Merge pull request #4834 from hanno-arm/msg_layer_reset_helper
Move messaging related session reset into separate helper function
diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index 0050980..879c3f2 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -51,11 +51,14 @@
#define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */
/* Error codes in range 0x0020-0x0022 */
-#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
-#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
+/** Invalid key length. */
+#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020
+/** Invalid data input length. */
+#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022
/* Error codes in range 0x0021-0x0025 */
-#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 /**< Invalid input data. */
+/** Invalid input data. */
+#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h
index 0854706..1a96d15 100644
--- a/include/mbedtls/aria.h
+++ b/include/mbedtls/aria.h
@@ -44,9 +44,11 @@
#define MBEDTLS_ARIA_MAX_ROUNDS 16 /**< Maxiumum number of rounds in ARIA. */
#define MBEDTLS_ARIA_MAX_KEYSIZE 32 /**< Maximum size of an ARIA key in bytes. */
-#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C /**< Bad input data. */
+/** Bad input data. */
+#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C
-#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E /**< Invalid data input length. */
+/** Invalid data input length. */
+#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h
index 4668581..f45fc17 100644
--- a/include/mbedtls/asn1.h
+++ b/include/mbedtls/asn1.h
@@ -43,13 +43,20 @@
* ASN1 is a standard to specify data structures.
* \{
*/
-#define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */
-#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */
-#define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */
-#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */
-#define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. */
-#define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A /**< Memory allocation failed */
-#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */
+/** Out of data when parsing an ASN1 data structure. */
+#define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060
+/** ASN1 tag was of an unexpected value. */
+#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062
+/** Error when trying to determine the length or invalid length. */
+#define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064
+/** Actual length differs from expected length. */
+#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066
+/** Data is invalid. */
+#define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068
+/** Memory allocation failed */
+#define MBEDTLS_ERR_ASN1_ALLOC_FAILED -0x006A
+/** Buffer too small when writing ASN.1 data structure. */
+#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C
/* \} name */
diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h
index e3938b4..8378589 100644
--- a/include/mbedtls/base64.h
+++ b/include/mbedtls/base64.h
@@ -26,8 +26,10 @@
#include <stddef.h>
-#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */
-#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */
+/** Output buffer too small. */
+#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A
+/** Invalid character in input. */
+#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER -0x002C
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index 7fef599..45d3119 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -32,14 +32,22 @@
#include <stdio.h>
#endif
-#define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */
-#define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */
-#define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to write to. */
-#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */
-#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */
-#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */
-#define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010 /**< Memory allocation failed. */
+/** An error occurred while reading from or writing to a file. */
+#define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004
+/** There is an invalid character in the digit string. */
+#define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006
+/** The buffer is too small to write to. */
+#define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008
+/** The input arguments are negative or result in illegal output. */
+#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A
+/** The input argument for division is zero, which is not allowed. */
+#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C
+/** The input arguments are not acceptable. */
+#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E
+/** Memory allocation failed. */
+#define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010
#define MBEDTLS_MPI_CHK(f) \
do \
diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h
index 6a09da8..6feeaf0 100644
--- a/include/mbedtls/camellia.h
+++ b/include/mbedtls/camellia.h
@@ -33,9 +33,11 @@
#define MBEDTLS_CAMELLIA_ENCRYPT 1
#define MBEDTLS_CAMELLIA_DECRYPT 0
-#define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024 /**< Bad input data. */
+/** Bad input data. */
+#define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024
-#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */
+/** Invalid data input length. */
+#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h
index 6613cee..b3adecc 100644
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@@ -57,8 +57,10 @@
#define MBEDTLS_CCM_STAR_DECRYPT 2
#define MBEDTLS_CCM_STAR_ENCRYPT 3
-#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */
-#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */
+/** Bad input parameters to the function. */
+#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D
+/** Authenticated decryption failed. */
+#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h
index 25e1a26..8af16ed 100644
--- a/include/mbedtls/chacha20.h
+++ b/include/mbedtls/chacha20.h
@@ -38,7 +38,8 @@
#include <stdint.h>
#include <stddef.h>
-#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA -0x0051 /**< Invalid input parameter(s). */
+/** Invalid input parameter(s). */
+#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA -0x0051
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h
index 3f6e4a3..3f4318f 100644
--- a/include/mbedtls/chachapoly.h
+++ b/include/mbedtls/chachapoly.h
@@ -38,8 +38,10 @@
/* for shared error codes */
#include "mbedtls/poly1305.h"
-#define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE -0x0054 /**< The requested operation is not permitted in the current state. */
-#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED -0x0056 /**< Authenticated decryption failed: data was not authentic. */
+/** The requested operation is not permitted in the current state. */
+#define MBEDTLS_ERR_CHACHAPOLY_BAD_STATE -0x0054
+/** Authenticated decryption failed: data was not authentic. */
+#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED -0x0056
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index da66118..84afcf0 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -456,10 +456,6 @@
#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY)
-#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
-#endif
-
#if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY)
#error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites"
#endif
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 7afdc6a..9c9a2e8 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -51,13 +51,20 @@
#define inline __inline
#endif
-#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */
-#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters. */
-#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */
-#define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */
-#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */
-#define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */
-#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380 /**< The context is invalid. For example, because it was freed. */
+/** The selected feature is not available. */
+#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
+/** Bad input parameters. */
+#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
+/** Failed to allocate memory. */
+#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
+/** Input data contains invalid padding and is rejected. */
+#define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
+/** Decryption of block requires a full block. */
+#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
+/** Authentication failed (for AEAD modes). */
+#define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
+/** The context is invalid. For example, because it was freed. */
+#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
#define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length. */
#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length. */
diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h
index c188b08..959a5d5 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/include/mbedtls/ctr_drbg.h
@@ -50,10 +50,14 @@
#include "mbedtls/threading.h"
#endif
-#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */
-#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< The requested random buffer length is too big. */
-#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< The input (entropy + additional data) is too large. */
-#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read or write error in file. */
+/** The entropy source failed. */
+#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034
+/** The requested random buffer length is too big. */
+#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036
+/** The input (entropy + additional data) is too large. */
+#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038
+/** Read or write error in file. */
+#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A
#define MBEDTLS_CTR_DRBG_BLOCKSIZE 16 /**< The block size used by the cipher. */
diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h
index 9e2f683..63a8e00 100644
--- a/include/mbedtls/des.h
+++ b/include/mbedtls/des.h
@@ -36,7 +36,8 @@
#define MBEDTLS_DES_ENCRYPT 1
#define MBEDTLS_DES_DECRYPT 0
-#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */
+/** The data input has an invalid length. */
+#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032
#define MBEDTLS_DES_KEY_SIZE 8
diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
index 75baed9..32a957d 100644
--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@@ -70,16 +70,26 @@
/*
* DHM Error codes
*/
-#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters. */
-#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
-#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
-#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
-#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */
-#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
-#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */
-#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */
-#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read or write of file failed. */
-#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580 /**< Setting the modulus and generator failed. */
+/** Bad input parameters. */
+#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080
+/** Reading of the DHM parameters failed. */
+#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100
+/** Making of the DHM parameters failed. */
+#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180
+/** Reading of the public values failed. */
+#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200
+/** Making of the public value failed. */
+#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280
+/** Calculation of the DHM secret failed. */
+#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300
+/** The ASN.1 data is not formatted correctly. */
+#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380
+/** Allocation of memory failed. */
+#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400
+/** Read or write of file failed. */
+#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480
+/** Setting the modulus and generator failed. */
+#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580
/** Which parameter to access in mbedtls_dhm_get_value(). */
typedef enum
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index b87114b..384d060 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@@ -42,15 +42,24 @@
/*
* ECP error codes
*/
-#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */
-#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 /**< The requested feature is not available, for example, the requested curve is not supported. */
-#define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */
-#define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80 /**< Memory allocation failed. */
-#define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as ephemeral key, failed. */
-#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */
-#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< The buffer contains a valid signature followed by more data. */
-#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00 /**< Operation in progress, call again with the same parameters to continue. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80
+/** The buffer is too small to write to. */
+#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00
+/** The requested feature is not available, for example, the requested curve is not supported. */
+#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80
+/** The signature is not valid. */
+#define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00
+/** Memory allocation failed. */
+#define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80
+/** Generation of random value, such as ephemeral key, failed. */
+#define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00
+/** Invalid private or public key. */
+#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80
+/** The buffer contains a valid signature followed by more data. */
+#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00
+/** Operation in progress, call again with the same parameters to continue. */
+#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00
/* Flags indicating whether to include code that is specific to certain
* types of curves. These flags are for internal library use only. */
diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index a16a375..128ec82 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h
@@ -42,11 +42,16 @@
#endif
-#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */
-#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */
-#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */
-#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE -0x003D /**< No strong sources have been added to poll. */
-#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR -0x003F /**< Read/write error in file. */
+/** Critical entropy source failure. */
+#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C
+/** No more sources can be added. */
+#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E
+/** No sources have been added to poll. */
+#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040
+/** No strong sources have been added to poll. */
+#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE -0x003D
+/** Read/write error in file. */
+#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR -0x003F
/**
* \name SECTION: Module settings
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 9a8690d..27420ce 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -108,11 +108,15 @@
extern "C" {
#endif
-#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001 /**< Generic error */
-#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E /**< This is a bug in the library */
+/** Generic error */
+#define MBEDTLS_ERR_ERROR_GENERIC_ERROR -0x0001
+/** This is a bug in the library */
+#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E
-#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 /**< Hardware accelerator failed */
-#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 /**< The requested feature is not supported by the platform */
+/** Hardware accelerator failed */
+#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070
+/** The requested feature is not supported by the platform */
+#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072
/**
* \brief Combines a high-level and low-level error code together.
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index d1219bb..9d9155f 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -41,8 +41,10 @@
#define MBEDTLS_GCM_ENCRYPT 1
#define MBEDTLS_GCM_DECRYPT 0
-#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */
-#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */
+/** Authenticated decryption failed. */
+#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h
index 81a6270..e6bfe05 100644
--- a/include/mbedtls/hkdf.h
+++ b/include/mbedtls/hkdf.h
@@ -33,7 +33,8 @@
* \name HKDF Error codes
* \{
*/
-#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80 /**< Bad input parameters to function. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80
/* \} name */
#ifdef __cplusplus
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index 0df8ee8..0f1653f 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h
@@ -38,10 +38,14 @@
/*
* Error codes
*/
-#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 /**< Too many random requested in single call. */
-#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 /**< Input too large (Entropy + additional). */
-#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 /**< Read/write error in file. */
-#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009 /**< The entropy source failed. */
+/** Too many random requested in single call. */
+#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003
+/** Input too large (Entropy + additional). */
+#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005
+/** Read/write error in file. */
+#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007
+/** The entropy source failed. */
+#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009
/**
* \name SECTION: Module settings
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index 1170bc1..fa2b152 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -30,10 +30,14 @@
#include "mbedtls/build_info.h"
-#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
-#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
-#define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */
+/** The selected feature is not available. */
+#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100
+/** Failed to allocate memory. */
+#define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180
+/** Opening or reading of file failed. */
+#define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h
index 7b77329..c8214a2 100644
--- a/include/mbedtls/net_sockets.h
+++ b/include/mbedtls/net_sockets.h
@@ -46,19 +46,32 @@
#include <stddef.h>
#include <stdint.h>
-#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */
-#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */
-#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */
-#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */
-#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */
-#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */
-#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */
-#define MBEDTLS_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */
-#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052 /**< Failed to get an IP address for the given hostname. */
-#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043 /**< Buffer is too small to hold the data. */
-#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045 /**< The context is invalid, eg because it was free()ed. */
-#define MBEDTLS_ERR_NET_POLL_FAILED -0x0047 /**< Polling the net context failed. */
-#define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049 /**< Input invalid. */
+/** Failed to open a socket. */
+#define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042
+/** The connection to the given server / port failed. */
+#define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044
+/** Binding of the socket failed. */
+#define MBEDTLS_ERR_NET_BIND_FAILED -0x0046
+/** Could not listen on the socket. */
+#define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048
+/** Could not accept the incoming connection. */
+#define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A
+/** Reading information from the socket failed. */
+#define MBEDTLS_ERR_NET_RECV_FAILED -0x004C
+/** Sending information through the socket failed. */
+#define MBEDTLS_ERR_NET_SEND_FAILED -0x004E
+/** Connection was reset by peer. */
+#define MBEDTLS_ERR_NET_CONN_RESET -0x0050
+/** Failed to get an IP address for the given hostname. */
+#define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0052
+/** Buffer is too small to hold the data. */
+#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL -0x0043
+/** The context is invalid, eg because it was free()ed. */
+#define MBEDTLS_ERR_NET_INVALID_CONTEXT -0x0045
+/** Polling the net context failed. */
+#define MBEDTLS_ERR_NET_POLL_FAILED -0x0047
+/** Input invalid. */
+#define MBEDTLS_ERR_NET_BAD_INPUT_DATA -0x0049
#define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */
diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index 9e68e91..836e455 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -38,8 +38,10 @@
#include "mbedtls/md.h"
#endif
-#define MBEDTLS_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */
-#define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */
+/** OID is not found. */
+#define MBEDTLS_ERR_OID_NOT_FOUND -0x002E
+/** output buffer is too small */
+#define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B
/* This is for the benefit of X.509, but defined here in order to avoid
* having a "backwards" include of x.509.h here */
diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h
index a01a296..baceb07 100644
--- a/include/mbedtls/pem.h
+++ b/include/mbedtls/pem.h
@@ -33,15 +33,24 @@
* PEM data.
* \{
*/
-#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /**< No PEM header or footer found. */
-#define MBEDTLS_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */
-#define MBEDTLS_ERR_PEM_ALLOC_FAILED -0x1180 /**< Failed to allocate memory. */
-#define MBEDTLS_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */
-#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */
-#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */
-#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */
-#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */
-#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480 /**< Bad input parameters to function. */
+/** No PEM header or footer found. */
+#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080
+/** PEM string is not as expected. */
+#define MBEDTLS_ERR_PEM_INVALID_DATA -0x1100
+/** Failed to allocate memory. */
+#define MBEDTLS_ERR_PEM_ALLOC_FAILED -0x1180
+/** RSA IV is not in hex-format. */
+#define MBEDTLS_ERR_PEM_INVALID_ENC_IV -0x1200
+/** Unsupported key encryption algorithm. */
+#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG -0x1280
+/** Private key password can't be empty. */
+#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED -0x1300
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH -0x1380
+/** Unavailable feature, e.g. hashing/encryption combination. */
+#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480
/* \} name */
#ifdef __cplusplus
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index f3553cc..ded5222 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -49,21 +49,36 @@
#define inline __inline
#endif
-#define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80 /**< Memory allocation failed. */
-#define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00 /**< Type mismatch, eg attempt to encrypt with an ECDSA key */
-#define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00 /**< Read/write of file failed. */
-#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80 /**< Unsupported key version */
-#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00 /**< Invalid key tag or value. */
-#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80 /**< Key algorithm is unsupported (only RSA and EC are supported). */
-#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00 /**< Private key password can't be empty. */
-#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80 /**< Given private key password does not allow for correct decryption. */
-#define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00 /**< The pubkey tag or value is invalid (only RSA and EC are supported). */
-#define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80 /**< The algorithm tag or value is invalid. */
-#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */
-#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */
-#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The buffer contains a valid signature followed by more data. */
-#define MBEDTLS_ERR_PK_BUFFER_TOO_SMALL -0x3880 /**< The output buffer is too small. */
+/** Memory allocation failed. */
+#define MBEDTLS_ERR_PK_ALLOC_FAILED -0x3F80
+/** Type mismatch, eg attempt to encrypt with an ECDSA key */
+#define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x3F00
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x3E80
+/** Read/write of file failed. */
+#define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x3E00
+/** Unsupported key version */
+#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80
+/** Invalid key tag or value. */
+#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x3D00
+/** Key algorithm is unsupported (only RSA and EC are supported). */
+#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x3C80
+/** Private key password can't be empty. */
+#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x3C00
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x3B80
+/** The pubkey tag or value is invalid (only RSA and EC are supported). */
+#define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x3B00
+/** The algorithm tag or value is invalid. */
+#define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80
+/** Elliptic curve is unsupported (only NIST curves are supported). */
+#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00
+/** Unavailable feature, e.g. RSA disabled for RSA key. */
+#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980
+/** The buffer contains a valid signature followed by more data. */
+#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900
+/** The output buffer is too small. */
+#define MBEDTLS_ERR_PK_BUFFER_TOO_SMALL -0x3880
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h
index de139ac..cded903 100644
--- a/include/mbedtls/pkcs12.h
+++ b/include/mbedtls/pkcs12.h
@@ -30,10 +30,14 @@
#include <stddef.h>
-#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */
-#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */
-#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80
+/** Feature not available, e.g. unsupported encryption scheme. */
+#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00
+/** PBE ASN.1 data not as expected. */
+#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00
#define MBEDTLS_PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */
#define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */
diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h
index c339398..71d716b 100644
--- a/include/mbedtls/pkcs5.h
+++ b/include/mbedtls/pkcs5.h
@@ -32,10 +32,14 @@
#include <stddef.h>
#include <stdint.h>
-#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00 /**< Unexpected ASN.1 data. */
-#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80 /**< Requested encryption or digest alg not available. */
-#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00 /**< Given private key password does not allow for correct decryption. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x2f80
+/** Unexpected ASN.1 data. */
+#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x2f00
+/** Requested encryption or digest alg not available. */
+#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x2e80
+/** Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00
#define MBEDTLS_PKCS5_DECRYPT 0
#define MBEDTLS_PKCS5_ENCRYPT 1
diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h
index 7984ca4..6657aa2 100644
--- a/include/mbedtls/poly1305.h
+++ b/include/mbedtls/poly1305.h
@@ -38,7 +38,8 @@
#include <stdint.h>
#include <stddef.h>
-#define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA -0x0057 /**< Invalid input parameter(s). */
+/** Invalid input parameter(s). */
+#define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA -0x0057
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index cffbe3b..d03c31d 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -41,15 +41,24 @@
/*
* RSA Error codes
*/
-#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */
-#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */
-#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the validity check of the library. */
-#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */
-#define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */
-#define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */
-#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */
-#define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080
+/** Input data contains invalid padding and is rejected. */
+#define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100
+/** Something failed during generation of a key. */
+#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180
+/** Key failed to pass the validity check of the library. */
+#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200
+/** The public key operation failed. */
+#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280
+/** The private key operation failed. */
+#define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300
+/** The PKCS#1 verification failed. */
+#define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380
+/** The output buffer for decryption is not large enough. */
+#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400
+/** The random generator failed to generate non-zeros. */
+#define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480
/*
* RSA constants
diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h
index d2db67c..6b55174 100644
--- a/include/mbedtls/sha1.h
+++ b/include/mbedtls/sha1.h
@@ -35,7 +35,8 @@
#include <stddef.h>
#include <stdint.h>
-#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073 /**< SHA-1 input data was malformed. */
+/** SHA-1 input data was malformed. */
+#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h
index 7f42c2c..9e6f59d 100644
--- a/include/mbedtls/sha256.h
+++ b/include/mbedtls/sha256.h
@@ -31,7 +31,8 @@
#include <stddef.h>
#include <stdint.h>
-#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074 /**< SHA-256 input data was malformed. */
+/** SHA-256 input data was malformed. */
+#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h
index c43b907..48901cc 100644
--- a/include/mbedtls/sha512.h
+++ b/include/mbedtls/sha512.h
@@ -30,7 +30,8 @@
#include <stddef.h>
#include <stdint.h>
-#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA -0x0075 /**< SHA-512 input data was malformed. */
+/** SHA-512 input data was malformed. */
+#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA -0x0075
#ifdef __cplusplus
extern "C" {
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 610aa14..221cee3 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -59,27 +59,45 @@
/*
* SSL Error codes
*/
-#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */
-#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */
-#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */
-#define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */
-#define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */
-#define MBEDTLS_ERR_SSL_DECODE_ERROR -0x7300 /**< A message could not be parsed due to a syntactic error. */
+/** A cryptographic operation is in progress. Try again later. */
+#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000
+/** The requested feature is not available. */
+#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100
+/** Verification of the message MAC failed. */
+#define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180
+/** An invalid SSL record was received. */
+#define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200
+/** The connection indicated an EOF. */
+#define MBEDTLS_ERR_SSL_CONN_EOF -0x7280
+/** A message could not be parsed due to a syntactic error. */
+#define MBEDTLS_ERR_SSL_DECODE_ERROR -0x7300
/* Error space gap */
-#define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */
-#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */
-#define MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION -0x7500 /**< Client received an extended server hello containing an unsupported extension */
-#define MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL -0x7580 /**< No ALPN protocols supported that the client advertises */
-#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */
-#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */
-#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */
-#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */
-#define MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME -0x7800 /**< No server could be identified matching the client's SNI. */
-#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */
+/** No RNG was provided to the SSL module. */
+#define MBEDTLS_ERR_SSL_NO_RNG -0x7400
+/** No client certification received from the client, but required by the authentication mode. */
+#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480
+/** Client received an extended server hello containing an unsupported extension */
+#define MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION -0x7500
+/** No ALPN protocols supported that the client advertises */
+#define MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL -0x7580
+/** The own private key or pre-shared key is not set, but needed. */
+#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600
+/** No CA Chain is set, but required to operate. */
+#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680
+/** An unexpected message was received from our peer. */
+#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700
+/** A fatal alert message was received from our peer. */
+#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780
+/** No server could be identified matching the client's SNI. */
+#define MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME -0x7800
+/** The peer notified us that the connection is going to be closed. */
+#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880
/* Error space gap */
/* Error space gap */
-#define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */
+/** Processing of the Certificate handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00
/* Error space gap */
/* Error space gap */
/* Error space gap */
@@ -89,30 +107,53 @@
/* Error space gap */
/* Error space gap */
/* Error space gap */
-#define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */
-#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */
-#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */
-#define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */
-#define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -0x6E00 /**< The handshake negotiation failed. */
-#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */
-#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */
-#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */
-#define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */
-#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80 /**< A counter would wrap (eg, too many messages exchanged). */
-#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */
-#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */
-#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */
+/** Memory allocation failed */
+#define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00
+/** Hardware acceleration function returned with error */
+#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80
+/** Hardware acceleration function skipped / left alone data */
+#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80
+/** Handshake protocol not within min/max boundaries */
+#define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80
+/** The handshake negotiation failed. */
+#define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -0x6E00
+/** Session ticket has expired. */
+#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80
+/** Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */
+#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00
+/** Unknown identity received (eg, PSK identity) */
+#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80
+/** Internal error (eg, unexpected failure in lower-level module) */
+#define MBEDTLS_ERR_SSL_INTERNAL_ERROR -0x6C00
+/** A counter would wrap (eg, too many messages exchanged). */
+#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING -0x6B80
+/** Unexpected message at ServerHello in renegotiation. */
+#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00
+/** DTLS client must retry for hello verification */
+#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80
+/** A buffer is too small to receive or write a message */
+#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00
/* Error space gap */
-#define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< No data of requested type currently available on underlying transport. */
-#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */
-#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */
-#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */
-#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 /**< Record header looks valid but is not expected. */
-#define MBEDTLS_ERR_SSL_NON_FATAL -0x6680 /**< The alert message received indicates a non-fatal error. */
-#define MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER -0x6600 /**< A field in a message was incorrect or inconsistent with other fields. */
-#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */
-#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */
-#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */
+/** No data of requested type currently available on underlying transport. */
+#define MBEDTLS_ERR_SSL_WANT_READ -0x6900
+/** Connection requires a write call. */
+#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880
+/** The operation timed out. */
+#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800
+/** The client initiated a reconnect from the same port. */
+#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780
+/** Record header looks valid but is not expected. */
+#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700
+/** The alert message received indicates a non-fatal error. */
+#define MBEDTLS_ERR_SSL_NON_FATAL -0x6680
+/** A field in a message was incorrect or inconsistent with other fields. */
+#define MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER -0x6600
+/** Internal-only message signaling that further message-processing should be done */
+#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580
+/** The asynchronous operation is not completed yet. */
+#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500
+/** Internal-only message signaling that a message arrived early. */
+#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480
/* Error space gap */
/* Error space gap */
/* Error space gap */
@@ -121,9 +162,12 @@
/* Error space gap */
/* Error space gap */
/* Error space gap */
-#define MBEDTLS_ERR_SSL_UNEXPECTED_CID -0x6000 /**< An encrypted DTLS-frame with an unexpected CID was received. */
-#define MBEDTLS_ERR_SSL_VERSION_MISMATCH -0x5F00 /**< An operation failed due to an unexpected version or configuration. */
-#define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80 /**< Invalid value in SSL config */
+/** An encrypted DTLS-frame with an unexpected CID was received. */
+#define MBEDTLS_ERR_SSL_UNEXPECTED_CID -0x6000
+/** An operation failed due to an unexpected version or configuration. */
+#define MBEDTLS_ERR_SSL_VERSION_MISMATCH -0x5F00
+/** Invalid value in SSL config */
+#define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80
/*
* Various constants
@@ -927,6 +971,11 @@
unsigned char MBEDTLS_PRIVATE(exported);
+ /* This field is temporarily duplicated with mbedtls_ssl_context.minor_ver.
+ * Once runtime negotiation of TLS 1.2 and TLS 1.3 is implemented, it needs
+ * to be studied whether one of them can be removed. */
+ unsigned char MBEDTLS_PRIVATE(minor_ver); /*!< The TLS version used in the session. */
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
mbedtls_x509_crt *MBEDTLS_PRIVATE(peer_cert); /*!< peer X.509 cert chain */
@@ -1245,6 +1294,10 @@
#endif /* MBEDTLS_SSL_RENEGOTIATION */
int MBEDTLS_PRIVATE(major_ver); /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */
+
+ /* This field is temporarily duplicated with mbedtls_ssl_context.minor_ver.
+ * Once runtime negotiation of TLS 1.2 and TLS 1.3 is implemented, it needs
+ * to be studied whether one of them can be removed. */
int MBEDTLS_PRIVATE(minor_ver); /*!< one of MBEDTLS_SSL_MINOR_VERSION_x macros */
unsigned MBEDTLS_PRIVATE(badmac_seen); /*!< records with a bad MAC received */
diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h
index 96cadc4..fbc7374 100644
--- a/include/mbedtls/threading.h
+++ b/include/mbedtls/threading.h
@@ -31,8 +31,10 @@
extern "C" {
#endif
-#define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA -0x001C /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_THREADING_MUTEX_ERROR -0x001E /**< Locking / unlocking / free failed with error code. */
+/** Bad input parameters to function. */
+#define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA -0x001C
+/** Locking / unlocking / free failed with error code. */
+#define MBEDTLS_ERR_THREADING_MUTEX_ERROR -0x001E
#if defined(MBEDTLS_THREADING_PTHREAD)
#include <pthread.h>
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 5be4286..df187cb 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -53,26 +53,46 @@
* \name X509 Error codes
* \{
*/
-#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */
-#define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */
-#define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */
-#define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */
-#define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */
-#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */
-#define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */
-#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */
-#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */
-#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
-#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */
-#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */
-#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 /**< Allocation of memory failed. */
-#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */
-#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /**< Destination buffer is too small. */
-#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occurred, eg the chain is too long or the vrfy callback failed. */
+/** Unavailable feature, e.g. RSA hashing/encryption combination. */
+#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080
+/** Requested OID is unknown. */
+#define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100
+/** The CRT/CRL/CSR format is invalid, e.g. different type expected. */
+#define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180
+/** The CRT/CRL/CSR version element is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200
+/** The serial tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280
+/** The algorithm tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_ALG -0x2300
+/** The name tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_NAME -0x2380
+/** The date tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_DATE -0x2400
+/** The signature tag or value invalid. */
+#define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480
+/** The extension tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500
+/** CRT/CRL/CSR has an unsupported version number. */
+#define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580
+/** Signature algorithm (oid) is unsupported. */
+#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600
+/** Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */
+#define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680
+/** Certificate verification failed, e.g. CRL, CA or signature check failed. */
+#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700
+/** Format not recognized as DER or PEM. */
+#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780
+/** Input invalid. */
+#define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800
+/** Allocation of memory failed. */
+#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880
+/** Read/write of file failed. */
+#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900
+/** Destination buffer is too small. */
+#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980
+/** A fatal error occurred, eg the chain is too long or the vrfy callback failed. */
+#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000
/* \} name */
/**
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 1cd5589..5adc128 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -104,6 +104,8 @@
ssl_ticket.c
ssl_tls.c
ssl_tls13_keys.c
+ ssl_tls13_server.c
+ ssl_tls13_client.c
)
if(CMAKE_COMPILER_IS_GNUCC)
diff --git a/library/Makefile b/library/Makefile
index 0ee6e4f..8c58fb8 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -167,6 +167,8 @@
ssl_ticket.o \
ssl_tls.o \
ssl_tls13_keys.o \
+ ssl_tls13_client.o \
+ ssl_tls13_server.o \
# This line is intentionally left blank
.SILENT:
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index ef391b3..e0a1c24 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -2024,6 +2024,7 @@
MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 );
mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver,
ssl->conf->transport, buf + 0 );
+ ssl->session_negotiate->minor_ver = ssl->minor_ver;
if( ssl->major_ver < ssl->conf->min_major_ver ||
ssl->minor_ver < ssl->conf->min_minor_ver ||
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index cc19f47..034acc2 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -740,7 +740,8 @@
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
/* We need the Hello random bytes in order to re-derive keys from the
- * Master Secret and other session info, see ssl_populate_transform() */
+ * Master Secret and other session info,
+ * see ssl_tls12_populate_transform() */
unsigned char randbytes[64]; /*!< ServerHello.random+ClientHello.random */
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
};
@@ -881,6 +882,10 @@
int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl );
+#endif
int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl );
@@ -971,7 +976,13 @@
unsigned update_hs_digest );
int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
-int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl,
+ int update_checksum );
+static inline int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
+{
+ return( mbedtls_ssl_write_handshake_msg_ext( ssl, 1 /* update checksum */ ) );
+}
+
int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush );
int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
@@ -1259,4 +1270,50 @@
void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
+/**
+ * ssl utils functions for checking configuration.
+ */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+static inline int mbedtls_ssl_conf_is_tls13_only( const mbedtls_ssl_config *conf )
+{
+ if( conf->min_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 &&
+ conf->max_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 &&
+ conf->min_minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 &&
+ conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
+ {
+ return( 1 );
+ }
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+static inline int mbedtls_ssl_conf_is_tls12_only( const mbedtls_ssl_config *conf )
+{
+ if( conf->min_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 &&
+ conf->max_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 &&
+ conf->min_minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
+ conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+ {
+ return( 1 );
+ }
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_config *conf )
+{
+ if( conf->min_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 &&
+ conf->max_major_ver == MBEDTLS_SSL_MAJOR_VERSION_3 &&
+ conf->min_minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
+ conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
+ {
+ return( 1 );
+ }
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL*/
+
#endif /* ssl_misc.h */
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 76cc2b1..a03f192 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -384,7 +384,8 @@
static void ssl_extract_add_data_from_record( unsigned char* add_data,
size_t *add_data_len,
mbedtls_record *rec,
- unsigned minor_ver )
+ unsigned minor_ver,
+ size_t taglen )
{
/* Quoting RFC 5246 (TLS 1.2):
*
@@ -403,15 +404,37 @@
*
* For TLS 1.3, the record sequence number is dropped from the AAD
* and encoded within the nonce of the AEAD operation instead.
+ * Moreover, the additional data involves the length of the TLS
+ * ciphertext, not the TLS plaintext as in earlier versions.
+ * Quoting RFC 8446 (TLS 1.3):
+ *
+ * additional_data = TLSCiphertext.opaque_type ||
+ * TLSCiphertext.legacy_record_version ||
+ * TLSCiphertext.length
+ *
+ * We pass the tag length to this function in order to compute the
+ * ciphertext length from the inner plaintext length rec->data_len via
+ *
+ * TLSCiphertext.length = TLSInnerPlaintext.length + taglen.
+ *
*/
unsigned char *cur = add_data;
+ size_t ad_len_field = rec->data_len;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- if( minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 )
+ if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
+ {
+ /* In TLS 1.3, the AAD contains the length of the TLSCiphertext,
+ * which differs from the length of the TLSInnerPlaintext
+ * by the length of the authentication tag. */
+ ad_len_field += taglen;
+ }
+ else
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
{
((void) minor_ver);
+ ((void) taglen);
memcpy( cur, rec->ctr, sizeof( rec->ctr ) );
cur += sizeof( rec->ctr );
}
@@ -431,15 +454,15 @@
*cur = rec->cid_len;
cur++;
- cur[0] = ( rec->data_len >> 8 ) & 0xFF;
- cur[1] = ( rec->data_len >> 0 ) & 0xFF;
+ cur[0] = ( ad_len_field >> 8 ) & 0xFF;
+ cur[1] = ( ad_len_field >> 0 ) & 0xFF;
cur += 2;
}
else
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
{
- cur[0] = ( rec->data_len >> 8 ) & 0xFF;
- cur[1] = ( rec->data_len >> 0 ) & 0xFF;
+ cur[0] = ( ad_len_field >> 8 ) & 0xFF;
+ cur[1] = ( ad_len_field >> 0 ) & 0xFF;
cur += 2;
}
@@ -646,7 +669,8 @@
unsigned char mac[MBEDTLS_SSL_MAC_ADD];
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
- transform->minor_ver );
+ transform->minor_ver,
+ transform->taglen );
mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data,
add_data_len );
@@ -743,7 +767,8 @@
* This depends on the TLS version.
*/
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
- transform->minor_ver );
+ transform->minor_ver,
+ transform->taglen );
MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (internal)",
iv, transform->ivlen );
@@ -897,7 +922,8 @@
}
ssl_extract_add_data_from_record( add_data, &add_data_len,
- rec, transform->minor_ver );
+ rec, transform->minor_ver,
+ transform->taglen );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) );
MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data,
@@ -1304,7 +1330,8 @@
* This depends on the TLS version.
*/
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
- transform->minor_ver );
+ transform->minor_ver,
+ transform->taglen );
MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD",
add_data, add_data_len );
@@ -1414,7 +1441,8 @@
* Further, we still know that data_len > minlen */
rec->data_len -= transform->maclen;
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
- transform->minor_ver );
+ transform->minor_ver,
+ transform->taglen );
/* Calculate expected MAC. */
MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data,
@@ -1606,7 +1634,8 @@
*/
rec->data_len -= transform->maclen;
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
- transform->minor_ver );
+ transform->minor_ver,
+ transform->taglen );
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
/*
@@ -2360,7 +2389,8 @@
* (including handshake headers but excluding record headers)
* - ssl->out_msg: the record contents (handshake headers + content)
*/
-int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
+int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl,
+ int update_checksum )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const size_t hs_len = ssl->out_msglen - 4;
@@ -2469,7 +2499,7 @@
#endif /* MBEDTLS_SSL_PROTO_DTLS */
/* Update running hashes of handshake messages seen */
- if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
+ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST && update_checksum != 0 )
ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen );
}
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index ad98850..d82ec04 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1392,6 +1392,7 @@
mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver,
ssl->conf->transport, buf );
+ ssl->session_negotiate->minor_ver = ssl->minor_ver;
ssl->handshake->max_major_ver = ssl->major_ver;
ssl->handshake->max_minor_ver = ssl->minor_ver;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index c43f92a..534817c 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -655,7 +655,6 @@
* - [in] ciphersuite
* - [in] master
* - [in] encrypt_then_mac
- * - [in] trunc_hmac
* - [in] compression
* - [in] tls_prf: pointer to PRF to use for key derivation
* - [in] randbytes: buffer holding ServerHello.random + ClientHello.random
@@ -665,14 +664,14 @@
* - MBEDTLS_SSL_EXPORT_KEYS: ssl->conf->{f,p}_export_keys
* - MBEDTLS_DEBUG_C: ssl->conf->{f,p}_dbg
*/
-static int ssl_populate_transform( mbedtls_ssl_transform *transform,
+static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
int ciphersuite,
const unsigned char master[48],
-#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \
+ defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
int encrypt_then_mac,
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC &&
+ MBEDTLS_SSL_SOME_SUITES_USE_MAC */
ssl_tls_prf_t tls_prf,
const unsigned char randbytes[64],
int minor_ver,
@@ -714,6 +713,15 @@
memcpy( transform->randbytes, randbytes, sizeof( transform->randbytes ) );
#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
+ {
+ /* At the moment, we keep TLS <= 1.2 and TLS 1.3 transform
+ * generation separate. This should never happen. */
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
/*
* Get various info structures
*/
@@ -806,19 +814,10 @@
* sequence number).
*/
transform->ivlen = 12;
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
- if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
- {
+ if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
transform->fixed_ivlen = 12;
- }
else
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
- {
- if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
- transform->fixed_ivlen = 12;
- else
- transform->fixed_ivlen = 4;
- }
+ transform->fixed_ivlen = 4;
/* Minimum length of encrypted record */
explicit_ivlen = transform->ivlen - transform->fixed_ivlen;
@@ -1328,22 +1327,22 @@
}
/* Populate transform structure */
- ret = ssl_populate_transform( ssl->transform_negotiate,
- ssl->session_negotiate->ciphersuite,
- ssl->session_negotiate->master,
-#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
- ssl->session_negotiate->encrypt_then_mac,
-#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
- ssl->handshake->tls_prf,
- ssl->handshake->randbytes,
- ssl->minor_ver,
- ssl->conf->endpoint,
- ssl );
+ ret = ssl_tls12_populate_transform( ssl->transform_negotiate,
+ ssl->session_negotiate->ciphersuite,
+ ssl->session_negotiate->master,
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \
+ defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+ ssl->session_negotiate->encrypt_then_mac,
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC &&
+ MBEDTLS_SSL_SOME_SUITES_USE_MAC */
+ ssl->handshake->tls_prf,
+ ssl->handshake->randbytes,
+ ssl->minor_ver,
+ ssl->conf->endpoint,
+ ssl );
if( ret != 0 )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "ssl_populate_transform", ret );
+ MBEDTLS_SSL_DEBUG_RET( 1, "ssl_tls12_populate_transform", ret );
return( ret );
}
@@ -3143,6 +3142,53 @@
memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
}
+static int ssl_conf_version_check( const mbedtls_ssl_context *ssl )
+{
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) )
+ {
+ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS 1.3 is not yet supported" ) );
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+ }
+ MBEDTLS_SSL_DEBUG_MSG( 4, ( "The SSL configuration is tls13 only." ) );
+ return( 0 );
+ }
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 4, ( "The SSL configuration is tls12 only." ) );
+ return( 0 );
+ }
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ if( mbedtls_ssl_conf_is_hybrid_tls12_tls13( ssl->conf ) )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" ) );
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+ }
+#endif
+
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "The SSL configuration is invalid." ) );
+ return( MBEDTLS_ERR_SSL_BAD_CONFIG );
+}
+
+static int ssl_conf_check(const mbedtls_ssl_context *ssl)
+{
+ int ret;
+ ret = ssl_conf_version_check( ssl );
+ if( ret != 0 )
+ return( ret );
+
+ /* Space for further checks */
+
+ return( 0 );
+}
+
/*
* Setup an SSL context
*/
@@ -3156,6 +3202,9 @@
ssl->conf = conf;
+ if( ( ret = ssl_conf_check( ssl ) ) != 0 )
+ return( ret );
+
/*
* Prepare base structures
*/
@@ -4492,8 +4541,6 @@
#define SSL_SERIALIZED_SESSION_CONFIG_MFL 0
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC 0
-
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
#define SSL_SERIALIZED_SESSION_CONFIG_ETM 1
#else
@@ -4510,9 +4557,8 @@
#define SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT 1
#define SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT 2
#define SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT 3
-#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT 4
-#define SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT 5
-#define SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT 6
+#define SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT 4
+#define SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT 5
#define SSL_SERIALIZED_SESSION_CONFIG_BITFLAG \
( (uint16_t) ( \
@@ -4520,7 +4566,6 @@
( SSL_SERIALIZED_SESSION_CONFIG_CRT << SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT ) | \
( SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET << SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT ) | \
( SSL_SERIALIZED_SESSION_CONFIG_MFL << SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT ) | \
- ( SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC << SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT ) | \
( SSL_SERIALIZED_SESSION_CONFIG_ETM << SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT ) | \
( SSL_SERIALIZED_SESSION_CONFIG_TICKET << SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT ) ) )
@@ -4536,44 +4581,61 @@
* Serialize a session in the following format:
* (in the presentation language of TLS, RFC 8446 section 3)
*
- * opaque mbedtls_version[3]; // major, minor, patch
- * opaque session_format[2]; // version-specific 16-bit field determining
- * // the format of the remaining
- * // serialized data.
+ * struct {
*
- * Note: When updating the format, remember to keep
- * these version+format bytes.
+ * opaque mbedtls_version[3]; // library version: major, minor, patch
+ * opaque session_format[2]; // library-version specific 16-bit field
+ * // determining the format of the remaining
+ * // serialized data.
*
- * // In this version, `session_format` determines
- * // the setting of those compile-time
- * // configuration options which influence
- * // the structure of mbedtls_ssl_session.
- * uint64 start_time;
- * uint8 ciphersuite[2]; // defined by the standard
- * uint8 compression; // 0 or 1
- * uint8 session_id_len; // at most 32
- * opaque session_id[32];
- * opaque master[48]; // fixed length in the standard
- * uint32 verify_result;
- * opaque peer_cert<0..2^24-1>; // length 0 means no peer cert
- * opaque ticket<0..2^24-1>; // length 0 means no ticket
- * uint32 ticket_lifetime;
- * uint8 mfl_code; // up to 255 according to standard
- * uint8 trunc_hmac; // 0 or 1
- * uint8 encrypt_then_mac; // 0 or 1
+ * Note: When updating the format, remember to keep
+ * these version+format bytes.
*
- * The order is the same as in the definition of the structure, except
- * verify_result is put before peer_cert so that all mandatory fields come
- * together in one block.
+ * // In this version, `session_format` determines
+ * // the setting of those compile-time
+ * // configuration options which influence
+ * // the structure of mbedtls_ssl_session.
+ *
+ * uint8_t minor_ver; // Protocol-version. Possible values:
+ * // - TLS 1.2 (MBEDTLS_SSL_MINOR_VERSION_3)
+ *
+ * select (serialized_session.minor_ver) {
+ *
+ * case MBEDTLS_SSL_MINOR_VERSION_3: // TLS 1.2
+ * serialized_session_tls12 data;
+ *
+ * };
+ *
+ * } serialized_session;
+ *
*/
-static int ssl_session_save( const mbedtls_ssl_session *session,
- unsigned char omit_header,
- unsigned char *buf,
- size_t buf_len,
- size_t *olen )
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+/* Serialization of TLS 1.2 sessions:
+ *
+ * struct {
+ * uint64 start_time;
+ * uint8 ciphersuite[2]; // defined by the standard
+ * uint8 compression; // 0 or 1
+ * uint8 session_id_len; // at most 32
+ * opaque session_id[32];
+ * opaque master[48]; // fixed length in the standard
+ * uint32 verify_result;
+ * opaque peer_cert<0..2^24-1>; // length 0 means no peer cert
+ * opaque ticket<0..2^24-1>; // length 0 means no ticket
+ * uint32 ticket_lifetime;
+ * uint8 mfl_code; // up to 255 according to standard
+ * uint8 encrypt_then_mac; // 0 or 1
+ * } serialized_session_tls12;
+ *
+ */
+static size_t ssl_session_save_tls12( const mbedtls_ssl_session *session,
+ unsigned char *buf,
+ size_t buf_len )
{
unsigned char *p = buf;
size_t used = 0;
+
#if defined(MBEDTLS_HAVE_TIME)
uint64_t start;
#endif
@@ -4583,23 +4645,6 @@
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
- if( !omit_header )
- {
- /*
- * Add version identifier
- */
-
- used += sizeof( ssl_serialized_session_header );
-
- if( used <= buf_len )
- {
- memcpy( p, ssl_serialized_session_header,
- sizeof( ssl_serialized_session_header ) );
- p += sizeof( ssl_serialized_session_header );
- }
- }
-
/*
* Time
*/
@@ -4742,9 +4787,61 @@
*p++ = (unsigned char)( ( session->encrypt_then_mac ) & 0xFF );
#endif
- /* Done */
- *olen = used;
+ return( used );
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+static int ssl_session_save( const mbedtls_ssl_session *session,
+ unsigned char omit_header,
+ unsigned char *buf,
+ size_t buf_len,
+ size_t *olen )
+{
+ unsigned char *p = buf;
+ size_t used = 0;
+
+ if( !omit_header )
+ {
+ /*
+ * Add Mbed TLS version identifier
+ */
+
+ used += sizeof( ssl_serialized_session_header );
+
+ if( used <= buf_len )
+ {
+ memcpy( p, ssl_serialized_session_header,
+ sizeof( ssl_serialized_session_header ) );
+ p += sizeof( ssl_serialized_session_header );
+ }
+ }
+
+ /*
+ * TLS version identifier
+ */
+ used += 1;
+ if( used <= buf_len )
+ {
+ *p++ = session->minor_ver;
+ }
+
+ /* Forward to version-specific serialization routine. */
+ switch( session->minor_ver )
+ {
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ case MBEDTLS_SSL_MINOR_VERSION_3:
+ {
+ size_t remaining_len = used <= buf_len ? buf_len - used : 0;
+ used += ssl_session_save_tls12( session, p, remaining_len );
+ break;
+ }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+ default:
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+ }
+
+ *olen = used;
if( used > buf_len )
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
@@ -4768,13 +4865,10 @@
* This internal version is wrapped by a public function that cleans up in
* case of error, and has an extra option omit_header.
*/
-static int ssl_session_load( mbedtls_ssl_session *session,
- unsigned char omit_header,
- const unsigned char *buf,
- size_t len )
+static int ssl_session_load_tls12( mbedtls_ssl_session *session,
+ const unsigned char *buf,
+ size_t len )
{
- const unsigned char *p = buf;
- const unsigned char * const end = buf + len;
#if defined(MBEDTLS_HAVE_TIME)
uint64_t start;
#endif
@@ -4784,22 +4878,8 @@
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
- if( !omit_header )
- {
- /*
- * Check version identifier
- */
-
- if( (size_t)( end - p ) < sizeof( ssl_serialized_session_header ) )
- return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
- if( memcmp( p, ssl_serialized_session_header,
- sizeof( ssl_serialized_session_header ) ) != 0 )
- {
- return( MBEDTLS_ERR_SSL_VERSION_MISMATCH );
- }
- p += sizeof( ssl_serialized_session_header );
- }
+ const unsigned char *p = buf;
+ const unsigned char * const end = buf + len;
/*
* Time
@@ -4984,6 +5064,54 @@
return( 0 );
}
+static int ssl_session_load( mbedtls_ssl_session *session,
+ unsigned char omit_header,
+ const unsigned char *buf,
+ size_t len )
+{
+ const unsigned char *p = buf;
+ const unsigned char * const end = buf + len;
+
+ if( !omit_header )
+ {
+ /*
+ * Check Mbed TLS version identifier
+ */
+
+ if( (size_t)( end - p ) < sizeof( ssl_serialized_session_header ) )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+ if( memcmp( p, ssl_serialized_session_header,
+ sizeof( ssl_serialized_session_header ) ) != 0 )
+ {
+ return( MBEDTLS_ERR_SSL_VERSION_MISMATCH );
+ }
+ p += sizeof( ssl_serialized_session_header );
+ }
+
+ /*
+ * TLS version identifier
+ */
+ if( 1 > (size_t)( end - p ) )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ session->minor_ver = *p++;
+
+ /* Dispatch according to TLS version. */
+ switch( session->minor_ver )
+ {
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ case MBEDTLS_SSL_MINOR_VERSION_3: /* TLS 1.2 */
+ {
+ size_t remaining_len = ( end - p );
+ return( ssl_session_load_tls12( session, p, remaining_len ) );
+ }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+ default:
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ }
+}
+
/*
* Deserialize session: public wrapper for error cleaning
*/
@@ -5011,11 +5139,31 @@
#if defined(MBEDTLS_SSL_CLI_C)
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
- ret = mbedtls_ssl_handshake_client_step( ssl );
+ {
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) )
+ ret = mbedtls_ssl_handshake_client_step_tls1_3( ssl );
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) )
+ ret = mbedtls_ssl_handshake_client_step( ssl );
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+ }
#endif
#if defined(MBEDTLS_SSL_SRV_C)
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
- ret = mbedtls_ssl_handshake_server_step( ssl );
+ {
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ if( mbedtls_ssl_conf_is_tls13_only( ssl->conf ) )
+ ret = mbedtls_ssl_handshake_server_step_tls1_3( ssl );
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+ if( mbedtls_ssl_conf_is_tls12_only( ssl->conf ) )
+ ret = mbedtls_ssl_handshake_server_step( ssl );
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+ }
#endif
return( ret );
@@ -5779,14 +5927,14 @@
if( (size_t)( end - p ) < sizeof( ssl->transform->randbytes ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- ret = ssl_populate_transform( ssl->transform,
+ ret = ssl_tls12_populate_transform( ssl->transform,
ssl->session->ciphersuite,
ssl->session->master,
-#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) && \
+ defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
ssl->session->encrypt_then_mac,
-#endif
-#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC &&
+ MBEDTLS_SSL_SOME_SUITES_USE_MAC */
ssl_tls12prf_from_cs( ssl->session->ciphersuite ),
p, /* currently pointing to randbytes */
MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
new file mode 100644
index 0000000..368b557
--- /dev/null
+++ b/library/ssl_tls13_client.c
@@ -0,0 +1,38 @@
+/*
+ * TLS 1.3 client-side functions
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This file is part of mbed TLS ( https://tls.mbed.org )
+ */
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+
+#if defined(MBEDTLS_SSL_CLI_C)
+
+#include "ssl_misc.h"
+
+int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl )
+{
+ ((void) ssl);
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+}
+
+#endif /* MBEDTLS_SSL_CLI_C */
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index f1c8a12..902f99e 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -699,4 +699,125 @@
return( ret );
}
+int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
+ int endpoint,
+ int ciphersuite,
+ mbedtls_ssl_key_set const *traffic_keys,
+ mbedtls_ssl_context *ssl /* DEBUG ONLY */ )
+{
+ int ret;
+ mbedtls_cipher_info_t const *cipher_info;
+ const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+ unsigned char const *key_enc;
+ unsigned char const *iv_enc;
+ unsigned char const *key_dec;
+ unsigned char const *iv_dec;
+
+#if !defined(MBEDTLS_DEBUG_C)
+ ssl = NULL; /* make sure we don't use it except for those cases */
+ (void) ssl;
+#endif
+
+ ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite );
+ if( ciphersuite_info == NULL )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %d not found",
+ ciphersuite ) );
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ }
+
+ cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher );
+ if( cipher_info == NULL )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %u not found",
+ ciphersuite_info->cipher ) );
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ }
+
+ /*
+ * Setup cipher contexts in target transform
+ */
+
+ if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc,
+ cipher_info ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret );
+ return( ret );
+ }
+
+ if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec,
+ cipher_info ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret );
+ return( ret );
+ }
+
+#if defined(MBEDTLS_SSL_SRV_C)
+ if( endpoint == MBEDTLS_SSL_IS_SERVER )
+ {
+ key_enc = traffic_keys->server_write_key;
+ key_dec = traffic_keys->client_write_key;
+ iv_enc = traffic_keys->server_write_iv;
+ iv_dec = traffic_keys->client_write_iv;
+ }
+ else
+#endif /* MBEDTLS_SSL_SRV_C */
+#if defined(MBEDTLS_SSL_CLI_C)
+ if( endpoint == MBEDTLS_SSL_IS_CLIENT )
+ {
+ key_enc = traffic_keys->client_write_key;
+ key_dec = traffic_keys->server_write_key;
+ iv_enc = traffic_keys->client_write_iv;
+ iv_dec = traffic_keys->server_write_iv;
+ }
+ else
+#endif /* MBEDTLS_SSL_CLI_C */
+ {
+ /* should not happen */
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+
+ memcpy( transform->iv_enc, iv_enc, traffic_keys->iv_len );
+ memcpy( transform->iv_dec, iv_dec, traffic_keys->iv_len );
+
+ if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc,
+ key_enc, cipher_info->key_bitlen,
+ MBEDTLS_ENCRYPT ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
+ return( ret );
+ }
+
+ if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec,
+ key_dec, cipher_info->key_bitlen,
+ MBEDTLS_DECRYPT ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
+ return( ret );
+ }
+
+ /*
+ * Setup other fields in SSL transform
+ */
+
+ if( ( ciphersuite_info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ) != 0 )
+ transform->taglen = 8;
+ else
+ transform->taglen = 16;
+
+ transform->ivlen = traffic_keys->iv_len;
+ transform->maclen = 0;
+ transform->fixed_ivlen = transform->ivlen;
+ transform->minor_ver = MBEDTLS_SSL_MINOR_VERSION_4;
+
+ /* We add the true record content type (1 Byte) to the plaintext and
+ * then pad to the configured granularity. The mimimum length of the
+ * type-extended and padded plaintext is therefore the padding
+ * granularity. */
+ transform->minlen =
+ transform->taglen + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY;
+
+ return( 0 );
+}
+
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h
index 3b96998..ca892b1 100644
--- a/library/ssl_tls13_keys.h
+++ b/library/ssl_tls13_keys.h
@@ -498,4 +498,37 @@
unsigned char const *transcript,
unsigned char *result );
+/**
+ * \bref Setup an SSL transform structure representing the
+ * record protection mechanism used by TLS 1.3
+ *
+ * \param transform The SSL transform structure to be created. This must have
+ * been initialized through mbedtls_ssl_transform_init() and
+ * not used in any other way prior to calling this function.
+ * In particular, this function does not clean up the
+ * transform structure prior to installing the new keys.
+ * \param endpoint Indicates whether the transform is for the client
+ * (value #MBEDTLS_SSL_IS_CLIENT) or the server
+ * (value #MBEDTLS_SSL_IS_SERVER).
+ * \param ciphersuite The numerical identifier for the ciphersuite to use.
+ * This must be one of the identifiers listed in
+ * ssl_ciphersuites.h.
+ * \param traffic_keys The key material to use. No reference is stored in
+ * the SSL transform being generated, and the caller
+ * should destroy the key material afterwards.
+ * \param ssl (Debug-only) The SSL context to use for debug output
+ * in case of failure. This parameter is only needed if
+ * #MBEDTLS_DEBUG_C is set, and is ignored otherwise.
+ *
+ * \return \c 0 on success. In this case, \p transform is ready to
+ * be used with mbedtls_ssl_transform_decrypt() and
+ * mbedtls_ssl_transform_encrypt().
+ * \return A negative error code on failure.
+ */
+int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
+ int endpoint,
+ int ciphersuite,
+ mbedtls_ssl_key_set const *traffic_keys,
+ mbedtls_ssl_context *ssl );
+
#endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
new file mode 100644
index 0000000..a567277
--- /dev/null
+++ b/library/ssl_tls13_server.c
@@ -0,0 +1,36 @@
+/*
+ * TLS 1.3 server-side functions
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+#include "common.h"
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+
+#if defined(MBEDTLS_SSL_SRV_C)
+
+#include "ssl_misc.h"
+
+int mbedtls_ssl_handshake_server_step_tls1_3( mbedtls_ssl_context *ssl )
+{
+ ((void) ssl);
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+}
+
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 25fe21b..86c314c 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -395,13 +395,20 @@
USAGE_CURVES \
USAGE_DHMLEN \
"\n"
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+#define TLS1_3_VERSION_OPTIONS ", tls1_3"
+#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+#define TLS1_3_VERSION_OPTIONS ""
+#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
#define USAGE4 \
" allow_sha1=%%d default: 0\n" \
" min_version=%%s default: (library default: tls1_2)\n" \
" max_version=%%s default: (library default: tls1_2)\n" \
" force_version=%%s default: \"\" (none)\n" \
- " options: tls1_2, dtls1_2\n" \
- "\n" \
+ " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \
+ "\n\n" \
" force_ciphersuite=<name> default: all enabled\n"\
" query_config=<name> return 0 if the specified\n" \
" configuration macro is defined and 1\n" \
@@ -1070,6 +1077,10 @@
if( strcmp( q, "tls1_2" ) == 0 ||
strcmp( q, "dtls1_2" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ else if( strcmp( q, "tls1_3" ) == 0 )
+ opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else
goto usage;
}
@@ -1078,6 +1089,10 @@
if( strcmp( q, "tls1_2" ) == 0 ||
strcmp( q, "dtls1_2" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ else if( strcmp( q, "tls1_3" ) == 0 )
+ opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else
goto usage;
}
@@ -1103,6 +1118,13 @@
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
}
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ else if( strcmp( q, "tls1_3" ) == 0 )
+ {
+ opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
+ opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
+ }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else
goto usage;
}
@@ -1570,41 +1592,7 @@
#endif /* MBEDTLS_X509_CRT_PARSE_C */
/*
- * 2. Start the connection
- */
- if( opt.server_addr == NULL)
- opt.server_addr = opt.server_name;
-
- mbedtls_printf( " . Connecting to %s/%s/%s...",
- opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
- opt.server_addr, opt.server_port );
- fflush( stdout );
-
- if( ( ret = mbedtls_net_connect( &server_fd,
- opt.server_addr, opt.server_port,
- opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
- MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n",
- (unsigned int) -ret );
- goto exit;
- }
-
- if( opt.nbio > 0 )
- ret = mbedtls_net_set_nonblock( &server_fd );
- else
- ret = mbedtls_net_set_block( &server_fd );
- if( ret != 0 )
- {
- mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n",
- (unsigned int) -ret );
- goto exit;
- }
-
- mbedtls_printf( " ok\n" );
-
- /*
- * 3. Setup stuff
+ * 2. Setup stuff
*/
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
@@ -1957,6 +1945,40 @@
mbedtls_printf( " ok\n" );
/*
+ * 3. Start the connection
+ */
+ if( opt.server_addr == NULL)
+ opt.server_addr = opt.server_name;
+
+ mbedtls_printf( " . Connecting to %s/%s/%s...",
+ opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
+ opt.server_addr, opt.server_port );
+ fflush( stdout );
+
+ if( ( ret = mbedtls_net_connect( &server_fd,
+ opt.server_addr, opt.server_port,
+ opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
+ MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n",
+ (unsigned int) -ret );
+ goto exit;
+ }
+
+ if( opt.nbio > 0 )
+ ret = mbedtls_net_set_nonblock( &server_fd );
+ else
+ ret = mbedtls_net_set_block( &server_fd );
+ if( ret != 0 )
+ {
+ mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n",
+ (unsigned int) -ret );
+ goto exit;
+ }
+
+ mbedtls_printf( " ok\n" );
+
+ /*
* 4. Handshake
*/
mbedtls_printf( " . Performing the SSL/TLS handshake..." );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index d2aa48a..83bd617 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -485,6 +485,13 @@
USAGE_ETM \
USAGE_CURVES \
"\n"
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+#define TLS1_3_VERSION_OPTIONS ", tls1_3"
+#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+#define TLS1_3_VERSION_OPTIONS ""
+#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+
#define USAGE4 \
USAGE_SSL_ASYNC \
USAGE_SNI \
@@ -492,8 +499,8 @@
" min_version=%%s default: (library default: tls1_2)\n" \
" max_version=%%s default: (library default: tls1_2)\n" \
" force_version=%%s default: \"\" (none)\n" \
- " options: tls1_2, dtls1_2\n" \
- "\n" \
+ " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \
+ "\n\n" \
" force_ciphersuite=<name> default: all enabled\n" \
" query_config=<name> return 0 if the specified\n" \
" configuration macro is defined and 1\n" \
@@ -1712,6 +1719,10 @@
if( strcmp( q, "tls1_2" ) == 0 ||
strcmp( q, "dtls1_2" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ else if( strcmp( q, "tls1_3" ) == 0 )
+ opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else
goto usage;
}
@@ -1720,6 +1731,10 @@
if( strcmp( q, "tls1_2" ) == 0 ||
strcmp( q, "dtls1_2" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ else if( strcmp( q, "tls1_3" ) == 0 )
+ opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else
goto usage;
}
@@ -1745,6 +1760,13 @@
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
}
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ else if( strcmp( q, "tls1_3" ) == 0 )
+ {
+ opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
+ opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
+ }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
else
goto usage;
}
@@ -2376,26 +2398,7 @@
#endif /* SNI_OPTION */
/*
- * 2. Setup the listening TCP socket
- */
- mbedtls_printf( " . Bind on %s://%s:%s/ ...",
- opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
- opt.server_addr ? opt.server_addr : "*",
- opt.server_port );
- fflush( stdout );
-
- if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port,
- opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
- MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret );
- goto exit;
- }
-
- mbedtls_printf( " ok\n" );
-
- /*
- * 3. Setup stuff
+ * 2. Setup stuff
*/
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
@@ -2889,6 +2892,24 @@
mbedtls_printf( " ok\n" );
+ /*
+ * 3. Setup the listening TCP socket
+ */
+ mbedtls_printf( " . Bind on %s://%s:%s/ ...",
+ opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
+ opt.server_addr ? opt.server_addr : "*",
+ opt.server_port );
+ fflush( stdout );
+
+ if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port,
+ opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
+ MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret );
+ goto exit;
+ }
+ mbedtls_printf( " ok\n" );
+
reset:
#if !defined(_WIN32)
if( received_sigterm )
diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh
index df629e9..6a4a69d 100755
--- a/scripts/bump_version.sh
+++ b/scripts/bump_version.sh
@@ -24,6 +24,8 @@
# [ -v | --verbose ] [ -h | --help ]
#
+set -e
+
VERSION=""
SOVERSION=""
@@ -79,6 +81,10 @@
exit 1
fi
+[ $VERBOSE ] && echo "Bumping VERSION in CMakeLists.txt"
+sed -e "s/ VERSION [0-9.]\{1,\}/ VERSION $VERSION/g" < CMakeLists.txt > tmp
+mv tmp CMakeLists.txt
+
[ $VERBOSE ] && echo "Bumping VERSION in library/CMakeLists.txt"
sed -e "s/ VERSION [0-9.]\{1,\}/ VERSION $VERSION/g" < library/CMakeLists.txt > tmp
mv tmp library/CMakeLists.txt
@@ -116,10 +122,10 @@
mv tmp library/Makefile
fi
-[ $VERBOSE ] && echo "Bumping VERSION in include/mbedtls/version.h"
+[ $VERBOSE ] && echo "Bumping VERSION in include/mbedtls/build_info.h"
read MAJOR MINOR PATCH <<<$(IFS="."; echo $VERSION)
VERSION_NR="$( printf "0x%02X%02X%02X00" $MAJOR $MINOR $PATCH )"
-cat include/mbedtls/version.h | \
+cat include/mbedtls/build_info.h | \
sed -e "s/_VERSION_MAJOR .\{1,\}/_VERSION_MAJOR $MAJOR/" | \
sed -e "s/_VERSION_MINOR .\{1,\}/_VERSION_MINOR $MINOR/" | \
sed -e "s/_VERSION_PATCH .\{1,\}/_VERSION_PATCH $PATCH/" | \
@@ -127,7 +133,7 @@
sed -e "s/_VERSION_STRING .\{1,\}/_VERSION_STRING \"$VERSION\"/" | \
sed -e "s/_VERSION_STRING_FULL .\{1,\}/_VERSION_STRING_FULL \"mbed TLS $VERSION\"/" \
> tmp
-mv tmp include/mbedtls/version.h
+mv tmp include/mbedtls/build_info.h
[ $VERBOSE ] && echo "Bumping version in tests/suites/test_suite_version.data"
sed -e "s/version:\".\{1,\}/version:\"$VERSION\"/g" < tests/suites/test_suite_version.data > tmp
diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl
index 7822384..0a03f02 100755
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@@ -21,6 +21,7 @@
# limitations under the License.
use strict;
+use warnings;
my ($include_dir, $data_dir, $error_file);
@@ -53,26 +54,54 @@
PEM PK PKCS12 PKCS5
RSA SSL X509 );
-my $line_separator = $/;
undef $/;
open(FORMAT_FILE, '<:crlf', "$error_format_file") or die "Opening error format file '$error_format_file': $!";
my $error_format = <FORMAT_FILE>;
close(FORMAT_FILE);
-$/ = $line_separator;
-
my @files = <$include_dir/*.h>;
my @necessary_include_files;
my @matches;
foreach my $file (@files) {
open(FILE, '<:crlf', "$file");
- my @grep_res = grep(/^\s*#define\s+MBEDTLS_ERR_\w+\s+\-0x[0-9A-Fa-f]+/, <FILE>);
- push(@matches, @grep_res);
+ my $content = <FILE>;
close FILE;
- my $include_name = $file;
- $include_name =~ s!.*/!!;
- push @necessary_include_files, $include_name if @grep_res;
+ my $found = 0;
+ while ($content =~ m[
+ # Both the before-comment and the after-comment are optional.
+ # Only the comment content is a regex capture group. The comment
+ # start and end parts are outside the capture group.
+ (?:/\*[*!](?!<) # Doxygen before-comment start
+ ((?:[^*]|\*+[^*/])*) # $1: Comment content (no */ inside)
+ \*/)? # Comment end
+ \s*\#\s*define\s+(MBEDTLS_ERR_\w+) # $2: name
+ \s+\-(0[Xx][0-9A-Fa-f]+)\s* # $3: value (without the sign)
+ (?:/\*[*!]< # Doxygen after-comment start
+ ((?:[^*]|\*+[^*/])*) # $4: Comment content (no */ inside)
+ \*/)? # Comment end
+ ]gsx) {
+ my ($before, $name, $value, $after) = ($1, $2, $3, $4);
+ # Discard Doxygen comments that are coincidentally present before
+ # an error definition but not attached to it. This is ad hoc, based
+ # on what actually matters (or mattered at some point).
+ undef $before if defined($before) && $before =~ /\s*\\name\s/s;
+ die "Description neither before nor after $name in $file\n"
+ if !defined($before) && !defined($after);
+ die "Description both before and after $name in $file\n"
+ if defined($before) && defined($after);
+ my $description = (defined($before) ? $before : $after);
+ $description =~ s/^\s+//;
+ $description =~ s/\n( *\*)? */ /g;
+ $description =~ s/\.?\s+$//;
+ push @matches, [$name, $value, $description];
+ ++$found;
+ }
+ if ($found) {
+ my $include_name = $file;
+ $include_name =~ s!.*/!!;
+ push @necessary_include_files, $include_name;
+ }
}
my $ll_old_define = "";
@@ -86,20 +115,14 @@
my %error_codes_seen;
-foreach my $line (@matches)
+foreach my $match (@matches)
{
- next if ($line =~ /compat-1.2.h/);
- my ($error_name, $error_code) = $line =~ /(MBEDTLS_ERR_\w+)\s+\-(0x\w+)/;
- my ($description) = $line =~ /\/\*\*< (.*?)\.? \*\//;
+ my ($error_name, $error_code, $description) = @$match;
die "Duplicated error code: $error_code ($error_name)\n"
if( $error_codes_seen{$error_code}++ );
$description =~ s/\\/\\\\/g;
- if ($description eq "") {
- $description = "DESCRIPTION MISSING";
- warn "Missing description for $error_name\n";
- }
my ($module_name) = $error_name =~ /^MBEDTLS_ERR_([^_]+)/;
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index f8e43c8..5d2710c 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -2437,11 +2437,22 @@
}
component_test_tls13_experimental () {
- msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled"
+ msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding"
scripts/config.pl set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+ scripts/config.pl set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
make
- msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled"
+ msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, without padding"
+ make test
+}
+
+component_test_tls13_experimental_with_padding () {
+ msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with padding"
+ scripts/config.pl set MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+ scripts/config.pl set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
+ CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+ make
+ msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL enabled, with padding"
make test
}
diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh
index a2c285f..0399484 100755
--- a/tests/scripts/check-generated-files.sh
+++ b/tests/scripts/check-generated-files.sh
@@ -23,12 +23,13 @@
if [ $# -ne 0 ] && [ "$1" = "--help" ]; then
cat <<EOF
-$0 [-u]
+$0 [-l | -u]
This script checks that all generated file are up-to-date. If some aren't, by
default the scripts reports it and exits in error; with the -u option, it just
updates them instead.
-u Update the files rather than return an error for out-of-date files.
+ -l List generated files, but do not update them.
EOF
exit
fi
@@ -39,10 +40,13 @@
fi
UPDATE=
-if [ $# -ne 0 ] && [ "$1" = "-u" ]; then
- shift
- UPDATE='y'
-fi
+LIST=
+while getopts lu OPTLET; do
+ case $OPTLET in
+ l) LIST=1;;
+ u) UPDATE=1;;
+ esac
+done
# check SCRIPT FILENAME[...]
# check SCRIPT DIRECTORY
@@ -58,6 +62,11 @@
SCRIPT=$1
shift
+ if [ -n "$LIST" ]; then
+ printf '%s\n' "$@"
+ return
+ fi
+
directory=
if [ -d "$1" ]; then
directory="$1"
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 4f0a60e..01265ae 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -242,6 +242,17 @@
fi
}
+requires_config_value_equals() {
+ VAL=$( get_config_value_or_default "$1" )
+ if [ -z "$VAL" ]; then
+ # Should never happen
+ echo "Mbed TLS configuration $1 is not defined"
+ exit 1
+ elif [ "$VAL" -ne "$2" ]; then
+ SKIP_NEXT="YES"
+ fi
+}
+
# Space-separated list of ciphersuites supported by this build of
# Mbed TLS.
P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null |
@@ -287,6 +298,12 @@
fi
}
+# skip next test if either IN_CONTENT_LEN or MAX_CONTENT_LEN are below a value
+requires_max_content_len() {
+ requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" $1
+ requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" $1
+}
+
# skip next test if GnuTLS isn't available
requires_gnutls() {
if [ -z "${GNUTLS_AVAILABLE:-}" ]; then
@@ -366,9 +383,10 @@
# Calculate the input & output maximum content lengths set in the config
MAX_CONTENT_LEN=16384
-MAX_IN_LEN=$( ../scripts/config.py get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
-MAX_OUT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
+MAX_IN_LEN=$( get_config_value_or_default "MBEDTLS_SSL_IN_CONTENT_LEN" )
+MAX_OUT_LEN=$( get_config_value_or_default "MBEDTLS_SSL_OUT_CONTENT_LEN" )
+# Calculate the maximum content length that fits both
if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then
MAX_CONTENT_LEN="$MAX_IN_LEN"
fi
@@ -675,6 +693,11 @@
fi
}
+SKIP_HANDSHAKE_CHECK="NO"
+skip_handshake_stage_check() {
+ SKIP_HANDSHAKE_CHECK="YES"
+}
+
# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
# Options: -s pattern pattern that must be present in server output
# -c pattern pattern that must be present in client output
@@ -837,21 +860,25 @@
# (useful to avoid tests with only negative assertions and non-zero
# expected client exit to incorrectly succeed in case of catastrophic
# failure)
- if is_polar "$SRV_CMD"; then
- if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :;
- else
- fail "server or client failed to reach handshake stage"
- return
+ if [ "X$SKIP_HANDSHAKE_CHECK" != "XYES" ]
+ then
+ if is_polar "$SRV_CMD"; then
+ if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :;
+ else
+ fail "server or client failed to reach handshake stage"
+ return
+ fi
fi
- fi
- if is_polar "$CLI_CMD"; then
- if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :;
- else
- fail "server or client failed to reach handshake stage"
- return
+ if is_polar "$CLI_CMD"; then
+ if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :;
+ else
+ fail "server or client failed to reach handshake stage"
+ return
+ fi
fi
fi
+ SKIP_HANDSHAKE_CHECK="NO"
# Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't
# exit with status 0 when interrupted by a signal, and we don't really
# care anyway), in case e.g. the server reports a memory leak.
@@ -2226,8 +2253,12 @@
-c "ignoring unexpected CID" \
-s "ignoring unexpected CID"
+# This and the test below it require MAX_CONTENT_LEN to be at least MFL+1, because the
+# tests check that the buffer contents are reallocated when the message is
+# larger than the buffer.
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
+requires_max_content_len 513
run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \
"$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \
"$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=512 dtls=1 cid=1 cid_val=beef" \
@@ -2241,6 +2272,7 @@
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
+requires_max_content_len 1025
run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=1024" \
"$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \
"$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=1024 dtls=1 cid=1 cid_val=beef" \
@@ -2748,20 +2780,6 @@
# Tests for Max Fragment Length extension
-if [ "$MAX_IN_LEN" -lt "4096" ]; then
- printf '%s defines MBEDTLS_SSL_IN_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}"
- exit 1
-fi
-
-if [ "$MAX_OUT_LEN" -lt "4096" ]; then
- printf '%s defines MBEDTLS_SSL_OUT_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}"
- exit 1
-fi
-
-if [ $MAX_CONTENT_LEN -ne 16384 ]; then
- echo "Using non-default maximum content length $MAX_CONTENT_LEN"
-fi
-
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: enabled, default" \
"$P_SRV debug_level=3" \
@@ -2826,7 +2844,7 @@
-s "1 bytes read"
requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-run_test "Max fragment length DTLS: disabled, larger message" \
+run_test "Max fragment length, DTLS: disabled, larger message" \
"$P_SRV debug_level=3 dtls=1" \
"$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
1 \
@@ -2836,6 +2854,7 @@
-S "Maximum outgoing record payload length is 16384" \
-c "fragment larger than.*maximum "
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: used by client" \
"$P_SRV debug_level=3" \
@@ -2850,6 +2869,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 1024
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 512, server 1024" \
"$P_SRV debug_level=3 max_frag_len=1024" \
@@ -2864,6 +2884,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 512, server 2048" \
"$P_SRV debug_level=3 max_frag_len=2048" \
@@ -2878,6 +2899,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 512, server 4096" \
"$P_SRV debug_level=3 max_frag_len=4096" \
@@ -2892,6 +2914,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 1024
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 1024, server 512" \
"$P_SRV debug_level=3 max_frag_len=512" \
@@ -2906,6 +2929,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 1024, server 2048" \
"$P_SRV debug_level=3 max_frag_len=2048" \
@@ -2920,6 +2944,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 1024, server 4096" \
"$P_SRV debug_level=3 max_frag_len=4096" \
@@ -2934,6 +2959,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 2048, server 512" \
"$P_SRV debug_level=3 max_frag_len=512" \
@@ -2948,6 +2974,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 2048, server 1024" \
"$P_SRV debug_level=3 max_frag_len=1024" \
@@ -2962,6 +2989,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 2048, server 4096" \
"$P_SRV debug_level=3 max_frag_len=4096" \
@@ -2976,6 +3004,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 4096, server 512" \
"$P_SRV debug_level=3 max_frag_len=512" \
@@ -2990,6 +3019,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 4096, server 1024" \
"$P_SRV debug_level=3 max_frag_len=1024" \
@@ -3004,6 +3034,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client 4096, server 2048" \
"$P_SRV debug_level=3 max_frag_len=2048" \
@@ -3018,6 +3049,7 @@
-s "server hello, max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: used by server" \
"$P_SRV debug_level=3 max_frag_len=4096" \
@@ -3032,6 +3064,7 @@
-S "server hello, max_fragment_length extension" \
-C "found max_fragment_length extension"
+requires_max_content_len 4096
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
requires_gnutls
run_test "Max fragment length: gnutls server" \
@@ -3043,6 +3076,7 @@
-c "client hello, adding max_fragment_length extension" \
-c "found max_fragment_length extension"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client, message just fits" \
"$P_SRV debug_level=3" \
@@ -3059,6 +3093,7 @@
-c "2048 bytes written in 1 fragments" \
-s "2048 bytes read"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: client, larger message" \
"$P_SRV debug_level=3" \
@@ -3076,6 +3111,7 @@
-s "2048 bytes read" \
-s "297 bytes read"
+requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
run_test "Max fragment length: DTLS client, larger message" \
"$P_SRV debug_level=3 dtls=1" \
@@ -3187,6 +3223,7 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "Renegotiation with max fragment length: client 2048, server 512" \
"$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1 max_frag_len=512" \
"$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 max_frag_len=2048 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
@@ -3871,24 +3908,17 @@
-c "skip write certificate verify" \
-c "! mbedtls_ssl_handshake returned"
-# The "max_int chain" tests assume that MAX_INTERMEDIATE_CA is set to its
-# default value (8)
+# This script assumes that MBEDTLS_X509_MAX_INTERMEDIATE_CA has its default
+# value, defined here as MAX_IM_CA. Some test cases will be skipped if the
+# library is configured with a different value.
MAX_IM_CA='8'
-MAX_IM_CA_CONFIG=$( ../scripts/config.py get MBEDTLS_X509_MAX_INTERMEDIATE_CA)
-if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then
- cat <<EOF
-${CONFIG_H} contains a value for the configuration of
-MBEDTLS_X509_MAX_INTERMEDIATE_CA that is different from the script's
-test value of ${MAX_IM_CA}.
-
-The tests assume this value and if it changes, the tests in this
-script should also be adjusted.
-EOF
- exit 1
-fi
-
+# The tests for the max_int tests can pass with any number higher than MAX_IM_CA
+# because only a chain of MAX_IM_CA length is tested. Equally, the max_int+1
+# tests can pass with any number less than MAX_IM_CA. However, stricter preconditions
+# are in place so that the semantics are consistent with the test description.
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: server max_int chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
@@ -3897,6 +3927,7 @@
0 \
-C "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client default" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
@@ -3905,6 +3936,7 @@
1 \
-c "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client optional" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
@@ -3914,6 +3946,7 @@
1 \
-c "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: server max_int+1 chain, client none" \
"$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
@@ -3923,6 +3956,7 @@
0 \
-C "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server default" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
@@ -3931,6 +3965,7 @@
0 \
-S "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server optional" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
@@ -3939,6 +3974,7 @@
1 \
-s "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: client max_int+1 chain, server required" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
@@ -3947,6 +3983,7 @@
1 \
-s "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
run_test "Authentication: client max_int chain, server required" \
"$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
@@ -4124,6 +4161,7 @@
-C "! mbedtls_ssl_handshake returned" \
-S "X509 - Certificate verification failed"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server max_int chain, client default" \
@@ -4134,6 +4172,7 @@
-c "use CA callback for X.509 CRT verification" \
-C "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server max_int+1 chain, client default" \
@@ -4144,6 +4183,7 @@
-c "use CA callback for X.509 CRT verification" \
-c "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: server max_int+1 chain, client optional" \
@@ -4155,6 +4195,7 @@
-c "use CA callback for X.509 CRT verification" \
-c "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client max_int+1 chain, server optional" \
@@ -4165,6 +4206,7 @@
-s "use CA callback for X.509 CRT verification" \
-s "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client max_int+1 chain, server required" \
@@ -4175,6 +4217,7 @@
-s "use CA callback for X.509 CRT verification" \
-s "X509 - A fatal error occurred"
+requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
requires_full_size_output_buffer
requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
run_test "Authentication, CA callback: client max_int chain, server required" \
@@ -5724,6 +5767,7 @@
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
+# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
run_test "Large server packet TLS 1.2 BlockCipher" \
"$P_SRV response_size=16384" \
"$P_CLI force_version=tls1_2 \
@@ -6546,6 +6590,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 4096
run_test "DTLS fragmenting: none (for reference)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -6566,6 +6611,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "DTLS fragmenting: server only (max_frag_len)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -6590,6 +6636,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 4096
run_test "DTLS fragmenting: server only (more) (max_frag_len)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -6610,6 +6657,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=none \
crt_file=data_files/server7_int-ca.crt \
@@ -6637,6 +6685,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \
-p "$P_PXY mtu=1110" \
"$P_SRV dtls=1 debug_level=2 auth_mode=none \
@@ -6658,6 +6707,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -6685,6 +6735,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 2048
run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \
-p "$P_PXY mtu=1110" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -6705,6 +6756,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 4096
run_test "DTLS fragmenting: none (for reference) (MTU)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -6724,6 +6776,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 4096
run_test "DTLS fragmenting: client (MTU)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -6743,6 +6796,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: server (MTU)" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
crt_file=data_files/server7_int-ca.crt \
@@ -6762,6 +6816,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: both (MTU=1024)" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -6787,6 +6842,7 @@
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: both (MTU=512)" \
-p "$P_PXY mtu=512" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -6818,6 +6874,7 @@
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \
-p "$P_PXY mtu=508" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -6842,6 +6899,7 @@
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \
-p "$P_PXY mtu=508" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -6865,6 +6923,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -6894,6 +6953,7 @@
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \
-p "$P_PXY mtu=512" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -6917,6 +6977,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -6943,6 +7004,7 @@
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \
-p "$P_PXY mtu=512" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -6979,6 +7041,7 @@
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, resumed handshake" \
-p "$P_PXY mtu=1450" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -7008,6 +7071,7 @@
requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_CHACHAPOLY_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
-p "$P_PXY mtu=512" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -7040,6 +7104,7 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
-p "$P_PXY mtu=512" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -7072,6 +7137,7 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_CCM_C
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -7105,6 +7171,7 @@
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -7137,6 +7204,7 @@
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
-p "$P_PXY mtu=1024" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -7166,6 +7234,7 @@
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
client_needs_more_time 2
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU + 3d" \
-p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
"$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \
@@ -7190,6 +7259,7 @@
requires_config_enabled MBEDTLS_AES_C
requires_config_enabled MBEDTLS_GCM_C
client_needs_more_time 2
+requires_max_content_len 2048
run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \
-p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
"$P_SRV dtls=1 debug_level=2 auth_mode=required \
@@ -7215,6 +7285,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_gnutls
+requires_max_content_len 2048
run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
"$G_SRV -u" \
"$P_CLI dtls=1 debug_level=2 \
@@ -7238,6 +7309,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_gnutls
requires_not_i686
+requires_max_content_len 2048
run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
@@ -7251,6 +7323,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_max_content_len 2048
run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
"$O_SRV -dtls1_2 -verify 10" \
"$P_CLI dtls=1 debug_level=2 \
@@ -7265,6 +7338,7 @@
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_max_content_len 2048
run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
@@ -7284,6 +7358,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$G_NEXT_SRV -u" \
@@ -7301,6 +7376,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$P_SRV dtls=1 debug_level=2 \
@@ -7322,6 +7398,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$O_SRV -dtls1_2 -verify 10" \
@@ -7339,6 +7416,7 @@
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
+requires_max_content_len 2048
run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$P_SRV dtls=1 debug_level=2 \
@@ -8409,10 +8487,34 @@
-c "EAP-TLS IV is:" \
-s "EAP-TLS IV is:"
+# TLS1.3 test cases
+# TODO: remove or rewrite this test case if #4832 is resolved.
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+skip_handshake_stage_check
+run_test "TLS1.3: Not supported version check: tls1_2 and tls1_3" \
+ "$P_SRV debug_level=1 min_version=tls1_2 max_version=tls1_3" \
+ "$P_CLI debug_level=1 min_version=tls1_2 max_version=tls1_3" \
+ 1 \
+ -s "SSL - The requested feature is not available" \
+ -c "SSL - The requested feature is not available" \
+ -s "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported" \
+ -c "Hybrid TLS 1.2 + TLS 1.3 configurations are not yet supported"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+run_test "TLS1.3: handshake dispatch test: tls1_3 only" \
+ "$P_SRV min_version=tls1_3 max_version=tls1_3" \
+ "$P_CLI min_version=tls1_3 max_version=tls1_3" \
+ 1 \
+ -s "SSL - The requested feature is not available" \
+ -c "SSL - The requested feature is not available"
+
# Test heap memory usage after handshake
requires_config_enabled MBEDTLS_MEMORY_DEBUG
requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+requires_max_content_len 16384
run_tests_memory_after_hanshake
# Final report
diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function
index 197a7ef..c51be4d 100644
--- a/tests/suites/test_suite_debug.function
+++ b/tests/suites/test_suite_debug.function
@@ -60,10 +60,16 @@
memset( buffer.buf, 0, 2000 );
buffer.ptr = buffer.buf;
+ mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT );
+
+ mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
+
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
mbedtls_debug_set_threshold( threshold );
- mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
mbedtls_debug_print_msg( &ssl, level, file, line,
"Text message, 2 == %d", 2 );
@@ -89,10 +95,15 @@
memset( buffer.buf, 0, 2000 );
buffer.ptr = buffer.buf;
- TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
+ mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT );
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
+ TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
+
mbedtls_debug_print_ret( &ssl, 0, file, line, text, value);
TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 );
@@ -116,11 +127,15 @@
memset( buffer.buf, 0, 2000 );
buffer.ptr = buffer.buf;
-
- TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
+ mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT );
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
+ TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
+
mbedtls_debug_print_buf( &ssl, 0, file, line, text, data->x, data->len );
TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 );
@@ -146,10 +161,15 @@
memset( buffer.buf, 0, 2000 );
buffer.ptr = buffer.buf;
- TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
+ mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT );
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
+ TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
+
TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
mbedtls_debug_print_crt( &ssl, 0, file, line, prefix, &crt);
@@ -177,12 +197,17 @@
memset( buffer.buf, 0, 2000 );
buffer.ptr = buffer.buf;
+ mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ MBEDTLS_SSL_PRESET_DEFAULT );
+
+ mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
+
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
TEST_ASSERT( mbedtls_test_read_mpi( &val, radix, value ) == 0 );
- mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
-
mbedtls_debug_print_mpi( &ssl, 0, file, line, prefix, &val);
TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 );
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index 5d92469..25eefb3 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -6021,6 +6021,62 @@
# Vector from RFC 8448
ssl_tls1_3_derive_handshake_secrets:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803"
+SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #1
+# - Server App Key: 0b6d22c8ff68097ea871c672073773bf
+# - Server App IV: 1b13dd9f8d8f17091d34b349
+# - Client App Key: 49134b95328f279f0183860589ac6707
+# - Client App IV: bc4dd5f7b98acff85466261d
+# - App data payload: 70696e67
+# - Complete record: 1703030015c74061535eb12f5f25a781957874742ab7fb305dd5
+# - Padding used: No (== granularity 1)
+ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5"
+
+SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2
+# - Server App Key: 0b6d22c8ff68097ea871c672073773bf
+# - Server App IV: 1b13dd9f8d8f17091d34b349
+# - Client App Key: 49134b95328f279f0183860589ac6707
+# - Client App IV: bc4dd5f7b98acff85466261d
+# - App data payload: 706f6e67
+# - Complete record: 1703030015370e5f168afa7fb16b663ecdfca3dbb81931a90ca7
+# - Padding used: No (== granularity 1)
+ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7"
+
+SSL TLS 1.3 Record Encryption RFC 8448 Example #1
+# Application Data record sent by Client in 1-RTT example of RFC 8448, Section 3
+# - Server App Key: 9f 02 28 3b 6c 9c 07 ef c2 6b b9 f2 ac 92 e3 56
+# - Server App IV: cf 78 2b 88 dd 83 54 9a ad f1 e9 84
+# - Client App Key: 17 42 2d da 59 6e d5 d9 ac d8 90 e3 c6 3f 50 51
+# - Client App IV: 5b 78 92 3d ee 08 57 90 33 e5 23 d9
+# - App data payload: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
+# 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
+# 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f
+# 30 31
+# - Complete record: 17 03 03 00 43 a2 3f 70 54 b6 2c 94 d0 af fa fe
+# 82 28 ba 55 cb ef ac ea 42 f9 14 aa 66 bc ab 3f
+# 2b 98 19 a8 a5 b4 6b 39 5b d5 4a 9a 20 44 1e 2b
+# 62 97 4e 1f 5a 62 92 a2 97 70 14 bd 1e 3d ea e6
+# 3a ee bb 21 69 49 15 e4
+# - Padding used: No (== granularity 1)
+ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4"
+
+SSL TLS 1.3 Record Encryption RFC 8448 Example #2
+# Application Data record sent by Server in 1-RTT example of RFC 8448, Section 3
+# - Server App Key: 9f 02 28 3b 6c 9c 07 ef c2 6b b9 f2 ac 92 e3 56
+# - Server App IV: cf 78 2b 88 dd 83 54 9a ad f1 e9 84
+# - Client App Key: 17 42 2d da 59 6e d5 d9 ac d8 90 e3 c6 3f 50 51
+# - Client App IV: 5b 78 92 3d ee 08 57 90 33 e5 23 d9
+# - App data payload: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
+# 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f
+# 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f
+# 30 31
+# - Complete record: 17 03 03 00 43 2e 93 7e 11 ef 4a c7 40 e5 38 ad
+# 36 00 5f c4 a4 69 32 fc 32 25 d0 5f 82 aa 1b 36
+# e3 0e fa f9 7d 90 e6 df fc 60 2d cb 50 1a 59 a8
+# fc c4 9c 4b f2 e5 f0 a2 1c 00 47 c2 ab f3 32 54
+# 0d d0 32 e1 67 c2 95 5d
+# - Padding used: No (== granularity 1)
+ssl_tls1_3_record_protection:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d"
+
SSL TLS 1.3 Key schedule: Application secrets derivation helper
# Vector from RFC 8448
ssl_tls1_3_derive_application_secrets:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4"
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 081e8a4..69d2e00 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -1435,13 +1435,14 @@
* Populate a session structure for serialization tests.
* Choose dummy values, mostly non-0 to distinguish from the init default.
*/
-static int ssl_populate_session( mbedtls_ssl_session *session,
- int ticket_len,
- const char *crt_file )
+static int ssl_populate_session_tls12( mbedtls_ssl_session *session,
+ int ticket_len,
+ const char *crt_file )
{
#if defined(MBEDTLS_HAVE_TIME)
session->start = mbedtls_time( NULL ) - 42;
#endif
+ session->minor_ver = MBEDTLS_SSL_MINOR_VERSION_3;
session->ciphersuite = 0xabcd;
session->compression = 1;
session->id_len = sizeof( session->id );
@@ -1449,7 +1450,7 @@
memset( session->master, 17, sizeof( session->master ) );
#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_FS_IO)
- if( strlen( crt_file ) != 0 )
+ if( crt_file != NULL && strlen( crt_file ) != 0 )
{
mbedtls_x509_crt tmp_crt;
int ret;
@@ -3944,6 +3945,104 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+void ssl_tls1_3_record_protection( int ciphersuite,
+ int endpoint,
+ int ctr,
+ int padding_used,
+ data_t *server_write_key,
+ data_t *server_write_iv,
+ data_t *client_write_key,
+ data_t *client_write_iv,
+ data_t *plaintext,
+ data_t *ciphertext )
+{
+ mbedtls_ssl_key_set keys;
+ mbedtls_ssl_transform transform_send;
+ mbedtls_ssl_transform transform_recv;
+ mbedtls_record rec;
+ unsigned char *buf = NULL;
+ size_t buf_len;
+ int other_endpoint;
+
+ TEST_ASSERT( endpoint == MBEDTLS_SSL_IS_CLIENT ||
+ endpoint == MBEDTLS_SSL_IS_SERVER );
+
+ if( endpoint == MBEDTLS_SSL_IS_SERVER )
+ other_endpoint = MBEDTLS_SSL_IS_CLIENT;
+ if( endpoint == MBEDTLS_SSL_IS_CLIENT )
+ other_endpoint = MBEDTLS_SSL_IS_SERVER;
+
+ TEST_ASSERT( server_write_key->len == client_write_key->len );
+ TEST_ASSERT( server_write_iv->len == client_write_iv->len );
+
+ memcpy( keys.client_write_key,
+ client_write_key->x, client_write_key->len );
+ memcpy( keys.client_write_iv,
+ client_write_iv->x, client_write_iv->len );
+ memcpy( keys.server_write_key,
+ server_write_key->x, server_write_key->len );
+ memcpy( keys.server_write_iv,
+ server_write_iv->x, server_write_iv->len );
+
+ keys.key_len = server_write_key->len;
+ keys.iv_len = server_write_iv->len;
+
+ mbedtls_ssl_transform_init( &transform_recv );
+ mbedtls_ssl_transform_init( &transform_send );
+
+ TEST_ASSERT( mbedtls_ssl_tls13_populate_transform(
+ &transform_send, endpoint,
+ ciphersuite, &keys, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ssl_tls13_populate_transform(
+ &transform_recv, other_endpoint,
+ ciphersuite, &keys, NULL ) == 0 );
+
+ /* Make sure we have enough space in the buffer even if
+ * we use more padding than the KAT. */
+ buf_len = ciphertext->len + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY;
+ ASSERT_ALLOC( buf, buf_len );
+ rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA;
+
+ /* TLS 1.3 uses the version identifier from TLS 1.2 on the wire. */
+ mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3,
+ MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_TRANSPORT_STREAM,
+ rec.ver );
+
+ /* Copy plaintext into record structure */
+ rec.buf = buf;
+ rec.buf_len = buf_len;
+ rec.data_offset = 0;
+ TEST_ASSERT( plaintext->len <= ciphertext->len );
+ memcpy( rec.buf + rec.data_offset, plaintext->x, plaintext->len );
+ rec.data_len = plaintext->len;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+ rec.cid_len = 0;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+ memset( &rec.ctr[0], 0, 8 );
+ rec.ctr[7] = ctr;
+
+ TEST_ASSERT( mbedtls_ssl_encrypt_buf( NULL, &transform_send, &rec,
+ NULL, NULL ) == 0 );
+
+ if( padding_used == MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY )
+ {
+ ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len,
+ ciphertext->x, ciphertext->len );
+ }
+
+ TEST_ASSERT( mbedtls_ssl_decrypt_buf( NULL, &transform_recv, &rec ) == 0 );
+ ASSERT_COMPARE( rec.buf + rec.data_offset, rec.data_len,
+ plaintext->x, plaintext->len );
+
+ mbedtls_free( buf );
+ mbedtls_ssl_transform_free( &transform_send );
+ mbedtls_ssl_transform_free( &transform_recv );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
void ssl_tls1_3_key_evolution( int hash_alg,
data_t *secret,
data_t *input,
@@ -4005,7 +4104,7 @@
mbedtls_ssl_session_init( &restored );
/* Prepare a dummy session to work on */
- TEST_ASSERT( ssl_populate_session( &original, ticket_len, crt_file ) == 0 );
+ TEST_ASSERT( ssl_populate_session_tls12( &original, ticket_len, crt_file ) == 0 );
/* Serialize it */
TEST_ASSERT( mbedtls_ssl_session_save( &original, NULL, 0, &len )
@@ -4023,6 +4122,7 @@
#if defined(MBEDTLS_HAVE_TIME)
TEST_ASSERT( original.start == restored.start );
#endif
+ TEST_ASSERT( original.minor_ver == restored.minor_ver );
TEST_ASSERT( original.ciphersuite == restored.ciphersuite );
TEST_ASSERT( original.compression == restored.compression );
TEST_ASSERT( original.id_len == restored.id_len );
@@ -4101,7 +4201,7 @@
mbedtls_ssl_session_init( &session );
/* Prepare a dummy session to work on */
- TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
+ TEST_ASSERT( ssl_populate_session_tls12( &session, ticket_len, crt_file ) == 0 );
/* Get desired buffer size for serializing */
TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &len0 )
@@ -4151,7 +4251,7 @@
mbedtls_ssl_session_init( &session );
/* Prepare dummy session and get serialized size */
- TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
+ TEST_ASSERT( ssl_populate_session_tls12( &session, ticket_len, crt_file ) == 0 );
TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len )
== MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
@@ -4187,7 +4287,7 @@
mbedtls_ssl_session_init( &session );
/* Prepare serialized session data */
- TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 );
+ TEST_ASSERT( ssl_populate_session_tls12( &session, ticket_len, crt_file ) == 0 );
TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len )
== MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
TEST_ASSERT( ( good_buf = mbedtls_calloc( 1, good_len ) ) != NULL );
@@ -4232,6 +4332,7 @@
corrupt_config == 1 };
mbedtls_ssl_session_init( &session );
+ ssl_populate_session_tls12( &session, 0, NULL );
/* Infer length of serialized session. */
TEST_ASSERT( mbedtls_ssl_session_save( &session,