mirrors/v
1
0
Fork 0
mirror of https://github.com/vlang/v.git synced 2025-09-15 07:22:27 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions 12

thirdparty,net.mbedtls: update mbedtls to latest compatible version v3.3.0 (#21118)

Browse source
This commit is contained in:
Turiiya 2024-03-28 07:46:21 +01:00 committed by GitHub
parent cb402a3340
commit 64a336932c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
156 changed files with 16293 additions and 4396 deletions
Download patch file Download diff file Expand all files Collapse all files

6
thirdparty/mbedtls/include/psa/crypto.h vendored
View file

@ -525,7 +525,7 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key,
*
* This function destroys a key from both volatile
* memory and, if applicable, non-volatile storage. Implementations shall
* make a best effort to ensure that that the key material cannot be recovered.
* make a best effort to ensure that the key material cannot be recovered.
*
* This function also erases any metadata such as policies and frees
* resources associated with the key.
@ -545,7 +545,7 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key,
* \retval #PSA_ERROR_INVALID_HANDLE
* \p key is not a valid identifier nor \c 0.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
* There was an failure in communication with the cryptoprocessor.
* There was a failure in communication with the cryptoprocessor.
* The key material may still be present in the cryptoprocessor.
* \retval #PSA_ERROR_DATA_INVALID
* This error is typically a result of either storage corruption on a
@ -3823,7 +3823,7 @@ psa_status_t psa_key_derivation_verify_bytes(
* compares those bytes to an expected value, provided as key of type
* #PSA_KEY_TYPE_PASSWORD_HASH.
* If you view the key derivation's output as a stream of bytes, this
* function destructively reads the number of bytes corresponding the
* function destructively reads the number of bytes corresponding to the
* length of the expected value from the stream before comparing them.
* The operation's capacity decreases by the number of bytes read.
*

2
thirdparty/mbedtls/include/psa/crypto_compat.h vendored
View file

@ -44,7 +44,7 @@ typedef mbedtls_svc_key_id_t psa_key_handle_t;
#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT
/** Check whether an handle is null.
/** Check whether a handle is null.
*
* \param handle Handle
*

3
thirdparty/mbedtls/include/psa/crypto_config.h vendored
View file

@ -65,6 +65,7 @@
#define PSA_WANT_ALG_ECB_NO_PADDING 1
#define PSA_WANT_ALG_ECDH 1
#define PSA_WANT_ALG_ECDSA 1
#define PSA_WANT_ALG_JPAKE 1
#define PSA_WANT_ALG_GCM 1
#define PSA_WANT_ALG_HKDF 1
#define PSA_WANT_ALG_HKDF_EXTRACT 1
@ -88,6 +89,8 @@
#define PSA_WANT_ALG_STREAM_CIPHER 1
#define PSA_WANT_ALG_TLS12_PRF 1
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1
/* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS.
* Note: when adding support, also adjust include/mbedtls/config_psa.h */
//#define PSA_WANT_ALG_XTS 1

66
thirdparty/mbedtls/include/psa/crypto_extra.h vendored
View file

@ -359,7 +359,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed,
*/
#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002)
/** Whether a key type is an DSA key (pair or public-only). */
/** Whether a key type is a DSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_DSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
@ -1287,7 +1287,7 @@ static void psa_pake_cs_set_hash( psa_pake_cipher_suite_t *cipher_suite,
* Implementation details can change in future versions without notice. */
typedef struct psa_pake_operation_s psa_pake_operation_t;
/** Return an initial value for an PAKE operation object.
/** Return an initial value for a PAKE operation object.
*/
static psa_pake_operation_t psa_pake_operation_init( void );
@ -1760,7 +1760,16 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
* recognized, or the parameters are incompatible,
* return 0.
*/
#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) 0
#define PSA_PAKE_OUTPUT_SIZE(alg, primitive, output_step) \
( alg == PSA_ALG_JPAKE && \
primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
PSA_ECC_FAMILY_SECP_R1, 256) ? \
( \
output_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
output_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
32 \
) : \
0 )
/** A sufficient input buffer size for psa_pake_input().
*
@ -1781,7 +1790,16 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
* the input type or PAKE algorithm is not recognized, or
* the parameters are incompatible, return 0.
*/
#define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) 0
#define PSA_PAKE_INPUT_SIZE(alg, primitive, input_step) \
( alg == PSA_ALG_JPAKE && \
primitive == PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, \
PSA_ECC_FAMILY_SECP_R1, 256) ? \
( \
input_step == PSA_PAKE_STEP_KEY_SHARE ? 65 : \
input_step == PSA_PAKE_STEP_ZK_PUBLIC ? 65 : \
32 \
) : \
0 )
/** Output buffer size for psa_pake_output() for any of the supported PAKE
* algorithm and primitive suites and output step.
@ -1790,7 +1808,7 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
*
* See also #PSA_PAKE_OUTPUT_SIZE(\p alg, \p primitive, \p step).
*/
#define PSA_PAKE_OUTPUT_MAX_SIZE 0
#define PSA_PAKE_OUTPUT_MAX_SIZE 65
/** Input buffer size for psa_pake_input() for any of the supported PAKE
* algorithm and primitive suites and input step.
@ -1799,7 +1817,7 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
*
* See also #PSA_PAKE_INPUT_SIZE(\p alg, \p primitive, \p step).
*/
#define PSA_PAKE_INPUT_MAX_SIZE 0
#define PSA_PAKE_INPUT_MAX_SIZE 65
/** Returns a suitable initializer for a PAKE cipher suite object of type
* psa_pake_cipher_suite_t.
@ -1809,7 +1827,14 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
/** Returns a suitable initializer for a PAKE operation object of type
* psa_pake_operation_t.
*/
#define PSA_PAKE_OPERATION_INIT {PSA_ALG_NONE, {0}}
#if defined(MBEDTLS_PSA_BUILTIN_PAKE)
#define PSA_PAKE_OPERATION_INIT {PSA_ALG_NONE, 0, 0, 0, 0, \
NULL, 0 , \
PSA_PAKE_ROLE_NONE, {0}, 0, 0, \
{.dummy = 0}}
#else
#define PSA_PAKE_OPERATION_INIT {PSA_ALG_NONE, 0, 0, {0}}
#endif
struct psa_pake_cipher_suite_s
{
@ -1879,14 +1904,37 @@ static inline void psa_pake_cs_set_hash( psa_pake_cipher_suite_t *cipher_suite,
cipher_suite->hash = hash;
}
#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE)
#include <mbedtls/ecjpake.h>
/* Note: the format for mbedtls_ecjpake_read/write function has an extra
* length byte for each step, plus an extra 3 bytes for ECParameters in the
* server's 2nd round. */
#define MBEDTLS_PSA_PAKE_BUFFER_SIZE ( ( 3 + 1 + 65 + 1 + 65 + 1 + 32 ) * 2 )
#endif
struct psa_pake_operation_s
{
psa_algorithm_t alg;
psa_algorithm_t MBEDTLS_PRIVATE(alg);
unsigned int MBEDTLS_PRIVATE(state);
unsigned int MBEDTLS_PRIVATE(sequence);
#if defined(MBEDTLS_PSA_BUILTIN_PAKE)
unsigned int MBEDTLS_PRIVATE(input_step);
unsigned int MBEDTLS_PRIVATE(output_step);
uint8_t* MBEDTLS_PRIVATE(password);
size_t MBEDTLS_PRIVATE(password_len);
psa_pake_role_t MBEDTLS_PRIVATE(role);
uint8_t MBEDTLS_PRIVATE(buffer[MBEDTLS_PSA_PAKE_BUFFER_SIZE]);
size_t MBEDTLS_PRIVATE(buffer_length);
size_t MBEDTLS_PRIVATE(buffer_offset);
#endif
union
{
#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE)
mbedtls_ecjpake_context ecjpake;
#endif
/* Make the union non-empty even with no supported algorithms. */
uint8_t dummy;
} ctx;
} MBEDTLS_PRIVATE(ctx);
};
static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init( void )

9
thirdparty/mbedtls/include/psa/crypto_platform.h vendored
View file

@ -45,11 +45,6 @@
/* PSA requires several types which C99 provides in stdint.h. */
#include <stdint.h>
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
/* Building for the PSA Crypto service on a PSA platform, a key owner is a PSA
@ -57,8 +52,8 @@
*
* The function psa_its_identifier_of_slot() in psa_crypto_storage.c that
* translates a key identifier to a key storage file name assumes that
* mbedtls_key_owner_id_t is an 32 bits integer. This function thus needs
* reworking if mbedtls_key_owner_id_t is not defined as a 32 bits integer
* mbedtls_key_owner_id_t is a 32-bit integer. This function thus needs
* reworking if mbedtls_key_owner_id_t is not defined as a 32-bit integer
* here anymore.
*/
typedef int32_t mbedtls_key_owner_id_t;

12
thirdparty/mbedtls/include/psa/crypto_se_driver.h vendored
View file

@ -226,7 +226,7 @@ typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *op_context,
* operation by comparing the resulting MAC against a provided value
*
* \param[in,out] op_context A hardware-specific structure for the previously
* started MAC operation to be fiinished
* started MAC operation to be finished
* \param[in] p_mac The MAC value against which the resulting MAC
* will be compared against
* \param[in] mac_length The size in bytes of the value stored in `p_mac`
@ -337,7 +337,7 @@ typedef struct {
/** Function that completes a MAC operation with a verify check
*/
psa_drv_se_mac_finish_verify_t MBEDTLS_PRIVATE(p_finish_verify);
/** Function that aborts a previoustly started MAC operation
/** Function that aborts a previously started MAC operation
*/
psa_drv_se_mac_abort_t MBEDTLS_PRIVATE(p_abort);
/** Function that performs a MAC operation in one call
@ -395,7 +395,7 @@ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_cont
psa_encrypt_or_decrypt_t direction);
/** \brief A function that sets the initialization vector (if
* necessary) for an secure element cipher operation
* necessary) for a secure element cipher operation
*
* Rationale: The `psa_se_cipher_*` operation in the PSA Cryptographic API has
* two IV functions: one to set the IV, and one to generate it internally. The
@ -746,7 +746,7 @@ typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_drv_se_context_t *drv_cont
size_t ciphertext_size,
size_t *p_ciphertext_length);
/** A function that peforms a secure element authenticated decryption operation
/** A function that performs a secure element authenticated decryption operation
*
* \param[in,out] drv_context The driver context structure.
* \param[in] key_slot Slot containing the key to use
@ -1157,7 +1157,7 @@ typedef struct {
*
* Different key derivation algorithms require a different number of inputs.
* Instead of having an API that takes as input variable length arrays, which
* can be problemmatic to manage on embedded platforms, the inputs are passed
* can be problematic to manage on embedded platforms, the inputs are passed
* to the driver via a function, `psa_drv_se_key_derivation_collateral`, that
* is called multiple times with different `collateral_id`s. Thus, for a key
* derivation algorithm that required 3 parameter inputs, the flow would look
@ -1271,7 +1271,7 @@ typedef struct {
psa_drv_se_key_derivation_collateral_t MBEDTLS_PRIVATE(p_collateral);
/** Function that performs a final key derivation step */
psa_drv_se_key_derivation_derive_t MBEDTLS_PRIVATE(p_derive);
/** Function that perforsm a final key derivation or agreement and
/** Function that performs a final key derivation or agreement and
* exports the key */
psa_drv_se_key_derivation_export_t MBEDTLS_PRIVATE(p_export);
} psa_drv_se_key_derivation_t;

11
thirdparty/mbedtls/include/psa/crypto_sizes.h vendored
View file

@ -239,6 +239,15 @@
*/
#define PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE 128
/* The expected size of input passed to psa_tls12_ecjpake_to_pms_input,
* which is expected to work with P-256 curve only. */
#define PSA_TLS12_ECJPAKE_TO_PMS_INPUT_SIZE 65
/* The size of a serialized K.X coordinate to be used in
* psa_tls12_ecjpake_to_pms_input. This function only accepts the P-256
* curve. */
#define PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE 32
/** The maximum size of a block cipher. */
#define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE 16
@ -708,7 +717,7 @@
(PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11)
/* Maximum size of the export encoding of an RSA key pair.
* Assumes thatthe public exponent is less than 2^32 and that the size
* Assumes that the public exponent is less than 2^32 and that the size
* difference between the two primes is at most 1 bit.
*
* RSAPrivateKey ::= SEQUENCE {

9
thirdparty/mbedtls/include/psa/crypto_struct.h vendored
View file

@ -202,6 +202,12 @@ typedef struct
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF ||
MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT ||
MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
typedef struct
{
uint8_t MBEDTLS_PRIVATE(data)[PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE];
} psa_tls12_ecjpake_to_pms_t;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
@ -266,6 +272,9 @@ struct psa_key_derivation_s
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
psa_tls12_prf_key_derivation_t MBEDTLS_PRIVATE(tls12_prf);
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
psa_tls12_ecjpake_to_pms_t MBEDTLS_PRIVATE(tls12_ecjpake_to_pms);
#endif
} MBEDTLS_PRIVATE(ctx);
};

4
thirdparty/mbedtls/include/psa/crypto_types.h vendored
View file

@ -105,7 +105,7 @@ typedef uint8_t psa_ecc_family_t;
* Values of this type are generally constructed by macros called
* `PSA_DH_FAMILY_xxx`.
*
* The group identifier is required to create an Diffie-Hellman key using the
* The group identifier is required to create a Diffie-Hellman key using the
* PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY()
* macros.
*
@ -297,7 +297,7 @@ typedef psa_key_id_t mbedtls_svc_key_id_t;
#else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
/* Implementation-specific: The Mbed Cryptography library can be built as
* part of a multi-client service that exposes the PSA Cryptograpy API in each
* part of a multi-client service that exposes the PSA Cryptography API in each
* client and encodes the client identity in the key identifier argument of
* functions such as psa_open_key().
*/

30
thirdparty/mbedtls/include/psa/crypto_values.h vendored
View file

@ -1265,7 +1265,7 @@
*/
#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500)
/* In the encoding of a AEAD algorithm, the bits corresponding to
/* In the encoding of an AEAD algorithm, the bits corresponding to
* PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
* The constants for default lengths follow this encoding.
*/
@ -1400,9 +1400,11 @@
* This is the signature scheme defined by RFC 8017
* (PKCS#1: RSA Cryptography Specifications) under the name
* RSASSA-PSS, with the message generation function MGF1, and with
* a salt length equal to the length of the hash. The specified
* hash algorithm is used to hash the input message, to create the
* salted hash, and for the mask generation.
* a salt length equal to the length of the hash, or the largest
* possible salt length for the algorithm and key size if that is
* smaller than the hash length. The specified hash algorithm is
* used to hash the input message, to create the salted hash, and
* for the mask generation.
*
* \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
* #PSA_ALG_IS_HASH(\p hash_alg) is true).
@ -2019,6 +2021,20 @@
#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \
(PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
/* The TLS 1.2 ECJPAKE-to-PMS KDF. It takes the shared secret K (an EC point
* in case of EC J-PAKE) and calculates SHA256(K.X) that the rest of TLS 1.2
* will use to derive the session secret, as defined by step 2 of
* https://datatracker.ietf.org/doc/html/draft-cragie-tls-ecjpake-01#section-8.7.
* Uses PSA_ALG_SHA_256.
* This function takes a single input:
* #PSA_KEY_DERIVATION_INPUT_SECRET is the shared secret K from EC J-PAKE.
* The only supported curve is secp256r1 (the 256-bit curve in
* #PSA_ECC_FAMILY_SECP_R1), so the input must be exactly 65 bytes.
* The output has to be read as a single chunk of 32 bytes, defined as
* PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE.
*/
#define PSA_ALG_TLS12_ECJPAKE_TO_PMS ((psa_algorithm_t)0x08000609)
/* This flag indicates whether the key derivation algorithm is suitable for
* use on low-entropy secrets such as password - these algorithms are also
* known as key stretching or password hashing schemes. These are also the
@ -2561,7 +2577,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
*
* This flag allows the key to be used for a MAC verification operation
* or for an asymmetric signature verification operation,
* if otherwise permitted by by the key's type and policy.
* if otherwise permitted by the key's type and policy.
*
* For a key pair, this concerns the public key.
*/
@ -2571,7 +2587,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* hash.
*
* This flag allows the key to be used for a key derivation operation or for
* a key agreement operation, if otherwise permitted by by the key's type and
* a key agreement operation, if otherwise permitted by the key's type and
* policy.
*
* If this flag is present on all keys used in calls to
@ -2587,7 +2603,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
* This flag allows the key to be used:
*
* This flag allows the key to be used in a key derivation operation, if
* otherwise permitted by by the key's type and policy.
* otherwise permitted by the key's type and policy.
*
* If this flag is present on all keys used in calls to
* psa_key_derivation_input_key() for a key derivation operation, then it