github/OpenVPNAdapter
4
0
Fork 0
mirror of https://github.com/deneraraujo/OpenVPNAdapter.git synced 2026-04-06 00:00:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update mbedTLS library to version 2.7.5

Browse Source
This commit is contained in:
Sergey Abramchuk
2018-10-04 14:22:51 +03:00
parent 815faff487
commit 4ea6748dac
42 changed files with 322 additions and 342 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/asn1.h
View File

@@ -88,6 +88,21 @@
#define MBEDTLS_ASN1_PRIMITIVE 0x00 #define MBEDTLS_ASN1_PRIMITIVE 0x00
#define MBEDTLS_ASN1_CONSTRUCTED 0x20 #define MBEDTLS_ASN1_CONSTRUCTED 0x20
#define MBEDTLS_ASN1_CONTEXT_SPECIFIC 0x80 #define MBEDTLS_ASN1_CONTEXT_SPECIFIC 0x80
/*
* Bit masks for each of the components of an ASN.1 tag as specified in
* ITU X.690 (08/2015), section 8.1 "General rules for encoding",
* paragraph 8.1.2.2:
*
* Bit 8 7 6 5 1
* +-------+-----+------------+
* | Class | P/C | Tag number |
* +-------+-----+------------+
*/
#define MBEDTLS_ASN1_TAG_CLASS_MASK 0xC0
#define MBEDTLS_ASN1_TAG_PC_MASK 0x20
#define MBEDTLS_ASN1_TAG_VALUE_MASK 0x1F
/* \} name */ /* \} name */
/* \} addtogroup asn1_module */ /* \} addtogroup asn1_module */

15
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/bn_mul.h
View File

@@ -49,7 +49,14 @@
/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */ /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
#if defined(__GNUC__) && \ #if defined(__GNUC__) && \
( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 )
#if defined(__i386__)
/*
* Disable use of the i386 assembly code below if option -O0, to disable all
* compiler optimisations, is passed, detected with __OPTIMIZE__
* This is done as the number of registers used in the assembly code doesn't
* work with the -O0 option.
*/
#if defined(__i386__) && defined(__OPTIMIZE__) && (!defined(__ANDROID_API__) || defined(__clang__))
#define MULADDC_INIT \ #define MULADDC_INIT \
asm( \ asm( \
@@ -142,7 +149,7 @@
"movl %%esi, %3 \n\t" \ "movl %%esi, %3 \n\t" \
: "=m" (t), "=m" (c), "=m" (d), "=m" (s) \ : "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
: "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \ : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
: "eax", "ecx", "edx", "esi", "edi" \ : "eax", "ebx", "ecx", "edx", "esi", "edi" \
); );
#else #else
@@ -154,7 +161,7 @@
"movl %%esi, %3 \n\t" \ "movl %%esi, %3 \n\t" \
: "=m" (t), "=m" (c), "=m" (d), "=m" (s) \ : "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
: "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \ : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
: "eax", "ecx", "edx", "esi", "edi" \ : "eax", "ebx", "ecx", "edx", "esi", "edi" \
); );
#endif /* SSE2 */ #endif /* SSE2 */
#endif /* i386 */ #endif /* i386 */
@@ -521,7 +528,7 @@
"swi r3, %2 \n\t" \ "swi r3, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \ : "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \ : "m" (s), "m" (d), "m" (c), "m" (b) \
: "r3", "r4" "r5", "r6", "r7", "r8", \ : "r3", "r4", "r5", "r6", "r7", "r8", \
"r9", "r10", "r11", "r12", "r13" \ "r9", "r10", "r11", "r12", "r13" \
); );

5
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/ccm.h
View File

@@ -105,7 +105,7 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
* Must be at least \p length Bytes wide. * Must be at least \p length Bytes wide.
* \param tag The buffer holding the tag. * \param tag The buffer holding the tag.
* \param tag_len The length of the tag to generate in Bytes: * \param tag_len The length of the tag to generate in Bytes:
* 4, 6, 8, 10, 14 or 16. * 4, 6, 8, 10, 12, 14 or 16.
* *
* \note The tag is written to a separate buffer. To concatenate * \note The tag is written to a separate buffer. To concatenate
* the \p tag with the \p output, as done in <em>RFC-3610: * the \p tag with the \p output, as done in <em>RFC-3610:
@@ -131,10 +131,13 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
* \param iv_len The length of the IV in Bytes: 7, 8, 9, 10, 11, 12, or 13. * \param iv_len The length of the IV in Bytes: 7, 8, 9, 10, 11, 12, or 13.
* \param add The additional data field. * \param add The additional data field.
* \param add_len The length of additional data in Bytes. * \param add_len The length of additional data in Bytes.
* Must be less than 2^16 - 2^8.
* \param input The buffer holding the input data. * \param input The buffer holding the input data.
* \param output The buffer holding the output data. * \param output The buffer holding the output data.
* Must be at least \p length Bytes wide.
* \param tag The buffer holding the tag. * \param tag The buffer holding the tag.
* \param tag_len The length of the tag in Bytes. * \param tag_len The length of the tag in Bytes.
* 4, 6, 8, 10, 12, 14 or 16.
* *
* \return 0 if successful and authenticated, or * \return 0 if successful and authenticated, or
* #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. * #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.

4
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/check_config.h
View File

@@ -78,6 +78,10 @@
#error "MBEDTLS_DHM_C defined, but not all prerequisites" #error "MBEDTLS_DHM_C defined, but not all prerequisites"
#endif #endif
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) && !defined(MBEDTLS_SSL_TRUNCATED_HMAC)
#error "MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_CMAC_C) && \ #if defined(MBEDTLS_CMAC_C) && \
!defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C) !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C)
#error "MBEDTLS_CMAC_C defined, but not all prerequisites" #error "MBEDTLS_CMAC_C defined, but not all prerequisites"

2
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/cipher.h
View File

@@ -43,7 +43,7 @@
#define MBEDTLS_CIPHER_MODE_WITH_PADDING #define MBEDTLS_CIPHER_MODE_WITH_PADDING
#endif #endif
#if defined(MBEDTLS_ARC4_C) #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
#define MBEDTLS_CIPHER_MODE_STREAM #define MBEDTLS_CIPHER_MODE_STREAM
#endif #endif

2
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/cmac.h
View File

@@ -26,7 +26,7 @@
#ifndef MBEDTLS_CMAC_H #ifndef MBEDTLS_CMAC_H
#define MBEDTLS_CMAC_H #define MBEDTLS_CMAC_H
#include "mbedtls/cipher.h" #include "cipher.h"
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {

29
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/config.h
View File

@@ -1049,7 +1049,8 @@
/** /**
* \def MBEDTLS_RSA_NO_CRT * \def MBEDTLS_RSA_NO_CRT
* *
* Do not use the Chinese Remainder Theorem for the RSA private operation. * Do not use the Chinese Remainder Theorem
* for the RSA private operation.
* *
* Uncomment this macro to disable the use of CRT in RSA. * Uncomment this macro to disable the use of CRT in RSA.
* *
@@ -1411,6 +1412,30 @@
*/ */
#define MBEDTLS_SSL_TRUNCATED_HMAC #define MBEDTLS_SSL_TRUNCATED_HMAC
/**
* \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
*
* Fallback to old (pre-2.7), non-conforming implementation of the truncated
* HMAC extension which also truncates the HMAC key. Note that this option is
* only meant for a transitory upgrade period and is likely to be removed in
* a future version of the library.
*
* \warning The old implementation is non-compliant and has a security weakness
* (2^80 brute force attack on the HMAC key used for a single,
* uninterrupted connection). This should only be enabled temporarily
* when (1) the use of truncated HMAC is essential in order to save
* bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
* the fixed implementation yet (pre-2.7).
*
* \deprecated This option is deprecated and will likely be removed in a
* future version of Mbed TLS.
*
* Uncomment to fallback to old, non-compliant truncated HMAC implementation.
*
* Requires: MBEDTLS_SSL_TRUNCATED_HMAC
*/
//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
/** /**
* \def MBEDTLS_THREADING_ALT * \def MBEDTLS_THREADING_ALT
* *
@@ -2793,7 +2818,7 @@
/* \} name SECTION: Customisation configuration options */ /* \} name SECTION: Customisation configuration options */
/* Target and application specific configurations */ /* Target and application specific configurations */
//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "mbedtls/target_config.h" //#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "target_config.h"
#if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE) #if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE)
#include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE #include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE

2
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/ctr_drbg.h
View File

@@ -31,7 +31,7 @@
#include "aes.h" #include "aes.h"
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
#include "mbedtls/threading.h" #include "threading.h"
#endif #endif
#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */ #define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */

2
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/dhm.h
View File

@@ -372,7 +372,7 @@ MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_constant_t;
* in <em>RFC-5114: Additional Diffie-Hellman Groups for Use with * in <em>RFC-5114: Additional Diffie-Hellman Groups for Use with
* IETF Standards</em>. * IETF Standards</em>.
*/ */
#define MBEDTLS_DHM_RFC5114_MODP_P \ #define MBEDTLS_DHM_RFC5114_MODP_2048_P \
MBEDTLS_DEPRECATED_STRING_CONSTANT( \ MBEDTLS_DEPRECATED_STRING_CONSTANT( \
"AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \ "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \
"B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \ "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \

4
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/ecdsa.h
View File

@@ -272,8 +272,8 @@ int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
* *
* \return \c 0 on success, * \return \c 0 on success,
* #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid, * #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid,
* #MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH if the signature is * #MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH if there is a valid
* valid but its actual length is less than \p siglen, * signature in sig but its length is less than \p siglen,
* or an \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX * or an \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
* error code on failure for any other reason. * error code on failure for any other reason.
* *

2
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/ecp.h
View File

@@ -36,7 +36,7 @@
#define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80 /**< Memory allocation failed. */ #define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80 /**< Memory allocation failed. */
#define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */ #define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */
#define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */ #define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */
#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< Signature is valid but shorter than the user-supplied length. */ #define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< The buffer contains a valid signature followed by more data. */
#define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED -0x4B80 /**< ECP hardware accelerator failed. */ #define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED -0x4B80 /**< ECP hardware accelerator failed. */
#if !defined(MBEDTLS_ECP_ALT) #if !defined(MBEDTLS_ECP_ALT)

2
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/ecp_internal.h
View File

@@ -48,7 +48,7 @@
* [6] Digital Signature Standard (DSS), FIPS 186-4. * [6] Digital Signature Standard (DSS), FIPS 186-4.
* <http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf> * <http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf>
* *
* [7] Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer * [7] Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer
* Security (TLS), RFC 4492. * Security (TLS), RFC 4492.
* <https://tools.ietf.org/search/rfc4492> * <https://tools.ietf.org/search/rfc4492>
* *

52
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/gcm.h
View File

@@ -106,20 +106,41 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
* If the buffers overlap, the output buffer must trail at least 8 Bytes * If the buffers overlap, the output buffer must trail at least 8 Bytes
* behind the input buffer. * behind the input buffer.
* *
* \warning When this function performs a decryption, it outputs the
* authentication tag and does not verify that the data is
* authentic. You should use this function to perform encryption
* only. For decryption, use mbedtls_gcm_auth_decrypt() instead.
*
* \param ctx The GCM context to use for encryption or decryption. * \param ctx The GCM context to use for encryption or decryption.
* \param mode The operation to perform: #MBEDTLS_GCM_ENCRYPT or * \param mode The operation to perform:
* #MBEDTLS_GCM_DECRYPT. * - #MBEDTLS_GCM_ENCRYPT to perform authenticated encryption.
* \param length The length of the input data. This must be a multiple of 16 except in the last call before mbedtls_gcm_finish(). * The ciphertext is written to \p output and the
* authentication tag is written to \p tag.
* - #MBEDTLS_GCM_DECRYPT to perform decryption.
* The plaintext is written to \p output and the
* authentication tag is written to \p tag.
* Note that this mode is not recommended, because it does
* not verify the authenticity of the data. For this reason,
* you should use mbedtls_gcm_auth_decrypt() instead of
* calling this function in decryption mode.
* \param length The length of the input data, which is equal to the length
* of the output data.
* \param iv The initialization vector. * \param iv The initialization vector.
* \param iv_len The length of the IV. * \param iv_len The length of the IV.
* \param add The buffer holding the additional data. * \param add The buffer holding the additional data.
* \param add_len The length of the additional data. * \param add_len The length of the additional data.
* \param input The buffer holding the input data. * \param input The buffer holding the input data. Its size is \b length.
* \param output The buffer for holding the output data. * \param output The buffer for holding the output data. It must have room
* for \b length bytes.
* \param tag_len The length of the tag to generate. * \param tag_len The length of the tag to generate.
* \param tag The buffer for holding the tag. * \param tag The buffer for holding the tag.
* *
* \return \c 0 on success. * \return \c 0 if the encryption or decryption was performed
* successfully. Note that in #MBEDTLS_GCM_DECRYPT mode,
* this does not indicate that the data is authentic.
* \return #MBEDTLS_ERR_GCM_BAD_INPUT if the lengths are not valid.
* \return #MBEDTLS_ERR_GCM_HW_ACCEL_FAILED or a cipher-specific
* error code if the encryption or decryption failed.
*/ */
int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
int mode, int mode,
@@ -142,18 +163,23 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
* behind the input buffer. * behind the input buffer.
* *
* \param ctx The GCM context. * \param ctx The GCM context.
* \param length The length of the input data. This must be a multiple of 16 except in the last call before mbedtls_gcm_finish(). * \param length The length of the ciphertext to decrypt, which is also
* the length of the decrypted plaintext.
* \param iv The initialization vector. * \param iv The initialization vector.
* \param iv_len The length of the IV. * \param iv_len The length of the IV.
* \param add The buffer holding the additional data. * \param add The buffer holding the additional data.
* \param add_len The length of the additional data. * \param add_len The length of the additional data.
* \param tag The buffer holding the tag. * \param tag The buffer holding the tag to verify.
* \param tag_len The length of the tag. * \param tag_len The length of the tag to verify.
* \param input The buffer holding the input data. * \param input The buffer holding the ciphertext. Its size is \b length.
* \param output The buffer for holding the output data. * \param output The buffer for holding the decrypted plaintext. It must
* have room for \b length bytes.
* *
* \return 0 if successful and authenticated, or * \return \c 0 if successful and authenticated.
* #MBEDTLS_ERR_GCM_AUTH_FAILED if tag does not match. * \return #MBEDTLS_ERR_GCM_AUTH_FAILED if the tag does not match.
* \return #MBEDTLS_ERR_GCM_BAD_INPUT if the lengths are not valid.
* \return #MBEDTLS_ERR_GCM_HW_ACCEL_FAILED or a cipher-specific
* error code if the decryption failed.
*/ */
int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
size_t length, size_t length,

2
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/hmac_drbg.h
View File

@@ -27,7 +27,7 @@
#include "md.h" #include "md.h"
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
#include "mbedtls/threading.h" #include "threading.h"
#endif #endif
/* /*

44
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/md2.h
View File

@@ -39,11 +39,6 @@
#define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED -0x002B /**< MD2 hardware accelerator failed */ #define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED -0x002B /**< MD2 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_MD2_ALT) #if !defined(MBEDTLS_MD2_ALT)
// Regular implementation // Regular implementation
// //
@@ -187,11 +182,7 @@ int mbedtls_internal_md2_process( mbedtls_md2_context *ctx );
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md2_starts( MBEDTLS_DEPRECATED void mbedtls_md2_starts( mbedtls_md2_context *ctx );
mbedtls_md2_context *ctx )
{
mbedtls_md2_starts_ret( ctx );
}
/** /**
* \brief MD2 process buffer * \brief MD2 process buffer
@@ -207,13 +198,9 @@ MBEDTLS_DEPRECATED static inline void mbedtls_md2_starts(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md2_update( MBEDTLS_DEPRECATED void mbedtls_md2_update( mbedtls_md2_context *ctx,
mbedtls_md2_context *ctx, const unsigned char *input,
const unsigned char *input, size_t ilen );
size_t ilen )
{
mbedtls_md2_update_ret( ctx, input, ilen );
}
/** /**
* \brief MD2 final digest * \brief MD2 final digest
@@ -228,12 +215,8 @@ MBEDTLS_DEPRECATED static inline void mbedtls_md2_update(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md2_finish( MBEDTLS_DEPRECATED void mbedtls_md2_finish( mbedtls_md2_context *ctx,
mbedtls_md2_context *ctx, unsigned char output[16] );
unsigned char output[16] )
{
mbedtls_md2_finish_ret( ctx, output );
}
/** /**
* \brief MD2 process data block (internal use only) * \brief MD2 process data block (internal use only)
@@ -247,11 +230,7 @@ MBEDTLS_DEPRECATED static inline void mbedtls_md2_finish(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md2_process( MBEDTLS_DEPRECATED void mbedtls_md2_process( mbedtls_md2_context *ctx );
mbedtls_md2_context *ctx )
{
mbedtls_internal_md2_process( ctx );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -304,12 +283,9 @@ int mbedtls_md2_ret( const unsigned char *input,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md2( const unsigned char *input, MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char output[16] ) unsigned char output[16] );
{
mbedtls_md2_ret( input, ilen, output );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */

46
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/md4.h
View File

@@ -40,11 +40,6 @@
#define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED -0x002D /**< MD4 hardware accelerator failed */ #define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED -0x002D /**< MD4 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_MD4_ALT) #if !defined(MBEDTLS_MD4_ALT)
// Regular implementation // Regular implementation
// //
@@ -188,11 +183,7 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md4_starts( MBEDTLS_DEPRECATED void mbedtls_md4_starts( mbedtls_md4_context *ctx );
mbedtls_md4_context *ctx )
{
mbedtls_md4_starts_ret( ctx );
}
/** /**
* \brief MD4 process buffer * \brief MD4 process buffer
@@ -208,13 +199,9 @@ MBEDTLS_DEPRECATED static inline void mbedtls_md4_starts(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md4_update( MBEDTLS_DEPRECATED void mbedtls_md4_update( mbedtls_md4_context *ctx,
mbedtls_md4_context *ctx, const unsigned char *input,
const unsigned char *input, size_t ilen );
size_t ilen )
{
mbedtls_md4_update_ret( ctx, input, ilen );
}
/** /**
* \brief MD4 final digest * \brief MD4 final digest
@@ -229,12 +216,8 @@ MBEDTLS_DEPRECATED static inline void mbedtls_md4_update(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md4_finish( MBEDTLS_DEPRECATED void mbedtls_md4_finish( mbedtls_md4_context *ctx,
mbedtls_md4_context *ctx, unsigned char output[16] );
unsigned char output[16] )
{
mbedtls_md4_finish_ret( ctx, output );
}
/** /**
* \brief MD4 process data block (internal use only) * \brief MD4 process data block (internal use only)
@@ -249,12 +232,8 @@ MBEDTLS_DEPRECATED static inline void mbedtls_md4_finish(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md4_process( MBEDTLS_DEPRECATED void mbedtls_md4_process( mbedtls_md4_context *ctx,
mbedtls_md4_context *ctx, const unsigned char data[64] );
const unsigned char data[64] )
{
mbedtls_internal_md4_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -309,12 +288,9 @@ int mbedtls_md4_ret( const unsigned char *input,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md4( const unsigned char *input, MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char output[16] ) unsigned char output[16] );
{
mbedtls_md4_ret( input, ilen, output );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */

46
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/md5.h
View File

@@ -43,11 +43,6 @@
// Regular implementation // Regular implementation
// //
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
@@ -188,11 +183,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md5_starts( MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx );
mbedtls_md5_context *ctx )
{
mbedtls_md5_starts_ret( ctx );
}
/** /**
* \brief MD5 process buffer * \brief MD5 process buffer
@@ -208,13 +199,9 @@ MBEDTLS_DEPRECATED static inline void mbedtls_md5_starts(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md5_update( MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx,
mbedtls_md5_context *ctx, const unsigned char *input,
const unsigned char *input, size_t ilen );
size_t ilen )
{
mbedtls_md5_update_ret( ctx, input, ilen );
}
/** /**
* \brief MD5 final digest * \brief MD5 final digest
@@ -229,12 +216,8 @@ MBEDTLS_DEPRECATED static inline void mbedtls_md5_update(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md5_finish( MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx,
mbedtls_md5_context *ctx, unsigned char output[16] );
unsigned char output[16] )
{
mbedtls_md5_finish_ret( ctx, output );
}
/** /**
* \brief MD5 process data block (internal use only) * \brief MD5 process data block (internal use only)
@@ -249,12 +232,8 @@ MBEDTLS_DEPRECATED static inline void mbedtls_md5_finish(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md5_process( MBEDTLS_DEPRECATED void mbedtls_md5_process( mbedtls_md5_context *ctx,
mbedtls_md5_context *ctx, const unsigned char data[64] );
const unsigned char data[64] )
{
mbedtls_internal_md5_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -309,12 +288,9 @@ int mbedtls_md5_ret( const unsigned char *input,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_md5( const unsigned char *input, MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char output[16] ) unsigned char output[16] );
{
mbedtls_md5_ret( input, ilen, output );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */

4
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/net.h
View File

@@ -1,7 +1,7 @@
/** /**
* \file net.h * \file net.h
* *
* \brief Deprecated header file that includes mbedtls/net_sockets.h * \brief Deprecated header file that includes net_sockets.h
* *
* \deprecated Superseded by mbedtls/net_sockets.h * \deprecated Superseded by mbedtls/net_sockets.h
*/ */
@@ -25,7 +25,7 @@
*/ */
#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if !defined(MBEDTLS_DEPRECATED_REMOVED)
#include "mbedtls/net_sockets.h" #include "net_sockets.h"
#if defined(MBEDTLS_DEPRECATED_WARNING) #if defined(MBEDTLS_DEPRECATED_WARNING)
#warning "Deprecated header file: Superseded by mbedtls/net_sockets.h" #warning "Deprecated header file: Superseded by mbedtls/net_sockets.h"
#endif /* MBEDTLS_DEPRECATED_WARNING */ #endif /* MBEDTLS_DEPRECATED_WARNING */

5
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/net_sockets.h
View File

@@ -118,9 +118,10 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char
* *
* \param bind_ctx Relevant socket * \param bind_ctx Relevant socket
* \param client_ctx Will contain the connected client socket * \param client_ctx Will contain the connected client socket
* \param client_ip Will contain the client IP address * \param client_ip Will contain the client IP address, can be NULL
* \param buf_size Size of the client_ip buffer * \param buf_size Size of the client_ip buffer
* \param ip_len Will receive the size of the client IP written * \param ip_len Will receive the size of the client IP written,
* can be NULL if client_ip is null
* *
* \return 0 if successful, or * \return 0 if successful, or
* MBEDTLS_ERR_NET_ACCEPT_FAILED, or * MBEDTLS_ERR_NET_ACCEPT_FAILED, or

12
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/pk.h
View File

@@ -63,7 +63,7 @@
#define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80 /**< The algorithm tag or value is invalid. */ #define MBEDTLS_ERR_PK_INVALID_ALG -0x3A80 /**< The algorithm tag or value is invalid. */
#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */ #define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */
#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */ #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */
#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The signature is valid but its length is less than expected. */ #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The buffer contains a valid signature followed by more data. */
#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880 /**< PK hardware accelerator failed. */ #define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880 /**< PK hardware accelerator failed. */
#ifdef __cplusplus #ifdef __cplusplus
@@ -269,8 +269,8 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
* \param sig_len Signature length * \param sig_len Signature length
* *
* \return 0 on success (signature is valid), * \return 0 on success (signature is valid),
* MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is * #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
* valid but its actual length is less than sig_len, * signature in sig but its length is less than \p siglen,
* or a specific error code. * or a specific error code.
* *
* \note For RSA keys, the default padding type is PKCS#1 v1.5. * \note For RSA keys, the default padding type is PKCS#1 v1.5.
@@ -300,10 +300,10 @@ int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
* \param sig_len Signature length * \param sig_len Signature length
* *
* \return 0 on success (signature is valid), * \return 0 on success (signature is valid),
* MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be * #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be
* used for this type of signatures, * used for this type of signatures,
* MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is * #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid
* valid but its actual length is less than sig_len, * signature in sig but its length is less than \p siglen,
* or a specific error code. * or a specific error code.
* *
* \note If hash_len is 0, then the length associated with md_alg * \note If hash_len is 0, then the length associated with md_alg

4
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/platform.h
View File

@@ -31,7 +31,7 @@
#endif #endif
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
#include "mbedtls/platform_time.h" #include "platform_time.h"
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
@@ -210,7 +210,7 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
#define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO #define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO
#else #else
#define mbedtls_snprintf snprintf #define mbedtls_snprintf MBEDTLS_PLATFORM_STD_SNPRINTF
#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */ #endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */
#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ #endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */

43
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/ripemd160.h
View File

@@ -35,11 +35,6 @@
#define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED -0x0031 /**< RIPEMD160 hardware accelerator failed */ #define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED -0x0031 /**< RIPEMD160 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_RIPEMD160_ALT) #if !defined(MBEDTLS_RIPEMD160_ALT)
// Regular implementation // Regular implementation
// //
@@ -139,11 +134,8 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
* *
* \param ctx context to be initialized * \param ctx context to be initialized
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_starts( MBEDTLS_DEPRECATED void mbedtls_ripemd160_starts(
mbedtls_ripemd160_context *ctx ) mbedtls_ripemd160_context *ctx );
{
mbedtls_ripemd160_starts_ret( ctx );
}
/** /**
* \brief RIPEMD-160 process buffer * \brief RIPEMD-160 process buffer
@@ -154,13 +146,10 @@ MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_starts(
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_update( MBEDTLS_DEPRECATED void mbedtls_ripemd160_update(
mbedtls_ripemd160_context *ctx, mbedtls_ripemd160_context *ctx,
const unsigned char *input, const unsigned char *input,
size_t ilen ) size_t ilen );
{
mbedtls_ripemd160_update_ret( ctx, input, ilen );
}
/** /**
* \brief RIPEMD-160 final digest * \brief RIPEMD-160 final digest
@@ -170,12 +159,9 @@ MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_update(
* \param ctx RIPEMD-160 context * \param ctx RIPEMD-160 context
* \param output RIPEMD-160 checksum result * \param output RIPEMD-160 checksum result
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_finish( MBEDTLS_DEPRECATED void mbedtls_ripemd160_finish(
mbedtls_ripemd160_context *ctx, mbedtls_ripemd160_context *ctx,
unsigned char output[20] ) unsigned char output[20] );
{
mbedtls_ripemd160_finish_ret( ctx, output );
}
/** /**
* \brief RIPEMD-160 process data block (internal use only) * \brief RIPEMD-160 process data block (internal use only)
@@ -185,12 +171,9 @@ MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_finish(
* \param ctx RIPEMD-160 context * \param ctx RIPEMD-160 context
* \param data buffer holding one block of data * \param data buffer holding one block of data
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_process( MBEDTLS_DEPRECATED void mbedtls_ripemd160_process(
mbedtls_ripemd160_context *ctx, mbedtls_ripemd160_context *ctx,
const unsigned char data[64] ) const unsigned char data[64] );
{
mbedtls_internal_ripemd160_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -235,13 +218,9 @@ int mbedtls_ripemd160_ret( const unsigned char *input,
* \param ilen length of the input data * \param ilen length of the input data
* \param output RIPEMD-160 checksum result * \param output RIPEMD-160 checksum result
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160( MBEDTLS_DEPRECATED void mbedtls_ripemd160( const unsigned char *input,
const unsigned char *input, size_t ilen,
size_t ilen, unsigned char output[20] );
unsigned char output[20] )
{
mbedtls_ripemd160_ret( input, ilen, output );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */

12
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/rsa.h
View File

@@ -518,6 +518,18 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
* *
* \note The input and output buffers must be large * \note The input and output buffers must be large
* enough. For example, 128 Bytes if RSA-1024 is used. * enough. For example, 128 Bytes if RSA-1024 is used.
*
* \note Blinding is used if and only if a PRNG is provided.
*
* \note If blinding is used, both the base of exponentation
* and the exponent are blinded, providing protection
* against some side-channel attacks.
*
* \warning It is deprecated and a security risk to not provide
* a PRNG here and thereby prevent the use of blinding.
* Future versions of the library may enforce the presence
* of a PRNG.
*
*/ */
int mbedtls_rsa_private( mbedtls_rsa_context *ctx, int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),

60
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/rsa_internal.h
View File

@@ -2,6 +2,37 @@
* \file rsa_internal.h * \file rsa_internal.h
* *
* \brief Context-independent RSA helper functions * \brief Context-independent RSA helper functions
*
* This module declares some RSA-related helper functions useful when
* implementing the RSA interface. These functions are provided in a separate
* compilation unit in order to make it easy for designers of alternative RSA
* implementations to use them in their own code, as it is conceived that the
* functionality they provide will be necessary for most complete
* implementations.
*
* End-users of Mbed TLS who are not providing their own alternative RSA
* implementations should not use these functions directly, and should instead
* use only the functions declared in rsa.h.
*
* The interface provided by this module will be maintained through LTS (Long
* Term Support) branches of Mbed TLS, but may otherwise be subject to change,
* and must be considered an internal interface of the library.
*
* There are two classes of helper functions:
*
* (1) Parameter-generating helpers. These are:
* - mbedtls_rsa_deduce_primes
* - mbedtls_rsa_deduce_private_exponent
* - mbedtls_rsa_deduce_crt
* Each of these functions takes a set of core RSA parameters and
* generates some other, or CRT related parameters.
*
* (2) Parameter-checking helpers. These are:
* - mbedtls_rsa_validate_params
* - mbedtls_rsa_validate_crt
* They take a set of core or CRT related RSA parameters and check their
* validity.
*
*/ */
/* /*
* Copyright (C) 2006-2017, ARM Limited, All Rights Reserved * Copyright (C) 2006-2017, ARM Limited, All Rights Reserved
@@ -21,31 +52,6 @@
* *
* This file is part of mbed TLS (https://tls.mbed.org) * This file is part of mbed TLS (https://tls.mbed.org)
* *
*
* This file declares some RSA-related helper functions useful when
* implementing the RSA interface. They are public and provided in a
* separate compilation unit in order to make it easy for designers of
* alternative RSA implementations to use them in their code, as it is
* conceived that the functionality they provide will be necessary
* for most complete implementations.
*
* End-users of Mbed TLS not intending to re-implement the RSA functionality
* are not expected to get into the need of making use of these functions directly,
* but instead should be able to use the functions declared in rsa.h.
*
* There are two classes of helper functions:
* (1) Parameter-generating helpers. These are:
* - mbedtls_rsa_deduce_primes
* - mbedtls_rsa_deduce_private_exponent
* - mbedtls_rsa_deduce_crt
* Each of these functions takes a set of core RSA parameters
* and generates some other, or CRT related parameters.
* (2) Parameter-checking helpers. These are:
* - mbedtls_rsa_validate_params
* - mbedtls_rsa_validate_crt
* They take a set of core or CRT related RSA parameters
* and check their validity.
*
*/ */
#ifndef MBEDTLS_RSA_INTERNAL_H #ifndef MBEDTLS_RSA_INTERNAL_H
@@ -213,4 +219,8 @@ int mbedtls_rsa_validate_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
const mbedtls_mpi *D, const mbedtls_mpi *DP, const mbedtls_mpi *D, const mbedtls_mpi *DP,
const mbedtls_mpi *DQ, const mbedtls_mpi *QP ); const mbedtls_mpi *DQ, const mbedtls_mpi *QP );
#ifdef __cplusplus
}
#endif
#endif /* rsa_internal.h */ #endif /* rsa_internal.h */

46
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/sha1.h
View File

@@ -39,11 +39,6 @@
#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */ #define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_SHA1_ALT) #if !defined(MBEDTLS_SHA1_ALT)
// Regular implementation // Regular implementation
// //
@@ -190,11 +185,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha1_starts( MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
mbedtls_sha1_context *ctx )
{
mbedtls_sha1_starts_ret( ctx );
}
/** /**
* \brief SHA-1 process buffer * \brief SHA-1 process buffer
@@ -210,13 +201,9 @@ MBEDTLS_DEPRECATED static inline void mbedtls_sha1_starts(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha1_update( MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
mbedtls_sha1_context *ctx, const unsigned char *input,
const unsigned char *input, size_t ilen );
size_t ilen )
{
mbedtls_sha1_update_ret( ctx, input, ilen );
}
/** /**
* \brief SHA-1 final digest * \brief SHA-1 final digest
@@ -231,12 +218,8 @@ MBEDTLS_DEPRECATED static inline void mbedtls_sha1_update(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha1_finish( MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
mbedtls_sha1_context *ctx, unsigned char output[20] );
unsigned char output[20] )
{
mbedtls_sha1_finish_ret( ctx, output );
}
/** /**
* \brief SHA-1 process data block (internal use only) * \brief SHA-1 process data block (internal use only)
@@ -251,12 +234,8 @@ MBEDTLS_DEPRECATED static inline void mbedtls_sha1_finish(
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha1_process( MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
mbedtls_sha1_context *ctx, const unsigned char data[64] );
const unsigned char data[64] )
{
mbedtls_internal_sha1_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -317,12 +296,9 @@ int mbedtls_sha1_ret( const unsigned char *input,
* stronger message digests instead. * stronger message digests instead.
* *
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha1( const unsigned char *input, MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input,
size_t ilen, size_t ilen,
unsigned char output[20] ) unsigned char output[20] );
{
mbedtls_sha1_ret( input, ilen, output );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */

50
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/sha256.h
View File

@@ -35,10 +35,6 @@
#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */ #define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_SHA256_ALT) #if !defined(MBEDTLS_SHA256_ALT)
// Regular implementation // Regular implementation
// //
@@ -156,12 +152,8 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
* <ul><li>0: Use SHA-256.</li> * <ul><li>0: Use SHA-256.</li>
* <li>1: Use SHA-224.</li></ul> * <li>1: Use SHA-224.</li></ul>
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_starts( MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
mbedtls_sha256_context *ctx, int is224 );
int is224 )
{
mbedtls_sha256_starts_ret( ctx, is224 );
}
/** /**
* \brief This function feeds an input buffer into an ongoing * \brief This function feeds an input buffer into an ongoing
@@ -173,13 +165,9 @@ MBEDTLS_DEPRECATED static inline void mbedtls_sha256_starts(
* \param input The buffer holding the data. * \param input The buffer holding the data.
* \param ilen The length of the input data. * \param ilen The length of the input data.
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_update( MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
mbedtls_sha256_context *ctx, const unsigned char *input,
const unsigned char *input, size_t ilen );
size_t ilen )
{
mbedtls_sha256_update_ret( ctx, input, ilen );
}
/** /**
* \brief This function finishes the SHA-256 operation, and writes * \brief This function finishes the SHA-256 operation, and writes
@@ -190,12 +178,8 @@ MBEDTLS_DEPRECATED static inline void mbedtls_sha256_update(
* \param ctx The SHA-256 context. * \param ctx The SHA-256 context.
* \param output The SHA-224or SHA-256 checksum result. * \param output The SHA-224or SHA-256 checksum result.
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_finish( MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
mbedtls_sha256_context *ctx, unsigned char output[32] );
unsigned char output[32] )
{
mbedtls_sha256_finish_ret( ctx, output );
}
/** /**
* \brief This function processes a single data block within * \brief This function processes a single data block within
@@ -207,12 +191,8 @@ MBEDTLS_DEPRECATED static inline void mbedtls_sha256_finish(
* \param ctx The SHA-256 context. * \param ctx The SHA-256 context.
* \param data The buffer holding one block of data. * \param data The buffer holding one block of data.
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha256_process( MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
mbedtls_sha256_context *ctx, const unsigned char data[64] );
const unsigned char data[64] )
{
mbedtls_internal_sha256_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -276,14 +256,10 @@ int mbedtls_sha256_ret( const unsigned char *input,
* <ul><li>0: Use SHA-256.</li> * <ul><li>0: Use SHA-256.</li>
* <li>1: Use SHA-224.</li></ul> * <li>1: Use SHA-224.</li></ul>
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha256( MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
const unsigned char *input, size_t ilen,
size_t ilen, unsigned char output[32],
unsigned char output[32], int is224 );
int is224 )
{
mbedtls_sha256_ret( input, ilen, output, is224 );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */

49
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/sha512.h
View File

@@ -35,10 +35,6 @@
#define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED -0x0039 /**< SHA-512 hardware accelerator failed */ #define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED -0x0039 /**< SHA-512 hardware accelerator failed */
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if !defined(MBEDTLS_SHA512_ALT) #if !defined(MBEDTLS_SHA512_ALT)
// Regular implementation // Regular implementation
// //
@@ -156,12 +152,8 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
* <ul><li>0: Use SHA-512.</li> * <ul><li>0: Use SHA-512.</li>
* <li>1: Use SHA-384.</li></ul> * <li>1: Use SHA-384.</li></ul>
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha512_starts( MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx,
mbedtls_sha512_context *ctx, int is384 );
int is384 )
{
mbedtls_sha512_starts_ret( ctx, is384 );
}
/** /**
* \brief This function feeds an input buffer into an ongoing * \brief This function feeds an input buffer into an ongoing
@@ -173,13 +165,9 @@ MBEDTLS_DEPRECATED static inline void mbedtls_sha512_starts(
* \param input The buffer holding the data. * \param input The buffer holding the data.
* \param ilen The length of the input data. * \param ilen The length of the input data.
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha512_update( MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx,
mbedtls_sha512_context *ctx, const unsigned char *input,
const unsigned char *input, size_t ilen );
size_t ilen )
{
mbedtls_sha512_update_ret( ctx, input, ilen );
}
/** /**
* \brief This function finishes the SHA-512 operation, and writes * \brief This function finishes the SHA-512 operation, and writes
@@ -190,12 +178,8 @@ MBEDTLS_DEPRECATED static inline void mbedtls_sha512_update(
* \param ctx The SHA-512 context. * \param ctx The SHA-512 context.
* \param output The SHA-384 or SHA-512 checksum result. * \param output The SHA-384 or SHA-512 checksum result.
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha512_finish( MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
mbedtls_sha512_context *ctx, unsigned char output[64] );
unsigned char output[64] )
{
mbedtls_sha512_finish_ret( ctx, output );
}
/** /**
* \brief This function processes a single data block within * \brief This function processes a single data block within
@@ -207,12 +191,9 @@ MBEDTLS_DEPRECATED static inline void mbedtls_sha512_finish(
* \param ctx The SHA-512 context. * \param ctx The SHA-512 context.
* \param data The buffer holding one block of data. * \param data The buffer holding one block of data.
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha512_process( MBEDTLS_DEPRECATED void mbedtls_sha512_process(
mbedtls_sha512_context *ctx, mbedtls_sha512_context *ctx,
const unsigned char data[128] ) const unsigned char data[128] );
{
mbedtls_internal_sha512_process( ctx, data );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -278,14 +259,10 @@ int mbedtls_sha512_ret( const unsigned char *input,
* <ul><li>0: Use SHA-512.</li> * <ul><li>0: Use SHA-512.</li>
* <li>1: Use SHA-384.</li></ul> * <li>1: Use SHA-384.</li></ul>
*/ */
MBEDTLS_DEPRECATED static inline void mbedtls_sha512( MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input,
const unsigned char *input, size_t ilen,
size_t ilen, unsigned char output[64],
unsigned char output[64], int is384 );
int is384 )
{
mbedtls_sha512_ret( input, ilen, output, is384 );
}
#undef MBEDTLS_DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */

71
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/ssl.h
View File

@@ -53,7 +53,7 @@
#endif #endif
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
#include "mbedtls/platform_time.h" #include "platform_time.h"
#endif #endif
/* /*
@@ -932,14 +932,6 @@ extern int (*mbedtls_ssl_hw_record_read)(mbedtls_ssl_context *ssl);
extern int (*mbedtls_ssl_hw_record_finish)(mbedtls_ssl_context *ssl); extern int (*mbedtls_ssl_hw_record_finish)(mbedtls_ssl_context *ssl);
#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
/**
* \brief Returns the list of ciphersuites supported by the SSL/TLS module.
*
* \return a statically allocated array of ciphersuites, the last
* entry is 0.
*/
const int *mbedtls_ssl_list_ciphersuites( void );
/** /**
* \brief Return the name of the ciphersuite associated with the * \brief Return the name of the ciphersuite associated with the
* given ID * given ID
@@ -975,8 +967,13 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl );
* \note No copy of the configuration context is made, it can be * \note No copy of the configuration context is made, it can be
* shared by many mbedtls_ssl_context structures. * shared by many mbedtls_ssl_context structures.
* *
* \warning Modifying the conf structure after it has been used in this * \warning The conf structure will be accessed during the session.
* function is unsupported! * It must not be modified or freed as long as the session
* is active.
*
* \warning This function must be called exactly once per context.
* Calling mbedtls_ssl_setup again is not supported, even
* if no session is active.
* *
* \param ssl SSL context * \param ssl SSL context
* \param conf SSL configuration to use * \param conf SSL configuration to use
@@ -1591,6 +1588,10 @@ void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
/** /**
* \brief Set the data required to verify peer certificate * \brief Set the data required to verify peer certificate
* *
* \note See \c mbedtls_x509_crt_verify() for notes regarding the
* parameters ca_chain (maps to trust_ca for that function)
* and ca_crl.
*
* \param conf SSL configuration * \param conf SSL configuration
* \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
* \param ca_crl trusted CA CRLs * \param ca_crl trusted CA CRLs
@@ -1831,21 +1832,21 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
/** /**
* \brief Set or reset the hostname to check against the received * \brief Set or reset the hostname to check against the received
* server certificate. It sets the ServerName TLS extension, * server certificate. It sets the ServerName TLS extension,
* too, if that extension is enabled. (client-side only) * too, if that extension is enabled. (client-side only)
* *
* \param ssl SSL context * \param ssl SSL context
* \param hostname the server hostname, may be NULL to clear hostname * \param hostname the server hostname, may be NULL to clear hostname
*
* \note Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN. * \note Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN.
* *
* \return 0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on * \return 0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on
* allocation failure, MBEDTLS_ERR_SSL_BAD_INPUT_DATA on * allocation failure, MBEDTLS_ERR_SSL_BAD_INPUT_DATA on
* too long input hostname. * too long input hostname.
* *
* Hostname set to the one provided on success (cleared * Hostname set to the one provided on success (cleared
* when NULL). On allocation failure hostname is cleared. * when NULL). On allocation failure hostname is cleared.
* On too long input failure, old hostname is unchanged. * On too long input failure, old hostname is unchanged.
*/ */
int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ); int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname );
@@ -2391,7 +2392,6 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ss
* \brief Save session in order to resume it later (client-side only) * \brief Save session in order to resume it later (client-side only)
* Session data is copied to presented session structure. * Session data is copied to presented session structure.
* *
* \warning Currently, peer certificate is lost in the operation.
* *
* \param ssl SSL context * \param ssl SSL context
* \param session session context * \param session session context
@@ -2399,7 +2399,18 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ss
* \return 0 if successful, * \return 0 if successful,
* MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed,
* MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or
* arguments are otherwise invalid * arguments are otherwise invalid.
*
* \note Only the server certificate is copied, and not the full chain,
* so you should not attempt to validate the certificate again
* by calling \c mbedtls_x509_crt_verify() on it.
* Instead, you should use the results from the verification
* in the original handshake by calling \c mbedtls_ssl_get_verify_result()
* after loading the session again into a new SSL context
* using \c mbedtls_ssl_set_session().
*
* \note Once the session object is not needed anymore, you should
* free it by calling \c mbedtls_ssl_session_free().
* *
* \sa mbedtls_ssl_set_session() * \sa mbedtls_ssl_set_session()
*/ */
@@ -2525,15 +2536,19 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
* or MBEDTLS_ERR_SSL_WANT_WRITE or MBEDTLS_ERR_SSL_WANT_READ, * or MBEDTLS_ERR_SSL_WANT_WRITE or MBEDTLS_ERR_SSL_WANT_READ,
* or another negative error code. * or another negative error code.
* *
* \note If this function returns something other than a positive * \note If this function returns something other than 0, a positive
* value or MBEDTLS_ERR_SSL_WANT_READ/WRITE, the ssl context * value or MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop
* becomes unusable, and you should either free it or call * using the SSL context for reading or writing, and either
* \c mbedtls_ssl_session_reset() on it before re-using it for * free it or call \c mbedtls_ssl_session_reset() on it before
* a new connection; the current connection must be closed. * re-using it for a new connection; the current connection
* must be closed.
* *
* \note When this function returns MBEDTLS_ERR_SSL_WANT_WRITE/READ, * \note When this function returns MBEDTLS_ERR_SSL_WANT_WRITE/READ,
* it must be called later with the *same* arguments, * it must be called later with the *same* arguments,
* until it returns a positive value. * until it returns a value greater that or equal to 0. When
* the function returns MBEDTLS_ERR_SSL_WANT_WRITE there may be
* some partial data in the output buffer, however this is not
* yet sent.
* *
* \note If the requested length is greater than the maximum * \note If the requested length is greater than the maximum
* fragment length (either the built-in limit or the one set * fragment length (either the built-in limit or the one set
@@ -2542,6 +2557,9 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
* - with DTLS, MBEDTLS_ERR_SSL_BAD_INPUT_DATA is returned. * - with DTLS, MBEDTLS_ERR_SSL_BAD_INPUT_DATA is returned.
* \c mbedtls_ssl_get_max_frag_len() may be used to query the * \c mbedtls_ssl_get_max_frag_len() may be used to query the
* active maximum fragment length. * active maximum fragment length.
*
* \note Attempting to write 0 bytes will result in an empty TLS
* application record being sent.
*/ */
int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ); int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len );
@@ -2634,6 +2652,9 @@ void mbedtls_ssl_session_init( mbedtls_ssl_session *session );
* \brief Free referenced items in an SSL session including the * \brief Free referenced items in an SSL session including the
* peer certificate and clear memory * peer certificate and clear memory
* *
* \note A session object can be freed even if the SSL context
* that was used to retrieve the session is still in use.
*
* \param session SSL session * \param session SSL session
*/ */
void mbedtls_ssl_session_free( mbedtls_ssl_session *session ); void mbedtls_ssl_session_free( mbedtls_ssl_session *session );

2
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/ssl_ciphersuites.h
View File

@@ -267,7 +267,7 @@ typedef enum {
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
#define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED #define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED
#endif #endif

11
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/ssl_internal.h
View File

@@ -71,6 +71,9 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1 */ #endif /* MBEDTLS_SSL_PROTO_TLS1 */
#endif /* MBEDTLS_SSL_PROTO_SSL3 */ #endif /* MBEDTLS_SSL_PROTO_SSL3 */
#define MBEDTLS_SSL_MIN_VALID_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1
#define MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3
/* Determine maximum supported version */ /* Determine maximum supported version */
#define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 #define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3
@@ -627,7 +630,13 @@ static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t
volatile unsigned char diff = 0; volatile unsigned char diff = 0;
for( i = 0; i < n; i++ ) for( i = 0; i < n; i++ )
diff |= A[i] ^ B[i]; {
/* Read volatile data in order before computing diff.
* This avoids IAR compiler warning:
* 'the order of volatile accesses is undefined ..' */
unsigned char x = A[i], y = B[i];
diff |= x ^ y;
}
return( diff ); return( diff );
} }

4
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/threading.h
View File

@@ -96,8 +96,12 @@ extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex );
/* /*
* Global mutexes * Global mutexes
*/ */
#if defined(MBEDTLS_FS_IO)
extern mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex; extern mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex;
#endif
#if defined(MBEDTLS_HAVE_TIME_DATE)
extern mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex; extern mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex;
#endif
#endif /* MBEDTLS_THREADING_C */ #endif /* MBEDTLS_THREADING_C */
#ifdef __cplusplus #ifdef __cplusplus

8
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/version.h
View File

@@ -40,16 +40,16 @@
*/ */
#define MBEDTLS_VERSION_MAJOR 2 #define MBEDTLS_VERSION_MAJOR 2
#define MBEDTLS_VERSION_MINOR 7 #define MBEDTLS_VERSION_MINOR 7
#define MBEDTLS_VERSION_PATCH 0 #define MBEDTLS_VERSION_PATCH 5
/** /**
* The single version number has the following structure: * The single version number has the following structure:
* MMNNPP00 * MMNNPP00
* Major version | Minor version | Patch version * Major version | Minor version | Patch version
*/ */
#define MBEDTLS_VERSION_NUMBER 0x02070000 #define MBEDTLS_VERSION_NUMBER 0x02070500
#define MBEDTLS_VERSION_STRING "2.7.0" #define MBEDTLS_VERSION_STRING "2.7.5"
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.7.0" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.7.5"
#if defined(MBEDTLS_VERSION_C) #if defined(MBEDTLS_VERSION_C)

9
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/include/mbedtls/x509_crt.h
View File

@@ -289,8 +289,15 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
* used to sign the certificate, CRL verification is skipped * used to sign the certificate, CRL verification is skipped
* silently, that is *without* setting any flag. * silently, that is *without* setting any flag.
* *
* \note The \c trust_ca list can contain two types of certificates:
* (1) those of trusted root CAs, so that certificates
* chaining up to those CAs will be trusted, and (2)
* self-signed end-entity certificates to be trusted (for
* specific peers you know) - in that case, the self-signed
* certificate doesn't need to have the CA bit set.
*
* \param crt a certificate (chain) to be verified * \param crt a certificate (chain) to be verified
* \param trust_ca the list of trusted CAs * \param trust_ca the list of trusted CAs (see note above)
* \param ca_crl the list of CRLs for trusted CAs (see note above) * \param ca_crl the list of CRLs for trusted CAs (see note above)
* \param cn expected Common Name (can be set to * \param cn expected Common Name (can be set to
* NULL if the CN must not be verified) * NULL if the CN must not be verified)

BIN
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/lib/ios/libmbedcrypto.a
View File

Binary file not shown.

BIN
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/lib/ios/libmbedtls.a
View File

Binary file not shown.

BIN
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/lib/ios/libmbedx509.a
View File

Binary file not shown.

BIN
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/lib/macos/libmbedcrypto.a
View File

Binary file not shown.

BIN
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/lib/macos/libmbedtls.a
View File

Binary file not shown.

BIN
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/lib/macos/libmbedx509.a
View File

Binary file not shown.

BIN
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/lib/sim/libmbedcrypto.a
View File

Binary file not shown.

BIN
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/lib/sim/libmbedtls.a
View File

Binary file not shown.

BIN
Sources/OpenVPNAdapter/Libraries/Vendors/mbedtls/lib/sim/libmbedx509.a
View File

Binary file not shown.