godotengine/godot
1
0
Fork 0
mirror of https://github.com/godotengine/godot.git synced 2025-11-14 13:41:12 +00:00
Code Releases Wiki Activity

mbedtls: Update to upstream version 2.28.3

Browse Source 
Rediff patch from PR 1453, lstrlenW is no longer used upstream so
that part of the patch was dropped.

(cherry picked from commit 1fde2092d0)
This commit is contained in:
Rémi Verschelde
2023-04-18 10:38:24 +02:00
parent 212190ae49
commit ac4daf4147
174 changed files with 36064 additions and 35819 deletions
Download Patch File Download Diff File Expand all files Collapse all files

320
thirdparty/mbedtls/library/ssl_ticket.c vendored
View File

@@ -33,12 +33,12 @@
/*
* Initialize context
*/
void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )
void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx)
{
memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) );
memset(ctx, 0, sizeof(mbedtls_ssl_ticket_context));
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_init( &ctx->mutex );
mbedtls_mutex_init(&ctx->mutex);
#endif
}
@@ -49,81 +49,80 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )
#define TICKET_CRYPT_LEN_BYTES 2
#define TICKET_AUTH_TAG_BYTES 16
#define TICKET_MIN_LEN ( TICKET_KEY_NAME_BYTES + \
TICKET_IV_BYTES + \
TICKET_CRYPT_LEN_BYTES + \
TICKET_AUTH_TAG_BYTES )
#define TICKET_ADD_DATA_LEN ( TICKET_KEY_NAME_BYTES + \
TICKET_IV_BYTES + \
TICKET_CRYPT_LEN_BYTES )
#define TICKET_MIN_LEN (TICKET_KEY_NAME_BYTES + \
TICKET_IV_BYTES + \
TICKET_CRYPT_LEN_BYTES + \
TICKET_AUTH_TAG_BYTES)
#define TICKET_ADD_DATA_LEN (TICKET_KEY_NAME_BYTES + \
TICKET_IV_BYTES + \
TICKET_CRYPT_LEN_BYTES)
/*
* Generate/update a key
*/
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx,
unsigned char index )
static int ssl_ticket_gen_key(mbedtls_ssl_ticket_context *ctx,
unsigned char index)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char buf[MAX_KEY_BYTES];
mbedtls_ssl_ticket_key *key = ctx->keys + index;
#if defined(MBEDTLS_HAVE_TIME)
key->generation_time = (uint32_t) mbedtls_time( NULL );
key->generation_time = (uint32_t) mbedtls_time(NULL);
#endif
if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 )
return( ret );
if ((ret = ctx->f_rng(ctx->p_rng, key->name, sizeof(key->name))) != 0) {
return ret;
}
if( ( ret = ctx->f_rng( ctx->p_rng, buf, sizeof( buf ) ) ) != 0 )
return( ret );
if ((ret = ctx->f_rng(ctx->p_rng, buf, sizeof(buf))) != 0) {
return ret;
}
/* With GCM and CCM, same context can encrypt & decrypt */
ret = mbedtls_cipher_setkey( &key->ctx, buf,
mbedtls_cipher_get_key_bitlen( &key->ctx ),
MBEDTLS_ENCRYPT );
ret = mbedtls_cipher_setkey(&key->ctx, buf,
mbedtls_cipher_get_key_bitlen(&key->ctx),
MBEDTLS_ENCRYPT);
mbedtls_platform_zeroize( buf, sizeof( buf ) );
mbedtls_platform_zeroize(buf, sizeof(buf));
return( ret );
return ret;
}
/*
* Rotate/generate keys if necessary
*/
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx )
static int ssl_ticket_update_keys(mbedtls_ssl_ticket_context *ctx)
{
#if !defined(MBEDTLS_HAVE_TIME)
((void) ctx);
#else
if( ctx->ticket_lifetime != 0 )
{
uint32_t current_time = (uint32_t) mbedtls_time( NULL );
if (ctx->ticket_lifetime != 0) {
uint32_t current_time = (uint32_t) mbedtls_time(NULL);
uint32_t key_time = ctx->keys[ctx->active].generation_time;
if( current_time >= key_time &&
current_time - key_time < ctx->ticket_lifetime )
{
return( 0 );
if (current_time >= key_time &&
current_time - key_time < ctx->ticket_lifetime) {
return 0;
}
ctx->active = 1 - ctx->active;
return( ssl_ticket_gen_key( ctx, ctx->active ) );
}
else
return ssl_ticket_gen_key(ctx, ctx->active);
} else
#endif /* MBEDTLS_HAVE_TIME */
return( 0 );
return 0;
}
/*
* Setup context for actual use
*/
int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_cipher_type_t cipher,
uint32_t lifetime )
int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_cipher_type_t cipher,
uint32_t lifetime)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const mbedtls_cipher_info_t *cipher_info;
@@ -133,26 +132,26 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
ctx->ticket_lifetime = lifetime;
cipher_info = mbedtls_cipher_info_from_type( cipher);
if( cipher_info == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if( cipher_info->mode != MBEDTLS_MODE_GCM &&
cipher_info->mode != MBEDTLS_MODE_CCM )
{
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
cipher_info = mbedtls_cipher_info_from_type(cipher);
if (cipher_info == NULL) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if (cipher_info->mode != MBEDTLS_MODE_GCM &&
cipher_info->mode != MBEDTLS_MODE_CCM) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
if (cipher_info->key_bitlen > 8 * MAX_KEY_BYTES) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
int do_mbedtls_cipher_setup = 1;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx,
cipher_info, TICKET_AUTH_TAG_BYTES );
ret = mbedtls_cipher_setup_psa(&ctx->keys[0].ctx,
cipher_info, TICKET_AUTH_TAG_BYTES);
switch( ret )
{
switch (ret) {
case 0:
do_mbedtls_cipher_setup = 0;
break;
@@ -162,37 +161,42 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
do_mbedtls_cipher_setup = 1;
break;
default:
return( ret );
return ret;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( do_mbedtls_cipher_setup )
if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) )
!= 0 )
return( ret );
if (do_mbedtls_cipher_setup) {
if ((ret = mbedtls_cipher_setup(&ctx->keys[0].ctx, cipher_info))
!= 0) {
return ret;
}
}
do_mbedtls_cipher_setup = 1;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
do_mbedtls_cipher_setup = 0;
ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx,
cipher_info, TICKET_AUTH_TAG_BYTES );
if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
return( ret );
if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
ret = mbedtls_cipher_setup_psa(&ctx->keys[1].ctx,
cipher_info, TICKET_AUTH_TAG_BYTES);
if (ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) {
return ret;
}
if (ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) {
do_mbedtls_cipher_setup = 1;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( do_mbedtls_cipher_setup )
if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) )
!= 0 )
return( ret );
if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 ||
( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 )
{
return( ret );
if (do_mbedtls_cipher_setup) {
if ((ret = mbedtls_cipher_setup(&ctx->keys[1].ctx, cipher_info))
!= 0) {
return ret;
}
}
return( 0 );
if ((ret = ssl_ticket_gen_key(ctx, 0)) != 0 ||
(ret = ssl_ticket_gen_key(ctx, 1)) != 0) {
return ret;
}
return 0;
}
/*
@@ -209,12 +213,12 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
* authenticated data.
*/
int mbedtls_ssl_ticket_write( void *p_ticket,
const mbedtls_ssl_session *session,
unsigned char *start,
const unsigned char *end,
size_t *tlen,
uint32_t *ticket_lifetime )
int mbedtls_ssl_ticket_write(void *p_ticket,
const mbedtls_ssl_session *session,
unsigned char *start,
const unsigned char *end,
size_t *tlen,
uint32_t *ticket_lifetime)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ssl_ticket_context *ctx = p_ticket;
@@ -227,53 +231,54 @@ int mbedtls_ssl_ticket_write( void *p_ticket,
*tlen = 0;
if( ctx == NULL || ctx->f_rng == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if (ctx == NULL || ctx->f_rng == NULL) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
/* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag,
* in addition to session itself, that will be checked when writing it. */
MBEDTLS_SSL_CHK_BUF_PTR( start, end, TICKET_MIN_LEN );
MBEDTLS_SSL_CHK_BUF_PTR(start, end, TICKET_MIN_LEN);
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret );
if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
return ret;
}
#endif
if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )
if ((ret = ssl_ticket_update_keys(ctx)) != 0) {
goto cleanup;
}
key = &ctx->keys[ctx->active];
*ticket_lifetime = ctx->ticket_lifetime;
memcpy( key_name, key->name, TICKET_KEY_NAME_BYTES );
memcpy(key_name, key->name, TICKET_KEY_NAME_BYTES);
if( ( ret = ctx->f_rng( ctx->p_rng, iv, TICKET_IV_BYTES ) ) != 0 )
if ((ret = ctx->f_rng(ctx->p_rng, iv, TICKET_IV_BYTES)) != 0) {
goto cleanup;
}
/* Dump session state */
if( ( ret = mbedtls_ssl_session_save( session,
state, end - state,
&clear_len ) ) != 0 ||
(unsigned long) clear_len > 65535 )
{
goto cleanup;
}
MBEDTLS_PUT_UINT16_BE( clear_len, state_len_bytes, 0 );
/* Encrypt and authenticate */
if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx,
iv, TICKET_IV_BYTES,
/* Additional data: key name, IV and length */
key_name, TICKET_ADD_DATA_LEN,
state, clear_len,
state, end - state, &ciph_len,
TICKET_AUTH_TAG_BYTES ) ) != 0 )
{
if ((ret = mbedtls_ssl_session_save(session,
state, end - state,
&clear_len)) != 0 ||
(unsigned long) clear_len > 65535) {
goto cleanup;
}
if( ciph_len != clear_len + TICKET_AUTH_TAG_BYTES )
{
MBEDTLS_PUT_UINT16_BE(clear_len, state_len_bytes, 0);
/* Encrypt and authenticate */
if ((ret = mbedtls_cipher_auth_encrypt_ext(&key->ctx,
iv, TICKET_IV_BYTES,
/* Additional data: key name, IV and length */
key_name, TICKET_ADD_DATA_LEN,
state, clear_len,
state, end - state, &ciph_len,
TICKET_AUTH_TAG_BYTES)) != 0) {
goto cleanup;
}
if (ciph_len != clear_len + TICKET_AUTH_TAG_BYTES) {
ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
goto cleanup;
}
@@ -282,36 +287,39 @@ int mbedtls_ssl_ticket_write( void *p_ticket,
cleanup:
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
}
#endif
return( ret );
return ret;
}
/*
* Select key based on name
*/
static mbedtls_ssl_ticket_key *ssl_ticket_select_key(
mbedtls_ssl_ticket_context *ctx,
const unsigned char name[4] )
mbedtls_ssl_ticket_context *ctx,
const unsigned char name[4])
{
unsigned char i;
for( i = 0; i < sizeof( ctx->keys ) / sizeof( *ctx->keys ); i++ )
if( memcmp( name, ctx->keys[i].name, 4 ) == 0 )
return( &ctx->keys[i] );
for (i = 0; i < sizeof(ctx->keys) / sizeof(*ctx->keys); i++) {
if (memcmp(name, ctx->keys[i].name, 4) == 0) {
return &ctx->keys[i];
}
}
return( NULL );
return NULL;
}
/*
* Load session ticket (see mbedtls_ssl_ticket_write for structure)
*/
int mbedtls_ssl_ticket_parse( void *p_ticket,
mbedtls_ssl_session *session,
unsigned char *buf,
size_t len )
int mbedtls_ssl_ticket_parse(void *p_ticket,
mbedtls_ssl_session *session,
unsigned char *buf,
size_t len)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ssl_ticket_context *ctx = p_ticket;
@@ -322,31 +330,33 @@ int mbedtls_ssl_ticket_parse( void *p_ticket,
unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES;
size_t enc_len, clear_len;
if( ctx == NULL || ctx->f_rng == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if (ctx == NULL || ctx->f_rng == NULL) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
if( len < TICKET_MIN_LEN )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if (len < TICKET_MIN_LEN) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret );
if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) {
return ret;
}
#endif
if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )
if ((ret = ssl_ticket_update_keys(ctx)) != 0) {
goto cleanup;
}
enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1];
enc_len = (enc_len_p[0] << 8) | enc_len_p[1];
if( len != TICKET_MIN_LEN + enc_len )
{
if (len != TICKET_MIN_LEN + enc_len) {
ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
goto cleanup;
}
/* Select key */
if( ( key = ssl_ticket_select_key( ctx, key_name ) ) == NULL )
{
if ((key = ssl_ticket_select_key(ctx, key_name)) == NULL) {
/* We can't know for sure but this is a likely option unless we're
* under attack - this is only informative anyway */
ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
@@ -354,37 +364,36 @@ int mbedtls_ssl_ticket_parse( void *p_ticket,
}
/* Decrypt and authenticate */
if( ( ret = mbedtls_cipher_auth_decrypt_ext( &key->ctx,
iv, TICKET_IV_BYTES,
/* Additional data: key name, IV and length */
key_name, TICKET_ADD_DATA_LEN,
ticket, enc_len + TICKET_AUTH_TAG_BYTES,
ticket, enc_len, &clear_len,
TICKET_AUTH_TAG_BYTES ) ) != 0 )
{
if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED )
if ((ret = mbedtls_cipher_auth_decrypt_ext(&key->ctx,
iv, TICKET_IV_BYTES,
/* Additional data: key name, IV and length */
key_name, TICKET_ADD_DATA_LEN,
ticket, enc_len + TICKET_AUTH_TAG_BYTES,
ticket, enc_len, &clear_len,
TICKET_AUTH_TAG_BYTES)) != 0) {
if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) {
ret = MBEDTLS_ERR_SSL_INVALID_MAC;
}
goto cleanup;
}
if( clear_len != enc_len )
{
if (clear_len != enc_len) {
ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
goto cleanup;
}
/* Actually load session */
if( ( ret = mbedtls_ssl_session_load( session, ticket, clear_len ) ) != 0 )
if ((ret = mbedtls_ssl_session_load(session, ticket, clear_len)) != 0) {
goto cleanup;
}
#if defined(MBEDTLS_HAVE_TIME)
{
/* Check for expiration */
mbedtls_time_t current_time = mbedtls_time( NULL );
mbedtls_time_t current_time = mbedtls_time(NULL);
if( current_time < session->start ||
(uint32_t)( current_time - session->start ) > ctx->ticket_lifetime )
{
if (current_time < session->start ||
(uint32_t) (current_time - session->start) > ctx->ticket_lifetime) {
ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
goto cleanup;
}
@@ -393,26 +402,27 @@ int mbedtls_ssl_ticket_parse( void *p_ticket,
cleanup:
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
if (mbedtls_mutex_unlock(&ctx->mutex) != 0) {
return MBEDTLS_ERR_THREADING_MUTEX_ERROR;
}
#endif
return( ret );
return ret;
}
/*
* Free context
*/
void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx )
void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx)
{
mbedtls_cipher_free( &ctx->keys[0].ctx );
mbedtls_cipher_free( &ctx->keys[1].ctx );
mbedtls_cipher_free(&ctx->keys[0].ctx);
mbedtls_cipher_free(&ctx->keys[1].ctx);
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_free( &ctx->mutex );
mbedtls_mutex_free(&ctx->mutex);
#endif
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_ticket_context ) );
mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ssl_ticket_context));
}
#endif /* MBEDTLS_SSL_TICKET_C */