Squashed commit upgrading to mbedtls-3.4.0
Squash merging branch import/mbedtls-3.4.0
8225713449d3 ("libmbedtls: fix unrecognized compiler option")
f03730842d7b ("core: ltc: configure internal MD5")
2b0d0c50127c ("core: ltc: configure internal SHA-1 and SHA-224")
0e48a6e17630 ("libmedtls: core: update to mbedTLS 3.4.0 API")
049882b143af ("libutee: update to mbedTLS 3.4.0 API")
982307bf6169 ("core: LTC mpi_desc.c: update to mbedTLS 3.4.0 API")
33218e9eff7b ("ta: pkcs11: update to mbedTLS 3.4.0 API")
6956420cc064 ("libmbedtls: fix cipher_wrap.c for NIST AES Key Wrap mode")
ad67ef0b43fd ("libmbedtls: fix cipher_wrap.c for chacha20 and chachapoly")
7300f4d97bbf ("libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pkcs1_v15_verify()")
cec89b62a86d ("libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pss_verify_ext()")
e7e048796c44 ("libmbedtls: add SM2 curve")
096beff2cd31 ("libmbedtls: mbedtls_mpi_exp_mod(): optimize mempool usage")
7108668efd3f ("libmbedtls: mbedtls_mpi_exp_mod(): reduce stack usage")
0ba4eb8d0572 ("libmbedtls: mbedtls_mpi_exp_mod() initialize W")
3fd6ecf00382 ("libmbedtls: fix no CRT issue")
d5ea7e9e9aa7 ("libmbedtls: add interfaces in mbedtls for context memory operation")
2b0fb3f1fa3d ("libmedtls: mpi_miller_rabin: increase count limit")
2c3301ab99bb ("libmbedtls: add mbedtls_mpi_init_mempool()")
9a111f0da04b ("libmbedtls: make mbedtls_mpi_mont*() available")
804fe3a374f5 ("mbedtls: configure mbedtls to reach for config")
b28a41531427 ("mbedtls: remove default include/mbedtls/config.h")
dfafe507bbef ("Import mbedtls-3.4.0")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_armv8a)
diff --git a/lib/libmbedtls/mbedtls/library/base64.c b/lib/libmbedtls/mbedtls/library/base64.c
index 83daa0b..4170610 100644
--- a/lib/libmbedtls/mbedtls/library/base64.c
+++ b/lib/libmbedtls/mbedtls/library/base64.c
@@ -28,76 +28,68 @@
#if defined(MBEDTLS_SELF_TEST)
#include <string.h>
-#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
-#define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */
+#define BASE64_SIZE_T_MAX ((size_t) -1) /* SIZE_T_MAX is not standard */
/*
* Encode a buffer into base64 format
*/
-int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
- const unsigned char *src, size_t slen )
+int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
+ const unsigned char *src, size_t slen)
{
size_t i, n;
int C1, C2, C3;
unsigned char *p;
- if( slen == 0 )
- {
+ if (slen == 0) {
*olen = 0;
- return( 0 );
+ return 0;
}
- n = slen / 3 + ( slen % 3 != 0 );
+ n = slen / 3 + (slen % 3 != 0);
- if( n > ( BASE64_SIZE_T_MAX - 1 ) / 4 )
- {
+ if (n > (BASE64_SIZE_T_MAX - 1) / 4) {
*olen = BASE64_SIZE_T_MAX;
- return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
+ return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
}
n *= 4;
- if( ( dlen < n + 1 ) || ( NULL == dst ) )
- {
+ if ((dlen < n + 1) || (NULL == dst)) {
*olen = n + 1;
- return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
+ return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
}
- n = ( slen / 3 ) * 3;
+ n = (slen / 3) * 3;
- for( i = 0, p = dst; i < n; i += 3 )
- {
+ for (i = 0, p = dst; i < n; i += 3) {
C1 = *src++;
C2 = *src++;
C3 = *src++;
- *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F );
- *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) )
- & 0x3F );
- *p++ = mbedtls_ct_base64_enc_char( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) )
- & 0x3F );
- *p++ = mbedtls_ct_base64_enc_char( C3 & 0x3F );
+ *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F);
+ *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4))
+ & 0x3F);
+ *p++ = mbedtls_ct_base64_enc_char((((C2 & 15) << 2) + (C3 >> 6))
+ & 0x3F);
+ *p++ = mbedtls_ct_base64_enc_char(C3 & 0x3F);
}
- if( i < slen )
- {
+ if (i < slen) {
C1 = *src++;
- C2 = ( ( i + 1 ) < slen ) ? *src++ : 0;
+ C2 = ((i + 1) < slen) ? *src++ : 0;
- *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F );
- *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) )
- & 0x3F );
+ *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F);
+ *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4))
+ & 0x3F);
- if( ( i + 1 ) < slen )
- *p++ = mbedtls_ct_base64_enc_char( ( ( C2 & 15 ) << 2 ) & 0x3F );
- else *p++ = '=';
+ if ((i + 1) < slen) {
+ *p++ = mbedtls_ct_base64_enc_char(((C2 & 15) << 2) & 0x3F);
+ } else {
+ *p++ = '=';
+ }
*p++ = '=';
}
@@ -105,14 +97,14 @@
*olen = p - dst;
*p = 0;
- return( 0 );
+ return 0;
}
/*
* Decode a base64-formatted buffer
*/
-int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
- const unsigned char *src, size_t slen )
+int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
+ const unsigned char *src, size_t slen)
{
size_t i; /* index in source */
size_t n; /* number of digits or trailing = in source */
@@ -123,92 +115,97 @@
unsigned char *p;
/* First pass: check for validity and get output length */
- for( i = n = 0; i < slen; i++ )
- {
+ for (i = n = 0; i < slen; i++) {
/* Skip spaces before checking for EOL */
spaces_present = 0;
- while( i < slen && src[i] == ' ' )
- {
+ while (i < slen && src[i] == ' ') {
++i;
spaces_present = 1;
}
/* Spaces at end of buffer are OK */
- if( i == slen )
+ if (i == slen) {
break;
+ }
- if( ( slen - i ) >= 2 &&
- src[i] == '\r' && src[i + 1] == '\n' )
+ if ((slen - i) >= 2 &&
+ src[i] == '\r' && src[i + 1] == '\n') {
continue;
+ }
- if( src[i] == '\n' )
+ if (src[i] == '\n') {
continue;
+ }
/* Space inside a line is an error */
- if( spaces_present )
- return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
-
- if( src[i] > 127 )
- return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
-
- if( src[i] == '=' )
- {
- if( ++equals > 2 )
- return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+ if (spaces_present) {
+ return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
}
- else
- {
- if( equals != 0 )
- return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
- if( mbedtls_ct_base64_dec_value( src[i] ) < 0 )
- return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+
+ if (src[i] > 127) {
+ return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+ }
+
+ if (src[i] == '=') {
+ if (++equals > 2) {
+ return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+ }
+ } else {
+ if (equals != 0) {
+ return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+ }
+ if (mbedtls_ct_base64_dec_value(src[i]) < 0) {
+ return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+ }
}
n++;
}
- if( n == 0 )
- {
+ if (n == 0) {
*olen = 0;
- return( 0 );
+ return 0;
}
/* The following expression is to calculate the following formula without
* risk of integer overflow in n:
* n = ( ( n * 6 ) + 7 ) >> 3;
*/
- n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 );
+ n = (6 * (n >> 3)) + ((6 * (n & 0x7) + 7) >> 3);
n -= equals;
- if( dst == NULL || dlen < n )
- {
+ if (dst == NULL || dlen < n) {
*olen = n;
- return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
+ return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
}
equals = 0;
- for( x = 0, p = dst; i > 0; i--, src++ )
- {
- if( *src == '\r' || *src == '\n' || *src == ' ' )
+ for (x = 0, p = dst; i > 0; i--, src++) {
+ if (*src == '\r' || *src == '\n' || *src == ' ') {
continue;
+ }
x = x << 6;
- if( *src == '=' )
+ if (*src == '=') {
++equals;
- else
- x |= mbedtls_ct_base64_dec_value( *src );
+ } else {
+ x |= mbedtls_ct_base64_dec_value(*src);
+ }
- if( ++accumulated_digits == 4 )
- {
+ if (++accumulated_digits == 4) {
accumulated_digits = 0;
- *p++ = MBEDTLS_BYTE_2( x );
- if( equals <= 1 ) *p++ = MBEDTLS_BYTE_1( x );
- if( equals <= 0 ) *p++ = MBEDTLS_BYTE_0( x );
+ *p++ = MBEDTLS_BYTE_2(x);
+ if (equals <= 1) {
+ *p++ = MBEDTLS_BYTE_1(x);
+ }
+ if (equals <= 0) {
+ *p++ = MBEDTLS_BYTE_0(x);
+ }
}
}
*olen = p - dst;
- return( 0 );
+ return 0;
}
#if defined(MBEDTLS_SELF_TEST)
@@ -232,44 +229,47 @@
/*
* Checkup routine
*/
-int mbedtls_base64_self_test( int verbose )
+int mbedtls_base64_self_test(int verbose)
{
size_t len;
const unsigned char *src;
unsigned char buffer[128];
- if( verbose != 0 )
- mbedtls_printf( " Base64 encoding test: " );
+ if (verbose != 0) {
+ mbedtls_printf(" Base64 encoding test: ");
+ }
src = base64_test_dec;
- if( mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, 64 ) != 0 ||
- memcmp( base64_test_enc, buffer, 88 ) != 0 )
- {
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
+ if (mbedtls_base64_encode(buffer, sizeof(buffer), &len, src, 64) != 0 ||
+ memcmp(base64_test_enc, buffer, 88) != 0) {
+ if (verbose != 0) {
+ mbedtls_printf("failed\n");
+ }
- return( 1 );
+ return 1;
}
- if( verbose != 0 )
- mbedtls_printf( "passed\n Base64 decoding test: " );
+ if (verbose != 0) {
+ mbedtls_printf("passed\n Base64 decoding test: ");
+ }
src = base64_test_enc;
- if( mbedtls_base64_decode( buffer, sizeof( buffer ), &len, src, 88 ) != 0 ||
- memcmp( base64_test_dec, buffer, 64 ) != 0 )
- {
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
+ if (mbedtls_base64_decode(buffer, sizeof(buffer), &len, src, 88) != 0 ||
+ memcmp(base64_test_dec, buffer, 64) != 0) {
+ if (verbose != 0) {
+ mbedtls_printf("failed\n");
+ }
- return( 1 );
+ return 1;
}
- if( verbose != 0 )
- mbedtls_printf( "passed\n\n" );
+ if (verbose != 0) {
+ mbedtls_printf("passed\n\n");
+ }
- return( 0 );
+ return 0;
}
#endif /* MBEDTLS_SELF_TEST */