yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-25 15:06:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'baremetal' into baremetal-2.16-20190909

Browse source 
* baremetal: (78 commits)
  Review corrections 6
  Review corrections 5
  Minor changes to tinycrypt README
  Typos in the tinycrypt README
  Addition of copyright statements to tinycrypt files
  Add LICENSE and README for tinycrypt
  Add SPDX lines to each imported TinyCrypt file
  Review corrections 4
  Review corrections 3
  Review corrections 2
  Review corrections
  Update signature of BE conversion functions
  Use function for 16/24/32-bit BE conversion
  x509.c: Minor readability improvement
  x509_crt.c: Indicate guarding condition in #else branch
  X.509: Don't remove verify callback by default
  Fix Doxygen warnings regarding removed verify cb+ctx parameters
  ECC restart: Use optional verification mode in bad signature test
  Re-implement verify chain if vrfy cbs are disabled
  Add zero-cost abstraction layer for CRT verification chain
  ...
This commit is contained in:
Manuel Pégourié-Gonnard 2019-09-12 09:58:14 +02:00
parent 3cdfa0c2cc e8144aa8ea
commit e5a0b366f8
86 changed files with 3353 additions and 1786 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
configs/baremetal.h
View file

@ -52,6 +52,8 @@
#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_MD_ID MBEDTLS_MD_SHA256
#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID MBEDTLS_SSL_HASH_SHA256
#define MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256
/* Key exchanges */
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
@ -61,6 +63,7 @@
#define MBEDTLS_MD_C
#define MBEDTLS_SHA256_C
#define MBEDTLS_SHA256_SMALLER
#define MBEDTLS_SHA256_NO_SHA224
/* TLS options */
#define MBEDTLS_SSL_CLI_C
@ -116,6 +119,7 @@
#define MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID
#define MBEDTLS_X509_ON_DEMAND_PARSING
#define MBEDTLS_X509_ALWAYS_FLUSH
#define MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
#define MBEDTLS_ASN1_PARSE_C
#define MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION

3
configs/config-ccm-psk-tls1_2.h
View file

@ -55,6 +55,9 @@
#define MBEDTLS_SSL_SRV_C
#define MBEDTLS_SSL_TLS_C
/* Save ROM by excluded SHA-2 variant that we don't need */
#define MBEDTLS_SHA256_NO_SHA224
/* Save RAM at the expense of ROM */
#define MBEDTLS_AES_ROM_TABLES

3
configs/config-suite-b.h
View file

@ -78,6 +78,9 @@
#define MBEDTLS_CERTS_C
#define MBEDTLS_PEM_PARSE_C
/* Save ROM by excluded SHA-2 variant that we don't need */
#define MBEDTLS_SHA256_NO_SHA224
/* Save RAM at the expense of ROM */
#define MBEDTLS_AES_ROM_TABLES

3
configs/config-thread.h
View file

@ -88,6 +88,9 @@
#define MBEDTLS_ECP_MAX_BITS 256
#define MBEDTLS_MPI_MAX_SIZE 32 // 256 bits is 32 bytes
/* Save ROM by excluded SHA-2 variant that we don't need */
#define MBEDTLS_SHA256_NO_SHA224
/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8

67
include/mbedtls/check_config.h
View file

@ -788,6 +788,73 @@
#define MBEDTLS_THREADING_IMPL
#endif
/* Ensure that precisely one hash is enabled. */
#if defined(MBEDTLS_MD_SINGLE_HASH)
#if defined(MBEDTLS_SHA256_C)
#define MBEDTLS_SHA256_ENABLED 1
#else
#define MBEDTLS_SHA256_ENABLED 0
#endif /* MBEDTLS_SHA256_C */
#if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA256_NO_SHA224)
#define MBEDTLS_SHA224_ENABLED 1
#else
#define MBEDTLS_SHA224_ENABLED 0
#endif /* MBEDTLS_SHA256_C && !MBEDTLS_SHA256_NO_SHA224 */
#if defined(MBEDTLS_SHA512_C)
#define MBEDTLS_SHA512_ENABLED 2
#else
#define MBEDTLS_SHA512_ENABLED 0
#endif /* MBEDTLS_SHA512_C */
#if defined(MBEDTLS_SHA1_C)
#define MBEDTLS_SHA1_ENABLED 1
#else
#define MBEDTLS_SHA1_ENABLED 0
#endif /* MBEDTLS_SHA1_C */
#if defined(MBEDTLS_MD2_C)
#define MBEDTLS_MD2_ENABLED 1
#else
#define MBEDTLS_MD2_ENABLED 0
#endif /* MBEDTLS_MD2_C */
#if defined(MBEDTLS_MD4_C)
#define MBEDTLS_MD4_ENABLED 1
#else
#define MBEDTLS_MD4_ENABLED 0
#endif /* MBEDTLS_MD4_C */
#if defined(MBEDTLS_MD5_C)
#define MBEDTLS_MD5_ENABLED 1
#else
#define MBEDTLS_MD5_ENABLED 0
#endif /* MBEDTLS_MD5_C */
#if defined(MBEDTLS_RIPEMD160_C)
#define MBEDTLS_RIPEMD160_ENABLED 1
#else
#define MBEDTLS_RIPEMD160_ENABLED 0
#endif /* MBEDTLS_RIPEMD160_C */
#define MBEDTLS_HASHES_ENABLED \
( MBEDTLS_MD2_ENABLED + \
MBEDTLS_MD4_ENABLED + \
MBEDTLS_MD5_ENABLED + \
MBEDTLS_RIPEMD160_ENABLED + \
MBEDTLS_SHA1_ENABLED + \
MBEDTLS_SHA256_ENABLED + \
MBEDTLS_SHA512_ENABLED )
#if MBEDTLS_HASHES_ENABLED != 1
#error "MBEDTLS_MD_SINGLE_HASH must be used with precisely one hash algorithm enabled."
#endif
#undef MBEDTLS_HASHES_ENABLED
#endif /* MBEDTLS_MD_SINGLE_HASH */
#if defined(MBEDTLS_THREADING_ALT)
#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
#error "MBEDTLS_THREADING_ALT defined, but not all prerequisites"

35
include/mbedtls/config.h
View file

@ -1291,6 +1291,16 @@
*/
//#define MBEDTLS_SHA256_SMALLER
/**
* \def MBEDTLS_SHA256_NO_SHA224
*
* Disable the SHA-224 option of the SHA-256 module. Use this to save some
* code size on devices that don't use SHA-224.
*
* Uncomment to disable SHA-224
*/
//#define MBEDTLS_SHA256_NO_SHA224
/**
* \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
*
@ -2028,6 +2038,17 @@
*/
//#define MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
/**
* \def MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
*
* Remove support for X.509 certificate verification callbacks.
*
* Uncomment to save some bytes of code by removing support for X.509
* certificate verification callbacks in mbedtls_x509_crt_verify() and
* related verification API.
*/
//#define MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
/**
* \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
*
@ -3815,6 +3836,20 @@
//#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_MD_ID
//#define MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID
/* Set this to MBEDTLS_MD_INFO_{DIGEST} support of a single message
* digest at compile-time, at the benefit of code-size.
*
* On highly constrained systems with large control over the configuration of
* the connection endpoints, this option can be used to hardcode support for
* a single hash algorithm.
*
* You need to make sure that the corresponding digest algorithm attributes
* are defined through macros in md.c. See the definitions
* MBEDTLS_MD_INFO_SHA256_XXX for example.
*
*/
//#define MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256
/* \} SECTION: Compile-time SSL configuration */
/* Target and application specific configurations

2
include/mbedtls/ecjpake.h
View file

@ -75,7 +75,7 @@ typedef enum {
*/
typedef struct mbedtls_ecjpake_context
{
const mbedtls_md_info_t *md_info; /**< Hash to use */
mbedtls_md_handle_t md_info; /**< Hash to use */
mbedtls_ecp_group grp; /**< Elliptic curve */
mbedtls_ecjpake_role role; /**< Are we client or server? */
int point_format; /**< Format for point export */

6
include/mbedtls/hkdf.h
View file

@ -70,7 +70,7 @@ extern "C" {
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
int mbedtls_hkdf( mbedtls_md_handle_t md, const unsigned char *salt,
size_t salt_len, const unsigned char *ikm, size_t ikm_len,
const unsigned char *info, size_t info_len,
unsigned char *okm, size_t okm_len );
@ -99,7 +99,7 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
int mbedtls_hkdf_extract( mbedtls_md_handle_t md,
const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len,
unsigned char *prk );
@ -130,7 +130,7 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
* \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
* MD layer.
*/
int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
int mbedtls_hkdf_expand( mbedtls_md_handle_t md, const unsigned char *prk,
size_t prk_len, const unsigned char *info,
size_t info_len, unsigned char *okm, size_t okm_len );

4
include/mbedtls/hmac_drbg.h
View file

@ -138,7 +138,7 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
* MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED.
*/
int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
mbedtls_md_handle_t md_info,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
@ -158,7 +158,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
* MBEDTLS_ERR_MD_ALLOC_FAILED.
*/
int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
mbedtls_md_handle_t md_info,
const unsigned char *data, size_t data_len );
/**

248
include/mbedtls/md.h
View file

@ -35,6 +35,11 @@
#include MBEDTLS_CONFIG_FILE
#endif
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */
#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
@ -80,26 +85,72 @@ typedef enum {
#define MBEDTLS_MD_MAX_BLOCK_SIZE 64
#endif
#if !defined(MBEDTLS_MD_SINGLE_HASH)
#define MBEDTLS_MD_INLINABLE_API
/**
* Opaque struct defined in md_internal.h.
* Opaque struct defined in md.c.
*/
typedef struct mbedtls_md_info_t mbedtls_md_info_t;
typedef struct mbedtls_md_info_t const * mbedtls_md_handle_t;
#define MBEDTLS_MD_INVALID_HANDLE ( (mbedtls_md_handle_t) NULL )
#else /* !MBEDTLS_MD_SINGLE_HASH */
#define MBEDTLS_MD_INLINABLE_API MBEDTLS_ALWAYS_INLINE static inline
typedef int mbedtls_md_handle_t;
#define MBEDTLS_MD_INVALID_HANDLE ( (mbedtls_md_handle_t) 0 )
#define MBEDTLS_MD_UNIQUE_VALID_HANDLE ( (mbedtls_md_handle_t) 1 )
#endif /* !MBEDTLS_MD_SINGLE_HASH */
#include "md_internal.h"
/**
* The generic message-digest context.
*/
typedef struct mbedtls_md_context_t
{
#if !defined(MBEDTLS_MD_SINGLE_HASH)
/** Information about the associated message digest. */
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
#endif
#if !defined(MBEDTLS_MD_SINGLE_HASH)
/** The digest-specific context. */
void *md_ctx;
/** The HMAC part of the context. */
void *hmac_ctx;
#else
unsigned char md_ctx[ sizeof( MBEDTLS_MD_INFO_CTX_TYPE(
MBEDTLS_MD_SINGLE_HASH ) ) ];
unsigned char hmac_ctx[ 2 * MBEDTLS_MD_INFO_BLOCKSIZE(
MBEDTLS_MD_SINGLE_HASH ) ];
#endif /* MBEDTLS_MD_SINGLE_HASH */
} mbedtls_md_context_t;
#if !defined(MBEDTLS_MD_SINGLE_HASH)
static inline mbedtls_md_handle_t mbedtls_md_get_handle(
struct mbedtls_md_context_t const *ctx )
{
return( ctx->md_info );
}
#else /* !MBEDTLS_MD_SINGLE_HASH */
static inline mbedtls_md_handle_t mbedtls_md_get_handle(
struct mbedtls_md_context_t const *ctx )
{
((void) ctx);
return( MBEDTLS_MD_UNIQUE_VALID_HANDLE );
}
#endif /* !MBEDTLS_MD_SINGLE_HASH */
/**
* \brief This function returns the list of digests supported by the
* generic digest module.
@ -120,7 +171,7 @@ const int *mbedtls_md_list( void );
* \return The message-digest information associated with \p md_name.
* \return NULL if the associated message-digest information is not found.
*/
const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name );
/**
* \brief This function returns the message-digest information
@ -131,7 +182,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
* \return The message-digest information associated with \p md_type.
* \return NULL if the associated message-digest information is not found.
*/
const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
/**
* \brief This function initializes a message-digest context without
@ -182,7 +233,7 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx );
* failure.
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
*/
int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED;
int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info ) MBEDTLS_DEPRECATED;
#undef MBEDTLS_DEPRECATED
#endif /* MBEDTLS_DEPRECATED_REMOVED */
@ -205,7 +256,9 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_
* failure.
* \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
*/
int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
MBEDTLS_MD_INLINABLE_API int mbedtls_md_setup( mbedtls_md_context_t *ctx,
mbedtls_md_handle_t md_info,
int hmac );
/**
* \brief This function clones the state of an message-digest
@ -238,7 +291,7 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst,
*
* \return The size of the message-digest output in Bytes.
*/
unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info );
/**
* \brief This function extracts the message-digest type from the
@ -249,7 +302,7 @@ unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
*
* \return The type of the message digest.
*/
mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info );
/**
* \brief This function extracts the message-digest name from the
@ -260,7 +313,7 @@ mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
*
* \return The name of the message digest.
*/
const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info );
/**
* \brief This function starts a message-digest computation.
@ -275,7 +328,7 @@ const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
int mbedtls_md_starts( mbedtls_md_context_t *ctx );
MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts( mbedtls_md_context_t *ctx );
/**
* \brief This function feeds an input buffer into an ongoing
@ -293,7 +346,9 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx );
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen );
MBEDTLS_MD_INLINABLE_API int mbedtls_md_update( mbedtls_md_context_t *ctx,
const unsigned char *input,
size_t ilen );
/**
* \brief This function finishes the digest operation,
@ -313,7 +368,8 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
MBEDTLS_MD_INLINABLE_API int mbedtls_md_finish( mbedtls_md_context_t *ctx,
unsigned char *output );
/**
* \brief This function calculates the message-digest of a buffer,
@ -333,8 +389,11 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output );
MBEDTLS_MD_INLINABLE_API int mbedtls_md(
mbedtls_md_handle_t md_info,
const unsigned char *input,
size_t ilen,
unsigned char *output );
#if defined(MBEDTLS_FS_IO)
/**
@ -354,7 +413,7 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si
* the file pointed by \p path.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL.
*/
int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path,
unsigned char *output );
#endif /* MBEDTLS_FS_IO */
@ -460,12 +519,167 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
int mbedtls_md_hmac( mbedtls_md_handle_t md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output );
/* Internal use */
int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data );
MBEDTLS_MD_INLINABLE_API int mbedtls_md_process( mbedtls_md_context_t *ctx,
const unsigned char *data );
/*
* Internal wrapper functions for those MD API functions which should be
* inlined in some but not all configurations. The actual MD API will be
* implemented either here or in md.c, and forward to the wrappers.
*/
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_setup_internal(
mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac )
{
if( md_info == MBEDTLS_MD_INVALID_HANDLE || ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#if !defined(MBEDTLS_MD_SINGLE_HASH)
ctx->md_ctx = mbedtls_md_info_ctx_alloc( md_info );
if( ctx->md_ctx == NULL )
return( MBEDTLS_ERR_MD_ALLOC_FAILED );
if( hmac != 0 )
{
ctx->hmac_ctx = mbedtls_calloc( 2,
mbedtls_md_info_block_size( md_info ) );
if( ctx->hmac_ctx == NULL )
{
mbedtls_md_info_ctx_free( md_info, ctx->md_ctx);
return( MBEDTLS_ERR_MD_ALLOC_FAILED );
}
}
ctx->md_info = md_info;
#else
((void) hmac);
#endif /* MBEDTLS_MD_SINGLE_HASH */
return( 0 );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_starts_internal(
mbedtls_md_context_t *ctx )
{
mbedtls_md_handle_t md_info;
if( ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
md_info = mbedtls_md_get_handle( ctx );
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( mbedtls_md_info_starts( md_info, ctx->md_ctx ) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_update_internal(
mbedtls_md_context_t *ctx,
const unsigned char *input,
size_t ilen )
{
mbedtls_md_handle_t md_info;
if( ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
md_info = mbedtls_md_get_handle( ctx );
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( mbedtls_md_info_update( md_info, ctx->md_ctx,
input, ilen ) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_finish_internal(
mbedtls_md_context_t *ctx, unsigned char *output )
{
mbedtls_md_handle_t md_info;
if( ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
md_info = mbedtls_md_get_handle( ctx );
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( mbedtls_md_info_finish( md_info, ctx->md_ctx,
output ) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_internal(
mbedtls_md_handle_t md_info,
const unsigned char *input,
size_t ilen,
unsigned char *output )
{
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( mbedtls_md_info_digest( md_info, input,
ilen, output) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_process_internal(
mbedtls_md_context_t *ctx, const unsigned char *data )
{
mbedtls_md_handle_t md_info;
if( ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
md_info = mbedtls_md_get_handle( ctx );
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( mbedtls_md_info_process( md_info, ctx->md_ctx, data ) );
}
#if defined(MBEDTLS_MD_SINGLE_HASH)
MBEDTLS_MD_INLINABLE_API int mbedtls_md_setup(
mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac )
{
return( mbedtls_md_setup_internal( ctx, md_info, hmac ) );
}
MBEDTLS_MD_INLINABLE_API int mbedtls_md_starts(
mbedtls_md_context_t *ctx )
{
return( mbedtls_md_starts_internal( ctx ) );
}
MBEDTLS_MD_INLINABLE_API int mbedtls_md_update(
mbedtls_md_context_t *ctx,
const unsigned char *input,
size_t ilen )
{
return( mbedtls_md_update_internal( ctx, input, ilen ) );
}
MBEDTLS_MD_INLINABLE_API int mbedtls_md_finish(
mbedtls_md_context_t *ctx, unsigned char *output )
{
return( mbedtls_md_finish_internal( ctx, output ) );
}
MBEDTLS_MD_INLINABLE_API int mbedtls_md(
mbedtls_md_handle_t md_info,
const unsigned char *input,
size_t ilen,
unsigned char *output )
{
return( mbedtls_md_internal( md_info, input, ilen, output ) );
}
MBEDTLS_MD_INLINABLE_API int mbedtls_md_process(
mbedtls_md_context_t *ctx, const unsigned char *data )
{
return( mbedtls_md_process_internal( ctx, data ) );
}
#endif /* MBEDTLS_MD_SINGLE_HASH */
#ifdef __cplusplus
}

821
include/mbedtls/md_internal.h
View file

@ -1,14 +1,12 @@
/**
/**
* \file md_internal.h
*
* \brief Message digest wrappers.
*
* \warning This in an internal header. Do not include directly.
* \brief This file contains the generic message-digest wrapper.
*
* \author Adriaan de Jong <dejong@fox-it.com>
*/
/*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
@ -23,27 +21,157 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
* This file is part of Mbed TLS (https://tls.mbed.org)
*/
#ifndef MBEDTLS_MD_WRAP_H
#define MBEDTLS_MD_WRAP_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#ifndef MBEDTLS_MD_INTERNAL_H
#define MBEDTLS_MD_INTERNAL_H
#if defined(MBEDTLS_MD2_C)
#include "mbedtls/md2.h"
#endif
#include "md.h"
#if defined(MBEDTLS_MD4_C)
#include "mbedtls/md4.h"
#endif
#if defined(MBEDTLS_MD5_C)
#include "mbedtls/md5.h"
#endif
#if defined(MBEDTLS_RIPEMD160_C)
#include "mbedtls/ripemd160.h"
#endif
#if defined(MBEDTLS_SHA1_C)
#include "mbedtls/sha1.h"
#endif
#if defined(MBEDTLS_SHA256_C)
#include "mbedtls/sha256.h"
#endif
#if defined(MBEDTLS_SHA512_C)
#include "mbedtls/sha512.h"
#endif
#include "mbedtls/platform_util.h"
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define mbedtls_calloc calloc
#define mbedtls_free free
#endif
#ifdef __cplusplus
extern "C" {
#endif
#define MBEDTLS_MD_WRAPPER MBEDTLS_ALWAYS_INLINE static inline
/*
* Message-digest information macro definition
*/
/* Dummy definition to keep check-names.sh happy - don't uncomment */
//#define MBEDTLS_MD_INFO_SHA256
/* SHA-256 */
static inline void mbedtls_md_sha256_init_free_dummy( void* ctx )
{
/* Zero-initialization can be skipped. */
((void) ctx);
}
#define MBEDTLS_MD_INFO_SHA256_TYPE MBEDTLS_MD_SHA256
#define MBEDTLS_MD_INFO_SHA256_CTX_TYPE mbedtls_sha256_context
#if defined(MBEDTLS_MD_SINGLE_HASH) && !defined(MBEDTLS_SHA256_ALT)
/* mbedtls_md_sha256_init() only zeroizes, which is redundant
* because mbedtls_md_context is zeroized in mbedtls_md_init(),
* and the mbedtls_sha256_context is embedded in mbedtls_md_context_t. */
#define MBEDTLS_MD_INFO_SHA256_INIT_FUNC mbedtls_md_sha256_init_free_dummy
#else
#define MBEDTLS_MD_INFO_SHA256_INIT_FUNC mbedtls_sha256_init
#endif /* MBEDTLS_MD_SINGLE_HASH && !MBEDTLS_SHA256_ALT */
#define MBEDTLS_MD_INFO_SHA256_NAME "SHA256"
#define MBEDTLS_MD_INFO_SHA256_SIZE 32
#define MBEDTLS_MD_INFO_SHA256_BLOCKSIZE 64
#define MBEDTLS_MD_INFO_SHA256_STARTS_FUNC mbedtls_sha256_starts_wrap
#define MBEDTLS_MD_INFO_SHA256_UPDATE_FUNC mbedtls_sha224_update_wrap
#define MBEDTLS_MD_INFO_SHA256_FINISH_FUNC mbedtls_sha224_finish_wrap
#define MBEDTLS_MD_INFO_SHA256_DIGEST_FUNC mbedtls_sha256_wrap
#define MBEDTLS_MD_INFO_SHA256_ALLOC_FUNC mbedtls_sha224_ctx_alloc
#if defined(MBEDTLS_MD_SINGLE_HASH) && !defined(MBEDTLS_SHA256_ALT)
/* mbedtls_md_sha256_free() only zeroizes, which is redundant
* because mbedtls_md_context is zeroized in mbedtls_md_init(),
* and the mbedtls_sha256_context is embedded in mbedtls_md_context_t. */
#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC mbedtls_md_sha256_init_free_dummy
#else
#define MBEDTLS_MD_INFO_SHA256_FREE_FUNC mbedtls_sha224_ctx_free
#endif /* MBEDTLS_MD_SINGLE_HASH && !MBEDTLS_SHA256_ALT */
#define MBEDTLS_MD_INFO_SHA256_CLONE_FUNC mbedtls_sha224_clone_wrap
#define MBEDTLS_MD_INFO_SHA256_PROCESS_FUNC mbedtls_sha224_process_wrap
/*
* Helper macros to extract fields from ciphersuites.
*/
#define MBEDTLS_MD_INFO_CTX_TYPE_T( MD ) MD ## _CTX_TYPE
#define MBEDTLS_MD_INFO_INIT_FUNC_T( MD ) MD ## _INIT_FUNC
#define MBEDTLS_MD_INFO_TYPE_T( MD ) MD ## _TYPE
#define MBEDTLS_MD_INFO_NAME_T( MD ) MD ## _NAME
#define MBEDTLS_MD_INFO_SIZE_T( MD ) MD ## _SIZE
#define MBEDTLS_MD_INFO_BLOCKSIZE_T( MD ) MD ## _BLOCKSIZE
#define MBEDTLS_MD_INFO_STARTS_FUNC_T( MD ) MD ## _STARTS_FUNC
#define MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD ) MD ## _UPDATE_FUNC
#define MBEDTLS_MD_INFO_FINISH_FUNC_T( MD ) MD ## _FINISH_FUNC
#define MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD ) MD ## _DIGEST_FUNC
#define MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD ) MD ## _ALLOC_FUNC
#define MBEDTLS_MD_INFO_FREE_FUNC_T( MD ) MD ## _FREE_FUNC
#define MBEDTLS_MD_INFO_CLONE_FUNC_T( MD ) MD ## _CLONE_FUNC
#define MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD ) MD ## _PROCESS_FUNC
/* Wrapper around MBEDTLS_MD_INFO_{FIELD}_T() which makes sure that
* the argument is macro-expanded before concatenated with the
* field name. This allows to call these macros as
* MBEDTLS_MD_INFO_{FIELD}( MBEDTLS_MD_SINGLE_HASH ).
* where MBEDTLS_MD_SINGLE_HASH expands to MBEDTLS_MD_INFO_{DIGEST}. */
#define MBEDTLS_MD_INFO_CTX_TYPE( MD ) MBEDTLS_MD_INFO_CTX_TYPE_T( MD )
#define MBEDTLS_MD_INFO_INIT_FUNC( MD ) MBEDTLS_MD_INFO_INIT_FUNC_T( MD )
#define MBEDTLS_MD_INFO_TYPE( MD ) MBEDTLS_MD_INFO_TYPE_T( MD )
#define MBEDTLS_MD_INFO_NAME( MD ) MBEDTLS_MD_INFO_NAME_T( MD )
#define MBEDTLS_MD_INFO_SIZE( MD ) MBEDTLS_MD_INFO_SIZE_T( MD )
#define MBEDTLS_MD_INFO_BLOCKSIZE( MD ) MBEDTLS_MD_INFO_BLOCKSIZE_T( MD )
#define MBEDTLS_MD_INFO_STARTS_FUNC( MD ) MBEDTLS_MD_INFO_STARTS_FUNC_T( MD )
#define MBEDTLS_MD_INFO_UPDATE_FUNC( MD ) MBEDTLS_MD_INFO_UPDATE_FUNC_T( MD )
#define MBEDTLS_MD_INFO_FINISH_FUNC( MD ) MBEDTLS_MD_INFO_FINISH_FUNC_T( MD )
#define MBEDTLS_MD_INFO_DIGEST_FUNC( MD ) MBEDTLS_MD_INFO_DIGEST_FUNC_T( MD )
#define MBEDTLS_MD_INFO_ALLOC_FUNC( MD ) MBEDTLS_MD_INFO_ALLOC_FUNC_T( MD )
#define MBEDTLS_MD_INFO_FREE_FUNC( MD ) MBEDTLS_MD_INFO_FREE_FUNC_T( MD )
#define MBEDTLS_MD_INFO_CLONE_FUNC( MD ) MBEDTLS_MD_INFO_CLONE_FUNC_T( MD )
#define MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) MBEDTLS_MD_INFO_PROCESS_FUNC_T( MD )
/**
* Message digest information.
* Allows message digest functions to be called in a generic way.
*/
typedef int mbedtls_md_starts_func_t( void *ctx );
typedef int mbedtls_md_update_func_t( void *ctx,
const unsigned char *input,
size_t ilen );
typedef int mbedtls_md_finish_func_t( void *ctx, unsigned char *output );
typedef int mbedtls_md_digest_func_t( const unsigned char *input,
size_t ilen,
unsigned char *output );
typedef void* mbedtls_md_ctx_alloc_func_t( void );
typedef void mbedtls_md_ctx_free_func_t( void *ctx );
typedef void mbedtls_md_clone_func_t( void *st, const void *src );
typedef int mbedtls_md_process_func_t( void *ctx,
const unsigned char *input );
#if !defined(MBEDTLS_MD_SINGLE_HASH)
struct mbedtls_md_info_t
{
/** Digest identifier */
@ -59,57 +187,672 @@ struct mbedtls_md_info_t
int block_size;
/** Digest initialisation function */
int (*starts_func)( void *ctx );
mbedtls_md_starts_func_t *starts_func;
/** Digest update function */
int (*update_func)( void *ctx, const unsigned char *input, size_t ilen );
mbedtls_md_update_func_t *update_func;
/** Digest finalisation function */
int (*finish_func)( void *ctx, unsigned char *output );
mbedtls_md_finish_func_t *finish_func;
/** Generic digest function */
int (*digest_func)( const unsigned char *input, size_t ilen,
unsigned char *output );
mbedtls_md_digest_func_t *digest_func;
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
mbedtls_md_ctx_alloc_func_t *ctx_alloc_func;
/** Free the given context */
void (*ctx_free_func)( void *ctx );
mbedtls_md_ctx_free_func_t *ctx_free_func;
/** Clone state from a context */
void (*clone_func)( void *dst, const void *src );
mbedtls_md_clone_func_t *clone_func;
/** Internal use only */
int (*process_func)( void *ctx, const unsigned char *input );
mbedtls_md_process_func_t *process_func;
};
/**
* \brief This macro builds an instance of ::mbedtls_md_info_t
* from an \c MBEDTLS_MD_INFO_XXX identifier.
*/
#define MBEDTLS_MD_INFO( MD ) \
{ MBEDTLS_MD_INFO_TYPE( MD ), \
MBEDTLS_MD_INFO_NAME( MD ), \
MBEDTLS_MD_INFO_SIZE( MD ), \
MBEDTLS_MD_INFO_BLOCKSIZE( MD ), \
MBEDTLS_MD_INFO_STARTS_FUNC( MD ), \
MBEDTLS_MD_INFO_UPDATE_FUNC( MD ), \
MBEDTLS_MD_INFO_FINISH_FUNC( MD ), \
MBEDTLS_MD_INFO_DIGEST_FUNC( MD ), \
MBEDTLS_MD_INFO_ALLOC_FUNC( MD ), \
MBEDTLS_MD_INFO_FREE_FUNC( MD ), \
MBEDTLS_MD_INFO_CLONE_FUNC( MD ), \
MBEDTLS_MD_INFO_PROCESS_FUNC( MD ) }
#endif /* !MBEDTLS_MD_SINGLE_HASH */
/*
*
* Definitions of MD information structures for various digests.
*
*/
/*
* MD-2
*/
#if defined(MBEDTLS_MD2_C)
extern const mbedtls_md_info_t mbedtls_md2_info;
#endif
MBEDTLS_MD_WRAPPER int mbedtls_md2_starts_wrap( void *ctx )
{
return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_md2_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_md2_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) );
}
MBEDTLS_MD_WRAPPER void* mbedtls_md2_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) );
if( ctx != NULL )
mbedtls_md2_init( (mbedtls_md2_context *) ctx );
return( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_md2_ctx_free( void *ctx )
{
mbedtls_md2_free( (mbedtls_md2_context *) ctx );
mbedtls_free( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_md2_clone_wrap( void *dst, const void *src )
{
mbedtls_md2_clone( (mbedtls_md2_context *) dst,
(const mbedtls_md2_context *) src );
}
MBEDTLS_MD_WRAPPER int mbedtls_md2_process_wrap( void *ctx, const unsigned char *data )
{
((void) data);
return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) );
}
#endif /* MBEDTLS_MD2_C */
/*
* MD-4
*/
#if defined(MBEDTLS_MD4_C)
extern const mbedtls_md_info_t mbedtls_md4_info;
#endif
MBEDTLS_MD_WRAPPER int mbedtls_md4_starts_wrap( void *ctx )
{
return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_md4_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_md4_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) );
}
MBEDTLS_MD_WRAPPER void* mbedtls_md4_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) );
if( ctx != NULL )
mbedtls_md4_init( (mbedtls_md4_context *) ctx );
return( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_md4_ctx_free( void *ctx )
{
mbedtls_md4_free( (mbedtls_md4_context *) ctx );
mbedtls_free( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_md4_clone_wrap( void *dst, const void *src )
{
mbedtls_md4_clone( (mbedtls_md4_context *) dst,
(const mbedtls_md4_context *) src );
}
MBEDTLS_MD_WRAPPER int mbedtls_md4_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) );
}
#endif /* MBEDTLS_MD4_C */
/*
* MD-5
*/
#if defined(MBEDTLS_MD5_C)
extern const mbedtls_md_info_t mbedtls_md5_info;
#endif
MBEDTLS_MD_WRAPPER int mbedtls_md5_starts_wrap( void *ctx )
{
return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_md5_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_md5_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) );
}
MBEDTLS_MD_WRAPPER void* mbedtls_md5_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) );
if( ctx != NULL )
mbedtls_md5_init( (mbedtls_md5_context *) ctx );
return( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_md5_ctx_free( void *ctx )
{
mbedtls_md5_free( (mbedtls_md5_context *) ctx );
mbedtls_free( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_md5_clone_wrap( void *dst, const void *src )
{
mbedtls_md5_clone( (mbedtls_md5_context *) dst,
(const mbedtls_md5_context *) src );
}
MBEDTLS_MD_WRAPPER int mbedtls_md5_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) );
}
#endif /* MBEDTLS_MD5_C */
/*
* RIPEMD-160
*/
#if defined(MBEDTLS_RIPEMD160_C)
extern const mbedtls_md_info_t mbedtls_ripemd160_info;
#endif
MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_starts_wrap( void *ctx )
{
return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx,
input, ilen ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx,
output ) );
}
MBEDTLS_MD_WRAPPER void* mbedtls_ripemd160_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) );
if( ctx != NULL )
mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx );
return( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_ripemd160_ctx_free( void *ctx )
{
mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx );
mbedtls_free( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_ripemd160_clone_wrap( void *dst, const void *src )
{
mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst,
(const mbedtls_ripemd160_context *) src );
}
MBEDTLS_MD_WRAPPER int mbedtls_ripemd160_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_ripemd160_process(
(mbedtls_ripemd160_context *) ctx, data ) );
}
#endif /* MBEDTLS_RIPEMD160_C */
/*
* SHA-1
*/
#if defined(MBEDTLS_SHA1_C)
extern const mbedtls_md_info_t mbedtls_sha1_info;
#endif
MBEDTLS_MD_WRAPPER int mbedtls_sha1_starts_wrap( void *ctx )
{
return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha1_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx,
input, ilen ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha1_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) );
}
MBEDTLS_MD_WRAPPER void* mbedtls_sha1_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) );
if( ctx != NULL )
mbedtls_sha1_init( (mbedtls_sha1_context *) ctx );
return( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_sha1_clone_wrap( void *dst, const void *src )
{
mbedtls_sha1_clone( (mbedtls_sha1_context *) dst,
(const mbedtls_sha1_context *) src );
}
MBEDTLS_MD_WRAPPER void mbedtls_sha1_ctx_free( void *ctx )
{
mbedtls_sha1_free( (mbedtls_sha1_context *) ctx );
mbedtls_free( ctx );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha1_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx,
data ) );
}
#endif /* MBEDTLS_SHA1_C */
/*
* SHA-224 and SHA-256
*/
#if defined(MBEDTLS_SHA256_C)
extern const mbedtls_md_info_t mbedtls_sha224_info;
extern const mbedtls_md_info_t mbedtls_sha256_info;
#endif
#if !defined(MBEDTLS_SHA256_NO_SHA224)
MBEDTLS_MD_WRAPPER int mbedtls_sha224_starts_wrap( void *ctx )
{
return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) );
}
#endif /* !MBEDTLS_SHA256_NO_SHA224 */
MBEDTLS_MD_WRAPPER int mbedtls_sha224_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx,
input, ilen ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha224_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx,
output ) );
}
#if !defined(MBEDTLS_SHA256_NO_SHA224)
MBEDTLS_MD_WRAPPER int mbedtls_sha224_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
return( mbedtls_sha256_ret( input, ilen, output, 1 ) );
}
#endif /* !MBEDTLS_SHA256_NO_SHA224 */
MBEDTLS_MD_WRAPPER void* mbedtls_sha224_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) );
if( ctx != NULL )
mbedtls_sha256_init( (mbedtls_sha256_context *) ctx );
return( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_sha224_ctx_free( void *ctx )
{
mbedtls_sha256_free( (mbedtls_sha256_context *) ctx );
mbedtls_free( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_sha224_clone_wrap( void *dst, const void *src )
{
mbedtls_sha256_clone( (mbedtls_sha256_context *) dst,
(const mbedtls_sha256_context *) src );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha224_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx,
data ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha256_starts_wrap( void *ctx )
{
return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha256_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
return( mbedtls_sha256_ret( input, ilen, output, 0 ) );
}
#endif /* MBEDTLS_SHA256_C */
/*
* SHA-384 and SHA-512
*/
#if defined(MBEDTLS_SHA512_C)
extern const mbedtls_md_info_t mbedtls_sha384_info;
extern const mbedtls_md_info_t mbedtls_sha512_info;
#endif
MBEDTLS_MD_WRAPPER int mbedtls_sha384_starts_wrap( void *ctx )
{
return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha384_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx,
input, ilen ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha384_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx,
output ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha384_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
return( mbedtls_sha512_ret( input, ilen, output, 1 ) );
}
MBEDTLS_MD_WRAPPER void* mbedtls_sha384_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) );
if( ctx != NULL )
mbedtls_sha512_init( (mbedtls_sha512_context *) ctx );
return( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_sha384_ctx_free( void *ctx )
{
mbedtls_sha512_free( (mbedtls_sha512_context *) ctx );
mbedtls_free( ctx );
}
MBEDTLS_MD_WRAPPER void mbedtls_sha384_clone_wrap( void *dst, const void *src )
{
mbedtls_sha512_clone( (mbedtls_sha512_context *) dst,
(const mbedtls_sha512_context *) src );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha384_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx,
data ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha512_starts_wrap( void *ctx )
{
return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) );
}
MBEDTLS_MD_WRAPPER int mbedtls_sha512_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
return( mbedtls_sha512_ret( input, ilen, output, 0 ) );
}
#endif /* MBEDTLS_SHA512_C */
/*
* Getter functions for MD info structure.
*/
#if !defined(MBEDTLS_MD_SINGLE_HASH)
MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type(
mbedtls_md_handle_t info )
{
return( info->type );
}
MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name(
mbedtls_md_handle_t info )
{
return( info->name );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size(
mbedtls_md_handle_t info )
{
return( info->size );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size(
mbedtls_md_handle_t info )
{
return( info->block_size );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts(
mbedtls_md_handle_t info,
void *ctx )
{
return( info->starts_func( ctx ) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update(
mbedtls_md_handle_t info,
void *ctx,
const unsigned char *input,
size_t ilen )
{
return( info->update_func( ctx, input, ilen ) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish(
mbedtls_md_handle_t info,
void *ctx,
unsigned char *output )
{
return( info->finish_func( ctx, output ) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest(
mbedtls_md_handle_t info,
const unsigned char *input,
size_t ilen,
unsigned char *output )
{
return( info->digest_func( input, ilen, output ) );
}
MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc(
mbedtls_md_handle_t info )
{
return( info->ctx_alloc_func() );
}
MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free(
mbedtls_md_handle_t info,
void *ctx )
{
info->ctx_free_func( ctx );
}
MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone(
mbedtls_md_handle_t info,
void *dst,
const void *src )
{
info->clone_func( dst, src );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process(
mbedtls_md_handle_t info,
void *ctx,
const unsigned char *input )
{
return( info->process_func( ctx, input ) );
}
#else /* !MBEDTLS_MD_SINGLE_HASH */
MBEDTLS_ALWAYS_INLINE static inline mbedtls_md_type_t mbedtls_md_info_type(
mbedtls_md_handle_t info )
{
((void) info);
return( MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ) );
}
MBEDTLS_ALWAYS_INLINE static inline const char * mbedtls_md_info_name(
mbedtls_md_handle_t info )
{
((void) info);
return( MBEDTLS_MD_INFO_NAME( MBEDTLS_MD_SINGLE_HASH ) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_size(
mbedtls_md_handle_t info )
{
((void) info);
return( MBEDTLS_MD_INFO_SIZE( MBEDTLS_MD_SINGLE_HASH ) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_block_size(
mbedtls_md_handle_t info )
{
((void) info);
return( MBEDTLS_MD_INFO_BLOCKSIZE( MBEDTLS_MD_SINGLE_HASH ) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_starts(
mbedtls_md_handle_t info,
void *ctx )
{
((void) info);
return( MBEDTLS_MD_INFO_STARTS_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx ) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_update(
mbedtls_md_handle_t info,
void *ctx,
const unsigned char *input,
size_t ilen )
{
((void) info);
return( MBEDTLS_MD_INFO_UPDATE_FUNC( MBEDTLS_MD_SINGLE_HASH )
( ctx, input, ilen ) );
}
MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_init(
mbedtls_md_handle_t info,
void *ctx )
{
((void) info);
MBEDTLS_MD_INFO_INIT_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_finish(
mbedtls_md_handle_t info,
void *ctx,
unsigned char *output )
{
((void) info);
return( MBEDTLS_MD_INFO_FINISH_FUNC( MBEDTLS_MD_SINGLE_HASH )
( ctx, output ) );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_digest(
mbedtls_md_handle_t info,
const unsigned char *input,
size_t ilen,
unsigned char *output )
{
((void) info);
return( MBEDTLS_MD_INFO_DIGEST_FUNC( MBEDTLS_MD_SINGLE_HASH )
( input, ilen, output ) );
}
MBEDTLS_ALWAYS_INLINE static inline void* mbedtls_md_info_ctx_alloc(
mbedtls_md_handle_t info )
{
((void) info);
return( MBEDTLS_MD_INFO_ALLOC_FUNC( MBEDTLS_MD_SINGLE_HASH )() );
}
MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_ctx_free(
mbedtls_md_handle_t info,
void *ctx )
{
((void) info);
MBEDTLS_MD_INFO_FREE_FUNC( MBEDTLS_MD_SINGLE_HASH )( ctx );
}
MBEDTLS_ALWAYS_INLINE static inline void mbedtls_md_info_clone(
mbedtls_md_handle_t info,
void *dst,
const void *src )
{
((void) info);
MBEDTLS_MD_INFO_CLONE_FUNC( MBEDTLS_MD_SINGLE_HASH )( dst, src );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_md_info_process(
mbedtls_md_handle_t info,
void *ctx,
const unsigned char *input )
{
((void) info);
return( MBEDTLS_MD_INFO_PROCESS_FUNC( MBEDTLS_MD_SINGLE_HASH )
( ctx, input ) );
}
#endif /* MBEDTLS_MD_SINGLE_HASH */
#ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_MD_WRAP_H */
#endif /* MBEDTLS_MD_INTERNAL_H */

84
include/mbedtls/platform_util.h
View file

@ -30,7 +30,7 @@
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include <stdint.h>
#include <stddef.h>
#if defined(MBEDTLS_HAVE_TIME_DATE)
#include "platform_time.h"
@ -113,6 +113,12 @@ void mbedtls_param_failed( const char *failure_condition,
#endif /* MBEDTLS_CHECK_PARAMS */
#if defined(__GNUC__) || defined(__arm__)
#define MBEDTLS_ALWAYS_INLINE __attribute__((always_inline))
#else
#define MBEDTLS_ALWAYS_INLINE
#endif
/* Internal helper macros for deprecating API constants. */
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
@ -189,6 +195,82 @@ struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt,
struct tm *tm_buf );
#endif /* MBEDTLS_HAVE_TIME_DATE */
/**
* \brief Convert a 32-bit number to the big endian format and write it to
* the given buffer.
*
* \param buf Address where the converted number is written.
* \param num A number that needs to be converted to the big endian format.
*
* \return Address to the end of buffer where the converted number is
* written.
*/
unsigned char* mbedtls_platform_put_uint32_be( unsigned char *buf,
size_t num );
/**
* \brief Convert a 24-bit number to the big endian format and write it to
* the given buffer.
*
* \param buf Address where the converted number is written.
* \param num A number that needs to be converted to the big endian format.
*
* \return Address to the end of buffer where the converted number is
* written.
*/
unsigned char* mbedtls_platform_put_uint24_be( unsigned char *buf,
size_t num );
/**
* \brief Convert a 16-bit number to the big endian format and write it to
* the given buffer.
*
*
* \param buf Address where the converted number is written.
* \param num A number that needs to be converted to the big endian format.
*
* \return Address to the end of buffer where the converted number is
* written.
*/
unsigned char* mbedtls_platform_put_uint16_be( unsigned char *buf,
size_t num );
/**
* \brief Convert a 32-bit number from the big endian format.
*
* The function reads a 32-bit number from the given buffer in the
* big endian format and returns it to the caller.
*
* \param buf Buffer where the 32-bit number locates.
*
* \return Converted number.
*/
size_t mbedtls_platform_get_uint32_be( const unsigned char *buf );
/**
* \brief Convert a 24-bit number from the big endian format.
*
* The function reads a 14-bit number from the given buffer in the
* big endian format and returns it to the caller.
*
* \param buf Buffer where the 24-bit number locates.
*
* \return Converted number.
*/
size_t mbedtls_platform_get_uint24_be( const unsigned char *buf );
/**
* \brief Convert a 16-bit number from the big endian format.
*
* The function reads a 16-bit number from the given buffer in the
* big endian format and returns it to the caller.
*
* \param buf Buffer where the 16-bit number locates.
*
* \return Converted number.
*/
size_t mbedtls_platform_get_uint16_be( const unsigned char *buf );
#ifdef __cplusplus
}
#endif

6
include/mbedtls/sha256.h
View file

@ -60,8 +60,10 @@ typedef struct mbedtls_sha256_context
uint32_t total[2]; /*!< The number of Bytes processed. */
uint32_t state[8]; /*!< The intermediate digest state. */
unsigned char buffer[64]; /*!< The data block being processed. */
#if !defined(MBEDTLS_SHA256_NO_SHA224)
int is224; /*!< Determines which function to use:
0: Use SHA-256, or 1: Use SHA-224. */
#endif
}
mbedtls_sha256_context;
@ -101,6 +103,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
* \param ctx The context to use. This must be initialized.
* \param is224 This determines which function to use. This must be
* either \c 0 for SHA-256, or \c 1 for SHA-224.
* If #MBEDTLS_SHA256_NO_SHA224 is defined, this must be \c 0.
*
* \return \c 0 on success.
* \return A negative error code on failure.
@ -169,6 +172,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
* \param ctx The context to use. This must be initialized.
* \param is224 Determines which function to use. This must be
* either \c 0 for SHA-256, or \c 1 for SHA-224.
* If #MBEDTLS_SHA256_NO_SHA224 is defined, this must be \c 0.
*/
MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
int is224 );
@ -237,6 +241,7 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
* be a writable buffer of length \c 32 Bytes.
* \param is224 Determines which function to use. This must be
* either \c 0 for SHA-256, or \c 1 for SHA-224.
* If #MBEDTLS_SHA256_NO_SHA224 is defined, this must be \c 0.
*/
int mbedtls_sha256_ret( const unsigned char *input,
size_t ilen,
@ -269,6 +274,7 @@ int mbedtls_sha256_ret( const unsigned char *input,
* a writable buffer of length \c 32 Bytes.
* \param is224 Determines which function to use. This must be either
* \c 0 for SHA-256, or \c 1 for SHA-224.
* If #MBEDTLS_SHA256_NO_SHA224 is defined, this must be \c 0.
*/
MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
size_t ilen,

30
include/mbedtls/ssl.h
View file

@ -142,11 +142,19 @@
/*
* Various constants
*/
#if !defined(MBEDTLS_SSL_PROTO_NO_TLS)
#define MBEDTLS_SSL_MAJOR_VERSION_3 3
#define MBEDTLS_SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */
#define MBEDTLS_SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */
#define MBEDTLS_SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */
#define MBEDTLS_SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */
#else /* MBEDTLS_SSL_PROTO_NO_TLS */
#define MBEDTLS_SSL_MAJOR_VERSION_3 254
#define MBEDTLS_SSL_MINOR_VERSION_0 257 /*!< unused */
#define MBEDTLS_SSL_MINOR_VERSION_1 256 /*!< unused */
#define MBEDTLS_SSL_MINOR_VERSION_2 255 /*!< DTLS v1.0 */
#define MBEDTLS_SSL_MINOR_VERSION_3 253 /*!< DTLS v1.2 */
#endif /* MBEDTLS_SSL_PROTO_NO_TLS */
#define MBEDTLS_SSL_TRANSPORT_STREAM 0 /*!< TLS */
#define MBEDTLS_SSL_TRANSPORT_DATAGRAM 1 /*!< DTLS */
@ -1033,7 +1041,8 @@ struct mbedtls_ssl_config
void *p_sni; /*!< context for SNI callback */
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
!defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
/** Callback to customize X.509 certificate chain verification */
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *);
void *p_vrfy; /*!< context for X.509 verify calllback */
@ -1165,18 +1174,18 @@ struct mbedtls_ssl_config
unsigned int dhm_min_bitlen; /*!< min. bit length of the DHM prime */
#endif
#if !defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER)
unsigned char max_major_ver; /*!< max. major version used */
#endif /* !MBEDTLS_SSL_CONF_MAX_MAJOR_VER */
#if !defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER)
unsigned char max_minor_ver; /*!< max. minor version used */
#endif /* !MBEDTLS_SSL_CONF_MAX_MINOR_VER */
#if !defined(MBEDTLS_SSL_CONF_MIN_MAJOR_VER)
unsigned char min_major_ver; /*!< min. major version used */
#endif /* !MBEDTLS_SSL_CONF_MIN_MAJOR_VER */
#if !defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER)
unsigned char max_major_ver; /*!< max. major version used */
#endif /* !MBEDTLS_SSL_CONF_MAX_MAJOR_VER */
#if !defined(MBEDTLS_SSL_CONF_MIN_MINOR_VER)
unsigned char min_minor_ver; /*!< min. minor version used */
uint16_t min_minor_ver; /*!< min. minor version used */
#endif /* !MBEDTLS_SSL_CONF_MIN_MINOR_VER */
#if !defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER)
uint16_t max_minor_ver; /*!< max. minor version used */
#endif /* !MBEDTLS_SSL_CONF_MAX_MINOR_VER */
/*
* Flags (bitfields)
@ -1588,7 +1597,8 @@ void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
*/
void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
!defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
/**
* \brief Set the verification callback (Optional).
*
@ -1603,7 +1613,7 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
#if !defined(MBEDTLS_SSL_CONF_RNG)
/**

87
include/mbedtls/ssl_internal.h
View file

@ -1196,6 +1196,8 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
MBEDTLS_SSL_PROTO_TLS1_2 */
#if defined(MBEDTLS_SSL_PROTO_TLS)
/*
* Convert version numbers to/from wire format
* and, for DTLS, to/from TLS equivalent.
@ -1257,6 +1259,88 @@ MBEDTLS_ALWAYS_INLINE static inline void mbedtls_ssl_read_version(
#endif /* MBEDTLS_SSL_PROTO_TLS */
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_leq( int v0, int v1 )
{
return( v0 <= v1 );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_lt( int v0, int v1 )
{
return( v0 < v1 );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_geq( int v0, int v1 )
{
return( v0 >= v1 );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_gt( int v0, int v1 )
{
return( v0 > v1 );
}
#else /* MBEDTLS_SSL_PROTO_TLS */
/* If only DTLS is enabled, we can match the internal encoding
* with the standard's encoding of versions. */
static inline void mbedtls_ssl_write_version( int major, int minor,
int transport,
unsigned char ver[2] )
{
((void) transport);
ver[0] = (unsigned char) major;
ver[1] = (unsigned char) minor;
}
static inline void mbedtls_ssl_read_version( int *major, int *minor,
int transport,
const unsigned char ver[2] )
{
((void) transport);
*major = ver[0];
*minor = ver[1];
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_leq( int v0, int v1 )
{
return( v0 >= v1 );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_lt( int v0, int v1 )
{
return( v0 > v1 );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_geq( int v0, int v1 )
{
return( v0 <= v1 );
}
MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_gt( int v0, int v1 )
{
return( v0 < v1 );
}
#endif /* MBEDTLS_SSL_PROTO_TLS */
MBEDTLS_ALWAYS_INLINE static inline size_t mbedtls_ssl_minor_ver_index(
int ver )
{
switch( ver )
{
case MBEDTLS_SSL_MINOR_VERSION_0:
return( 0 );
case MBEDTLS_SSL_MINOR_VERSION_1:
return( 1 );
case MBEDTLS_SSL_MINOR_VERSION_2:
return( 2 );
case MBEDTLS_SSL_MINOR_VERSION_3:
return( 3 );
}
return( 0 );
}
#ifdef __cplusplus
}
#endif
@ -1697,7 +1781,8 @@ static inline unsigned int mbedtls_ssl_conf_get_ems_enforced(
#define MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, ver, info ) \
{ \
int const *__id_ptr; \
for( __id_ptr=(ssl)->conf->ciphersuite_list[ (ver) ]; \
for( __id_ptr=(ssl)->conf->ciphersuite_list[ \
mbedtls_ssl_minor_ver_index( ver ) ]; \
*__id_ptr != 0; __id_ptr++ ) \
{ \
const int __id = *__id_ptr; \

51
include/mbedtls/x509_crt.h
View file

@ -214,6 +214,8 @@ typedef struct mbedtls_x509write_cert
mbedtls_x509write_cert;
#endif /* MBEDTLS_X509_CRT_WRITE_C */
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
/**
* Item in a verification chain: cert and flags for it
*/
@ -236,6 +238,16 @@ typedef struct
unsigned len;
} mbedtls_x509_crt_verify_chain;
#else /* !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
typedef struct
{
unsigned len;
uint32_t flags;
} mbedtls_x509_crt_verify_chain;
#endif /* !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/**
@ -249,6 +261,9 @@ typedef struct
/* for find_parent_in() */
mbedtls_x509_crt *parent; /* non-null iff parent_in in progress */
/* current child CRT */
mbedtls_x509_crt *cur_crt;
#if defined(MBEDTLS_HAVE_TIME_DATE)
mbedtls_x509_crt *fallback_parent;
int fallback_signature_is_good;
@ -502,14 +517,17 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
* verification process.
*/
int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
mbedtls_x509_crt *trust_ca,
mbedtls_x509_crl *ca_crl,
mbedtls_x509_crt *trust_ca,
mbedtls_x509_crl *ca_crl,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION) || defined(DOXYGEN_ONLY)
const char *cn,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION || defined(DOXYGEN_ONLY) */
uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy );
const char *cn,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION || DOXYGEN_ONLY */
uint32_t *flags
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK) || defined(DOXYGEN_ONLY)
, int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy
#endif /* !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK || DOXYGEN_ONLY */
);
/**
* \brief Verify the certificate signature according to profile
@ -544,10 +562,13 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
const mbedtls_x509_crt_profile *profile,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION) || defined(DOXYGEN_ONLY)
const char *cn,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION || defined(DOXYGEN_ONLY) */
uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy );
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION || DOXYGEN_ONLY */
uint32_t *flags
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK) || defined(DOXYGEN_ONLY)
, int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy
#endif /* !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK || DOXYGEN_ONLY */
);
/**
* \brief Restartable version of \c mbedtls_crt_verify_with_profile()
@ -577,10 +598,12 @@ int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
const mbedtls_x509_crt_profile *profile,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION) || defined(DOXYGEN_ONLY)
const char *cn,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION || defined(DOXYGEN_ONLY) */
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION || DOXYGEN_ONLY */
uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy,
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK) || defined(DOXYGEN_ONLY)
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy,
#endif /* !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK || DOXYGEN_ONLY */
mbedtls_x509_crt_restart_ctx *rs_ctx );
#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)

5
include/tinycrypt/ecc.h
View file

@ -1,5 +1,10 @@
/* ecc.h - TinyCrypt interface to common ECC functions */
/*
* Copyright (c) 2019, Arm Limited (or its affiliates), All Rights Reserved.
* SPDX-License-Identifier: BSD-3-Clause
*/
/* Copyright (c) 2014, Kenneth MacKay
* All rights reserved.
*

5
include/tinycrypt/ecc_dh.h
View file

@ -1,5 +1,10 @@
/* ecc_dh.h - TinyCrypt interface to EC-DH implementation */
/*
* Copyright (c) 2019, Arm Limited (or its affiliates), All Rights Reserved.
* SPDX-License-Identifier: BSD-3-Clause
*/
/*
* Copyright (c) 2014, Kenneth MacKay
* All rights reserved.

5
include/tinycrypt/ecc_dsa.h
View file

@ -1,5 +1,10 @@
/* ecc_dh.h - TinyCrypt interface to EC-DSA implementation */
/*
* Copyright (c) 2019, Arm Limited (or its affiliates), All Rights Reserved.
* SPDX-License-Identifier: BSD-3-Clause
*/
/*
* Copyright (c) 2014, Kenneth MacKay
* All rights reserved.

1
library/CMakeLists.txt
View file

@ -38,7 +38,6 @@ set(src_crypto
md2.c
md4.c
md5.c
md_wrap.c
memory_buffer_alloc.c
nist_kw.c
oid.c

2
library/Makefile
View file

@ -77,7 +77,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \
error.o gcm.o havege.o \
hkdf.o \
hmac_drbg.o md.o md2.o \
md4.o md5.o md_wrap.o \
md4.o md5.o \
memory_buffer_alloc.o nist_kw.o \
oid.o padlock.o pem.o \
pk.o pk_wrap.o pkcs12.o \

7
library/ecdsa.c
View file

@ -420,11 +420,14 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp,
mbedtls_hmac_drbg_context *p_rng = &rng_ctx;
unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES];
size_t grp_len = ( grp->nbits + 7 ) / 8;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_mpi h;
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) ==
MBEDTLS_MD_INVALID_HANDLE )
{
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
}
mbedtls_mpi_init( &h );
mbedtls_hmac_drbg_init( &rng_ctx );

25
library/ecjpake.c
View file

@ -63,7 +63,7 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx )
{
ECJPAKE_VALIDATE( ctx != NULL );
ctx->md_info = NULL;
ctx->md_info = MBEDTLS_MD_INVALID_HANDLE;
mbedtls_ecp_group_init( &ctx->grp );
ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
@ -86,7 +86,7 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx )
if( ctx == NULL )
return;
ctx->md_info = NULL;
ctx->md_info = MBEDTLS_MD_INVALID_HANDLE;
mbedtls_ecp_group_free( &ctx->grp );
mbedtls_ecp_point_free( &ctx->Xm1 );
@ -119,8 +119,11 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
ctx->role = role;
if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL )
if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) ==
MBEDTLS_MD_INVALID_HANDLE )
{
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
}
MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, curve ) );
@ -140,7 +143,7 @@ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx )
{
ECJPAKE_VALIDATE_RET( ctx != NULL );
if( ctx->md_info == NULL ||
if( ctx->md_info == MBEDTLS_MD_INVALID_HANDLE ||
ctx->grp.id == MBEDTLS_ECP_DP_NONE ||
ctx->s.p == NULL )
{
@ -190,7 +193,7 @@ static int ecjpake_write_len_point( unsigned char **p,
/*
* Compute hash for ZKP (7.4.2.2.2.1)
*/
static int ecjpake_hash( const mbedtls_md_info_t *md_info,
static int ecjpake_hash( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@ -240,7 +243,7 @@ cleanup:
/*
* Parse a ECShnorrZKP (7.4.2.2.2) and verify it (7.4.2.3.3)
*/
static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info,
static int ecjpake_zkp_read( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@ -312,7 +315,7 @@ cleanup:
/*
* Generate ZKP (7.4.2.3.2) and write it as ECSchnorrZKP (7.4.2.2.2)
*/
static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info,
static int ecjpake_zkp_write( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@ -373,7 +376,7 @@ cleanup:
* Parse a ECJPAKEKeyKP (7.4.2.2.1) and check proof
* Output: verified public key X
*/
static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info,
static int ecjpake_kkp_read( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@ -410,7 +413,7 @@ cleanup:
* Generate an ECJPAKEKeyKP
* Output: the serialized structure, plus private/public key pair
*/
static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info,
static int ecjpake_kkp_write( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@ -447,7 +450,7 @@ cleanup:
* Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs
* Ouputs: verified peer public keys Xa, Xb
*/
static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info,
static int ecjpake_kkpp_read( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,
@ -480,7 +483,7 @@ cleanup:
* Generate a ECJPAKEKeyKPPairList
* Outputs: the serialized structure, plus two private/public key pairs
*/
static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info,
static int ecjpake_kkpp_write( mbedtls_md_handle_t md_info,
const mbedtls_ecp_group *grp,
const int pf,
const mbedtls_ecp_point *G,

6
library/hkdf.c
View file

@ -30,7 +30,7 @@
#include "mbedtls/hkdf.h"
#include "mbedtls/platform_util.h"
int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
int mbedtls_hkdf( mbedtls_md_handle_t md, const unsigned char *salt,
size_t salt_len, const unsigned char *ikm, size_t ikm_len,
const unsigned char *info, size_t info_len,
unsigned char *okm, size_t okm_len )
@ -51,7 +51,7 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
return( ret );
}
int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
int mbedtls_hkdf_extract( mbedtls_md_handle_t md,
const unsigned char *salt, size_t salt_len,
const unsigned char *ikm, size_t ikm_len,
unsigned char *prk )
@ -81,7 +81,7 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
return( mbedtls_md_hmac( md, salt, salt_len, ikm, ikm_len, prk ) );
}
int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
int mbedtls_hkdf_expand( mbedtls_md_handle_t md, const unsigned char *prk,
size_t prk_len, const unsigned char *info,
size_t info_len, unsigned char *okm, size_t okm_len )
{

12
library/hmac_drbg.c
View file

@ -70,7 +70,8 @@ int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional,
size_t add_len )
{
size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
size_t md_len = mbedtls_md_get_size(
mbedtls_md_get_handle( &ctx->md_ctx ) );
unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1;
unsigned char sep[1];
unsigned char K[MBEDTLS_MD_MAX_SIZE];
@ -124,7 +125,7 @@ void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
* Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA)
*/
int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
mbedtls_md_handle_t md_info,
const unsigned char *data, size_t data_len )
{
int ret;
@ -246,7 +247,7 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
* from the entropy source as suggested in 8.6.7.
*/
int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
mbedtls_md_handle_t md_info,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
@ -329,7 +330,8 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng,
{
int ret;
mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng;
size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
size_t md_len = mbedtls_md_get_size(
mbedtls_md_get_handle( &ctx->md_ctx ) );
size_t left = out_len;
unsigned char *out = output;
@ -564,7 +566,7 @@ int mbedtls_hmac_drbg_self_test( int verbose )
{
mbedtls_hmac_drbg_context ctx;
unsigned char buf[OUTPUT_LEN];
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
mbedtls_hmac_drbg_init( &ctx );

479
library/md.c
View file

@ -32,7 +32,6 @@
#if defined(MBEDTLS_MD_C)
#include "mbedtls/md.h"
#include "mbedtls/md_internal.h"
#include "mbedtls/platform_util.h"
#if defined(MBEDTLS_PLATFORM_C)
@ -49,6 +48,177 @@
#include <stdio.h>
#endif
#if !defined(MBEDTLS_MD_SINGLE_HASH)
/*
*
* Definitions of MD information structures for various digests.
*
*/
/*
* MD-2
*/
#if defined(MBEDTLS_MD2_C)
static const mbedtls_md_info_t mbedtls_md2_info = {
MBEDTLS_MD_MD2,
"MD2",
16,
16,
mbedtls_md2_starts_wrap,
mbedtls_md2_update_wrap,
mbedtls_md2_finish_wrap,
mbedtls_md2_ret,
mbedtls_md2_ctx_alloc,
mbedtls_md2_ctx_free,
mbedtls_md2_clone_wrap,
mbedtls_md2_process_wrap,
};
#endif /* MBEDTLS_MD2_C */
/*
* MD-4
*/
#if defined(MBEDTLS_MD4_C)
static const mbedtls_md_info_t mbedtls_md4_info = {
MBEDTLS_MD_MD4,
"MD4",
16,
64,
mbedtls_md4_starts_wrap,
mbedtls_md4_update_wrap,
mbedtls_md4_finish_wrap,
mbedtls_md4_ret,
mbedtls_md4_ctx_alloc,
mbedtls_md4_ctx_free,
mbedtls_md4_clone_wrap,
mbedtls_md4_process_wrap,
};
#endif /* MBEDTLS_MD4_C */
/*
* MD-5
*/
#if defined(MBEDTLS_MD5_C)
static const mbedtls_md_info_t mbedtls_md5_info = {
MBEDTLS_MD_MD5,
"MD5",
16,
64,
mbedtls_md5_starts_wrap,
mbedtls_md5_update_wrap,
mbedtls_md5_finish_wrap,
mbedtls_md5_ret,
mbedtls_md5_ctx_alloc,
mbedtls_md5_ctx_free,
mbedtls_md5_clone_wrap,
mbedtls_md5_process_wrap,
};
#endif /* MBEDTLS_MD5_C */
/*
* RIPEMD-160
*/
#if defined(MBEDTLS_RIPEMD160_C)
static const mbedtls_md_info_t mbedtls_ripemd160_info = {
MBEDTLS_MD_RIPEMD160,
"RIPEMD160",
20,
64,
mbedtls_ripemd160_starts_wrap,
mbedtls_ripemd160_update_wrap,
mbedtls_ripemd160_finish_wrap,
mbedtls_ripemd160_ret,
mbedtls_ripemd160_ctx_alloc,
mbedtls_ripemd160_ctx_free,
mbedtls_ripemd160_clone_wrap,
mbedtls_ripemd160_process_wrap,
};
#endif /* MBEDTLS_RIPEMD160_C */
/*
* SHA-1
*/
#if defined(MBEDTLS_SHA1_C)
static const mbedtls_md_info_t mbedtls_sha1_info = {
MBEDTLS_MD_SHA1,
"SHA1",
20,
64,
mbedtls_sha1_starts_wrap,
mbedtls_sha1_update_wrap,
mbedtls_sha1_finish_wrap,
mbedtls_sha1_ret,
mbedtls_sha1_ctx_alloc,
mbedtls_sha1_ctx_free,
mbedtls_sha1_clone_wrap,
mbedtls_sha1_process_wrap,
};
#endif /* MBEDTLS_SHA1_C */
/*
* SHA-224 and SHA-256
*/
#if defined(MBEDTLS_SHA256_C)
#if !defined(MBEDTLS_SHA256_NO_SHA224)
static const mbedtls_md_info_t mbedtls_sha224_info = {
MBEDTLS_MD_SHA224,
"SHA224",
28,
64,
mbedtls_sha224_starts_wrap,
mbedtls_sha224_update_wrap,
mbedtls_sha224_finish_wrap,
mbedtls_sha224_wrap,
mbedtls_sha224_ctx_alloc,
mbedtls_sha224_ctx_free,
mbedtls_sha224_clone_wrap,
mbedtls_sha224_process_wrap,
};
#endif /* !MBEDTLS_SHA256_NO_SHA224 */
static const mbedtls_md_info_t mbedtls_sha256_info =
MBEDTLS_MD_INFO( MBEDTLS_MD_INFO_SHA256 );
#endif /* MBEDTLS_SHA256_C */
/*
* SHA-384 and SHA-512
*/
#if defined(MBEDTLS_SHA512_C)
static const mbedtls_md_info_t mbedtls_sha384_info = {
MBEDTLS_MD_SHA384,
"SHA384",
48,
128,
mbedtls_sha384_starts_wrap,
mbedtls_sha384_update_wrap,
mbedtls_sha384_finish_wrap,
mbedtls_sha384_wrap,
mbedtls_sha384_ctx_alloc,
mbedtls_sha384_ctx_free,
mbedtls_sha384_clone_wrap,
mbedtls_sha384_process_wrap,
};
static const mbedtls_md_info_t mbedtls_sha512_info = {
MBEDTLS_MD_SHA512,
"SHA512",
64,
128,
mbedtls_sha512_starts_wrap,
mbedtls_sha384_update_wrap,
mbedtls_sha384_finish_wrap,
mbedtls_sha512_wrap,
mbedtls_sha384_ctx_alloc,
mbedtls_sha384_ctx_free,
mbedtls_sha384_clone_wrap,
mbedtls_sha384_process_wrap,
};
#endif /* MBEDTLS_SHA512_C */
/*
* Reminder: update profiles in x509_crt.c when adding a new hash!
*/
@ -61,8 +231,10 @@ static const int supported_digests[] = {
#if defined(MBEDTLS_SHA256_C)
MBEDTLS_MD_SHA256,
#if !defined(MBEDTLS_SHA256_NO_SHA224)
MBEDTLS_MD_SHA224,
#endif
#endif /* MBEDTLS_SHA256_C */
#if defined(MBEDTLS_SHA1_C)
MBEDTLS_MD_SHA1,
@ -92,7 +264,7 @@ const int *mbedtls_md_list( void )
return( supported_digests );
}
const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name )
{
if( NULL == md_name )
return( NULL );
@ -119,11 +291,13 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
#endif
#if defined(MBEDTLS_SHA256_C)
#if !defined(MBEDTLS_SHA256_NO_SHA224)
if( !strcmp( "SHA224", md_name ) )
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 );
#endif
if( !strcmp( "SHA256", md_name ) )
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
#endif
#endif /* MBEDTLS_SHA256_C */
#if defined(MBEDTLS_SHA512_C)
if( !strcmp( "SHA384", md_name ) )
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 );
@ -133,7 +307,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
return( NULL );
}
const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
{
switch( md_type )
{
@ -158,11 +332,13 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
return( &mbedtls_sha1_info );
#endif
#if defined(MBEDTLS_SHA256_C)
#if !defined(MBEDTLS_SHA256_NO_SHA224)
case MBEDTLS_MD_SHA224:
return( &mbedtls_sha224_info );
#endif
case MBEDTLS_MD_SHA256:
return( &mbedtls_sha256_info );
#endif
#endif /* MBEDTLS_SHA256_C */
#if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA384:
return( &mbedtls_sha384_info );
@ -174,25 +350,69 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
}
}
#else /* MBEDTLS_MD_SINGLE_HASH */
const int *mbedtls_md_list( void )
{
static int single_hash[2] =
{ MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH ),
MBEDTLS_MD_INVALID_HANDLE };
return( single_hash );
}
mbedtls_md_handle_t mbedtls_md_info_from_string( const char *md_name )
{
static const char * const hash_name =
MBEDTLS_MD_INFO_NAME( MBEDTLS_MD_SINGLE_HASH );
if( md_name != NULL && strcmp( hash_name, md_name ) == 0 )
return( MBEDTLS_MD_UNIQUE_VALID_HANDLE );
return( MBEDTLS_MD_INVALID_HANDLE );
}
mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
{
static const mbedtls_md_type_t hash_type =
MBEDTLS_MD_INFO_TYPE( MBEDTLS_MD_SINGLE_HASH );
if( hash_type == md_type )
return( MBEDTLS_MD_UNIQUE_VALID_HANDLE );
return( MBEDTLS_MD_INVALID_HANDLE );
}
#endif /* MBEDTLS_MD_SINGLE_HASH */
void mbedtls_md_init( mbedtls_md_context_t *ctx )
{
memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
#if defined(MBEDTLS_MD_SINGLE_HASH)
mbedtls_md_info_init( mbedtls_md_get_handle( ctx ),
ctx->md_ctx );
#endif
}
void mbedtls_md_free( mbedtls_md_context_t *ctx )
{
if( ctx == NULL || ctx->md_info == NULL )
if( ctx == NULL || mbedtls_md_get_handle( ctx ) == MBEDTLS_MD_INVALID_HANDLE )
return;
#if !defined(MBEDTLS_MD_SINGLE_HASH)
if( ctx->md_ctx != NULL )
ctx->md_info->ctx_free_func( ctx->md_ctx );
{
mbedtls_md_info_ctx_free( mbedtls_md_get_handle( ctx ), ctx->md_ctx );
}
if( ctx->hmac_ctx != NULL )
{
mbedtls_platform_zeroize( ctx->hmac_ctx,
2 * ctx->md_info->block_size );
2 * mbedtls_md_info_block_size( mbedtls_md_get_handle( ctx ) ) );
mbedtls_free( ctx->hmac_ctx );
}
#endif /* MBEDTLS_MD_SINGLE_HASH */
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
}
@ -200,83 +420,57 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx )
int mbedtls_md_clone( mbedtls_md_context_t *dst,
const mbedtls_md_context_t *src )
{
if( dst == NULL || dst->md_info == NULL ||
src == NULL || src->md_info == NULL ||
dst->md_info != src->md_info )
if( dst == NULL || mbedtls_md_get_handle( dst ) == MBEDTLS_MD_INVALID_HANDLE ||
src == NULL || mbedtls_md_get_handle( src ) == MBEDTLS_MD_INVALID_HANDLE ||
mbedtls_md_get_handle( dst ) != mbedtls_md_get_handle( src ) )
{
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
}
dst->md_info->clone_func( dst->md_ctx, src->md_ctx );
mbedtls_md_info_clone( mbedtls_md_get_handle( dst ),
dst->md_ctx, src->md_ctx );
return( 0 );
}
#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info )
int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info )
{
return mbedtls_md_setup( ctx, md_info, 1 );
}
#endif
int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
#if !defined(MBEDTLS_MD_SINGLE_HASH)
int mbedtls_md_setup( mbedtls_md_context_t *ctx, mbedtls_md_handle_t md_info, int hmac )
{
if( md_info == NULL || ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
return( MBEDTLS_ERR_MD_ALLOC_FAILED );
if( hmac != 0 )
{
ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size );
if( ctx->hmac_ctx == NULL )
{
md_info->ctx_free_func( ctx->md_ctx );
return( MBEDTLS_ERR_MD_ALLOC_FAILED );
}
}
ctx->md_info = md_info;
return( 0 );
return( mbedtls_md_setup_internal( ctx, md_info, hmac ) );
}
int mbedtls_md_starts( mbedtls_md_context_t *ctx )
{
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( ctx->md_info->starts_func( ctx->md_ctx ) );
return( mbedtls_md_starts_internal( ctx ) );
}
int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
int mbedtls_md_update( mbedtls_md_context_t *ctx,
const unsigned char *input,
size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
return( mbedtls_md_update_internal( ctx, input, ilen ) );
}
int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
{
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
return( mbedtls_md_finish_internal( ctx, output ) );
}
int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
int mbedtls_md( mbedtls_md_handle_t md_info, const unsigned char *input, size_t ilen,
unsigned char *output )
{
if( md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( md_info->digest_func( input, ilen, output ) );
return( mbedtls_md_internal( md_info, input, ilen, output ) );
}
#endif /* !MBEDTLS_MD_SINGLE_HASH */
#if defined(MBEDTLS_FS_IO)
int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output )
int mbedtls_md_file( mbedtls_md_handle_t md_info, const char *path, unsigned char *output )
{
int ret;
FILE *f;
@ -284,7 +478,7 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne
mbedtls_md_context_t ctx;
unsigned char buf[1024];
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
if( ( f = fopen( path, "rb" ) ) == NULL )
@ -295,17 +489,27 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne
if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
goto cleanup;
if( ( ret = md_info->starts_func( ctx.md_ctx ) ) != 0 )
ret = mbedtls_md_info_starts( md_info, ctx.md_ctx );
if( ret != 0 )
goto cleanup;
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
if( ( ret = md_info->update_func( ctx.md_ctx, buf, n ) ) != 0 )
{
ret = mbedtls_md_info_update( md_info, ctx.md_ctx,
buf, n );
if( ret != 0 )
goto cleanup;
}
if( ferror( f ) != 0 )
{
ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
}
else
ret = md_info->finish_func( ctx.md_ctx, output );
{
ret = mbedtls_md_info_finish( md_info, ctx.md_ctx,
output );
}
cleanup:
mbedtls_platform_zeroize( buf, sizeof( buf ) );
@ -323,27 +527,44 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
unsigned char *ipad, *opad;
size_t i;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
mbedtls_md_handle_t md_info;
if( ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
if( keylen > (size_t) ctx->md_info->block_size )
#if !defined(MBEDTLS_MD_SINGLE_HASH)
if( ctx->hmac_ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#endif /* !MBEDTLS_MD_SINGLE_HASH */
md_info = mbedtls_md_get_handle( ctx );
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
if( keylen > (size_t) mbedtls_md_info_block_size( md_info ) )
{
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
goto cleanup;
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, key, keylen ) ) != 0 )
goto cleanup;
if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, sum ) ) != 0 )
if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 )
goto cleanup;
keylen = ctx->md_info->size;
if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx,
key, keylen ) ) != 0 )
{
goto cleanup;
}
if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, sum ) ) != 0 )
goto cleanup;
keylen = mbedtls_md_info_size( md_info );
key = sum;
}
ipad = (unsigned char *) ctx->hmac_ctx;
opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
opad = (unsigned char *) ctx->hmac_ctx +
mbedtls_md_info_block_size( md_info );
memset( ipad, 0x36, ctx->md_info->block_size );
memset( opad, 0x5C, ctx->md_info->block_size );
memset( ipad, 0x36, mbedtls_md_info_block_size( md_info ) );
memset( opad, 0x5C, mbedtls_md_info_block_size( md_info ) );
for( i = 0; i < keylen; i++ )
{
@ -351,11 +572,14 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
opad[i] = (unsigned char)( opad[i] ^ key[i] );
}
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 )
goto cleanup;
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, ipad,
ctx->md_info->block_size ) ) != 0 )
if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, ipad,
mbedtls_md_info_block_size( md_info ) ) ) != 0 )
{
goto cleanup;
}
cleanup:
mbedtls_platform_zeroize( sum, sizeof( sum ) );
@ -363,12 +587,26 @@ cleanup:
return( ret );
}
int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx,
const unsigned char *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
mbedtls_md_handle_t md_info;
if( ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
#if !defined(MBEDTLS_MD_SINGLE_HASH)
if( ctx->hmac_ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#endif /* !MBEDTLS_MD_SINGLE_HASH */
md_info = mbedtls_md_get_handle( ctx );
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( mbedtls_md_info_update( md_info,
ctx->md_ctx, input,
ilen ) );
}
int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
@ -377,22 +615,45 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
unsigned char *opad;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
mbedtls_md_handle_t md_info;
if( ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
#if !defined(MBEDTLS_MD_SINGLE_HASH)
if( ctx->hmac_ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#endif /* !MBEDTLS_MD_SINGLE_HASH */
if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, tmp ) ) != 0 )
md_info = mbedtls_md_get_handle( ctx );
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
opad = (unsigned char *) ctx->hmac_ctx +
mbedtls_md_info_block_size( md_info );
if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, tmp ) ) != 0 )
return( ret );
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
if( ( ret = mbedtls_md_info_starts( md_info, ctx->md_ctx ) ) != 0 )
return( ret );
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, opad,
ctx->md_info->block_size ) ) != 0 )
if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, opad,
mbedtls_md_info_block_size( md_info ) ) ) != 0 )
{
return( ret );
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, tmp,
ctx->md_info->size ) ) != 0 )
}
if( ( ret = mbedtls_md_info_update( md_info, ctx->md_ctx, tmp,
mbedtls_md_info_size( md_info ) ) ) != 0 )
{
return( ret );
return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
}
if( ( ret = mbedtls_md_info_finish( md_info, ctx->md_ctx, output ) ) != 0 )
return( ret );
return( 0 );
}
int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
@ -400,18 +661,33 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
int ret;
unsigned char *ipad;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
mbedtls_md_handle_t md_info;
if( ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#if !defined(MBEDTLS_MD_SINGLE_HASH)
if( ctx->hmac_ctx == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#endif /* !MBEDTLS_MD_SINGLE_HASH */
md_info = mbedtls_md_get_handle( ctx );
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ipad = (unsigned char *) ctx->hmac_ctx;
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
ret = mbedtls_md_info_starts( md_info, ctx->md_ctx );
if( ret != 0 )
return( ret );
return( ctx->md_info->update_func( ctx->md_ctx, ipad,
ctx->md_info->block_size ) );
ret = mbedtls_md_info_update( md_info,
ctx->md_ctx, ipad,
mbedtls_md_info_block_size( md_info ) );
return( ret );
}
int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
int mbedtls_md_hmac( mbedtls_md_handle_t md_info,
const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
@ -419,7 +695,7 @@ int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
mbedtls_md_context_t ctx;
int ret;
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
mbedtls_md_init( &ctx );
@ -440,36 +716,35 @@ cleanup:
return( ret );
}
#if !defined(MBEDTLS_MD_SINGLE_HASH)
int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
{
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( ctx->md_info->process_func( ctx->md_ctx, data ) );
return( mbedtls_md_process_internal( ctx, data ) );
}
#endif /* !MBEDTLS_MD_SINGLE_HASH */
unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
unsigned char mbedtls_md_get_size( mbedtls_md_handle_t md_info )
{
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( 0 );
return md_info->size;
return mbedtls_md_info_size( md_info );
}
mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info )
mbedtls_md_type_t mbedtls_md_get_type( mbedtls_md_handle_t md_info )
{
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_MD_NONE );
return md_info->type;
return mbedtls_md_info_type( md_info );
}
const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info )
const char *mbedtls_md_get_name( mbedtls_md_handle_t md_info )
{
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( NULL );
return md_info->name;
return mbedtls_md_info_name( md_info );
}
#endif /* MBEDTLS_MD_C */

586
library/md_wrap.c
View file

@ -1,586 +0,0 @@
/**
* \file md_wrap.c
*
* \brief Generic message digest wrapper for mbed TLS
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_MD_C)
#include "mbedtls/md_internal.h"
#if defined(MBEDTLS_MD2_C)
#include "mbedtls/md2.h"
#endif
#if defined(MBEDTLS_MD4_C)
#include "mbedtls/md4.h"
#endif
#if defined(MBEDTLS_MD5_C)
#include "mbedtls/md5.h"
#endif
#if defined(MBEDTLS_RIPEMD160_C)
#include "mbedtls/ripemd160.h"
#endif
#if defined(MBEDTLS_SHA1_C)
#include "mbedtls/sha1.h"
#endif
#if defined(MBEDTLS_SHA256_C)
#include "mbedtls/sha256.h"
#endif
#if defined(MBEDTLS_SHA512_C)
#include "mbedtls/sha512.h"
#endif
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define mbedtls_calloc calloc
#define mbedtls_free free
#endif
#if defined(MBEDTLS_MD2_C)
static int md2_starts_wrap( void *ctx )
{
return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) );
}
static int md2_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) );
}
static int md2_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) );
}
static void *md2_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) );
if( ctx != NULL )
mbedtls_md2_init( (mbedtls_md2_context *) ctx );
return( ctx );
}
static void md2_ctx_free( void *ctx )
{
mbedtls_md2_free( (mbedtls_md2_context *) ctx );
mbedtls_free( ctx );
}
static void md2_clone_wrap( void *dst, const void *src )
{
mbedtls_md2_clone( (mbedtls_md2_context *) dst,
(const mbedtls_md2_context *) src );
}
static int md2_process_wrap( void *ctx, const unsigned char *data )
{
((void) data);
return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) );
}
const mbedtls_md_info_t mbedtls_md2_info = {
MBEDTLS_MD_MD2,
"MD2",
16,
16,
md2_starts_wrap,
md2_update_wrap,
md2_finish_wrap,
mbedtls_md2_ret,
md2_ctx_alloc,
md2_ctx_free,
md2_clone_wrap,
md2_process_wrap,
};
#endif /* MBEDTLS_MD2_C */
#if defined(MBEDTLS_MD4_C)
static int md4_starts_wrap( void *ctx )
{
return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) );
}
static int md4_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) );
}
static int md4_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) );
}
static void *md4_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) );
if( ctx != NULL )
mbedtls_md4_init( (mbedtls_md4_context *) ctx );
return( ctx );
}
static void md4_ctx_free( void *ctx )
{
mbedtls_md4_free( (mbedtls_md4_context *) ctx );
mbedtls_free( ctx );
}
static void md4_clone_wrap( void *dst, const void *src )
{
mbedtls_md4_clone( (mbedtls_md4_context *) dst,
(const mbedtls_md4_context *) src );
}
static int md4_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) );
}
const mbedtls_md_info_t mbedtls_md4_info = {
MBEDTLS_MD_MD4,
"MD4",
16,
64,
md4_starts_wrap,
md4_update_wrap,
md4_finish_wrap,
mbedtls_md4_ret,
md4_ctx_alloc,
md4_ctx_free,
md4_clone_wrap,
md4_process_wrap,
};
#endif /* MBEDTLS_MD4_C */
#if defined(MBEDTLS_MD5_C)
static int md5_starts_wrap( void *ctx )
{
return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) );
}
static int md5_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) );
}
static int md5_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) );
}
static void *md5_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) );
if( ctx != NULL )
mbedtls_md5_init( (mbedtls_md5_context *) ctx );
return( ctx );
}
static void md5_ctx_free( void *ctx )
{
mbedtls_md5_free( (mbedtls_md5_context *) ctx );
mbedtls_free( ctx );
}
static void md5_clone_wrap( void *dst, const void *src )
{
mbedtls_md5_clone( (mbedtls_md5_context *) dst,
(const mbedtls_md5_context *) src );
}
static int md5_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) );
}
const mbedtls_md_info_t mbedtls_md5_info = {
MBEDTLS_MD_MD5,
"MD5",
16,
64,
md5_starts_wrap,
md5_update_wrap,
md5_finish_wrap,
mbedtls_md5_ret,
md5_ctx_alloc,
md5_ctx_free,
md5_clone_wrap,
md5_process_wrap,
};
#endif /* MBEDTLS_MD5_C */
#if defined(MBEDTLS_RIPEMD160_C)
static int ripemd160_starts_wrap( void *ctx )
{
return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) );
}
static int ripemd160_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx,
input, ilen ) );
}
static int ripemd160_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx,
output ) );
}
static void *ripemd160_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) );
if( ctx != NULL )
mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx );
return( ctx );
}
static void ripemd160_ctx_free( void *ctx )
{
mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx );
mbedtls_free( ctx );
}
static void ripemd160_clone_wrap( void *dst, const void *src )
{
mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst,
(const mbedtls_ripemd160_context *) src );
}
static int ripemd160_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_ripemd160_process(
(mbedtls_ripemd160_context *) ctx, data ) );
}
const mbedtls_md_info_t mbedtls_ripemd160_info = {
MBEDTLS_MD_RIPEMD160,
"RIPEMD160",
20,
64,
ripemd160_starts_wrap,
ripemd160_update_wrap,
ripemd160_finish_wrap,
mbedtls_ripemd160_ret,
ripemd160_ctx_alloc,
ripemd160_ctx_free,
ripemd160_clone_wrap,
ripemd160_process_wrap,
};
#endif /* MBEDTLS_RIPEMD160_C */
#if defined(MBEDTLS_SHA1_C)
static int sha1_starts_wrap( void *ctx )
{
return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) );
}
static int sha1_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx,
input, ilen ) );
}
static int sha1_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) );
}
static void *sha1_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) );
if( ctx != NULL )
mbedtls_sha1_init( (mbedtls_sha1_context *) ctx );
return( ctx );
}
static void sha1_clone_wrap( void *dst, const void *src )
{
mbedtls_sha1_clone( (mbedtls_sha1_context *) dst,
(const mbedtls_sha1_context *) src );
}
static void sha1_ctx_free( void *ctx )
{
mbedtls_sha1_free( (mbedtls_sha1_context *) ctx );
mbedtls_free( ctx );
}
static int sha1_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx,
data ) );
}
const mbedtls_md_info_t mbedtls_sha1_info = {
MBEDTLS_MD_SHA1,
"SHA1",
20,
64,
sha1_starts_wrap,
sha1_update_wrap,
sha1_finish_wrap,
mbedtls_sha1_ret,
sha1_ctx_alloc,
sha1_ctx_free,
sha1_clone_wrap,
sha1_process_wrap,
};
#endif /* MBEDTLS_SHA1_C */
/*
* Wrappers for generic message digests
*/
#if defined(MBEDTLS_SHA256_C)
static int sha224_starts_wrap( void *ctx )
{
return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) );
}
static int sha224_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx,
input, ilen ) );
}
static int sha224_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx,
output ) );
}
static int sha224_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
return( mbedtls_sha256_ret( input, ilen, output, 1 ) );
}
static void *sha224_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) );
if( ctx != NULL )
mbedtls_sha256_init( (mbedtls_sha256_context *) ctx );
return( ctx );
}
static void sha224_ctx_free( void *ctx )
{
mbedtls_sha256_free( (mbedtls_sha256_context *) ctx );
mbedtls_free( ctx );
}
static void sha224_clone_wrap( void *dst, const void *src )
{
mbedtls_sha256_clone( (mbedtls_sha256_context *) dst,
(const mbedtls_sha256_context *) src );
}
static int sha224_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx,
data ) );
}
const mbedtls_md_info_t mbedtls_sha224_info = {
MBEDTLS_MD_SHA224,
"SHA224",
28,
64,
sha224_starts_wrap,
sha224_update_wrap,
sha224_finish_wrap,
sha224_wrap,
sha224_ctx_alloc,
sha224_ctx_free,
sha224_clone_wrap,
sha224_process_wrap,
};
static int sha256_starts_wrap( void *ctx )
{
return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) );
}
static int sha256_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
return( mbedtls_sha256_ret( input, ilen, output, 0 ) );
}
const mbedtls_md_info_t mbedtls_sha256_info = {
MBEDTLS_MD_SHA256,
"SHA256",
32,
64,
sha256_starts_wrap,
sha224_update_wrap,
sha224_finish_wrap,
sha256_wrap,
sha224_ctx_alloc,
sha224_ctx_free,
sha224_clone_wrap,
sha224_process_wrap,
};
#endif /* MBEDTLS_SHA256_C */
#if defined(MBEDTLS_SHA512_C)
static int sha384_starts_wrap( void *ctx )
{
return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) );
}
static int sha384_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx,
input, ilen ) );
}
static int sha384_finish_wrap( void *ctx, unsigned char *output )
{
return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx,
output ) );
}
static int sha384_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
return( mbedtls_sha512_ret( input, ilen, output, 1 ) );
}
static void *sha384_ctx_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) );
if( ctx != NULL )
mbedtls_sha512_init( (mbedtls_sha512_context *) ctx );
return( ctx );
}
static void sha384_ctx_free( void *ctx )
{
mbedtls_sha512_free( (mbedtls_sha512_context *) ctx );
mbedtls_free( ctx );
}
static void sha384_clone_wrap( void *dst, const void *src )
{
mbedtls_sha512_clone( (mbedtls_sha512_context *) dst,
(const mbedtls_sha512_context *) src );
}
static int sha384_process_wrap( void *ctx, const unsigned char *data )
{
return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx,
data ) );
}
const mbedtls_md_info_t mbedtls_sha384_info = {
MBEDTLS_MD_SHA384,
"SHA384",
48,
128,
sha384_starts_wrap,
sha384_update_wrap,
sha384_finish_wrap,
sha384_wrap,
sha384_ctx_alloc,
sha384_ctx_free,
sha384_clone_wrap,
sha384_process_wrap,
};
static int sha512_starts_wrap( void *ctx )
{
return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) );
}
static int sha512_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
return( mbedtls_sha512_ret( input, ilen, output, 0 ) );
}
const mbedtls_md_info_t mbedtls_sha512_info = {
MBEDTLS_MD_SHA512,
"SHA512",
64,
128,
sha512_starts_wrap,
sha384_update_wrap,
sha384_finish_wrap,
sha512_wrap,
sha384_ctx_alloc,
sha384_ctx_free,
sha384_clone_wrap,
sha384_process_wrap,
};
#endif /* MBEDTLS_SHA512_C */
#endif /* MBEDTLS_MD_C */

7
library/pk.c
View file

@ -205,13 +205,16 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type )
*/
static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
{
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
if( *hash_len != 0 )
return( 0 );
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) ==
MBEDTLS_MD_INVALID_HANDLE )
{
return( -1 );
}
*hash_len = mbedtls_md_get_size( md_info );
return( 0 );

4
library/pkcs11.c
View file

@ -183,8 +183,8 @@ int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
if( md_alg != MBEDTLS_MD_NONE )
{
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
if( md_info == NULL )
mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg );
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )

4
library/pkcs12.c
View file

@ -261,7 +261,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
size_t hlen, use_len, v, i;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
// This version only allows max of 64 bytes of password or salt
@ -269,7 +269,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
md_info = mbedtls_md_info_from_type( md_type );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
mbedtls_md_init( &md_ctx );

10
library/pkcs5.c
View file

@ -122,7 +122,7 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1;
unsigned char key[32], iv[32];
size_t olen = 0;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
const mbedtls_cipher_info_t *cipher_info;
mbedtls_md_context_t md_ctx;
mbedtls_cipher_type_t cipher_alg;
@ -157,7 +157,7 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
}
md_info = mbedtls_md_info_from_type( md_type );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid,
@ -226,7 +226,7 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p
unsigned int i;
unsigned char md1[MBEDTLS_MD_MAX_SIZE];
unsigned char work[MBEDTLS_MD_MAX_SIZE];
unsigned char md_size = mbedtls_md_get_size( ctx->md_info );
unsigned char md_size = mbedtls_md_get_size( mbedtls_md_get_handle( ctx ) );
size_t use_len;
unsigned char *out_p = output;
unsigned char counter[4];
@ -356,14 +356,14 @@ static const unsigned char result_key[MAX_TESTS][32] =
int mbedtls_pkcs5_self_test( int verbose )
{
mbedtls_md_context_t sha1_ctx;
const mbedtls_md_info_t *info_sha1;
mbedtls_md_handle_t info_sha1;
int ret, i;
unsigned char key[64];
mbedtls_md_init( &sha1_ctx );
info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
if( info_sha1 == NULL )
if( info_sha1 == MBEDTLS_MD_INVALID_HANDLE )
{
ret = 1;
goto exit;

51
library/platform_util.c
View file

@ -137,3 +137,54 @@ struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt,
#endif /* _WIN32 && !EFIX64 && !EFI32 */
}
#endif /* MBEDTLS_HAVE_TIME_DATE && MBEDTLS_PLATFORM_GMTIME_R_ALT */
unsigned char* mbedtls_platform_put_uint32_be( unsigned char *buf,
size_t num )
{
*buf++ = (unsigned char) ( num >> 24 );
*buf++ = (unsigned char) ( num >> 16 );
*buf++ = (unsigned char) ( num >> 8 );
*buf++ = (unsigned char) ( num );
return buf;
}
unsigned char* mbedtls_platform_put_uint24_be( unsigned char *buf,
size_t num )
{
*buf++ = (unsigned char) ( num >> 16 );
*buf++ = (unsigned char) ( num >> 8 );
*buf++ = (unsigned char) ( num );
return buf;
}
unsigned char* mbedtls_platform_put_uint16_be( unsigned char *buf,
size_t num )
{
*buf++ = (unsigned char) ( num >> 8 );
*buf++ = (unsigned char) ( num );
return buf;
}
size_t mbedtls_platform_get_uint32_be( const unsigned char *buf )
{
return ( ( (unsigned int) buf[0] << 24 ) |
( (unsigned int) buf[1] << 16 ) |
( (unsigned int) buf[2] << 8 ) |
( (unsigned int) buf[3] ) );
}
size_t mbedtls_platform_get_uint24_be( const unsigned char *buf )
{
return ( ( buf[0] << 16 ) |
( buf[1] << 8) |
( buf[2] ) );
}
size_t mbedtls_platform_get_uint16_be( const unsigned char *buf )
{
return ( ( buf[0] << 8 ) |
( buf[1] ) );
}

26
library/rsa.c
View file

@ -1076,7 +1076,7 @@ static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src,
memset( mask, 0, MBEDTLS_MD_MAX_SIZE );
memset( counter, 0, 4 );
hlen = mbedtls_md_get_size( md_ctx->md_info );
hlen = mbedtls_md_get_size( mbedtls_md_get_handle( md_ctx ) );
/* Generate and apply dbMask */
p = dst;
@ -1128,7 +1128,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
int ret;
unsigned char *p = output;
unsigned int hlen;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
RSA_VALIDATE_RET( ctx != NULL );
@ -1145,7 +1145,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
olen = ctx->len;
@ -1326,7 +1326,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
unsigned char lhash[MBEDTLS_MD_MAX_SIZE];
unsigned int hlen;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
RSA_VALIDATE_RET( ctx != NULL );
@ -1349,7 +1349,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hlen = mbedtls_md_get_size( md_info );
@ -1767,7 +1767,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
size_t slen, min_slen, hlen, offset = 0;
int ret;
size_t msb;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
RSA_VALIDATE_RET( ctx != NULL );
RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE ||
@ -1789,14 +1789,14 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
{
/* Gather length of hash to sign */
md_info = mbedtls_md_info_from_type( md_alg );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hashlen = mbedtls_md_get_size( md_info );
}
md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hlen = mbedtls_md_get_size( md_info );
@ -1910,8 +1910,8 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg,
/* Are we signing hashed or raw data? */
if( md_alg != MBEDTLS_MD_NONE )
{
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
if( md_info == NULL )
mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg );
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )
@ -2150,7 +2150,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
unsigned char zeros[8];
unsigned int hlen;
size_t observed_salt_len, msb;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
@ -2186,14 +2186,14 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
{
/* Gather length of hash to sign */
md_info = mbedtls_md_info_from_type( md_alg );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hashlen = mbedtls_md_get_size( md_info );
}
md_info = mbedtls_md_info_from_type( mgf1_hash_id );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hlen = mbedtls_md_get_size( md_info );

105
library/sha256.c
View file

@ -49,40 +49,12 @@
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#define SHA256_VALIDATE_RET(cond) \
MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA )
#define SHA256_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond )
#if !defined(MBEDTLS_SHA256_ALT)
/*
* 32-bit integer manipulation (big endian)
*/
#ifndef GET_UINT32_BE
#define GET_UINT32_BE(n,b,i) \
do { \
(n) = ( (uint32_t) (b)[(i) ] << 24 ) \
| ( (uint32_t) (b)[(i) + 1] << 16 ) \
| ( (uint32_t) (b)[(i) + 2] << 8 ) \
| ( (uint32_t) (b)[(i) + 3] ); \
} while( 0 )
#endif
static inline void sha256_put_uint32_be( uint32_t n,
unsigned char *b,
uint8_t i )
{
b[i ] = (unsigned char) ( n >> 24 );
b[i + 1] = (unsigned char) ( n >> 16 );
b[i + 2] = (unsigned char) ( n >> 8 );
b[i + 3] = (unsigned char) ( n );
}
void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
{
SHA256_VALIDATE( ctx != NULL );
@ -113,24 +85,20 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
{
SHA256_VALIDATE_RET( ctx != NULL );
#if defined(MBEDTLS_SHA256_NO_SHA224)
SHA256_VALIDATE_RET( is224 == 0 );
(void) is224;
#else
SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 );
#endif
ctx->total[0] = 0;
ctx->total[1] = 0;
if( is224 == 0 )
{
/* SHA-256 */
ctx->state[0] = 0x6A09E667;
ctx->state[1] = 0xBB67AE85;
ctx->state[2] = 0x3C6EF372;
ctx->state[3] = 0xA54FF53A;
ctx->state[4] = 0x510E527F;
ctx->state[5] = 0x9B05688C;
ctx->state[6] = 0x1F83D9AB;
ctx->state[7] = 0x5BE0CD19;
}
else
#if !defined(MBEDTLS_SHA256_NO_SHA224)
ctx->is224 = is224;
if( is224 == 1 )
{
/* SHA-224 */
ctx->state[0] = 0xC1059ED8;
@ -142,8 +110,19 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
ctx->state[6] = 0x64F98FA7;
ctx->state[7] = 0xBEFA4FA4;
}
ctx->is224 = is224;
else
#endif
{
/* SHA-256 */
ctx->state[0] = 0x6A09E667;
ctx->state[1] = 0xBB67AE85;
ctx->state[2] = 0x3C6EF372;
ctx->state[3] = 0xA54FF53A;
ctx->state[4] = 0x510E527F;
ctx->state[5] = 0x9B05688C;
ctx->state[6] = 0x1F83D9AB;
ctx->state[7] = 0x5BE0CD19;
}
return( 0 );
}
@ -220,7 +199,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
for( i = 0; i < 64; i++ )
{
if( i < 16 )
GET_UINT32_BE( W[i], data, 4 * i );
W[i] = (uint32_t)mbedtls_platform_get_uint32_be( &data[4 * i] );
else
R( i );
@ -231,7 +210,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
}
#else /* MBEDTLS_SHA256_SMALLER */
for( i = 0; i < 16; i++ )
GET_UINT32_BE( W[i], data, 4 * i );
W[i] = (uint32_t)mbedtls_platform_get_uint32_be( &data[4 * i] );
for( i = 0; i < 16; i += 8 )
{
@ -341,7 +320,7 @@ void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
unsigned char output[32] )
{
int ret;
int ret, s_pos, o_pos;
uint32_t used;
uint32_t high, low;
@ -378,8 +357,8 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
sha256_put_uint32_be( high, ctx->buffer, 56 );
sha256_put_uint32_be( low, ctx->buffer, 60 );
(void)mbedtls_platform_put_uint32_be( ctx->buffer + 56, high );
(void)mbedtls_platform_put_uint32_be( ctx->buffer + 60, low );
if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
return( ret );
@ -387,16 +366,17 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
/*
* Output final state
*/
sha256_put_uint32_be( ctx->state[0], output, 0 );
sha256_put_uint32_be( ctx->state[1], output, 4 );
sha256_put_uint32_be( ctx->state[2], output, 8 );
sha256_put_uint32_be( ctx->state[3], output, 12 );
sha256_put_uint32_be( ctx->state[4], output, 16 );
sha256_put_uint32_be( ctx->state[5], output, 20 );
sha256_put_uint32_be( ctx->state[6], output, 24 );
for( s_pos = 0, o_pos = 0; s_pos < 7; s_pos++, o_pos += 4 )
{
(void)mbedtls_platform_put_uint32_be( &output[o_pos],
ctx->state[s_pos] );
}
#if !defined(MBEDTLS_SHA256_NO_SHA224)
if( ctx->is224 == 0 )
sha256_put_uint32_be( ctx->state[7], output, 28 );
#endif
(void)mbedtls_platform_put_uint32_be( &output[28], ctx->state[7] );
return( 0 );
}
@ -469,8 +449,9 @@ static const size_t sha256_test_buflen[3] =
3, 56, 1000
};
static const unsigned char sha256_test_sum[6][32] =
static const unsigned char sha256_test_sum[][32] =
{
#if !defined(MBEDTLS_SHA256_NO_SHA224)
/*
* SHA-224 test vectors
*/
@ -486,6 +467,7 @@ static const unsigned char sha256_test_sum[6][32] =
0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B,
0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE,
0x4E, 0xE7, 0xAD, 0x67 },
#endif /* !MBEDTLS_SHA256_NO_SHA224 */
/*
* SHA-256 test vectors
@ -504,6 +486,9 @@ static const unsigned char sha256_test_sum[6][32] =
0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 }
};
#define SHA256_TEST_SUM_N \
( sizeof( sha256_test_sum ) / sizeof( sha256_test_sum[0] ) )
/*
* Checkup routine
*/
@ -525,10 +510,14 @@ int mbedtls_sha256_self_test( int verbose )
mbedtls_sha256_init( &ctx );
for( i = 0; i < 6; i++ )
for( i = 0; i < (int) SHA256_TEST_SUM_N; i++ )
{
j = i % 3;
#if !defined(MBEDTLS_SHA256_NO_SHA224)
k = i < 3;
#else
k = 0;
#endif
if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );

188
library/ssl_cli.c
View file

@ -102,18 +102,14 @@ static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
* } ServerNameList;
*
*/
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME ) & 0xFF );
*p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( (hostname_len + 5) ) & 0xFF );
*p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( (hostname_len + 3) ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SERVERNAME );
p = mbedtls_platform_put_uint16_be( p, hostname_len + 5 );
p = mbedtls_platform_put_uint16_be( p, hostname_len + 3 );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF );
*p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( hostname_len ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, hostname_len );
memcpy( p, ssl->hostname, hostname_len );
@ -148,8 +144,7 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl,
/*
* Secure renegotiation
*/
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_RENEGOTIATION_INFO );
*p++ = 0x00;
*p++ = ( ssl->verify_data_len + 1 ) & 0xFF;
@ -237,15 +232,10 @@ static void ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl,
* SignatureAndHashAlgorithm
* supported_signature_algorithms<2..2^16-2>;
*/
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG ) & 0xFF );
*p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF );
*p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( sig_alg_len ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SIG_ALG );
p = mbedtls_platform_put_uint16_be( p, ( sig_alg_len + 2 ) );
p = mbedtls_platform_put_uint16_be( p, sig_alg_len );
*olen = 6 + sig_alg_len;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
@ -290,18 +280,13 @@ static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl,
return;
}
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES ) & 0xFF );
*p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) ) & 0xFF );
*p++ = (unsigned char)( ( ( elliptic_curve_len ) >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ( elliptic_curve_len ) ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES );
p = mbedtls_platform_put_uint16_be( p, elliptic_curve_len + 2 );
p = mbedtls_platform_put_uint16_be( p, elliptic_curve_len );
MBEDTLS_SSL_BEGIN_FOR_EACH_SUPPORTED_EC_TLS_ID( tls_id )
*p++ = tls_id >> 8;
*p++ = tls_id & 0xFF;
p = mbedtls_platform_put_uint16_be( p, tls_id );
MBEDTLS_SSL_END_FOR_EACH_SUPPORTED_EC_TLS_ID
*olen = 6 + elliptic_curve_len;
@ -324,8 +309,7 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl,
return;
}
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS );
*p++ = 0x00;
*p++ = 2;
@ -362,8 +346,7 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
return;
}
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_ECJPAKE_KKPP );
/*
* We may need to send ClientHello multiple times for Hello verification.
@ -410,8 +393,7 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len );
}
*p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( kkpp_len ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, kkpp_len );
*olen = kkpp_len + 4;
}
@ -452,11 +434,10 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl,
}
/* Add extension ID + size */
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_CID );
ext_len = (size_t) ssl->own_cid_len + 1;
*p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ext_len ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, ext_len );
*p++ = (uint8_t) ssl->own_cid_len;
memcpy( p, ssl->own_cid, ssl->own_cid_len );
@ -487,8 +468,7 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl,
return;
}
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH );
*p++ = 0x00;
*p++ = 1;
@ -521,8 +501,7 @@ static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl,
return;
}
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_TRUNCATED_HMAC );
*p++ = 0x00;
*p++ = 0x00;
@ -556,8 +535,7 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
return;
}
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC );
*p++ = 0x00;
*p++ = 0x00;
@ -592,8 +570,7 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl,
return;
}
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET );
*p++ = 0x00;
*p++ = 0x00;
@ -625,11 +602,8 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl,
return;
}
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF );
*p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( tlen ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SESSION_TICKET );
p = mbedtls_platform_put_uint16_be( p, tlen );
*olen = 4;
@ -673,8 +647,7 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
return;
}
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_ALPN );
/*
* opaque ProtocolName<1..2^8-1>;
@ -697,12 +670,9 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
*olen = p - buf;
/* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */
buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF );
(void)mbedtls_platform_put_uint16_be( &buf[4], ( *olen - 6 ) );
/* Extension length = olen - 2 (ext_type) - 2 (ext_len) */
buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF );
(void)mbedtls_platform_put_uint16_be( &buf[2], ( *olen - 4 ) );
}
#endif /* MBEDTLS_SSL_ALPN */
@ -730,11 +700,7 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_HAVE_TIME)
t = mbedtls_time( NULL );
*p++ = (unsigned char)( t >> 24 );
*p++ = (unsigned char)( t >> 16 );
*p++ = (unsigned char)( t >> 8 );
*p++ = (unsigned char)( t );
p = mbedtls_platform_put_uint32_be( p, (uint32_t) t );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) );
#else
if( ( ret = mbedtls_ssl_conf_get_frng( ssl->conf )
@ -773,8 +739,10 @@ static int ssl_validate_ciphersuite( mbedtls_ssl_ciphersuite_handle_t suite_info
if( suite_info == MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE )
return( 1 );
if( mbedtls_ssl_suite_get_min_minor_ver( suite_info ) > max_minor_ver ||
mbedtls_ssl_suite_get_max_minor_ver( suite_info ) < min_minor_ver )
if( mbedtls_ssl_ver_gt( mbedtls_ssl_suite_get_min_minor_ver( suite_info ),
max_minor_ver ) ||
mbedtls_ssl_ver_lt( mbedtls_ssl_suite_get_max_minor_ver( suite_info ),
min_minor_ver ) )
{
return( 1 );
}
@ -1002,8 +970,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
if( mbedtls_ssl_get_renego_status( ssl ) == MBEDTLS_SSL_INITIAL_HANDSHAKE )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) );
*p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 );
*p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO );
n++;
}
@ -1012,8 +979,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) );
*p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 );
*p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_SSL_FALLBACK_SCSV_VALUE );
n++;
}
#endif
@ -1141,8 +1107,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
if( ext_len > 0 )
{
*p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ext_len ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, ext_len );
p += ext_len;
}
@ -1497,7 +1462,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
list_len = ( buf[0] << 8 ) | buf[1];
list_len = mbedtls_platform_get_uint16_be( buf );
if( list_len != len - 2 )
{
mbedtls_ssl_pend_fatal_alert( ssl,
@ -1557,10 +1522,12 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl )
* Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1)
* even is lower than our min version.
*/
if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 ||
minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ||
major_ver > mbedtls_ssl_conf_get_max_major_ver( ssl->conf ) ||
minor_ver > mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) )
if( mbedtls_ssl_ver_lt( major_ver, MBEDTLS_SSL_MAJOR_VERSION_3 ) ||
mbedtls_ssl_ver_lt( minor_ver, MBEDTLS_SSL_MINOR_VERSION_2 ) ||
mbedtls_ssl_ver_gt( major_ver,
mbedtls_ssl_conf_get_max_major_ver( ssl->conf ) ) ||
mbedtls_ssl_ver_gt( minor_ver,
mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server version" ) );
@ -1715,10 +1682,14 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
ssl->conf->transport,
buf + 0 );
if( major_ver < mbedtls_ssl_conf_get_min_major_ver( ssl->conf ) ||
minor_ver < mbedtls_ssl_conf_get_min_minor_ver( ssl->conf ) ||
major_ver > mbedtls_ssl_conf_get_max_major_ver( ssl->conf ) ||
minor_ver > mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) )
if( mbedtls_ssl_ver_lt( major_ver,
mbedtls_ssl_conf_get_min_major_ver( ssl->conf ) ) ||
mbedtls_ssl_ver_lt( minor_ver,
mbedtls_ssl_conf_get_min_minor_ver( ssl->conf ) ) ||
mbedtls_ssl_ver_gt( major_ver,
mbedtls_ssl_conf_get_max_major_ver( ssl->conf ) ) ||
mbedtls_ssl_ver_gt( minor_ver,
mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "server version out of bounds - "
" min: [%d:%d], server: [%d:%d], max: [%d:%d]",
@ -1744,10 +1715,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
}
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu",
( (uint32_t) buf[2] << 24 ) |
( (uint32_t) buf[3] << 16 ) |
( (uint32_t) buf[4] << 8 ) |
( (uint32_t) buf[5] ) ) );
(unsigned long)mbedtls_platform_get_uint32_be( &buf[2] ) ) );
memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 );
@ -1765,8 +1733,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
if( ssl->in_hslen > mbedtls_ssl_hs_hdr_len( ssl ) + 39 + n )
{
ext_len = ( ( buf[38 + n] << 8 )
| ( buf[39 + n] ) );
ext_len = mbedtls_platform_get_uint16_be( &buf[38 + n] );
if( ( ext_len > 0 && ext_len < 4 ) ||
ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 40 + n + ext_len )
@ -1790,7 +1757,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
}
/* ciphersuite (used later) */
i = ( buf[35 + n] << 8 ) | buf[36 + n];
i = (int)mbedtls_platform_get_uint16_be( &buf[ 35 + n ] );
/*
* Read and check compression
@ -1954,10 +1921,10 @@ server_picked_valid_suite:
while( ext_len )
{
unsigned int ext_id = ( ( ext[0] << 8 )
| ( ext[1] ) );
unsigned int ext_size = ( ( ext[2] << 8 )
| ( ext[3] ) );
unsigned int ext_id = (unsigned int)
mbedtls_platform_get_uint16_be( ext );
unsigned int ext_size = (unsigned int)
mbedtls_platform_get_uint16_be( &ext[2] );
if( ext_size + 4 > ext_len )
{
@ -2327,7 +2294,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
"(psk_identity_hint length)" ) );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
len = (*p)[0] << 8 | (*p)[1];
len = mbedtls_platform_get_uint16_be( *p );
*p += 2;
if( end - (*p) < (int) len )
@ -2462,8 +2429,7 @@ static int ssl_rsa_encrypt_partial_pms( mbedtls_ssl_context *ssl,
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( len_bytes == 2 )
{
out[0] = (unsigned char)( *olen >> 8 );
out[1] = (unsigned char)( *olen );
(void)mbedtls_platform_put_uint16_be( out, *olen );
*olen += 2;
}
#endif
@ -2951,7 +2917,8 @@ static int ssl_in_server_key_exchange_parse( mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_1)
if( mbedtls_ssl_get_minor_ver( ssl ) < MBEDTLS_SSL_MINOR_VERSION_3 )
if( mbedtls_ssl_ver_lt( mbedtls_ssl_get_minor_ver( ssl ),
MBEDTLS_SSL_MINOR_VERSION_3 ) )
{
pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
@ -2977,7 +2944,8 @@ static int ssl_in_server_key_exchange_parse( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
sig_len = ( p[0] << 8 ) | p[1];
sig_len = mbedtls_platform_get_uint16_be( p );
p += 2;
if( p != end - sig_len )
@ -3288,8 +3256,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_get_minor_ver( ssl ) == MBEDTLS_SSL_MINOR_VERSION_3 )
{
size_t sig_alg_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 )
| ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) );
size_t sig_alg_len = mbedtls_platform_get_uint16_be( &buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] );
#if defined(MBEDTLS_DEBUG_C)
unsigned char* sig_alg;
size_t i;
@ -3329,8 +3296,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
/* certificate_authorities */
dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 )
| ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) );
dn_len = mbedtls_platform_get_uint16_be( &buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] );
n += dn_len;
if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n )
@ -3573,9 +3539,7 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl,
if( (size_t)( end - p ) < n + 2 )
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
p[0] = (unsigned char)( n >> 8 );
p[1] = (unsigned char)( n );
p += 2;
p = mbedtls_platform_put_uint16_be( p, n );
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
@ -3690,9 +3654,7 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
}
p[0] = (unsigned char)( n >> 8 );
p[1] = (unsigned char)( n );
p += 2;
p = mbedtls_platform_put_uint16_be( p, n );
memcpy( p, ssl->conf->psk_identity, n );
p += ssl->conf->psk_identity_len;
@ -3736,9 +3698,7 @@ static int ssl_out_client_key_exchange_write( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
}
p[0] = (unsigned char)( n >> 8 );
p[1] = (unsigned char)( n );
p += 2;
p = mbedtls_platform_put_uint16_be( p, n );
ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
(int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
@ -4036,8 +3996,7 @@ sign:
return( ret );
}
ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 );
ssl->out_msg[5 + offset] = (unsigned char)( n );
(void)mbedtls_platform_put_uint16_be( &ssl->out_msg[4 + offset], n );
ssl->out_msglen = 6 + n + offset;
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
@ -4103,10 +4062,9 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl )
msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
lifetime = ( ((uint32_t) msg[0]) << 24 ) | ( msg[1] << 16 ) |
( msg[2] << 8 ) | ( msg[3] );
lifetime = (uint32_t)mbedtls_platform_get_uint32_be( msg );
ticket_len = ( msg[4] << 8 ) | ( msg[5] );
ticket_len = mbedtls_platform_get_uint16_be( &msg[4] );
if( ticket_len + 6 + mbedtls_ssl_hs_hdr_len( ssl ) != ssl->in_hslen )
{

14
library/ssl_cookie.c
View file

@ -50,7 +50,7 @@
* with max 32 bytes of cookie for DTLS 1.0
*/
#if defined(MBEDTLS_SHA256_C)
#define COOKIE_MD MBEDTLS_MD_SHA224
#define COOKIE_MD MBEDTLS_MD_SHA256
#define COOKIE_MD_OUTLEN 32
#define COOKIE_HMAC_LEN 28
#elif defined(MBEDTLS_SHA512_C)
@ -172,12 +172,7 @@ int mbedtls_ssl_cookie_write( void *p_ctx,
#else
t = ctx->serial++;
#endif
(*p)[0] = (unsigned char)( t >> 24 );
(*p)[1] = (unsigned char)( t >> 16 );
(*p)[2] = (unsigned char)( t >> 8 );
(*p)[3] = (unsigned char)( t );
*p += 4;
*p = mbedtls_platform_put_uint32_be( *p, t );
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
@ -243,10 +238,7 @@ int mbedtls_ssl_cookie_check( void *p_ctx,
cur_time = ctx->serial;
#endif
cookie_time = ( (unsigned long) cookie[0] << 24 ) |
( (unsigned long) cookie[1] << 16 ) |
( (unsigned long) cookie[2] << 8 ) |
( (unsigned long) cookie[3] );
cookie_time = (unsigned long)mbedtls_platform_get_uint32_be( cookie );
if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout )
return( -1 );

194
library/ssl_srv.c
View file

@ -98,7 +98,8 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
servername_list_size = mbedtls_platform_get_uint16_be( buf );
if( servername_list_size + 2 != len )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
@ -110,7 +111,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl,
p = buf + 2;
while( servername_list_size > 2 )
{
hostname_len = ( ( p[1] << 8 ) | p[2] );
hostname_len = mbedtls_platform_get_uint16_be( &p[1] );
if( hostname_len + 3 > servername_list_size )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
@ -218,7 +219,9 @@ static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
sig_alg_list_size = mbedtls_platform_get_uint16_be( buf );
if( sig_alg_list_size + 2 != len ||
sig_alg_list_size % 2 != 0 )
{
@ -293,7 +296,8 @@ static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
list_size = mbedtls_platform_get_uint16_be( buf );
if( list_size + 2 != len ||
list_size % 2 != 0 )
{
@ -311,7 +315,8 @@ static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl,
while( list_size > 0 )
{
uint16_t const peer_tls_id = ( p[0] << 8 ) | p[1];
uint16_t const peer_tls_id = (uint16_t)
mbedtls_platform_get_uint16_be( p );
MBEDTLS_SSL_BEGIN_FOR_EACH_SUPPORTED_EC_TLS_ID( own_tls_id )
if( own_tls_id == peer_tls_id &&
@ -657,7 +662,8 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
list_len = ( buf[0] << 8 ) | buf[1];
list_len = mbedtls_platform_get_uint16_be ( buf );
if( list_len != len - 2 )
{
mbedtls_ssl_pend_fatal_alert( ssl,
@ -751,8 +757,8 @@ static int ssl_check_key_curve( mbedtls_pk_context *pk,
while( ec_tls_ids_len-- != 0 )
{
uint16_t const cur_tls_id =
( acceptable_ec_tls_ids[0] << 8 ) | acceptable_ec_tls_ids[1];
uint16_t const cur_tls_id = (uint16_t)
mbedtls_platform_get_uint16_be( acceptable_ec_tls_ids );
if( cur_tls_id == tls_id )
return( 0 );
@ -878,7 +884,8 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
* present them a SHA-higher cert rather than failing if it's the only
* one we got that satisfies the other conditions.
*/
if( mbedtls_ssl_get_minor_ver( ssl ) < MBEDTLS_SSL_MINOR_VERSION_3 )
if( mbedtls_ssl_ver_lt( mbedtls_ssl_get_minor_ver( ssl ),
MBEDTLS_SSL_MINOR_VERSION_3 ) )
{
mbedtls_md_type_t sig_md;
{
@ -945,10 +952,12 @@ static int ssl_ciphersuite_is_match( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %s",
mbedtls_ssl_suite_get_name( suite_info ) ) );
if( mbedtls_ssl_suite_get_min_minor_ver( suite_info )
> mbedtls_ssl_get_minor_ver( ssl ) ||
mbedtls_ssl_suite_get_max_minor_ver( suite_info )
< mbedtls_ssl_get_minor_ver( ssl ) )
if( mbedtls_ssl_ver_gt(
mbedtls_ssl_suite_get_min_minor_ver( suite_info ),
mbedtls_ssl_get_minor_ver( ssl ) ) ||
mbedtls_ssl_ver_lt(
mbedtls_ssl_suite_get_max_minor_ver( suite_info ),
mbedtls_ssl_get_minor_ver( ssl ) ) )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: version" ) );
return( 0 );
@ -1102,7 +1111,7 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl )
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
n = ( ( buf[0] << 8 ) | buf[1] ) & 0x7FFF;
n = mbedtls_platform_get_uint16_be( buf );
if( n < 17 || n > 512 )
{
@ -1120,7 +1129,8 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl )
? buf[4] : mbedtls_ssl_conf_get_max_minor_ver( ssl->conf );
#endif
if( mbedtls_ssl_get_minor_ver( ssl ) < mbedtls_ssl_conf_get_min_minor_ver( ssl->conf ) )
if( mbedtls_ssl_ver_lt( mbedtls_ssl_get_minor_ver( ssl ),
mbedtls_ssl_conf_get_min_minor_ver( ssl->conf ) ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum"
" [%d:%d] < [%d:%d]",
@ -1162,9 +1172,9 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl )
*/
MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, n );
ciph_len = ( buf[0] << 8 ) | buf[1];
sess_len = ( buf[2] << 8 ) | buf[3];
chal_len = ( buf[4] << 8 ) | buf[5];
ciph_len = (unsigned int)mbedtls_platform_get_uint16_be( &buf[0] );
sess_len = (unsigned int)mbedtls_platform_get_uint16_be( &buf[2] );
chal_len = (unsigned int)mbedtls_platform_get_uint16_be( &buf[4] );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciph_len: %d, sess_len: %d, chal_len: %d",
ciph_len, sess_len, chal_len ) );
@ -1246,8 +1256,9 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "received FALLBACK_SCSV" ) );
if( mbedtls_ssl_get_minor_ver( ssl ) <
mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) )
if( mbedtls_ssl_ver_lt(
mbedtls_ssl_get_minor_ver( ssl ),
mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) );
@ -1442,7 +1453,7 @@ read_record_header:
}
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message len.: %d",
( ssl->in_len[0] << 8 ) | ssl->in_len[1] ) );
(int)mbedtls_platform_get_uint16_be( ssl->in_len ) ) );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, protocol version: [%d:%d]",
buf[1], buf[2] ) );
@ -1489,7 +1500,7 @@ read_record_header:
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1];
msg_len = mbedtls_platform_get_uint16_be( ssl->in_len );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
@ -1557,11 +1568,12 @@ read_record_header:
}
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d",
( buf[1] << 16 ) | ( buf[2] << 8 ) | buf[3] ) );
(int)mbedtls_platform_get_uint24_be( &buf[1]) ) );
/* We don't support fragmentation of ClientHello (yet?) */
if( buf[1] != 0 ||
msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) )
msg_len != ( mbedtls_ssl_hs_hdr_len( ssl ) +
mbedtls_platform_get_uint16_be( &buf[2]) ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
@ -1578,8 +1590,8 @@ read_record_header:
if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
{
/* This couldn't be done in ssl_prepare_handshake_record() */
unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) |
ssl->in_msg[5];
unsigned int cli_msg_seq = (unsigned int)
mbedtls_platform_get_uint16_be( &ssl->in_msg[4] );
if( cli_msg_seq != ssl->handshake->in_msg_seq )
{
@ -1594,8 +1606,9 @@ read_record_header:
else
#endif
{
unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) |
ssl->in_msg[5];
unsigned int cli_msg_seq = (unsigned int)
mbedtls_platform_get_uint16_be( &ssl->in_msg[4] );
ssl->handshake->out_msg_seq = cli_msg_seq;
ssl->handshake->in_msg_seq = cli_msg_seq + 1;
}
@ -1661,8 +1674,10 @@ read_record_header:
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED ||
MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
if( major_ver < mbedtls_ssl_conf_get_min_major_ver( ssl->conf ) ||
minor_ver < mbedtls_ssl_conf_get_min_minor_ver( ssl->conf ) )
if( mbedtls_ssl_ver_lt( major_ver,
mbedtls_ssl_conf_get_min_major_ver( ssl->conf ) ) ||
mbedtls_ssl_ver_lt( minor_ver,
mbedtls_ssl_conf_get_min_minor_ver( ssl->conf ) ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum"
" [%d:%d] < [%d:%d]",
@ -1674,13 +1689,19 @@ read_record_header:
return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
}
if( major_ver > mbedtls_ssl_conf_get_max_major_ver( ssl->conf ) )
if( mbedtls_ssl_ver_gt(
major_ver,
mbedtls_ssl_conf_get_max_major_ver( ssl->conf ) ) )
{
major_ver = mbedtls_ssl_conf_get_max_major_ver( ssl->conf );
minor_ver = mbedtls_ssl_conf_get_max_minor_ver( ssl->conf );
}
else if( minor_ver > mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) )
else if( mbedtls_ssl_ver_gt(
minor_ver,
mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) ) )
{
minor_ver = mbedtls_ssl_conf_get_max_minor_ver( ssl->conf );
}
#if !defined(MBEDTLS_SSL_CONF_FIXED_MAJOR_VER)
ssl->major_ver = major_ver;
@ -1783,8 +1804,8 @@ read_record_header:
}
#endif /* MBEDTLS_SSL_PROTO_TLS */
ciph_len = ( buf[ciph_offset + 0] << 8 )
| ( buf[ciph_offset + 1] );
ciph_len = mbedtls_platform_get_uint16_be( &buf[ciph_offset + 0] );
if( ciph_len < 2 ||
ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */
@ -1857,8 +1878,7 @@ read_record_header:
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
ext_len = ( buf[ext_offset + 0] << 8 )
| ( buf[ext_offset + 1] );
ext_len = mbedtls_platform_get_uint16_be( &buf[ext_offset + 0] );
if( ( ext_len > 0 && ext_len < 4 ) ||
msg_len != ext_offset + 2 + ext_len )
@ -1885,8 +1905,8 @@ read_record_header:
MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
}
ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) );
ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) );
ext_id = (unsigned int)mbedtls_platform_get_uint16_be( ext );
ext_size = (unsigned int)mbedtls_platform_get_uint16_be( &ext[2] );
if( ext_size + 4 > ext_len )
{
@ -2070,8 +2090,9 @@ read_record_header:
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "received FALLBACK_SCSV" ) );
if( mbedtls_ssl_get_minor_ver( ssl ) <
mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) )
if( mbedtls_ssl_ver_lt(
mbedtls_ssl_get_minor_ver( ssl ),
mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) );
@ -2323,9 +2344,7 @@ static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_TRUNCATED_HMAC );
*p++ = 0x00;
*p++ = 0x00;
@ -2367,13 +2386,9 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl,
* opaque cid<0..2^8-1>;
* } ConnectionId;
*/
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_CID );
ext_len = (size_t) ssl->own_cid_len + 1;
*p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ext_len ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, ext_len );
*p++ = (uint8_t) ssl->own_cid_len;
memcpy( p, ssl->own_cid, ssl->own_cid_len );
@ -2423,9 +2438,7 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC );
*p++ = 0x00;
*p++ = 0x00;
@ -2451,8 +2464,7 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret "
"extension" ) );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET );
*p++ = 0x00;
*p++ = 0x00;
@ -2476,9 +2488,7 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SESSION_TICKET );
*p++ = 0x00;
*p++ = 0x00;
@ -2500,8 +2510,7 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_RENEGOTIATION_INFO );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
@ -2541,9 +2550,7 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH );
*p++ = 0x00;
*p++ = 1;
@ -2572,8 +2579,7 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS );
*p++ = 0x00;
*p++ = 2;
@ -2613,8 +2619,7 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
return;
}
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, MBEDTLS_TLS_EXT_ECJPAKE_KKPP );
ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx,
p + 2, end - p - 2, &kkpp_len,
@ -2626,9 +2631,7 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
return;
}
*p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( kkpp_len ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, kkpp_len );
*olen = kkpp_len + 4;
}
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
@ -2652,16 +2655,11 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
* 6 . 6 protocol name length
* 7 . 7+n protocol name
*/
buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF );
buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN ) & 0xFF );
(void)mbedtls_platform_put_uint16_be( &buf[0], MBEDTLS_TLS_EXT_ALPN );
*olen = 7 + strlen( ssl->alpn_chosen );
buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
buf[3] = (unsigned char)( ( ( *olen - 4 ) ) & 0xFF );
buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
buf[5] = (unsigned char)( ( ( *olen - 6 ) ) & 0xFF );
(void)mbedtls_platform_put_uint16_be( &buf[2], ( *olen - 4 ) );
(void)mbedtls_platform_put_uint16_be( &buf[4], ( *olen - 6 ) );
buf[6] = (unsigned char)( ( ( *olen - 7 ) ) & 0xFF );
@ -2791,10 +2789,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_HAVE_TIME)
t = mbedtls_time( NULL );
*p++ = (unsigned char)( t >> 24 );
*p++ = (unsigned char)( t >> 16 );
*p++ = (unsigned char)( t >> 8 );
*p++ = (unsigned char)( t );
p = mbedtls_platform_put_uint32_be( p, (uint32_t) t );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
#else
@ -2900,8 +2895,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
mbedtls_ssl_handshake_get_resume( ssl->handshake ) ? "a" : "no" ) );
ciphersuite = mbedtls_ssl_session_get_ciphersuite( ssl->session_negotiate );
*p++ = (unsigned char)( ciphersuite >> 8 );
*p++ = (unsigned char)( ciphersuite );
p = mbedtls_platform_put_uint16_be( p, ciphersuite );
*p++ = (unsigned char)(
mbedtls_ssl_session_get_compression( ssl->session_negotiate ) );
@ -2978,8 +2972,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
if( ext_len > 0 )
{
*p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ext_len ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, ext_len );
p += ext_len;
}
@ -3121,8 +3114,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
}
MBEDTLS_SSL_END_FOR_EACH_SIG_HASH_TLS
p[0] = (unsigned char)( sa_len >> 8 );
p[1] = (unsigned char)( sa_len );
(void)mbedtls_platform_put_uint16_be( p, sa_len );
sa_len += 2;
p += sa_len;
}
@ -3167,8 +3159,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
break;
}
*p++ = (unsigned char)( dn_size >> 8 );
*p++ = (unsigned char)( dn_size );
p = mbedtls_platform_put_uint16_be( p, dn_size );
memcpy( p, frame->subject_raw.p, dn_size );
p += dn_size;
@ -3185,8 +3176,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
ssl->out_msglen = p - buf;
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST;
ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 );
ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size );
(void)mbedtls_platform_put_uint16_be( &ssl->out_msg[4 + ct_len + sa_len],
total_dn_size );
ret = mbedtls_ssl_write_handshake_msg( ssl );
@ -3740,8 +3731,9 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
if( signature_len != 0 )
{
ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len >> 8 );
ssl->out_msg[ssl->out_msglen++] = (unsigned char)( signature_len );
(void)mbedtls_platform_put_uint16_be( &ssl->out_msg[ssl->out_msglen],
signature_len );
ssl->out_msglen += 2;
MBEDTLS_SSL_DEBUG_BUF( 3, "my signature",
ssl->out_msg + ssl->out_msglen,
@ -3822,7 +3814,7 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char *
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
}
n = ( (*p)[0] << 8 ) | (*p)[1];
n = mbedtls_platform_get_uint16_be ( *p );
*p += 2;
if( *p + n > end )
@ -4078,7 +4070,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
}
n = ( (*p)[0] << 8 ) | (*p)[1];
n = mbedtls_platform_get_uint16_be( *p );
*p += 2;
if( n < 1 || n > 65535 || n > (size_t) ( end - *p ) )
@ -4610,7 +4602,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
goto exit;
}
sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1];
sig_len = mbedtls_platform_get_uint16_be( &ssl->in_msg[i] );
i += 2;
if( i + sig_len != ssl->in_hslen )
@ -4682,15 +4674,9 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_write", ret );
tlen = 0;
}
(void)mbedtls_platform_put_uint32_be( &ssl->out_msg[4], lifetime );
ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF;
ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF;
ssl->out_msg[6] = ( lifetime >> 8 ) & 0xFF;
ssl->out_msg[7] = ( lifetime ) & 0xFF;
ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF );
ssl->out_msg[9] = (unsigned char)( ( tlen ) & 0xFF );
(void)mbedtls_platform_put_uint16_be( &ssl->out_msg[8], tlen );
ssl->out_msglen = 10 + tlen;
/*

6
library/ssl_ticket.c
View file

@ -221,8 +221,8 @@ int mbedtls_ssl_ticket_write( void *p_ticket,
{
goto cleanup;
}
state_len_bytes[0] = ( clear_len >> 8 ) & 0xff;
state_len_bytes[1] = ( clear_len ) & 0xff;
(void)mbedtls_platform_put_uint16_be( state_len_bytes, clear_len );
/* Encrypt and authenticate */
tag = state + clear_len;
@ -298,7 +298,7 @@ int mbedtls_ssl_ticket_parse( void *p_ticket,
if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )
goto cleanup;
enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1];
enc_len = mbedtls_platform_get_uint16_be( enc_len_p );
tag = ticket + enc_len;
if( len != 4 + 12 + 2 + enc_len + 16 )

351
library/ssl_tls.c
View file

@ -497,7 +497,7 @@ static unsigned int ssl_mfl_code_to_length( int mfl )
switch( mfl )
{
case MBEDTLS_SSL_MAX_FRAG_LEN_NONE:
return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
return( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
case MBEDTLS_SSL_MAX_FRAG_LEN_512:
return 512;
case MBEDTLS_SSL_MAX_FRAG_LEN_1024:
@ -507,7 +507,7 @@ static unsigned int ssl_mfl_code_to_length( int mfl )
case MBEDTLS_SSL_MAX_FRAG_LEN_4096:
return 4096;
default:
return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
return( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN );
}
}
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
@ -660,7 +660,7 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen,
const unsigned char *S1, *S2;
unsigned char tmp[128];
unsigned char h_i[20];
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
int ret;
@ -681,8 +681,11 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen,
/*
* First compute P_md5(secret,label+random)[0..dlen]
*/
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL )
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) ==
MBEDTLS_MD_INVALID_HANDLE )
{
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
return( ret );
@ -712,8 +715,11 @@ MBEDTLS_NO_INLINE static int tls1_prf( const unsigned char *secret, size_t slen,
/*
* XOR out with P_sha1(secret,label+random)[0..dlen]
*/
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) ==
MBEDTLS_MD_INVALID_HANDLE )
{
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
return( ret );
@ -763,14 +769,17 @@ int tls_prf_generic( mbedtls_md_type_t md_type,
size_t i, j, k, md_len;
unsigned char tmp[128];
unsigned char h_i[MBEDTLS_MD_MAX_SIZE];
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
int ret;
mbedtls_md_init( &md_ctx );
if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL )
if( ( md_info = mbedtls_md_info_from_type( md_type ) ) ==
MBEDTLS_MD_INVALID_HANDLE )
{
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
md_len = mbedtls_md_get_size( md_info );
@ -861,7 +870,7 @@ MBEDTLS_ALWAYS_INLINE static inline int ssl_prf( int minor_ver,
else
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
if( minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 )
if( mbedtls_ssl_ver_lt( minor_ver, MBEDTLS_SSL_MINOR_VERSION_3 ) )
return( tls1_prf( secret, slen, label, random, rlen, dstbuf, dlen ) );
else
#endif
@ -1160,7 +1169,7 @@ MBEDTLS_ALWAYS_INLINE static inline int ssl_calc_finished(
else
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
if( minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 )
if( mbedtls_ssl_ver_lt( minor_ver, MBEDTLS_SSL_MINOR_VERSION_3 ) )
ssl_calc_finished_tls( ssl, buf, from );
else
#endif
@ -1244,7 +1253,7 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform,
unsigned keylen;
mbedtls_ssl_ciphersuite_handle_t ciphersuite_info;
const mbedtls_cipher_info_t *cipher_info;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
#if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL) && \
!defined(MBEDTLS_SSL_EXPORT_KEYS) && \
@ -1293,7 +1302,7 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform,
md_info = mbedtls_md_info_from_type(
mbedtls_ssl_suite_get_mac( ciphersuite_info ) );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found",
mbedtls_ssl_suite_get_mac( ciphersuite_info ) ) );
@ -1484,7 +1493,7 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform,
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 )
if( mbedtls_ssl_ver_geq( minor_ver, MBEDTLS_SSL_MINOR_VERSION_1 ) )
{
/* For HMAC-based ciphersuites, initialize the HMAC transforms.
For AEAD-based ciphersuites, there is nothing to do here. */
@ -1759,7 +1768,7 @@ int mbedtls_ssl_calc_verify( int minor_ver,
else
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
if( minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 )
if( mbedtls_ssl_ver_lt( minor_ver, MBEDTLS_SSL_MINOR_VERSION_3 ) )
ssl_calc_verify_tls( ssl, dst, hlen );
else
#endif
@ -2102,8 +2111,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
if( end - p < 2 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
*(p++) = (unsigned char)( psk_len >> 8 );
*(p++) = (unsigned char)( psk_len );
p = mbedtls_platform_put_uint16_be( p, psk_len );
if( end < p || (size_t)( end - p ) < psk_len )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@ -2144,8 +2152,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
return( ret );
}
*(p++) = (unsigned char)( len >> 8 );
*(p++) = (unsigned char)( len );
p = mbedtls_platform_put_uint16_be( p, len );
p += len;
MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K );
@ -2185,10 +2192,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
MBEDTLS_DEBUG_ECDH_Z );
#endif /* MBEDTLS_USE_TINYCRYPT */
*(p++) = (unsigned char)( zlen >> 8 );
*(p++) = (unsigned char)( zlen );
p = mbedtls_platform_put_uint16_be( p, zlen );
p += zlen;
}
else
#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
@ -2201,8 +2206,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
if( end - p < 2 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
*(p++) = (unsigned char)( psk_len >> 8 );
*(p++) = (unsigned char)( psk_len );
p = mbedtls_platform_put_uint16_be( p, psk_len );
if( end < p || (size_t)( end - p ) < psk_len )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@ -2240,9 +2244,8 @@ static void ssl_mac( mbedtls_md_context_t *md_ctx,
padlen = 40;
memcpy( header, ctr, 8 );
header[ 8] = (unsigned char) type;
header[ 9] = (unsigned char)( len >> 8 );
header[10] = (unsigned char)( len );
header[8] = (unsigned char) type;
(void)mbedtls_platform_put_uint16_be( &header[9], len );
memset( padding, 0x36, padlen );
mbedtls_md_starts( md_ctx );
@ -2394,15 +2397,14 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
{
memcpy( add_data + 11, rec->cid, rec->cid_len );
add_data[11 + rec->cid_len + 0] = rec->cid_len;
add_data[11 + rec->cid_len + 1] = ( rec->data_len >> 8 ) & 0xFF;
add_data[11 + rec->cid_len + 2] = ( rec->data_len >> 0 ) & 0xFF;
(void)mbedtls_platform_put_uint16_be( &add_data[11 + rec->cid_len + 1],
rec->data_len );
*add_data_len = 13 + 1 + rec->cid_len;
}
else
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
{
add_data[11 + 0] = ( rec->data_len >> 8 ) & 0xFF;
add_data[11 + 1] = ( rec->data_len >> 0 ) & 0xFF;
(void)mbedtls_platform_put_uint16_be( &add_data[11], rec->data_len );
*add_data_len = 13;
}
}
@ -2533,8 +2535,9 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_transform_get_minor_ver( transform ) >=
MBEDTLS_SSL_MINOR_VERSION_1 )
if( mbedtls_ssl_ver_geq(
mbedtls_ssl_transform_get_minor_ver( transform ),
MBEDTLS_SSL_MINOR_VERSION_1 ) )
{
unsigned char mac[MBEDTLS_SSL_MAC_ADD];
@ -2713,8 +2716,9 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
* Prepend per-record IV for block cipher in TLS v1.1 and up as per
* Method 1 (6.2.3.2. in RFC4346 and RFC5246)
*/
if( mbedtls_ssl_transform_get_minor_ver( transform ) >=
MBEDTLS_SSL_MINOR_VERSION_2 )
if( mbedtls_ssl_ver_geq(
mbedtls_ssl_transform_get_minor_ver( transform ),
MBEDTLS_SSL_MINOR_VERSION_2 ) )
{
if( f_rng == NULL )
{
@ -2763,8 +2767,9 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
}
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
if( mbedtls_ssl_transform_get_minor_ver( transform ) <
MBEDTLS_SSL_MINOR_VERSION_2 )
if( mbedtls_ssl_ver_lt(
mbedtls_ssl_transform_get_minor_ver( transform ),
MBEDTLS_SSL_MINOR_VERSION_2 ) )
{
/*
* Save IV in SSL3 and TLS1
@ -3021,8 +3026,9 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
* Check immediate ciphertext sanity
*/
#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_transform_get_minor_ver( transform ) >=
MBEDTLS_SSL_MINOR_VERSION_2 )
if( mbedtls_ssl_ver_geq(
mbedtls_ssl_transform_get_minor_ver( transform ),
MBEDTLS_SSL_MINOR_VERSION_2 ) )
{
/* The ciphertext is prefixed with the CBC IV. */
minlen += transform->ivlen;
@ -3127,8 +3133,9 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
/*
* Initialize for prepended IV for block cipher in TLS v1.1 and up
*/
if( mbedtls_ssl_transform_get_minor_ver( transform ) >=
MBEDTLS_SSL_MINOR_VERSION_2 )
if( mbedtls_ssl_ver_geq(
mbedtls_ssl_transform_get_minor_ver( transform ),
MBEDTLS_SSL_MINOR_VERSION_2 ) )
{
/* Safe because data_len >= minlen + ivlen = 2 * ivlen. */
memcpy( transform->iv_dec, data, transform->ivlen );
@ -3157,8 +3164,9 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
}
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
if( mbedtls_ssl_transform_get_minor_ver( transform ) <
MBEDTLS_SSL_MINOR_VERSION_2 )
if( mbedtls_ssl_ver_lt(
mbedtls_ssl_transform_get_minor_ver( transform ),
MBEDTLS_SSL_MINOR_VERSION_2 ) )
{
/*
* Save IV in SSL3 and TLS1, where CBC decryption of consecutive
@ -3221,8 +3229,9 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_transform_get_minor_ver( transform ) >
MBEDTLS_SSL_MINOR_VERSION_0 )
if( mbedtls_ssl_ver_gt(
mbedtls_ssl_transform_get_minor_ver( transform ),
MBEDTLS_SSL_MINOR_VERSION_0 ) )
{
/* The padding check involves a series of up to 256
* consecutive memory reads at the end of the record
@ -3320,8 +3329,9 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_transform_get_minor_ver( transform ) >
MBEDTLS_SSL_MINOR_VERSION_0 )
if( mbedtls_ssl_ver_gt(
mbedtls_ssl_transform_get_minor_ver( transform ),
MBEDTLS_SSL_MINOR_VERSION_0 ) )
{
/*
* Process MAC and always update for padlen afterwards to make
@ -3368,7 +3378,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
memset( tmp, 0, sizeof( tmp ) );
switch( mbedtls_md_get_type( transform->md_ctx_dec.md_info ) )
switch( mbedtls_md_get_type(
mbedtls_md_get_handle( &transform->md_ctx_dec ) ) )
{
#if defined(MBEDTLS_MD5_C) || defined(MBEDTLS_SHA1_C) || \
defined(MBEDTLS_SHA256_C)
@ -4150,13 +4161,9 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl )
* Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */
memcpy( ssl->out_msg, cur->p, 6 );
ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff );
ssl->out_msg[7] = ( ( frag_off >> 8 ) & 0xff );
ssl->out_msg[8] = ( ( frag_off ) & 0xff );
ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff );
ssl->out_msg[10] = ( ( cur_hs_frag_len >> 8 ) & 0xff );
ssl->out_msg[11] = ( ( cur_hs_frag_len ) & 0xff );
(void)mbedtls_platform_put_uint24_be( &ssl->out_msg[6], frag_off );
(void)mbedtls_platform_put_uint24_be( &ssl->out_msg[9],
cur_hs_frag_len );
MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 );
@ -4353,9 +4360,7 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
*/
if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
{
ssl->out_msg[1] = (unsigned char)( hs_len >> 16 );
ssl->out_msg[2] = (unsigned char)( hs_len >> 8 );
ssl->out_msg[3] = (unsigned char)( hs_len );
(void)mbedtls_platform_put_uint24_be( &ssl->out_msg[1], hs_len );
/*
* DTLS has additional fields in the Handshake layer,
@ -4383,8 +4388,8 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
/* Write message_seq and update it, except for HelloRequest */
if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
{
ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF;
ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF;
(void)mbedtls_platform_put_uint16_be( &ssl->out_msg[4],
ssl->handshake->out_msg_seq );
++( ssl->handshake->out_msg_seq );
}
else
@ -4495,8 +4500,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
ssl->conf->transport, ssl->out_hdr + 1 );
memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 );
ssl->out_len[0] = (unsigned char)( len >> 8 );
ssl->out_len[1] = (unsigned char)( len );
(void)mbedtls_platform_put_uint16_be( ssl->out_len, len );
if( ssl->transform_out != NULL )
{
@ -4539,8 +4543,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
memcpy( ssl->out_cid, rec.cid, rec.cid_len );
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->out_msglen = len = rec.data_len;
ssl->out_len[0] = (unsigned char)( rec.data_len >> 8 );
ssl->out_len[1] = (unsigned char)( rec.data_len );
(void)mbedtls_platform_put_uint16_be( ssl->out_len, rec.data_len );
}
protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl );
@ -4641,16 +4644,12 @@ static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl )
static uint32_t ssl_get_hs_frag_len( mbedtls_ssl_context const *ssl )
{
return( ( ssl->in_msg[9] << 16 ) |
( ssl->in_msg[10] << 8 ) |
ssl->in_msg[11] );
return( (uint32_t)mbedtls_platform_get_uint24_be( &ssl->in_msg[9] ) );
}
static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl )
{
return( ( ssl->in_msg[6] << 16 ) |
( ssl->in_msg[7] << 8 ) |
ssl->in_msg[8] );
return( (uint32_t)mbedtls_platform_get_uint24_be( &ssl->in_msg[6] ) );
}
static int ssl_check_hs_header( mbedtls_ssl_context const *ssl )
@ -4753,9 +4752,7 @@ static size_t ssl_get_reassembly_buffer_size( size_t msg_len,
static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl )
{
return( ( ssl->in_msg[1] << 16 ) |
( ssl->in_msg[2] << 8 ) |
ssl->in_msg[3] );
return( (uint32_t)mbedtls_platform_get_uint24_be( &ssl->in_msg[1] ) );
}
int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
@ -4777,7 +4774,8 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
if( MBEDTLS_SSL_TRANSPORT_IS_DTLS( ssl->conf->transport ) )
{
int ret;
unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5];
unsigned int recv_msg_seq = (unsigned int)
mbedtls_platform_get_uint16_be( &ssl->in_msg[4] );
if( ssl_check_hs_header( ssl ) != 0 )
{
@ -5104,12 +5102,12 @@ static int ssl_check_dtls_clihlo_cookie(
/* Go back and fill length fields */
obuf[27] = (unsigned char)( *olen - 28 );
obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 );
obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 );
obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) );
(void)mbedtls_platform_put_uint24_be( &obuf[14], ( *olen - 25 ) );
obuf[22] = obuf[14];
obuf[23] = obuf[15];
obuf[24] = obuf[16];
obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 );
obuf[12] = (unsigned char)( ( *olen - 13 ) );
(void)mbedtls_platform_put_uint16_be( &obuf[11], ( *olen - 13 ) );
return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED );
}
@ -5340,7 +5338,8 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
if( minor_ver > mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) )
if( mbedtls_ssl_ver_gt( minor_ver,
mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "minor version mismatch" ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
@ -5371,8 +5370,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
*/
rec->data_offset = rec_hdr_len_offset + rec_hdr_len_len;
rec->data_len = ( (size_t) buf[ rec_hdr_len_offset + 0 ] << 8 ) |
( (size_t) buf[ rec_hdr_len_offset + 1 ] << 0 );
rec->data_len = mbedtls_platform_get_uint16_be( &buf[rec_hdr_len_offset] );
MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", buf, rec->data_offset );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %d, "
@ -5401,7 +5399,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( MBEDTLS_SSL_TRANSPORT_IS_DTLS( ssl->conf->transport ) )
{
rec_epoch = ( rec->ctr[0] << 8 ) | rec->ctr[1];
rec_epoch = (uint32_t)mbedtls_platform_get_uint16_be( rec->ctr );
/* Check that the datagram is large enough to contain a record
* of the advertised length. */
@ -5451,7 +5449,8 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl )
{
unsigned int rec_epoch = ( ssl->in_ctr[0] << 8 ) | ssl->in_ctr[1];
unsigned int rec_epoch = (unsigned int)
mbedtls_platform_get_uint16_be( &ssl->in_ctr[0] );
/*
* Check for an epoch 0 ClientHello. We can't use in_msg here to
@ -5798,9 +5797,7 @@ static int ssl_load_buffered_message( mbedtls_ssl_context *ssl )
if( ( hs_buf->is_valid == 1 ) && ( hs_buf->is_complete == 1 ) )
{
/* Synthesize a record containing the buffered HS message. */
size_t msg_len = ( hs_buf->data[1] << 16 ) |
( hs_buf->data[2] << 8 ) |
hs_buf->data[3];
size_t msg_len = mbedtls_platform_get_uint24_be( &hs_buf->data[1] );
/* Double-check that we haven't accidentally buffered
* a message that doesn't fit into the input buffer. */
@ -5899,7 +5896,9 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl )
case MBEDTLS_SSL_MSG_HANDSHAKE:
{
unsigned recv_msg_seq_offset;
unsigned recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5];
unsigned recv_msg_seq = (unsigned)
mbedtls_platform_get_uint16_be( &ssl->in_msg[4] );
mbedtls_ssl_hs_buffer *hs_buf;
size_t msg_len = ssl->in_hslen - 12;
@ -6497,8 +6496,7 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
ssl->in_hdr[0] = rec.type;
ssl->in_msg = rec.buf + rec.data_offset;
ssl->in_msglen = rec.data_len;
ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 );
ssl->in_len[1] = (unsigned char)( rec.data_len );
(void)mbedtls_platform_put_uint16_be( ssl->in_len, rec.data_len );
return( 0 );
}
@ -6830,17 +6828,13 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE );
}
ssl->out_msg[i ] = (unsigned char)( n >> 16 );
ssl->out_msg[i + 1] = (unsigned char)( n >> 8 );
ssl->out_msg[i + 2] = (unsigned char)( n );
(void)mbedtls_platform_put_uint24_be( &ssl->out_msg[i], n );
i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n );
i += n; crt = crt->next;
}
ssl->out_msg[4] = (unsigned char)( ( i - 7 ) >> 16 );
ssl->out_msg[5] = (unsigned char)( ( i - 7 ) >> 8 );
ssl->out_msg[6] = (unsigned char)( ( i - 7 ) );
(void)mbedtls_platform_put_uint24_be( &ssl->out_msg[4], ( i - 7 ) );
ssl->out_msglen = i;
ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
@ -6890,13 +6884,16 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl,
ssl->session->peer_cert_digest;
mbedtls_md_type_t const peer_cert_digest_type =
ssl->session->peer_cert_digest_type;
mbedtls_md_info_t const * const digest_info =
mbedtls_md_handle_t digest_info =
mbedtls_md_info_from_type( peer_cert_digest_type );
unsigned char tmp_digest[MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN];
size_t digest_len;
if( peer_cert_digest == NULL || digest_info == NULL )
if( peer_cert_digest == NULL ||
digest_info == MBEDTLS_MD_INVALID_HANDLE )
{
return( -1 );
}
digest_len = mbedtls_md_get_size( digest_info );
if( digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN )
@ -6947,7 +6944,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl,
/*
* Same message structure as in mbedtls_ssl_write_certificate()
*/
n = ( ssl->in_msg[i+1] << 8 ) | ssl->in_msg[i+2];
n = mbedtls_platform_get_uint16_be( &ssl->in_msg[i + 1] );
if( ssl->in_msg[i] != 0 ||
ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len( ssl ) )
@ -6982,8 +6979,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl,
}
/* Read length of the next CRT in the chain. */
n = ( (unsigned int) ssl->in_msg[i + 1] << 8 )
| (unsigned int) ssl->in_msg[i + 2];
n = mbedtls_platform_get_uint16_be( &ssl->in_msg[i + 1] );
i += 3;
if( n < 128 || i + n > ssl->in_hslen )
@ -7181,7 +7177,10 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl,
ssl->hostname,
#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
&ssl->session_negotiate->verify_result,
ssl->conf->f_vrfy, ssl->conf->p_vrfy, rs_ctx );
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
ssl->conf->f_vrfy, ssl->conf->p_vrfy,
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
rs_ctx );
if( verify_ret != 0 )
{
@ -8162,7 +8161,9 @@ static void ssl_update_out_pointers( mbedtls_ssl_context *ssl,
/* Adjust out_msg to make space for explicit IV, if used. */
if( transform != NULL &&
mbedtls_ssl_get_minor_ver( ssl ) >= MBEDTLS_SSL_MINOR_VERSION_2 )
mbedtls_ssl_ver_geq(
mbedtls_ssl_get_minor_ver( ssl ),
MBEDTLS_SSL_MINOR_VERSION_2 ) )
{
ssl->out_msg = ssl->out_iv + transform->ivlen - transform->fixed_ivlen;
}
@ -8523,7 +8524,8 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode )
#endif /* MBEDTLS_SSL_CONF_AUTHMODE */
}
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
!defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
@ -8531,7 +8533,7 @@ void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
conf->f_vrfy = f_vrfy;
conf->p_vrfy = p_vrfy;
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
#if !defined(MBEDTLS_SSL_CONF_RNG)
void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
@ -8651,10 +8653,10 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session
void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
const int *ciphersuites )
{
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites;
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = ciphersuites;
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = ciphersuites;
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites;
conf->ciphersuite_list[0] = ciphersuites;
conf->ciphersuite_list[1] = ciphersuites;
conf->ciphersuite_list[2] = ciphersuites;
conf->ciphersuite_list[3] = ciphersuites;
}
void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
@ -8664,10 +8666,14 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
if( major != MBEDTLS_SSL_MAJOR_VERSION_3 )
return;
if( minor < MBEDTLS_SSL_MINOR_VERSION_0 || minor > MBEDTLS_SSL_MINOR_VERSION_3 )
if( mbedtls_ssl_ver_lt( minor, MBEDTLS_SSL_MINOR_VERSION_0 ) ||
mbedtls_ssl_ver_gt( minor, MBEDTLS_SSL_MINOR_VERSION_3 ) )
{
return;
}
conf->ciphersuite_list[minor] = ciphersuites;
conf->ciphersuite_list[mbedtls_ssl_minor_ver_index( minor )] =
ciphersuites;
}
#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
@ -9421,8 +9427,12 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
/* For TLS 1.1 or higher, an explicit IV is added
* after the record header. */
#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_get_minor_ver( ssl ) >= MBEDTLS_SSL_MINOR_VERSION_2 )
if( mbedtls_ssl_ver_geq(
mbedtls_ssl_get_minor_ver( ssl ),
MBEDTLS_SSL_MINOR_VERSION_2 ) )
{
transform_expansion += block_size;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
break;
@ -9477,7 +9487,7 @@ static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl )
if( mbedtls_ssl_conf_get_endpoint( ssl->conf ) == MBEDTLS_SSL_IS_CLIENT &&
( ssl->state == MBEDTLS_SSL_CLIENT_HELLO ||
ssl->state == MBEDTLS_SSL_SERVER_HELLO ) )
return ( 0 );
return( 0 );
if( ssl->handshake == NULL || ssl->handshake->mtu == 0 )
return( ssl->mtu );
@ -9789,8 +9799,7 @@ static int ssl_session_save( const mbedtls_ssl_session *session,
{
const int ciphersuite =
mbedtls_ssl_session_get_ciphersuite( session );
*p++ = (unsigned char)( ( ciphersuite >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ciphersuite ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, ciphersuite );
#if defined(MBEDTLS_ZLIB_SUPPORT)
*p++ = (unsigned char)(
@ -9803,11 +9812,7 @@ static int ssl_session_save( const mbedtls_ssl_session *session,
memcpy( p, session->master, 48 );
p += 48;
*p++ = (unsigned char)( ( session->verify_result >> 24 ) & 0xFF );
*p++ = (unsigned char)( ( session->verify_result >> 16 ) & 0xFF );
*p++ = (unsigned char)( ( session->verify_result >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( session->verify_result ) & 0xFF );
p = mbedtls_platform_put_uint32_be( p, session->verify_result );
}
/*
@ -9824,9 +9829,7 @@ static int ssl_session_save( const mbedtls_ssl_session *session,
if( used <= buf_len )
{
*p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF );
*p++ = (unsigned char)( ( cert_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( cert_len ) & 0xFF );
p = mbedtls_platform_put_uint24_be( p, cert_len );
if( session->peer_cert != NULL )
{
@ -9869,9 +9872,7 @@ static int ssl_session_save( const mbedtls_ssl_session *session,
if( used <= buf_len )
{
*p++ = (unsigned char)( ( session->ticket_len >> 16 ) & 0xFF );
*p++ = (unsigned char)( ( session->ticket_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( session->ticket_len ) & 0xFF );
p = mbedtls_platform_put_uint24_be( p, session->ticket_len );
if( session->ticket != NULL )
{
@ -9879,10 +9880,7 @@ static int ssl_session_save( const mbedtls_ssl_session *session,
p += session->ticket_len;
}
*p++ = (unsigned char)( ( session->ticket_lifetime >> 24 ) & 0xFF );
*p++ = (unsigned char)( ( session->ticket_lifetime >> 16 ) & 0xFF );
*p++ = (unsigned char)( ( session->ticket_lifetime >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( session->ticket_lifetime ) & 0xFF );
p = mbedtls_platform_put_uint32_be( p, session->ticket_lifetime );
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
@ -10017,7 +10015,7 @@ static int ssl_session_load( mbedtls_ssl_session *session,
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
ciphersuite = ( p[0] << 8 ) | p[1];
ciphersuite = (int)mbedtls_platform_get_uint16_be( p );
p += 2;
#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
@ -10041,10 +10039,7 @@ static int ssl_session_load( mbedtls_ssl_session *session,
memcpy( session->master, p, 48 );
p += 48;
session->verify_result = ( (uint32_t) p[0] << 24 ) |
( (uint32_t) p[1] << 16 ) |
( (uint32_t) p[2] << 8 ) |
( (uint32_t) p[3] );
session->verify_result = (uint32_t)mbedtls_platform_get_uint32_be( p );
p += 4;
/* Immediately clear invalid pointer values that have been read, in case
@ -10068,7 +10063,8 @@ static int ssl_session_load( mbedtls_ssl_session *session,
if( 3 > (size_t)( end - p ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2];
cert_len = mbedtls_platform_get_uint24_be( &p[0] );
p += 3;
if( cert_len == 0 )
@ -10110,9 +10106,9 @@ static int ssl_session_load( mbedtls_ssl_session *session,
if( session->peer_cert_digest_len != 0 )
{
const mbedtls_md_info_t *md_info =
mbedtls_md_handle_t md_info =
mbedtls_md_info_from_type( session->peer_cert_digest_type );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if( session->peer_cert_digest_len != mbedtls_md_get_size( md_info ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@ -10139,7 +10135,7 @@ static int ssl_session_load( mbedtls_ssl_session *session,
if( 3 > (size_t)( end - p ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
session->ticket_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2];
session->ticket_len = mbedtls_platform_get_uint24_be( &p[0] );
p += 3;
if( session->ticket_len != 0 )
@ -10158,10 +10154,7 @@ static int ssl_session_load( mbedtls_ssl_session *session,
if( 4 > (size_t)( end - p ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
session->ticket_lifetime = ( (uint32_t) p[0] << 24 ) |
( (uint32_t) p[1] << 16 ) |
( (uint32_t) p[2] << 8 ) |
( (uint32_t) p[3] );
session->ticket_lifetime = (uint32_t)mbedtls_platform_get_uint32_be( p );
p += 4;
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
@ -10628,7 +10621,9 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( mbedtls_ssl_get_minor_ver( ssl ) >= MBEDTLS_SSL_MINOR_VERSION_1 )
if( mbedtls_ssl_ver_geq(
mbedtls_ssl_get_minor_ver( ssl ),
MBEDTLS_SSL_MINOR_VERSION_1 ) )
{
ret = mbedtls_ssl_send_alert_message( ssl,
MBEDTLS_SSL_ALERT_LEVEL_WARNING,
@ -10836,7 +10831,9 @@ static int ssl_write_split( mbedtls_ssl_context *ssl,
if( ssl->conf->cbc_record_splitting ==
MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ||
len <= 1 ||
mbedtls_ssl_get_minor_ver( ssl ) > MBEDTLS_SSL_MINOR_VERSION_1 ||
mbedtls_ssl_ver_gt(
mbedtls_ssl_get_minor_ver( ssl ),
MBEDTLS_SSL_MINOR_VERSION_1 ) ||
mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc )
!= MBEDTLS_MODE_CBC )
{
@ -11267,10 +11264,7 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
used += 4 + session_len;
if( used <= buf_len )
{
*p++ = (unsigned char)( ( session_len >> 24 ) & 0xFF );
*p++ = (unsigned char)( ( session_len >> 16 ) & 0xFF );
*p++ = (unsigned char)( ( session_len >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( session_len ) & 0xFF );
p = mbedtls_platform_put_uint32_be( p, session_len );
ret = ssl_session_save( ssl->session, 1,
p, session_len, &session_len );
@ -11312,10 +11306,7 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
used += 4;
if( used <= buf_len )
{
*p++ = (unsigned char)( ( ssl->badmac_seen >> 24 ) & 0xFF );
*p++ = (unsigned char)( ( ssl->badmac_seen >> 16 ) & 0xFF );
*p++ = (unsigned char)( ( ssl->badmac_seen >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ssl->badmac_seen ) & 0xFF );
p = mbedtls_platform_put_uint32_be( p, ssl->badmac_seen );
}
#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
@ -11362,8 +11353,7 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
used += 2;
if( used <= buf_len )
{
*p++ = (unsigned char)( ( ssl->mtu >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( ssl->mtu ) & 0xFF );
p = mbedtls_platform_put_uint16_be( p, ssl->mtu );
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
@ -11432,14 +11422,18 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
* least check it matches the requirements for serializing.
*/
if( MBEDTLS_SSL_TRANSPORT_IS_TLS( ssl->conf->transport ) ||
mbedtls_ssl_conf_get_max_major_ver( ssl->conf ) <
MBEDTLS_SSL_MAJOR_VERSION_3 ||
mbedtls_ssl_conf_get_min_major_ver( ssl->conf ) >
MBEDTLS_SSL_MAJOR_VERSION_3 ||
mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ) <
MBEDTLS_SSL_MINOR_VERSION_3 ||
mbedtls_ssl_conf_get_min_minor_ver( ssl->conf ) >
MBEDTLS_SSL_MINOR_VERSION_3 ||
mbedtls_ssl_ver_lt(
mbedtls_ssl_conf_get_max_major_ver( ssl->conf ),
MBEDTLS_SSL_MAJOR_VERSION_3 ) ||
mbedtls_ssl_ver_gt(
mbedtls_ssl_conf_get_min_major_ver( ssl->conf ),
MBEDTLS_SSL_MAJOR_VERSION_3 ) ||
mbedtls_ssl_ver_lt(
mbedtls_ssl_conf_get_max_minor_ver( ssl->conf ),
MBEDTLS_SSL_MINOR_VERSION_3 ) ||
mbedtls_ssl_ver_gt(
mbedtls_ssl_conf_get_min_minor_ver( ssl->conf ),
MBEDTLS_SSL_MINOR_VERSION_3 ) ||
mbedtls_ssl_conf_is_renegotiation_enabled( ssl->conf ) )
{
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@ -11466,10 +11460,7 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
if( (size_t)( end - p ) < 4 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
session_len = ( (size_t) p[0] << 24 ) |
( (size_t) p[1] << 16 ) |
( (size_t) p[2] << 8 ) |
( (size_t) p[3] );
session_len = mbedtls_platform_get_uint32_be( p );
p += 4;
/* This has been allocated by ssl_handshake_init(), called by
@ -11558,10 +11549,7 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
if( (size_t)( end - p ) < 4 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
ssl->badmac_seen = ( (uint32_t) p[0] << 24 ) |
( (uint32_t) p[1] << 16 ) |
( (uint32_t) p[2] << 8 ) |
( (uint32_t) p[3] );
ssl->badmac_seen = (unsigned)mbedtls_platform_get_uint32_be( p );
p += 4;
#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
@ -11606,8 +11594,7 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( (size_t)( end - p ) < 2 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
ssl->mtu = ( p[0] << 8 ) | p[1];
ssl->mtu = (uint16_t)mbedtls_platform_get_uint16_be( p );
p += 2;
#endif /* MBEDTLS_SSL_PROTO_DTLS */
@ -11964,11 +11951,11 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
#endif /* !MBEDTLS_SSL_CONF_MAX_MINOR_VER */
#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
ssl_preset_suiteb_ciphersuites;
conf->ciphersuite_list[0] =
conf->ciphersuite_list[1] =
conf->ciphersuite_list[2] =
conf->ciphersuite_list[3] =
ssl_preset_suiteb_ciphersuites;
#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@ -12016,11 +12003,11 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
#endif /* !MBEDTLS_SSL_CONF_MAX_MINOR_VER */
#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
mbedtls_ssl_list_ciphersuites();
conf->ciphersuite_list[0] =
conf->ciphersuite_list[1] =
conf->ciphersuite_list[2] =
conf->ciphersuite_list[3] =
mbedtls_ssl_list_ciphersuites();
#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@ -12484,7 +12471,7 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
{
int ret = 0;
mbedtls_md_context_t ctx;
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
mbedtls_md_handle_t md_info = mbedtls_md_info_from_type( md_alg );
*hashlen = mbedtls_md_get_size( md_info );
mbedtls_md_init( &ctx );

6
library/version_features.c
View file

@ -435,6 +435,9 @@ static const char *features[] = {
#if defined(MBEDTLS_SHA256_SMALLER)
"MBEDTLS_SHA256_SMALLER",
#endif /* MBEDTLS_SHA256_SMALLER */
#if defined(MBEDTLS_SHA256_NO_SHA224)
"MBEDTLS_SHA256_NO_SHA224",
#endif /* MBEDTLS_SHA256_NO_SHA224 */
#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
"MBEDTLS_SSL_ALL_ALERT_MESSAGES",
#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
@ -576,6 +579,9 @@ static const char *features[] = {
#if defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
"MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION",
#endif /* MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
#if defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
"MBEDTLS_X509_REMOVE_VERIFY_CALLBACK",
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
"MBEDTLS_X509_RSASSA_PSS_SUPPORT",
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */

11
library/x509.c
View file

@ -1065,7 +1065,7 @@ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, mbedtls_pk_type_t pk_alg,
if( pk_alg == MBEDTLS_PK_RSASSA_PSS )
{
const mbedtls_pk_rsassa_pss_options *pss_opts;
const mbedtls_md_info_t *md_info, *mgf_md_info;
mbedtls_md_handle_t md_info, mgf_md_info;
pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts;
@ -1252,9 +1252,14 @@ int mbedtls_x509_self_test( int verbose )
ret = mbedtls_x509_crt_verify( &clicert, &cacert, NULL,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
NULL,
NULL,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
&flags, NULL, NULL );
&flags
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
, NULL, NULL
#endif
);
if( ret != 0 )
{
if( verbose != 0 )

247
library/x509_crt.c
View file

@ -669,23 +669,6 @@ static int x509_check_wildcard( char const *cn,
}
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
/*
* Reset (init or clear) a verify_chain
*/
static void x509_crt_verify_chain_reset(
mbedtls_x509_crt_verify_chain *ver_chain )
{
size_t i;
for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ )
{
ver_chain->items[i].crt = NULL;
ver_chain->items[i].flags = (uint32_t) -1;
}
ver_chain->len = 0;
}
/*
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
*/
@ -2088,7 +2071,7 @@ static void x509_crt_free_sig_info( mbedtls_x509_crt_sig_info *info )
static int x509_crt_get_sig_info( mbedtls_x509_crt_frame const *frame,
mbedtls_x509_crt_sig_info *info )
{
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
md_info = mbedtls_md_info_from_type( frame->sig_md );
if( mbedtls_md( md_info, frame->tbs.p, frame->tbs.len,
@ -2705,7 +2688,7 @@ static int x509_crt_verifycrl( unsigned char *crt_serial,
int ret;
int flags = 0;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_x509_buf_raw ca_subject;
mbedtls_pk_context *pk;
int can_sign;
@ -3200,6 +3183,140 @@ static int x509_crt_check_ee_locally_trusted(
return( -1 );
}
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
/*
* Reset (init or clear) a verify_chain
*/
static void x509_crt_verify_chain_reset(
mbedtls_x509_crt_verify_chain *ver_chain )
{
size_t i;
for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ )
{
ver_chain->items[i].crt = NULL;
ver_chain->items[i].flags = (uint32_t) -1;
}
ver_chain->len = 0;
}
/*
* Merge the flags for all certs in the chain, after calling callback
*/
static int x509_crt_verify_chain_get_flags(
const mbedtls_x509_crt_verify_chain *ver_chain,
uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
{
int ret;
unsigned i;
uint32_t cur_flags;
const mbedtls_x509_crt_verify_chain_item *cur;
for( i = ver_chain->len; i != 0; --i )
{
cur = &ver_chain->items[i-1];
cur_flags = cur->flags;
if( NULL != f_vrfy )
if( ( ret = f_vrfy( p_vrfy, cur->crt, (int) i-1, &cur_flags ) ) != 0 )
return( ret );
*flags |= cur_flags;
}
return( 0 );
}
static void x509_crt_verify_chain_add_ee_flags(
mbedtls_x509_crt_verify_chain *chain,
uint32_t ee_flags )
{
chain->items[0].flags |= ee_flags;
}
static void x509_crt_verify_chain_add_crt(
mbedtls_x509_crt_verify_chain *chain,
mbedtls_x509_crt *crt )
{
mbedtls_x509_crt_verify_chain_item *cur;
cur = &chain->items[chain->len];
cur->crt = crt;
cur->flags = 0;
chain->len++;
}
static uint32_t* x509_crt_verify_chain_get_cur_flags(
mbedtls_x509_crt_verify_chain *chain )
{
return( &chain->items[chain->len - 1].flags );
}
static unsigned x509_crt_verify_chain_len(
mbedtls_x509_crt_verify_chain const *chain )
{
return( chain->len );
}
#else /* !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
/*
* Reset (init or clear) a verify_chain
*/
static void x509_crt_verify_chain_reset(
mbedtls_x509_crt_verify_chain *ver_chain )
{
ver_chain->len = 0;
ver_chain->flags = 0;
}
/*
* Merge the flags for all certs in the chain, after calling callback
*/
static int x509_crt_verify_chain_get_flags(
const mbedtls_x509_crt_verify_chain *ver_chain,
uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
{
((void) f_vrfy);
((void) p_vrfy);
*flags = ver_chain->flags;
return( 0 );
}
static void x509_crt_verify_chain_add_ee_flags(
mbedtls_x509_crt_verify_chain *chain,
uint32_t ee_flags )
{
chain->flags |= ee_flags;
}
static void x509_crt_verify_chain_add_crt(
mbedtls_x509_crt_verify_chain *chain,
mbedtls_x509_crt *crt )
{
((void) crt);
chain->len++;
}
static uint32_t* x509_crt_verify_chain_get_cur_flags(
mbedtls_x509_crt_verify_chain *chain )
{
return( &chain->flags );
}
static unsigned x509_crt_verify_chain_len(
mbedtls_x509_crt_verify_chain const *chain )
{
return( chain->len );
}
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
/*
* Build and verify a certificate chain
*
@ -3252,7 +3369,6 @@ static int x509_crt_verify_chain(
* catch potential issues with jumping ahead when restarting */
int ret;
uint32_t *flags;
mbedtls_x509_crt_verify_chain_item *cur;
mbedtls_x509_crt *child_crt;
mbedtls_x509_crt *parent_crt;
int parent_is_trusted;
@ -3267,10 +3383,7 @@ static int x509_crt_verify_chain(
/* restore saved state */
*ver_chain = rs_ctx->ver_chain; /* struct copy */
self_cnt = rs_ctx->self_cnt;
/* restore derived state */
cur = &ver_chain->items[ver_chain->len - 1];
child_crt = cur->crt;
child_crt = rs_ctx->cur_crt;
child_is_trusted = 0;
goto find_parent;
@ -3289,16 +3402,13 @@ static int x509_crt_verify_chain(
int self_issued;
/* Add certificate to the verification chain */
cur = &ver_chain->items[ver_chain->len];
cur->crt = child_crt;
cur->flags = 0;
ver_chain->len++;
x509_crt_verify_chain_add_crt( ver_chain, child_crt );
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
find_parent:
#endif
flags = &cur->flags;
flags = x509_crt_verify_chain_get_cur_flags( ver_chain );
{
mbedtls_x509_crt_sig_info child_sig;
@ -3340,7 +3450,7 @@ find_parent:
*flags |= MBEDTLS_X509_BADCERT_BAD_PK;
/* Special case: EE certs that are locally trusted */
if( ver_chain->len == 1 && self_issued &&
if( x509_crt_verify_chain_len( ver_chain ) == 1 && self_issued &&
x509_crt_check_ee_locally_trusted( child, trust_ca ) == 0 )
{
mbedtls_x509_crt_frame_release( child_crt );
@ -3362,7 +3472,8 @@ find_parent:
ret = x509_crt_find_parent( &child_sig, child_crt->next,
trust_ca, &parent_crt,
&parent_is_trusted, &signature_is_good,
ver_chain->len - 1, self_cnt, rs_ctx );
x509_crt_verify_chain_len( ver_chain ) - 1,
self_cnt, rs_ctx );
x509_crt_free_sig_info( &child_sig );
}
@ -3374,6 +3485,7 @@ find_parent:
rs_ctx->in_progress = x509_crt_rs_find_parent;
rs_ctx->self_cnt = self_cnt;
rs_ctx->ver_chain = *ver_chain; /* struct copy */
rs_ctx->cur_crt = child_crt;
return( ret );
}
#else
@ -3390,13 +3502,14 @@ find_parent:
/* Count intermediate self-issued (not necessarily self-signed) certs.
* These can occur with some strategies for key rollover, see [SIRO],
* and should be excluded from max_pathlen checks. */
if( ver_chain->len != 1 && self_issued )
if( x509_crt_verify_chain_len( ver_chain ) != 1 && self_issued )
self_cnt++;
/* path_cnt is 0 for the first intermediate CA,
* and if parent is trusted it's not an intermediate CA */
if( ! parent_is_trusted &&
ver_chain->len > MBEDTLS_X509_MAX_INTERMEDIATE_CA )
x509_crt_verify_chain_len( ver_chain ) >
MBEDTLS_X509_MAX_INTERMEDIATE_CA )
{
/* return immediately to avoid overflow the chain array */
return( MBEDTLS_ERR_X509_FATAL_ERROR );
@ -3550,35 +3663,6 @@ static int x509_crt_verify_name( const mbedtls_x509_crt *crt,
}
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
/*
* Merge the flags for all certs in the chain, after calling callback
*/
static int x509_crt_merge_flags_with_cb(
uint32_t *flags,
const mbedtls_x509_crt_verify_chain *ver_chain,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
{
int ret;
unsigned i;
uint32_t cur_flags;
const mbedtls_x509_crt_verify_chain_item *cur;
for( i = ver_chain->len; i != 0; --i )
{
cur = &ver_chain->items[i-1];
cur_flags = cur->flags;
if( NULL != f_vrfy )
if( ( ret = f_vrfy( p_vrfy, cur->crt, (int) i-1, &cur_flags ) ) != 0 )
return( ret );
*flags |= cur_flags;
}
return( 0 );
}
/*
* Verify the certificate validity (default profile, not restartable)
*/
@ -3588,9 +3672,12 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
const char *cn,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
uint32_t *flags
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
, int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *)
, void *p_vrfy
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
)
{
return( mbedtls_x509_crt_verify_restartable( crt, trust_ca, ca_crl,
&mbedtls_x509_crt_profile_default,
@ -3598,7 +3685,10 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
cn,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
flags,
f_vrfy, p_vrfy, NULL ) );
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
f_vrfy, p_vrfy,
#endif /* !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
NULL ) );
}
/*
@ -3611,16 +3701,23 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
const char *cn,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
uint32_t *flags,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy )
uint32_t *flags
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
, int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *)
, void *p_vrfy
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
)
{
return( mbedtls_x509_crt_verify_restartable( crt, trust_ca, ca_crl,
profile,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
cn,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
flags, f_vrfy, p_vrfy, NULL ) );
flags,
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
f_vrfy, p_vrfy,
#endif /* !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
NULL ) );
}
/*
@ -3641,8 +3738,10 @@ int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
const char *cn,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
uint32_t *flags,
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
void *p_vrfy,
#endif /* !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
mbedtls_x509_crt_restart_ctx *rs_ctx )
{
int ret;
@ -3697,10 +3796,14 @@ int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
goto exit;
/* Merge end-entity flags */
ver_chain.items[0].flags |= ee_flags;
x509_crt_verify_chain_add_ee_flags( &ver_chain, ee_flags );
/* Build final flags, calling callback on the way if any */
ret = x509_crt_merge_flags_with_cb( flags, &ver_chain, f_vrfy, p_vrfy );
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
ret = x509_crt_verify_chain_get_flags( &ver_chain, flags, f_vrfy, p_vrfy );
#else
ret = x509_crt_verify_chain_get_flags( &ver_chain, flags, NULL, NULL );
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
exit:
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)

4
programs/aes/crypt_and_hash.c
View file

@ -100,7 +100,7 @@ int main( int argc, char *argv[] )
unsigned char diff;
const mbedtls_cipher_info_t *cipher_info;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_cipher_context_t cipher_ctx;
mbedtls_md_context_t md_ctx;
#if defined(_WIN32_WCE)
@ -192,7 +192,7 @@ int main( int argc, char *argv[] )
}
md_info = mbedtls_md_info_from_string( argv[5] );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
{
mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[5] );
goto exit;

10
programs/hash/generic_sum.c
View file

@ -53,7 +53,7 @@ int main( void )
#else
static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum )
static int generic_wrapper( mbedtls_md_handle_t md_info, char *filename, unsigned char *sum )
{
int ret = mbedtls_md_file( md_info, filename, sum );
@ -66,7 +66,7 @@ static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, un
return( ret );
}
static int generic_print( const mbedtls_md_info_t *md_info, char *filename )
static int generic_print( mbedtls_md_handle_t md_info, char *filename )
{
int i;
unsigned char sum[MBEDTLS_MD_MAX_SIZE];
@ -81,7 +81,7 @@ static int generic_print( const mbedtls_md_info_t *md_info, char *filename )
return( 0 );
}
static int generic_check( const mbedtls_md_info_t *md_info, char *filename )
static int generic_check( mbedtls_md_handle_t md_info, char *filename )
{
int i;
size_t n;
@ -177,7 +177,7 @@ int main( int argc, char *argv[] )
{
int ret = 1, i;
int exit_code = MBEDTLS_EXIT_FAILURE;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_md_context_t md_ctx;
mbedtls_md_init( &md_ctx );
@ -210,7 +210,7 @@ int main( int argc, char *argv[] )
* Read the MD from the command line
*/
md_info = mbedtls_md_info_from_string( argv[1] );
if( md_info == NULL )
if( md_info == MBEDTLS_MD_INVALID_HANDLE )
{
mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] );
return( exit_code );

24
programs/ssl/query_config.c
View file

@ -1202,6 +1202,14 @@ int query_config( const char *config )
}
#endif /* MBEDTLS_SHA256_SMALLER */
#if defined(MBEDTLS_SHA256_NO_SHA224)
if( strcmp( "MBEDTLS_SHA256_NO_SHA224", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_NO_SHA224 );
return( 0 );
}
#endif /* MBEDTLS_SHA256_NO_SHA224 */
#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
if( strcmp( "MBEDTLS_SSL_ALL_ALERT_MESSAGES", config ) == 0 )
{
@ -1578,6 +1586,14 @@ int query_config( const char *config )
}
#endif /* MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
#if defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
if( strcmp( "MBEDTLS_X509_REMOVE_VERIFY_CALLBACK", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_X509_REMOVE_VERIFY_CALLBACK );
return( 0 );
}
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 )
{
@ -2898,6 +2914,14 @@ int query_config( const char *config )
}
#endif /* MBEDTLS_SSL_CONF_SINGLE_SIG_HASH_TLS_ID */
#if defined(MBEDTLS_MD_SINGLE_HASH)
if( strcmp( "MBEDTLS_MD_SINGLE_HASH", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_MD_SINGLE_HASH );
return( 0 );
}
#endif /* MBEDTLS_MD_SINGLE_HASH */
/* If the symbol is not found, return an error */
return( 1 );
}

43
programs/ssl/ssl_client2.c
View file

@ -69,6 +69,8 @@ int main( void )
#include "mbedtls/debug.h"
#include "mbedtls/timing.h"
#include "mbedtls/ssl_internal.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -664,6 +666,8 @@ static int send_cb( void *ctx, unsigned char const *buf, size_t len )
!MBEDTLS_SSL_CONF_RECV_TIMEOUT */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
static unsigned char peer_crt_info[1024];
/*
@ -704,6 +708,7 @@ static int my_verify( void *data, mbedtls_x509_crt *crt,
return( 0 );
}
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
@ -1506,14 +1511,18 @@ int main( int argc, char *argv[] )
mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
if( opt.max_version != -1 &&
mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ) > opt.max_version )
mbedtls_ssl_ver_gt(
mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ),
opt.max_version ) )
{
mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
ret = 2;
goto usage;
}
if( opt.min_version != -1 &&
mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ) < opt.min_version )
mbedtls_ssl_ver_lt(
mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ),
opt.min_version ) )
{
mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
ret = 2;
@ -1523,17 +1532,24 @@ int main( int argc, char *argv[] )
/* If the server selects a version that's not supported by
* this suite, then there will be no common ciphersuite... */
if( opt.max_version == -1 ||
opt.max_version > mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ) )
mbedtls_ssl_ver_gt(
opt.max_version,
mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ) ) )
{
opt.max_version = mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info );
}
if( opt.min_version < mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ) )
if( mbedtls_ssl_ver_lt(
opt.min_version,
mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ) ) )
{
opt.min_version = mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info );
/* DTLS starts with TLS 1.1 */
if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 )
mbedtls_ssl_ver_lt( opt.min_version,
MBEDTLS_SSL_MINOR_VERSION_2 ) )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
}
}
/* Enable RC4 if needed and not explicitly disabled */
@ -1894,8 +1910,10 @@ int main( int argc, char *argv[] )
#endif
}
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
@ -2316,10 +2334,11 @@ int main( int argc, char *argv[] )
else
mbedtls_printf( " ok\n" );
#if !defined(MBEDTLS_X509_REMOVE_INFO)
#if !defined(MBEDTLS_X509_REMOVE_INFO) && \
!defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
mbedtls_printf( " . Peer certificate information ...\n" );
mbedtls_printf( "%s\n", peer_crt_info );
#endif /* !MBEDTLS_X509_REMOVE_INFO */
#endif /* !MBEDTLS_X509_REMOVE_INFO && !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
@ -2648,9 +2667,10 @@ send_request:
mbedtls_printf( " . Restarting connection from same port..." );
fflush( stdout );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
!defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
{
@ -2825,9 +2845,10 @@ reconnect:
mbedtls_printf( " . Reconnecting with saved session..." );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
!defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
{

23
programs/ssl/ssl_server2.c
View file

@ -68,6 +68,8 @@ int main( void )
#include "mbedtls/debug.h"
#include "mbedtls/timing.h"
#include "mbedtls/ssl_internal.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -2232,14 +2234,18 @@ int main( int argc, char *argv[] )
mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
if( opt.max_version != -1 &&
mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ) > opt.max_version )
mbedtls_ssl_ver_gt(
mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ),
opt.max_version ) )
{
mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
ret = 2;
goto usage;
}
if( opt.min_version != -1 &&
mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ) < opt.min_version )
mbedtls_ssl_ver_lt(
mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ),
opt.min_version ) )
{
mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
ret = 2;
@ -2249,17 +2255,24 @@ int main( int argc, char *argv[] )
/* If we select a version that's not supported by
* this suite, then there will be no common ciphersuite... */
if( opt.max_version == -1 ||
opt.max_version > mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ) )
mbedtls_ssl_ver_gt(
opt.max_version,
mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ) ) )
{
opt.max_version = mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info );
}
if( opt.min_version < mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ) )
if( mbedtls_ssl_ver_lt(
opt.min_version,
mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ) ) )
{
opt.min_version = mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info );
/* DTLS starts with TLS 1.1 */
if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 )
mbedtls_ssl_ver_lt( opt.min_version,
MBEDTLS_SSL_MINOR_VERSION_2 ) )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
}
}
/* Enable RC4 if needed and not explicitly disabled */

12
programs/test/benchmark.c
View file

@ -693,13 +693,16 @@ int main( int argc, char *argv[] )
if( todo.hmac_drbg )
{
mbedtls_hmac_drbg_context hmac_drbg;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_init( &hmac_drbg );
#if defined(MBEDTLS_SHA1_C)
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) ==
MBEDTLS_MD_INVALID_HANDLE )
{
mbedtls_exit(1);
}
if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
@ -715,8 +718,11 @@ int main( int argc, char *argv[] )
#endif
#if defined(MBEDTLS_SHA256_C)
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL )
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) ==
MBEDTLS_MD_INVALID_HANDLE )
{
mbedtls_exit(1);
}
if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);

1
programs/test/cpp_dummy_build.cpp
View file

@ -66,7 +66,6 @@
#include "mbedtls/md2.h"
#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/md_internal.h"
#include "mbedtls/net.h"
#include "mbedtls/net_sockets.h"
#include "mbedtls/nist_kw.h"

19
programs/x509/cert_app.c
View file

@ -129,6 +129,7 @@ static void my_debug( void *ctx, int level,
}
#endif /* MBEDTLS_DEBUG_C */
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags )
{
char buf[1024];
@ -148,6 +149,7 @@ static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *fl
return( 0 );
}
#endif /* !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
#if defined(MBEDTLS_SSL_CONF_RNG)
int rng_wrap( void *ctx, unsigned char *dst, size_t len );
@ -363,11 +365,21 @@ int main( int argc, char *argv[] )
{
mbedtls_printf( " . Verifying X.509 certificate..." );
if( ( ret = mbedtls_x509_crt_verify( &crt, &cacert, &cacrl,
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
ret = mbedtls_x509_crt_verify( &crt, &cacert, &cacrl,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
NULL,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
&flags, my_verify, NULL ) ) != 0 )
&flags,
my_verify, NULL );
#else /* !MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
ret = mbedtls_x509_crt_verify( &crt, &cacert, &cacrl,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
NULL,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
&flags );
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
if( ret != 0 )
{
char vrfy_buf[512];
@ -436,7 +448,10 @@ int main( int argc, char *argv[] )
{
mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
#endif
}
else
mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );

4
scripts/config.pl
View file

@ -30,6 +30,7 @@
# MBEDTLS_NO_PLATFORM_ENTROPY
# MBEDTLS_REMOVE_ARC4_CIPHERSUITES
# MBEDTLS_REMOVE_3DES_CIPHERSUITES
# MBEDTLS_SHA256_NO_SHA224
# MBEDTLS_SSL_HW_RECORD_ACCEL
# MBEDTLS_SSL_PROTO_NO_DTLS
# MBEDTLS_SSL_NO_SESSION_CACHE
@ -43,6 +44,7 @@
# MBEDTLS_X509_CRT_REMOVE_TIME
# MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID
# MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
# MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
# MBEDTLS_ZLIB_SUPPORT
# MBEDTLS_PKCS11_C
# and any symbol beginning _ALT
@ -99,6 +101,7 @@ MBEDTLS_NO_PLATFORM_ENTROPY
MBEDTLS_RSA_NO_CRT
MBEDTLS_REMOVE_ARC4_CIPHERSUITES
MBEDTLS_REMOVE_3DES_CIPHERSUITES
MBEDTLS_SHA256_NO_SHA224
MBEDTLS_SSL_HW_RECORD_ACCEL
MBEDTLS_SSL_PROTO_NO_TLS
MBEDTLS_SSL_NO_SESSION_CACHE
@ -110,6 +113,7 @@ MBEDTLS_X509_REMOVE_INFO
MBEDTLS_X509_CRT_REMOVE_TIME
MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID
MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
MBEDTLS_ZLIB_SUPPORT
MBEDTLS_PKCS11_C
MBEDTLS_NO_UDBL_DIVISION

1
tests/CMakeLists.txt
View file

@ -133,6 +133,7 @@ add_test_suite(poly1305)
add_test_suite(shax)
add_test_suite(ssl)
add_test_suite(timing)
add_test_suite(tinycrypt)
add_test_suite(rsa)
add_test_suite(version)
add_test_suite(xtea)

43
tests/scripts/all.sh
View file

@ -921,6 +921,34 @@ component_test_hardcoded_elliptic_curve_cmake_clang() {
if_build_succeeded tests/ssl-opt.sh -f '^Default$\|^Default, DTLS$'
}
component_test_hardcoded_hash_cmake_clang() {
msg "build: cmake, full config + MBEDTLS_MD_SINGLE_HASH, clang" # ~ 50s
scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.pl unset MBEDTLS_SHA1_C
scripts/config.pl unset MBEDTLS_SHA512_C
scripts/config.pl set MBEDTLS_SHA256_NO_SHA224
scripts/config.pl unset MBEDTLS_MD2_C
scripts/config.pl unset MBEDTLS_MD4_C
scripts/config.pl unset MBEDTLS_MD5_C
scripts/config.pl unset MBEDTLS_RIPEMD160_C
scripts/config.pl unset MBEDTLS_SSL_PROTO_SSL3
scripts/config.pl unset MBEDTLS_SSL_PROTO_TLS1
scripts/config.pl unset MBEDTLS_SSL_PROTO_TLS1_1
scripts/config.pl unset MBEDTLS_SSL_CBC_RECORD_SPLITTING
scripts/config.pl set MBEDTLS_MD_SINGLE_HASH MBEDTLS_MD_INFO_SHA256
CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On .
make
msg "test: main suites (full config + MBEDTLS_MD_SINGLE_HASH)" # ~ 5s
make test
msg "test: ssl-opt.sh default (full config + MBEDTLS_MD_SINGLE_HASH)" # ~ 5s
if_build_succeeded tests/ssl-opt.sh -f '^Default$\|^Default, DTLS$'
}
component_build_deprecated () {
msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s
scripts/config.pl full
@ -1365,6 +1393,21 @@ component_test_no_hostname_verification () {
if_build_succeeded tests/ssl-opt.sh
}
component_test_no_x509_verify_callback () {
msg "build: full + MBEDTLS_X509_REMOVE_VERIFY_CALLBACK" # ~ 10s
scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
scripts/config.pl set MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
make CFLAGS='-Werror -O1'
msg "test: full + MBEDTLS_X509_REMOVE_VERIFY_CALLBACK" # ~ 10s
make test
msg "test: ssl-opt.sh, full + MBEDTLS_X509_REMOVE_VERIFY_CALLBACK" # ~ 1 min
if_build_succeeded tests/ssl-opt.sh
}
component_build_arm_none_eabi_gcc () {
msg "build: arm-none-eabi-gcc, make" # ~ 10s
scripts/config.pl baremetal

18
tests/scripts/depends-hashes.pl
View file

@ -40,8 +40,18 @@ my @ssl = split( /\s+/, `sed -n -e '$ssl_sed_cmd' $config_h` );
# for md we want to catch MD5_C but not MD_C, hence the extra dot
my $mdx_sed_cmd = 's/^#define \(MBEDTLS_MD..*_C\)/\1/p';
my $sha_sed_cmd = 's/^#define \(MBEDTLS_SHA.*_C\)/\1/p';
my @hashes = split( /\s+/,
my @hash_modules = split( /\s+/,
`sed -n -e '$mdx_sed_cmd' -e '$sha_sed_cmd' $config_h` );
# there are also negative options for truncated variants, disabled by default
my $sha_trunc_sed_cmd = 's/^\/\/#define \(MBEDTLS_SHA..._NO_.*\)/\1/p';
my @hash_negatives = split( /\s+/,
`sed -n -e '$sha_trunc_sed_cmd' $config_h` );
# list hash options with corresponding actions
my @hashes = ((map { "unset $_" } @hash_modules),
(map { "set $_" } @hash_negatives));
system( "cp $config_h $config_h.bak" ) and die;
sub abort {
system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";
@ -55,11 +65,11 @@ for my $hash (@hashes) {
system( "make clean" ) and die;
print "\n******************************************\n";
print "* Testing without hash: $hash\n";
print "* Testing hash option: $hash\n";
print "******************************************\n";
system( "scripts/config.pl unset $hash" )
and abort "Failed to disable $hash\n";
system( "scripts/config.pl $hash" )
and abort "Failed to $hash\n";
for my $opt (@ssl) {
system( "scripts/config.pl unset $opt" )

49
tests/ssl-opt.sh
View file

@ -1198,6 +1198,7 @@ run_test "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \
requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SHA-1 forbidden by default in server certificate" \
"$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
"$P_CLI debug_level=2 allow_sha1=0" \
@ -1222,6 +1223,7 @@ run_test "SHA-256 allowed by default in server certificate" \
requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SHA-1 forbidden by default in client certificate" \
"$P_SRV auth_mode=required allow_sha1=0" \
"$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
@ -3663,6 +3665,7 @@ run_test "DER format: with 9 trailing random bytes" \
# Tests for auth_mode
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Authentication: server badcert, client required" \
"$P_SRV crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \
@ -3674,6 +3677,7 @@ run_test "Authentication: server badcert, client required" \
-c "X509 - Certificate verification failed"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Authentication: server badcert, client optional" \
"$P_SRV crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \
@ -3685,6 +3689,7 @@ run_test "Authentication: server badcert, client optional" \
-C "X509 - Certificate verification failed"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Authentication: server goodcert, client optional, no trusted CA" \
"$P_SRV" \
"$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \
@ -3697,6 +3702,7 @@ run_test "Authentication: server goodcert, client optional, no trusted CA" \
-C "SSL - No CA Chain is set, but required to operate"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Authentication: server goodcert, client required, no trusted CA" \
"$P_SRV" \
"$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \
@ -3793,6 +3799,7 @@ run_test "Authentication: client has no cert, server required (TLS)" \
-s "No client certification received from the client, but required by the authentication mode"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Authentication: client badcert, server required" \
"$P_SRV debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
@ -3815,6 +3822,7 @@ run_test "Authentication: client badcert, server required" \
# before reading the alert message.
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Authentication: client cert not trusted, server required" \
"$P_SRV debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
@ -3833,6 +3841,7 @@ run_test "Authentication: client cert not trusted, server required" \
-s "X509 - Certificate verification failed"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Authentication: client badcert, server optional" \
"$P_SRV debug_level=3 auth_mode=optional" \
"$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
@ -3868,6 +3877,7 @@ run_test "Authentication: client badcert, server none" \
-S "X509 - Certificate verification failed"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Authentication: client no cert, server optional" \
"$P_SRV debug_level=3 auth_mode=optional" \
"$P_CLI debug_level=3 crt_file=none key_file=none" \
@ -3886,6 +3896,7 @@ run_test "Authentication: client no cert, server optional" \
-S "X509 - Certificate verification failed"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Authentication: openssl client no cert, server optional" \
"$P_SRV debug_level=3 auth_mode=optional ca_file=data_files/test-ca2.crt" \
"$O_CLI" \
@ -3918,6 +3929,7 @@ run_test "Authentication: client no cert, openssl server required" \
requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Authentication: client no cert, ssl3" \
"$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \
"$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \
@ -4036,6 +4048,7 @@ run_test "Authentication: do not send CA list in CertificateRequest" \
-S "requested DN"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Authentication: send CA list in CertificateRequest, client self signed" \
"$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
"$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
@ -4051,6 +4064,7 @@ run_test "Authentication: send CA list in CertificateRequest, client self sig
# Tests for certificate selection based on SHA verson
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
"$P_SRV crt_file=data_files/server5.crt \
key_file=data_files/server5.key \
@ -4062,6 +4076,7 @@ run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
-C "signed using.*ECDSA with SHA1"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Certificate hash: client TLS 1.1 -> SHA-1" \
"$P_SRV crt_file=data_files/server5.crt \
key_file=data_files/server5.key \
@ -4073,6 +4088,7 @@ run_test "Certificate hash: client TLS 1.1 -> SHA-1" \
-c "signed using.*ECDSA with SHA1"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Certificate hash: client TLS 1.0 -> SHA-1" \
"$P_SRV crt_file=data_files/server5.crt \
key_file=data_files/server5.key \
@ -4084,6 +4100,7 @@ run_test "Certificate hash: client TLS 1.0 -> SHA-1" \
-c "signed using.*ECDSA with SHA1"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \
"$P_SRV crt_file=data_files/server5.crt \
key_file=data_files/server5.key \
@ -4096,6 +4113,7 @@ run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \
-C "signed using.*ECDSA with SHA1"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \
"$P_SRV crt_file=data_files/server6.crt \
key_file=data_files/server6.key \
@ -4110,6 +4128,7 @@ run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \
# tests for SNI
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SNI: no SNI callback" \
"$P_SRV debug_level=3 \
crt_file=data_files/server5.crt key_file=data_files/server5.key" \
@ -4121,6 +4140,7 @@ run_test "SNI: no SNI callback" \
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SNI: matching cert 1" \
"$P_SRV debug_level=3 \
crt_file=data_files/server5.crt key_file=data_files/server5.key \
@ -4133,6 +4153,7 @@ run_test "SNI: matching cert 1" \
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SNI: matching cert 2" \
"$P_SRV debug_level=3 \
crt_file=data_files/server5.crt key_file=data_files/server5.key \
@ -4199,6 +4220,7 @@ run_test "SNI: client auth override: optional -> none" \
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SNI: CA no override" \
"$P_SRV debug_level=3 auth_mode=optional \
crt_file=data_files/server5.crt key_file=data_files/server5.key \
@ -4219,6 +4241,7 @@ run_test "SNI: CA no override" \
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SNI: CA override" \
"$P_SRV debug_level=3 auth_mode=optional \
crt_file=data_files/server5.crt key_file=data_files/server5.key \
@ -4239,6 +4262,7 @@ run_test "SNI: CA override" \
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SNI: CA override with CRL" \
"$P_SRV debug_level=3 auth_mode=optional \
crt_file=data_files/server5.crt key_file=data_files/server5.key \
@ -4260,6 +4284,7 @@ run_test "SNI: CA override with CRL" \
# Tests for SNI and DTLS
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SNI: DTLS, no SNI callback" \
"$P_SRV debug_level=3 dtls=1 \
crt_file=data_files/server5.crt key_file=data_files/server5.key" \
@ -4271,6 +4296,7 @@ run_test "SNI: DTLS, no SNI callback" \
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SNI: DTLS, matching cert 1" \
"$P_SRV debug_level=3 dtls=1 \
crt_file=data_files/server5.crt key_file=data_files/server5.key \
@ -4283,6 +4309,7 @@ run_test "SNI: DTLS, matching cert 1" \
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SNI: DTLS, matching cert 2" \
"$P_SRV debug_level=3 dtls=1 \
crt_file=data_files/server5.crt key_file=data_files/server5.key \
@ -4349,6 +4376,7 @@ run_test "SNI: DTLS, client auth override: optional -> none" \
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SNI: DTLS, CA no override" \
"$P_SRV debug_level=3 auth_mode=optional dtls=1 \
crt_file=data_files/server5.crt key_file=data_files/server5.key \
@ -4388,6 +4416,7 @@ run_test "SNI: DTLS, CA override" \
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SNI: DTLS, CA override with CRL" \
"$P_SRV debug_level=3 auth_mode=optional \
crt_file=data_files/server5.crt key_file=data_files/server5.key dtls=1 \
@ -4826,6 +4855,7 @@ run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \
-C "Ciphersuite is TLS-"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \
"$O_SRV -key data_files/server2.key \
-cert data_files/server2.ku-ke.crt" \
@ -4858,6 +4888,7 @@ run_test "keyUsage cli: DigitalSignature, RSA: fail" \
-C "Ciphersuite is TLS-"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \
"$O_SRV -key data_files/server2.key \
-cert data_files/server2.ku-ds.crt" \
@ -6414,16 +6445,14 @@ run_test "EC restart: TLS, max_ops=1000, badsign" \
crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
key_file=data_files/server5.key crt_file=data_files/server5.crt ca_file=data_files/test-ca2.crt \
debug_level=1 ec_max_ops=1000" \
1 \
key_file=data_files/server5.key crt_file=data_files/server5.crt ca_file=data_files/test-ca2.crt \
debug_level=1 ec_max_ops=1000 auth_mode=optional" \
0 \
-c "x509_verify_cert.*4b00" \
-C "mbedtls_pk_verify.*4b00" \
-C "mbedtls_ecdh_make_public.*4b00" \
-C "mbedtls_pk_sign.*4b00" \
-c "mbedtls_pk_verify.*4b00" \
-c "mbedtls_ecdh_make_public.*4b00" \
-c "mbedtls_pk_sign.*4b00" \
-c "! The certificate is not correctly signed by the trusted CA" \
-c "! mbedtls_ssl_handshake returned" \
-c "X509 - Certificate verification failed"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
@ -6445,6 +6474,7 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \
-C "X509 - Certificate verification failed"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \
"$P_SRV auth_mode=required ca_file=data_files/test-ca2.crt \
@ -6545,6 +6575,7 @@ run_test "SSL async private: sign, RSA, TLS 1.1" \
requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "SSL async private: sign, SNI" \
"$P_SRV debug_level=3 \
async_operations=s async_private_delay1=0 async_private_delay2=0 \
@ -7008,6 +7039,7 @@ run_test "DTLS client auth: required" \
-s "Verifying peer X.509 certificate... ok"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "DTLS client auth: optional, client has no cert" \
"$P_SRV dtls=1 auth_mode=optional" \
"$P_CLI dtls=1 crt_file=none key_file=none" \
@ -7015,6 +7047,7 @@ run_test "DTLS client auth: optional, client has no cert" \
-s "! Certificate was missing"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_disabled MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
run_test "DTLS client auth: none, client has no cert" \
"$P_SRV dtls=1 auth_mode=none" \
"$P_CLI dtls=1 crt_file=none key_file=none debug_level=2" \

20
tests/suites/test_suite_ecdsa.data
View file

@ -58,7 +58,7 @@ depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"sample":"98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF":"57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64"
ECDSA deterministic test vector rfc 6979 p192 sha224
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"sample":"A1F00DAD97AEEC91C95585F36200C65F3C01812AA60378F5":"E07EC1304C7C6C9DEBBE980B9692668F81D4DE7922A0F97A"
ECDSA deterministic test vector rfc 6979 p192 sha256
@ -78,7 +78,7 @@ depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"test":"0F2141A0EBBC44D2E1AF90A50EBCFCE5E197B3B7D4DE036D":"EB18BC9E1F3D7387500CB99CF5F7C157070A8961E38700B7"
ECDSA deterministic test vector rfc 6979 p192 sha224
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"test":"6945A1C1D1B2206B8145548F633BB61CEF04891BAF26ED34":"B7FB7FDFC339C0B9BD61A9F5A8EAF9BE58FC5CBA2CB15293"
ECDSA deterministic test vector rfc 6979 p192 sha256
@ -98,7 +98,7 @@ depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"sample":"22226F9D40A96E19C4A301CE5B74B115303C0F3A4FD30FC257FB57AC":"66D1CDD83E3AF75605DD6E2FEFF196D30AA7ED7A2EDF7AF475403D69"
ECDSA deterministic test vector rfc 6979 p224 sha224
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"sample":"1CDFE6662DDE1E4A1EC4CDEDF6A1F5A2FB7FBD9145C12113E6ABFD3E":"A6694FD7718A21053F225D3F46197CA699D45006C06F871808F43EBC"
ECDSA deterministic test vector rfc 6979 p224 sha256
@ -118,7 +118,7 @@ depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"test":"DEAA646EC2AF2EA8AD53ED66B2E2DDAA49A12EFD8356561451F3E21C":"95987796F6CF2062AB8135271DE56AE55366C045F6D9593F53787BD2"
ECDSA deterministic test vector rfc 6979 p224 sha224
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"test":"C441CE8E261DED634E4CF84910E4C5D1D22C5CF3B732BB204DBEF019":"902F42847A63BDC5F6046ADA114953120F99442D76510150F372A3F4"
ECDSA deterministic test vector rfc 6979 p224 sha256
@ -138,7 +138,7 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"sample":"61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D32":"6D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB"
ECDSA deterministic test vector rfc 6979 p256 sha224
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"sample":"53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F":"B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C"
ECDSA deterministic test vector rfc 6979 p256 sha256
@ -158,7 +158,7 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"test":"0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89":"01B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1"
ECDSA deterministic test vector rfc 6979 p256 sha224
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"test":"C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692":"C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D"
ECDSA deterministic test vector rfc 6979 p256 sha256
@ -178,7 +178,7 @@ depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"sample":"EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2":"A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443"
ECDSA deterministic test vector rfc 6979 p384 sha224
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"sample":"42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE060122":"9DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D"
ECDSA deterministic test vector rfc 6979 p384 sha256
@ -198,7 +198,7 @@ depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"test":"4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7":"D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282"
ECDSA deterministic test vector rfc 6979 p384 sha224
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"test":"E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72":"07041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66"
ECDSA deterministic test vector rfc 6979 p384 sha256
@ -218,7 +218,7 @@ depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"sample":"0343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D":"0E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16"
ECDSA deterministic test vector rfc 6979 p521 sha224
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"sample":"1776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E":"050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F"
ECDSA deterministic test vector rfc 6979 p521 sha256
@ -238,7 +238,7 @@ depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"test":"13BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367":"1E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF"
ECDSA deterministic test vector rfc 6979 p521 sha224
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"test":"1C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB":"177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4"
ECDSA deterministic test vector rfc 6979 p521 sha256

8
tests/suites/test_suite_ecdsa.function
View file

@ -332,7 +332,7 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg,
mbedtls_mpi d, r, s, r_check, s_check;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
size_t hlen;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_ecp_group_init( &grp );
mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s );
@ -345,7 +345,7 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg,
TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
hlen = mbedtls_md_get_size( md_info );
TEST_ASSERT( mbedtls_md( md_info, (const unsigned char *) msg,
strlen( msg ), hash ) == 0 );
@ -511,7 +511,7 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg,
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
size_t hlen, slen, slen_check;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_ecdsa_restart_init( &rs_ctx );
mbedtls_ecdsa_init( &ctx );
@ -524,7 +524,7 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg,
slen_check = unhexify( sig_check, sig_str );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
hlen = mbedtls_md_get_size( md_info );
mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash );

17
tests/suites/test_suite_hkdf.function
View file

@ -1,6 +1,5 @@
/* BEGIN_HEADER */
#include "mbedtls/hkdf.h"
#include "mbedtls/md_internal.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@ -25,8 +24,8 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string,
*/
unsigned char okm_hex[257] = { '\0' };
const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md != NULL );
mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE );
ikm_len = unhexify( ikm, hex_ikm_string );
salt_len = unhexify( salt, hex_salt_string );
@ -54,8 +53,8 @@ void test_hkdf_extract( int md_alg, char *hex_ikm_string,
unsigned char *output_prk = NULL;
size_t ikm_len, salt_len, prk_len, output_prk_len;
const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md != NULL );
mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE );
output_prk_len = mbedtls_md_get_size( md );
output_prk = mbedtls_calloc( 1, output_prk_len );
@ -90,8 +89,8 @@ void test_hkdf_expand( int md_alg, char *hex_info_string,
unsigned char *output_okm = NULL;
size_t info_len, prk_len, okm_len;
const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md != NULL );
mbedtls_md_handle_t md = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md != MBEDTLS_MD_INVALID_HANDLE );
output_okm = mbedtls_calloc( OKM_LEN, 1 );
@ -114,7 +113,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */
void test_hkdf_extract_ret( int hash_len, int ret )
{
int output_ret;
@ -141,7 +140,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */
void test_hkdf_expand_ret( int hash_len, int prk_len, int okm_len, int ret )
{
int output_ret;

24
tests/suites/test_suite_hmac_drbg.function
View file

@ -34,7 +34,7 @@ void hmac_drbg_entropy_usage( int md_alg )
{
unsigned char out[16];
unsigned char buf[1024];
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
entropy_ctx entropy;
size_t last_len, i, reps = 10;
@ -47,7 +47,7 @@ void hmac_drbg_entropy_usage( int md_alg )
entropy.p = buf;
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
/* Init must use entropy */
last_len = entropy.len;
@ -112,13 +112,13 @@ exit:
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
void hmac_drbg_seed_file( int md_alg, char * path, int ret )
{
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
mbedtls_hmac_drbg_init( &ctx );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, rnd_std_rand, NULL,
NULL, 0 ) == 0 );
@ -136,7 +136,7 @@ void hmac_drbg_buf( int md_alg )
{
unsigned char out[16];
unsigned char buf[100];
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
size_t i;
@ -145,7 +145,7 @@ void hmac_drbg_buf( int md_alg )
memset( out, 0, sizeof( out ) );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info, buf, sizeof( buf ) ) == 0 );
/* Make sure it never tries to reseed (would segfault otherwise) */
@ -168,7 +168,7 @@ void hmac_drbg_no_reseed( int md_alg, data_t * entropy,
unsigned char data[1024];
unsigned char my_output[512];
entropy_ctx p_entropy;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
mbedtls_hmac_drbg_init( &ctx );
@ -177,7 +177,7 @@ void hmac_drbg_no_reseed( int md_alg, data_t * entropy,
p_entropy.len = entropy->len;
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
/* Test the simplified buffer-based variant */
memcpy( data, entropy->x, p_entropy.len );
@ -215,7 +215,7 @@ void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom,
{
unsigned char my_output[512];
entropy_ctx p_entropy;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
mbedtls_hmac_drbg_init( &ctx );
@ -224,7 +224,7 @@ void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom,
p_entropy.len = entropy->len;
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
custom->x, custom->len ) == 0 );
@ -247,7 +247,7 @@ void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom,
{
unsigned char my_output[512];
entropy_ctx p_entropy;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_hmac_drbg_context ctx;
mbedtls_hmac_drbg_init( &ctx );
@ -256,7 +256,7 @@ void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom,
p_entropy.len = entropy->len;
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy,
custom->x, custom->len ) == 0 );

8
tests/suites/test_suite_hmac_drbg.misc.data
View file

@ -3,7 +3,7 @@ depends_on:MBEDTLS_SHA1_C
hmac_drbg_entropy_usage:MBEDTLS_MD_SHA1
HMAC_DRBG entropy usage SHA-224
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_entropy_usage:MBEDTLS_MD_SHA224
HMAC_DRBG entropy usage SHA-256
@ -27,11 +27,11 @@ depends_on:MBEDTLS_SHA1_C
hmac_drbg_seed_file:MBEDTLS_MD_SHA1:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR
HMAC_DRBG write/update seed file SHA-224
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_seed_file:MBEDTLS_MD_SHA224:"data_files/hmac_drbg_seed":0
HMAC_DRBG write/update seed file SHA-224
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_seed_file:MBEDTLS_MD_SHA224:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR
HMAC_DRBG write/update seed file SHA-256
@ -63,7 +63,7 @@ depends_on:MBEDTLS_SHA1_C
hmac_drbg_buf:MBEDTLS_MD_SHA1
HMAC_DRBG from buffer SHA-224
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_buf:MBEDTLS_MD_SHA224
HMAC_DRBG from buffer SHA-256

120
tests/suites/test_suite_hmac_drbg.no_reseed.data
View file

@ -239,243 +239,243 @@ depends_on:MBEDTLS_SHA1_C
hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"3e325daab3301856044f416f250b6161e447e63d85ca084f":"a9d2a53dbd7ef4b9150dd0ed4d002e56":"4de6c923346d7adc16bbe89b9a184a79":"9e9e3412635aec6fcfb9d00da0c49fb3":"48ac8646b334e7434e5f73d60a8f6741e472baabe525257b78151c20872f331c169abe25faf800991f3d0a45c65e71261be0c8e14a1a8a6df9c6a80834a4f2237e23abd750f845ccbb4a46250ab1bb63"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"a76e77a969ab92645181f0157802523746c34bf321867641051ed6ba39368033adc93d4e":"":"":"":"8925987db5566e60520f09bdddab488292bed92cd385e5b6fc223e1919640b4e34e34575033e56c0a8f608be21d3d221c67d39abec98d81312f3a2653d55ffbf44c337c82bed314c211be23ec394399ba351c4687dce649e7c2a1ba7b0b5dab125671b1bcf9008da65cad612d95ddc92"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"65cdaa5ab147d0c79fdd02b24fc94d0e427f59ef9a31f447458c6befe0c2cde5a58c6b7d":"":"":"":"0d164682b5bb552a53a2a942373639d98576450ca632faebc15060691a4219467c5aa106034cd19a214a0a4f31d402e68c4c565f49b33b680d522ef25f541e8202be779730376fdcf5b7b58fd6ac959204a88f91008651d2c02ada82505f914d4d9b9aea7967784e5320e185e1248270"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"650996f1477112af7604386be5ace78232904315d99d87d72a06709d331a6f930b447cf5":"":"":"":"d3341d7767cfd95640a107b3abaed7b4e1855b348e3ae5bcc53a0b0d49d4b4976837ec8f376f38327135578eca7ee583215bd5c79ebf499816f79afcc402ff1e9ffc4ad0f896761c9cff75050bf84baa194c355763b16b5d2648d480a2b48f22662685de39c7cee90aa0b6edf8062e42"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"898640ce467201a53e7731bdfb572977f7eb3e49050bc1e367ca74bf0a27376d339d09f4":"":"":"":"4f5eea927023b4abab5d4d9944e84ca001ee081cbc21d4080e1534ee6d1d8a6f60361029ffa983bcc79b5d65d4aaaaaf98983de13ddde39a739f9d95878fb31f57f96184e5f2f3adf654a468c616237fcbc6b2c194e247178cb90294f631c449a01f1fe09c02587c460305be9fc71b5a"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"fe405dd73956bf6ec875515eebd8c5ecd60553643da750914c83dfc93611d57390af7324":"":"":"":"d8ae0eb81913a190c439f8ffa56c06155a73f84b20608b2b2e9eab3061202cebad18ab8b3eba81672152c1c02ef573cd6e8623c392facb6a857425c6795cd7999c1e7f56f3fa9accca018076e0bfc106d075df98f5fb66f28933215e9276777dfc479e71a8d506a66197918d9b0f7a8f"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"b06892f6f455afddc8eb60aae35b35a64f63b2aa85a2dae4ef489266f7bc354f72d68b71":"":"":"":"fc10c03fc37d3bd5fba6591a97f6354a9ed8ba2b6806744432851f43a3ce6418e39ccb417b8539e349acea588e2abe5da06147c9825c6e50a31f8589a57ca3bfb10f0da9c8e89fe2e372b5af1cf96e0fbeec5d99228770c41a76e587da7d8764d5f235f5d1d6188d84ae61c52c2164fb"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"9174e174e9e031f62b2e19ae5c0bef22eed7d5598e6e73504759a2c15b05c2473a721d26":"":"":"":"1962f2d473b31a2576dbd78022f4eeb974641fa2e9cb582f03ab741929f51f0f4663129e68ddc242e1c2ceafacec3dccb97e09527aff46b948f0abcea1451699dc3ae4d3fb5e04c84337e17b504af2fb5f1aa6ec0033ddf138a188ee162c497526563a67da8015275d89f0e1e902b2ef"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"eb1d45ba0d8951b7b1d7ce922b7d1f6e94da8b821940126c9da5b0b4382425930743a051":"":"":"":"306b1f733e6f69b6f26b7baa5441af4967a5cad8faad18029440aa989aef6024dbf3ba02dfc2c694dad6496ff760d72ae6914a4dcd5e3a443f4bcb14bf2b64986f35c32449f15e3084d46fadfa2ae213da6b26f787cef89b6a23084a929608a9f6acd8315808c29f8ae435a40202a012"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"78cdc1567caf2ff529ef8e3475c0fbb09a48b687a544f7399f503948621f29686fb15216":"":"":"":"2367067d8ec189b0819eda34602768a0698b4b545c7d5214fad58c9787b89809b97f3af5f9349907d2954f8c0dccbdbe63cc019bde3a6fae10497ae57f33e91ed55b6fc4a83fe8a2463552796d5120da8066f7285a8388958817b1218e006d7fc617f453ad0f9217966a0731ba99f093"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"25f9ee24ee25ad3d29a974f8f552b178cb292b847a6be80694213a6c0b33e25e29fd3ecc":"":"":"":"32fe251a619d164c217365b12a313a942b6a9c3df007751a5fa9f356412d1142c785c292e3dc9d0b1d77e080892e5d39b91c58fd142458c71182061920a0721db453a32fe7ffc8b2c20bf11894fa37d8f0e9463edd43a97f65362295119be03d5e06f617fdff6accaab8c4da72ac8f81"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"0b644221788c266aae00a3b63a87f32ca96a6c32b116cd37caa4f75ff5d7e56be3b4e20f":"":"":"":"dc9245da77502cadd1a8ac4d1cf6a199c8e529deda10c87ab6c69ceea6fdef36d45f4d036021b93fe5b342c52fe1e71d81e617bebc58804af3109bab93dbb2e5c546e108bd0891710128b5e8e4a4f01df2003d038fec8cef426fad7f72dd5e091b4850e9bf4932d60deacb6e9ea3c5e6"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"a6677badff70966a3cd2febaad7de7aa5849ba763789b20d0a39b6c569261b826cdb15e8":"":"":"":"e04838c970f5d7208a2a7310da893d65391666a5dc62d9ede71fc30816cfc3e8064ac59cc9aaf30283356078c812676ca20beb044a6d78db6c5ef9718a88559607f225002452c01459944433013cfffea84d6fe404fbbbc2d66bb50a2fa01d8a5d6e4ea9b402dc5256752461bf6fcb7f"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2301d8c053312db04882f4284cf8b47966c1c9b8c49de847d0c11f14c5f70ce19346562b":"":"":"":"b46246526b28f3ad7f6d8732ca3bfc40f005d97a519640a4ce728486d8bf830d661be5a97b11113e89096d9bf15cbef73ec28ac13e3fbeadc9bca500918bbe92ea23e131cc622dbffe2272db16ec5d4ca30e9bd986d1709ae22d10180514bcd11bd6218ea1fbaba101444945a17a4c4b"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"78644ea1b0c4c55c4addeb476fc34471ea2c4393697aa4f170726010c443b8e1c4a6b3ea":"":"":"":"ef1b41bd03ee8460d55759db65a4c97758f48e3a09127be04c7ed08bbee5fa5cf119929df42c187e2a347a8df99c502b693a7ae41946f4918d84686880ae29d6d8fbbc4fccc9e295876a249cfa59effd331994e84717b4c76637df36beb960761880daab3d43376341439af2ce8e33cc"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"71acb71235e88e3aa6d8bbf27ccef8ef28043ebe8663f7bcf49cb642b3d915cf03b90e65":"":"":"":"144aeb56a11cb648b5ec7d40c2816e368426690db55b559f5633f856b79efe5f784944144756825b8fd7bf98beb758efe2ac1f650d54fc436a4bcd7dfaf3a66c192a7629eea8a357eef24b117a6e7d578797980eaefcf9a961452c4c1315119ca960ad08764fe76e2462ae1a191baeca"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c5c89c26ac4ca8b1106ba90a8ef4d6d687dfd88743caa5fbafa4745d9c1f8371120b10c8":"":"d3483ae5f9ed97efd3f852e4a6f20f25c947a03f39a4b75c":"2cd523c5958cdf403caa61abe5c4739cdb9d40152f0e769a":"1fef4e6abc2778d1c3e3ce00fdb5eae1ebebdd5cff0a7087644c8565d1e8b876b2c05264ca81498468851fc7b9e5a2163a06f377d2ed754c095adc59dc015a77edd69e4eecbe48d9dc127eedfff5cc73ae38127ae3a518fe7fa5abd1a9c53eeaf144420873341e2efa3d81493c69b04e"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"6860e44bf582db9818ffbe4c699d4218965c29f463d7a02fe1f36c8442b0a5d103def7a2":"":"e9f598357109e2a532dc980388b8a5991256166d67c3bc01":"58ebbf7402be041724701e5c0132abe604c11a62a9de1d2f":"52fad34b27113c146595a6740f505bc2d3edf6618975cb9c4a5155788eaf08b96d232610d9b4ee06264fd92f319df5a52b8f9e31b016a6c21d27d31d9d42bbb7588a7142f26ece3ddf211c8cf4530947adee302aa71c0d7fe9060c1b25f1c1f2e053598a7fb72c4db55fb1b02352d60a"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"27b9f78ae07821f2b5625c8fc3a03ceec4fc8062be860c2db20403dd88a8751dcad56158":"":"1b6c848fce706abd73612dd3fd421c1c7ce9f4c2d0ecc670":"14a43645c1b6ae394f795af6ca2e9084e7e707f3f2cedd7a":"33c592017af545b3a9cf3419ce1c604e9c7c687ebf6418fbef47ec96e61f1951068eec9b60005d24574313f04ffc16c30872ec83e41e248e3d5c6951930d6a88b8931d5502d1142ce50676b3adf48453d1a008189658db8511d19a06ac97b4d5cfac19b54e8e6b899d501715f401ef85"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8d7cf5c2e360ef755c1e9f5b7a44a1e29f09cee7ca44e15925ffe9a47b2d55fd7750b356":"":"0e691c9a435939c615f0686eae88e090ba5c4b3f5e6e00c0":"1e3a452295617e5a9e6f78256d2781feeb3812753b4aad9a":"a307569d8adf3f7e6ee4567a5b2bd338badb9234e7b27c92429ffa75e4c56c0529fdc6c15df5d47c46e3d2eeadcf1b9e93a5dd6cde99a82f04b0d97f7a3bfd05c0e1d8370987222310ab18c980ce48b2679361c3d9011dd355a9b06337c054ee37913d5f4dd30d1fc942cd733a0fa5f8"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1a0d2c734918c539c1b306a464eb6b54f92e958e8636032aec23ba8ae817bec48384461f":"":"b8ad9e613a891fd0db89571fddda77827382e406cd3cdf7e":"1e172a708aa4ffa3618ff0d7b1f9ba341f4811507851dfb4":"674df1f3095d6c87bc54dd9b2aaa2c786bd50e4ddc02493745d820dad8552131fb3e389e99b0709478b65d4268f2a3b468a8447dc572a6ee024be6be9be9d428c12cc92894d15dd1c959d6222dc9ec30478c7a0b57f5bd8bd53868b98d7674738b54cf74100ae215693babb6db3b3890"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"95a30a0ca779a4038ea920cccfa4cdd814ca17d560d53a75cf170f4712994f9bcb2efb74":"":"1da6c8726bbfa3c8bee6dcff6f76f2d55d60527c4f0db26b":"595ebd903a596a1f12175080185bd94c2336eb8dd29a387d":"317c19cf4a45b8cf3f645da084ada54d1b1f81379152424fddad22a6dc9bd22841e0c4c5a36bfb7879eafbd1a939121905a938ae034c7fc01afb56607e35f895f46f13e91ce4e8e75b6a87a1e5544e18eb194fd6754b06885ac05e332a05ed436e889965e405e0f2069b04b40ea0f635"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8af8930562510231a592a72587fa6ad7c234e133046965907642fbc785c0b86cba844f0f":"":"9ee7b221064966582dc836437b82386f5204a302a4179079":"473d917f5b66f0f6e3fb4670ba08c2cbd2ea765b46b10838":"5c2fc9cc7148dbe40a692b3636778eb80188949d198bba3e8355386b78b54bfb963f5f2d9202988da20ccbf336a7c737a66c90149b9e8e306477151c4d912f7c61e872de0d0e47701cbe765864de536d599946b8bd65e4d89d4e61deb53de9974fbbe634501800feea100fea573e2e50"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2b9554ecf94c7d647a4e117f43326cab54466eba56a09a52741b2445057c491935c067d2":"":"0144be6978dba85aa645d793c1881dc2deb1bd210811ec9e":"1cd265f3812568274b643954c70923a76dfcc9f123360111":"f7459b0c23966dc1a53e0c6406c9e78ebe728e3484224cd88b6b2ea554522e75eb4a1c8a3fdc66561426464f50b8d0ff95b266677d91776b344a820eb4fd7d554678300558011a7cd85d22e92dc8ec2c2fa15c6330ba157c3e71728304447c1ad4d64f3da4fbf26d92e1e7c58a1b289c"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"335ede8603fcde78ea9869da2dbcab4a6e72f1b53439f3085d06b856e627411a9ce1c297":"":"ededc73fe268935c10832c463549f8204a29cf0fe00a4d87":"ef1b8a80dd49d2c263999ddc0d5a1d9205c1b1c66239fd80":"05bfe97c398b1e33ee1c547c0edb5b654b7060b76604195440d06dd2f614a398c6c43f1803893c4c8888bedecdf998367cf992301a25f24c263f5d36bbfc6fe8b839cad293b3617c1d2c60a814bda0359e3f717fa80fc7324af8827d438c88642754b39b10d18cf5bf42f11177a0bc6b"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"9b0275d861117553ecd3c4d7cfe762f88df22c4c4190dac8e0be5872818e2dd765261d58":"":"cfc0b07082d514425b17ce3cb334ec62bc1b3be0be58ca4b":"d3c70ab5ff7a364a9e6dc75132ac67e0d373fa2df301afb5":"09fb41bcceb016e754795e1cce582f0cae91d7bb50245975eb75274819e1e4dcdfbc5e2f13fd26b9a9f9e945cd807ffec4e275681ea7bd33eae13efd8a01edbe02562e77b44b6312f416c3dd0be64f2bae0ba4b9bb36fc3a44841d21d8b3571c0ef644d88cf3cc3c851b256a15f4d716"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1981c3f9ca58fd10e8377a8d0eb3cf02102aab6f7a033af3135533d9fd850e29ecb8dc9b":"":"f9978ba41df22894ad5f3849c1bdf21f7bbc0128c782e79b":"b4d57de5e18d393273ee9f3ef9736599c6d639f437239219":"fee23db2fcc71624fb39f573e33a1490efc7230c27e9278188251634f9c045bcb26e79ece6a173491475ae44a957c4269570f5469234ca8b6873cc973c8d97178c58cec658a352bad0d4c6001cae5664258db59ad76eb6304d166267eafb46f4dd536a914fa6d1ac58317e7c557d4653"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c10d4e521350f7cd1853576d03c4bece3e58c8c740859e4e16979499ec1365fc073736a3":"":"78b245520153baacc66846e7a83a2a925f892d4c2ee63c0f":"c8ca7a33de5991d44d7ef7da2d3368cc2cdb93895c394d41":"f92c15f5833800b28dba2d134d4dcfc41abf72f5a700469551e8ccb83bdb0772d14d6b26ba6978169e3ddbe5f214d57930dfcad719bf10d306749246d2624bedd4a18d327b8ae6bee67cf0bfb5f649824bbd0440f042146b95a83e5845ced69a55ba055d5dfc7183c3bb28d61312d274"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"7608b5617785995a1f7144ee5229e4f9c138e418bcc3b5e061a422e8cf875f58650e996d":"":"961c2d33039e60a2871e1f5b82097f6b1cb03836dba5f440":"b18cb52d3858ac5bf59f216a28c0ad49f3dc88c67b5870e0":"4b0313ae873ce5ebf08aec160416492e4c4c797a5017061ea42aefa0685ab19b74a7af11f019b9fb63072b797f7ea3354efd32c4abd1e866405a319ed2fa13fc81019d61326e70e503141b9c77b4879a45e9f36f101dbfff4359147282ef814888fee81640def25f551cee41d12609aa"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"fef7a43fea2ff1a0f624086985e535778d7a73dbc47bc23e9da92edd5d2f273cdbbc0251":"":"836731a57497a69e31f8db4f729774ad65f31d968dbc55a8":"bcca96d808ba98bb50e90afe58fc88e95dc14c3e90c56004":"4f2c64ecd146689064fbf4fcffce2a2ab3910e72ec4faec277f7b9e9ed510381312b01f21650e175ebe9c45c11e977276f13be015243a0cd16a191abbac6462ba96e4e4a1120b28083da933419e8c8f03099906eb1ee012ae291104c6530f51b5e32e6631cab8ef5aad68c0045255ba9"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"00197c70b2f0d3e98e4b387ec42a65c4106a1689ab5de61101ee76f4b5e530e7efeaf964":"":"03015311cddd0961ec7a74cb84d835c058a69b964f18a1c1":"5e0d99e0e7c57769a43ea771c467fb5e2df6d06dae035fd6":"72e8ca7666e440ac6a84ab6f7be7e00a536d77315b119b49e5544bf3ead564bd06740f09f6e20564542e0d597ac15a43b5fb5a0239a3362bc3a9efe1ce358ddd9d4f30b72e12ed9d78340c66b194beb4b12e973213931b9cfd0ccbdf540d2c36ce074e2beac7a4ddac59e06e4c7178d3"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c5c89c26ac4ca8b1106ba90a8ef4d6d687dfd88743caa5fbafa4745d9c1f8371120b10c8":"":"d3483ae5f9ed97efd3f852e4a6f20f25c947a03f39a4b75c":"2cd523c5958cdf403caa61abe5c4739cdb9d40152f0e769a":"1fef4e6abc2778d1c3e3ce00fdb5eae1ebebdd5cff0a7087644c8565d1e8b876b2c05264ca81498468851fc7b9e5a2163a06f377d2ed754c095adc59dc015a77edd69e4eecbe48d9dc127eedfff5cc73ae38127ae3a518fe7fa5abd1a9c53eeaf144420873341e2efa3d81493c69b04e"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"6860e44bf582db9818ffbe4c699d4218965c29f463d7a02fe1f36c8442b0a5d103def7a2":"":"e9f598357109e2a532dc980388b8a5991256166d67c3bc01":"58ebbf7402be041724701e5c0132abe604c11a62a9de1d2f":"52fad34b27113c146595a6740f505bc2d3edf6618975cb9c4a5155788eaf08b96d232610d9b4ee06264fd92f319df5a52b8f9e31b016a6c21d27d31d9d42bbb7588a7142f26ece3ddf211c8cf4530947adee302aa71c0d7fe9060c1b25f1c1f2e053598a7fb72c4db55fb1b02352d60a"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"27b9f78ae07821f2b5625c8fc3a03ceec4fc8062be860c2db20403dd88a8751dcad56158":"":"1b6c848fce706abd73612dd3fd421c1c7ce9f4c2d0ecc670":"14a43645c1b6ae394f795af6ca2e9084e7e707f3f2cedd7a":"33c592017af545b3a9cf3419ce1c604e9c7c687ebf6418fbef47ec96e61f1951068eec9b60005d24574313f04ffc16c30872ec83e41e248e3d5c6951930d6a88b8931d5502d1142ce50676b3adf48453d1a008189658db8511d19a06ac97b4d5cfac19b54e8e6b899d501715f401ef85"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8d7cf5c2e360ef755c1e9f5b7a44a1e29f09cee7ca44e15925ffe9a47b2d55fd7750b356":"":"0e691c9a435939c615f0686eae88e090ba5c4b3f5e6e00c0":"1e3a452295617e5a9e6f78256d2781feeb3812753b4aad9a":"a307569d8adf3f7e6ee4567a5b2bd338badb9234e7b27c92429ffa75e4c56c0529fdc6c15df5d47c46e3d2eeadcf1b9e93a5dd6cde99a82f04b0d97f7a3bfd05c0e1d8370987222310ab18c980ce48b2679361c3d9011dd355a9b06337c054ee37913d5f4dd30d1fc942cd733a0fa5f8"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1a0d2c734918c539c1b306a464eb6b54f92e958e8636032aec23ba8ae817bec48384461f":"":"b8ad9e613a891fd0db89571fddda77827382e406cd3cdf7e":"1e172a708aa4ffa3618ff0d7b1f9ba341f4811507851dfb4":"674df1f3095d6c87bc54dd9b2aaa2c786bd50e4ddc02493745d820dad8552131fb3e389e99b0709478b65d4268f2a3b468a8447dc572a6ee024be6be9be9d428c12cc92894d15dd1c959d6222dc9ec30478c7a0b57f5bd8bd53868b98d7674738b54cf74100ae215693babb6db3b3890"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"95a30a0ca779a4038ea920cccfa4cdd814ca17d560d53a75cf170f4712994f9bcb2efb74":"":"1da6c8726bbfa3c8bee6dcff6f76f2d55d60527c4f0db26b":"595ebd903a596a1f12175080185bd94c2336eb8dd29a387d":"317c19cf4a45b8cf3f645da084ada54d1b1f81379152424fddad22a6dc9bd22841e0c4c5a36bfb7879eafbd1a939121905a938ae034c7fc01afb56607e35f895f46f13e91ce4e8e75b6a87a1e5544e18eb194fd6754b06885ac05e332a05ed436e889965e405e0f2069b04b40ea0f635"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8af8930562510231a592a72587fa6ad7c234e133046965907642fbc785c0b86cba844f0f":"":"9ee7b221064966582dc836437b82386f5204a302a4179079":"473d917f5b66f0f6e3fb4670ba08c2cbd2ea765b46b10838":"5c2fc9cc7148dbe40a692b3636778eb80188949d198bba3e8355386b78b54bfb963f5f2d9202988da20ccbf336a7c737a66c90149b9e8e306477151c4d912f7c61e872de0d0e47701cbe765864de536d599946b8bd65e4d89d4e61deb53de9974fbbe634501800feea100fea573e2e50"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2b9554ecf94c7d647a4e117f43326cab54466eba56a09a52741b2445057c491935c067d2":"":"0144be6978dba85aa645d793c1881dc2deb1bd210811ec9e":"1cd265f3812568274b643954c70923a76dfcc9f123360111":"f7459b0c23966dc1a53e0c6406c9e78ebe728e3484224cd88b6b2ea554522e75eb4a1c8a3fdc66561426464f50b8d0ff95b266677d91776b344a820eb4fd7d554678300558011a7cd85d22e92dc8ec2c2fa15c6330ba157c3e71728304447c1ad4d64f3da4fbf26d92e1e7c58a1b289c"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"335ede8603fcde78ea9869da2dbcab4a6e72f1b53439f3085d06b856e627411a9ce1c297":"":"ededc73fe268935c10832c463549f8204a29cf0fe00a4d87":"ef1b8a80dd49d2c263999ddc0d5a1d9205c1b1c66239fd80":"05bfe97c398b1e33ee1c547c0edb5b654b7060b76604195440d06dd2f614a398c6c43f1803893c4c8888bedecdf998367cf992301a25f24c263f5d36bbfc6fe8b839cad293b3617c1d2c60a814bda0359e3f717fa80fc7324af8827d438c88642754b39b10d18cf5bf42f11177a0bc6b"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"9b0275d861117553ecd3c4d7cfe762f88df22c4c4190dac8e0be5872818e2dd765261d58":"":"cfc0b07082d514425b17ce3cb334ec62bc1b3be0be58ca4b":"d3c70ab5ff7a364a9e6dc75132ac67e0d373fa2df301afb5":"09fb41bcceb016e754795e1cce582f0cae91d7bb50245975eb75274819e1e4dcdfbc5e2f13fd26b9a9f9e945cd807ffec4e275681ea7bd33eae13efd8a01edbe02562e77b44b6312f416c3dd0be64f2bae0ba4b9bb36fc3a44841d21d8b3571c0ef644d88cf3cc3c851b256a15f4d716"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1981c3f9ca58fd10e8377a8d0eb3cf02102aab6f7a033af3135533d9fd850e29ecb8dc9b":"":"f9978ba41df22894ad5f3849c1bdf21f7bbc0128c782e79b":"b4d57de5e18d393273ee9f3ef9736599c6d639f437239219":"fee23db2fcc71624fb39f573e33a1490efc7230c27e9278188251634f9c045bcb26e79ece6a173491475ae44a957c4269570f5469234ca8b6873cc973c8d97178c58cec658a352bad0d4c6001cae5664258db59ad76eb6304d166267eafb46f4dd536a914fa6d1ac58317e7c557d4653"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c10d4e521350f7cd1853576d03c4bece3e58c8c740859e4e16979499ec1365fc073736a3":"":"78b245520153baacc66846e7a83a2a925f892d4c2ee63c0f":"c8ca7a33de5991d44d7ef7da2d3368cc2cdb93895c394d41":"f92c15f5833800b28dba2d134d4dcfc41abf72f5a700469551e8ccb83bdb0772d14d6b26ba6978169e3ddbe5f214d57930dfcad719bf10d306749246d2624bedd4a18d327b8ae6bee67cf0bfb5f649824bbd0440f042146b95a83e5845ced69a55ba055d5dfc7183c3bb28d61312d274"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"7608b5617785995a1f7144ee5229e4f9c138e418bcc3b5e061a422e8cf875f58650e996d":"":"961c2d33039e60a2871e1f5b82097f6b1cb03836dba5f440":"b18cb52d3858ac5bf59f216a28c0ad49f3dc88c67b5870e0":"4b0313ae873ce5ebf08aec160416492e4c4c797a5017061ea42aefa0685ab19b74a7af11f019b9fb63072b797f7ea3354efd32c4abd1e866405a319ed2fa13fc81019d61326e70e503141b9c77b4879a45e9f36f101dbfff4359147282ef814888fee81640def25f551cee41d12609aa"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"fef7a43fea2ff1a0f624086985e535778d7a73dbc47bc23e9da92edd5d2f273cdbbc0251":"":"836731a57497a69e31f8db4f729774ad65f31d968dbc55a8":"bcca96d808ba98bb50e90afe58fc88e95dc14c3e90c56004":"4f2c64ecd146689064fbf4fcffce2a2ab3910e72ec4faec277f7b9e9ed510381312b01f21650e175ebe9c45c11e977276f13be015243a0cd16a191abbac6462ba96e4e4a1120b28083da933419e8c8f03099906eb1ee012ae291104c6530f51b5e32e6631cab8ef5aad68c0045255ba9"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"00197c70b2f0d3e98e4b387ec42a65c4106a1689ab5de61101ee76f4b5e530e7efeaf964":"":"03015311cddd0961ec7a74cb84d835c058a69b964f18a1c1":"5e0d99e0e7c57769a43ea771c467fb5e2df6d06dae035fd6":"72e8ca7666e440ac6a84ab6f7be7e00a536d77315b119b49e5544bf3ead564bd06740f09f6e20564542e0d597ac15a43b5fb5a0239a3362bc3a9efe1ce358ddd9d4f30b72e12ed9d78340c66b194beb4b12e973213931b9cfd0ccbdf540d2c36ce074e2beac7a4ddac59e06e4c7178d3"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"e4547261c9dda6bafe9fddf435a80ebc96354c7c2c8847c5d26c6e73a967bfc4ebaf8613":"42849dc8eec611eaa49252067fa60d7d7267d711dc35b576":"815f50fc233f157f96ad0627c355bce407b269dca91af661":"775a1c9da6f58d4eb95b27935ecc01dde31ff17ce2e4e65d":"25adb777523a80a6dbb6ac1fd08e02bfc4b4686cec5efe3ae9aa2d4469eae8c9c3693fdc8e0fc107720b7789ef7331e23fe3799412ec86857ffbba515a5af4d91013b2f17669421c822005b4747942790a11a24c4974f27d54de69727b0ed507b6a48a9d6c53f93e2f3d33df73dd643f"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"06d677001d9b3c97fda4d09778aee3de131b4123696b109f81bb6b0d7fbcab3c5842bb83":"f99638d2d4365b662cd83ab4e6a7bbb624e6c72b7b38e81b":"20b7d56f6222bafeeeee59dbca1933d8086218891f3a9bfe":"9de4f2847fe239cb1a3df4b8ff64c25d7b0870f3c9ebe3a3":"e18ff19837ce21e68944659321311b8584dd515ed8a6a1f2b0ac06e69009c3d0cf0489af876201efad962cfd1ba54f540b94131d788d3fea797c4bc079593bc7932baa70abb145a355741a98c584f0fa3298b8310b01e1a6debf5359d7d02b1a6c663100acb56975450bec20e91b736b"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"abd38c0465cdfe018f36ffbb7a0ee51d67675ab4f0f1d1e93418bb4cdf6499a371af4d3a":"9a07d5571d841e3c1a9eb3fb48cde3b3e080e1c2e0db6a6d":"a392f79022aebbec0c82b981293627d139dfb5232eb490b4":"f5ce1f6b1e6715c49bea42ff439fdecd9b3b7f2e578133cc":"885c54ad25992fc38260498d6f4d8c73d6159af5f7efef06174da03afcd8384cb28690fd9ded1d26e2dff74aee4dd0c47a0d99c6fc1ec8d8faccbdcf6fdb12a528564ad0d8131bcf5222d7e6c69c52da1acba01b721c98ac5a33725111f12f6d8100009d7cc9efb7ad8d7d95ea4e620d"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"b52620e58e0b52b8eed0d6a6c5f4ff6c1483c61fc41dacf72bf475b37d068d061d1edcea":"ef0d233de00d24622b7d4ff4215aa720787fe80aaeb65d7a":"81b735acd3dcb13e65231c2d980fb40ca850370581f230d2":"b2302d024d92cdaed4b12f79b0aeb20c98b2321710fefab2":"ae94204670196baf740768f97b3a095134b384afea667fd90a77a16c8ae390a732ff49a3073a27db0f7a2c8ad5d7cb527d334a37abf0472f292a20f2a28e667d7c9e9f7b8fbdd177f36bf92d66223aee3f712b6c9b064e07ab96f6a77613ea55008fb4f8fbcb2f1ccbb0da75316c1faa"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2592a5ed86ff64b9b4c1fbb81222d1bfbc53f3a639571ecc356084058b8855237da15c50":"a626c51ec99e72431485d2ba027ed9cabcae7b86116abe4f":"c430876552d28776570923c6b74e42c3210f01104006bf11":"fe2ebc239690a4eb18a0b5e75d08831cc2eb07c982c63973":"005045ade7cc15467b5ea784649d9804540a842ffba4db8d44df4f44c69480bd4fe965b645aed09d62190daeb2693a2192aec3d71453a8218e4700201ab922ac35d241d95150b47cc7a051897be4d958f2da5c2ebbfceb1c550cb67b32ff83ce4fd845fd826a0d2469b506f5158765fa"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"376785f5ff8a82ceb0aaeb010533cc1089059ec583c302b14bc47e2cb8c2711839ce7f68":"6d345e248339e893f75696c039ac47e5678696fd489a393c":"b0f3fa1131c3fdd5c7fd2de93931e45a66fa030422ac65db":"c66341e3f9fb82e3ba85f229fcb7d34457e4a6ba8396b548":"b92d17e1be94b0385a8cc3e16189811fef7b284a1b0b6b2520fde79af7826c745e746486a70cd8dd9930b163da75f7eea7c216e758d9ed6c745dcd7bde19bb9382c1f7c37cd15b703b884d7d452c255b25048a836844c5ff28aaacf733a52c28904b36e1b51729d7aed81d601c0872dd"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2cc2557582c5a90cd2ad0c4a5578eb0bbc9bde41b126e46d8e9c3563341ba238414eb628":"9d2fbb9153e3ffefae0770c79de10db069a5ff9f50e31787":"2e54e32539e27ef76ac1eeae2e30c2385647652e20903b39":"1f4e01255908c3c8049521f8972c01ede7dc76c425c59640":"7d6ccdfab33f322898c470be02d8257e0e952dd10f407b3a8eaeeba47c541d968d79eca29e15541c1505fe4f19a41797c9ca2280c06261fe9d0c58bab65d16f5794b57566b8795c38c7b43d4761c8fd107beb95147a0fe61ae8dc31e25eb2957e44c0463ca7c1b589ea587f0cae1428c"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"e670f896326b76034e43cd85f6f6f11fe6582d3471a8eb88d37a2302de010aac0e556860":"5e218091abee1960ef81f4d5a80415e388bd0cc79bed70cf":"7cf84b9ff30dbd0f608fb21646d7c5b542fba50adb38d5df":"c1c4aabe7616a4c97a4dbdadb08a9b63c6e10cef8d463fd8":"d8fbd557fccf31829b5ee11b05d0353e725bff15fdaac94d21ce95d40eff55edd852b264b515ec6384e2d28d014e47a2df0d4f56a4ec79309b06affc62915e231d62d02bfc60220c72b7ca7ba5671f882839b791ef534e707a04e5274c1011f7941fe1075a5d06a47af9fb2f65c1f211"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"0576bb2d4c663b781193509251e2f76b0a8bb792e79449600c2c154feb70cf33ca942508":"ad15e4fce9f4dea43c12ff9f9d50c963b335a01332541154":"3c8a4d6ab96cebf9d02b5663dcb0e0db23699623455cd4b5":"43d2d3a8d023fa1785ce4781a15eb20ad787685a47da08f0":"a68e648cb07da2eb795a8c898c8631e565f33c2fe9c35e686d6f85fef145446cb79bb6d17bdc8224bfe437468a9630ed03c517caf1226c278ae510c869d67d50b6bf1cb378a34035041f290d8dbc123650ab4fbe5cf6074ed0ba90e45d9a8ae08566ea3d3a00ee3741c8ec8f56dcc78c"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"f597ce05b9a5b1cf3847bbd4171e5085384cc256f77ac61573b435726cbd538b93de9f55":"573cf859f8fea05f16c6d03cb4e524b91e917f39eeeb1d68":"2a842454870c3f7936f8036b453d219557ca341f261d2519":"7afd8cc269899acd88f5c55af29fb0c4ce678a0d8ebf924f":"8162c16c1ce3d5c6b7c96f0281f4220569a882277935752b86e7d3f54646b276cb77ed96da73799911fca3d19d34c1f0b21068a472afcb77410412eff2abd03c753a009ce02b0e995477546366020294eff0ef0da66f31a413313e2774ca04f09a4d5076e0e85ca97d5bb6faac4c0c27"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"d5b5374fe143035c4fea41667bc8bc7d46000998cc82ab32a0040c705e01f9b354e8f16e":"ed8bb219e67515874c5b9e3f6ae6e4dfa9c42d1e69204e8b":"70f03fe6e78cc34ec1678b2708fcd8ae3300183ea15ccfc7":"9c641d7e73d1a2b819e113747d74a979b74c444ed36b7391":"d50df8e3e17c0f5e19673ba2097d1d0c4cf7a9def7465a5b91ac8d49ae1b6a821fe9efde841ec9064555c0e2d6cdfa41f1089f22a5c27090c5a136660d1af586a1e131a853f19bc3c8f4c79aa09e39c2f22b4456c667ec907e2a4124218665e7cce50399ae1e19ba9c2399f470444839"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"74d7c8c9b170e59e4f128c8df1955838df5c8071a5e85439d71e785c68b37e10efb39c9a":"be3d54203a1078d051519137774d5d851e81be026155eb78":"23f7b6758d79de580ed3eb995fc173da74939837aa8d9eb4":"6f0d5a333ddea0d38362df0dc3ebaa2be2fe5825ddb0ce84":"4462fc32110b25b3797c5cafaad830e8a4346d9270fed98b30f1345a7a8dde19bf5365d6f3788e7f715feb2762af263839c8c8188908c61120743d977d71c51f6324d887bbda380fc07eff09a31c2332e7b1aa1692c59c3379db95fc21cf711c004c4d385fe14f48f2f2a31bcce6aaec"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"eaf27c3f69279fd523c0c3a1da5fc4f01ed64c27ffcfe3c1c596482f5baae1434e8c687c":"b038829fc95dcba8645ce40a306491c893f48139ae30a071":"fbbf7abb8cc2612eeea6d9463efd55c47245e01713332bd6":"ccd7e81f529de1ff4e65fc63d34c262ffde7ee49e6707197":"96dfb7445057633b2f0deb69135d10d0a2dc53faa9cded55ddfb8edc63f5424f8fec7627597a30328177dde7963f76f9e5412b5b440256c6a3f0c7c7fa02ca49e19ea176abac013696e9d529f65e51d4a7348e42dd254bbf19d9632d6c875b8ecd7a4139f1bf020a159d2a30af8d645f"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"319cbf2b11b37c831c654b6cec2570dc6d7abeeab185272a518eaef30faa5acf5c8b254d":"9effa141f7466b659eaa50c32c8e683c2640f54027ab6aa5":"63b3acc237588cdf41c0d4bef16c4890cf3d458fcf1de8ea":"573d6a7960aeccc3280a8aee4d72e587e9d196b7b270e329":"8a568086fdd9f01206a5aaee34d253bbc9339112d3170699b9a1392e97062d5d0f16240114dc1789269217c5b4b2974895b20903890f7dacfef46fa4a4d02891c70425ab3b42f53d72f852faf3713ac7b8207dc453279f4df345091b8bfeb54983095c2d190358293ba507bdfdc39b24"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"56f3f5b08da10ead0c986dd2ae5553e4b2eeeb47ad5d22197b12b89b4a871c51c0d85554":"96c8630a1f4187fb0794601cf51e7e333e71756a0421ff43":"875e5bc9548917a82b6dc95200d92bf4218dba7ab316a5fe":"4d3f5678b00d47bb9d0936486de60407eaf1282fda99f595":"90969961ef9283b9e600aead7985455e692db817165189665f498f219b1e5f277e586b237851305d5205548b565faeb02bb7b5f477c80ba94b0563e24d9309d2957a675848140f5601f698459db5899b20dda68f000ccb18dcd39dfae49955b8478fd50bb59d772045beb338622efa5a"
HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #0

120
tests/suites/test_suite_hmac_drbg.nopr.data
View file

@ -239,243 +239,243 @@ depends_on:MBEDTLS_SHA1_C
hmac_drbg_nopr:MBEDTLS_MD_SHA1:"4e8227e8422d674cdb79e52cc30b7b84f81cc05b03339704dba3e731fc81949e679a4257c5fd68a7":"2d6e4af02acaf230bf746157ec624ba7":"deebb368a79c1788528b589056b1194b":"1dbbc7a131e98344fd748edc6fec11a0":"0266e8a066dcabaf6991c7a91e1c6e56":"e51fc833a60b099e56996a66820368f5332822c8f9dffe8459c80d2512d451e1669ecf6e562a1c295fa6981fa651fdd3d8d936c18f88d5844393a2a371aaac8f485cfe92926f1a54980500edc43a0a6c"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"09effa3906a5e93d05530edc71e62b39c5e4da020537176c23823da52dbdbae8307656cdaf8f861471dba14533c880505874098917e338f20ef8d8a1":"":"":"":"":"d5de8a3388b11e45085f6d9a009462947631c4e74523080ccd03a0196aa56b63a93a2939f490e9456e9fce3e9000e58190991b9aed6d145ac18f65cf2b1c17eb021acc5256eb6a7e9023f62aed87d15ea4e4b328f265cc34adbc062d54524365cc9c5073a8371f35dc2f459e1d027515"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"29a7071e686936e60c392061f71b68500dd6f11c563732fca9dec3b2f859e06a857fd94e3ca1817872d94c2b7c2f283a0d2d12a6443e95f7e700a910":"":"":"":"":"72c0f3cb7792bfebbc1ee6f65d40d118a6a1c4e04e589c8f70273b4c7b718c9df383658572b894838a311fc0aa2aa6258758b33783e192b0c3c1d322809375dc925a05605fed8c7e8fb878fb63c84ce639fd277d9955f91602a9f4777b7c3b15404c4e761ec8d466674e32136c7b8bdb"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"abd3dafc85b23025792bcdaf9f410829d3201c1e8ca450e217e13ec2e3b744e8c54107174a6e69ad05f643ee5cec49cd47ea88c80b96a0944154b458":"":"":"":"":"152333e16b04283dfb8c43dbb3be43b5db2ec49a399facb65cebdf7ca3ed267792ba308cdb0649b0c19cb1126b144d5766b5afeca98036a1f85cd2cfe3b8071011b69b2aec382f8562d9dd4331a554f3a3ee632cff308488b30a7416be8bbdee7e250cd12f371d069a097e9eac43031a"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"caa286c160d22af10922ee6088c269d0c963034e5fd2a85d2fc171d0c4ba0833b630a64ab09965f132a744656631bf2dd27430c7c2d1e59cdcf43a97":"":"":"":"":"4d6132b9ce70470dd36f551584ada639e74b85fb9bd3c3e350011d99f2dc0371f874e6b9d92eba3fceafe34e574c1441d0d476c475b704755a28733e31637962cae67e849bed18d77501383cdbc27ab6f60d5d8d26634ef39e2c60fcbb04a9bdda8bcfb9b2d3aeec12a21279ed553343"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f79156a2321ba930e15109501ead80a3b26c1747b7a9aeb922d1a9d474df64a1fc3483f10e88a7fcdde91dc06940c58bf4d747b5a9cd8cad2c2e9870":"":"":"":"":"1b3aeaff973b2e20cee947ff283277991842a22f45cce9d22c1705daa51a56ab43aaae1b51bad7a7363edc7b548a0cec6b376b925a6e35bc7dc3b4a33a7f3b57d66b1b35256908bd2d8f0495caf2539ba4475d766c21c2c2e4acff87fefb07c662eb344d9c99ed407165f8a09a22816a"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"2dfeb70fc433426e23378d048b836f899cbff52d4a92c6d7d218e3aa54c06793339a752f86f03b7fcf89bef725339f16ab1cd28ec85c20594bbdf3be":"":"":"":"":"d403dd8a6f3a914933253db9cd043421e54243a34043f5ee11a3b6a627e25d944434eac22a00172caa607ebf7de55b4c4305c2b93428d5fb4cf0a649451ec7fc5da65c4894cf4d2f3d52e90993544237e5c58745441c9cb2e047513ff81d9cf980d8b12769c21cc8c06f6d583b8be3dd"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"2c6ba987bb61c4131138bb8acd877763c2c7e1f86289a81b6b54d1d8b399b5a5ac7171c0c9c0b5943bd7f54bf72b20307834e971bb637b351a756823":"":"":"":"":"7ff01def84626825fc22a62cfe28f5f95403bb2618eff22529b6531aaf1032100944d5f9703496d165c5756c0aac55b1812a72940aa5317fb6a2944d124e7f65766f231b6bda06100c5ad0d1b37c488e0e9f11a6d8f7e4cf7337e04d094ea9de2db1bbecf40e0cc8d1fc1cf5a01cd081"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"ba08acc3a00b9b40d2bad8cca4909d3bbec5471f78d0bf89a805d839b8b29fb753c9e5d3674365a7055a187a238ea1cd04f482d24d856b67eb54d71a":"":"":"":"":"9ec6ad840270051313c5825295a6f7527a8b1b9b3e7c867e5642a984b11911be60614e5737d3a0d109eea4223f0d2ee63cb19be702291a771b2e2c277f2d4559176fc5adccea52492e3d3ba7d17bad5b5f487d783639467997d7668ce2173ef777f9e31dbecb6ee716b5cedc8bc5098a"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"95413345228eadb85b67674b9981af34bd6a4ae04866229921be928c06e6a6a6fde8d31a6a88f24d6a1114ccbe08ded9d7c50c3360bcb8908a615381":"":"":"":"":"d4dc08e36f94e88f8bfb1919c13186139591edc681affb61c421d32dfda69e507d59495bcadd39b73c4036ef440dc598e339473caba60e0770ac4729264b1dbfdaf32ca6d136ef6810a6660fa5cbac91940a28053c0fa405c7b6ca5e3f147b5e0096f36b67da9fce64247cfdaad70fc0"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"9b6bb9589f41e8ed6969dbf1a3b3d242dd5e133711f72549334c74190e4efb1d0452016ed4fffca9561aaf219e6793bfb6fd3dd9500bd61e6a62db66":"":"":"":"":"cee02e4fe0980afe6ccbb1b0d80041ba9841461397494f0fae5188228fbe9822e3ffc5397b7caa29950d95536e7000e1249e5bb93a593e659a49689add16d2f5e02ff251c76716dc426010c2961a176bd63c29397f6e36cd4de2f2b11e1260b9f9a00bd49b4b6617fb056b82c92c471d"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f276ba0da08274a082f3b8ad989a713908873b742f96bbbf8c81b4e1a7e4857bc99aeceabe534c45105306b14860883cd56f2438a7812b43f0d911f7":"":"":"":"":"24dd3eea9a8e1f9929ebbbc2a68379caec77fb42531a97f7f3a75d16ad053799ffc25cace4f4553c271ae360eca1f5131ef87bf0390b26785880db0d92bb351e6e22409d600f6dab5cbb2278b8784e67a40be4d8ea6d994115c67b7224d721d1b3c7fc5b24e15f97eb3bbe33798d1bb8"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"fa5ed9189f21d7e94764bddeff23050112868cfe35220b863e8112f691c57e6d6c4a91c752c5f0b37b97d5f3e383480054877f319a568b064e6562a4":"":"":"":"":"55eb5ef1248b5a34c741f2076ea5d568da630ce4720b7e2c86a9dd535b48faece2229866a36024fd4114249be4730e554b772d557ce3f8b9d4d86d91202582213a676a076b87f941351c7606a452816db5d0f8194825d402d2fe7ebb2815532091b3830a9616918bb0e3298faf037bf6"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"d0c5003a6168163f707b25191b51211dc1ae361df1e069d0f284f66967aca4199809dc89368164213ae17285674e5574851582372fcae8cd2733bf4a":"":"":"":"":"24910e1a9304471d053af458bc3fdef527e8796e33133f5af005106b203e8fdefb274f1c0e8ff44e92c63bef3082c6e5607a7981a6076f1a1d15368f4330c7012509d5f61b4349224a87960bce9873725145f187aa931394c449f502d12b60655a0ab2a221134a51786c3683f9ffa2b2"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"bf5b5d1c891f7a6f2dd3f4d486d693fbf67f49584b7f053aa96ddacd9fc0cdea0fab8209d8f4335820ce68bfa04899b63cda15242e9cd3f7acb1f103":"":"":"":"":"710c8b33ab034b50a29de657b93f3c71df4727a5219a474350c88b4e3974ffd0d3452e8c4d26f579e348f39cfe0d20045a70a866c5e16a0c22aa0d69b739f74cbe8b046bc14cf82b86498460bfb26af0771371c2750f7c59320c6f6fe1d04cfb40c048686b6c1b69dc641b8957c2c341"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"525615164dce0dac5397b357546aad049dbe5982da2c215a233557553460f8505a3e7c8224af561190099ee21a06d62f9f00e282b32b486e8d0e338f":"":"":"":"":"3fe96c9b10c4c8e43cf3cd76ced4ad85ae576f32ea6671ef284f7c97491b72152a18a1060145e4f5e7c0c373c396cb4c8c0b6d625c1f0d2ae95b0691cb1c80a3dd5eaa21632a82aaa28e09a2bbdeff7fd8812fae46deae14bbb16da24d06878fc417b3554fb47b0ef9fe18d1b9d4f4ca"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"ca81953d50430bfb09537a318a1a7b90a9200077abb721e55d9ac28946fbf75d9cebc81f11cf6d4db712a3b91d479e00ba30d736a763cbfe40b91448":"":"e50aa8bec96339cf2608bb82cf038d5fd6bf93e65271cb72":"5c5eed0d98c7fc7eb30acddfee002d5b99c965949d4e2095":"a1a7cbc79bfaf4571cd8020da094118d241b3f018ec823ba":"c8b7d9c15624ae018a8612edf6444354c45c6a788272281c16526c689a3dac36679e44d89c4acd7eb58ff40a577c3d1a9f4d0175feef9ac5674c115d5e4cd17f2369e0135e33b018bdc99e4099713ace986a145ef55e868f74846feb3592d44ca3ebba6044a928e9284b5ea75063ae81"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b96ca1202fa959ef55a683a9021068e14c75376e15d1f0394b1c091a8b6dd6b98b6f63747dae58c29186179b4155b868f5a81ca206a5086a5759b025":"":"a35096086c1fdeb1fb60dd84fa730eccedd53e5b127eecf9":"a3269fa749e55850d4aa9e466bced0beab2edf86b926c2ae":"29f6799f7c78fdfa2d0dbdde8381aec5af249556903f6313":"c63ea73e1ddc9d55bd64a63cf73f730136ab4f6d688a9cd56b945f9875ef4ff48cdbdd8b78b898486a685d8af8cccbc2a834a9804e566ee7138c7dbf488d263fbd387041f835ea46ad27cbd66721428ed5795f6ed044cdb17c8e7e3ecbf61dd68239e8fd644ae85776050afbaa06caf7"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"59af1213cfcaeea29e31400ab6b30f108d4a9a77d3b370972d29032cdc612b7c360c41f16b0c9d794219300fe0551e0e66d634a4eec396c50ec9604c":"":"66ed9352bed73224d35508754aab68fcea10aac06d60e888":"198a3526a67a0ce31ad0348bbdfecede4f82d4203d1d5ca1":"03faa2f4c34577cd8b2ed53e10c68c83c1ebc8d877379178":"5e24f1a9083f13274ed1020ab6935222cca644d0920839c2b142e2780983204453d2e6c58518cb351188bc3e5e3b64015882130d745511f004cfb6b64831139e01ae5bba64b74f1a1ede7e220a6d29b1067d7c68ba3543f4dda2fc97a3dd23590c2c18b85662618462ba2c05231534b6"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e6cc94c72f37999f28b5fe350bff622b433ae19111786c747d954adaecba47abacfea8cdf5eab05e2f750c0a679cfb9c2c2c071461178a054af40967":"":"3032528703dd66e42c7b6b5881483eca41e9eea503852eda":"ce8c03b0a05982ceadb516b1fe513da2403a9e6dcd7a39f0":"3f7ccb55376f23dfac1dc13be617894931f9c13d15fd3dcb":"558656cad7da2ad87a7a29ec5e612addcca96d72ac7b224cde80ce386c6efda12113fe9aa8e511714a42edab53ea0289c75d34b42f2313ac366f51f5dd3f6968bbd4c09ebf840dfd03852dedc1e3b6209d932889cb04062c644482106cf8b7a237d2937840f0c4d752d52725b5590d15"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"cd4dcc8fb50672611f19e0cc8adcf9285f9d76e7e28bcac34e931163f8057b9f86424e5d514a13c0a25bbb49ee485501ec5e21061e006ad1569d2610":"":"24480094a44067b86ef47db38ec3e62914351196358bd9d7":"c6ac3b879adb6c150a8ee44428c333574ed9b0d6806848d8":"92bdc1514d87daaa321655d56c6302878c2bde37700163e8":"21c51a1568aafb56af1fd424f6fa146113d14d6d63e1a24e3168130ebc10dd84925bc4077c41897aa8b3c73aeb5bcf392d496dedcb6487379bfb3e12bc07fcf5c196d59fcc1fa730e55c00edaa2bca7b1e32a40ba06500ed3dd7fcab361995319979a0fa9cdc406a4d20650814e8bfac"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"fdca0039e8485a06e6a9afbde5b07a1bbe49e13659a2164034289639d23dcf3f9874b8fb1a1af8495b6b2129b88475cc529c96271bc1bbb5c7c2ea03":"":"841f765ed5f00be838a270730ce5926659cd7cd9d5b93ca5":"825fa13ed554973768aab55917cc880183c3ebb33a532305":"736e9de931198dd1c5f18a7da3887f685fbfa22b1d6ab638":"dd8596a62847a77da81818dbbeaf0393bd5e135069ba169f8987f01dc756689342cba61d87a79d4bce2311790069d10709c3a53df974c7d6793ae1298253f13ecdbb5680928579b73d73afdcd24a703dc9b391f303d8835ba1129c3d46237ede5e44732a74f8f23b60a3a45ce42f042a"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e246e3f95d89c166768aac69fc95fb49eec49aa633adb938ce1705b68987aeb0fae7f57b7e99e4f3e3e1b1db2d1fedf443bd2618e95193cefd905e1d":"":"130701f88cc1e7545980e6c6f6cc76b0336f089bb66cc347":"95533f4cc247c887d6a7cc0ca753009bf034ba95b7b1d3b2":"464fd16f011eb2986d9982879d79349a3ce4f5905bbfe832":"0d4e6b03af7a648337abec2efa585908af40e88d1f104b3e8c352aa29ac79fe8e448f36b0dfd701a1fc0f1d86dcab7e8a8ecada6ba218d9aaea1c40aa442ca51f3116ced3c9b8ba7546688ed4f3a1378f76b8a29ec763784fc82906dc0f688c5e60d59e6d5284fcd96f361bc5b285465"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"cb0405e58270cecb34a9951adeb694c5513c499cf310f6a99985d4fb3973463e907705740e01aed4ca221d4b03ef30e69fd8dbfb4ea919a913800a1a":"":"0b57e688472e9a05baa3920417a2e8f9a9c12555fd0abc00":"cac05f79d9837c97bb39f751792624983c397fd288dd1d95":"344d2aa2b3bad1485429b66606bf215acb0a65bf2a318f6d":"b2a13d75ad389514149763199d711092a9b0e4f1e50809355cfefc1884a94f4d4a50ac5c5da0b4e9bd7537e413bb451fdd2fa77f1f894444cb5c81e4c43978ebfd96900a2c8986c885d0faf89a2ad5c6ef922dfba1b5219b0f3c4ac2095340c3b8bf0db037171b6545741c76217b2aa5"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e38ea7584fea31e48ab085c44f46b4cf68ff24b4a6b0b25867463e4a46ddc9a4de23f7272af1e9c4e0391aa9491ce7cdb5f96292e0d65cb9a9a4a3cc":"":"afe267e1491de3934054b8419b88b16731217eb4ee74c854":"bd0f3c43229a0ffc9e143e16738111e16d6a06ebf3eaa5b0":"23bd14ef8cf797cff7ff787df8ed8b87684fe7a9a33bf695":"c27a6ee5bab8f8e93783840e72894f3b024c7d3206a4a1869ce6fa8b5674bcbd24d4aab30f9866d797d850423c57684b7697913b9ef7bc0be933d0e21535bd50fea0feeb293985261fb9d4eb1ef97ab5ec6b691a08db4c8171e63745d14fb4c3a03c41f906daaa2877b7622b254f0449"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"71dc625242dcb94e6ba2bd013beb2112cfca576774e102830503b7aeda24c2c9d862f5212975ccc019ad2ea0442595f74d1d37dbcba0719d8ea32ba1":"":"0fef9f0934bb4485bfab2431f8811d963ec7fa7953ffc213":"a6a7501c4a5a93c396ef8cc969ebd93cac1c30b4783a0617":"c58ea233f35a22fd9b01592c6026aa17922070b3604c7118":"a1452d85799b54370cff65fd6dd74b575199606cc8fa64880b26972c913c372010b4c3f4ce9b7b565a8f5305072404c7b9d70f7aef6e2709c1694eefae66ffa80f16eb4b91f8041f4487427e69daa437e183e83d3b9718ba6a23fb90365884899e0d2f0bef56b27249f65e1c00c5411a"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"36c1e048d16f9d6035c6b62515afb929633f356fed6a654282663e2284fd4132116d21eef66d29629bc712965d960f18cf3f7dcbf8a3ccd61b5b5fb5":"":"93bb372b7ae1035de6f13b2a36c3ae5682b9a3ea8f444383":"9715b72e4755993762e11a93857f1d50a051e70d094339a5":"2f1e73945863b237f49d6d20d0999a0203f295b9a046dca2":"ca135891b47f27c26ac891df49c80d085f90c13d236a60f1372eefd81eafc5819f4ae5aee5b32d46681be01629b078ae965f67b81a5268ef0b303d09e048f4449f5aaa11af51f80151b4697b13700930167cdcb3b6e8260eeb8bec7f6a67a2050a6ea569c825d61d4858a1cd15f70fb3"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"582425e13356e7a840cae9fa435b220af6a96fb53ac91e7ee22023cf6a0eef3923907883ae540be816e0631c894520b86e8c6adb8152e55cb6aed5ad":"":"227762e137f9eec6d2b3c63476b404dc5b0c68613a93034a":"fba72c01a9e51c93ac00c1232c717d32fd4d4c791556e716":"f5258bf318457769a93ef5b3ba95fa2753ad1c5c1b81a785":"c753a84ba7f41af2ab757ac1e4c9c450d2112767ff55a9af8f58edc05c2adcaef7b5bf696e5c64f71d5685593f254a87625065ee0df51ab4f7bba38faf5799c567d783fa047957f3f965571a7b4cb477566d1c434d6b2e22ae16fdf473a6c03057d934a7e25f0ea3537be97238d74bc4"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"836f5d7521f26d884dc34af2ca56ab4a752ea18b909085a87cb6d07dba32b654390a25b68ea7ba8fb790271c712f387145052ca46cb40534355c1666":"":"99d9aec334666d7c399e453455ef6ae884c2173e12e31cf2":"d74d20dc22c55c35f0b66a464dfbe8f349616916fc726298":"407b0951404079fb3b54559c0286143d9cb18957bed7fb1d":"809f372d1af60ff972049193fe9f173684a2fc9828b60b32164c1b6738e1ba6aa12cf739287a74c6ad528a3ec00095b590b44705b4975236a0b7ea02c1213f0e830f275f53bb79efd98679c4766cad27738e6fb777e98cdd606b971fa60745289d5ef72a99e1919686a53a241fe36cf0"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e555ed6c7ab344fea68d73c6432e4e6da2e67d8b33ab79e5719a2def258a852d17d93212840583fe23900949c301a29fc92095f4716018144e64583b":"":"5262cccd138256fa8424801435d118f39b9aa1db4d11ca9f":"9b55d76b743bd7fc5700fde8ffca956c0ed6091df1a22aed":"f8c99af8029110c41a6a01fd2d3d12b7103aa39cbeea90c8":"d1ec06e38af7c6e0a70b73ac62bc3556183f99a47bfea0f0c4a59e7ba4b0718df5438e369ba14be84db40d5ffe8a1a5952edfb83f61ee4d984e3d2fa67f557aacc58291cc688fa29be530e66c228e68607e25c013473b4ffbcfeda721ee35f5dfc8809528eaddad8969ce719a411216f"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"12f2cabd3b6f640daaf27ed6cf6bd7d06e2ac372733c6971739e36afe2ba1ebf4e7e5e9f5591480e3fae752fa59bb99a1949bdeccf0c100f6afe886d":"":"7766c36e6583cc8e3c26a8058fa0923bfeb3ee22033f46c0":"63e60d1bba9aa29adc3f3b8a5db53f3b703c7ae69bcbc2f7":"f416f36717ba5f0a78125ca52ccd004b2f4f2dcdd401f595":"6196b2b4adff14a26d64f440b6c160210266d7f5b77d5e292e94b8c67bd9cc774274741e7c0c9a7ab21c31f1194ef4218ddcbbe94059042d22ef44ecfecef214a73db64505d46d5493d7475d0684fc0e431c5265c12b35310d4404b3c4db6029facbaec88b0c0ae9799e5af0aa49e842"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"2c50da90a1f7987d5216950ea22689584b237647d96c1239f9251942f4d13d16f418b0cf7265b91c4ad97a7acbbda065a48bc1bc5c7a9ee1523c50e3":"a74c108fe870b91a2defa971fa1efcb7a209f293d29bb5ea":"":"":"":"8853eb47c4ada94a3d58a1b517784bccc8f831d02dd5239c740fd7caa3869c5ff7bbf522a78be2d510c49c496a6657a09f0ede00daee9fd77061b0f04e7342518dc6ec1f4a7ff99dd7c783882b58f5e8bc467516c6b85985fab65c6761d4fe756ffc27fd62cfb92778391a258d3b0b0e"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"4606e3e19a8a53e8aba05d9d1fda1ddf15e7709aa2bae8b54efc4a14e734b45a5cbbad00a749d2bde540258de74ff8fe886d05570300af2086d0b9a2":"23ef5fbde4b270c084a745e0e299a5eba228a37074fd4f07":"":"":"":"8caf86df25de5cbc3749fee4b64fe041cf4ef2859e20704bb01abe126a90ead8cffc427c2f98aac400aab97184846125a2a66888dea9c8aa108e96e03b05bbd30e566fb90c661dc1990ebfe75f73f5b0de7be419c225bfcba3713805455dffbe5d6fcc98141743b59c2cbd70e78f5977"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"08e2e2175fb34e4111179fc2580c05afa16d224440cc7eff24082beb16133a992fc4f4e2762634fbf68177dc3f11c4d057b71661ade56e7768ab9e6b":"0a4af33e2501ba409b132459ba97603888e727aca0a0cee0":"":"":"":"39c60b6d9f85cb69b2128bde86aca2b055e21ffd7716d789f834ecacc69a043893b09459991793571d3d8070f03382a11bd1c1bf38e86fae13a932c6dc82c540fab8c8eff478e598d3295663ab75ee8a56376c0d607fe43b74ac39479b8f694a3a13826b1b96344ec67b9eb0a5858eec"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b436ebeda1119de3fb2b2e532f7ebf59fac632a4d784d904f844bb73f2cade5a88d4790c8c1d5973fc73f6b7f929303b62d30b6818a25ddf705bdb9e":"07de5589726c49dc5a764de9b41bce74675e4ca3c71769a6":"":"":"":"2099fc754ecd19a19de8afd21d2ae2ce456c32d6ce7772a98e37ed47f54001f44fad8e9b591a70d3bb28f19bca22940321ba17c33193613b7b5be1ec54efa470b70cbd6be2931193c35cc73d80c139bb4e670e1a2cb74d3bedd3610e9d0f9d154372a70b608fef824c346fb16241b301"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"4d3e993c296c66983b9c751d2c0aa2d519f801a764ac9f1fd8d86b57eb226bdd9f69efd9ad29bf16af483e7dc170f8af65c16426c2ab7c0fa9df0175":"52ae4cfe985348408d3678d60259a78369aac02953911e74":"":"":"":"bead2cfc29315133e6f5ba2e85bd7778dcf9908081032ee634f90b0124ed9371c9009419b9e2a409fe4abd6295cad57cddcb6042986cc98f2fafdff99f7cc1185f3ba0d5f1e5f5452ee5f9df03c0e8a4f8426ca246afafe81079c2f0d165b87056e7c8528e8cccac5f49d0bb5ccfbefc"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"c7c4e18c56e9191ba43c967cebe48e55bf9aff4d6449c3e6a1f9846bfd7f92d535bb7386c0155cdc5aa2beec888de0d432f695ec79b1c78841ad941e":"c36a381b1b36e6ab00ea80557b5e7451ec9771101dc22580":"":"":"":"da74b23d309fc7cf7670d7feb6cb6ff4da1b763ae2e8616edeec12c71511f5a24b9c466532283f4151a902ffa5ae211d7c1efa84477b93fc393ac95522f3673f97aa9e379e48d198d5929684875150633fcf8a0918d2050551d8daa91887f3d2685737b6456d0c61c0a117413f193346"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"78426f865483ffbcc6330db2ccd65bf8f247706cedf68d4cbcc289bacb1ef32e5caf05f28a21146a9b18e77b3a7ed0d24a0803c9af7264fe4e23d692":"e5026090f9806ff6f158c4a834588f6a39e9b4a44ef2dfa6":"":"":"":"111cd64a9950cc6f20a1b38811fce4a08929ca2654bed66c0cdebab0b81552826c06ef12ce463fc9c91c81a35d2ca0553905922b9a4975fa8fee2c7f9ffa9f2ed8cb2609f4b7d32a44927c7b5baa8f43dda137aba9b49a2b0394f7f67d37b7f71a5e4f4c151db6b96e8e4dd9cd0bd84d"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"43ca11d53ad0198e4db5e136de8136bc461851a30ce59521f931ad0596d13365bd8297a68dd42b7dab7f40808b3ce6c12f14d4de741ce451b6637a10":"532b05891fe406ce72421013aceb434581be8a3a13549dfa":"":"":"":"4c42f791dc8322d779f9a1ed9a28b0cf352601a4ef6d74e4e822ee5d9eef06e700314acb7a47dcbb62805babdcfdd236e3022374defd44bbf747764f72fbfccae10893b54b29966aba448435987c22ace4c931d01dc945091860cae7744365bd9b619059b8b646b229878966049cf83f"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"ddcb3024b681e30e16e05026d8e23977497fd0b2c0ac24017de2744edcb097d3a104d4e3c6b8adcb554746f9a43671f0692c01a8f89fa98ec3a54ac7":"bd9e41974f6627ac5bbb21ec690eece459e1dcedefb327f9":"":"":"":"741b2a8e82aa3ca9f3a609d05a6e2d570be463ef957f235344cdf9e0f89b3610951aa1ef0b9406785b75e59c2de8349d435e4db82fc2a4a8b94e366f4eb13c432fcf8fac08f0c7fdbe67a44e81706b53b460f78befb8cb6dd2a0ffd13c87df84f8a5197ed47158cee171e5323593df4e"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f81c4ba8605dc14072e2bda2d2ef64e71ad856061056b8d8374fff5a6fd9a54a814fd725bda8944037197492c52c62b97ea02df33325b35b91726839":"217137084f4519d046ec896144cf2c301baf911e1440852e":"":"":"":"14efd71fa13dfbd498bbe13ffa24e646d04ee0ef32c99c11004c3e9d8f748ac2f956f9899a72c8d97ae988d06275855f77a92bc30f1b957dbcfc93fffec3852715c239c5313e765affbed257d302b6d1b74977b8012522b69902adb86efc1ad768d99d657a5375dff720b4cad886877a"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"8181fd2cc5f7ae2d4ed2c96b9511aeeef33e50ecf164afc4eddebaf76a96d97bfb40377959e1edc44d24df041749ec6239ff226e40d5a5feccdbeda6":"7d6ca5ab652a37cd79367d84299f1ff2c5a3c2331c77b98e":"":"":"":"5a2cac8110a24e1d8c5f8bff3e82857ec8cfcd469c316fa18b0f65a0d30866e49fed2a228121f50901dbbba561732c4fe82a98f341bbc0a397fd257a5f8a4a9122c991648b1a6507c82f866d26f9b22e0ee7c9a51c4d8e5104f0b4570043c9257bb9dd6f3730f1daf94f80baf8907acb"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"a0ad012a978bed2268d05086b823f5d0dc9bb98ee03980d755bce968f9ac81db886a2a05b59df40d8346334a0276b73f528db03a118545acb7f2d70e":"1a8aca3c118f2bc0c2196df81ef22c267d20ed7c607cdae0":"":"":"":"b9dc0eb1e4aeb482dea1b4a5e6f6ef9636366face696811db2d912e9430b303f23ac95d65682694ef9513ac5b3e56a053b2e1a2ffbcb901c375cd122cab47d31fca5a0606daf8cc2e5e6e99b90fc8ab4fa67794caad91985cc92b2187dd2965be0980240d9be2fb1c4bf06e60f58f547"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f28b143468ab87794230cef4361d047236444180d0cfda58cbb9494cd1ad21be96297ff799011042013789a928f18831ffb0169126dd046c774a4fce":"ea7fc50e1eea3d84bffcbf83b240e921348b532e7b33f094":"":"":"":"5c22e92f25acaf98f55ff06e1bd80d382da754d1d33cffb6fca933583ba758200357551640c439770f77f843e9ce1e9a054f69588d76acb9cb92b7a2fa2903bc51391bd7001ccc1da67a4cce9e5dd08c2d489295c36de2c148ce27311d0789310de1cab2641e92f859b036383a8058a4"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b628cb448e477cb439a2de687861a992e738db6b2b25cc6c27aadfc3a0a640b3411de49c920407303e80abd7a1d4f45c4749980fe1550bff69518210":"d5f4f8266da9b7f17ac97734201544104a5c0acb53c6bf22":"":"":"":"34a834dbb7da0b6a2e2353bd9795bef369cdde4d172b3feae7b1d9fdfb0446454cfb1adeff423d0a143c33c0e0d8e7905bd1720889e8b1121f1ef82cf15443c2f9c8999c5573e7df60b52ef395ca1d1b60e7eb721c012c344d06b336d519fa2b7b6dfbed8383456504bd0b4893bf2ba2"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"5c7c9690a1926a4580c691c2e5327e736d5c3aec0ce8f5d32d4946bc4b607f712a8759428b010ba1b268b0de64fc5eb32d3f7fa9b8d4f20fab45c72d":"0310b2d8b5655cbb0fc2041ad15a248a7b1f2ac78845e29b":"":"":"":"6f8b6df55d9d8acf87dc2af20b7f4512f9425987495f512975de8059135e7ebb8698cb0301a8816e7299e76053cb66051c8b35bd2b00b4695cff4847f168d2d60697495cd9007ab7dd74ee7f61ee90b7827543f624b7c1412bba3d6df1242e6ffd90534ed393341429fc00bd97d9bcb7"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"96ae702af50c50c7c38818a5133938bd7ce51197fc78e21815b6c5a7ff9c0395d764159f707d5813e5bf47c1b8232b44a007bf7decfef499d758ed53":"e96554644097e9932585b7f4bb14d101f24c8b0376f38c05":"3f698a5f6f4fe67ef2ddf23bd5a67c1a2df4f3b19425fb85":"fe1f6a90fc0ed396bca21c0d40a1bb583eb63df78c98adac":"5942b56148f27dd5388f00caa47ffd4925e854237fe14454":"150b9260ce9aa419fe1860332ae7c9f42d9ada1649679b53f46bc9d20de3431186a54afb5df7b6269cdc05540a93fdd50a2cd3a862372d862841768df02846b057993dd6aa32f874b7220a5a1fd9cb573d720a54af5715cedfc16f0d9a467735e253b2b1a6e97421fcee1f2d670dec1a"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"4834717f669d9b599f0ee526129057b5a7c5680724ae0459ceb0e0d4eda21e5fe92e63fd23f08f8a0b094a85f3f377fdf1018ada0c461b5a05c334e8":"870b7857dae97cd361a005c3005013e4dd55ca76e46b62bd":"522534ba1a09cf9abf29bde66ce1dacd0e273e8954eccafb":"45f54169665f59d92211f266892009958ee515f14d09581a":"4633819c2ae83c71059ec8ae41ed2c68cadf9b2085a5b8bb":"7afd6cfafd9a7bad155b59a8bb2094f76b915b93764e92858821d5c32ff4a29493788d3dc1627ffe7980950394349eba88b9c2f6869ac5086296366b6f4ee37e8529d291c9d962e30662423faf375b7820e0b650db03e3c99791d8042da790cce1a1997ea21441dba4b936bd8b393300"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f5d1d27eb344b63e907d82a2e57494b25dabcae440ac88738512d9602ac8bca243018f2495599e618dde0261e43ea38d45e7c09ccdc4bf3dd8e5c100":"12ff844e5c5bb3fd871feb37ab796002846ffaca5a741c54":"f642c19602754584afa3083f567d80fdcd1e5c29202ac3ad":"cb6dbad8ce1a5677b4825cca934336b936ccf841ff98d894":"c11fcc157c643a943e54274f1d942d998fd1ea0333e21588":"6f25ae8bf8c26d5f0b9d2a81acaf221790a09241b6e83c9e527c7784881d1f7398c2d7771174f92aab45134b4633ad96430df30b130ae34af52de90b425405959ba24a41685a04d2411e2f0e8564bf5bf3280cb6d75d0b910d06c73a625cd56646eebff14fcff81411c055921cdfb4c0"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"49a10569d87a790d34bcc3c8fd77d075a1cef9eff337e8929b51bdb8d6c5df3ad31045684fd1dabb1fe6f052fc9886384fe43c0a7abc7adca043d35e":"34d6ad434a436a690e7644f0dc2207131148192ceb2e91b6":"8707328fc5a1721e4d72b23c2b8ca3c30ddd95664ac478aa":"82c8d83a9f5d5639a6a1ce26d244bd30dceb1cc978627e19":"2a53b0b80b29c7d071983b65ba835e4eda66bcfe7b3d90b5":"08e24ccaae3b44b7248b2d735af985dcadb84f74d202bca726de1cd663bb5ea1bb67c669126ac97218a9ca45491df90beb387615474249bba1afd4534be7a74c61fef308f13661ddfcce40f24b410cffb1cc3cbba2c6d20a5e4c4814d44bef07bb697cfcf1e9932e43349376dc04865d"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"9a4232a59cc579867f8330c288a9218251030c00ebe50c9cd97d6cff6e49ad079df509644ec2ebe3ad4e515654af383da265d7b348dd4b89ddd49cbd":"b4498a32f664d4b489c2b47e67845d2d2bed5096e88f86de":"b8471ee87531817d81ee32578d27fa3a190df33561da7a2d":"2e74194aa62ef911599b37a51fa742817e3a4e6c254ec179":"afc7f13ae55e738cceb976ebdd01698de4d103db797f799b":"340c28cb7cf4c3e143dac3e133de864b1f458c76e3d47f3cbb6845f940be174b8819fc539f42005f4485fddc657f064c34873094e25a9bf7ec341a98cb97014a1d694b1694170ca5a8976e86f6e4e41232f526ec8536facd02394f492fbcc7c298ef0eddb3c5a148399ded7677366cf3"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b89744009793d2c118365b1d2f343d6b6c59374b41dbd805e793f27882467c5342015cf968b080a88a15fd6a7be3757b05313528525ab1e2cbd08ffd":"f3c02be0a880e194013c21b09b6703a61a7ccf7a73e8a541":"bca27f10060bb8d16d499b3f6ca05ed8462b51b0b43a1fd7":"eb6fcf75884be9112219d359013f45fcb1959ea971bd0bc8":"50a03bc3652f50cb9ed1167ea70ec1e74f896f81a8090216":"d2a529722365e7ff3e660964eeb27040a0e92a4d19bbe94592cfebad71047414676ca6ca72234f5127f313cb7f5be613b44d989fe141c9a0ec1f0b4d83c36e744cfb1c72c32a02b68c21d28832da008c57664046255ef18488ed750ec5e73b18eead939f932d2809f12939670c3c1033"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"6d2918c15be7871cad99dc9e06f73253ef905d9705c4e4ec38664043b04f9a150fe5953bfa7aebd926be162b7edd72fdc14ff97e67dae6257ad654f4":"489243eaac215f76a573b92f0709d116bd3c817eb95c2c39":"0a84cad7a1cd21a5afe6557d7d2875d9c62183cbbf49a123":"0c14578ac9504902cb9aa654086246d113039f926a87b325":"1aaab1e3a29e144cec825d29c3f42dc945cf2772ed30cb5b":"33438ba4edd0c38db99f2b6a50b35dd89aecb3491990ec4e60460bb32eb0186ff9fdc973b1b0df23ae65da31b8af5a37a69f81ab3e577a4c2c31e51cfcc4e844b044fb597e937524f59a0019ad5120c460329c982fc93e8e7a4b4e1de5619103b23a7a579633fc925d147d8fb856a277"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"1330c4aef54ff84387e0372f7c8d273cecf0af2ceb32ef6edb6a4f1ace802f3b95fa69cf578e2cda1d6060ec2554eb3152507387f325d8e26009bd80":"89d7bf8f5754cedc2e1a249f693e29276170f62c29c5edae":"a6b58f33d57570f4df05bbfb792a00087d331e17417e09ef":"f57fc701e4f8f5cc2181b5357824f932f6e07679ec0d3cc7":"586c4e8c5769156cbb54c025fb01aad0b61aa6238c231656":"0bcb6ad4f2acefb549c46271d5a4ed41d7decc095137e2044b60273388c6c6d79cb89016abcad1d6a138621720b71fc11ef82fae04026e08926e94042694a0c008f99281e03da580fbb6543aca2b4596d39699b97f1fe65ec60a70b88770eb825b716a10ce41383f31db596079a9d54e"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"3f0564b9ceee32c8944c8f2bc4b4d2179b38acc880bdb91eed466b881e2cc21df77bc3901ab5ce5ecf029a066784503f80d1857979b09c4563944433":"5d54fc715556c20f5b2d01d6b0992f1c596e5ad77f81da75":"35cb6d07862fbab4f50038097cb463aadf14e519c8834651":"abb21e501e85ad1edc66108e3b88380fddf810b10b883317":"3c690cdd997dfa9c5677bee976fa93cac21f5bbf382f7f53":"bae872c9d221b1531f85c15f466b7a3af3fa9c9c6b72bb8f5dad77f3d12df52d10347ba5d6504cd0a285c3be578bb67f0a9f0137463dc01cdcb847e7853c5db4cbb6a115ebff7b80db0406baccb0e3e68a4a4a95364c2da29466e160fece7b8ddb65dfab000c66cc8109380a601d5ed9"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"115c973d6df41ead464e22572dbe0761dcdb9aad930b2e55a5558075fb7c51c94efc5f8fe5dfe24d30175a89f1bbcf146037a07b324f572d0d4c27e4":"d3079ee3a3c9b2d69ee0fd316a6448bc7d8e3b730948c46d":"2348ee87bd5a3bb45d51a7b6a109043a9b6ee3db011dda28":"937fe1a7a790754bff99ad51782e8ef5b4928d0057b0c380":"3e89899f4aad241a9189ffa127c87c15b5e3bcfd80bc316d":"0ffc883aa19b3cbdeb39039fd3760160a93cd663b8b358e9fbb6300df164689303ee5f2489ab4ab2d522f6a33c93350eab553a2499b15f8ca198303ff45e946a06d8a40959f33a759c5381b3a59da22e68032abf3da3da6aadb410cb41f54b3146ce57f9bb5d28bc823e3e03c0294794"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"c28541425a7cf33e29adaa91f326f216de89976031977f104f44fcbcdcf4579337434613801fe4661642392db29f15f0924566e72b596b23ff7b18d5":"44650a29972aa8521d6fb9dffeb15c00903a283f20ea9914":"43cf4de0276483be1382f3cecc6a803551a40602584cd84b":"03eaa10612895db8f66d50a2210d73d1f563c3ca929d9f54":"8d2b20abc4e8890c772bcaa05cb7b3eb5025ac4cacb5f7ce":"aed27ff8eb54a7d2787e73ed2a51877c1250c0d4eaf10aaddb30409624289a9b7742cdebba54218c7c448b57f209182e214014cd180916a8c125ad438af2e5f5ca5b00f9cf063f0c307560ed4378382b4572b97088f8d24e0bdf0fc3489f64074f1155fbb1163b54c93098b841257c30"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"dfa52082afb4dd137cb5209f6771f04eda25794280983ba1d8cd2f3d7f9dee556ac26d8a5a368d29096ed643089b65e9ab17b5f58ec816570499fbff":"16ccfd20408082829aaf8a818885164581c9a1bd09e9fc12":"abe13d12a9f0133bdebe14785dfef5f08a133a6cb5c26a92":"485dad7804de594356cf3c571d5f22263c0b7cbd4dca1f1b":"5961f8177b6015ae0119d22e0a45a4aa1bcdc580f7e7f975":"ee48e57f1b5bd72c99c911d3353952c2c143689c3cd9b474a46e4ada83811efc67f2557d323723526809825aa338a80e833c95297d6b16490db633ac1f1648071c3ad4cdcea056c41b4eb157ffc83c3454b0cf001f1e01c31e48a61587381e293e6cff97270c1f157b069df3e591c2f9"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"95f3a1aeacd07218a2ccee44c807f790e568e0032a42fdc7c8dc9a71f76bd725aa909ddbdf5457f1dc4e69746426a9c56fbec603867633ee36a7fe62":"658b7326cf6adbf7208d37cd69547805bc3f58fdd874e143":"d44350c7a668e64873ff97c31d79cb23b0f1620aed7c9d23":"dfefff80f10c3143b82de3392c395ab94ac8a2f4c0a30048":"a6d21a762aaaddcdbae9b9ecefbcb3149d514c94fe83eb21":"4f5e544491b72b84a0d0532d7f9ce01ec2de6a05ab5056fc75d8f73bbcac5ffc38e20745d0e8aa1eacdefea6dcbb92475b5cf9ce0a617e5603b7b9fe34f4f4cb04ade2db35cce1fd315140e3e4ab8472216c7cfdaf004181351f210b397c3147dcd279f6fc2ebd96050e996f77ad6ba1"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"29a1897d6ea5de66e551f8c106f601e421ddd940812530df00f634682f249aebdaf86938c895c11f9fcb0bd1fcdb183b4f8cf86b3429a5372caafe1d":"d655a179edaf4b8381a9f6a332ed5b754dbf34f650d19867":"31c87be686b6f90f3d1b0ea90c541e16f3430292a5c4755f":"ed49403700cebec30d1057503be7baacbeb45bcdfd9a43a2":"952763380af3243c6c327f23cb74f8368919e0b6b9c25934":"fb29067bdb23c0f0153932523edf32d0e3c18e46616e07f39a4b78091eca90349f636ffcf26b68a4cd0902431f2ada91bcc86dc223db4aa7a42e7cb57a852095704a27f9f07962880a50d2ce16c125be1e8d4f54a0cc5eaf63150c32408db6f39b22fc93b853caaba9e49581f13a8815"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_nopr:MBEDTLS_MD_SHA224:"387e31bcfffa51323a92d90713b438a1f4ded69707be3aa517e1e72d448abbdf0a17989b3de7c43c621e904f52db52ad823daabff9c10b3fca93acfa":"e08fff320a493d70ea4cc85a4cc604664a0deec8f6c7666d":"969cafc33e99964833c4d0f88f906f5429b5daa552f53bf0":"8d6e6f05301ef5cefba752f3d0ef58a25775d6b69f6c15a4":"72292aaa69fbef6f010fa4d5bb63d6d7a595395d79a8c110":"77ead908484044482da529f9a6f4ca6e6d8d49954d2e2d5c7dc455e03bebf484021673727bbc40adc8812600201b8c2de8e658191422b80d23502329c84c0ca061b212952fdb2ecf3106dd20e6455f1f231e1dad1cfbf2fa019dfe9c162a670ae20b252ae2e5a4ca0eaae1c679a7fd3b"
HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #0

120
tests/suites/test_suite_hmac_drbg.pr.data
View file

@ -239,243 +239,243 @@ depends_on:MBEDTLS_SHA1_C
hmac_drbg_pr:MBEDTLS_MD_SHA1:"567d3f4c0de396ed67569c070d87f2b535ec874e881418983ec42ceb295b7d312e715e46b96f9da5998f9cde45b1dc22db6d2d7bfd4f3930":"43c16ab49ca5174f907d7899ebd242e9":"6c0b479d9e847dfbeae230bd4601d0db":"0d5a2183c9f9ca6941f6a617892f5e47":"934fe82b0951b97dafc5ba16e87b0459691156b42ff2dbbbd8f6ed9b04be952af267c6a17fbfc86de91f9f07eed482a5362b176216a8963af485503ba93b2e82c03a3ee6225077d90cd961e24f6026f6"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"f3a709bb47a36838cb998fb6986ff074c57932a669670570ff6cd1b202ee1da014a011f43fc02c51ffcb4048cc060763f2c58de2edd494275da14118c9cb7fd50475c66cc7e792406213a7d00cf7623d931a5947":"":"":"":"bbe3daefa61fe302bdaa6d4d379680acfd0d456b5d35f137c145b72626f2fcf39fdf7f3708d9e88c1710408a3d7ece3b0261ff538846fd5452149960215c0c22beafe6cd24a7c392d5845774b87528912c322119a2adf4d35a0ba61dd36ffc8a7e7475afec58ad4a8cf343afb677f087"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"0f508c6330b9673e94861ae2057e200ae8f2b330b74634d79fe8a4c698211080db07e58b762a2387379f0c0e2d01b2ca40ef82fec35eb81a5493ccef709dbaa0b0e4494e460530062c8db7446bc6af2d852fd875":"":"":"":"583367bde003eb2061cdb6f51db9c6827cbcefbff0497ba823e112edbf7f2066fcffa3e92d1e8c531007783554e6aa8a633bc925690ca6d579fbedbf9cc4d6cb08133d0cf8d4c25fcd3b6fed95f00b1bb17477cf67b97a557e7da933bdc121481755f628fdf0f0b1189a097c7147169e"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"9082871e73b098bbc58f324f12f6a83c321360c9f5b400d00a9bb865ef5265083d9309657c40ac94b579995902df0e2084eb4a6410cac605e482ea4abe5c8eb73bc63f68baaeaa56d47f7d74974d940555fd3861":"":"":"":"67c2fd4397af79297782af9baad2a26b993efa48c689a74531417ae102d4ea1d6a82cb0321aee3dc2572ad27299e81a7a77f1cf837119e746988f2ec60bb01eb2ac3d110a948c1c33e86833757e2670cc3947658f3b2d32ac59242f152e889d03d03056f0a265ee759d3a4488b55c63a"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"4701f34326930cf93deaeb3a9c196e307a890c8ccf44a55f84593b3388a196238fdd97d201998ec734821998e7d6bef7b31fa2a81343918056c01d65f519c8576e4120a3d6b9ce28ccf57eeabd012d2c14e47045":"":"":"":"b499b86b0a25a0fc84a9a1b902972e2bb5aaf9b84f13804d6180491285b9316218cde0e73eacf722b5c664f4e618625ed35c5facbfca153cc184309754ecaad9c3678ce51ade96dfe3290e125d661e2afbdadfa73240c24939bc31d171712c7c987bfb434f1db6ed44b321bcd237f149"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"a912b6755cd2d677d63268a5203739b0785d7d956738a596e269128a583921aacbba1adb7c6d1714c164143c8f44e76711965514651680235068476ab137d5962e5e5872f3b899d0e9ca5ae8fe71bdcfaef1d241":"":"":"":"0f410304b6d88e52c8d6039ca674a06c49a5fa1094cf341c4034e39990236d9e5bb8ebb6e59849e7df82e2d02981d8df21e4ba3381e606b99c16de62860a470109c0123c69ebaf970603f451f9e6acf83e1c5951c3cb87170ef319d9a791110aea0c0dae5623c287d4c454ec93227654"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"54fb376707de02a1c385a3da78523485111a0a099066206f210ad848f29d3c270d2fd2f668cdd3a57cabed71f9d784c209259d1e4a3eee2046846a55a46965e495eb29725a86bd630dc43cd60ddb4fc93c59980d":"":"":"":"a2e3ab5390b5b79786ec7b434de48e45f590b85513106008479d8a3b7b236c884b0f871d8dee539c712509bd70de351f3881cd87c9cf77c1a9d8879986ff0f6678549c5c6acd15aeb6bbe653a9bc76829df2f194c5f6e8c7dd3058971ce15273a2d559c1ac60a0014e5e32352d6be2a1"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"3a0c24b5a6106d28c02957538e76e96b3ececfa80ba4c7d01fe642a88fc822884cc36ac2703e8952ee635948715f78c542e6e3270f2757f1652474df4706490b18e649ffd95dc518a8b4259da193600af5d5bde1":"":"":"":"55dc24206aa59d34ea990ac6b31250f15ac056c8ecd52e159f3464c38e1f28840eec4c6423b0fd9971d11c5ab99225eda5d173c08f9439bb56eb1cc487fdaea934fa816f9c9e0d628f111cbe60a647e03892084f80775248d41cb587617671d99b508644476b66c1c96979e5061e025a"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"ae7ff70bb69c964f05c99c0e7868210d567bcb5eb02db7708de162e6bbfd91fa17f30656420dad1ca69d356cbab80456cef922a9206f07d32c3f198c1a68e673c5583674bb1df1f2a69c554fdd3411c81a90c83f":"":"":"":"f1f3f79b1d7f988d4caf7308416f3d02371cc029a28eb4f0247c8625c4680a2dcbe9f3d56d92de6ee4d4031a254bda8a657bc147fb90c2f7783a8e3749b60633e5a921d015b846b3cb38830bc7554308af08ee8219e5acd1b699f1ac538930d257da4ef567ca570a7951bfb236d4d36b"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"86704ad0286f88dbc60baebc2ed0571de7b5ab64bc8554ba8645557fa10159ec03cc9f6f299c1c3011c73b2563e571fc24f5b5b50b4bee514d7c808873ca804b147201ba7ed43430d89b066c04b00b0a17694523":"":"":"":"6b1a26d7d21308d217bc8988067ef3e21f5bc10d34e89937f2a89f8da256acef50b6ea7d9ea877bc1d15002b1766e9bc7fea3d681b147e42359ce29d6d4f8c73e7c29b9ec14277fce2f6a0c518d24aeada44990f7f92b0d1184ff96b20c76d506f6f9d963391abec5bc247a2ac6b24c7"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"d0b30341b4fd48281f76a83d7de5769d05d5cb9e565b213c8e2bc8d4adcbae90107fc12fc1ed2a19f20beb563de8f05bc5c437637148154a12b1606bff071dbb366458b74a07a1c14114fab487772d436d4ce159":"":"":"":"fe2a7ced1965f013d475724eaa7d31b62740be411d899afa79f9fa6e73f18ebe0907f2f21388b6498cd365798f27f882a2c5c2744a9b25e8d351e77b9fa4471ceb1dd6c72fdef75977e4e4a246e24f56a615189e1b2a8d6782e8c5062b744a65ebe1f7c5fbcab333fdc155bfee300503"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"4a1a697e41537f28b381e05f11ebc905bd66c2c1d905d8c0b78c10c26cdf547a1b6f85ff58f48298a11bba41e3ec015d41a24d9e335e6e13b06b84b9f56b3e803bac569dae2d74c444bb58b3a6344bfbb9eee765":"":"":"":"15060b2bc827dbeefa2170ade633b0f0075a4b9b03fc24f73522174be4e4b08b93b421fa98c7c5a445c3aafed47a2eeeed63f19ef4f67e7726d8ff84bd94daa3338e397d52abea4c7d1191e30f3e8a11864f10ff56b2dbefd860655d34cf63ea22bbb54dfd0c5f64284c303a2ba2f49e"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"e80b8c8896557d596e192c3226347c336dae455b50bf32a78c61b9a98c949096be51538e293d338a464eae0eb18f1ab21f9903d07a8b98ea2ad7f41fe7ffdc4b4bd0fd06138a84dc5217cc8fe39b92f9558aa619":"":"":"":"55574491d07db3aff94dcb71f519cffe2f96ef57219262860c3c03f9a5b8a1eb88869e69587f8bc0693c9919bb277dc84fa55187c0dbb20101f0c4e301dcd2fe21664e5a2f0dda3eb4f11df3878c5becddbfc3ca032a17f740d424b99be0a9bedfd99907229ecccbf459f5495533560e"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"5c25f02bef1f1319cb6868d836c9cbc182fd8d86ecd87bc5cba41c163710074e80d1a30ddfd0f5d88c6682292cd50c68966d15e6ff95e117d342d974ff074ee872719d15745da624f8503a6141b0ac4b887ead5f":"":"":"":"9c5204d5471c25203f1d9786d38f71081a872f1c56604dc7570caa5439f17cddb7feff01cadaac8e0f35e7a5433cbbcd2dd4f11cc7dd14f6af629fd72a3145db6924d2bdefc262662367b7258cff36172263460f4dd52dd08faed3460bbffe18eb10ff5b3c6a97faddf65b3e21ecc98c"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"68b4e1ddfd16a1c1ecb0f4221306e77ad02b07993457eace086f66566afc5f12489633c605d11d53916eee96ed778d6d6518c5681f0fa9b0160da1c71740a94ab33310bc20a18710015af25d3d667c40dc619f34":"":"":"":"5c4c9b3276d546d3b6277a3a2089d4969146d833e0ace3e1ddbd9f79fa2158531f8bb26a28b08dc64bb1e610f13eb14c9fb23559dc2f38326e145ab509b9f69259a0d1a32f471d5abf154a2585288063845f99306f9bb875ccb0d32e9d49b42900257ebaa532e8ec223aea60abc9714d"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"d5ee5e2e629ea17487e593914012575daa8baf2d0e9671e1b8aad16524dbdf7d04c11130cdc10e50c630ccb235579a72b6eb4502fe146aabdab62a085c820ea46bb9091054d75a892a83c3850da0a31c15e0d021":"":"":"":"e32c0798b2040620fbc5d2a44ec7fa8038444c1910fd4a24312c8c8eadb57a78606449cf05ac51a3bc4d58ce78742c1be3a0fab6e3f5ebc92b82b5d5d64ce29e8c2787ace0f4e718a7f6cb669a0a43ba1aee0d9aef55cb7c6f5dff57c8acfe883ffd8a496d44afe06803e4c9ff62df04"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"6e531842b9b7fe2c0ee66899a1255135f784a2d5259c93ab3d63a5cb708e2e6cba955897d9b66c7fab274aa388a5db69713c86faa4a19709e9aab04638c670ffaa83806abf79a43e613e62cccafc637e1a1c0c14":"":"e628db057250fbc6fc5aba01b6c8b47062ec5632a8566730":"bd12e61e3d5218efb0c103dc49402800cfb863ec8925e76a":"037650ddf66ed42ea38cf44aaa94884effc5f831c593fb35886b5d601a58f74f868d89f2dba450b9c160e28f69fd24e30fb7a44189810e29afd0d11762d3ef07b4527f4134d6c53bdc9b024cebb6b40fbacd68b6acd4bb4d011d6705ce22f90d910ac4017d2426db7a48db3242161aa8"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"3fadabd2d8879bd2298f53c54b573db2584655e08a83289cb58a4ff5170fdc30d71bb24efbb5a50def315dc69146111462e204289a64ce72767499f299c74c934f0007ddb34bf5183bc1e5afd8c15eebdebba882":"":"742f7022892c2123e62379e9367787302fd18dc3835de0bd":"b60325136fde7c858054983a977262b6390a48419725febe":"3bfa419f9bad259b871703681284c5396fa94a323d646ddbf5339398c4d8314a999c230894ac60bf231762acada672f58154a86f80a8c4e3bbc67132e22ef50c0377193cb0d13c7e2c97cb24ce5bb69c73be2e5cd3a07ca2b000b2d7eea940053156bf55d846181e3748a91c342e191f"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"0784a499424dd1c2c13f765e9ed88d752fefa83cec61154f82b3fd645f642ff103db9c8d1c10b5979c56a22d58324669d4ace3994927222fa87fd049558a48adcbd6ad5a2380d2d927be57fffaae037bf8a34384":"":"9f853db57c3da0421914d2f71f9317817580c1de4ca43d50":"27071ad475b8541c1a80234bb2d110637fcf4b4e20e06a7a":"2c879a03bd719595211b526101fe85702161711c67a81184cc42c1f9da5761e853ff4b8d19deb95a2f3323d1cd58a2e066c66e7a30059732eba43a4bf3b22fffa5bea5161fd775160dc53d7cbb4c892bc122e4e0139f8f550219cf6fbccf55d16d8a4d8d7776aa143c00d9e7bd1c847a"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"addb36bc9ad134c7b8fa54881db1b18e040de4f253be28efbd36b12bfcf4721b08c5833eb0a97c668c7adbc7f04a9e0299549126172e25b9e624282c8e63eccf358c0ef1a71f8fd0a8fc49451db7757eae344e48":"":"e32540418ef68c3dcca1e7a0546e5dc7d4c5e92019b8cb0f":"327e31a0619305c93e9b5eef87102d447d21e21e2d8c1cc2":"178bee4059af0282854c833e11e7bba923a1e2f1126fe8cd7e1694602c180802d67b845a88ff786147f22a74e6ffb0f8b86d352cec2714ff8f308b1f9705603faf5b04bea3c75c87c91d5e6cf7583b5c45eb5f5a74d2bac490c8415d2fe07726bc334c88e3fb7284058b006f82e89ae7"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"412431badcf06f87551ec63c3860baf4b59667cb4753363d0f82fe7c968ea6f8bc5d015418adeae206005725dd9693af6f7060a2d5ba53f66dd49dc148de581737b67acd4bb70ff2f4cf20abc001ae1eb50cb75f":"":"d67f94a953e7e4e4bc0cbd517f963e599d68851cc333644a":"385281961ecf2d8175c0a718347d2132f059964c55f39f57":"357876e78a69cd4bc4e06b2c52ad28434520d54a4a310ee0eb026b87993514ba1442e25eb1ae22a3ce98529625d8db9b0e5b680d7e027523b0ba0184d3f2e4b9cdee027960ac1612295bcdbf570912ed05108541b97e3bb30ae0a122d74cb536e5db34b7d5ee5a042897d5d29fa3c126"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"ae914c3d74acb6e2d9b8487927db7992b838ede73dc918b60bcc94f0f456f454a6d100c90e119342154bc3ddb059f48db3a8d7b7288eb42d0ceb07532a2a357d20506ead28d9bd4a127d437a657a61f5d30b04cf":"":"2afb537c13fee9c4103cc6abb11225046d94df2e9838f73f":"6a9f670cb49cd9ad98a17cc19d00d4766344108f0c86804b":"2ed0c4140420c6e3798a13f917cd998b2ce6f98bac27f0fdb09e2538f573caff16904edb371f98f50964b7de552e997007fcd267b36abed12cd95d9a08852a4ca862872edd32c707e7a60e11fe0a7db4c0d34f4c70ff16e5c75e6f5d7ffaec3be383b8790ef0ff3a0d9f79850c9749c0"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"38a93c3ede148c91eb7f0cd327cbe8b27ff0e569bc5262aaf30b86d31be35f83b4ff50b84b5dfd649908d0c55cd5be7ad36d4f5f7f22cce066d3b589adef804bfaf52253a0e4c6bb03e000d649541e523ae52f1d":"":"e12c05f2bf463d24da9abe89301d2acefb7957dc1bab9ef8":"d70065fa713e2d691bf554a00d063222755e7204a3e53968":"3e5ad7e96c8cee899889640d8268cbea296aee96fca7bb60308bcdc08eed36bdc8a5b3126ed8be900577e60ec0f8b3d3014deec41ac650480e08dd3a425843b37fa5d1d621b5053ba4b2fc1804d407849a84e9eb5bfcf94f27c2a535e2756b8202ede1f18e81f65e3f7f51a064b401a4"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"384d6f43e7d77a381bc6bfbfbfe1a17aa35525bef01be8aaf6c488c46517d9b94380c73d3fb45a4f1b4d70375021c7df78eadb61df5d9efc6e08fe2d81ffa65df33667c23e3cc5c89893988f04be1d3634ced443":"":"a0271fd2552e037568cc857a60a550db050680fc03904fce":"ec095cc9e3bc301071a901d0289b54aefc796bffad6fda8e":"aca2571a9cf6bcd10429e146e6e94d1ae43a00db28bee2b60eb6a1bc1cde3d452dd6e04617aae7a3f813feaddc0f8fd25890004607f45ec995df970e1a3abb17b416bdbf62b6ba5625a80cb100e2b87260a73ffe15d9e6f24abfe9e6f9ba66bdfbfe71380d832418e2a4b460dd7415f4"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"98c8df867d234553e504fcdf807fb8bba51d23ac65dd8b160943bd45181764cf6df0049cad23e6aca490db57d12dc6c631604c943f153927d6d04af042e1da1b225eb8bdf4ee99dd405e3586acf8e44bb0184d68":"":"3338baea79c06f0d48ec2d47004e61c1c1e5056bf8bbecd3":"79007bfce109a682b746df074e87c845eebd665532867fa2":"ba7040193e38c4495971827fb1ddb747ea80cd0bb1fd6aaabf85ec1959c29eba8f818ef55aadadc8c34b6a7c00f210a899092b9704f2e03abf3e5e8fe6d127cac0436441d0a6f1b02a00e5fe948539c66a8c78e70f35cfeb600e1cc68c06553f47ca053b64a0534a028a73d0890034fe"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"6150b7280b3105b86b66c2a39a1f0461cfbce17e746791afb241b298741454e174650ab1e7f08500bd7eb096e40d8114e5a60668636b6ff66d2622154b7d239eaefc9ab2aa3351eda2af4fe51de36e22e70235fb":"":"6ece8aa447d2cf51d8497e303c1a202e39e06bd723c847b7":"21d890666d2c8ce4440bb453f4284c3928650f8cf38576d7":"7554b8cc8e79330ae55575f9157cd10d8eeb58af30eeebe9daa021f4b55ce365fbdf3629be7547a89c78bb9df79d35179e5d2924aa032e60d5a00281f19ee2255c17a69345ed86bf36ecfd694be0405c8b6c077b43a8c8bbea603ddc632a1aea6771a6bc117dbdc365e2714bdaa8b377"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"cb25eef7230ac2da249fe30ea94d3a3332147022bb2207aab4a50822b1564c24a047ebb46d57f45f6680f909629b43129876c75381e3b7c6d06887f68083fc423f06ecba159a90edd394cc0ca9473e9cd0f23c89":"":"2f30b005ea5d5965439bf15220b1c010e6c79306e700e6fe":"9937bf3edb3603cbbe190f3616b021fad652011854e6f6d0":"040a30b82981f71e4607c20c1f2d6e6854824c90b127517f65b6c7da99fd33dee32dc52bd0dbe902509c50492a88e5963b2b6e27d046334b356e5909f85763af2de70e93a89d6a00e2ef81ddd74f4a33d3f8406d05b383fda569a5a574fb5e3c0c86a5096e94174b79b2a4eadebccc2c"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"1d7dbe4e83913bad3fa918262ab0f45cdb9e4e61667694f361ddecace06bf352b18dfab4c32bff9a013d3b92a2da8ed698168155ddc492f8ad5d65cda8eed212793cd9aec8acde7e00f952bb5d00c53c5c181e89":"":"f9c51ff8f264cae722734502f6799e4fc5bee773d31e3e31":"6a171a0a8801017a1d924f80fc5d9d6592b8b28a342f30de":"425024bd1d1a66d4527a3e8a8307b3206923bc1d693f5b7f9017f0d5527cd6591016758794ac89e2f682cb2d66f8d28f9a2f5ae2974a75f4d0de17dcd02e93bf29c69175fceba262378bafbe3eb7e3dabe974889306d0a2ebd0ad9d934c37b1ad89ac1fc28493e6b1f6f24620e40eaf7"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"a6887fe41ed5a615eb030b31b86315d32d13dd5ad506566ea23ea3b162b8dd621129736c8dde31708a7fa4a4c606dc212b3440617111e94a5c6722c3a729d84d2e5858c23ba8bb249456a11d63dba9d4260a7213":"":"a52036daa8172111e89c8991ca818bdd711095a1602f2f15":"cba427a2b7bb64002e1da3159d643e002516bed279e0d442":"cf0f5881032606c21a8ea20adba6a72e176e968f10b08ab6d08f997b24fc2a24f2c5d44d1b99deb7db4f388dc8ac268f966a34c857cc5f43efc601674bc548ffeaee1c13415df6d0240835832cb75840b60711cb636f509dd9b87b698615959688e9afeffa50671ada05faa564c87ad5"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"a563459889ca29b711086adfbf18f284fdd18601ff69916af1ce47510d33f205d4dcd0080f9dfedb2bc1e2e60fa0b9cae094102bc7a705cc223279e0fc3b0020b4facafc2b31b9bca92382f3810d5a4e3ef626a9":"":"5fc83f1f6dc0ad454bbacf2df366c803cc1d2fd46bf78d32":"1a9654667cfd6ad0aad9383be04ec1480a494262b3fee823":"cb45ce96a973728bdade51f91004ac09e155173769063b3fb4712493d8877f088127a3492588e99fef648a101cf1c238fdefd798dd4928b5bb3a851eed693f37d67360a28a2b27c4406e9ddefdffba662529b91a980bbe4eb381cf9734b336e2b64e7482e0328c2e2bf81e39edc30d97"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"886d098731abf3140d512e0d348a384d25372667fe7e4f0ce713b1d2eca7b2ad939b25af03f78edad75bf0ab95b4110710d0e12e714e03f7df35db59fc4ef2906cf36c6c8897b802200a83e60d16f7fb064abd2a":"":"a4f42d83a492db3fc053d1275c6f264706fa932955c3da62":"4505c0664e59bb4388020470838bb098c4ae1338c268adf2":"4f9c3c60ee32042735cc539b9a23d04c2bc6bcd68db04a58240305f165bccebbb98e0f4796b283a0d78bdaccfcc8daf19f21a72945be07996bbb0b606643c7753f76ee6371292d3e681468b714e16bc32db14ad6d777677137ebd3731186ea72b840b8c4ae79ecb2c61352ea056d2d6a"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"a26af93571ba84b58e14e921a6bada73083ec17f21580a152703e1741392fc9ce6046f77d6eda5000f3225ef28425e30cec138a16b0ebd885fef074c6da2a7b126fcd1f056e3a5fd5627368c63681cc10fbf750b":"0627d10b1e5b4f0fff96d0c7e684deb9fb6a4e48959dbc29":"":"":"98d6bc7ec7cd72da4c750d9173518a9a17120fe9af10cd1a7d872fac505d9276c551b821a868cb8b4d8b10eb3b05845827717d2975814b5080a2f4aa50c5b112bd01b8652f2d1b56a88c6c891db5f3f40d1d1f0648d84e6ce2138c2c879884eb4847856198579eac759a065a5d384c46"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"5fd08930ba404d13a7275227660869e7eff10e103548e6ea15f0816ea93b649f6aba408ac710c49eaddea0b4d1e219577e6f6ba4f193386228f6fdf9cdcc50d5bdcf6d1f249e9cae0a097bb341e2ba3581a3f2ca":"7a463958302109d5fb9fef1a232b5aea13ba58a60b70911c":"":"":"a1a5c9d90f9340c807efa2068c6a0b872a4ad51a7cf90e14b4797dd894361712fc9507bd61d8ba984ecf1345fa3cbcf3031e2bc4302354cdf3f615c3a1bf43f60a464698e250726c37a7a9a23e1ff7e8d96df03957e3a0b5e6c4c4fdbdcff487e467b12dbc21e07eb8a7c4cd7f779912"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"625d6a509ec43c55bbec45b4244fa0bce24c74cc270851f2d32e4bb4f1961476af40088b5ea81f7a86efba78abdfb50be09e1a68851899e0e9acd95f77f16e8b0aea5a9bf29bc1a18d32158cf69c794f3f47fe61":"bcfa259c919f6e56c77914a272959cda6d2cafeaff87d91b":"":"":"b5bc1f03099547ce1a359bede1f9f3b76b38e8b9cc781fb3909899144f4d0a4ba93272552bfb0ddcda51165d0ca3eae47d10961a62692bd9edf2a9339c8ad14469f1834eee3c3fc1074cb1493054f84273e4adc73e5eec6cba284c5b7fd8005f10cb67b0fe16ae0b4ff30d50ca245c5d"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"bc0c83de31217ff6b22c719de8c6653fcbd8aff7925f04624c76f586ed3bab324b64fa8a1ec14efa8d8d0b41eb6735d517f6c647ef8bedf3036a6ca90fa1d2c528722de33f76f7375711b6b4127b86fe096e72cd":"d7ef6b5dd09c08437313871078ac730c2f85a5abae6d6e24":"":"":"6d415afc0151c3cb426eb3b90c209feb726c01e28785678bb0b8d9143d4b7f31ae07e384816072e2df31350b133a8f4e3ee18f04b154d194513d9b072a695e52bf03eeb4c9a1df85dd6ef98d2453dc39390bc3a17f3ce499d9b182c89d0591dc3dbdb7aecb626b07f0ad2737bf8200b2"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"caca2b8631502fbd8bec33e89066e77b97a57b09d21a92dcc7b65897e50d7a312f287932c529f6a6fd8be6fad5c467f6c15f9bc0f39653a6e4963c0d4c4baa9d6ad39f4ad2a1d6587377ec3898e63e02cc0c454f":"33691da7461d3355659c4ca927b4d3e3bbfd8e775b535538":"":"":"89abe8e656667299705c4c8b208f0fc400897397d15aa3574cf86c0a6415dd30ac5d7d8bc629d8ba52e6e5af63818475874266e98a43ab5d3085d2856950e8d487ea22e01f9ab7fe1862be1fdb9a97cc24eb9ad05beebb202716607e8b164cf63cacb92504e80e68e641af71ad6ee47d"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"5d97de97d6f81a858ad6ae0262e58169b27c25adfc2bff506854e6bfd37f3a4d8c4b46cd78d0a76b0dc67e0d3f90fb04c2131bc31239defc8eabe9be0fc589a554a4b77fa79c64c03bbf87a32031530d99bbe397":"a0d8be30a0972002f21ce2d7cf3c8e84907c638e0093354d":"":"":"67536d7352a49a1a49110a1dc1b77dd1924be34123e027aea0ba6064ae0aa051d4470ccbf923e0c96c86f2d440f17f45b67c4c7785a6f5006bf0cadc13269540b2c59bb75f642e9668feb601fc60c18b94d65ebea0dfe5fb284e003a58837f9e9e120481ec2ba972c755c6a9134af683"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"9ca7149b0c5ccb7a0f7ec5399c644dba98c418373460c59978d91db57ff714897ee71caf459c1dc164655140810992fa6cbbb708ba2e61053d5866ba6a1bbdbc639fd21be4383beb4a4d370e86d0e9739ef849ae":"2ade2ffc19de7fc94767193223aa1fb3461cb29d970c8f05":"":"":"b39d6db529fbb3c6a90d6b7057759c26a9fa26024d2b65e3bf459881ff0f88a5b93b87e0779635022cea81db313329b61613742cc82b52fff1a2e6e24ae0eebc0917d5e4573466e4aee3f0ee0053445566eaa080c3e701bc35d40ce5105b4b6572baa7b4c84a16e4aab501e6ef670164"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"cc751171d828dba023f430b3f5a7134f733f4cc1ec76495e98a6dc2a627d97924716d7e6b043cf15c62ce8da1dda2a930c88d6d4d12ca992a501f773dff5d38e42f150f1c55ee358aba1e73cbebf465baf9fd0a6":"4ba50a75424970526022c7351831c58ee75f1e3aa0c47749":"":"":"8b387e55b9c10d0cc336f5445755c0b6dbe971bf69a04682b21c9303a66e093b7dccf33fc685765c6d2bcfa3020892ed09ce6ea3e3355b3bc16741f34d40b5c96bb085c1574801d14b4f71c97cf64e75dcc330fafa1d1e626822609a9af62c894dbdd56307ccf1ebbb7ec09d500096aa"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"1f2ccd29bc38e8364a4beb0e89984b88d61dcd31d48e310ae691c0e146f495b9d8cf443ed12f3ad2da7c59c2a2f6b8df4e0202414791e106c1f879879b7a46ac207f45b5fed69c38309adf15dfd0dd75742c0df0":"e0c49aee71c4c060aac1bab1f438f9e2b0c96d710ebfef77":"":"":"593677f65ca4339c0dd8b1ae9278cc49adaef1cf889760b4631a379d82bc25123dfd2e1436d0b6b890d4155e3236fc1e2cef67d8bc0454099051e220d6925b37c47408fdacdfd54cab7be70f8b3b3dfc5a86f181dd559ff7182f225f7de87dd8bd69143be270ce76d2562c6e01ba4c4e"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"f1bee9caecfd0397a6cd76f356ecacf1053981c64d315db4a51a244fe3b22ef997392f65dc13cf30f5b8f5edb7f8f55863a30156722536d02440e5f06e503795d2401775a560685f2ad3c98aaaa22726cd6ec45a":"9d42670ea4113ae02302cdcc660b497f3ffb19b9aca8babf":"":"":"78f31a24cda43acfbc4db7f17c57805a4b53353d668596247358b47e8f8deeaca312a7f9ce78832bc1da2d6b3727fcb847ca4feb1695a2edfd2ab24c486da125be1c1af4f78b749afdb57f97b4a8b892fd87228f116ba10fa739059581256de4fb865d1115c58284cb9850a24e5b7615"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"17b3146ea3ac1afdca446275f3b7539a517766b90e2da2c4c85db4802943efcd8009a9ffdd054440da16edb641a050fce3f3cab3d5f03d550111daeaa8841a9c814def76eec9c4e910788c710562428a39cd0987":"f3831c1bc859fad452a76ce513575a23e8b790c90de4575c":"":"":"c6c85936cd52b5271a6e70410e0b9d960d76f3236b548cfd4fea26504ca8a78e58ee914c6cf248f30d7ee3547eedd3a4d9869b15e326c911aaecb7f0c221f8eb9208a9b355e4b1cc7926380d25bb776f3e89904943b3fdf306012fc95d06b3b7c44ef55c9eee675150b332e2181f2a32"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"fabe526177dcd476be9950233ec56f9122a9b083e589c9264add302d4768c06020cf53e7708bc728582360cbf06a18de38e3da2642dd6751aa686dbf11734bd75a422571c9f2420915d7d79d9efea870e72d262d":"ba5858340e6a82b2ecfe1190215bd8da995ee8ef572eed8b":"":"":"10260dfc2f2322f530192e96a2396694dead62f9b206137108666cd199939184503da75598f54a89dff885a9856140b56687347c2c066a1593bfe02b8bd2cd93e939c424b33683a13678ba5f34df3f2f5f50b2a708d1d5a04683db00a607e2f80e5feb20086e3d64294e9732b0776c51"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"b7c9a1d221fe10552bb0b799e18d12cffd1f76d6a1e6dc79a36584ac7e13c355b9323d0ef2f97fc2d8a26e6c37209a485963788aeab084e923a3794c63713c2ee288ba3a99f2d407adfc1b87ba64fcc5a7f98e4e":"e563f8c8318862c7117af8946823e8570ebc64b3de1b293e":"":"":"100c460c12e5ab12a72bd4351f7b608f5578060b262f21d735fe79d13c942035a76f001adfd39fe93caa22b6274bec282e640469d3f454d108991a1b73d8acb3d392732fc24cafb15fbe248441462bb2c1278883610ba28486ef82ec2ff3d20eb9601866c7dc4eaf44cdd73e5b5ac14f"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"78e5d4818964d748282fa8dd386ea9c920c4fc5ddb9d2204a3f6285082b8065dd3944ce193722e973f8300783e37991e6c4a6286a1a0fe3703dd78ae951c88a0ce47b1a23d91e0926358221713670a78732d5470":"fa058586d35f0d74d2c473e005e7f8ddc33a1f6d5bc79d75":"":"":"6b603b098ca74b7fcf3c8f9b42dde5b3b51e84cab4f67f4d87bc6575ad4fa3f1e0ee27085f88e2a5ecf4f57f9ba92638e52941535806d2cd1b5aeb5b7c81b3d44d41cf5b8073b646a9cc1b0a9f7e183b082e9f2270acd928623e8a46b46257e1b827e8b88b55c88a3a3a067cfcb9b2b0"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"50241739e3f08c910baea7f9ba481511b6ee5d69bb1a2dd34f3987a231cc25f39a1a966390e391a33dc21281372589e2a667cdbbe4267710d5244fd342c959b7272b39e5cdf67701d47665b61782541e94aa224f":"6a7d2f2dcfcae8a284802c97d77917e87c6cf8417c2b16bd":"":"":"4402afee12048c1c6a44624d2df026798930ec732884899ffd20d17f1c8d7c221cf5edac8679a21ee11b177ecfd61927d4ccbb175ee6b49cc6f371450904c2666aaf2e6cb36cd55cae3af772beb80955cf67b4e8be1fce11250a39693ecb7f8ac05aa23b949ac74bc9a67060cd60cc77"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #0
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"c3005cdc5c5b7b25ed78c9684f3faf6278f9a9c5a9fb202014a29882e50b21e56ec8b7947fe871daec2626f32372123f44a8721ff4339e0a20f978ea27609eb495c2342e9ba719bbd2b44ff503db2322ada1c982":"c4506109937e0f9352fc881b0396b0a103626a15addfe525":"6ee49c76d138eaa3fc10cf411e0b8ad5488d77f74faacf13":"8825122b506dd6f3a58811fe6c9a7e9271a6e68dcdd590e2":"e818887ca1c84717e277baf00913d65ed58a8f90b8728080a03043bb2ab53f55fa605ba0cfab29b4cb694f6aae6594dedcbe6f74e1f7573c2944f3703b89a52789b0170077ea8e66d8299ba5cc139943ab96254065a27abca2098a85162fb01d294d8671b00206b7f784319384e01b3d"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"9bf2ab19aa7e9ffc3461522f3cf85b3292b54bd3e1099a42dd6f5349d169d59a152b2dce675874b665fcff802260ea84b358f6fcf8011b511834e8447a73c1f675b7598d836dc9fbf40f1dd0f481f47f95f3ef4d":"38d7a2109c6fad9205abc22b9ff705b7f671c4bde5b662d4":"b46e928cb59eac0cbed65645767e96fd824fa95cb96a1cd7":"532c8d3748205cfaa826fba7f240e9926cd3811da8fd1a5a":"bc367839d1510316ac3ba17fb7bf633a6eb4b61dc0b03cf1cca564db8248ced0b47ccb36e730c0237b0812af30361b5dce662636b23f87d6ace82cd3e34d45a1133b35ff9b8bde8fb29fe82298820c0c87f0e30887ddb15c9644bfb12578f0878a710771ad22fe16935c66681378f5f8"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"a3bfbed559c396b807ffa80409fc4e2c23ba952f64a41c07d3af5e5b78d8ef88171bd5022d3e02efefa644f4fddbe207e59397605a0408b0201f6a882def64d973c0714555d2c7e0a6fddf49558fd1328074ca79":"4c63bef79f71fa82168928619cd09b003aeb2ba2b04150d2":"c85bb368a82d57c70cd5ad6327187c8550f7c10380b2f030":"5d467e9c06ee058ca066dadd6f6ec6b0da59ecbaa4ddd12e":"1ce311c919c67e151b51ce3060384ca95c071a295f01e54349abaa2da8ef497ea1364454133d20f57da28985bfc6d1d2f58f84d144c85dbe3c9fd5e8958ce06f2f5ad5af7e16bf90ddb4a1e2947f78008467fcc38b5a082eb1612d68e36e3c0abfbfb3a321eef3754ac16c41f96bd635"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"1b2c2419e85386716135b3c142d749f1f5bc23edbf8c0a1c53b72f474484c545761b21aeff05cdd35621d104ee393e791737c48c5a6e6b25b58c5c5be28ecf17c410c9c9c3c3aa2b6385f66759f31b61f9fe0286":"b69011f446e50880a15bb0dd00229f765bf77b2a40040109":"67eb63a168aad8712a0e7e0f162af7ac7893e902f1aa72cd":"23bb752e6232144630e3d3a6daaa1e58a5ca315f21fe1d8b":"cd8e6c6b8a1f7f98f5d796023fdd4f1da2d72eedb96a8e85cac661da24dd0a7810fa04be0491c69db7617712582b43ec4bf112d9e2932288f25b64fb7a2a09ac8747b8f71ce75e3c80b854336a0457b8013ec6dc1268b4c7e8f7d3422a4a5d432f8d9705d6a273a09b9f9273f4928c4f"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"62d059e3ecb695167e93b3cfd77f96e681985ab5d68f15473a89f9cbc4012e1c090a5a9e65f738be938f44fd6cb157fd9b737d9389e4e56b6903d4d015f9d80d96336730fdf57787296d447ea91de7e686c7a81e":"d8f121b2bbdb8530c6315c63e0a52e383c163c033d3b0854":"830e2cab11331b761aed55db61681fffad3a61a1a06adfec":"c7783d7357ff30e88cfdbc90569daf03d3fec8caf89619ff":"e44c9b35d3b847a928748094ba6754d1c5de3cbe3d90d4e2bd0c0f19dc5aed7228c541044b2b14d7e67dcc148ab04abff7c22a8f1fdbec4d68ad24a7c4b0f0e507bd7f2b4845593363da484b481906fb7207844597238b9d40c14237004e275572aac6a6d84d151fa58abc0987e54e18"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"fcf3887b4505f7a1273ad5b32e064ff51682bca23ed974ca981871a5b7f63e5ceee58131f9a01fa7c37ab14150c9323a03f694e463496c4159eb8e5d3ebc62f41264beb93098a42a3dd406b983e1fb040d108f93":"9b3e97eed077155cf181829233868d27eb773c398575dfb2":"75a75a15c622e69eba698a064b0b41c8bc80ef803df0f29e":"7b6a20a222a81dfa6fd164def816c2b6708bd4c761b2bb8f":"0b3d501f728d2f1d8b0d7dffda0160157b30d0d97932315f77022d1a6fb30d9a0ee4383f2f63377ac6e57b16b0c7480a6f5dd12ed3ec0bc6f104a26c86592daa3f68a499570703306e2c2448e784b67cd6efdb4ae64a2e8ffa5929e74c95b663c9b7fe891633f07d7b50f5f16e9fe567"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"7a6a0774f2cb5ddce6b5242782fd3d7b5c7c7e31cb5fe95367c06f29a5488fa37feb34d689c646cdb162e258ad636a030ff74f6a7ff876417fb08f5c5decdcc98692538bebf9958c627ad8287633f98c587cdaec":"fb16aea72967c43b8803bcdd3e794911f6d53f2cb7946cee":"67d89947396322ca243e2c591a3adc8fd9f1ef448414fca8":"a0d568f4fce862e5e1b22acca29e60d7bc6cdcf6cc277794":"758b4685b0db1093eebde07ba11085a9dcab64c8d5adacda070fd2b292bec49240f25e158fc96cb1d0ecc9ebcccc360b981d140e3cdba54fc697313014450a9af29d9d55dcbc5bb9a38e4f10c6a3e41874d5c6688f22d0c5714301083cbbd0014880af0f7d088dabeb4e84a64f26d2b9"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"19bbbbfcb755cd9dc000abfc03343ef64193141c3d3f43120f55674616e3d96b6086adf47c906981923c98ef7dd0fbb2f7af0ecbbd2de848f2b25cba8651b7e3aeaa0c59b605e6d4710a01406565ea30d0c4f68d":"e77cce9d26d283bb5d6e8300ad0f69df723324d23928c6f7":"0586c76051462d0483071213804385d01a07bcb27db05e06":"1c9363d0b3e9f42b6c722b8d62f9c633066587577fe766e3":"6d458079264d5f3940d098aae092690b7d04cd46d6d5dde753063b7194118ab67d3848459156b8f0216d85b5c583a1bfc000e68111be459743175fd114253cc24db72ecc978ff8620301ecbf18f42fc4697d91150649a8254a9850d5c28f9c4e187e409e496e2a659b2e79c06074c5c9"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #8
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"c2b577bfd802b8f599ca14bdd5fe5003ee28ae69ca5c246df4f62d9e21a7793281c48f73ffea15f3c3d444ba48367fde04cdf6d62498b8afb24966a8662461015135cb55034a63571a032d3cd2c1e6cf4a6855ef":"f0de29d4530b4af75b8defe9b3b24dcb7ce0add4aed6f72d":"90ac05703a8e0c6057dd2d8b1a6f16f0059e7c70679919df":"16935f700de9fe529a2bbe811dccad430e27dbc60549c3e5":"56988f9328a91314e4b3ae027bc6f43a01fe471615f3a319afd9bb63f55b13e681ac0ae830d4d3057882fe247ca4decbb26af811282f59ee89ea38642e4ffad9bdfae44bcdbc3a289bf431e0bfc68148c12ced1853e698e74f74e24aa434937390fd41cb4e78f823a262900f2f44c1fa"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #9
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"b5c4acc63ae5c68ca404bded2d36a391e8b2e9ef3b32eb598aa94fd6b5ede6c3d9c33ec77a195abb6f8cbcafb6c492a1d78f04439bdc442168d1eccc783d53a92e16b90ccbdb0284b383cb96af04e81728d1cda0":"b3e6df5e9ae10c63da4269de170550b92dde7c6e33af228e":"c9787b641b5c881dae53a69e2b3514ce2ea81e5879765bd1":"e4abedcfc4cc69da45467bf2bfb03d823abc19a746e3c582":"e14f46dcab0ba39965f170f01a07308090b051127685ada6601112aa236093f7a760530f856617d9e027c8279ef33d9fbc4b624ae26a277b9e6077ac71e2d2f101b84ebed007ddeddb4286aa4729cb3b28798387b757d8e99a7b6d2631601fe7ab4caad7983dede59b94f4c920ef1b29"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #10
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"7302ea40e214308136b8427e601ad61132d195f870f2a861c7b8ce1f686bf325a155d0aae1211401bb844893dba2909060c76cf9cda757d9e2cb24f5602fedf6a7412f49497c82866a8c9b56e2bbaf912f760255":"58efaa77c9bf446ce8d3f3ce73b7d1f014bdeffea2a2fdde":"68f9eab1893186d7e5cf3a8c37bf1c229344abdceecd9de5":"a0d3bf1de632fb19ca5326d936f79aafe59a0e809b13f10c":"f2c6a717ab10a9cc89f6d3a07bf6077fa33c2e5d67475ebcdd1b895fd0067941ed3fd8f251352403c2680df2319a882f39a91f8ccb7df2c06a13037f057962e23b8ea0654ef9bfc19b6ec982e539ea6afcd1145cee582d27b708691354b4c397a51d004c61687c1c9c948576009002ee"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #11
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"48ce334fcdeae603c54fc228461e7173681a8e8387e0c048c2acfdd6a78c955deb7dc25bea4e9924c4a2ae22d9fb6b227452addd0b6eda7769f9ceaaf2ca34568b3c198ebdcf5f6ed11f863097bd56f42d648862":"6bf4c173d264dce03e475fb3bde9fca2474877627bfb0c5d":"2a728f461ce1067dd38896002724b4967c1a9cfececd3437":"2b862cd7a94c1776b26022c27c0e4f2d199ccb782caae6dd":"07f80326ea781bd95efe729867d6c39465213bb698b5e486e6c5f27d3fac4fda3cfb7c831fe6291062d4db2aff59781efb4f4cf428236aad6a55111b969885a6b851d5462278d0863909a07796e5e0e8448fc0d674a4408cd9e91e98e3adcec2064ad37dcc566faa80149519f5ea261c"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #12
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"b23c748a9c9d206ed4ce6b8bacb6f7e17cacf5649ea8d1e1144a96e977a4cb22c0f37139c3eedbcc8b9024c6f21412f1600fcde1488f95744446df7b6e21a858224b9294a75829a014697cc4b363c3ad0e152ca6":"325bdbd8c14b766d4a7ff0e14128585b21af76de7ca30ff1":"2e002a406bb8090eae6c950944a4d6768c89d43cc0d8bd17":"4828622ff56d0867bbad03bac51b8c939a5dfa33a362b129":"58cebdf4676a21ded5eba4dd19452f5dec909c589751879ea4249a4c9fef834d85dcfc95ada82f7fba1476451774036246d7a496d4d427f37647ebc10fc2e1125b0b71da1fa5f1479c5681e9d7acc9b88b527390734d943bff6a76c4b22bb4f6ac331f7710b95f6806fa35a29a2fa35f"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #13
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"606f388e8ae35faf979434656144370991e89b7457ca5b55d5bf2b48fe8cb64f549f48a812edbbb4cff895efb21c90eb26c1db239ed72da43504a1e09c56fe144f2d09242f2670dbe2561456d938352125b19131":"5e039f38d6f9a9c4ecc67158f40d3c8de61808fd7476fbf7":"21c7d976da71bcde51a3b4bc1b9a79cc6c4ca51ec992e479":"bac1c5904816c3040eb532622f127ac3e28cd78ba68404a9":"5f951dd774bc1a0818b249ffc51348bf1f36aa4b9d6a3348d36df84b5d3e824adcdf8b87ffecfec13fe36ca354625ae8db8a69722254c3f6e7027b866c529f9bed25360e0cee7ce41f996d50d224a08e965e0e5dd67a77142e2a3de0d559b9dae8919ad0387ba5fdef699e42016d7291"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #14
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
hmac_drbg_pr:MBEDTLS_MD_SHA224:"be16ca52551a6a0656c40539e3155eebbc416cbfe212101f8edc2f7118472907ae9b2b9574abe81257533115472610ab401d1ce1f8998884af43fa5776a59ae38c88631a066fa85d24dfc9b2547caae598cd0fa7":"ed000ad2e479513861014e8ff45a481a494af312d2dd5563":"feb295c74975f1e1c738988fc70b9d2603c7da93832154a1":"764705681b7781573af811fa7751dbc27d667af7a1e59dce":"ba4a0583d8d6c5b4216a0875cfad594485858dc7f9ef265d4ed0c0f0fbfcaaf5ae318df2d7fc530301813d9f49826030625f7ea02d0630b3573c486b1fa0ef4269cbfb6fb86675c11fb7c0570cf7ff4fc7affdb00625ac453c23c229a4ea5f540c66f031ab3462f7d12659eec990501f"
HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #0

66
tests/suites/test_suite_md.data
View file

@ -26,7 +26,7 @@ depends_on:MBEDTLS_SHA1_C
md_info:MBEDTLS_MD_SHA1:"SHA1":20
Information on SHA224
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_info:MBEDTLS_MD_SHA224:"SHA224":28
Information on SHA256
@ -582,31 +582,31 @@ depends_on:MBEDTLS_SHA1_C
mbedtls_md_hmac:"SHA1":10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6"
generic HMAC-SHA-224 Test Vector NIST CAVS #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
mbedtls_md_hmac:"SHA224":14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee"
generic HMAC-SHA-224 Test Vector NIST CAVS #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
mbedtls_md_hmac:"SHA224":14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53"
generic HMAC-SHA-224 Test Vector NIST CAVS #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
mbedtls_md_hmac:"SHA224":14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0"
generic HMAC-SHA-224 Test Vector NIST CAVS #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
mbedtls_md_hmac:"SHA224":14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24"
generic HMAC-SHA-224 Test Vector NIST CAVS #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
mbedtls_md_hmac:"SHA224":14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab"
generic HMAC-SHA-224 Test Vector NIST CAVS #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
mbedtls_md_hmac:"SHA224":28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba"
generic HMAC-SHA-224 Test Vector NIST CAVS #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
mbedtls_md_hmac:"SHA224":28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08"
generic HMAC-SHA-256 Test Vector NIST CAVS #1
@ -726,31 +726,31 @@ depends_on:MBEDTLS_SHA1_C
md_hmac_multi:"SHA1":10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6"
generic multi step HMAC-SHA-224 Test Vector NIST CAVS #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hmac_multi:"SHA224":14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee"
generic multi step HMAC-SHA-224 Test Vector NIST CAVS #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hmac_multi:"SHA224":14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53"
generic multi step HMAC-SHA-224 Test Vector NIST CAVS #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hmac_multi:"SHA224":14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0"
generic multi step HMAC-SHA-224 Test Vector NIST CAVS #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hmac_multi:"SHA224":14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24"
generic multi step HMAC-SHA-224 Test Vector NIST CAVS #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hmac_multi:"SHA224":14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab"
generic multi step HMAC-SHA-224 Test Vector NIST CAVS #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hmac_multi:"SHA224":28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba"
generic multi step HMAC-SHA-224 Test Vector NIST CAVS #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hmac_multi:"SHA224":28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08"
generic multi step HMAC-SHA-256 Test Vector NIST CAVS #1
@ -866,31 +866,31 @@ depends_on:MBEDTLS_SHA1_C
md_hex:"SHA1":"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
generic SHA-224 Test Vector NIST CAVS #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex:"SHA224":"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
generic SHA-224 Test Vector NIST CAVS #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex:"SHA224":"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
generic SHA-224 Test Vector NIST CAVS #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex:"SHA224":"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
generic SHA-224 Test Vector NIST CAVS #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex:"SHA224":"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
generic SHA-224 Test Vector NIST CAVS #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex:"SHA224":"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
generic SHA-224 Test Vector NIST CAVS #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex:"SHA224":"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
generic SHA-224 Test Vector NIST CAVS #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex:"SHA224":"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
generic SHA-256 Test Vector NIST CAVS #1
@ -1026,31 +1026,31 @@ depends_on:MBEDTLS_SHA1_C
md_hex_multi:"SHA1":"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
generic multi step SHA-224 Test Vector NIST CAVS #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex_multi:"SHA224":"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
generic multi step SHA-224 Test Vector NIST CAVS #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex_multi:"SHA224":"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
generic multi step SHA-224 Test Vector NIST CAVS #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex_multi:"SHA224":"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
generic multi step SHA-224 Test Vector NIST CAVS #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex_multi:"SHA224":"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
generic multi step SHA-224 Test Vector NIST CAVS #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex_multi:"SHA224":"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
generic multi step SHA-224 Test Vector NIST CAVS #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex_multi:"SHA224":"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
generic multi step SHA-224 Test Vector NIST CAVS #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
md_hex_multi:"SHA224":"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
generic multi step SHA-256 Test Vector NIST CAVS #1
@ -1162,19 +1162,19 @@ depends_on:MBEDTLS_SHA1_C
mbedtls_md_file:"SHA1":"data_files/hash_file_4":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
generic SHA-224 Hash file #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
mbedtls_md_file:"SHA224":"data_files/hash_file_1":"8606da018870f0c16834a21bc3385704cb1683b9dbab04c5ddb90a48"
generic SHA-224 Hash file #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
mbedtls_md_file:"SHA224":"data_files/hash_file_2":"733b2ab97b6f63f2e29b9a2089756d81e14c93fe4cc9615c0d5e8a03"
generic SHA-224 Hash file #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
mbedtls_md_file:"SHA224":"data_files/hash_file_3":"e1df95867580e2cc2100e9565bf9c2e42c24fe5250c19efe33d1c4fe"
generic SHA-224 Hash file #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
mbedtls_md_file:"SHA224":"data_files/hash_file_4":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
generic SHA-256 Hash file #1

68
tests/suites/test_suite_md.function
View file

@ -11,7 +11,7 @@
void mbedtls_md_process( )
{
const int *md_type_ptr;
const mbedtls_md_info_t *info;
mbedtls_md_handle_t info;
mbedtls_md_context_t ctx;
unsigned char buf[150];
@ -28,7 +28,7 @@ void mbedtls_md_process( )
for( md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++ )
{
info = mbedtls_md_info_from_type( *md_type_ptr );
TEST_ASSERT( info != NULL );
TEST_ASSERT( info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_md_setup( &ctx, info, 0 ) == 0 );
TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == 0 );
mbedtls_md_free( &ctx );
@ -39,22 +39,26 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE */
/* BEGIN_CASE depends_on:!MBEDTLS_MD_SINGLE_HASH */
void md_null_args( )
{
mbedtls_md_context_t ctx;
const mbedtls_md_info_t *info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) );
mbedtls_md_handle_t info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) );
unsigned char buf[1] = { 0 };
mbedtls_md_init( &ctx );
TEST_ASSERT( mbedtls_md_get_size( NULL ) == 0 );
TEST_ASSERT( mbedtls_md_get_type( NULL ) == MBEDTLS_MD_NONE );
TEST_ASSERT( mbedtls_md_get_name( NULL ) == NULL );
TEST_ASSERT( mbedtls_md_get_size( MBEDTLS_MD_INVALID_HANDLE )
== 0 );
TEST_ASSERT( mbedtls_md_get_type( MBEDTLS_MD_INVALID_HANDLE )
== MBEDTLS_MD_NONE );
TEST_ASSERT( mbedtls_md_get_name( MBEDTLS_MD_INVALID_HANDLE )
== NULL );
TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == NULL );
TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_md_setup( &ctx, NULL, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_setup( &ctx, MBEDTLS_MD_INVALID_HANDLE, 0 )
== MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_setup( NULL, info, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_starts( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@ -66,10 +70,12 @@ void md_null_args( )
TEST_ASSERT( mbedtls_md_finish( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_finish( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md( NULL, buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md( MBEDTLS_MD_INVALID_HANDLE,
buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#if defined(MBEDTLS_FS_IO)
TEST_ASSERT( mbedtls_md_file( NULL, "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_file( MBEDTLS_MD_INVALID_HANDLE,
"", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#endif
TEST_ASSERT( mbedtls_md_hmac_starts( NULL, buf, 1 )
@ -90,27 +96,29 @@ void md_null_args( )
TEST_ASSERT( mbedtls_md_hmac_reset( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_hmac_reset( &ctx ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_hmac( NULL, buf, 1, buf, 1, buf )
TEST_ASSERT( mbedtls_md_hmac( MBEDTLS_MD_INVALID_HANDLE, buf, 1, buf, 1, buf )
== MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_process( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA );
/* Ok, this is not NULL arg but NULL return... */
TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) == NULL );
TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) == NULL );
TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) ==
MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) ==
MBEDTLS_MD_INVALID_HANDLE );
}
/* END_CASE */
/* BEGIN_CASE */
void md_info( int md_type, char * md_name, int md_size )
{
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
const int *md_type_ptr;
int found;
md_info = mbedtls_md_info_from_type( md_type );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( md_info == mbedtls_md_info_from_string( md_name ) );
TEST_ASSERT( mbedtls_md_get_type( md_info ) == (mbedtls_md_type_t) md_type );
@ -132,7 +140,7 @@ void md_text( char * text_md_name, char * text_src_string,
char md_name[100];
unsigned char src_str[1000];
unsigned char output[100];
const mbedtls_md_info_t *md_info = NULL;
mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
memset( md_name, 0x00, 100 );
memset( src_str, 0x00, 1000 );
@ -141,7 +149,7 @@ void md_text( char * text_md_name, char * text_src_string,
strncpy( (char *) src_str, text_src_string, sizeof( src_str ) - 1 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string(md_name);
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str, strlen( (char *) src_str ), output ) );
@ -155,14 +163,14 @@ void md_hex( char * text_md_name, data_t * src_str,
{
char md_name[100];
unsigned char output[100];
const mbedtls_md_info_t *md_info = NULL;
mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
memset( md_name, 0x00, 100 );
memset( output, 0x00, 100 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string( md_name );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str->x, src_str->len, output ) );
@ -181,7 +189,7 @@ void md_text_multi( char * text_md_name, char * text_src_string,
unsigned char output[100];
int halfway, len;
const mbedtls_md_info_t *md_info = NULL;
mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
mbedtls_md_context_t ctx, ctx_copy;
mbedtls_md_init( &ctx );
@ -197,7 +205,7 @@ void md_text_multi( char * text_md_name, char * text_src_string,
halfway = len / 2;
md_info = mbedtls_md_info_from_string(md_name);
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) );
@ -230,7 +238,7 @@ void md_hex_multi( char * text_md_name, data_t * src_str,
{
char md_name[100];
unsigned char output[100];
const mbedtls_md_info_t *md_info = NULL;
mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
mbedtls_md_context_t ctx, ctx_copy;
int halfway;
@ -242,7 +250,7 @@ void md_hex_multi( char * text_md_name, data_t * src_str,
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string(md_name);
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) );
@ -277,14 +285,14 @@ void mbedtls_md_hmac( char * text_md_name, int trunc_size,
{
char md_name[100];
unsigned char output[100];
const mbedtls_md_info_t *md_info = NULL;
mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
memset( md_name, 0x00, 100 );
memset( output, 0x00, 100 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string( md_name );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( mbedtls_md_hmac( md_info, key_str->x, key_str->len, src_str->x, src_str->len, output ) == 0 );
@ -299,7 +307,7 @@ void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str,
{
char md_name[100];
unsigned char output[100];
const mbedtls_md_info_t *md_info = NULL;
mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
mbedtls_md_context_t ctx;
int halfway;
@ -310,7 +318,7 @@ void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str,
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string( md_name );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 1 ) );
halfway = src_str->len / 2;
@ -344,14 +352,14 @@ void mbedtls_md_file( char * text_md_name, char * filename,
{
char md_name[100];
unsigned char output[100];
const mbedtls_md_info_t *md_info = NULL;
mbedtls_md_handle_t md_info = MBEDTLS_MD_INVALID_HANDLE;
memset( md_name, 0x00, 100 );
memset( output, 0x00, 100 );
strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 );
md_info = mbedtls_md_info_from_string( md_name );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_md_file( md_info, filename, output ) == 0 );

6
tests/suites/test_suite_pk.function
View file

@ -593,7 +593,7 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod,
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
if( mbedtls_md_info_from_type( digest ) != NULL )
if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0,
@ -709,7 +709,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
size_t hlen, slen, slen_check;
const mbedtls_md_info_t *md_info;
mbedtls_md_handle_t md_info;
mbedtls_pk_restart_init( &rs_ctx );
mbedtls_pk_init( &prv );
@ -729,7 +729,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
slen_check = unhexify( sig_check, sig_str );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
TEST_ASSERT( md_info != MBEDTLS_MD_INVALID_HANDLE );
hlen = mbedtls_md_get_size( md_info );
mbedtls_md( md_info, (const unsigned char *) msg, strlen( msg ), hash );

9
tests/suites/test_suite_pkcs1_v15.function
View file

@ -275,8 +275,10 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
if( mbedtls_md_info_from_type( digest ) != NULL )
if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
{
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
}
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result );
if( result == 0 )
@ -313,9 +315,10 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
if( mbedtls_md_info_from_type( digest ) != NULL )
if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
{
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
}
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );

8
tests/suites/test_suite_pkcs1_v21.function
View file

@ -128,8 +128,10 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q,
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
if( mbedtls_md_info_from_type( digest ) != NULL )
if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
{
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
}
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE,
digest, 0, hash_result, output ) == result );
@ -169,8 +171,10 @@ void pkcs1_rsassa_pss_verify( int mod, int radix_N, char * input_N,
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
if( mbedtls_md_info_from_type( digest ) != NULL )
if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
{
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
}
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );

10
tests/suites/test_suite_pkcs5.data
View file

@ -19,23 +19,23 @@ depends_on:MBEDTLS_SHA1_C
pbkdf2_hmac:MBEDTLS_MD_SHA1:"7061737300776f7264":"7361006c74":4096:16:"56fa6aa75548099dcc37d7f03425e0c3"
PBKDF2 Python hashlib Test Vector #1 (SHA224)
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":1:20:"3c198cbdb9464b7857966bd05b7bc92bc1cc4e6e"
PBKDF2 Python hashlib Test Vector #2 (SHA224)
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":2:20:"93200ffa96c5776d38fa10abdf8f5bfc0054b971"
PBKDF2 Python hashlib Test Vector #3 (SHA224)
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":4096:20:"218c453bf90635bd0a21a75d172703ff6108ef60"
PBKDF2 Python hashlib Test Vector #5 (SHA224)
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"056c4ba438ded91fc14e0594e6f52b87e1f3690c0dc0fbc057"
PBKDF2 Python hashlib Test Vector #6 (SHA224)
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
pbkdf2_hmac:MBEDTLS_MD_SHA224:"7061737300776f7264":"7361006c74":4096:16:"9b4011b641f40a2a500a31d4a392d15c"
PBKDF2 RFC 7914 Sec 11 Test Vector #1 (SHA256)

4
tests/suites/test_suite_pkcs5.function
View file

@ -12,14 +12,14 @@ void pbkdf2_hmac( int hash, data_t * pw_str, data_t * salt_str,
int it_cnt, int key_len, data_t * result_key_string )
{
mbedtls_md_context_t ctx;
const mbedtls_md_info_t *info;
mbedtls_md_handle_t info;
unsigned char key[100];
mbedtls_md_init( &ctx );
info = mbedtls_md_info_from_type( hash );
TEST_ASSERT( info != NULL );
TEST_ASSERT( info != MBEDTLS_MD_INVALID_HANDLE );
TEST_ASSERT( mbedtls_md_setup( &ctx, info, 1 ) == 0 );
TEST_ASSERT( mbedtls_pkcs5_pbkdf2_hmac( &ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len,
it_cnt, key_len, key ) == 0 );

72
tests/suites/test_suite_pkparse.data
View file

@ -363,147 +363,147 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS5_C
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #50 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #50.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #50.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #51 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #51.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #51.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #52 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #52.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #52.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #53 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTest":0
Parse RSA Key #53.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #53.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #54 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTest":0
Parse RSA Key #54.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #54.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #55 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTest":0
Parse RSA Key #55.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #55.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #56 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #56.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #56.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #57 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #57.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #57.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #58 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTest":0
Parse RSA Key #58.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #58.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
Parse RSA Key #59 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTest":0
Parse RSA Key #59.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #59.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #60 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTest":0
Parse RSA Key #60.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #60.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #61 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTest":0
Parse RSA Key #61.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, wrong PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
Parse RSA Key #61.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, no PW)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:!MBEDTLS_SHA256_NO_SHA224
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
Parse RSA Key #62 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256)

16
tests/suites/test_suite_rsa.data
View file

@ -15,7 +15,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_verify:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
RSA PKCS1 Verify v1.5 CAVS #4
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA256_NO_SHA224
mbedtls_rsa_pkcs1_verify:"867ac26e11a13b7ac34a42a1e177648692861226effb55bb597fbde10f299bf7fffd6fc8ddb2a46a73b97b67387a461b23e1d65dc119366286979add615b926b9272832fc0c058b946fc752dcffceca12233f4c63f7897cbaa08aa7e07cf02b5e7e3e5ece252bf2fe61d163bce84c0e0368454a98e9fdebf6edbd70b290d549b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3bb7b1c5f3391de4549e2e96fd33afa4d647dd90e321d9d576f3808e32213e948b697ef4fd2dd12923de6ec3ffd625078a57f86af38dc07052bb50547c616ed51fa1352b3ab66788408168d21263ef2d3388d567d2ce8cf674f45491ab2b0319d47be1266bda39e343b2a38ea2d6aaaee6c4465aee1d7bb33e93a1c40a8e3ae4":0
RSA PKCS1 Verify v1.5 CAVS #5
@ -44,7 +44,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_verify:"55013a489e09b6553262aab59fb041b49437b86d52876f8e5d5e405b77ca0ff6ce8ea2dd75c7b3b411cf4445d56233c5b0ff0e58c49128d81b4fedd295e172d225c451e13defb34b87b7aea6d6f0d20f5c55feb71d2a789fa31f3d9ff47896adc16bec5ce0c9dda3fde190e08ca2451c01ff3091449887695f96dac97ad6a30e":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"dd82b7be791c454fbbf6f1de47cbe585a687e4e8bbae0b6e2a77f8ca4efd06d71498f9a74b931bd59c377e71daf708a624c51303f377006c676487bad57f7067b09b7bb94a6189119ab8cf7321c321b2dc7df565bfbec833a28b86625fb5fd6a035d4ed79ff0f9aee9fa78935eec65069439ee449d7f5249cdae6fdd6d8c2a63":MBEDTLS_ERR_RSA_VERIFY_FAILED
RSA PKCS1 Verify v1.5 CAVS #11
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA256_NO_SHA224
mbedtls_rsa_pkcs1_verify:"f4a990b8d434a5914340c0ca3ca4e4a70856c55e13e938c1f854e91cdef54c6107d6d682a62e6c1ff12b1c6178ee0b26b5d8ae5ee4043db4151465727f313e9e174d7c6961abe9cb86a21367a89e41b47267ac5ef3a6eceaaca5b19ae756b3904b97ec35aeb404dc2a2d0da373ba709a678d2728e7d72daae68d335cbf6c957d":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"d8ef7bdc0f111b1249d5ad6515b6fe37f2ff327f493832f1385c10e975c07b0266497716fcb84f5039cd60f5a050614fde27f354a6c45e8a7d74f9821e2f301500ac1953feafeb9d98cf88d2c928413f337813135c66abfc3dc7a4d80655d925bf96f21872ca2b3a2684b976ca768fe37feae20a69eeec3cc8f1de0db34b3462":0
RSA PKCS1 Verify v1.5 CAVS #12
@ -64,7 +64,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_verify:"224ecd3b630581da948216366c741015a9723c5ea43de67e28454d0a846f54a6df167a25cc500cf21f729aaefed6a71a3bdba438e12e20ad0c48396afe38568b70a3187f26098d6ac649a7c7ea68ed52748e7125225102216236a28f67753b077cfd8d9198b86b0b331027cb59b24b85fd92896e8f2ff5a1d11872c2e6af6ae2":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"1f7938b20a9cd8bb8ca26bad9e79ea92373174203f3ab212a06de34a9a3e14e102d19a8878c28a2fc8083a97c06b19c1ae62678289d5d071a904aed1d364655d9e2d16480a6fd18f4c8edf204844a34d573b1b988b82d495caefd9298c1635083e196a11f4a7df6a7e3cc4db7b9642e7682d22ec7038c3bad791e1365fe8836976092460e6df749dc032baf1e026684f55936beb9369845c53c3d217941c1f8d8f54a32333a4c049c3f2d527125778032f5d390040d1d4cce83dc353ce250152":0
RSA PKCS1 Verify v1.5 CAVS #16
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA256_NO_SHA224
mbedtls_rsa_pkcs1_verify:"6ecc722d233dad1aca45e6bc3e1a0b99fb1f89c0ec63bc657e6aaacbf931f267106cff42b712819f341b1ede798964a0b1a5032c198b391111e88d0d7303c02e23fa0137e74e604579a285b2dbc0a23aebdda65c371eb403125bd366e822e72dceffe0d55dfa3155c16283020dc9abb0d150da1aef251484aa49e49e00974dac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"339dce3a1937669d9fb14c4f652378861fd5adc4da88eaf833b16020b55a24ddc83b7ae3395a9a49b426bb9a4170cb765b02652faa9594b457aeefdae4f802e93d8e65c687ddc723701465a5ef19249ed5d2617b5121c58557b34eb99a663bbcf4453a6e1db5d88723de449fcf58ca8ef514daf08cfdc71be155bb3d0724df0c0a6fd5aa7737433cc376640b9b8b4c7ddd09776bae0245729cddb56e36f28edad6aecaed0821ec8d843a96348e722bf0a84cf060a793a2179f054138f907d0c3":0
RSA PKCS1 Verify v1.5 CAVS #17
@ -88,11 +88,11 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_verify:"ac58fd024208d7f045d81a56cd55aad40ab86b0d216ab55136c7027aca23ea13480a52c0dacce0d98139b25965aa4ff76a41dd92037195d24bc0750d52cb3467b48b7b3e71d852c5f82bd9ee85a8388ead5cd8bc38c3d4792e8daa9734a137d31963e245ad3217fad235f7dfd5584de0fe91c4526568588e08b60bdf1badd99f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"a142b0d9456f8f4772675265a08613a66c416bd1ae712975c69d9ca5fb8c1be9c24359a04fd15460bf6136a8a11f13e3ce2de2171524f10cb715f0d71e3db15281ab99eadbe86cf8c5c518162c638ef27a4f7bfb4a1a3873f3c384a5b1c3b4966c837b9d8d192ac34e03943b7ae191355aa1ff3b9cd041bb2668f1f81cf0d015b3d3608cd9ac79398212c0f132f1bd45d47768b999fcf3c05fe2069593ceecedc851a7fc465abcfef0fabba9b9460153f6ba8723a5c6e766c83a446aef3ee327":MBEDTLS_ERR_RSA_VERIFY_FAILED
RSA PKCS1 Verify v1.5 CAVS #22
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA256_NO_SHA224
mbedtls_rsa_pkcs1_verify:"027f767928a5821e2723d6f36c43e6b498b6f0b381852571794a096bd49f1c36a4d7bacec7ec402c24b970163169173bb930ec7fdc39bc9457dfc4ca051f5f28a64de1bbe007c22e8368ff9b117dbda17efd2fb73434bbbf5a4158df56813b8c904bb2e779de504dcd974a291568210d6f85810291606a1c0cd88d51ceadf98a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"0676e64daaa18f4af46e9dfbe234db389b8a527b0fe1db97eb7f404e3155226cba70d318800f83160fa1aa19916e5c09f079331079f18cb8ab1a4b884cb28501824974f683ed2b9babae9f8c15bea30802805c6b2152119764811bbf5f3994d2e97fa2fe8c5ab15a23c14d7ae56be00eaa8bc26678481ff5ba59b0acfb0e43341bff9fc638e5625480a73dbc5d8d13bd2b9e64037c6b79df0c60869980c6a22ec46f80fb859cb4ee5d2032ac1fe538cfd85c70a7f33b4af50a93395917c2cfb6":MBEDTLS_ERR_RSA_VERIFY_FAILED
RSA PKCS1 Verify v1.5 CAVS #23
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA256_NO_SHA224
mbedtls_rsa_pkcs1_verify:"06dcd9d4c056b6a45b9ed2ae5f6c1cfa43aae06fe01ee098264aa7a80e901abbcf9a505e55f9a352ef0c078d48249b8298e57ea21bf0e423c3bf69002acfa541ca05007c704bc79cee7a80e1107c7b28d2b2aa6dd093b28efe9642519952a4a95ee49235f9924a0ac0aee5b2a1bce47459d70cd6e75074614199dca44561407c":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"5e08f399258e6de075b67a0a6a822ceb21b1eb7a0342eca6a4295739f644547dee3456243cf32bd6ea6f357c88632508457130f3dae04f7806efaed43d1d501e16c961dfbd6c71a42b480e95c7027f8275063d05a9aac3eef0520867b9896ebe8ec358f7d121beb4e61ddfdc3dcd835dfe265f2ba68d300ef566ed1284f9f3d7b1af363ed47bfa2e5f0492925444df7e5fcb1e79e690c746117650b543a5e82c39553552f0f44e617b5cf773c533050f4129e893ac22af69b1eb9afb4b5ba5f5":0
RSA PKCS1 Verify v1.5 CAVS #24
@ -112,7 +112,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_verify:"4871adc05f6b3ecf296680b0dd8d86715b0d5264c064008037dc410512520b5f193c8f4d21eb6c42e10d220c0275c9b3751f03a4096e2f0e3db9df8d52068c06a51589d23ca1361e9fe27691e95663301ec1407fbf73aee99cc92362eaf6994b95038396d815052a0aef6489bbb7bcb0fffdf13f0af9e7d9fd14f6ce00ab98f7":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"180caf03781b391aacebe5b3f5e1d3b01c68a00df4ecfb6c4bf14217aed7cfca0adac099ec1d6e1f0b43b09b86788533fee6691d773807af0df6cc3bbdde3cf34bf5b848fa59c8bc10227cc3eba3452a85e0520fccdb2d8d32dd99672d302756a2d7f7f2693db3a48be17bd34d9d891f4ba44449c5bad1de91b788f524500a7703cccbaa77b9fe8791f5c8aa7b8f055336f28fcfc01733712e33cfb3d33fe71ddb9ced2a31931ec38007f5ad4a0d19acc428124b0e5ee6e0746fb33c1a4d90c8":0
RSA PKCS1 Verify v1.5 CAVS #28
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA256_NO_SHA224
mbedtls_rsa_pkcs1_verify:"3bba64de38438a71b95ab9c94539d5870c1fb08d7a9937600c00e9d063438edc97e625d0cd4b1eb00c31c9d94c7a0fe6d03160d1b6cbec5acdad16ada6ef253fee603df9faca8f98a477cc5456f3dfbf6414dbf19f3832e227ce291780188881e82e96a2e84744f12a34a9808a2daedc6fd00b345c6772bec26a095719451e6a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"8c846e75e32ce5f9964bdd8f6dcf1d2996a646b233bcf1bd6394e13e856691b89bedd18290a0f9f7c90dca307271b3108e795340490513b25e6789e93722c65ec064b4c43457295a31d1f07dd605e133fd6eaafc58cda132df2939f5f693e0205af34550afaa137f3e482885e50dfb48333a15c0821e7a19642acdddc6fea3c7487c691246a2b083dac439889d5ae741b7e08c47937530b4b069f1a260cd07fe4a0ddd530ab11534fb805e9b562118ee0e97932966008aadfc83f3b8a10de8ee":0
RSA PKCS1 Verify v1.5 CAVS #29
@ -199,11 +199,11 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc6287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd763d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":MBEDTLS_ERR_RSA_VERIFY_FAILED
RSA PKCS1 Sign #3 (SHA224, 2048 bits RSA)
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA256_NO_SHA224
mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0
RSA PKCS1 Sign #3 Verify
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA256_NO_SHA224
mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0
RSA PKCS1 Sign #4 (SHA384, 2048 bits RSA)

8
tests/suites/test_suite_rsa.function
View file

@ -497,8 +497,10 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
if( mbedtls_md_info_from_type( digest ) != NULL )
if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
{
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
}
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
MBEDTLS_RSA_PRIVATE, digest, 0,
@ -538,8 +540,10 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
if( mbedtls_md_info_from_type( digest ) != NULL )
if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
{
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
}
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );

14
tests/suites/test_suite_shax.data
View file

@ -52,31 +52,31 @@ SHA-256 Invalid parameters
sha256_invalid_param:
SHA-224 Test Vector NIST CAVS #1
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
sha224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
SHA-224 Test Vector NIST CAVS #2
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
sha224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
SHA-224 Test Vector NIST CAVS #3
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
sha224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
SHA-224 Test Vector NIST CAVS #4
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
sha224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
SHA-224 Test Vector NIST CAVS #5
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
sha224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
SHA-224 Test Vector NIST CAVS #6
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
sha224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
SHA-224 Test Vector NIST CAVS #7
depends_on:MBEDTLS_SHA256_C
depends_on:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
sha224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
SHA-256 Test Vector NIST CAVS #1

6
tests/suites/test_suite_ssl.function
View file

@ -102,12 +102,12 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
if( cipher_info->mode == MBEDTLS_MODE_CBC ||
cipher_info->mode == MBEDTLS_MODE_STREAM )
{
mbedtls_md_info_t const *md_info;
mbedtls_md_handle_t md_info;
unsigned char *md0, *md1;
/* Pick hash */
md_info = mbedtls_md_info_from_type( hash_id );
CHK( md_info != NULL );
CHK( md_info != MBEDTLS_MD_INVALID_HANDLE );
/* Pick hash keys */
maclen = mbedtls_md_get_size( md_info );
@ -121,7 +121,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
CHK( mbedtls_md_setup( &t_in->md_ctx_enc, md_info, 1 ) == 0 );
CHK( mbedtls_md_setup( &t_in->md_ctx_dec, md_info, 1 ) == 0 );
if( ver > MBEDTLS_SSL_MINOR_VERSION_0 )
if( mbedtls_ssl_ver_gt( ver, MBEDTLS_SSL_MINOR_VERSION_0 ) )
{
CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_enc,
md0, maclen ) == 0 );

11
tests/suites/test_suite_tinycrypt.data Normal file
View file

@ -0,0 +1,11 @@
Tinycrypt ECDH
test_ecdh:
Tinycrypt ECDSA
test_ecdsa:
ECDH primitive rfc 5903 p256
ecdh_primitive_testvec:"C88F01F510D9AC3F70A292DAA2316DE544E9AAB8AFE84049C62A9C57862D1433":"DAD0B65394221CF9B051E1FECA5787D098DFE637FC90B9EF945D0C3772581180":"5271A0461CDB8252D61F1C456FA3E59AB1F45B33ACCF5F58389E0577B8990BB3":"C6EF9C5D78AE012A011164ACB397CE2088685D8F06BF9BE0B283AB46476BEE53":"D12DFB5289C8D4F81208B70270398C342296970A0BCCB74C736FC7554494BF63":"56FBF3CA366CC23E8157854C13C58D6AAC23F046ADA30F8353E74F33039872AB":"D6840F6B42F6EDAFD13116E0E12565202FEF8E9ECE7DCE03812464D04B9442DE"
ECDSA primitive rfc 4754 p256
ecdsa_primitive_testvec:"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":"BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD":"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"86FA3BB4E26CAD5BF90B7F81899256CE7594BB1EA0C89212748BFF3B3D5B0315":1

117
tests/suites/test_suite_tinycrypt.function Normal file
View file

@ -0,0 +1,117 @@
/* BEGIN_HEADER */
#include "tinycrypt/ecc.h"
#include "tinycrypt/ecc_dh.h"
#include "tinycrypt/ecc_dsa.h"
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_USE_TINYCRYPT
* END_DEPENDENCIES
*/
/* BEGIN_CASE depends_on:MBEDTLS_USE_TINYCRYPT */
void test_ecdh()
{
uint8_t private1[NUM_ECC_BYTES] = {0};
uint8_t private2[NUM_ECC_BYTES] = {0};
uint8_t public1[2*NUM_ECC_BYTES] = {0};
uint8_t public2[2*NUM_ECC_BYTES] = {0};
uint8_t secret1[NUM_ECC_BYTES] = {0};
uint8_t secret2[NUM_ECC_BYTES] = {0};
const struct uECC_Curve_t * curve = uECC_secp256r1();
uECC_set_rng( &uecc_rng_wrapper );
TEST_ASSERT( uECC_make_key( public1, private1, curve ) != 0 );
TEST_ASSERT( uECC_make_key( public2, private2, curve ) != 0 );
TEST_ASSERT( uECC_shared_secret( public2, private1, secret1, curve ) != 0 );
TEST_ASSERT( uECC_shared_secret( public1, private2, secret2, curve ) != 0 );
TEST_ASSERT( memcmp( secret1, secret2, sizeof( secret1 ) ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_USE_TINYCRYPT */
void test_ecdsa()
{
uint8_t private[NUM_ECC_BYTES] = {0};
uint8_t public[2*NUM_ECC_BYTES] = {0};
uint8_t hash[NUM_ECC_BYTES] = {0};
uint8_t sig[2*NUM_ECC_BYTES] = {0};
const struct uECC_Curve_t * curve = uECC_secp256r1();
uECC_set_rng( &uecc_rng_wrapper );
TEST_ASSERT( rnd_std_rand( NULL, hash, NUM_ECC_BYTES ) == 0 );
TEST_ASSERT( uECC_make_key( public, private, curve ) != 0 );
TEST_ASSERT( uECC_sign( private, hash, sizeof( hash ), sig, curve ) != 0 );
TEST_ASSERT( uECC_verify( public, hash, sizeof( hash ), sig, curve ) != 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_USE_TINYCRYPT */
void ecdh_primitive_testvec( data_t * private1, data_t * xA_str,
data_t * yA_str, data_t * private2,
data_t * xB_str, data_t * yB_str, data_t * z_str )
{
const struct uECC_Curve_t * curve = uECC_secp256r1();
uint8_t public1[2*NUM_ECC_BYTES] = {0};
uint8_t public2[2*NUM_ECC_BYTES] = {0};
uint8_t secret1[NUM_ECC_BYTES] = {0};
uint8_t secret2[NUM_ECC_BYTES] = {0};
memcpy( public1, xA_str->x, xA_str->len );
memcpy( public1 + NUM_ECC_BYTES, yA_str->x, yA_str->len );
memcpy( public2, xB_str->x, xB_str->len );
memcpy( public2 + NUM_ECC_BYTES, yB_str->x, yB_str->len );
// Compute shared secrets and compare to test vector secret
TEST_ASSERT( uECC_shared_secret( public2, private1->x, secret1, curve ) != 0 );
TEST_ASSERT( uECC_shared_secret( public1, private2->x, secret2, curve ) != 0 );
TEST_ASSERT( memcmp( secret1, secret2, sizeof( secret1 ) ) == 0 );
TEST_ASSERT( memcmp( secret1, z_str->x, sizeof( secret1 ) ) == 0 );
TEST_ASSERT( memcmp( secret2, z_str->x, sizeof( secret2 ) ) == 0 );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_USE_TINYCRYPT */
void ecdsa_primitive_testvec( data_t * xQ_str, data_t * yQ_str,
data_t * hash, data_t * r_str, data_t * s_str,
int result )
{
const struct uECC_Curve_t * curve = uECC_secp256r1();
uint8_t pub_bytes[2*NUM_ECC_BYTES] = {0};
uint8_t sig_bytes[2*NUM_ECC_BYTES] = {0};
memcpy( pub_bytes, xQ_str->x, xQ_str->len );
memcpy( pub_bytes + NUM_ECC_BYTES, yQ_str->x, yQ_str->len );
memcpy( sig_bytes, r_str->x, r_str->len );
memcpy( sig_bytes + NUM_ECC_BYTES, s_str->x, r_str->len );
TEST_ASSERT( uECC_verify( pub_bytes, hash->x, hash->len,
sig_bytes, curve ) == result );
// Alter the signature and check the verification fails
for( int i = 0; i < 2*NUM_ECC_BYTES; i++ )
{
uint8_t temp = sig_bytes[i];
sig_bytes[i] = ( sig_bytes[i] + 1 ) % 256;
TEST_ASSERT( uECC_verify( pub_bytes, hash->x, hash->len,
sig_bytes, curve ) == 0 );
sig_bytes[i] = temp;
}
}
/* END_CASE */

28
tests/suites/test_suite_x509parse.data
View file

@ -39,7 +39,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
x509_cert_info:"data_files/cert_sha1.crt":"cert. version \: 3\nserial number \: 07\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
X509 CRT information SHA224 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
x509_cert_info:"data_files/cert_sha224.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
X509 CRT information SHA256 Digest
@ -59,7 +59,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C
x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
X509 CRT information RSA-PSS, SHA224 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n"
X509 CRT information RSA-PSS, SHA256 Digest
@ -79,7 +79,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:
x509_cert_info:"data_files/server5-sha1.crt":"cert. version \: 3\nserial number \: 12\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\nbasic constraints \: CA=false\n"
X509 CRT information EC, SHA224 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_SHA256_NO_SHA224
x509_cert_info:"data_files/server5-sha224.crt":"cert. version \: 3\nserial number \: 13\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\nbasic constraints \: CA=false\n"
X509 CRT information EC, SHA256 Digest
@ -167,7 +167,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE
mbedtls_x509_crl_info:"data_files/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n"
X509 CRL Information SHA224 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO:!MBEDTLS_SHA256_NO_SHA224
mbedtls_x509_crl_info:"data_files/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n"
X509 CRL Information SHA256 Digest
@ -187,7 +187,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:!M
mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n"
X509 CRL information RSA-PSS, SHA224 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO:!MBEDTLS_SHA256_NO_SHA224
mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n"
X509 CRL information RSA-PSS, SHA256 Digest
@ -207,7 +207,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMO
mbedtls_x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n"
X509 CRL Information EC, SHA224 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO:!MBEDTLS_SHA256_NO_SHA224
mbedtls_x509_crl_info:"data_files/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n"
X509 CRL Information EC, SHA256 Digest
@ -291,7 +291,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:!M
mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n"
X509 CSR Information RSA-PSS with SHA224
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO:!MBEDTLS_SHA256_NO_SHA224
mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n"
X509 CSR Information RSA-PSS with SHA256
@ -544,7 +544,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDT
x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_BAD_MD | MBEDTLS_X509_BADCERT_BAD_MD:"":"NULL"
X509 CRT verification #15 (Valid Cert SHA224 Digest)
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA256_NO_SHA224
x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL"
X509 CRT verification #16 (Valid Cert SHA256 Digest)
@ -560,11 +560,11 @@ depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBE
x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL"
X509 CRT verification #19 (Valid Cert, denying callback)
depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
depends_on:MBEDTLS_SHA512_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_OTHER:"compat":"verify_none"
X509 CRT verification #19 (Not trusted Cert, allowing callback)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_VERIFY_CALLBACK:!MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":0:0:"compat":"verify_all"
X509 CRT verification #21 (domain matching wildcard certificate, case insensitive)
@ -668,7 +668,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_S
x509_verify:"data_files/server5-sha1.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL"
X509 CRT verification #37 (Valid, EC CA, SHA224 Digest)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_TINYCRYPT
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_SHA256_NO_SHA224:!MBEDTLS_USE_TINYCRYPT
x509_verify:"data_files/server5-sha224.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL"
X509 CRT verification #38 (Valid, EC CA, SHA384 Digest)
@ -768,7 +768,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MB
x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL"
X509 CRT verification #58 (Valid, RSASSA-PSS, SHA-224)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C:!MBEDTLS_SHA256_NO_SHA224
x509_verify:"data_files/server9-sha224.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha224.pem":"NULL":0:0:"compat":"NULL"
X509 CRT verification #59 (Valid, RSASSA-PSS, SHA-256)
@ -920,7 +920,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MB
x509_verify:"data_files/server1.crt":"data_files/test-ca-alt-good.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL"
X509 CRT verification #92 (bad name, allowing callback)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_TINYCRYPT
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_TINYCRYPT:!MBEDTLS_X509_REMOVE_VERIFY_CALLBACK
x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"globalhost":0:0:"":"verify_all"
X509 CRT verification #93 (Suite B invalid, EC cert, RSA CA)
@ -936,7 +936,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_S
x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"suite_b":"NULL"
X509 CRT verification #96 (next profile Invalid Cert SHA224 Digest)
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C:!MBEDTLS_SHA256_NO_SHA224
x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCRL_BAD_MD:"next":"NULL"
X509 CRT verification #97 (next profile Valid Cert SHA256 Digest)

41
tests/suites/test_suite_x509parse.function
View file

@ -334,7 +334,10 @@ void x509_verify_restart( char *crt_file, char *ca_file,
NULL,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
&flags,
NULL, NULL, &rs_ctx );
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
NULL, NULL,
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
&rs_ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
TEST_ASSERT( ret == result );
@ -355,7 +358,10 @@ void x509_verify_restart( char *crt_file, char *ca_file,
NULL,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
&flags,
NULL, NULL, &rs_ctx );
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
NULL, NULL,
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
&rs_ctx );
TEST_ASSERT( ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
exit:
@ -376,7 +382,9 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
mbedtls_x509_crl crl;
uint32_t flags = 0;
int res;
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) = NULL;
#endif
const mbedtls_x509_crt_profile *profile;
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
char * cn_name = NULL;
@ -406,6 +414,7 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
else
TEST_ASSERT( "Unknown algorithm profile" == 0 );
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
if( strcmp( verify_callback, "NULL" ) == 0 )
f_vrfy = NULL;
else if( strcmp( verify_callback, "verify_none" ) == 0 )
@ -414,16 +423,28 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file,
f_vrfy = verify_all;
else
TEST_ASSERT( "No known verify callback selected" == 0 );
#else
if( strcmp( verify_callback, "NULL" ) != 0 )
TEST_ASSERT( "Verify callbacks disabled" == 0 );
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 );
TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 );
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
res = mbedtls_x509_crt_verify_with_profile( &crt, &ca, &crl, profile,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
cn_name,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
&flags, f_vrfy, NULL );
#else
res = mbedtls_x509_crt_verify_with_profile( &crt, &ca, &crl, profile,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
cn_name,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
&flags );
#endif
TEST_ASSERT( res == ( result ) );
if( flags != (uint32_t) flags_result )
@ -441,7 +462,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
void x509_verify_callback( char *crt_file, char *ca_file, char *name,
int exp_ret, char *exp_vrfy_out )
{
@ -827,11 +848,21 @@ void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int,
TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, file_buf ) == 0 );
/* Try to verify that chain */
#if !defined(MBEDTLS_X509_REMOVE_VERIFY_CALLBACK)
ret = mbedtls_x509_crt_verify( &chain, &trusted, NULL,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
NULL,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
&flags, NULL, NULL );
&flags,
NULL, NULL );
#else
ret = mbedtls_x509_crt_verify( &chain, &trusted, NULL,
#if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION)
NULL,
#endif /* !MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION */
&flags );
#endif /* MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
TEST_ASSERT( ret == ret_chk );
TEST_ASSERT( flags == (uint32_t) flags_chk );
@ -841,7 +872,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_VERIFY_CALLBACK */
void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca,
int flags_result, int result,
char *profile_name, int vrfy_fatal_lvls )

2
tests/suites/test_suite_x509write.data
View file

@ -3,7 +3,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0
Certificate Request check Server1 SHA224
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_SHA256_NO_SHA224
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0
Certificate Request check Server1 SHA256

61
tinycrypt/LICENSE Normal file
View file

@ -0,0 +1,61 @@
================================================================================
TinyCrypt Cryptographic Library
================================================================================
Copyright (c) 2017, Intel Corporation. All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
- Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
- Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
- Neither the name of the Intel Corporation nor the names of its contributors
may be used to endorse or promote products derived from this software
without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
================================================================================
Copyright (c) 2014, Kenneth MacKay
All rights reserved.
https://github.com/kmackay/micro-ecc
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
================================================================================

77
tinycrypt/README Normal file
View file

@ -0,0 +1,77 @@
================================================================================
TinyCrypt Cryptographic Library
(integrated as part of Mbed TLS)
================================================================================
Copyright (c) 2017, Intel Corporation. All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
- Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
- Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
- Neither the name of the Intel Corporation nor the names of its contributors
may be used to endorse or promote products derived from this software
without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
================================================================================
Copyright (c) 2019 ARM Limited
================================================================================
Overview:
The TinyCrypt Library provides an implementation for constrained devices of a
minimal set of standard cryptography primitives.
This is a modified form of the library based on version 0.2.8 included as part
of Mbed TLS as a compilation option. It is not included in its full form and
those wishing to use TinyCrypt should use the original unmodified project.
The original project can be found here: https://github.com/intel/tinycrypt
Contributions should be made upstream to that project, and full documentation
can be found in the originating repository.
================================================================================
Organization:
tinycrypt: C source code of the cryptographic primitives.
include/tinycrypt: C header files of the cryptographic primitives.
No documentation is provided, and instead is available with the original
project.
Tests are provided as part of Mbed TLS and the Mbed TLS test suites.
================================================================================
Building:
To include TinyCrypt as part of Mbed TLS, enable the configuration option
MBEDTLS_USE_TINYCRYPT in the configration file 'include/mbedtls/config.h', and
build as Mbed TLS as normal.
================================================================================

5
tinycrypt/ecc.c
View file

@ -1,5 +1,10 @@
/* ecc.c - TinyCrypt implementation of common ECC functions */
/*
* Copyright (c) 2019, Arm Limited (or its affiliates), All Rights Reserved.
* SPDX-License-Identifier: BSD-3-Clause
*/
/*
* Copyright (c) 2014, Kenneth MacKay
* All rights reserved.

5
tinycrypt/ecc_dh.c
View file

@ -1,5 +1,10 @@
/* ec_dh.c - TinyCrypt implementation of EC-DH */
/*
* Copyright (c) 2019, Arm Limited (or its affiliates), All Rights Reserved.
* SPDX-License-Identifier: BSD-3-Clause
*/
/*
* Copyright (c) 2014, Kenneth MacKay
* All rights reserved.

5
tinycrypt/ecc_dsa.c
View file

@ -1,5 +1,10 @@
/* ec_dsa.c - TinyCrypt implementation of EC-DSA */
/*
* Copyright (c) 2019, Arm Limited (or its affiliates), All Rights Reserved.
* SPDX-License-Identifier: BSD-3-Clause
*/
/* Copyright (c) 2014, Kenneth MacKay
* All rights reserved.
*

1
visualc/VS2010/mbedTLS.vcxproj
View file

@ -264,7 +264,6 @@
<ClCompile Include="..\..\library\md2.c" />
<ClCompile Include="..\..\library\md4.c" />
<ClCompile Include="..\..\library\md5.c" />
<ClCompile Include="..\..\library\md_wrap.c" />
<ClCompile Include="..\..\library\memory_buffer_alloc.c" />
<ClCompile Include="..\..\library\net_sockets.c" />
<ClCompile Include="..\..\library\nist_kw.c" />