Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2024-12-28 01:55:19 +00:00
Code Issues Projects Releases Packages Wiki Activity

[MBEDTLS] Update to version 2.7.14. CORE-16787

Browse source
This commit is contained in:
Thomas Faber 2020-04-04 21:30:22 +02:00
parent 040546d8ff
commit 1b00a1f50f
No known key found for this signature in database
GPG key ID: 076E7C3D44720826
8 changed files with 115 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
dll/3rdparty/mbedtls/bignum.c vendored
View file

@ -153,9 +153,10 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs )
mbedtls_mpi_uint *p; mbedtls_mpi_uint *p;
size_t i; size_t i;
/* Actually resize up in this case */ /* Actually resize up if there are currently fewer than nblimbs limbs. */
if( X->n <= nblimbs ) if( X->n <= nblimbs )
return( mbedtls_mpi_grow( X, nblimbs ) ); return( mbedtls_mpi_grow( X, nblimbs ) );
/* After this point, then X->n > nblimbs and in particular X->n > 0. */
for( i = X->n - 1; i > 0; i-- ) for( i = X->n - 1; i > 0; i-- )
if( X->p[i] != 0 ) if( X->p[i] != 0 )
@ -192,7 +193,7 @@ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y )
if( X == Y ) if( X == Y )
return( 0 ); return( 0 );
if( Y->p == NULL ) if( Y->n == 0 )
{ {
mbedtls_mpi_free( X ); mbedtls_mpi_free( X );
return( 0 ); return( 0 );

4
dll/3rdparty/mbedtls/certs.c vendored
View file

@ -182,6 +182,10 @@ const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa );
#if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_SHA256_C)
/* tests/data_files/server2-sha256.crt */ /* tests/data_files/server2-sha256.crt */
/* Or more precisely, this is the contents of the version of this file
* that's in the mbedtls-2.16 branch, due to a backporting mistake.
* We don't want to change the contents now, as that would change the size
* which is part of the ABI, which should be stable in LTS branches. */
#define TEST_SRV_CRT_RSA_SHA256 \ #define TEST_SRV_CRT_RSA_SHA256 \
"-----BEGIN CERTIFICATE-----\r\n" \ "-----BEGIN CERTIFICATE-----\r\n" \
"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \ "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \

14
dll/3rdparty/mbedtls/cipher.c vendored
View file

@ -284,6 +284,10 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
*olen = 0; *olen = 0;
block_size = mbedtls_cipher_get_block_size( ctx ); block_size = mbedtls_cipher_get_block_size( ctx );
if ( 0 == block_size )
{
return( MBEDTLS_ERR_CIPHER_INVALID_CONTEXT );
}
if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB ) if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB )
{ {
@ -310,11 +314,6 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
} }
#endif #endif
if ( 0 == block_size )
{
return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
}
if( input == output && if( input == output &&
( ctx->unprocessed_len != 0 || ilen % block_size ) ) ( ctx->unprocessed_len != 0 || ilen % block_size ) )
{ {
@ -373,11 +372,6 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
*/ */
if( 0 != ilen ) if( 0 != ilen )
{ {
if( 0 == block_size )
{
return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
}
/* Encryption: only cache partial blocks /* Encryption: only cache partial blocks
* Decryption w/ padding: always keep at least one whole block * Decryption w/ padding: always keep at least one whole block
* Decryption w/o padding: only cache partial blocks * Decryption w/o padding: only cache partial blocks

122
dll/3rdparty/mbedtls/pkparse.c vendored
View file

@ -665,6 +665,32 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
} }
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
/*
* Wrapper around mbedtls_asn1_get_mpi() that rejects zero.
*
* The value zero is:
* - never a valid value for an RSA parameter
* - interpreted as "omitted, please reconstruct" by mbedtls_rsa_complete().
*
* Since values can't be omitted in PKCS#1, passing a zero value to
* rsa_complete() would be incorrect, so reject zero values early.
*/
static int asn1_get_nonzero_mpi( unsigned char **p,
const unsigned char *end,
mbedtls_mpi *X )
{
int ret;
ret = mbedtls_asn1_get_mpi( p, end, X );
if( ret != 0 )
return( ret );
if( mbedtls_mpi_cmp_int( X, 0 ) == 0 )
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
return( 0 );
}
/* /*
* Parse a PKCS#1 encoded private RSA key * Parse a PKCS#1 encoded private RSA key
*/ */
@ -717,54 +743,84 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
} }
/* Import N */ /* Import N */
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
MBEDTLS_ASN1_INTEGER ) ) != 0 || ( ret = mbedtls_rsa_import( rsa, &T, NULL, NULL,
( ret = mbedtls_rsa_import_raw( rsa, p, len, NULL, 0, NULL, 0, NULL, NULL ) ) != 0 )
NULL, 0, NULL, 0 ) ) != 0 )
goto cleanup; goto cleanup;
p += len;
/* Import E */ /* Import E */
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
MBEDTLS_ASN1_INTEGER ) ) != 0 || ( ret = mbedtls_rsa_import( rsa, NULL, NULL, NULL,
( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0, NULL, &T ) ) != 0 )
NULL, 0, p, len ) ) != 0 )
goto cleanup; goto cleanup;
p += len;
/* Import D */ /* Import D */
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
MBEDTLS_ASN1_INTEGER ) ) != 0 || ( ret = mbedtls_rsa_import( rsa, NULL, NULL, NULL,
( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0, &T, NULL ) ) != 0 )
p, len, NULL, 0 ) ) != 0 )
goto cleanup; goto cleanup;
p += len;
/* Import P */ /* Import P */
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
MBEDTLS_ASN1_INTEGER ) ) != 0 || ( ret = mbedtls_rsa_import( rsa, NULL, &T, NULL,
( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, p, len, NULL, 0, NULL, NULL ) ) != 0 )
NULL, 0, NULL, 0 ) ) != 0 )
goto cleanup; goto cleanup;
p += len;
/* Import Q */ /* Import Q */
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
MBEDTLS_ASN1_INTEGER ) ) != 0 || ( ret = mbedtls_rsa_import( rsa, NULL, NULL, &T,
( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, p, len, NULL, NULL ) ) != 0 )
NULL, 0, NULL, 0 ) ) != 0 )
goto cleanup;
p += len;
/* Complete the RSA private key */
if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 )
goto cleanup; goto cleanup;
/* Check optional parameters */ #if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT)
if( ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 || /*
( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 || * The RSA CRT parameters DP, DQ and QP are nominally redundant, in
( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ) * that they can be easily recomputed from D, P and Q. However by
* parsing them from the PKCS1 structure it is possible to avoid
* recalculating them which both reduces the overhead of loading
* RSA private keys into memory and also avoids side channels which
* can arise when computing those values, since all of D, P, and Q
* are secret. See https://eprint.iacr.org/2020/055 for a
* description of one such attack.
*/
/* Import DP */
if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
( ret = mbedtls_mpi_copy( &rsa->DP, &T ) ) != 0 )
goto cleanup;
/* Import DQ */
if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
( ret = mbedtls_mpi_copy( &rsa->DQ, &T ) ) != 0 )
goto cleanup;
/* Import QP */
if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
( ret = mbedtls_mpi_copy( &rsa->QP, &T ) ) != 0 )
goto cleanup;
#else
/* Verify existance of the CRT params */
if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ||
( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 )
goto cleanup;
#endif
/* rsa_complete() doesn't complete anything with the default
* implementation but is still called:
* - for the benefit of alternative implementation that may want to
* pre-compute stuff beyond what's provided (eg Montgomery factors)
* - as is also sanity-checks the key
*
* Furthermore, we also check the public part for consistency with
* mbedtls_pk_parse_pubkey(), as it includes size minima for example.
*/
if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 ||
( ret = mbedtls_rsa_check_pubkey( rsa ) ) != 0 )
{
goto cleanup; goto cleanup;
}
if( p != end ) if( p != end )
{ {

8
dll/3rdparty/mbedtls/rsa.c vendored
View file

@ -253,6 +253,12 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx )
const int have_D = ( mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 ); const int have_D = ( mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 );
const int have_E = ( mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0 ); const int have_E = ( mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0 );
#if !defined(MBEDTLS_RSA_NO_CRT)
const int have_DP = ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) != 0 );
const int have_DQ = ( mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) != 0 );
const int have_QP = ( mbedtls_mpi_cmp_int( &ctx->QP, 0 ) != 0 );
#endif
/* /*
* Check whether provided parameters are enough * Check whether provided parameters are enough
* to deduce all others. The following incomplete * to deduce all others. The following incomplete
@ -318,7 +324,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx )
*/ */
#if !defined(MBEDTLS_RSA_NO_CRT) #if !defined(MBEDTLS_RSA_NO_CRT)
if( is_priv ) if( is_priv && ! ( have_DP && have_DQ && have_QP ) )
{ {
ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D,
&ctx->DP, &ctx->DQ, &ctx->QP ); &ctx->DP, &ctx->DQ, &ctx->QP );

4
dll/3rdparty/mbedtls/x509write_csr.c vendored
View file

@ -232,7 +232,9 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s
/* /*
* Prepare signature * Prepare signature
*/ */
mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash ); ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
if( ret != 0 )
return( ret );
if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
f_rng, p_rng ) ) != 0 ) f_rng, p_rng ) ) != 0 )

2
media/doc/3rd Party Files.txt
View file

@ -84,7 +84,7 @@ Used Version: 4.1.0
Website: http://www.simplesystems.org/libtiff/ Website: http://www.simplesystems.org/libtiff/
Title: mbed TLS Title: mbed TLS
Used Version: 2.7.13 Used Version: 2.7.14
Website: https://tls.mbed.org/ Website: https://tls.mbed.org/
Title: libpng Title: libpng

8
sdk/include/reactos/libs/mbedtls/version.h
View file

@ -42,16 +42,16 @@
*/ */
#define MBEDTLS_VERSION_MAJOR 2 #define MBEDTLS_VERSION_MAJOR 2
#define MBEDTLS_VERSION_MINOR 7 #define MBEDTLS_VERSION_MINOR 7
#define MBEDTLS_VERSION_PATCH 12 #define MBEDTLS_VERSION_PATCH 14
/** /**
* The single version number has the following structure: * The single version number has the following structure:
* MMNNPP00 * MMNNPP00
* Major version | Minor version | Patch version * Major version | Minor version | Patch version
*/ */
#define MBEDTLS_VERSION_NUMBER 0x02070C00 #define MBEDTLS_VERSION_NUMBER 0x02070E00
#define MBEDTLS_VERSION_STRING "2.7.12" #define MBEDTLS_VERSION_STRING "2.7.14"
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.7.12" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.7.14"
#if defined(MBEDTLS_VERSION_C) #if defined(MBEDTLS_VERSION_C)