_id set in \p ctx (when calling
* mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
* afterwards) selects the hash used for the
* encoding operation and for the mask generation function
* (MGF1). For more details on the encoding operation and the
* mask generation function, consult <em>RFC-3447: Public-Key
* Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
* Specifications</em> it is advised to keep both hashes the
* same.
* Specifications</em>.
*
* \note This function enforces that the provided salt length complies
* with FIPS 186-4 §5.5 (e) and RFC 8017 (PKCS#1 v2.2) §9.1.1
* step 3. The constraint is that the hash length plus the salt
* length plus 2 bytes must be at most the key length. If this
* constraint is not met, this function returns
* #MBEDTLS_ERR_RSA_BAD_INPUT_DATA.
*
* \param ctx The initialized RSA context to use.
* \param f_rng The RNG function. It must not be \c NULL.
* \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL
* if \p f_rng doesn't need a context argument.
* \param md_alg The message-digest algorithm used to hash the original data.
* Use #MBEDTLS_MD_NONE for signing raw data.
* \param hashlen The length of the message digest.
* Ths is only used if \p md_alg is #MBEDTLS_MD_NONE.
* \param hash The buffer holding the message digest or raw data.
* If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable
* buffer of length \p hashlen Bytes. If \p md_alg is not
* #MBEDTLS_MD_NONE, it must be a readable buffer of length
* the size of the hash corresponding to \p md_alg.
* \param saltlen The length of the salt that should be used.
* If passed #MBEDTLS_RSA_SALT_LEN_ANY, the function will use
* the largest possible salt length up to the hash length,
* which is the largest permitted by some standards including
* FIPS 186-4 §5.5.
* \param sig The buffer to hold the signature. This must be a writable
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
* for an 2048-bit RSA modulus. A buffer length of
* #MBEDTLS_MPI_MAX_SIZE is always safe.
*
* \return \c 0 if the signing operation was successful.
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
*/
int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
mbedtls_md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
int saltlen,
unsigned char *sig );

/**
* \brief This function performs a PKCS#1 v2.1 PSS signature
* operation (RSASSA-PSS-SIGN).
*
* \note The \c hash_id set in \p ctx (when calling
* mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
* afterwards) selects the hash used for the
* encoding operation and for the mask generation function
* (MGF1). For more details on the encoding operation and the
* mask generation function, consult <em>RFC-3447: Public-Key
* Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
* Specifications</em>.
*
* \note This function always uses the maximum possible salt size,
* up to the length of the payload hash. This choice of salt
@@ -1011,7 +1068,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
* \param md_alg The message-digest algorithm used to hash the original data.
* Use #MBEDTLS_MD_NONE for signing raw data.
* \param hashlen The length of the message digest.
* Ths is only used if \p md_alg is #MBEDTLS_MD_NONE.
* This is only used if \p md_alg is #MBEDTLS_MD_NONE.
* \param hash The buffer holding the message digest or raw data.
* If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable
* buffer of length \p hashlen Bytes. If \p md_alg is not
@@ -1137,16 +1194,15 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
* \brief This function performs a PKCS#1 v2.1 PSS verification
* operation (RSASSA-PSS-VERIFY).
*
* The hash function for the MGF mask generating function
* is that specified in the RSA context.
*
* \note The \p hash_id in the RSA context is the one used for the
* verification. \p md_alg in the function call is the type of
* hash that is verified. According to <em>RFC-3447: Public-Key
* \note The \c hash_id set in \p ctx (when calling
* mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
* afterwards) selects the hash used for the
* encoding operation and for the mask generation function
* (MGF1). For more details on the encoding operation and the
* mask generation function, consult <em>RFC-3447: Public-Key
* Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
* Specifications</em> it is advised to keep both hashes the
* same. If \p hash_id in the RSA context is unset,
* the \p md_alg from the function call is used.
* Specifications</em>. If the \c hash_id set in \p ctx is
* #MBEDTLS_MD_NONE, the \p md_alg parameter is used.
*
* \deprecated It is deprecated and discouraged to call this function
* in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
@@ -1194,13 +1250,12 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
* \brief This function performs a PKCS#1 v2.1 PSS verification
* operation (RSASSA-PSS-VERIFY).
*
* The hash function for the MGF mask generating function
* is that specified in \p mgf1_hash_id.
*
* \note The \p sig buffer must be as large as the size
* of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
*
* \note The \p hash_id in the RSA context is ignored.
* \note The \c hash_id set in \p ctx (when calling
* mbedtls_rsa_init() or by calling mbedtls_rsa_set_padding()
* afterwards) is ignored.
*
* \param ctx The initialized RSA public key context to use.
* \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE,
@@ -1219,7 +1274,13 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
* buffer of length \p hashlen Bytes. If \p md_alg is not
* #MBEDTLS_MD_NONE, it must be a readable buffer of length
* the size of the hash corresponding to \p md_alg.
* \param mgf1_hash_id The message digest used for mask generation.
* \param mgf1_hash_id The message digest algorithm used for the
* verification operation and the mask generation
* function (MGF1). For more details on the encoding
* operation and the mask generation function, consult
* <em>RFC-3447: Public-Key Cryptography Standards
* (PKCS) #1 v2.1: RSA Cryptography
* Specifications</em>.
* \param expected_salt_len The length of the salt used in padding. Use
* #MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length.
* \param sig The buffer holding the signature. This must be a readable
0 ...tls-2.26.0/include/mbedtls/rsa_internal.h → ...tls-2.27.0/include/mbedtls/rsa_internal.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/sha1.h → lib/mbedtls-2.27.0/include/mbedtls/sha1.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/sha256.h → lib/mbedtls-2.27.0/include/mbedtls/sha256.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/sha512.h → lib/mbedtls-2.27.0/include/mbedtls/sha512.h
View file
File renamed without changes.
12 lib/mbedtls-2.26.0/include/mbedtls/ssl.h → lib/mbedtls-2.27.0/include/mbedtls/ssl.h
View file
@@ -2987,7 +2987,9 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
#if defined(MBEDTLS_ECP_C)
/**
* \brief Set the allowed curves in order of preference.
* (Default: all defined curves.)
* (Default: all defined curves in order of decreasing size,
* except that Montgomery curves come last. This order
* is likely to change in a future version.)
*
* On server: this only affects selection of the ECDHE curve;
* the curves used for ECDH and ECDSA are determined by the
@@ -3019,7 +3021,9 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/**
* \brief Set the allowed hashes for signatures during the handshake.
* (Default: all available hashes except MD5.)
* (Default: all SHA-2 hashes, largest first. Also SHA-1 if
* the compile-time option
* `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` is enabled.)
*
* \note This only affects which hashes are offered and can be used
* for signatures during the handshake. Hashes for message
@@ -4327,7 +4331,7 @@ void mbedtls_ssl_session_free( mbedtls_ssl_session *session );
/**
* \brief TLS-PRF function for key derivation.
*
* \param prf The tls_prf type funtion type to be used.
* \param prf The tls_prf type function type to be used.
* \param secret Secret for the key derivation function.
* \param slen Length of the secret.
* \param label String label for the key derivation function,
@@ -4337,7 +4341,7 @@ void mbedtls_ssl_session_free( mbedtls_ssl_session *session );
* \param dstbuf The buffer holding the derived key.
* \param dlen Length of the output buffer.
*
* \return 0 on sucess. An SSL specific error on failure.
* \return 0 on success. An SSL specific error on failure.
*/
int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf,
const unsigned char *secret, size_t slen,
0 ...bedtls-2.26.0/include/mbedtls/ssl_cache.h → ...bedtls-2.27.0/include/mbedtls/ssl_cache.h
View file
File renamed without changes.
0 ...2.26.0/include/mbedtls/ssl_ciphersuites.h → ...2.27.0/include/mbedtls/ssl_ciphersuites.h
View file
File renamed without changes.
0 ...edtls-2.26.0/include/mbedtls/ssl_cookie.h → ...edtls-2.27.0/include/mbedtls/ssl_cookie.h
View file
File renamed without changes.
0 ...tls-2.26.0/include/mbedtls/ssl_internal.h → ...tls-2.27.0/include/mbedtls/ssl_internal.h
View file
File renamed without changes.
2 ...edtls-2.26.0/include/mbedtls/ssl_ticket.h → ...edtls-2.27.0/include/mbedtls/ssl_ticket.h
View file
@@ -97,7 +97,7 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
* Recommended value: 86400 (one day).
*
* \note It is highly recommended to select a cipher that is at
* least as strong as the the strongest ciphersuite
* least as strong as the strongest ciphersuite
* supported. Usually that means a 256-bit key.
*
* \note The lifetime of the keys is twice the lifetime of tickets.
0 ...bedtls-2.26.0/include/mbedtls/threading.h → ...bedtls-2.27.0/include/mbedtls/threading.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/timing.h → lib/mbedtls-2.27.0/include/mbedtls/timing.h
View file
File renamed without changes.
8 lib/mbedtls-2.26.0/include/mbedtls/version.h → lib/mbedtls-2.27.0/include/mbedtls/version.h
View file
@@ -37,17 +37,17 @@
* Major, Minor, Patchlevel
*/
#define MBEDTLS_VERSION_MAJOR 2
#define MBEDTLS_VERSION_MINOR 26
#define MBEDTLS_VERSION_MINOR 27
#define MBEDTLS_VERSION_PATCH 0

/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
#define MBEDTLS_VERSION_NUMBER 0x021A0000
#define MBEDTLS_VERSION_STRING "2.26.0"
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.26.0"
#define MBEDTLS_VERSION_NUMBER 0x021B0000
#define MBEDTLS_VERSION_STRING "2.27.0"
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.27.0"

#if defined(MBEDTLS_VERSION_C)

0 lib/mbedtls-2.26.0/include/mbedtls/x509.h → lib/mbedtls-2.27.0/include/mbedtls/x509.h
View file
File renamed without changes.
0 ...mbedtls-2.26.0/include/mbedtls/x509_crl.h → ...mbedtls-2.27.0/include/mbedtls/x509_crl.h
View file
File renamed without changes.
11 ...mbedtls-2.26.0/include/mbedtls/x509_crt.h → ...mbedtls-2.27.0/include/mbedtls/x509_crt.h
View file
@@ -263,12 +263,21 @@ typedef void mbedtls_x509_crt_restart_ctx;
/**
* Default security profile. Should provide a good balance between security
* and compatibility with current deployments.
*
* This profile permits:
* - SHA2 hashes.
* - All supported elliptic curves.
* - RSA with 2048 bits and above.
*
* New minor versions of Mbed TLS may extend this profile, for example if
* new curves are added to the library. New minor versions of Mbed TLS will
* not reduce this profile unless serious security concerns require it.
*/
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default;

/**
* Expected next default profile. Recommended for new deployments.
* Currently targets a 128-bit security level, except for RSA-2048.
* Currently targets a 128-bit security level, except for allowing RSA-2048.
*/
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next;

0 ...mbedtls-2.26.0/include/mbedtls/x509_csr.h → ...mbedtls-2.27.0/include/mbedtls/x509_csr.h
View file
File renamed without changes.
0 lib/mbedtls-2.26.0/include/mbedtls/xtea.h → lib/mbedtls-2.27.0/include/mbedtls/xtea.h
View file
File renamed without changes.
264 lib/mbedtls-2.26.0/include/psa/crypto.h → lib/mbedtls-2.27.0/include/psa/crypto.h
View file

Large diffs are not rendered by default.

92 lib/mbedtls-2.27.0/include/psa/crypto_builtin_composites.h
View file
@@ -0,0 +1,92 @@
/*
* Context structure declaration of the Mbed TLS software-based PSA drivers
* called through the PSA Crypto driver dispatch layer.
* This file contains the context structures of those algorithms which need to
* rely on other algorithms, i.e. are 'composite' algorithms.
*
* \note This file may not be included directly. Applications must
* include psa/crypto.h.
*
* \note This header and its content is not part of the Mbed TLS API and
* applications must not depend on it. Its main purpose is to define the
* multi-part state objects of the Mbed TLS software-based PSA drivers. The
* definition of these objects are then used by crypto_struct.h to define the
* implementation-defined types of PSA multi-part state objects.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

#ifndef PSA_CRYPTO_BUILTIN_COMPOSITES_H
#define PSA_CRYPTO_BUILTIN_COMPOSITES_H

#include <psa/crypto_driver_common.h>

/*
* MAC multi-part operation definitions.
*/
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
#define MBEDTLS_PSA_BUILTIN_MAC
#endif

#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
typedef struct
{
/** The HMAC algorithm in use */
psa_algorithm_t alg;
/** The hash context. */
struct psa_hash_operation_s hash_ctx;
/** The HMAC part of the context. */
uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
} mbedtls_psa_hmac_operation_t;

#define MBEDTLS_PSA_HMAC_OPERATION_INIT {0, PSA_HASH_OPERATION_INIT, {0}}
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */

#include "mbedtls/cmac.h"

typedef struct
{
psa_algorithm_t alg;
union
{
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
mbedtls_psa_hmac_operation_t hmac;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || defined(PSA_CRYPTO_DRIVER_TEST)
mbedtls_cipher_context_t cmac;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
} ctx;
} mbedtls_psa_mac_operation_t;

#define MBEDTLS_PSA_MAC_OPERATION_INIT {0, {0}}

/*
* BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY.
*/
#if defined(PSA_CRYPTO_DRIVER_TEST)

typedef mbedtls_psa_mac_operation_t mbedtls_transparent_test_driver_mac_operation_t;
typedef mbedtls_psa_mac_operation_t mbedtls_opaque_test_driver_mac_operation_t;

#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT
#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT

#endif /* PSA_CRYPTO_DRIVER_TEST */

#endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */
149 lib/mbedtls-2.27.0/include/psa/crypto_builtin_primitives.h
View file
@@ -0,0 +1,149 @@
/*
* Context structure declaration of the Mbed TLS software-based PSA drivers
* called through the PSA Crypto driver dispatch layer.
* This file contains the context structures of those algorithms which do not
* rely on other algorithms, i.e. are 'primitive' algorithms.
*
* \note This file may not be included directly. Applications must
* include psa/crypto.h.
*
* \note This header and its content is not part of the Mbed TLS API and
* applications must not depend on it. Its main purpose is to define the
* multi-part state objects of the Mbed TLS software-based PSA drivers. The
* definition of these objects are then used by crypto_struct.h to define the
* implementation-defined types of PSA multi-part state objects.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

#ifndef PSA_CRYPTO_BUILTIN_PRIMITIVES_H
#define PSA_CRYPTO_BUILTIN_PRIMITIVES_H

#include <psa/crypto_driver_common.h>

/*
* Hash multi-part operation definitions.
*/

#include "mbedtls/md2.h"
#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/sha512.h"

#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
#define MBEDTLS_PSA_BUILTIN_HASH
#endif

typedef struct
{
psa_algorithm_t alg;
union
{
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_MD2_C)
mbedtls_md2_context md2;
#endif
#if defined(MBEDTLS_MD4_C)
mbedtls_md4_context md4;
#endif
#if defined(MBEDTLS_MD5_C)
mbedtls_md5_context md5;
#endif
#if defined(MBEDTLS_RIPEMD160_C)
mbedtls_ripemd160_context ripemd160;
#endif
#if defined(MBEDTLS_SHA1_C)
mbedtls_sha1_context sha1;
#endif
#if defined(MBEDTLS_SHA256_C)
mbedtls_sha256_context sha256;
#endif
#if defined(MBEDTLS_SHA512_C)
mbedtls_sha512_context sha512;
#endif
} ctx;
} mbedtls_psa_hash_operation_t;

#define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}}

/*
* Cipher multi-part operation definitions.
*/

#include "mbedtls/cipher.h"

#if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_XTS) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7)
#define MBEDTLS_PSA_BUILTIN_CIPHER 1
#endif

typedef struct {
/* Context structure for the Mbed TLS cipher implementation. */
psa_algorithm_t alg;
uint8_t iv_length;
uint8_t block_length;
union {
unsigned int dummy;
mbedtls_cipher_context_t cipher;
} ctx;
} mbedtls_psa_cipher_operation_t;

#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}}

/*
* BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY.
*/
#if defined(PSA_CRYPTO_DRIVER_TEST)

typedef mbedtls_psa_hash_operation_t mbedtls_transparent_test_driver_hash_operation_t;

#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT MBEDTLS_PSA_HASH_OPERATION_INIT

typedef mbedtls_psa_cipher_operation_t
mbedtls_transparent_test_driver_cipher_operation_t;

typedef struct {
unsigned int initialised : 1;
mbedtls_transparent_test_driver_cipher_operation_t ctx;
} mbedtls_opaque_test_driver_cipher_operation_t;

#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
MBEDTLS_PSA_CIPHER_OPERATION_INIT

#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \
{ 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT }

#endif /* PSA_CRYPTO_DRIVER_TEST */

#endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */
153 ...bedtls-2.26.0/include/psa/crypto_compat.h → ...bedtls-2.27.0/include/psa/crypto_compat.h
View file
@@ -44,7 +44,7 @@ typedef mbedtls_svc_key_id_t psa_key_handle_t;

#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT

/** Check wether an handle is null.
/** Check whether an handle is null.
*
* \param handle Handle
*
@@ -269,6 +269,153 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key
#define PSA_ALG_AEAD_WITH_TAG_LENGTH( aead_alg, tag_length ) \
MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_AEAD_WITH_SHORTENED_TAG( aead_alg, tag_length ) )

/*
* Deprecated PSA AEAD output size macros (PSA Crypto API <= 1.0 beta3)
*/

/** The tag size for an AEAD algorithm, in bytes.
*
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
*
* \return The tag size for the specified algorithm.
* If the AEAD algorithm does not have an identified
* tag that can be distinguished from the rest of
* the ciphertext, return 0.
* If the AEAD algorithm is not recognized, return 0.
*/
#define PSA_AEAD_TAG_LENGTH_1_ARG( alg ) \
MBEDTLS_DEPRECATED_CONSTANT( size_t, \
PSA_ALG_IS_AEAD( alg ) ? \
PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \
0 )

/** The maximum size of the output of psa_aead_encrypt(), in bytes.
*
* If the size of the ciphertext buffer is at least this large, it is
* guaranteed that psa_aead_encrypt() will not fail due to an
* insufficient buffer size. Depending on the algorithm, the actual size of
* the ciphertext may be smaller.
*
* \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
* \param plaintext_length Size of the plaintext in bytes.
*
* \return The AEAD ciphertext size for the specified
* algorithm.
* If the AEAD algorithm is not recognized, return 0.
*/
#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG( alg, plaintext_length ) \
MBEDTLS_DEPRECATED_CONSTANT( size_t, \
PSA_ALG_IS_AEAD( alg ) ? \
(plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \
0 )

/** The maximum size of the output of psa_aead_decrypt(), in bytes.
*
* If the size of the plaintext buffer is at least this large, it is
* guaranteed that psa_aead_decrypt() will not fail due to an
* insufficient buffer size. Depending on the algorithm, the actual size of
* the plaintext may be smaller.
*
* \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
* \param ciphertext_length Size of the plaintext in bytes.
*
* \return The AEAD ciphertext size for the specified
* algorithm.
* If the AEAD algorithm is not recognized, return 0.
*/
#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG( alg, ciphertext_length ) \
MBEDTLS_DEPRECATED_CONSTANT( size_t, \
PSA_ALG_IS_AEAD( alg ) && \
(ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) ? \
(ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \
0 )

/** A sufficient output buffer size for psa_aead_update().
*
* If the size of the output buffer is at least this large, it is
* guaranteed that psa_aead_update() will not fail due to an
* insufficient buffer size. The actual size of the output may be smaller
* in any given call.
*
* \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
* \param input_length Size of the input in bytes.
*
* \return A sufficient output buffer size for the specified
* algorithm.
* If the AEAD algorithm is not recognized, return 0.
*/
/* For all the AEAD modes defined in this specification, it is possible
* to emit output without delay. However, hardware may not always be
* capable of this. So for modes based on a block cipher, allow the
* implementation to delay the output until it has a full block. */
#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG( alg, input_length ) \
MBEDTLS_DEPRECATED_CONSTANT( size_t, \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \
PSA_ROUND_UP_TO_MULTIPLE( PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length) ) : \
(input_length) )

/** A sufficient ciphertext buffer size for psa_aead_finish().
*
* If the size of the ciphertext buffer is at least this large, it is
* guaranteed that psa_aead_finish() will not fail due to an
* insufficient ciphertext buffer size. The actual size of the output may
* be smaller in any given call.
*
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
*
* \return A sufficient ciphertext buffer size for the
* specified algorithm.
* If the AEAD algorithm is not recognized, return 0.
*/
#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG( alg ) \
MBEDTLS_DEPRECATED_CONSTANT( size_t, \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \
PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \
0 )

/** A sufficient plaintext buffer size for psa_aead_verify().
*
* If the size of the plaintext buffer is at least this large, it is
* guaranteed that psa_aead_verify() will not fail due to an
* insufficient plaintext buffer size. The actual size of the output may
* be smaller in any given call.
*
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
*
* \return A sufficient plaintext buffer size for the
* specified algorithm.
* If the AEAD algorithm is not recognized, return 0.
*/
#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG( alg ) \
MBEDTLS_DEPRECATED_CONSTANT( size_t, \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \
PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \
0 )

#endif /* MBEDTLS_DEPRECATED_REMOVED */

/** Open a handle to an existing persistent key.
@@ -313,9 +460,9 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key
* number of open keys, the number of open key handles, or available
* memory.
* \retval #PSA_ERROR_DOES_NOT_EXIST
* There is no persistent key with key identifier \p id.
* There is no persistent key with key identifier \p key.
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \p id is not a valid persistent key identifier.
* \p key is not a valid persistent key identifier.
* \retval #PSA_ERROR_NOT_PERMITTED
* The specified key exists, but the application does not have the
* permission to access it. Note that this specification does not
32 ...bedtls-2.26.0/include/psa/crypto_config.h → ...bedtls-2.27.0/include/psa/crypto_config.h
View file
@@ -50,15 +50,23 @@
#ifndef PSA_CRYPTO_CONFIG_H
#define PSA_CRYPTO_CONFIG_H

/*
* CBC-MAC is not yet supported via the PSA API in Mbed TLS.
*/
//#define PSA_WANT_ALG_CBC_MAC 1
#define PSA_WANT_ALG_CBC_NO_PADDING 1
#define PSA_WANT_ALG_CBC_PKCS7 1
#define PSA_WANT_ALG_CCM 1
#define PSA_WANT_ALG_CMAC 1
#define PSA_WANT_ALG_CFB 1
#define PSA_WANT_ALG_CHACHA20_POLY1305 1
#define PSA_WANT_ALG_CMAC 1
#define PSA_WANT_ALG_CTR 1
#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
#define PSA_WANT_ALG_ECB_NO_PADDING 1
#define PSA_WANT_ALG_ECDH 1
#define PSA_WANT_ALG_ECDSA 1
#define PSA_WANT_ALG_GCM 1
#define PSA_WANT_ALG_HKDF 1
#define PSA_WANT_ALG_HMAC 1
#define PSA_WANT_ALG_MD2 1
@@ -80,6 +88,30 @@
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
#define PSA_WANT_ALG_XTS 1

#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1
#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1
#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1
#define PSA_WANT_ECC_MONTGOMERY_255 1
/*
* Curve448 is not yet supported via the PSA API in Mbed TLS
* (https://github.com/ARMmbed/mbedtls/issues/4249). Thus, do not enable it by
* default.
*/
//#define PSA_WANT_ECC_MONTGOMERY_448 1
#define PSA_WANT_ECC_SECP_K1_192 1
/*
* SECP224K1 is buggy via the PSA API in Mbed TLS
* (https://github.com/ARMmbed/mbedtls/issues/3541). Thus, do not enable it by
* default.
*/
//#define PSA_WANT_ECC_SECP_K1_224 1
#define PSA_WANT_ECC_SECP_K1_256 1
#define PSA_WANT_ECC_SECP_R1_192 1
#define PSA_WANT_ECC_SECP_R1_224 1
#define PSA_WANT_ECC_SECP_R1_256 1
#define PSA_WANT_ECC_SECP_R1_384 1
#define PSA_WANT_ECC_SECP_R1_521 1

#define PSA_WANT_KEY_TYPE_DERIVE 1
#define PSA_WANT_KEY_TYPE_HMAC 1
#define PSA_WANT_KEY_TYPE_AES 1
0 ...2.26.0/include/psa/crypto_driver_common.h → ...2.27.0/include/psa/crypto_driver_common.h
View file
File renamed without changes.
62 lib/mbedtls-2.27.0/include/psa/crypto_driver_contexts_composites.h
View file
@@ -0,0 +1,62 @@
/*
* Declaration of context structures for use with the PSA driver wrapper
* interface. This file contains the context structures for 'composite'
* operations, i.e. those operations which need to make use of other operations
* from the primitives (crypto_driver_contexts_primitives.h)
*
* Warning: This file will be auto-generated in the future.
*
* \note This file may not be included directly. Applications must
* include psa/crypto.h.
*
* \note This header and its content is not part of the Mbed TLS API and
* applications must not depend on it. Its main purpose is to define the
* multi-part state objects of the PSA drivers included in the cryptographic
* library. The definition of these objects are then used by crypto_struct.h
* to define the implementation-defined types of PSA multi-part state objects.
*/
/* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

#ifndef PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H
#define PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H

#include "psa/crypto_driver_common.h"

/* Include the context structure definitions for those drivers that were
* declared during the autogeneration process. */

/* Include the context structure definitions for the Mbed TLS software drivers */
#include "psa/crypto_builtin_composites.h"

/* Define the context to be used for an operation that is executed through the
* PSA Driver wrapper layer as the union of all possible driver's contexts.
*
* The union members are the driver's context structures, and the member names
* are formatted as `'drivername'_ctx`. This allows for procedural generation
* of both this file and the content of psa_crypto_driver_wrappers.c */

typedef union {
unsigned dummy; /* Make sure this union is always non-empty */
mbedtls_psa_mac_operation_t mbedtls_ctx;
#if defined(PSA_CRYPTO_DRIVER_TEST)
mbedtls_transparent_test_driver_mac_operation_t transparent_test_driver_ctx;
mbedtls_opaque_test_driver_mac_operation_t opaque_test_driver_ctx;
#endif
} psa_driver_mac_context_t;

#endif /* PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H */
/* End of automatically generated file. */
69 lib/mbedtls-2.27.0/include/psa/crypto_driver_contexts_primitives.h
View file
@@ -0,0 +1,69 @@
/*
* Declaration of context structures for use with the PSA driver wrapper
* interface. This file contains the context structures for 'primitive'
* operations, i.e. those operations which do not rely on other contexts.
*
* Warning: This file will be auto-generated in the future.
*
* \note This file may not be included directly. Applications must
* include psa/crypto.h.
*
* \note This header and its content is not part of the Mbed TLS API and
* applications must not depend on it. Its main purpose is to define the
* multi-part state objects of the PSA drivers included in the cryptographic
* library. The definition of these objects are then used by crypto_struct.h
* to define the implementation-defined types of PSA multi-part state objects.
*/
/* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

#ifndef PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H
#define PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H

#include "psa/crypto_driver_common.h"

/* Include the context structure definitions for those drivers that were
* declared during the autogeneration process. */

/* Include the context structure definitions for the Mbed TLS software drivers */
#include "psa/crypto_builtin_primitives.h"

/* Define the context to be used for an operation that is executed through the
* PSA Driver wrapper layer as the union of all possible driver's contexts.
*
* The union members are the driver's context structures, and the member names
* are formatted as `'drivername'_ctx`. This allows for procedural generation
* of both this file and the content of psa_crypto_driver_wrappers.c */

typedef union {
unsigned dummy; /* Make sure this union is always non-empty */
mbedtls_psa_hash_operation_t mbedtls_ctx;
#if defined(PSA_CRYPTO_DRIVER_TEST)
mbedtls_transparent_test_driver_hash_operation_t test_driver_ctx;
#endif
} psa_driver_hash_context_t;

typedef union {
unsigned dummy; /* Make sure this union is always non-empty */
mbedtls_psa_cipher_operation_t mbedtls_ctx;
#if defined(PSA_CRYPTO_DRIVER_TEST)
mbedtls_transparent_test_driver_cipher_operation_t transparent_test_driver_ctx;
mbedtls_opaque_test_driver_cipher_operation_t opaque_test_driver_ctx;
#endif
} psa_driver_cipher_context_t;

#endif /* PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H */
/* End of automatically generated file. */
108 ...mbedtls-2.26.0/include/psa/crypto_extra.h → ...mbedtls-2.27.0/include/psa/crypto_extra.h
View file
@@ -179,6 +179,9 @@ static inline void psa_clear_key_slot_number(
* The secure element driver for the specified lifetime does not
* support registering a key.
* \retval #PSA_ERROR_INVALID_ARGUMENT
* The identifier in \p attributes is invalid, namely the identifier is
* not in the user range.
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \p attributes specifies a lifetime which is not located
* in a secure element.
* \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -407,10 +410,9 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,

/* We need to expand the sample definition of this macro from
* the API definition. */
#undef PSA_ALG_IS_HASH_AND_SIGN
#define PSA_ALG_IS_HASH_AND_SIGN(alg) \
(PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \
PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg))
#undef PSA_ALG_IS_VENDOR_HASH_AND_SIGN
#define PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg) \
PSA_ALG_IS_DSA(alg)

/**@}*/

@@ -711,6 +713,104 @@ psa_status_t mbedtls_psa_external_get_random(

/**@}*/

/** \defgroup psa_builtin_keys Built-in keys
* @{
*/

/** The minimum value for a key identifier that is built into the
* implementation.
*
* The range of key identifiers from #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN
* to #MBEDTLS_PSA_KEY_ID_BUILTIN_MAX within the range from
* #PSA_KEY_ID_VENDOR_MIN and #PSA_KEY_ID_VENDOR_MAX and must not intersect
* with any other set of implementation-chosen key identifiers.
*
* This value is part of the library's ABI since changing it would invalidate
* the values of built-in key identifiers in applications.
*/
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t)0x7fff0000)

/** The maximum value for a key identifier that is built into the
* implementation.
*
* See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information.
*/
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t)0x7fffefff)

/** A slot number identifying a key in a driver.
*
* Values of this type are used to identify built-in keys.
*/
typedef uint64_t psa_drv_slot_number_t;

#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
/** Test whether a key identifier belongs to the builtin key range.
*
* \param key_id Key identifier to test.
*
* \retval 1
* The key identifier is a builtin key identifier.
* \retval 0
* The key identifier is not a builtin key identifier.
*/
static inline int psa_key_id_is_builtin( psa_key_id_t key_id )
{
return( ( key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ) &&
( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) );
}

/** Platform function to obtain the location and slot number of a built-in key.
*
* An application-specific implementation of this function must be provided if
* #MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled. This would typically be provided
* as part of a platform's system image.
*
* #MBEDTLS_SVC_KEY_ID_GET_KEY_ID(\p key_id) needs to be in the range from
* #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN to #MBEDTLS_PSA_KEY_ID_BUILTIN_MAX.
*
* In a multi-application configuration
* (\c MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is defined),
* this function should check that #MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(\p key_id)
* is allowed to use the given key.
*
* \param key_id The key ID for which to retrieve the
* location and slot attributes.
* \param[out] lifetime On success, the lifetime associated with the key
* corresponding to \p key_id. Lifetime is a
* combination of which driver contains the key,
* and with what persistence level the key is
* intended to be used. If the platform
* implementation does not contain specific
* information about the intended key persistence
* level, the persistence level may be reported as
* #PSA_KEY_PERSISTENCE_DEFAULT.
* \param[out] slot_number On success, the slot number known to the driver
* registered at the lifetime location reported
* through \p lifetime which corresponds to the
* requested built-in key.
*
* \retval #PSA_SUCCESS
* The requested key identifier designates a built-in key.
* In a multi-application configuration, the requested owner
* is allowed to access it.
* \retval #PSA_ERROR_DOES_NOT_EXIST
* The requested key identifier is not a built-in key which is known
* to this function. If a key exists in the key storage with this
* identifier, the data from the storage will be used.
* \return (any other error)
* Any other error is propagated to the function that requested the key.
* Common errors include:
* - #PSA_ERROR_NOT_PERMITTED: the key exists but the requested owner
* is not allowed to access it.
*/
psa_status_t mbedtls_psa_platform_get_builtin_key(
mbedtls_svc_key_id_t key_id,
psa_key_lifetime_t *lifetime,
psa_drv_slot_number_t *slot_number );
#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */

/** @} */

#ifdef __cplusplus
}
#endif
12 ...dtls-2.26.0/include/psa/crypto_platform.h → ...dtls-2.27.0/include/psa/crypto_platform.h
View file
@@ -81,6 +81,18 @@ static inline int mbedtls_key_owner_id_equal( mbedtls_key_owner_id_t id1,

#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */

/*
* When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM
* (Secure Partition Manager) integration which separates the code into two
* parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing
* Environment). When building for the SPE, an additional header file should be
* included.
*/
#if defined(MBEDTLS_PSA_CRYPTO_SPM)
#define PSA_CRYPTO_SECURE 1
#include "crypto_spe.h"
#endif // MBEDTLS_PSA_CRYPTO_SPM

#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
/** The type of the context passed to mbedtls_psa_external_get_random().
*
13 ...tls-2.26.0/include/psa/crypto_se_driver.h → ...tls-2.27.0/include/psa/crypto_se_driver.h
View file
@@ -1061,7 +1061,8 @@ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_contex
* \brief A function that generates a symmetric or asymmetric key on a secure
* element
*
* If \p type is asymmetric (#PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) = 1),
* If the key type \c type recorded in \p attributes
* is asymmetric (#PSA_KEY_TYPE_IS_ASYMMETRIC(\c type) = 1),
* the driver may export the public key at the time of generation,
* in the format documented for psa_export_public_key() by writing it
* to the \p pubkey buffer.
@@ -1158,7 +1159,7 @@ typedef struct {
* can be problemmatic to manage on embedded platforms, the inputs are passed
* to the driver via a function, `psa_drv_se_key_derivation_collateral`, that
* is called multiple times with different `collateral_id`s. Thus, for a key
* derivation algorithm that required 3 paramter inputs, the flow would look
* derivation algorithm that required 3 parameter inputs, the flow would look
* something like:
* ~~~~~~~~~~~~~{.c}
* psa_drv_se_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes);
@@ -1206,7 +1207,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t *
* element key derivation or key agreement operation
*
* Since many key derivation algorithms require multiple parameters, it is
* expeced that this function may be called multiple times for the same
* expected that this function may be called multiple times for the same
* operation, each with a different algorithm-specific `collateral_id`
*
* \param[in,out] op_context A hardware-specific structure containing any
@@ -1364,16 +1365,16 @@ typedef struct {
*
* \return #PSA_SUCCESS
* The driver was successfully registered. Applications can now
* use \p lifetime to access keys through the methods passed to
* use \p location to access keys through the methods passed to
* this function.
* \return #PSA_ERROR_BAD_STATE
* This function was called after the initialization of the
* cryptography module, and this implementation does not support
* driver registration at this stage.
* \return #PSA_ERROR_ALREADY_EXISTS
* There is already a registered driver for this value of \p lifetime.
* There is already a registered driver for this value of \p location.
* \return #PSA_ERROR_INVALID_ARGUMENT
* \p lifetime is a reserved value.
* \p location is a reserved value.
* \return #PSA_ERROR_NOT_SUPPORTED
* `methods->hal_version` is not supported by this implementation.
* \return #PSA_ERROR_INSUFFICIENT_MEMORY
127 ...mbedtls-2.26.0/include/psa/crypto_sizes.h → ...mbedtls-2.27.0/include/psa/crypto_sizes.h
View file
@@ -117,26 +117,35 @@
*/
#define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE

/** The tag size for an AEAD algorithm, in bytes.
/** The length of a tag for an AEAD algorithm, in bytes.
*
* This macro can be used to allocate a buffer of sufficient size to store the
* tag output from psa_aead_finish().
*
* See also #PSA_AEAD_TAG_MAX_SIZE.
*
* \param key_type The type of the AEAD key.
* \param key_bits The size of the AEAD key in bits.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
*
* \return The tag size for the specified algorithm.
* \return The tag length for the specified algorithm and key.
* If the AEAD algorithm does not have an identified
* tag that can be distinguished from the rest of
* the ciphertext, return 0.
* If the AEAD algorithm is not recognized, return 0.
* If the key type or AEAD algorithm is not
* recognized, or the parameters are incompatible,
* return 0.
*/
#define PSA_AEAD_TAG_LENGTH(alg) \
(PSA_ALG_IS_AEAD(alg) ? \
(((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \
0)
#define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
((void) (key_bits), 0))

/** The maximum tag size for all supported AEAD algorithms, in bytes.
*
* See also #PSA_AEAD_TAG_LENGTH(\p alg).
* See also #PSA_AEAD_TAG_LENGTH(\p key_type, \p key_bits, \p alg).
*/
#define PSA_AEAD_TAG_MAX_SIZE 16

@@ -189,7 +198,7 @@

/** This macro returns the maximum supported length of the PSK for the
* TLS-1.2 PSK-to-MS key derivation
* (#PSA_ALG_TLS12_PSK_TO_MS(\p hash_alg)).
* (#PSA_ALG_TLS12_PSK_TO_MS(\c hash_alg)).
*
* The maximum supported length does not depend on the chosen hash algorithm.
*
@@ -241,22 +250,28 @@
* insufficient buffer size. Depending on the algorithm, the actual size of
* the ciphertext may be smaller.
*
* See also #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p plaintext_length).
*
* \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
* \param key_type A symmetric key type that is
* compatible with algorithm \p alg.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
* \param plaintext_length Size of the plaintext in bytes.
*
* \return The AEAD ciphertext size for the specified
* algorithm.
* If the AEAD algorithm is not recognized, return 0.
* If the key type or AEAD algorithm is not
* recognized, or the parameters are incompatible,
* return 0.
*/
#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length) \
(PSA_AEAD_TAG_LENGTH(alg) != 0 ? \
(plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) : \
#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
(plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
0)

/** A sufficient output buffer size for psa_aead_encrypt(), for any of the
@@ -268,7 +283,8 @@
* \note This macro returns a compile-time constant if its arguments are
* compile-time constants.
*
* See also #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg, \p plaintext_length).
* See also #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p key_type, \p alg,
* \p plaintext_length).
*
* \param plaintext_length Size of the plaintext in bytes.
*
@@ -287,22 +303,29 @@
* insufficient buffer size. Depending on the algorithm, the actual size of
* the plaintext may be smaller.
*
* See also #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p ciphertext_length).
*
* \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
* \param key_type A symmetric key type that is
* compatible with algorithm \p alg.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
* \param ciphertext_length Size of the plaintext in bytes.
*
* \return The AEAD ciphertext size for the specified
* algorithm.
* If the AEAD algorithm is not recognized, return 0.
* If the key type or AEAD algorithm is not
* recognized, or the parameters are incompatible,
* return 0.
*/
#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length) \
(PSA_AEAD_TAG_LENGTH(alg) != 0 ? \
(ciphertext_length) - PSA_AEAD_TAG_LENGTH(alg) : \
#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
(ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \
(ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \
0)

/** A sufficient output buffer size for psa_aead_decrypt(), for any of the
@@ -314,7 +337,8 @@
* \note This macro returns a compile-time constant if its arguments are
* compile-time constants.
*
* See also #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg, \p ciphertext_length).
* See also #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p key_type, \p alg,
* \p ciphertext_length).
*
* \param ciphertext_length Size of the ciphertext in bytes.
*
@@ -351,11 +375,12 @@
* or the parameters are incompatible, return 0.
*/
#define PSA_AEAD_NONCE_LENGTH(key_type, alg) \
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 && \
(PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_CCM || \
PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_GCM) ? 12 : \
(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \
MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \
MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \
0 : \
(key_type) == PSA_KEY_TYPE_CHACHA20 && \
PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg) == PSA_ALG_CHACHA20_POLY1305 ? 12 : \
MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \
0)

/** The maximum default nonce size among all supported pairs of key types and
@@ -369,7 +394,7 @@
* just the largest size that may be generated by
* #psa_aead_generate_nonce().
*/
#define PSA_AEAD_NONCE_MAX_SIZE 12
#define PSA_AEAD_NONCE_MAX_SIZE 13

/** A sufficient output buffer size for psa_aead_update().
*
@@ -378,35 +403,43 @@
* insufficient buffer size. The actual size of the output may be smaller
* in any given call.
*
* See also #PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE(\p input_length).
*
* \warning This macro may evaluate its arguments multiple times or
* zero times, so you should not pass arguments that contain
* side effects.
*
* \param key_type A symmetric key type that is
* compatible with algorithm \p alg.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
* \param input_length Size of the input in bytes.
*
* \return A sufficient output buffer size for the specified
* algorithm.
* If the AEAD algorithm is not recognized, return 0.
* If the key type or AEAD algorithm is not
* recognized, or the parameters are incompatible,
* return 0.
*/
/* For all the AEAD modes defined in this specification, it is possible
* to emit output without delay. However, hardware may not always be
* capable of this. So for modes based on a block cipher, allow the
* implementation to delay the output until it has a full block. */
#define PSA_AEAD_UPDATE_OUTPUT_SIZE(alg, input_length) \
(PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length)) : \
(input_length))
#define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \
(input_length) : \
0)

/** A sufficient output buffer size for psa_aead_update(), for any of the
* supported key types and AEAD algorithms.
*
* If the size of the output buffer is at least this large, it is guaranteed
* that psa_aead_update() will not fail due to an insufficient buffer size.
*
* See also #PSA_AEAD_UPDATE_OUTPUT_SIZE(\p alg, \p input_length).
* See also #PSA_AEAD_UPDATE_OUTPUT_SIZE(\p key_type, \p alg, \p input_length).
*
* \param input_length Size of the input in bytes.
*/
@@ -420,23 +453,30 @@
* insufficient ciphertext buffer size. The actual size of the output may
* be smaller in any given call.
*
* See also #PSA_AEAD_FINISH_OUTPUT_MAX_SIZE.
*
* \param key_type A symmetric key type that is
compatible with algorithm \p alg.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
*
* \return A sufficient ciphertext buffer size for the
* specified algorithm.
* If the AEAD algorithm is not recognized, return 0.
* If the key type or AEAD algorithm is not
* recognized, or the parameters are incompatible,
* return 0.
*/
#define PSA_AEAD_FINISH_OUTPUT_SIZE(alg) \
(PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \
#define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0)

/** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the
* supported key types and AEAD algorithms.
*
* See also #PSA_AEAD_FINISH_OUTPUT_SIZE(\p alg).
* See also #PSA_AEAD_FINISH_OUTPUT_SIZE(\p key_type, \p alg).
*/
#define PSA_AEAD_FINISH_OUTPUT_MAX_SIZE (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)

@@ -447,23 +487,30 @@
* insufficient plaintext buffer size. The actual size of the output may
* be smaller in any given call.
*
* See also #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE.
*
* \param key_type A symmetric key type that is
* compatible with algorithm \p alg.
* \param alg An AEAD algorithm
* (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_AEAD(\p alg) is true).
*
* \return A sufficient plaintext buffer size for the
* specified algorithm.
* If the AEAD algorithm is not recognized, return 0.
* If the key type or AEAD algorithm is not
* recognized, or the parameters are incompatible,
* return 0.
*/
#define PSA_AEAD_VERIFY_OUTPUT_SIZE(alg) \
(PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \
#define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \
(PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \
PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \
PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \
0)

/** A sufficient plaintext buffer size for psa_aead_verify(), for any of the
* supported key types and AEAD algorithms.
*
* See also #PSA_AEAD_VERIFY_OUTPUT_SIZE(\p alg).
* See also #PSA_AEAD_VERIFY_OUTPUT_SIZE(\p key_type, \p alg).
*/
#define PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE (PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE)

182 ...bedtls-2.26.0/include/psa/crypto_struct.h → ...bedtls-2.27.0/include/psa/crypto_struct.h
View file
@@ -15,12 +15,20 @@
*
* <h3>Design notes about multipart operation structures</h3>
*
* Each multipart operation structure contains a `psa_algorithm_t alg`
* field which indicates which specific algorithm the structure is for.
* When the structure is not in use, `alg` is 0. Most of the structure
* consists of a union which is discriminated by `alg`.
* For multipart operations without driver delegation support, each multipart
* operation structure contains a `psa_algorithm_t alg` field which indicates
* which specific algorithm the structure is for. When the structure is not in
* use, `alg` is 0. Most of the structure consists of a union which is
* discriminated by `alg`.
*
* Note that when `alg` is 0, the content of other fields is undefined.
* For multipart operations with driver delegation support, each multipart
* operation structure contains an `unsigned int id` field indicating which
* driver got assigned to do the operation. When the structure is not in use,
* 'id' is 0. The structure contains also a driver context which is the union
* of the contexts of all drivers able to handle the type of multipart
* operation.
*
* Note that when `alg` or `id` is 0, the content of other fields is undefined.
* In particular, it is not guaranteed that a freshly-initialized structure
* is all-zero: we initialize structures to something like `{0, 0}`, which
* is only guaranteed to initializes the first member of the union;
@@ -65,56 +73,23 @@ extern "C" {
#include MBEDTLS_CONFIG_FILE
#endif

#include "mbedtls/cipher.h"
#include "mbedtls/cmac.h"
#include "mbedtls/gcm.h"
#include "mbedtls/md.h"
#include "mbedtls/md2.h"
#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/sha512.h"

typedef struct {

/* Include the context definition for the compiled-in drivers for the primitive
* algorithms. */
#include "psa/crypto_driver_contexts_primitives.h"

struct psa_hash_operation_s
{
/** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported.
* ID values are auto-generated in psa_driver_wrappers.h */
* ID values are auto-generated in psa_driver_wrappers.h.
* ID value zero means the context is not valid or not assigned to
* any driver (i.e. the driver context is not active, in use). */
unsigned int id;
/** Context structure for the assigned driver, when id is not zero. */
void* ctx;
} psa_operation_driver_context_t;

struct psa_hash_operation_s
{
psa_algorithm_t alg;
union
{
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_MD2_C)
mbedtls_md2_context md2;
#endif
#if defined(MBEDTLS_MD4_C)
mbedtls_md4_context md4;
#endif
#if defined(MBEDTLS_MD5_C)
mbedtls_md5_context md5;
#endif
#if defined(MBEDTLS_RIPEMD160_C)
mbedtls_ripemd160_context ripemd160;
#endif
#if defined(MBEDTLS_SHA1_C)
mbedtls_sha1_context sha1;
#endif
#if defined(MBEDTLS_SHA256_C)
mbedtls_sha256_context sha256;
#endif
#if defined(MBEDTLS_SHA512_C)
mbedtls_sha512_context sha512;
#endif
} ctx;
psa_driver_hash_context_t ctx;
};

#define PSA_HASH_OPERATION_INIT {0, {0}}
@@ -124,65 +99,53 @@ static inline struct psa_hash_operation_s psa_hash_operation_init( void )
return( v );
}

#if defined(MBEDTLS_MD_C)
typedef struct
struct psa_cipher_operation_s
{
/** The hash context. */
struct psa_hash_operation_s hash_ctx;
/** The HMAC part of the context. */
uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
} psa_hmac_internal_data;
#endif /* MBEDTLS_MD_C */
/** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported.
* ID values are auto-generated in psa_crypto_driver_wrappers.h
* ID value zero means the context is not valid or not assigned to
* any driver (i.e. none of the driver contexts are active). */
unsigned int id;

struct psa_mac_operation_s
{
psa_algorithm_t alg;
unsigned int key_set : 1;
unsigned int iv_required : 1;
unsigned int iv_set : 1;
unsigned int has_input : 1;
unsigned int is_sign : 1;
uint8_t mac_size;
union
{
unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
#if defined(MBEDTLS_MD_C)
psa_hmac_internal_data hmac;
#endif
#if defined(MBEDTLS_CMAC_C)
mbedtls_cipher_context_t cmac;
#endif
} ctx;

uint8_t default_iv_length;

psa_driver_cipher_context_t ctx;
};

#define PSA_MAC_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, {0}}
static inline struct psa_mac_operation_s psa_mac_operation_init( void )
#define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, {0}}
static inline struct psa_cipher_operation_s psa_cipher_operation_init( void )
{
const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT;
return( v );
}

struct psa_cipher_operation_s
/* Include the context definition for the compiled-in drivers for the composite
* algorithms. */
#include "psa/crypto_driver_contexts_composites.h"

struct psa_mac_operation_s
{
psa_algorithm_t alg;
unsigned int key_set : 1;
unsigned int iv_required : 1;
unsigned int iv_set : 1;
unsigned int mbedtls_in_use : 1; /* Indicates mbed TLS is handling the operation. */
uint8_t iv_size;
uint8_t block_size;
union
{
unsigned dummy; /* Enable easier initializing of the union. */
mbedtls_cipher_context_t cipher;
psa_operation_driver_context_t driver;
} ctx;
/** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping
* drivers halfway through the operation is not supported.
* ID values are auto-generated in psa_driver_wrappers.h
* ID value zero means the context is not valid or not assigned to
* any driver (i.e. none of the driver contexts are active). */
unsigned int id;
uint8_t mac_size;
unsigned int is_sign : 1;
psa_driver_mac_context_t ctx;
};

#define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, {0}}
static inline struct psa_cipher_operation_s psa_cipher_operation_init( void )
#define PSA_MAC_OPERATION_INIT {0, 0, 0, {0}}
static inline struct psa_mac_operation_s psa_mac_operation_init( void )
{
const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT;
const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
return( v );
}

@@ -207,12 +170,12 @@ static inline struct psa_aead_operation_s psa_aead_operation_init( void )
return( v );
}

#if defined(MBEDTLS_MD_C)
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
typedef struct
{
uint8_t *info;
size_t info_length;
psa_hmac_internal_data hmac;
psa_mac_operation_t hmac;
uint8_t prk[PSA_HASH_MAX_SIZE];
uint8_t output_block[PSA_HASH_MAX_SIZE];
#if PSA_HASH_MAX_SIZE > 0xff
@@ -223,9 +186,10 @@ typedef struct
unsigned int state : 2;
unsigned int info_set : 1;
} psa_hkdf_key_derivation_t;
#endif /* MBEDTLS_MD_C */
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */

#if defined(MBEDTLS_MD_C)
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
typedef enum
{
PSA_TLS12_PRF_STATE_INIT, /* no input provided */
@@ -250,17 +214,20 @@ typedef struct psa_tls12_prf_key_derivation_s

psa_tls12_prf_key_derivation_state_t state;

uint8_t *secret;
size_t secret_length;
uint8_t *seed;
size_t seed_length;
uint8_t *label;
size_t label_length;
psa_hmac_internal_data hmac;

uint8_t Ai[PSA_HASH_MAX_SIZE];

/* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */
uint8_t output_block[PSA_HASH_MAX_SIZE];
} psa_tls12_prf_key_derivation_t;
#endif /* MBEDTLS_MD_C */
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */

struct psa_key_derivation_s
{
@@ -271,8 +238,11 @@ struct psa_key_derivation_s
{
/* Make the union non-empty even with no supported algorithms. */
uint8_t dummy;
#if defined(MBEDTLS_MD_C)
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
psa_hkdf_key_derivation_t hkdf;
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
psa_tls12_prf_key_derivation_t tls12_prf;
#endif
} ctx;
@@ -421,9 +391,19 @@ static inline psa_key_lifetime_t psa_get_key_lifetime(
return( attributes->core.lifetime );
}

static inline void psa_extend_key_usage_flags( psa_key_usage_t *usage_flags )
{
if( *usage_flags & PSA_KEY_USAGE_SIGN_HASH )
*usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;

if( *usage_flags & PSA_KEY_USAGE_VERIFY_HASH )
*usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
}

static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
psa_key_usage_t usage_flags)
{
psa_extend_key_usage_flags( &usage_flags );
attributes->core.policy.usage = usage_flags;
}

0 ...mbedtls-2.26.0/include/psa/crypto_types.h → ...mbedtls-2.27.0/include/psa/crypto_types.h
View file
File renamed without changes.