Merge branch mbedtls-1.3 into development

* commit '95f0089':
  Update Changelog for DH params
  Add test case for dh params with privateValueLength
  accept PKCS#3 DH parameters with privateValueLength included

Conflicts:
	library/dhm.c

ChangeLog

@@ -72,6 +72,8 @@ Changes
 Security
 
 Features
+   * Add support for reading DH parameters with privateValueLength included
+     (contributed by Daniel Khan Gillmor).
    * Add support for bit strings in X.509 names (request by Fredrik Axelsson).
    * Add support for id-at-uniqueIdentifier in X.509 names.
    * Add support for overriding snprintf() (except on Windows) and exit() in

library/dhm.c

@@ -444,8 +444,9 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
 
     /*
      *  DHParams ::= SEQUENCE {
-     *      prime            INTEGER,  -- P
-     *      generator        INTEGER,  -- g
+     *      prime              INTEGER,  -- P
+     *      generator          INTEGER,  -- g
+     *      privateValueLength INTEGER OPTIONAL
      *  }
      */
     if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
@@ -466,9 +467,23 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
 
     if( p != end )
     {
-        ret = MBEDTLS_ERR_DHM_INVALID_FORMAT +
-              MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
-        goto exit;
+        /* This might be the optional privateValueLength.
+         * If so, we can cleanly discard it */
+        mbedtls_mpi rec;
+        mbedtls_mpi_init( &rec );
+        ret = mbedtls_asn1_get_mpi( &p, end, &rec );
+        mbedtls_mpi_free( &rec );
+        if ( ret != 0 )
+        {
+            ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
+            goto exit;
+        }
+        if ( p != end )
+        {
+            ret = MBEDTLS_ERR_DHM_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+            goto exit;
+        }
     }
 
     ret = 0;

tests/data_files/dh.optlen.pem

@@ -0,0 +1,58 @@
+
+Recommended key length: 256 bits
+
+generator:
+	80:0a:bf:e7:dc:66:7a:a1:7b:cd:7c:04:61:4b:c2:
+	21:a6:54:82:cc:c0:4b:60:46:02:b0:e1:31:90:8a:
+	93:8e:a1:1b:48:dc:51:5d:ab:7a:bc:bb:1e:0c:7f:
+	d6:65:11:ed:c0:d8:65:51:b7:63:24:96:e0:3d:f9:
+	43:57:e1:c4:ea:07:a7:ce:1e:38:1a:2f:ca:fd:ff:
+	5f:5b:f0:0d:f8:28:80:60:20:e8:75:c0:09:26:e4:
+	d0:11:f8:84:77:a1:b0:19:27:d7:38:13:ca:d4:84:
+	7c:63:96:b9:24:46:21:be:2b:00:b6:3c:65:92:53:
+	31:84:13:44:3c:d2:44:21:5c:d7:fd:4c:be:79:6e:
+	82:c6:cf:70:f8:9c:c0:c5:28:fb:8e:34:48:09:b3:
+	18:76:e7:ef:73:9d:51:60:d0:95:c9:68:41:88:b0:
+	c8:75:5c:7a:46:8d:47:f5:6d:6d:b9:ea:01:29:24:
+	ec:b0:55:6f:b7:13:12:a8:d7:c9:3b:b2:89:8e:a0:
+	8e:e5:4e:eb:59:45:48:28:5f:06:a9:73:cb:be:2a:
+	0c:b0:2e:90:f3:23:fe:04:55:21:f3:4c:68:35:4a:
+	6d:3e:95:db:ff:f1:eb:64:69:2e:dc:0a:44:f3:d3:
+	e4:08:d0:e4:79:a5:41:e7:79:a6:05:42:59:e2:d8:
+	54:
+
+prime:
+	b3:12:6a:ea:f4:71:53:c7:d6:7f:40:30:30:b2:92:
+	b5:bd:5a:6c:9e:ae:1c:13:7a:f3:40:87:fc:e2:a3:
+	6a:57:8d:70:c5:c5:60:ad:2b:db:92:4c:4a:4d:be:
+	e2:0a:16:71:be:71:03:ce:87:de:fa:76:90:89:36:
+	80:3d:be:ca:60:c3:3e:12:89:c1:a0:3a:c2:c6:c4:
+	e4:94:05:e5:90:2f:a0:59:6a:1c:ba:a8:95:cc:40:
+	2d:52:13:ed:4a:5f:1f:5b:a8:b5:e1:ed:3d:a9:51:
+	a4:c4:75:af:eb:0c:a6:60:b7:36:8c:38:c8:e8:09:
+	f3:82:d9:6a:e1:9e:60:dc:98:4e:61:cb:42:b5:df:
+	d7:23:32:2a:cf:32:7f:9e:41:3c:da:64:00:c1:5c:
+	5b:2e:a1:fa:34:40:5d:83:98:2f:ba:40:e6:d8:52:
+	da:3d:91:01:9b:f2:35:11:31:42:54:dc:21:1a:90:
+	83:3e:5b:17:98:ee:52:a7:81:98:c5:55:64:47:29:
+	ad:92:f0:60:36:7c:74:de:d3:77:04:ad:fc:27:3a:
+	4a:33:fe:c8:21:bd:2e:bd:3b:c0:51:73:0e:97:a4:
+	dd:14:d2:b7:66:06:25:92:f5:ee:c0:9d:16:bb:50:
+	ef:eb:f2:cc:00:dd:3e:0e:34:18:e6:0e:c8:48:70:
+	f7:
+
+
+-----BEGIN DH PARAMETERS-----
+MIICDgKCAQEAsxJq6vRxU8fWf0AwMLKStb1abJ6uHBN680CH/OKjaleNcMXFYK0r
+25JMSk2+4goWcb5xA86H3vp2kIk2gD2+ymDDPhKJwaA6wsbE5JQF5ZAvoFlqHLqo
+lcxALVIT7UpfH1uoteHtPalRpMR1r+sMpmC3Now4yOgJ84LZauGeYNyYTmHLQrXf
+1yMyKs8yf55BPNpkAMFcWy6h+jRAXYOYL7pA5thS2j2RAZvyNRExQlTcIRqQgz5b
+F5juUqeBmMVVZEcprZLwYDZ8dN7TdwSt/Cc6SjP+yCG9Lr07wFFzDpek3RTSt2YG
+JZL17sCdFrtQ7+vyzADdPg40GOYOyEhw9wKCAQEAgAq/59xmeqF7zXwEYUvCIaZU
+gszAS2BGArDhMZCKk46hG0jcUV2rery7Hgx/1mUR7cDYZVG3YySW4D35Q1fhxOoH
+p84eOBovyv3/X1vwDfgogGAg6HXACSbk0BH4hHehsBkn1zgTytSEfGOWuSRGIb4r
+ALY8ZZJTMYQTRDzSRCFc1/1MvnlugsbPcPicwMUo+440SAmzGHbn73OdUWDQlclo
+QYiwyHVcekaNR/VtbbnqASkk7LBVb7cTEqjXyTuyiY6gjuVO61lFSChfBqlzy74q
+DLAukPMj/gRVIfNMaDVKbT6V2//x62RpLtwKRPPT5AjQ5HmlQed5pgVCWeLYVAIC
+AQA=
+-----END DH PARAMETERS-----

tests/suites/test_suite_dhm.data

@@ -10,5 +10,8 @@ dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712
 Diffie-Hallman load parameters from file
 dhm_file:"data_files/dhparams.pem":"9e35f430443a09904f3a39a979797d070df53378e79c2438bef4e761f3c714553328589b041c809be1d6c6b5f1fc9f47d3a25443188253a992a56818b37ba9de5a40d362e56eff0be5417474c125c199272c8fe41dea733df6f662c92ae76556e755d10c64e6a50968f67fc6ea73d0dca8569be2ba204e23580d8bca2f4975b3":"02":128
 
+Diffie-Hallman load parameters from file
+dhm_file:"data_files/dh.optlen.pem":"b3126aeaf47153c7d67f403030b292b5bd5a6c9eae1c137af34087fce2a36a578d70c5c560ad2bdb924c4a4dbee20a1671be7103ce87defa76908936803dbeca60c33e1289c1a03ac2c6c4e49405e5902fa0596a1cbaa895cc402d5213ed4a5f1f5ba8b5e1ed3da951a4c475afeb0ca660b7368c38c8e809f382d96ae19e60dc984e61cb42b5dfd723322acf327f9e413cda6400c15c5b2ea1fa34405d83982fba40e6d852da3d91019bf23511314254dc211a90833e5b1798ee52a78198c555644729ad92f060367c74ded37704adfc273a4a33fec821bd2ebd3bc051730e97a4dd14d2b766062592f5eec09d16bb50efebf2cc00dd3e0e3418e60ec84870f7":"800abfe7dc667aa17bcd7c04614bc221a65482ccc04b604602b0e131908a938ea11b48dc515dab7abcbb1e0c7fd66511edc0d86551b7632496e03df94357e1c4ea07a7ce1e381a2fcafdff5f5bf00df828806020e875c00926e4d011f88477a1b01927d73813cad4847c6396b9244621be2b00b63c659253318413443cd244215cd7fd4cbe796e82c6cf70f89cc0c528fb8e344809b31876e7ef739d5160d095c9684188b0c8755c7a468d47f56d6db9ea012924ecb0556fb71312a8d7c93bb2898ea08ee54eeb594548285f06a973cbbe2a0cb02e90f323fe045521f34c68354a6d3e95dbfff1eb64692edc0a44f3d3e408d0e479a541e779a6054259e2d854":256
+
 Diffie-Hellman selftest
 dhm_selftest: