Import mbedtls-2.16.0
Imports mbedTLS 2.16.0 from https://github.com/ARMmbed/mbedtls.git
commit fb1972db23da ("Merge pull request #544 from ARMmbed/version-2.16")
(tag mbedtls-2.16.0).
Certain files will never be needed and are thus removed (reducing number
of lines to almost 50%):
rm -f circle.yml CMakeLists.txt DartConfiguration.tcl Makefile
rm -f .gitignore .travis.yml .pylint
rm -f include/.gitignore include/CMakeLists.txt library/.gitignore
rm -f library/CMakeLists.txt library/Makefile
rm -rf .git .github doxygen configs programs scripts tests visualc yotta
This is a complete overwrite of previous code so earlier changes in the
branch import/mbedtls-2.6.1 will be added on top of this commit to bring
the changes forward.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
diff --git a/lib/libmbedtls/mbedtls/library/sha256.c b/lib/libmbedtls/mbedtls/library/sha256.c
index 82fa6d2..8a540ad 100644
--- a/lib/libmbedtls/mbedtls/library/sha256.c
+++ b/lib/libmbedtls/mbedtls/library/sha256.c
@@ -1,8 +1,8 @@
-// SPDX-License-Identifier: Apache-2.0
/*
* FIPS-180-2 compliant SHA-256 implementation
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
@@ -33,6 +33,7 @@
#if defined(MBEDTLS_SHA256_C)
#include "mbedtls/sha256.h"
+#include "mbedtls/platform_util.h"
#include <string.h>
@@ -48,12 +49,11 @@
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
-#if !defined(MBEDTLS_SHA256_ALT)
+#define SHA256_VALIDATE_RET(cond) \
+ MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA )
+#define SHA256_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond )
-/* Implementation that should never be optimized out by the compiler */
-static void mbedtls_zeroize( void *v, size_t n ) {
- volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-}
+#if !defined(MBEDTLS_SHA256_ALT)
/*
* 32-bit integer manipulation macros (big endian)
@@ -80,6 +80,8 @@
void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
{
+ SHA256_VALIDATE( ctx != NULL );
+
memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
}
@@ -88,20 +90,26 @@
if( ctx == NULL )
return;
- mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
+ mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
}
void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src )
{
+ SHA256_VALIDATE( dst != NULL );
+ SHA256_VALIDATE( src != NULL );
+
*dst = *src;
}
/*
* SHA-256 context setup
*/
-void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
+int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
{
+ SHA256_VALIDATE_RET( ctx != NULL );
+ SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 );
+
ctx->total[0] = 0;
ctx->total[1] = 0;
@@ -131,8 +139,18 @@
}
ctx->is224 = is224;
+
+ return( 0 );
}
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
+ int is224 )
+{
+ mbedtls_sha256_starts_ret( ctx, is224 );
+}
+#endif
+
#if !defined(MBEDTLS_SHA256_PROCESS_ALT)
static const uint32_t K[] =
{
@@ -179,12 +197,16 @@
d += temp1; h = temp1 + temp2; \
}
-void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] )
+int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
+ const unsigned char data[64] )
{
uint32_t temp1, temp2, W[64];
uint32_t A[8];
unsigned int i;
+ SHA256_VALIDATE_RET( ctx != NULL );
+ SHA256_VALIDATE_RET( (const unsigned char *)data != NULL );
+
for( i = 0; i < 8; i++ )
A[i] = ctx->state[i];
@@ -232,20 +254,35 @@
for( i = 0; i < 8; i++ )
ctx->state[i] += A[i];
+
+ return( 0 );
}
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
+ const unsigned char data[64] )
+{
+ mbedtls_internal_sha256_process( ctx, data );
+}
+#endif
#endif /* !MBEDTLS_SHA256_PROCESS_ALT */
/*
* SHA-256 process buffer
*/
-void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input,
- size_t ilen )
+int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
+ const unsigned char *input,
+ size_t ilen )
{
+ int ret;
size_t fill;
uint32_t left;
+ SHA256_VALIDATE_RET( ctx != NULL );
+ SHA256_VALIDATE_RET( ilen == 0 || input != NULL );
+
if( ilen == 0 )
- return;
+ return( 0 );
left = ctx->total[0] & 0x3F;
fill = 64 - left;
@@ -259,7 +296,10 @@
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
- mbedtls_sha256_process( ctx, ctx->buffer );
+
+ if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
+ return( ret );
+
input += fill;
ilen -= fill;
left = 0;
@@ -267,45 +307,80 @@
while( ilen >= 64 )
{
- mbedtls_sha256_process( ctx, input );
+ if( ( ret = mbedtls_internal_sha256_process( ctx, input ) ) != 0 )
+ return( ret );
+
input += 64;
ilen -= 64;
}
if( ilen > 0 )
memcpy( (void *) (ctx->buffer + left), input, ilen );
+
+ return( 0 );
}
-static const unsigned char sha256_padding[64] =
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
+ const unsigned char *input,
+ size_t ilen )
{
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
+ mbedtls_sha256_update_ret( ctx, input, ilen );
+}
+#endif
/*
* SHA-256 final digest
*/
-void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] )
+int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
+ unsigned char output[32] )
{
- uint32_t last, padn;
+ int ret;
+ uint32_t used;
uint32_t high, low;
- unsigned char msglen[8];
+ SHA256_VALIDATE_RET( ctx != NULL );
+ SHA256_VALIDATE_RET( (unsigned char *)output != NULL );
+
+ /*
+ * Add padding: 0x80 then 0x00 until 8 bytes remain for the length
+ */
+ used = ctx->total[0] & 0x3F;
+
+ ctx->buffer[used++] = 0x80;
+
+ if( used <= 56 )
+ {
+ /* Enough room for padding + length in current block */
+ memset( ctx->buffer + used, 0, 56 - used );
+ }
+ else
+ {
+ /* We'll need an extra block */
+ memset( ctx->buffer + used, 0, 64 - used );
+
+ if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
+ return( ret );
+
+ memset( ctx->buffer, 0, 56 );
+ }
+
+ /*
+ * Add message length
+ */
high = ( ctx->total[0] >> 29 )
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
- PUT_UINT32_BE( high, msglen, 0 );
- PUT_UINT32_BE( low, msglen, 4 );
+ PUT_UINT32_BE( high, ctx->buffer, 56 );
+ PUT_UINT32_BE( low, ctx->buffer, 60 );
- last = ctx->total[0] & 0x3F;
- padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
+ if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
+ return( ret );
- mbedtls_sha256_update( ctx, sha256_padding, padn );
- mbedtls_sha256_update( ctx, msglen, 8 );
-
+ /*
+ * Output final state
+ */
PUT_UINT32_BE( ctx->state[0], output, 0 );
PUT_UINT32_BE( ctx->state[1], output, 4 );
PUT_UINT32_BE( ctx->state[2], output, 8 );
@@ -316,25 +391,62 @@
if( ctx->is224 == 0 )
PUT_UINT32_BE( ctx->state[7], output, 28 );
+
+ return( 0 );
}
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
+ unsigned char output[32] )
+{
+ mbedtls_sha256_finish_ret( ctx, output );
+}
+#endif
+
#endif /* !MBEDTLS_SHA256_ALT */
/*
* output = SHA-256( input buffer )
*/
-void mbedtls_sha256( const unsigned char *input, size_t ilen,
- unsigned char output[32], int is224 )
+int mbedtls_sha256_ret( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[32],
+ int is224 )
{
+ int ret;
mbedtls_sha256_context ctx;
+ SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 );
+ SHA256_VALIDATE_RET( ilen == 0 || input != NULL );
+ SHA256_VALIDATE_RET( (unsigned char *)output != NULL );
+
mbedtls_sha256_init( &ctx );
- mbedtls_sha256_starts( &ctx, is224 );
- mbedtls_sha256_update( &ctx, input, ilen );
- mbedtls_sha256_finish( &ctx, output );
+
+ if( ( ret = mbedtls_sha256_starts_ret( &ctx, is224 ) ) != 0 )
+ goto exit;
+
+ if( ( ret = mbedtls_sha256_update_ret( &ctx, input, ilen ) ) != 0 )
+ goto exit;
+
+ if( ( ret = mbedtls_sha256_finish_ret( &ctx, output ) ) != 0 )
+ goto exit;
+
+exit:
mbedtls_sha256_free( &ctx );
+
+ return( ret );
}
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+void mbedtls_sha256( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[32],
+ int is224 )
+{
+ mbedtls_sha256_ret( input, ilen, output, is224 );
+}
+#endif
+
#if defined(MBEDTLS_SELF_TEST)
/*
* FIPS-180-2 test vectors
@@ -346,7 +458,7 @@
{ "" }
};
-static const int sha256_test_buflen[3] =
+static const size_t sha256_test_buflen[3] =
{
3, 56, 1000
};
@@ -415,28 +527,37 @@
if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
- mbedtls_sha256_starts( &ctx, k );
+ if( ( ret = mbedtls_sha256_starts_ret( &ctx, k ) ) != 0 )
+ goto fail;
if( j == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
- mbedtls_sha256_update( &ctx, buf, buflen );
+ {
+ ret = mbedtls_sha256_update_ret( &ctx, buf, buflen );
+ if( ret != 0 )
+ goto fail;
+ }
+
}
else
- mbedtls_sha256_update( &ctx, sha256_test_buf[j],
- sha256_test_buflen[j] );
+ {
+ ret = mbedtls_sha256_update_ret( &ctx, sha256_test_buf[j],
+ sha256_test_buflen[j] );
+ if( ret != 0 )
+ goto fail;
+ }
- mbedtls_sha256_finish( &ctx, sha256sum );
+ if( ( ret = mbedtls_sha256_finish_ret( &ctx, sha256sum ) ) != 0 )
+ goto fail;
+
if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
{
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
-
ret = 1;
- goto exit;
+ goto fail;
}
if( verbose != 0 )
@@ -446,6 +567,12 @@
if( verbose != 0 )
mbedtls_printf( "\n" );
+ goto exit;
+
+fail:
+ if( verbose != 0 )
+ mbedtls_printf( "failed\n" );
+
exit:
mbedtls_sha256_free( &ctx );
mbedtls_free( buf );