Sara/authority
1
0
Fork 0
Code Issues 7 Pull requests Projects 2 Releases Packages Wiki Activity Actions

feat: updated engine version to 4.4-rc1

Browse source
This commit is contained in:
Sara 2025-02-23 14:38:14 +01:00
parent ee00efde1f
commit 21ba8e33af
5459 changed files with 1128836 additions and 198305 deletions
Download patch file Download diff file Expand all files Collapse all files

12
engine/thirdparty/mbedtls/include/godot_module_mbedtls_config.h vendored
View file

@ -59,18 +59,6 @@
// Disable deprecated
#define MBEDTLS_DEPRECATED_REMOVED
// mbedTLS 3.6 finally enabled TLSv1.3 by default, but it requires some mobule
// changes, and to enable PSA crypto (new "standard" API specification).
// Disable it for now.
#undef MBEDTLS_SSL_PROTO_TLS1_3
// Disable PSA Crypto.
#undef MBEDTLS_PSA_CRYPTO_CONFIG
#undef MBEDTLS_PSA_CRYPTO_C
#undef MBEDTLS_PSA_CRYPTO_STORAGE_C
#undef MBEDTLS_PSA_ITS_FILE_C
#undef MBEDTLS_LMS_C
#endif // GODOT_MBEDTLS_INCLUDE_H
#endif // GODOT_MODULE_MBEDTLS_CONFIG_H

2
engine/thirdparty/mbedtls/include/mbedtls/bignum.h vendored
View file

@ -880,7 +880,7 @@ int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A,
mbedtls_mpi_sint b);
/**
* \brief Perform a sliding-window exponentiation: X = A^E mod N
* \brief Perform a modular exponentiation: X = A^E mod N
*
* \param X The destination MPI. This must point to an initialized MPI.
* This must not alias E or N.

30
engine/thirdparty/mbedtls/include/mbedtls/build_info.h vendored
View file

@ -26,16 +26,16 @@
*/
#define MBEDTLS_VERSION_MAJOR 3
#define MBEDTLS_VERSION_MINOR 6
#define MBEDTLS_VERSION_PATCH 0
#define MBEDTLS_VERSION_PATCH 2
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
#define MBEDTLS_VERSION_NUMBER 0x03060000
#define MBEDTLS_VERSION_STRING "3.6.0"
#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.6.0"
#define MBEDTLS_VERSION_NUMBER 0x03060200
#define MBEDTLS_VERSION_STRING "3.6.2"
#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.6.2"
/* Macros for build-time platform detection */
@ -101,6 +101,13 @@
#define inline __inline
#endif
#if defined(MBEDTLS_CONFIG_FILES_READ)
#error "Something went wrong: MBEDTLS_CONFIG_FILES_READ defined before reading the config files!"
#endif
#if defined(MBEDTLS_CONFIG_IS_FINALIZED)
#error "Something went wrong: MBEDTLS_CONFIG_IS_FINALIZED defined before reading the config files!"
#endif
/* X.509, TLS and non-PSA crypto configuration */
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/mbedtls_config.h"
@ -135,6 +142,12 @@
#endif
#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
/* Indicate that all configuration files have been read.
* It is now time to adjust the configuration (follow through on dependencies,
* make PSA and legacy crypto consistent, etc.).
*/
#define MBEDTLS_CONFIG_FILES_READ
/* Auto-enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if
* MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH and MBEDTLS_CTR_DRBG_C defined
* to ensure a 128-bit key size in CTR_DRBG.
@ -169,8 +182,13 @@
#include "mbedtls/config_adjust_ssl.h"
/* Make sure all configuration symbols are set before including check_config.h,
* even the ones that are calculated programmatically. */
/* Indicate that all configuration symbols are set,
* even the ones that are calculated programmatically.
* It is now safe to query the configuration (to check it, to size buffers,
* etc.).
*/
#define MBEDTLS_CONFIG_IS_FINALIZED
#include "mbedtls/check_config.h"
#endif /* MBEDTLS_BUILD_INFO_H */

14
engine/thirdparty/mbedtls/include/mbedtls/check_config.h vendored
View file

@ -2,6 +2,13 @@
* \file check_config.h
*
* \brief Consistency checks for configuration options
*
* This is an internal header. Do not include it directly.
*
* This header is included automatically by all public Mbed TLS headers
* (via mbedtls/build_info.h). Do not include it directly in a configuration
* file such as mbedtls/mbedtls_config.h or #MBEDTLS_USER_CONFIG_FILE!
* It would run at the wrong time due to missing derived symbols.
*/
/*
* Copyright The Mbed TLS Contributors
@ -12,6 +19,13 @@
#define MBEDTLS_CHECK_CONFIG_H
/* *INDENT-OFF* */
#if !defined(MBEDTLS_CONFIG_IS_FINALIZED)
#warning "Do not include mbedtls/check_config.h manually! " \
"This may cause spurious errors. " \
"It is included automatically at the right point since Mbed TLS 3.0."
#endif /* !MBEDTLS_CONFIG_IS_FINALIZED */
/*
* We assume CHAR_BIT is 8 in many places. In practice, this is true on our
* target platforms, so not an issue, but let's just be extra sure.

29
engine/thirdparty/mbedtls/include/mbedtls/config_adjust_legacy_crypto.h vendored
View file

@ -2,7 +2,9 @@
* \file mbedtls/config_adjust_legacy_crypto.h
* \brief Adjust legacy configuration configuration
*
* Automatically enable certain dependencies. Generally, MBEDLTS_xxx
* This is an internal header. Do not include it directly.
*
* Automatically enable certain dependencies. Generally, MBEDTLS_xxx
* configurations need to be explicitly enabled by the user: enabling
* MBEDTLS_xxx_A but not MBEDTLS_xxx_B when A requires B results in a
* compilation error. However, we do automatically enable certain options
@ -22,6 +24,14 @@
#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
#define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \
"it from your configuration file: since Mbed TLS 3.0, it is included " \
"automatically at the right point."
#endif /* */
/* Ideally, we'd set those as defaults in mbedtls_config.h, but
* putting an #ifdef _WIN32 in mbedtls_config.h would confuse config.py.
*
@ -48,7 +58,8 @@
defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG))
defined(MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC))
#define MBEDTLS_CIPHER_C
#endif
@ -293,6 +304,14 @@
#define MBEDTLS_ECP_LIGHT
#endif
/* Backward compatibility: after #8740 the RSA module offers functions to parse
* and write RSA private/public keys without relying on the PK one. Of course
* this needs ASN1 support to do so, so we enable it here. */
#if defined(MBEDTLS_RSA_C)
#define MBEDTLS_ASN1_PARSE_C
#define MBEDTLS_ASN1_WRITE_C
#endif
/* MBEDTLS_PK_PARSE_EC_COMPRESSED is introduced in Mbed TLS version 3.5, while
* in previous version compressed points were automatically supported as long
* as PK_PARSE_C and ECP_C were enabled. As a consequence, for backward
@ -409,12 +428,12 @@
/* psa_util file features some ECDSA conversion functions, to convert between
* legacy's ASN.1 DER format and PSA's raw one. */
#if defined(MBEDTLS_ECDSA_C) || (defined(MBEDTLS_PSA_CRYPTO_C) && \
#if (defined(MBEDTLS_PSA_CRYPTO_CLIENT) && \
(defined(PSA_WANT_ALG_ECDSA) || defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)))
#define MBEDTLS_PSA_UTIL_HAVE_ECDSA
#endif
/* Some internal helpers to determine which keys are availble. */
/* Some internal helpers to determine which keys are available. */
#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_AES_C)) || \
(defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_AES))
#define MBEDTLS_SSL_HAVE_AES
@ -428,7 +447,7 @@
#define MBEDTLS_SSL_HAVE_CAMELLIA
#endif
/* Some internal helpers to determine which operation modes are availble. */
/* Some internal helpers to determine which operation modes are available. */
#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CIPHER_MODE_CBC)) || \
(defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CBC_NO_PADDING))
#define MBEDTLS_SSL_HAVE_CBC

16
engine/thirdparty/mbedtls/include/mbedtls/config_adjust_legacy_from_psa.h vendored
View file

@ -2,6 +2,8 @@
* \file mbedtls/config_adjust_legacy_from_psa.h
* \brief Adjust PSA configuration: activate legacy implementations
*
* This is an internal header. Do not include it directly.
*
* When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, activate legacy implementations
* of cryptographic mechanisms as needed to fulfill the needs of the PSA
* configuration. Generally speaking, we activate a legacy mechanism if
@ -16,6 +18,14 @@
#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
#define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \
"it from your configuration file: since Mbed TLS 3.0, it is included " \
"automatically at the right point."
#endif /* */
/* Define appropriate ACCEL macros for the p256-m driver.
* In the future, those should be generated from the drivers JSON description.
*/
@ -498,7 +508,6 @@
* The PSA implementation has its own implementation of HKDF, separate from
* hkdf.c. No need to enable MBEDTLS_HKDF_C here.
*/
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */
#endif /* PSA_WANT_ALG_HKDF */
@ -509,7 +518,6 @@
* The PSA implementation has its own implementation of HKDF, separate from
* hkdf.c. No need to enable MBEDTLS_HKDF_C here.
*/
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */
#endif /* PSA_WANT_ALG_HKDF_EXTRACT */
@ -520,7 +528,6 @@
* The PSA implementation has its own implementation of HKDF, separate from
* hkdf.c. No need to enable MBEDTLS_HKDF_C here.
*/
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */
#endif /* PSA_WANT_ALG_HKDF_EXPAND */
@ -630,9 +637,6 @@
#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC)
#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1
#define PSA_HAVE_SOFT_PBKDF2_HMAC 1
#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
#endif /* !MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
#endif /* PSA_WANT_ALG_PBKDF2_HMAC */

10
engine/thirdparty/mbedtls/include/mbedtls/config_adjust_psa_from_legacy.h vendored
View file

@ -2,6 +2,8 @@
* \file mbedtls/config_adjust_psa_from_legacy.h
* \brief Adjust PSA configuration: construct PSA configuration from legacy
*
* This is an internal header. Do not include it directly.
*
* When MBEDTLS_PSA_CRYPTO_CONFIG is disabled, we automatically enable
* cryptographic mechanisms through the PSA interface when the corresponding
* legacy mechanism is enabled. In many cases, this just enables the PSA
@ -18,6 +20,14 @@
#ifndef MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H
#define MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \
"it from your configuration file: since Mbed TLS 3.0, it is included " \
"automatically at the right point."
#endif /* */
/*
* Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
* is not defined

10
engine/thirdparty/mbedtls/include/mbedtls/config_adjust_psa_superset_legacy.h vendored
View file

@ -2,6 +2,8 @@
* \file mbedtls/config_adjust_psa_superset_legacy.h
* \brief Adjust PSA configuration: automatic enablement from legacy
*
* This is an internal header. Do not include it directly.
*
* To simplify some edge cases, we automatically enable certain cryptographic
* mechanisms in the PSA API if they are enabled in the legacy API. The general
* idea is that if legacy module M uses mechanism A internally, and A has
@ -17,6 +19,14 @@
#ifndef MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H
#define MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \
"it from your configuration file: since Mbed TLS 3.0, it is included " \
"automatically at the right point."
#endif /* */
/****************************************************************/
/* Hashes that are built in are also enabled in PSA.
* This simplifies dependency declarations especially

12
engine/thirdparty/mbedtls/include/mbedtls/config_adjust_ssl.h vendored
View file

@ -2,7 +2,9 @@
* \file mbedtls/config_adjust_ssl.h
* \brief Adjust TLS configuration
*
* Automatically enable certain dependencies. Generally, MBEDLTS_xxx
* This is an internal header. Do not include it directly.
*
* Automatically enable certain dependencies. Generally, MBEDTLS_xxx
* configurations need to be explicitly enabled by the user: enabling
* MBEDTLS_xxx_A but not MBEDTLS_xxx_B when A requires B results in a
* compilation error. However, we do automatically enable certain options
@ -22,6 +24,14 @@
#ifndef MBEDTLS_CONFIG_ADJUST_SSL_H
#define MBEDTLS_CONFIG_ADJUST_SSL_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \
"it from your configuration file: since Mbed TLS 3.0, it is included " \
"automatically at the right point."
#endif /* */
/* The following blocks make it easier to disable all of TLS,
* or of TLS 1.2 or 1.3 or DTLS, without having to manually disable all
* key exchanges, options and extensions related to them. */

12
engine/thirdparty/mbedtls/include/mbedtls/config_adjust_x509.h vendored
View file

@ -2,7 +2,9 @@
* \file mbedtls/config_adjust_x509.h
* \brief Adjust X.509 configuration
*
* Automatically enable certain dependencies. Generally, MBEDLTS_xxx
* This is an internal header. Do not include it directly.
*
* Automatically enable certain dependencies. Generally, MBEDTLS_xxx
* configurations need to be explicitly enabled by the user: enabling
* MBEDTLS_xxx_A but not MBEDTLS_xxx_B when A requires B results in a
* compilation error. However, we do automatically enable certain options
@ -22,4 +24,12 @@
#ifndef MBEDTLS_CONFIG_ADJUST_X509_H
#define MBEDTLS_CONFIG_ADJUST_X509_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \
"it from your configuration file: since Mbed TLS 3.0, it is included " \
"automatically at the right point."
#endif /* */
#endif /* MBEDTLS_CONFIG_ADJUST_X509_H */

6
engine/thirdparty/mbedtls/include/mbedtls/config_psa.h vendored
View file

@ -22,6 +22,8 @@
#include "psa/crypto_adjust_config_synonyms.h"
#include "psa/crypto_adjust_config_dependencies.h"
#include "mbedtls/config_adjust_psa_superset_legacy.h"
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
@ -32,7 +34,11 @@
* before we deduce what built-ins are required. */
#include "psa/crypto_adjust_config_key_pair_types.h"
#if defined(MBEDTLS_PSA_CRYPTO_C)
/* If we are implementing PSA crypto ourselves, then we want to enable the
* required built-ins. Otherwise, PSA features will be provided by the server. */
#include "mbedtls/config_adjust_legacy_from_psa.h"
#endif
#else /* MBEDTLS_PSA_CRYPTO_CONFIG */

33
engine/thirdparty/mbedtls/include/mbedtls/ctr_drbg.h vendored
View file

@ -32,12 +32,27 @@
#include "mbedtls/build_info.h"
/* In case AES_C is defined then it is the primary option for backward
* compatibility purposes. If that's not available, PSA is used instead */
#if defined(MBEDTLS_AES_C)
#include "mbedtls/aes.h"
#else
/* The CTR_DRBG implementation can either directly call the low-level AES
* module (gated by MBEDTLS_AES_C) or call the PSA API to perform AES
* operations. Calling the AES module directly is the default, both for
* maximum backward compatibility and because it's a bit more efficient
* (less glue code).
*
* When MBEDTLS_AES_C is disabled, the CTR_DRBG module calls PSA crypto and
* thus benefits from the PSA AES accelerator driver.
* It is technically possible to enable MBEDTLS_CTR_DRBG_USE_PSA_CRYPTO
* to use PSA even when MBEDTLS_AES_C is enabled, but there is very little
* reason to do so other than testing purposes and this is not officially
* supported.
*/
#if !defined(MBEDTLS_AES_C)
#define MBEDTLS_CTR_DRBG_USE_PSA_CRYPTO
#endif
#if defined(MBEDTLS_CTR_DRBG_USE_PSA_CRYPTO)
#include "psa/crypto.h"
#else
#include "mbedtls/aes.h"
#endif
#include "entropy.h"
@ -157,7 +172,7 @@ extern "C" {
#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2
#endif
#if !defined(MBEDTLS_AES_C)
#if defined(MBEDTLS_CTR_DRBG_USE_PSA_CRYPTO)
typedef struct mbedtls_ctr_drbg_psa_context {
mbedtls_svc_key_id_t key_id;
psa_cipher_operation_t operation;
@ -189,10 +204,10 @@ typedef struct mbedtls_ctr_drbg_context {
* This is the maximum number of requests
* that can be made between reseedings. */
#if defined(MBEDTLS_AES_C)
mbedtls_aes_context MBEDTLS_PRIVATE(aes_ctx); /*!< The AES context. */
#else
#if defined(MBEDTLS_CTR_DRBG_USE_PSA_CRYPTO)
mbedtls_ctr_drbg_psa_context MBEDTLS_PRIVATE(psa_ctx); /*!< The PSA context. */
#else
mbedtls_aes_context MBEDTLS_PRIVATE(aes_ctx); /*!< The AES context. */
#endif
/*

2
engine/thirdparty/mbedtls/include/mbedtls/ecdh.h vendored
View file

@ -325,7 +325,7 @@ int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx,
* \brief This function sets up an ECDH context from an EC key.
*
* It is used by clients and servers in place of the
* ServerKeyEchange for static ECDH, and imports ECDH
* ServerKeyExchange for static ECDH, and imports ECDH
* parameters from the EC key information of a certificate.
*
* \see ecp.h

2
engine/thirdparty/mbedtls/include/mbedtls/ecp.h vendored
View file

@ -216,7 +216,7 @@ mbedtls_ecp_point;
* range of <code>0..2^(2*pbits)-1</code>, and transforms it in-place to an integer
* which is congruent mod \p P to the given MPI, and is close enough to \p pbits
* in size, so that it may be efficiently brought in the 0..P-1 range by a few
* additions or subtractions. Therefore, it is only an approximative modular
* additions or subtractions. Therefore, it is only an approximate modular
* reduction. It must return 0 on success and non-zero on failure.
*
* \note Alternative implementations of the ECP module must obey the

64
engine/thirdparty/mbedtls/include/mbedtls/mbedtls_config.h vendored
View file

@ -1118,7 +1118,7 @@
* MBEDTLS_ECP_DP_SECP256R1_ENABLED
*
* \warning If SHA-256 is provided only by a PSA driver, you must call
* psa_crypto_init() before the first hanshake (even if
* psa_crypto_init() before the first handshake (even if
* MBEDTLS_USE_PSA_CRYPTO is disabled).
*
* This enables the following ciphersuites (if other requisites are
@ -1414,6 +1414,23 @@
*/
//#define MBEDTLS_PSA_CRYPTO_SPM
/**
* \def MBEDTLS_PSA_KEY_STORE_DYNAMIC
*
* Dynamically resize the PSA key store to accommodate any number of
* volatile keys (until the heap memory is exhausted).
*
* If this option is disabled, the key store has a fixed size
* #MBEDTLS_PSA_KEY_SLOT_COUNT for volatile keys and loaded persistent keys
* together.
*
* This option has no effect when #MBEDTLS_PSA_CRYPTO_C is disabled.
*
* Module: library/psa_crypto.c
* Requires: MBEDTLS_PSA_CRYPTO_C
*/
#define MBEDTLS_PSA_KEY_STORE_DYNAMIC
/**
* Uncomment to enable p256-m. This is an alternative implementation of
* key generation, ECDH and (randomized) ECDSA on the curve SECP256R1.
@ -1781,8 +1798,9 @@
* Requires: MBEDTLS_PSA_CRYPTO_C
*
* \note TLS 1.3 uses PSA crypto for cryptographic operations that are
* directly performed by TLS 1.3 code. As a consequence, you must
* call psa_crypto_init() before the first TLS 1.3 handshake.
* directly performed by TLS 1.3 code. As a consequence, when TLS 1.3
* is enabled, a TLS handshake may call psa_crypto_init(), even
* if it ends up negotiating a different TLS version.
*
* \note Cryptographic operations performed indirectly via another module
* (X.509, PK) or by code shared with TLS 1.2 (record protection,
@ -2625,7 +2643,7 @@
* The CTR_DRBG generator uses AES-256 by default.
* To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above.
*
* AES support can either be achived through builtin (MBEDTLS_AES_C) or PSA.
* AES support can either be achieved through builtin (MBEDTLS_AES_C) or PSA.
* Builtin is the default option when MBEDTLS_AES_C is defined otherwise PSA
* is used.
*
@ -4016,22 +4034,38 @@
* Use HMAC_DRBG with the specified hash algorithm for HMAC_DRBG for the
* PSA crypto subsystem.
*
* If this option is unset:
* - If CTR_DRBG is available, the PSA subsystem uses it rather than HMAC_DRBG.
* - Otherwise, the PSA subsystem uses HMAC_DRBG with either
* #MBEDTLS_MD_SHA512 or #MBEDTLS_MD_SHA256 based on availability and
* on unspecified heuristics.
* If this option is unset, the library chooses a hash (currently between
* #MBEDTLS_MD_SHA512 and #MBEDTLS_MD_SHA256) based on availability and
* unspecified heuristics.
*
* \note The PSA crypto subsystem uses the first available mechanism amongst
* the following:
* - #MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG if enabled;
* - Entropy from #MBEDTLS_ENTROPY_C plus CTR_DRBG with AES
* if #MBEDTLS_CTR_DRBG_C is enabled;
* - Entropy from #MBEDTLS_ENTROPY_C plus HMAC_DRBG.
*
* A future version may reevaluate the prioritization of DRBG mechanisms.
*/
//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
/** \def MBEDTLS_PSA_KEY_SLOT_COUNT
* Restrict the PSA library to supporting a maximum amount of simultaneously
* loaded keys. A loaded key is a key stored by the PSA Crypto core as a
* volatile key, or a persistent key which is loaded temporarily by the
* library as part of a crypto operation in flight.
*
* If this option is unset, the library will fall back to a default value of
* 32 keys.
* When #MBEDTLS_PSA_KEY_STORE_DYNAMIC is disabled,
* the maximum amount of PSA keys simultaneously in memory. This counts all
* volatile keys, plus loaded persistent keys.
*
* When #MBEDTLS_PSA_KEY_STORE_DYNAMIC is enabled,
* the maximum number of loaded persistent keys.
*
* Currently, persistent keys do not need to be loaded all the time while
* a multipart operation is in progress, only while the operation is being
* set up. This may change in future versions of the library.
*
* Currently, the library traverses of the whole table on each access to a
* persistent key. Therefore large values may cause poor performance.
*
* This option has no effect when #MBEDTLS_PSA_CRYPTO_C is disabled.
*/
//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32

50
engine/thirdparty/mbedtls/include/mbedtls/pk.h vendored
View file

@ -359,32 +359,40 @@ int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info);
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/**
* \brief Initialize a PK context to wrap a PSA key.
* \brief Initialize a PK context to wrap a PSA key.
*
* \note This function replaces mbedtls_pk_setup() for contexts
* that wrap a (possibly opaque) PSA key instead of
* storing and manipulating the key material directly.
* This function creates a PK context which wraps a PSA key. The PSA wrapped
* key must be an EC or RSA key pair (DH is not suported in the PK module).
*
* \param ctx The context to initialize. It must be empty (type NONE).
* \param key The PSA key to wrap, which must hold an ECC or RSA key
* pair (see notes below).
* Under the hood PSA functions will be used to perform the required
* operations and, based on the key type, used algorithms will be:
* * EC:
* * verify, verify_ext, sign, sign_ext: ECDSA.
* * RSA:
* * sign, decrypt: use the primary algorithm in the wrapped PSA key;
* * sign_ext: RSA PSS if the pk_type is #MBEDTLS_PK_RSASSA_PSS, otherwise
* it falls back to the sign() case;
* * verify, verify_ext, encrypt: not supported.
*
* \note The wrapped key must remain valid as long as the
* wrapping PK context is in use, that is at least between
* the point this function is called and the point
* mbedtls_pk_free() is called on this context. The wrapped
* key might then be independently used or destroyed.
* In order for the above operations to succeed, the policy of the wrapped PSA
* key must allow the specified algorithm.
*
* \note This function is currently only available for ECC or RSA
* key pairs (that is, keys containing private key material).
* Support for other key types may be added later.
* Opaque PK contexts wrapping an EC keys also support \c mbedtls_pk_check_pair(),
* whereas RSA ones do not.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input
* (context already used, invalid key identifier).
* \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an
* ECC key pair.
* \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
* \warning The PSA wrapped key must remain valid as long as the wrapping PK
* context is in use, that is at least between the point this function
* is called and the point mbedtls_pk_free() is called on this context.
*
* \param ctx The context to initialize. It must be empty (type NONE).
* \param key The PSA key to wrap, which must hold an ECC or RSA key pair.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input (context already
* used, invalid key identifier).
* \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an ECC or
* RSA key pair.
* \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
*/
int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
const mbedtls_svc_key_id_t key);

145
engine/thirdparty/mbedtls/include/mbedtls/ssl.h vendored
View file

@ -83,10 +83,7 @@
/** Processing of the Certificate handshake message failed. */
#define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00
/* Error space gap */
/**
* Received NewSessionTicket Post Handshake Message.
* This error code is experimental and may be changed or removed without notice.
*/
/** A TLS 1.3 NewSessionTicket message has been received. */
#define MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET -0x7B00
/** Not possible to read early data */
#define MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA -0x7B80
@ -324,6 +321,9 @@
#define MBEDTLS_SSL_SESSION_TICKETS_DISABLED 0
#define MBEDTLS_SSL_SESSION_TICKETS_ENABLED 1
#define MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_DISABLED 0
#define MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED 1
#define MBEDTLS_SSL_PRESET_DEFAULT 0
#define MBEDTLS_SSL_PRESET_SUITEB 2
@ -1446,6 +1446,12 @@ struct mbedtls_ssl_config {
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
defined(MBEDTLS_SSL_CLI_C)
/** Encodes two booleans, one stating whether TLS 1.2 session tickets are
* enabled or not, the other one whether the handling of TLS 1.3
* NewSessionTicket messages is enabled or not. They are respectively set
* by mbedtls_ssl_conf_session_tickets() and
* mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets().
*/
uint8_t MBEDTLS_PRIVATE(session_tickets); /*!< use session tickets? */
#endif
@ -2364,7 +2370,7 @@ int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl,
*/
int mbedtls_ssl_get_own_cid(mbedtls_ssl_context *ssl,
int *enabled,
unsigned char own_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX],
unsigned char own_cid[MBEDTLS_SSL_CID_IN_LEN_MAX],
size_t *own_cid_len);
/**
@ -3216,16 +3222,16 @@ void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf,
* a full handshake.
*
* \note This function can handle a variety of mechanisms for session
* resumption: For TLS 1.2, both session ID-based resumption and
* ticket-based resumption will be considered. For TLS 1.3,
* once implemented, sessions equate to tickets, and loading
* one or more sessions via this call will lead to their
* corresponding tickets being advertised as resumption PSKs
* by the client.
*
* \note Calling this function multiple times will only be useful
* once TLS 1.3 is supported. For TLS 1.2 connections, this
* function should be called at most once.
* resumption: For TLS 1.2, both session ID-based resumption
* and ticket-based resumption will be considered. For TLS 1.3,
* sessions equate to tickets, and loading one session by
* calling this function will lead to its corresponding ticket
* being advertised as resumption PSK by the client. This
* depends on session tickets being enabled (see
* #MBEDTLS_SSL_SESSION_TICKETS configuration option) though.
* If session tickets are disabled, a call to this function
* with a TLS 1.3 session, will not have any effect on the next
* handshake for the SSL context \p ssl.
*
* \param ssl The SSL context representing the connection which should
* be attempted to be setup using session resumption. This
@ -3240,9 +3246,10 @@ void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf,
*
* \return \c 0 if successful.
* \return \c MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if the session
* could not be loaded because of an implementation limitation.
* This error is non-fatal, and has no observable effect on
* the SSL context or the session that was attempted to be loaded.
* could not be loaded because one session has already been
* loaded. This error is non-fatal, and has no observable
* effect on the SSL context or the session that was attempted
* to be loaded.
* \return Another negative error code on other kinds of failure.
*
* \sa mbedtls_ssl_get_session()
@ -3309,8 +3316,16 @@ int mbedtls_ssl_session_load(mbedtls_ssl_session *session,
* to determine the necessary size by calling this function
* with \p buf set to \c NULL and \p buf_len to \c 0.
*
* \note For TLS 1.3 sessions, this feature is supported only if the
* MBEDTLS_SSL_SESSION_TICKETS configuration option is enabled,
* as in TLS 1.3 session resumption is possible only with
* tickets.
*
* \return \c 0 if successful.
* \return #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small.
* \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if the
* MBEDTLS_SSL_SESSION_TICKETS configuration option is disabled
* and the session is a TLS 1.3 session.
*/
int mbedtls_ssl_session_save(const mbedtls_ssl_session *session,
unsigned char *buf,
@ -4456,21 +4471,50 @@ int mbedtls_ssl_conf_max_frag_len(mbedtls_ssl_config *conf, unsigned char mfl_co
void mbedtls_ssl_conf_preference_order(mbedtls_ssl_config *conf, int order);
#endif /* MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
defined(MBEDTLS_SSL_CLI_C)
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
/**
* \brief Enable / Disable session tickets (client only).
* (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED.)
* \brief Enable / Disable TLS 1.2 session tickets (client only,
* TLS 1.2 only). Enabled by default.
*
* \note On server, use \c mbedtls_ssl_conf_session_tickets_cb().
*
* \param conf SSL configuration
* \param use_tickets Enable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or
* MBEDTLS_SSL_SESSION_TICKETS_DISABLED)
* \param use_tickets Enable or disable (#MBEDTLS_SSL_SESSION_TICKETS_ENABLED or
* #MBEDTLS_SSL_SESSION_TICKETS_DISABLED)
*/
void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets);
#endif /* MBEDTLS_SSL_SESSION_TICKETS &&
MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/**
* \brief Enable / Disable handling of TLS 1.3 NewSessionTicket messages
* (client only, TLS 1.3 only).
*
* The handling of TLS 1.3 NewSessionTicket messages is disabled by
* default.
*
* In TLS 1.3, servers may send a NewSessionTicket message at any time,
* and may send multiple NewSessionTicket messages. By default, TLS 1.3
* clients ignore NewSessionTicket messages.
*
* To support session tickets in TLS 1.3 clients, call this function
* with #MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED. When
* this is enabled, when a client receives a NewSessionTicket message,
* the next call to a message processing functions (notably
* mbedtls_ssl_handshake() and mbedtls_ssl_read()) will return
* #MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET. The client should then
* call mbedtls_ssl_get_session() to retrieve the session ticket before
* calling the same message processing function again.
*
* \param conf SSL configuration
* \param signal_new_session_tickets Enable or disable
* (#MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED or
* #MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_DISABLED)
*/
void mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(
mbedtls_ssl_config *conf, int signal_new_session_tickets);
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
defined(MBEDTLS_SSL_SRV_C) && \
@ -4837,23 +4881,16 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl
* \note This function can handle a variety of mechanisms for session
* resumption: For TLS 1.2, both session ID-based resumption and
* ticket-based resumption will be considered. For TLS 1.3,
* once implemented, sessions equate to tickets, and calling
* this function multiple times will export the available
* tickets one a time until no further tickets are available,
* in which case MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE will
* be returned.
*
* \note Calling this function multiple times will only be useful
* once TLS 1.3 is supported. For TLS 1.2 connections, this
* function should be called at most once.
* sessions equate to tickets, and if session tickets are
* enabled (see #MBEDTLS_SSL_SESSION_TICKETS configuration
* option), this function exports the last received ticket and
* the exported session may be used to resume the TLS 1.3
* session. If session tickets are disabled, exported sessions
* cannot be used to resume a TLS 1.3 session.
*
* \return \c 0 if successful. In this case, \p session can be used for
* session resumption by passing it to mbedtls_ssl_set_session(),
* and serialized for storage via mbedtls_ssl_session_save().
* \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no further session
* is available for export.
* This error is a non-fatal, and has no observable effect on
* the SSL context or the destination session.
* \return Another negative error code on other kinds of failure.
*
* \sa mbedtls_ssl_set_session()
@ -4885,6 +4922,10 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl,
* \return #MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED if DTLS is in use
* and the client did not demonstrate reachability yet - in
* this case you must stop using the context (see below).
* \return #MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET if a TLS 1.3
* NewSessionTicket message has been received. See the
* documentation of mbedtls_ssl_read() for more information
* about this error code.
* \return #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA if early data, as
* defined in RFC 8446 (TLS 1.3 specification), has been
* received as part of the handshake. This is server specific
@ -4901,6 +4942,7 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl,
* #MBEDTLS_ERR_SSL_WANT_WRITE,
* #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or
* #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS or
* #MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET or
* #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA,
* you must stop using the SSL context for reading or writing,
* and either free it or call \c mbedtls_ssl_session_reset()
@ -4921,10 +4963,13 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl,
* currently being processed might or might not contain further
* DTLS records.
*
* \note If the context is configured to allow TLS 1.3, or if
* #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
* \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
* subsystem must have been initialized by calling
* psa_crypto_init() before calling this function.
* Otherwise, the handshake may call psa_crypto_init()
* if a negotiation involving TLS 1.3 takes place (this may
* be the case even if TLS 1.3 is offered but eventually
* not selected).
*/
int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl);
@ -4972,6 +5017,7 @@ static inline int mbedtls_ssl_is_handshake_over(mbedtls_ssl_context *ssl)
* #MBEDTLS_ERR_SSL_WANT_READ, #MBEDTLS_ERR_SSL_WANT_WRITE,
* #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS,
* #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS or
* #MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET or
* #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA, you must stop using
* the SSL context for reading or writing, and either free it
* or call \c mbedtls_ssl_session_reset() on it before
@ -5040,6 +5086,17 @@ int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl);
* \return #MBEDTLS_ERR_SSL_CLIENT_RECONNECT if we're at the server
* side of a DTLS connection and the client is initiating a
* new connection using the same source port. See below.
* \return #MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET if a TLS 1.3
* NewSessionTicket message has been received.
* This error code is only returned on the client side. It is
* only returned if handling of TLS 1.3 NewSessionTicket
* messages has been enabled through
* mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets().
* This error code indicates that a TLS 1.3 NewSessionTicket
* message has been received and parsed successfully by the
* client. The ticket data can be retrieved from the SSL
* context by calling mbedtls_ssl_get_session(). It remains
* available until the next call to mbedtls_ssl_read().
* \return #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA if early data, as
* defined in RFC 8446 (TLS 1.3 specification), has been
* received as part of the handshake. This is server specific
@ -5057,6 +5114,7 @@ int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl);
* #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS,
* #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS,
* #MBEDTLS_ERR_SSL_CLIENT_RECONNECT or
* #MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET or
* #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA,
* you must stop using the SSL context for reading or writing,
* and either free it or call \c mbedtls_ssl_session_reset()
@ -5122,6 +5180,10 @@ int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len);
* operation is in progress (see mbedtls_ecp_set_max_ops()) -
* in this case you must call this function again to complete
* the handshake when you're done attending other tasks.
* \return #MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET if a TLS 1.3
* NewSessionTicket message has been received. See the
* documentation of mbedtls_ssl_read() for more information
* about this error code.
* \return #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA if early data, as
* defined in RFC 8446 (TLS 1.3 specification), has been
* received as part of the handshake. This is server specific
@ -5138,6 +5200,7 @@ int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len);
* #MBEDTLS_ERR_SSL_WANT_WRITE,
* #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS,
* #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS or
* #MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET or
* #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA,
* you must stop using the SSL context for reading or writing,
* and either free it or call \c mbedtls_ssl_session_reset()

188
engine/thirdparty/mbedtls/include/psa/crypto.h vendored
View file

@ -121,8 +121,8 @@ static psa_key_attributes_t psa_key_attributes_init(void);
* value in the structure.
* The persistent key will be written to storage when the attribute
* structure is passed to a key creation function such as
* psa_import_key(), psa_generate_key(), psa_generate_key_ext(),
* psa_key_derivation_output_key(), psa_key_derivation_output_key_ext()
* psa_import_key(), psa_generate_key(), psa_generate_key_custom(),
* psa_key_derivation_output_key(), psa_key_derivation_output_key_custom()
* or psa_copy_key().
*
* This function may be declared as `static` (i.e. without external
@ -131,6 +131,9 @@ static psa_key_attributes_t psa_key_attributes_init(void);
*
* \param[out] attributes The attribute structure to write to.
* \param key The persistent identifier for the key.
* This can be any value in the range from
* #PSA_KEY_ID_USER_MIN to #PSA_KEY_ID_USER_MAX
* inclusive.
*/
static void psa_set_key_id(psa_key_attributes_t *attributes,
mbedtls_svc_key_id_t key);
@ -166,8 +169,8 @@ static void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes,
* value in the structure.
* The persistent key will be written to storage when the attribute
* structure is passed to a key creation function such as
* psa_import_key(), psa_generate_key(), psa_generate_key_ext(),
* psa_key_derivation_output_key(), psa_key_derivation_output_key_ext()
* psa_import_key(), psa_generate_key(), psa_generate_key_custom(),
* psa_key_derivation_output_key(), psa_key_derivation_output_key_custom()
* or psa_copy_key().
*
* This function may be declared as `static` (i.e. without external
@ -875,7 +878,7 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg,
* such that #PSA_ALG_IS_HASH(\p alg) is true).
* \param[in] input Buffer containing the message to hash.
* \param input_length Size of the \p input buffer in bytes.
* \param[out] hash Buffer containing the expected hash value.
* \param[in] hash Buffer containing the expected hash value.
* \param hash_length Size of the \p hash buffer in bytes.
*
* \retval #PSA_SUCCESS
@ -1230,7 +1233,7 @@ psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key,
* such that #PSA_ALG_IS_MAC(\p alg) is true).
* \param[in] input Buffer containing the input message.
* \param input_length Size of the \p input buffer in bytes.
* \param[out] mac Buffer containing the expected MAC value.
* \param[in] mac Buffer containing the expected MAC value.
* \param mac_length Size of the \p mac buffer in bytes.
*
* \retval #PSA_SUCCESS
@ -2922,7 +2925,7 @@ psa_status_t psa_sign_message(mbedtls_svc_key_id_t key,
* \p key.
* \param[in] input The message whose signature is to be verified.
* \param[in] input_length Size of the \p input buffer in bytes.
* \param[out] signature Buffer containing the signature to verify.
* \param[in] signature Buffer containing the signature to verify.
* \param[in] signature_length Size of the \p signature buffer in bytes.
*
* \retval #PSA_SUCCESS \emptydescription
@ -3248,7 +3251,7 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void);
* of or after providing inputs. For some algorithms, this step is mandatory
* because the output depends on the maximum capacity.
* -# To derive a key, call psa_key_derivation_output_key() or
* psa_key_derivation_output_key_ext().
* psa_key_derivation_output_key_custom().
* To derive a byte string for a different purpose, call
* psa_key_derivation_output_bytes().
* Successive calls to these functions use successive output bytes
@ -3471,7 +3474,7 @@ psa_status_t psa_key_derivation_input_integer(
* \note Once all inputs steps are completed, the operations will allow:
* - psa_key_derivation_output_bytes() if each input was either a direct input
* or a key with #PSA_KEY_USAGE_DERIVE set;
* - psa_key_derivation_output_key() or psa_key_derivation_output_key_ext()
* - psa_key_derivation_output_key() or psa_key_derivation_output_key_custom()
* if the input for step
* #PSA_KEY_DERIVATION_INPUT_SECRET or #PSA_KEY_DERIVATION_INPUT_PASSWORD
* was from a key slot with #PSA_KEY_USAGE_DERIVE and each other input was
@ -3721,9 +3724,9 @@ psa_status_t psa_key_derivation_output_bytes(
* on the derived key based on the attributes and strength of the secret key.
*
* \note This function is equivalent to calling
* psa_key_derivation_output_key_ext()
* with the production parameters #PSA_KEY_PRODUCTION_PARAMETERS_INIT
* and `params_data_length == 0` (i.e. `params->data` is empty).
* psa_key_derivation_output_key_custom()
* with the custom production parameters #PSA_CUSTOM_KEY_PARAMETERS_INIT
* and `custom_data_length == 0` (i.e. `custom_data` is empty).
*
* \param[in] attributes The attributes for the new key.
* If the key type to be created is
@ -3795,6 +3798,85 @@ psa_status_t psa_key_derivation_output_key(
* the policy must be the same as in the current
* operation.
* \param[in,out] operation The key derivation operation object to read from.
* \param[in] custom Customization parameters for the key generation.
* When this is #PSA_CUSTOM_KEY_PARAMETERS_INIT
* with \p custom_data_length = 0,
* this function is equivalent to
* psa_key_derivation_output_key().
* \param[in] custom_data Variable-length data associated with \c custom.
* \param custom_data_length
* Length of `custom_data` in bytes.
* \param[out] key On success, an identifier for the newly created
* key. For persistent keys, this is the key
* identifier defined in \p attributes.
* \c 0 on failure.
*
* \retval #PSA_SUCCESS
* Success.
* If the key is persistent, the key material and the key's metadata
* have been saved to persistent storage.
* \retval #PSA_ERROR_ALREADY_EXISTS
* This is an attempt to create a persistent key, and there is
* already a persistent key with the given identifier.
* \retval #PSA_ERROR_INSUFFICIENT_DATA
* There was not enough data to create the desired key.
* Note that in this case, no output is written to the output buffer.
* The operation's capacity is set to 0, thus subsequent calls to
* this function will not succeed, even with a smaller output buffer.
* \retval #PSA_ERROR_NOT_SUPPORTED
* The key type or key size is not supported, either by the
* implementation in general or in this particular location.
* \retval #PSA_ERROR_INVALID_ARGUMENT
* The provided key attributes are not valid for the operation.
* \retval #PSA_ERROR_NOT_PERMITTED
* The #PSA_KEY_DERIVATION_INPUT_SECRET or
* #PSA_KEY_DERIVATION_INPUT_PASSWORD input was not provided through a
* key; or one of the inputs was a key whose policy didn't allow
* #PSA_KEY_USAGE_DERIVE.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
* \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
* \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
* \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
* \retval #PSA_ERROR_DATA_INVALID \emptydescription
* \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
* \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
* \retval #PSA_ERROR_BAD_STATE
* The operation state is not valid (it must be active and completed
* all required input steps), or the library has not been previously
* initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
psa_status_t psa_key_derivation_output_key_custom(
const psa_key_attributes_t *attributes,
psa_key_derivation_operation_t *operation,
const psa_custom_key_parameters_t *custom,
const uint8_t *custom_data,
size_t custom_data_length,
mbedtls_svc_key_id_t *key);
#ifndef __cplusplus
/* Omitted when compiling in C++, because one of the parameters is a
* pointer to a struct with a flexible array member, and that is not
* standard C++.
* https://github.com/Mbed-TLS/mbedtls/issues/9020
*/
/** Derive a key from an ongoing key derivation operation with custom
* production parameters.
*
* \note
* This is a deprecated variant of psa_key_derivation_output_key_custom().
* It is equivalent except that the associated variable-length data
* is passed in `params->data` instead of a separate parameter.
* This function will be removed in a future version of Mbed TLS.
*
* \param[in] attributes The attributes for the new key.
* If the key type to be created is
* #PSA_KEY_TYPE_PASSWORD_HASH then the algorithm in
* the policy must be the same as in the current
* operation.
* \param[in,out] operation The key derivation operation object to read from.
* \param[in] params Customization parameters for the key derivation.
* When this is #PSA_KEY_PRODUCTION_PARAMETERS_INIT
* with \p params_data_length = 0,
@ -3848,14 +3930,13 @@ psa_status_t psa_key_derivation_output_key(
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
#ifndef __cplusplus
psa_status_t psa_key_derivation_output_key_ext(
const psa_key_attributes_t *attributes,
psa_key_derivation_operation_t *operation,
const psa_key_production_parameters_t *params,
size_t params_data_length,
mbedtls_svc_key_id_t *key);
#endif
#endif /* !__cplusplus */
/** Compare output data from a key derivation operation to an expected value.
*
@ -3881,8 +3962,8 @@ psa_status_t psa_key_derivation_output_key_ext(
* psa_key_derivation_abort().
*
* \param[in,out] operation The key derivation operation object to read from.
* \param[in] expected_output Buffer containing the expected derivation output.
* \param output_length Length of the expected output; this is also the
* \param[in] expected Buffer containing the expected derivation output.
* \param expected_length Length of the expected output; this is also the
* number of bytes that will be read.
*
* \retval #PSA_SUCCESS \emptydescription
@ -3912,8 +3993,8 @@ psa_status_t psa_key_derivation_output_key_ext(
*/
psa_status_t psa_key_derivation_verify_bytes(
psa_key_derivation_operation_t *operation,
const uint8_t *expected_output,
size_t output_length);
const uint8_t *expected,
size_t expected_length);
/** Compare output data from a key derivation operation to an expected value
* stored in a key object.
@ -3943,7 +4024,7 @@ psa_status_t psa_key_derivation_verify_bytes(
* operation. The value of this key was likely
* computed by a previous call to
* psa_key_derivation_output_key() or
* psa_key_derivation_output_key_ext().
* psa_key_derivation_output_key_custom().
*
* \retval #PSA_SUCCESS \emptydescription
* \retval #PSA_ERROR_INVALID_SIGNATURE
@ -4111,9 +4192,9 @@ psa_status_t psa_generate_random(uint8_t *output,
* between 2^{n-1} and 2^n where n is the bit size specified in the
* attributes.
*
* \note This function is equivalent to calling psa_generate_key_ext()
* with the production parameters #PSA_KEY_PRODUCTION_PARAMETERS_INIT
* and `params_data_length == 0` (i.e. `params->data` is empty).
* \note This function is equivalent to calling psa_generate_key_custom()
* with the custom production parameters #PSA_CUSTOM_KEY_PARAMETERS_INIT
* and `custom_data_length == 0` (i.e. `custom_data` is empty).
*
* \param[in] attributes The attributes for the new key.
* \param[out] key On success, an identifier for the newly created
@ -4153,7 +4234,7 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
* See the description of psa_generate_key() for the operation of this
* function with the default production parameters. In addition, this function
* supports the following production customizations, described in more detail
* in the documentation of ::psa_key_production_parameters_t:
* in the documentation of ::psa_custom_key_parameters_t:
*
* - RSA keys: generation with a custom public exponent.
*
@ -4161,6 +4242,64 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
* versions of Mbed TLS.
*
* \param[in] attributes The attributes for the new key.
* \param[in] custom Customization parameters for the key generation.
* When this is #PSA_CUSTOM_KEY_PARAMETERS_INIT
* with \p custom_data_length = 0,
* this function is equivalent to
* psa_generate_key().
* \param[in] custom_data Variable-length data associated with \c custom.
* \param custom_data_length
* Length of `custom_data` in bytes.
* \param[out] key On success, an identifier for the newly created
* key. For persistent keys, this is the key
* identifier defined in \p attributes.
* \c 0 on failure.
*
* \retval #PSA_SUCCESS
* Success.
* If the key is persistent, the key material and the key's metadata
* have been saved to persistent storage.
* \retval #PSA_ERROR_ALREADY_EXISTS
* This is an attempt to create a persistent key, and there is
* already a persistent key with the given identifier.
* \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
* \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
* \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription
* \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription
* \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription
* \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
* \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription
* \retval #PSA_ERROR_DATA_INVALID \emptydescription
* \retval #PSA_ERROR_DATA_CORRUPT \emptydescription
* \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription
* \retval #PSA_ERROR_BAD_STATE
* The library has not been previously initialized by psa_crypto_init().
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
psa_status_t psa_generate_key_custom(const psa_key_attributes_t *attributes,
const psa_custom_key_parameters_t *custom,
const uint8_t *custom_data,
size_t custom_data_length,
mbedtls_svc_key_id_t *key);
#ifndef __cplusplus
/* Omitted when compiling in C++, because one of the parameters is a
* pointer to a struct with a flexible array member, and that is not
* standard C++.
* https://github.com/Mbed-TLS/mbedtls/issues/9020
*/
/**
* \brief Generate a key or key pair using custom production parameters.
*
* \note
* This is a deprecated variant of psa_key_derivation_output_key_custom().
* It is equivalent except that the associated variable-length data
* is passed in `params->data` instead of a separate parameter.
* This function will be removed in a future version of Mbed TLS.
*
* \param[in] attributes The attributes for the new key.
* \param[in] params Customization parameters for the key generation.
* When this is #PSA_KEY_PRODUCTION_PARAMETERS_INIT
* with \p params_data_length = 0,
@ -4196,12 +4335,11 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes,
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
#ifndef __cplusplus
psa_status_t psa_generate_key_ext(const psa_key_attributes_t *attributes,
const psa_key_production_parameters_t *params,
size_t params_data_length,
mbedtls_svc_key_id_t *key);
#endif
#endif /* !__cplusplus */
/**@}*/

10
engine/thirdparty/mbedtls/include/psa/crypto_adjust_auto_enabled.h vendored
View file

@ -2,6 +2,8 @@
* \file psa/crypto_adjust_auto_enabled.h
* \brief Adjust PSA configuration: enable always-on features
*
* This is an internal header. Do not include it directly.
*
* Always enable certain features which require a negligible amount of code
* to implement, to avoid some edge cases in the configuration combinatorics.
*/
@ -13,6 +15,14 @@
#ifndef PSA_CRYPTO_ADJUST_AUTO_ENABLED_H
#define PSA_CRYPTO_ADJUST_AUTO_ENABLED_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \
"it from your configuration file: since Mbed TLS 3.0, it is included " \
"automatically at the right point."
#endif /* */
#define PSA_WANT_KEY_TYPE_DERIVE 1
#define PSA_WANT_KEY_TYPE_PASSWORD 1
#define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1

51
engine/thirdparty/mbedtls/include/psa/crypto_adjust_config_dependencies.h vendored Normal file
View file

@ -0,0 +1,51 @@
/**
* \file psa/crypto_adjust_config_dependencies.h
* \brief Adjust PSA configuration by resolving some dependencies.
*
* This is an internal header. Do not include it directly.
*
* See docs/proposed/psa-conditional-inclusion-c.md.
* If the Mbed TLS implementation of a cryptographic mechanism A depends on a
* cryptographic mechanism B then if the cryptographic mechanism A is enabled
* and not accelerated enable B. Note that if A is enabled and accelerated, it
* is not necessary to enable B for A support.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef PSA_CRYPTO_ADJUST_CONFIG_DEPENDENCIES_H
#define PSA_CRYPTO_ADJUST_CONFIG_DEPENDENCIES_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \
"it from your configuration file: since Mbed TLS 3.0, it is included " \
"automatically at the right point."
#endif /* */
#if (defined(PSA_WANT_ALG_TLS12_PRF) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF)) || \
(defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS)) || \
(defined(PSA_WANT_ALG_HKDF) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_HKDF)) || \
(defined(PSA_WANT_ALG_HKDF_EXTRACT) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT)) || \
(defined(PSA_WANT_ALG_HKDF_EXPAND) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND)) || \
(defined(PSA_WANT_ALG_PBKDF2_HMAC) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC))
#define PSA_WANT_ALG_HMAC 1
#define PSA_WANT_KEY_TYPE_HMAC 1
#endif
#if (defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) && \
!defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128))
#define PSA_WANT_KEY_TYPE_AES 1
#define PSA_WANT_ALG_CMAC 1
#endif
#endif /* PSA_CRYPTO_ADJUST_CONFIG_DEPENDENCIES_H */

10
engine/thirdparty/mbedtls/include/psa/crypto_adjust_config_key_pair_types.h vendored
View file

@ -2,6 +2,8 @@
* \file psa/crypto_adjust_config_key_pair_types.h
* \brief Adjust PSA configuration for key pair types.
*
* This is an internal header. Do not include it directly.
*
* See docs/proposed/psa-conditional-inclusion-c.md.
* - Support non-basic operations in a keypair type implicitly enables basic
* support for that keypair type.
@ -19,6 +21,14 @@
#ifndef PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H
#define PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \
"it from your configuration file: since Mbed TLS 3.0, it is included " \
"automatically at the right point."
#endif /* */
/*****************************************************************
* ANYTHING -> BASIC
****************************************************************/

10
engine/thirdparty/mbedtls/include/psa/crypto_adjust_config_synonyms.h vendored
View file

@ -2,6 +2,8 @@
* \file psa/crypto_adjust_config_synonyms.h
* \brief Adjust PSA configuration: enable quasi-synonyms
*
* This is an internal header. Do not include it directly.
*
* When two features require almost the same code, we automatically enable
* both when either one is requested, to reduce the combinatorics of
* possible configurations.
@ -14,6 +16,14 @@
#ifndef PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H
#define PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \
"it from your configuration file: since Mbed TLS 3.0, it is included " \
"automatically at the right point."
#endif /* */
/****************************************************************/
/* De facto synonyms */
/****************************************************************/

10
engine/thirdparty/mbedtls/include/psa/crypto_extra.h vendored
View file

@ -154,6 +154,14 @@ static inline void psa_clear_key_slot_number(
* specified in \p attributes.
*
* \param[in] attributes The attributes of the existing key.
* - The lifetime must be a persistent lifetime
* in a secure element. Volatile lifetimes are
* not currently supported.
* - The key identifier must be in the valid
* range for persistent keys.
* - The key type and size must be specified and
* must be consistent with the key material
* in the secure element.
*
* \retval #PSA_SUCCESS
* The key was successfully registered.
@ -479,7 +487,7 @@ psa_status_t mbedtls_psa_external_get_random(
* #PSA_KEY_ID_VENDOR_MIN and #PSA_KEY_ID_VENDOR_MAX and must not intersect
* with any other set of implementation-chosen key identifiers.
*
* This value is part of the library's ABI since changing it would invalidate
* This value is part of the library's API since changing it would invalidate
* the values of built-in key identifiers in applications.
*/
#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t) 0x7fff0000)

30
engine/thirdparty/mbedtls/include/psa/crypto_struct.h vendored
View file

@ -223,13 +223,36 @@ static inline struct psa_key_derivation_s psa_key_derivation_operation_init(
return v;
}
#ifndef __cplusplus
struct psa_key_production_parameters_s {
struct psa_custom_key_parameters_s {
/* Future versions may add other fields in this structure. */
uint32_t flags;
};
/** The default production parameters for key generation or key derivation.
*
* Calling psa_generate_key_custom() or psa_key_derivation_output_key_custom()
* with `custom=PSA_CUSTOM_KEY_PARAMETERS_INIT` and `custom_data_length=0` is
* equivalent to calling psa_generate_key() or psa_key_derivation_output_key()
* respectively.
*/
#define PSA_CUSTOM_KEY_PARAMETERS_INIT { 0 }
#ifndef __cplusplus
/* Omitted when compiling in C++, because one of the parameters is a
* pointer to a struct with a flexible array member, and that is not
* standard C++.
* https://github.com/Mbed-TLS/mbedtls/issues/9020
*/
/* This is a deprecated variant of `struct psa_custom_key_parameters_s`.
* It has exactly the same layout, plus an extra field which is a flexible
* array member. Thus a `const struct psa_key_production_parameters_s *`
* can be passed to any function that reads a
* `const struct psa_custom_key_parameters_s *`.
*/
struct psa_key_production_parameters_s {
uint32_t flags;
uint8_t data[];
};
#endif
/** The default production parameters for key generation or key derivation.
*
@ -240,6 +263,7 @@ struct psa_key_production_parameters_s {
* respectively.
*/
#define PSA_KEY_PRODUCTION_PARAMETERS_INIT { 0 }
#endif /* !__cplusplus */
struct psa_key_policy_s {
psa_key_usage_t MBEDTLS_PRIVATE(usage);

26
engine/thirdparty/mbedtls/include/psa/crypto_types.h vendored
View file

@ -455,6 +455,30 @@ typedef uint64_t psa_key_slot_number_t;
*/
typedef uint16_t psa_key_derivation_step_t;
/** \brief Custom parameters for key generation or key derivation.
*
* This is a structure type with at least the following field:
*
* - \c flags: an unsigned integer type. 0 for the default production parameters.
*
* Functions that take such a structure as input also take an associated
* input buffer \c custom_data of length \c custom_data_length.
*
* The interpretation of this structure and the associated \c custom_data
* parameter depend on the type of the created key.
*
* - #PSA_KEY_TYPE_RSA_KEY_PAIR:
* - \c flags: must be 0.
* - \c custom_data: the public exponent, in little-endian order.
* This must be an odd integer and must not be 1.
* Implementations must support 65537, should support 3 and may
* support other values.
* When not using a driver, Mbed TLS supports values up to \c INT_MAX.
* If this is empty, the default value 65537 is used.
* - Other key types: reserved for future use. \c flags must be 0.
*/
typedef struct psa_custom_key_parameters_s psa_custom_key_parameters_t;
/** \brief Custom parameters for key generation or key derivation.
*
* This is a structure type with at least the following fields:
@ -477,9 +501,7 @@ typedef uint16_t psa_key_derivation_step_t;
* - Other key types: reserved for future use. \c flags must be 0.
*
*/
#ifndef __cplusplus
typedef struct psa_key_production_parameters_s psa_key_production_parameters_t;
#endif
/**@}*/