mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-22 20:05:40 +00:00
Merge pull request #814 from ARMmbed/mbedtls-2.16.10-rc0-pr
Mbedtls 2.16.10 rc0 pr
This commit is contained in:
commit
d61fa61bef
47
ChangeLog
47
ChangeLog
|
@ -1,5 +1,52 @@
|
|||
mbed TLS ChangeLog (Sorted per branch, date)
|
||||
|
||||
= mbed TLS 2.16.10 branch released 2021-03-12
|
||||
|
||||
Default behavior changes
|
||||
* In mbedtls_rsa_context objects, the ver field was formerly documented
|
||||
as always 0. It is now reserved for internal purposes and may take
|
||||
different values.
|
||||
|
||||
Security
|
||||
* Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
|
||||
|A| - |B| where |B| is larger than |A| and has more limbs (so the
|
||||
function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
|
||||
applications calling mbedtls_mpi_sub_abs() directly are affected:
|
||||
all calls inside the library were safe since this function is
|
||||
only called with |A| >= |B|. Reported by Guido Vranken in #4042.
|
||||
* Fix an errorneous estimation for an internal buffer in
|
||||
mbedtls_pk_write_key_pem(). If MBEDTLS_MPI_MAX_SIZE is set to an odd
|
||||
value the function might fail to write a private RSA keys of the largest
|
||||
supported size.
|
||||
Found by Daniel Otte, reported in #4093 and fixed in #4094,
|
||||
backported in #4100.
|
||||
* Fix a stack buffer overflow with mbedtls_net_poll() and
|
||||
mbedtls_net_recv_timeout() when given a file descriptor that is
|
||||
beyond FD_SETSIZE. Reported by FigBug in #4169.
|
||||
* Guard against strong local side channel attack against base64 tables by
|
||||
making access aceess to them use constant flow code.
|
||||
|
||||
Bugfix
|
||||
* Fix an incorrect error code if an RSA private operation glitched.
|
||||
* Fix a resource leak in CTR_DRBG and HMAC_DRBG when MBEDTLS_THREADING_C
|
||||
is enabled, on platforms where initializing a mutex allocates resources.
|
||||
This was a regression introduced in the previous release. Reported in
|
||||
#4017, #4045 and #4071.
|
||||
* Ensure that calling mbedtls_rsa_free() or mbedtls_entropy_free()
|
||||
twice is safe. This happens for RSA when some Mbed TLS library functions
|
||||
fail. Such a double-free was not safe when MBEDTLS_THREADING_C was
|
||||
enabled on platforms where freeing a mutex twice is not safe.
|
||||
* Fix a resource leak in a bad-arguments case of mbedtls_rsa_gen_key()
|
||||
when MBEDTLS_THREADING_C is enabled on platforms where initializing
|
||||
a mutex allocates resources.
|
||||
* This change makes 'mbedtls_x509write_crt_set_basic_constraints'
|
||||
consistent with RFC 5280 4.2.1.9 which says: "Conforming CAs MUST
|
||||
include this extension in all CA certificates that contain public keys
|
||||
used to validate digital signatures on certificates and MUST mark the
|
||||
extension as critical in such certificates." Previous to this change,
|
||||
the extension was always marked as non-critical. This was fixed by
|
||||
#4044.
|
||||
|
||||
= mbed TLS 2.16.9 branch released 2020-12-11
|
||||
|
||||
Security
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
Bugfix
|
||||
* Fix a resource leak in CTR_DRBG and HMAC_DRBG when MBEDTLS_THREADING_C
|
||||
is enabled, on platforms where initializing a mutex allocates resources.
|
||||
This was a regression introduced in the previous release. Reported in
|
||||
#4017, #4045 and #4071.
|
|
@ -1,7 +0,0 @@
|
|||
Security
|
||||
* Fix an errorneous estimation for an internal buffer in
|
||||
mbedtls_pk_write_key_pem(). If MBEDTLS_MPI_MAX_SIZE is set to an odd
|
||||
value the function might fail to write a private RSA keys of the largest
|
||||
supported size.
|
||||
Found by Daniel Otte, reported in #4093 and fixed in #4094,
|
||||
backported in #4100.
|
|
@ -1,7 +0,0 @@
|
|||
Security
|
||||
* Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
|
||||
|A| - |B| where |B| is larger than |A| and has more limbs (so the
|
||||
function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
|
||||
applications calling mbedtls_mpi_sub_abs() directly are affected:
|
||||
all calls inside the library were safe since this function is
|
||||
only called with |A| >= |B|. Reported by Guido Vranken in #4042.
|
|
@ -1,4 +0,0 @@
|
|||
Security
|
||||
* Fix a stack buffer overflow with mbedtls_net_poll() and
|
||||
mbedtls_net_recv_timeout() when given a file descriptor that is
|
||||
beyond FD_SETSIZE. Reported by FigBug in #4169.
|
|
@ -1,13 +0,0 @@
|
|||
Bugfix
|
||||
* Ensure that calling mbedtls_rsa_free() or mbedtls_entropy_free()
|
||||
twice is safe. This happens for RSA when some Mbed TLS library functions
|
||||
fail. Such a double-free was not safe when MBEDTLS_THREADING_C was
|
||||
enabled on platforms where freeing a mutex twice is not safe.
|
||||
* Fix a resource leak in a bad-arguments case of mbedtls_rsa_gen_key()
|
||||
when MBEDTLS_THREADING_C is enabled on platforms where initializing
|
||||
a mutex allocates resources.
|
||||
|
||||
Default behavior changes
|
||||
* In mbedtls_rsa_context objects, the ver field was formerly documented
|
||||
as always 0. It is now reserved for internal purposes and may take
|
||||
different values.
|
|
@ -1,2 +0,0 @@
|
|||
Bugfix
|
||||
* Fix an incorrect error code if an RSA private operation glitched.
|
|
@ -49,7 +49,7 @@
|
|||
*/
|
||||
|
||||
/**
|
||||
* @mainpage mbed TLS v2.16.9 source code documentation
|
||||
* @mainpage mbed TLS v2.16.10 source code documentation
|
||||
*
|
||||
* This documentation describes the internal structure of mbed TLS. It was
|
||||
* automatically generated from specially formatted comment blocks in
|
||||
|
|
|
@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8
|
|||
# identify the project. Note that if you do not use Doxywizard you need
|
||||
# to put quotes around the project name if it contains spaces.
|
||||
|
||||
PROJECT_NAME = "mbed TLS v2.16.9"
|
||||
PROJECT_NAME = "mbed TLS v2.16.10"
|
||||
|
||||
# The PROJECT_NUMBER tag can be used to enter a project or revision number.
|
||||
# This could be handy for archiving the generated documentation or
|
||||
|
|
|
@ -65,16 +65,16 @@
|
|||
*/
|
||||
#define MBEDTLS_VERSION_MAJOR 2
|
||||
#define MBEDTLS_VERSION_MINOR 16
|
||||
#define MBEDTLS_VERSION_PATCH 9
|
||||
#define MBEDTLS_VERSION_PATCH 10
|
||||
|
||||
/**
|
||||
* The single version number has the following structure:
|
||||
* MMNNPP00
|
||||
* Major version | Minor version | Patch version
|
||||
*/
|
||||
#define MBEDTLS_VERSION_NUMBER 0x02100900
|
||||
#define MBEDTLS_VERSION_STRING "2.16.9"
|
||||
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.9"
|
||||
#define MBEDTLS_VERSION_NUMBER 0x02100A00
|
||||
#define MBEDTLS_VERSION_STRING "2.16.10"
|
||||
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.10"
|
||||
|
||||
#if defined(MBEDTLS_VERSION_C)
|
||||
|
||||
|
|
|
@ -165,15 +165,15 @@ endif(USE_STATIC_MBEDTLS_LIBRARY)
|
|||
|
||||
if(USE_SHARED_MBEDTLS_LIBRARY)
|
||||
add_library(mbedcrypto SHARED ${src_crypto})
|
||||
set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.9 SOVERSION 3)
|
||||
set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.10 SOVERSION 3)
|
||||
target_link_libraries(mbedcrypto ${libs})
|
||||
|
||||
add_library(mbedx509 SHARED ${src_x509})
|
||||
set_target_properties(mbedx509 PROPERTIES VERSION 2.16.9 SOVERSION 0)
|
||||
set_target_properties(mbedx509 PROPERTIES VERSION 2.16.10 SOVERSION 0)
|
||||
target_link_libraries(mbedx509 ${libs} mbedcrypto)
|
||||
|
||||
add_library(mbedtls SHARED ${src_tls})
|
||||
set_target_properties(mbedtls PROPERTIES VERSION 2.16.9 SOVERSION 12)
|
||||
set_target_properties(mbedtls PROPERTIES VERSION 2.16.10 SOVERSION 12)
|
||||
target_link_libraries(mbedtls ${libs} mbedx509)
|
||||
|
||||
install(TARGETS mbedtls mbedx509 mbedcrypto
|
||||
|
|
131
library/base64.c
131
library/base64.c
|
@ -96,6 +96,99 @@ static const unsigned char base64_dec_map[128] =
|
|||
|
||||
#define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */
|
||||
|
||||
/*
|
||||
* Constant flow conditional assignment to unsigned char
|
||||
*/
|
||||
static void mbedtls_base64_cond_assign_uchar( unsigned char * dest, const unsigned char * const src,
|
||||
unsigned char condition )
|
||||
{
|
||||
/* MSVC has a warning about unary minus on unsigned integer types,
|
||||
* but this is well-defined and precisely what we want to do here. */
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4146 )
|
||||
#endif
|
||||
|
||||
/* Generate bitmask from condition, mask will either be 0xFF or 0 */
|
||||
unsigned char mask = ( condition | -condition );
|
||||
mask >>= 7;
|
||||
mask = -mask;
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
|
||||
*dest = ( ( *src ) & mask ) | ( ( *dest ) & ~mask );
|
||||
}
|
||||
|
||||
/*
|
||||
* Constant flow conditional assignment to uint_32
|
||||
*/
|
||||
static void mbedtls_base64_cond_assign_uint32( uint32_t * dest, const uint32_t src,
|
||||
uint32_t condition )
|
||||
{
|
||||
/* MSVC has a warning about unary minus on unsigned integer types,
|
||||
* but this is well-defined and precisely what we want to do here. */
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4146 )
|
||||
#endif
|
||||
|
||||
/* Generate bitmask from condition, mask will either be 0xFFFFFFFF or 0 */
|
||||
uint32_t mask = ( condition | -condition );
|
||||
mask >>= 31;
|
||||
mask = -mask;
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
|
||||
*dest = ( src & mask ) | ( ( *dest ) & ~mask );
|
||||
}
|
||||
|
||||
/*
|
||||
* Constant flow check for equality
|
||||
*/
|
||||
static unsigned char mbedtls_base64_eq( size_t in_a, size_t in_b )
|
||||
{
|
||||
size_t difference = in_a ^ in_b;
|
||||
|
||||
/* MSVC has a warning about unary minus on unsigned integer types,
|
||||
* but this is well-defined and precisely what we want to do here. */
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( push )
|
||||
#pragma warning( disable : 4146 )
|
||||
#endif
|
||||
|
||||
difference |= -difference;
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#pragma warning( pop )
|
||||
#endif
|
||||
|
||||
/* cope with the varying size of size_t per platform */
|
||||
difference >>= ( sizeof( difference ) * 8 - 1 );
|
||||
|
||||
return (unsigned char) ( 1 ^ difference );
|
||||
}
|
||||
|
||||
/*
|
||||
* Constant flow lookup into table.
|
||||
*/
|
||||
static unsigned char mbedtls_base64_table_lookup( const unsigned char * const table,
|
||||
const size_t table_size, const size_t table_index )
|
||||
{
|
||||
size_t i;
|
||||
unsigned char result = 0;
|
||||
|
||||
for( i = 0; i < table_size; ++i )
|
||||
{
|
||||
mbedtls_base64_cond_assign_uchar( &result, &table[i], mbedtls_base64_eq( i, table_index ) );
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/*
|
||||
* Encode a buffer into base64 format
|
||||
*/
|
||||
|
@ -136,10 +229,17 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
|
|||
C2 = *src++;
|
||||
C3 = *src++;
|
||||
|
||||
*p++ = base64_enc_map[(C1 >> 2) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C2 & 15) << 2) + (C3 >> 6)) & 0x3F];
|
||||
*p++ = base64_enc_map[C3 & 0x3F];
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( C1 >> 2 ) & 0x3F ) );
|
||||
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F ) );
|
||||
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) ) & 0x3F ) );
|
||||
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( C3 & 0x3F ) );
|
||||
}
|
||||
|
||||
if( i < slen )
|
||||
|
@ -147,11 +247,15 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
|
|||
C1 = *src++;
|
||||
C2 = ( ( i + 1 ) < slen ) ? *src++ : 0;
|
||||
|
||||
*p++ = base64_enc_map[(C1 >> 2) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( C1 >> 2 ) & 0x3F ) );
|
||||
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) & 0x3F ) );
|
||||
|
||||
if( ( i + 1 ) < slen )
|
||||
*p++ = base64_enc_map[((C2 & 15) << 2) & 0x3F];
|
||||
*p++ = mbedtls_base64_table_lookup( base64_enc_map, sizeof( base64_enc_map ),
|
||||
( ( ( C2 & 15 ) << 2 ) & 0x3F ) );
|
||||
else *p++ = '=';
|
||||
|
||||
*p++ = '=';
|
||||
|
@ -172,6 +276,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
|
|||
size_t i, n;
|
||||
uint32_t j, x;
|
||||
unsigned char *p;
|
||||
unsigned char dec_map_lookup;
|
||||
|
||||
/* First pass: check for validity and get output length */
|
||||
for( i = n = j = 0; i < slen; i++ )
|
||||
|
@ -202,10 +307,12 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
|
|||
if( src[i] == '=' && ++j > 2 )
|
||||
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
if( src[i] > 127 || base64_dec_map[src[i]] == 127 )
|
||||
dec_map_lookup = mbedtls_base64_table_lookup( base64_dec_map, sizeof( base64_dec_map ), src[i] );
|
||||
|
||||
if( src[i] > 127 || dec_map_lookup == 127 )
|
||||
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
if( base64_dec_map[src[i]] < 64 && j != 0 )
|
||||
if( dec_map_lookup < 64 && j != 0 )
|
||||
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
n++;
|
||||
|
@ -235,8 +342,10 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
|
|||
if( *src == '\r' || *src == '\n' || *src == ' ' )
|
||||
continue;
|
||||
|
||||
j -= ( base64_dec_map[*src] == 64 );
|
||||
x = ( x << 6 ) | ( base64_dec_map[*src] & 0x3F );
|
||||
dec_map_lookup = mbedtls_base64_table_lookup( base64_dec_map, sizeof( base64_dec_map ), *src );
|
||||
|
||||
mbedtls_base64_cond_assign_uint32( &j, j - 1, mbedtls_base64_eq( dec_map_lookup, 64 ) );
|
||||
x = ( x << 6 ) | ( dec_map_lookup & 0x3F );
|
||||
|
||||
if( ++n == 4 )
|
||||
{
|
||||
|
|
|
@ -151,6 +151,20 @@ base64_encode_hex:"0102030405060708":"AQIDBAUGBwg=":13:0
|
|||
Base64 encode hex #4
|
||||
base64_encode_hex:"01020304050607":"AQIDBAUGBw==":13:0
|
||||
|
||||
# Rotate the bytes around so that they end up at each offset modulo 3 in
|
||||
# successive test cases.
|
||||
Base64 encode hex all valid input bytes #0
|
||||
base64_encode_hex:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/w==":345:0
|
||||
|
||||
Base64 encode hex all valid input bytes #1
|
||||
base64_encode_hex:"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff00":"AQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+f4CBgoOEhYaHiImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P0NHS09TV1tfY2drb3N3e3+Dh4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AA==":345:0
|
||||
|
||||
Base64 encode hex all valid input bytes #2
|
||||
base64_encode_hex:"02030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff0001":"AgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQ==":345:0
|
||||
|
||||
Base64 encode all valid output characters at all offsets
|
||||
base64_encode_hex:"00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7effe00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7efd0":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/Q":261:0
|
||||
|
||||
Base64 decode hex #1
|
||||
base64_decode_hex:"AQIDBAUGBwgJ":"010203040506070809":9:0
|
||||
|
||||
|
@ -166,6 +180,9 @@ base64_decode_hex:"AQIDBAUGBw==":"01020304050607":7:0
|
|||
Base64 decode hex #5 (buffer too small)
|
||||
base64_decode_hex:"AQIDBAUGBw==":"01020304050607":6:MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
|
||||
|
||||
Base64 decode all valid input characters at all offsets
|
||||
base64_decode_hex:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/+ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/Q":"00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7effe00108310518720928b30d38f41149351559761969b71d79f8218a39259a7a29aabb2dbafc31cb3d35db7e39ebbf3dfbff800420c41461c824a2cc34e3d04524d45565d865a6dc75e7e08628e49669e8a6aaecb6ebf0c72cf4d76df8e7aefcf7efd0":195:0
|
||||
|
||||
Base64 Selftest
|
||||
depends_on:MBEDTLS_SELF_TEST
|
||||
base64_selftest:
|
||||
|
|
|
@ -13,13 +13,22 @@ void mbedtls_base64_encode( char * src_string, char * dst_string,
|
|||
{
|
||||
unsigned char src_str[1000];
|
||||
unsigned char dst_str[1000];
|
||||
size_t len;
|
||||
size_t len, src_len;
|
||||
|
||||
memset(src_str, 0x00, 1000);
|
||||
memset(dst_str, 0x00, 1000);
|
||||
|
||||
strncpy( (char *) src_str, src_string, sizeof(src_str) - 1 );
|
||||
TEST_ASSERT( mbedtls_base64_encode( dst_str, dst_buf_size, &len, src_str, strlen( (char *) src_str ) ) == result );
|
||||
src_len = strlen( (char *) src_str );
|
||||
|
||||
TEST_CF_SECRET( src_str, sizeof( src_str ) );
|
||||
TEST_ASSERT( mbedtls_base64_encode( dst_str, dst_buf_size, &len, src_str, src_len) == result );
|
||||
TEST_CF_PUBLIC( src_str, sizeof( src_str ) );
|
||||
|
||||
/* dest_str will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering
|
||||
CF failures by unmarking it. */
|
||||
TEST_CF_PUBLIC( dst_str, len );
|
||||
|
||||
if( result == 0 )
|
||||
{
|
||||
TEST_ASSERT( strcmp( (char *) dst_str, dst_string ) == 0 );
|
||||
|
@ -57,7 +66,14 @@ void base64_encode_hex( data_t * src, char * dst, int dst_buf_size,
|
|||
|
||||
res = zero_alloc( dst_buf_size );
|
||||
|
||||
TEST_CF_SECRET( src->x, src->len );
|
||||
TEST_ASSERT( mbedtls_base64_encode( res, dst_buf_size, &len, src->x, src->len ) == result );
|
||||
TEST_CF_PUBLIC( src->x, src->len );
|
||||
|
||||
/* res will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering
|
||||
CF failures by unmarking it. */
|
||||
TEST_CF_PUBLIC( res, len );
|
||||
|
||||
if( result == 0 )
|
||||
{
|
||||
TEST_ASSERT( len == strlen( dst ) );
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
Check compiletime library version
|
||||
check_compiletime_version:"2.16.9"
|
||||
check_compiletime_version:"2.16.10"
|
||||
|
||||
Check runtime library version
|
||||
check_runtime_version:"2.16.9"
|
||||
check_runtime_version:"2.16.10"
|
||||
|
||||
Check for MBEDTLS_VERSION_C
|
||||
check_feature:"MBEDTLS_VERSION_C":0
|
||||
|
|
Loading…
Reference in a new issue