mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 05:05:40 +01:00
Fix #2370, minor typos and spelling mistakes
This commit is contained in:
parent
6f76795bf5
commit
d5f4759594
@ -50,7 +50,7 @@ When backporting to these branches please observe the following rules:
|
||||
|
||||
2. All bug fixes that correct a defect that is also present in an LTS branch must be backported to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix should be reworked to avoid the API change. API changes without very strong justification are unlikely to be accepted.
|
||||
|
||||
3. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be addtional test cases or quality improvements such as changes to build or test scripts.
|
||||
3. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be additional test cases or quality improvements such as changes to build or test scripts.
|
||||
|
||||
It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/ARMmbed/mbedtls/tree/development) by contributors.
|
||||
|
||||
|
10
ChangeLog
10
ChangeLog
@ -341,7 +341,7 @@ Security
|
||||
1.2, that allowed a local attacker, able to execute code on the local
|
||||
machine as well as manipulate network packets, to partially recover the
|
||||
plaintext of messages under some conditions by using a cache attack
|
||||
targetting an internal MD/SHA buffer. With TLS or if
|
||||
targeting an internal MD/SHA buffer. With TLS or if
|
||||
mbedtls_ssl_conf_dtls_badmac_limit() was used, the attack only worked if
|
||||
the same secret (for example a HTTP Cookie) has been repeatedly sent over
|
||||
connections manipulated by the attacker. Connections using GCM or CCM
|
||||
@ -1227,7 +1227,7 @@ Bugfix
|
||||
* Fix potential build failures related to the 'apidoc' target, introduced
|
||||
in the previous patch release. Found by Robert Scheck. #390 #391
|
||||
* Fix issue in Makefile that prevented building using armar. #386
|
||||
* Fix memory leak that occured only when ECJPAKE was enabled and ECDHE and
|
||||
* Fix memory leak that occurred only when ECJPAKE was enabled and ECDHE and
|
||||
ECDSA was disabled in config.h . The leak didn't occur by default.
|
||||
* Fix an issue that caused valid certificates to be rejected whenever an
|
||||
expired or not yet valid certificate was parsed before a valid certificate
|
||||
@ -1469,7 +1469,7 @@ API Changes
|
||||
You now need to link to all of them if you use TLS for example.
|
||||
* All public identifiers moved to the mbedtls_* or MBEDTLS_* namespace.
|
||||
Some names have been further changed to make them more consistent.
|
||||
Migration helpers scripts/rename.pl and include/mbedlts/compat-1.3.h are
|
||||
Migration helpers scripts/rename.pl and include/mbedtls/compat-1.3.h are
|
||||
provided. Full list of renamings in scripts/data_files/rename-1.3-2.0.txt
|
||||
* Renamings of fields inside structures, not covered by the previous list:
|
||||
mbedtls_cipher_info_t.key_length -> key_bitlen
|
||||
@ -1524,7 +1524,7 @@ API Changes
|
||||
* net_accept() gained new arguments for the size of the client_ip buffer.
|
||||
* In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
|
||||
return void.
|
||||
* ecdsa_write_signature() gained an addtional md_alg argument and
|
||||
* ecdsa_write_signature() gained an additional md_alg argument and
|
||||
ecdsa_write_signature_det() was deprecated.
|
||||
* pk_sign() no longer accepts md_alg == POLARSSL_MD_NONE with ECDSA.
|
||||
* Last argument of x509_crt_check_key_usage() and
|
||||
@ -3059,7 +3059,7 @@ XySSL ChangeLog
|
||||
not swapped on PadLock; also fixed compilation on older versions
|
||||
of gcc (bug reported by David Barrett)
|
||||
* Correctly handle the case in padlock_xcryptcbc() when input or
|
||||
ouput data is non-aligned by falling back to the software
|
||||
output data is non-aligned by falling back to the software
|
||||
implementation, as VIA Nehemiah cannot handle non-aligned buffers
|
||||
* Fixed a memory leak in x509parse_crt() which was reported by Greg
|
||||
Robson-Garth; some x509write.c fixes by Pascal Vizeli, thanks to
|
||||
|
@ -47,7 +47,7 @@ In order to build for a Windows platform, you should use `WINDOWS_BUILD=1` if th
|
||||
|
||||
Setting the variable `SHARED` in your environment will build shared libraries in addition to the static libraries. Setting `DEBUG` gives you a debug build. You can override `CFLAGS` and `LDFLAGS` by setting them in your environment or on the make command line; compiler warning options may be overridden separately using `WARNING_CFLAGS`. Some directory-specific options (for example, `-I` directives) are still preserved.
|
||||
|
||||
Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -W`), so if you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overriden from the command line.
|
||||
Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -W`), so if you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overridden from the command line.
|
||||
|
||||
Depending on your platform, you might run into some issues. Please check the Makefiles in `library/`, `programs/` and `tests/` for options to manually add or remove for specific platforms. You can also check [the Mbed TLS Knowledge Base](https://tls.mbed.org/kb) for articles on your platform or issue.
|
||||
|
||||
|
@ -691,7 +691,7 @@
|
||||
/*
|
||||
* Avoid warning from -pedantic. This is a convenient place for this
|
||||
* workaround since this is included by every single file before the
|
||||
* #if defined(MBEDTLS_xxx_C) that results in emtpy translation units.
|
||||
* #if defined(MBEDTLS_xxx_C) that results in empty translation units.
|
||||
*/
|
||||
typedef int mbedtls_iso_c_forbids_empty_translation_units;
|
||||
|
||||
|
@ -139,7 +139,7 @@
|
||||
*
|
||||
* System has time.h, time(), and an implementation for
|
||||
* mbedtls_platform_gmtime_r() (see below).
|
||||
* The time needs to be correct (not necesarily very accurate, but at least
|
||||
* The time needs to be correct (not necessarily very accurate, but at least
|
||||
* the date should be correct). This is used to verify the validity period of
|
||||
* X.509 certificates.
|
||||
*
|
||||
@ -401,7 +401,7 @@
|
||||
* \note Because of a signature change, the core AES encryption and decryption routines are
|
||||
* currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
|
||||
* respectively. When setting up alternative implementations, these functions should
|
||||
* be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
|
||||
* be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
|
||||
* must stay untouched.
|
||||
*
|
||||
* \note If you use the AES_xxx_ALT macros, then is is recommended to also set
|
||||
@ -1538,7 +1538,7 @@
|
||||
* \def MBEDTLS_SSL_SESSION_TICKETS
|
||||
*
|
||||
* Enable support for RFC 5077 session tickets in SSL.
|
||||
* Client-side, provides full support for session tickets (maintainance of a
|
||||
* Client-side, provides full support for session tickets (maintenance of a
|
||||
* session store remains the responsibility of the application, though).
|
||||
* Server-side, you also need to provide callbacks for writing and parsing
|
||||
* tickets, including authenticated encryption and key management. Example
|
||||
@ -1704,7 +1704,7 @@
|
||||
*
|
||||
* \warning TLS-level compression MAY REDUCE SECURITY! See for example the
|
||||
* CRIME attack. Before enabling this option, you should examine with care if
|
||||
* CRIME or similar exploits may be a applicable to your use case.
|
||||
* CRIME or similar exploits may be applicable to your use case.
|
||||
*
|
||||
* \note Currently compression can't be used with DTLS.
|
||||
*
|
||||
@ -3016,7 +3016,7 @@
|
||||
//#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
|
||||
//#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use, can be undefined */
|
||||
/* Note: your snprintf must correclty zero-terminate the buffer! */
|
||||
/* Note: your snprintf must correctly zero-terminate the buffer! */
|
||||
//#define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS 0 /**< Default exit value to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE 1 /**< Default exit value to use, can be undefined */
|
||||
@ -3033,7 +3033,7 @@
|
||||
//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
|
||||
//#define MBEDTLS_PLATFORM_FPRINTF_MACRO fprintf /**< Default fprintf macro to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_PRINTF_MACRO printf /**< Default printf macro to use, can be undefined */
|
||||
/* Note: your snprintf must correclty zero-terminate the buffer! */
|
||||
/* Note: your snprintf must correctly zero-terminate the buffer! */
|
||||
//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf /**< Default snprintf macro to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
|
||||
//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
|
||||
|
@ -82,7 +82,7 @@ extern "C" {
|
||||
*/
|
||||
typedef struct mbedtls_hmac_drbg_context
|
||||
{
|
||||
/* Working state: the key K is not stored explicitely,
|
||||
/* Working state: the key K is not stored explicitly,
|
||||
* but is implied by the HMAC context */
|
||||
mbedtls_md_context_t md_ctx; /*!< HMAC context (inc. K) */
|
||||
unsigned char V[MBEDTLS_MD_MAX_SIZE]; /*!< V in the spec */
|
||||
|
@ -150,13 +150,13 @@ mbedtls_rsa_context;
|
||||
* \note The choice of padding mode is strictly enforced for private key
|
||||
* operations, since there might be security concerns in
|
||||
* mixing padding modes. For public key operations it is
|
||||
* a default value, which can be overriden by calling specific
|
||||
* a default value, which can be overridden by calling specific
|
||||
* \c rsa_rsaes_xxx or \c rsa_rsassa_xxx functions.
|
||||
*
|
||||
* \note The hash selected in \p hash_id is always used for OEAP
|
||||
* encryption. For PSS signatures, it is always used for
|
||||
* making signatures, but can be overriden for verifying them.
|
||||
* If set to #MBEDTLS_MD_NONE, it is always overriden.
|
||||
* making signatures, but can be overridden for verifying them.
|
||||
* If set to #MBEDTLS_MD_NONE, it is always overridden.
|
||||
*
|
||||
* \param ctx The RSA context to initialize. This must not be \c NULL.
|
||||
* \param padding The padding mode to use. This must be either
|
||||
|
@ -2033,7 +2033,7 @@ void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
|
||||
* provision more than one cert/key pair (eg one ECDSA, one
|
||||
* RSA with SHA-256, one RSA with SHA-1). An adequate
|
||||
* certificate will be selected according to the client's
|
||||
* advertised capabilities. In case mutliple certificates are
|
||||
* advertised capabilities. In case multiple certificates are
|
||||
* adequate, preference is given to the one set by the first
|
||||
* call to this function, then second, etc.
|
||||
*
|
||||
@ -3200,7 +3200,7 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl );
|
||||
* mbedtls_ssl_config_defaults() or mbedtls_ssl_config_free().
|
||||
*
|
||||
* \note You need to call mbedtls_ssl_config_defaults() unless you
|
||||
* manually set all of the relevent fields yourself.
|
||||
* manually set all of the relevant fields yourself.
|
||||
*
|
||||
* \param conf SSL configuration context
|
||||
*/
|
||||
|
@ -117,14 +117,14 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
|
||||
/**
|
||||
* \brief Implementation of the ticket write callback
|
||||
*
|
||||
* \note See \c mbedlts_ssl_ticket_write_t for description
|
||||
* \note See \c mbedtls_ssl_ticket_write_t for description
|
||||
*/
|
||||
mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write;
|
||||
|
||||
/**
|
||||
* \brief Implementation of the ticket parse callback
|
||||
*
|
||||
* \note See \c mbedlts_ssl_ticket_parse_t for description
|
||||
* \note See \c mbedtls_ssl_ticket_parse_t for description
|
||||
*/
|
||||
mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
|
||||
|
||||
|
@ -77,7 +77,7 @@
|
||||
#define MBEDTLS_ERR_X509_ALLOC_FAILED -0x2880 /**< Allocation of memory failed. */
|
||||
#define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */
|
||||
#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /**< Destination buffer is too small. */
|
||||
#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occured, eg the chain is too long or the vrfy callback failed. */
|
||||
#define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 /**< A fatal error occurred, eg the chain is too long or the vrfy callback failed. */
|
||||
/* \} name */
|
||||
|
||||
/**
|
||||
@ -250,7 +250,7 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se
|
||||
*
|
||||
* \param to mbedtls_x509_time to check
|
||||
*
|
||||
* \return 1 if the given time is in the past or an error occured,
|
||||
* \return 1 if the given time is in the past or an error occurred,
|
||||
* 0 otherwise.
|
||||
*/
|
||||
int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
|
||||
@ -264,7 +264,7 @@ int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
|
||||
*
|
||||
* \param from mbedtls_x509_time to check
|
||||
*
|
||||
* \return 1 if the given time is in the future or an error occured,
|
||||
* \return 1 if the given time is in the future or an error occurred,
|
||||
* 0 otherwise.
|
||||
*/
|
||||
int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
|
||||
|
@ -111,7 +111,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
|
||||
/**
|
||||
* \brief Parse one or more CRLs and append them to the chained list
|
||||
*
|
||||
* \note Mutliple CRLs are accepted only if using PEM format
|
||||
* \note Multiple CRLs are accepted only if using PEM format
|
||||
*
|
||||
* \param chain points to the start of the chain
|
||||
* \param buf buffer holding the CRL data in PEM or DER format
|
||||
@ -126,7 +126,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s
|
||||
/**
|
||||
* \brief Load one or more CRLs and append them to the chained list
|
||||
*
|
||||
* \note Mutliple CRLs are accepted only if using PEM format
|
||||
* \note Multiple CRLs are accepted only if using PEM format
|
||||
*
|
||||
* \param chain points to the start of the chain
|
||||
* \param path filename to read the CRLs from (in PEM or DER encoding)
|
||||
|
@ -39,7 +39,7 @@ SOEXT_TLS=so.12
|
||||
SOEXT_X509=so.0
|
||||
SOEXT_CRYPTO=so.3
|
||||
|
||||
# Set AR_DASH= (empty string) to use an ar implentation that does not accept
|
||||
# Set AR_DASH= (empty string) to use an ar implementation that does not accept
|
||||
# the - prefix for command line options (e.g. llvm-ar)
|
||||
AR_DASH ?= -
|
||||
|
||||
|
@ -951,7 +951,7 @@ static const unsigned char ecjpake_test_pms[] = {
|
||||
0xb4, 0x38, 0xf7, 0x19, 0xd3, 0xc4, 0xf3, 0x51
|
||||
};
|
||||
|
||||
/* Load my private keys and generate the correponding public keys */
|
||||
/* Load my private keys and generate the corresponding public keys */
|
||||
static int ecjpake_test_load( mbedtls_ecjpake_context *ctx,
|
||||
const unsigned char *xm1, size_t len1,
|
||||
const unsigned char *xm2, size_t len2 )
|
||||
|
@ -567,7 +567,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
||||
if( use_ret == -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL) )
|
||||
mbedtls_snprintf( buf, buflen, "X509 - Destination buffer is too small" );
|
||||
if( use_ret == -(MBEDTLS_ERR_X509_FATAL_ERROR) )
|
||||
mbedtls_snprintf( buf, buflen, "X509 - A fatal error occured, eg the chain is too long or the vrfy callback failed" );
|
||||
mbedtls_snprintf( buf, buflen, "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed" );
|
||||
#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
|
||||
// END generated code
|
||||
|
||||
|
@ -1449,7 +1449,7 @@ read_record_header:
|
||||
*/
|
||||
|
||||
/*
|
||||
* Minimal length (with everything empty and extensions ommitted) is
|
||||
* Minimal length (with everything empty and extensions omitted) is
|
||||
* 2 + 32 + 1 + 2 + 1 = 38 bytes. Check that first, so that we can
|
||||
* read at least up to session id length without worrying.
|
||||
*/
|
||||
|
@ -2606,7 +2606,7 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
|
||||
}
|
||||
|
||||
/*
|
||||
* A record can't be split accross datagrams. If we need to read but
|
||||
* A record can't be split across datagrams. If we need to read but
|
||||
* are not at the beginning of a new record, the caller did something
|
||||
* wrong.
|
||||
*/
|
||||
|
@ -116,7 +116,7 @@ int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
|
||||
}
|
||||
|
||||
/*
|
||||
* Parse an algorithm identifier with (optional) paramaters
|
||||
* Parse an algorithm identifier with (optional) parameters
|
||||
*/
|
||||
int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
|
||||
mbedtls_x509_buf *alg, mbedtls_x509_buf *params )
|
||||
|
@ -2237,7 +2237,7 @@ static int x509_crt_check_ee_locally_trusted(
|
||||
* Tests for (aspects of) this function should include at least:
|
||||
* - trusted EE
|
||||
* - EE -> trusted root
|
||||
* - EE -> intermedate CA -> trusted root
|
||||
* - EE -> intermediate CA -> trusted root
|
||||
* - if relevant: EE untrusted
|
||||
* - if relevant: EE -> intermediate, untrusted
|
||||
* with the aspect under test checked at each relevant level (EE, int, root).
|
||||
|
@ -21,7 +21,7 @@ FAILED=0
|
||||
SKIPPED=0
|
||||
SRVMEM=0
|
||||
|
||||
# default commands, can be overriden by the environment
|
||||
# default commands, can be overridden by the environment
|
||||
: ${M_SRV:=../programs/ssl/ssl_server2}
|
||||
: ${M_CLI:=../programs/ssl/ssl_client2}
|
||||
: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
|
||||
|
@ -120,7 +120,7 @@ pre_initialize_variables () {
|
||||
FORCE=0
|
||||
KEEP_GOING=0
|
||||
|
||||
# Default commands, can be overriden by the environment
|
||||
# Default commands, can be overridden by the environment
|
||||
: ${OPENSSL:="openssl"}
|
||||
: ${OPENSSL_LEGACY:="$OPENSSL"}
|
||||
: ${OPENSSL_NEXT:="$OPENSSL"}
|
||||
|
@ -17,7 +17,7 @@
|
||||
# seem to be a mechanism to reliably check whether the zeroize calls are being
|
||||
# eliminated by compiler optimizations from within the compiled program. The
|
||||
# problem is that a compiler would typically remove what it considers to be
|
||||
# "unecessary" assignments as part of redundant code elimination. To identify
|
||||
# "unnecessary" assignments as part of redundant code elimination. To identify
|
||||
# such code, the compilar will create some form dependency graph between
|
||||
# reads and writes to variables (among other situations). It will then use this
|
||||
# data structure to remove redundant code that does not have an impact on the
|
||||
|
@ -26,7 +26,7 @@ if cd $( dirname $0 ); then :; else
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# default values, can be overriden by the environment
|
||||
# default values, can be overridden by the environment
|
||||
: ${P_SRV:=../programs/ssl/ssl_server2}
|
||||
: ${P_CLI:=../programs/ssl/ssl_client2}
|
||||
: ${P_PXY:=../programs/test/udp_proxy}
|
||||
@ -671,7 +671,7 @@ run_test() {
|
||||
|
||||
# The filtering in the following two options (-u and -U) do the following
|
||||
# - ignore valgrind output
|
||||
# - filter out everything but lines right after the pattern occurances
|
||||
# - filter out everything but lines right after the pattern occurrences
|
||||
# - keep one of each non-unique line
|
||||
# - count how many lines remain
|
||||
# A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1
|
||||
@ -2740,7 +2740,7 @@ run_test "Authentication: server max_int chain, client default" \
|
||||
key_file=data_files/dir-maxpath/09.key" \
|
||||
"$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
|
||||
0 \
|
||||
-C "X509 - A fatal error occured"
|
||||
-C "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: server max_int+1 chain, client default" \
|
||||
@ -2748,7 +2748,7 @@ run_test "Authentication: server max_int+1 chain, client default" \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
"$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
|
||||
1 \
|
||||
-c "X509 - A fatal error occured"
|
||||
-c "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: server max_int+1 chain, client optional" \
|
||||
@ -2757,7 +2757,7 @@ run_test "Authentication: server max_int+1 chain, client optional" \
|
||||
"$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
|
||||
auth_mode=optional" \
|
||||
1 \
|
||||
-c "X509 - A fatal error occured"
|
||||
-c "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: server max_int+1 chain, client none" \
|
||||
@ -2766,7 +2766,7 @@ run_test "Authentication: server max_int+1 chain, client none" \
|
||||
"$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
|
||||
auth_mode=none" \
|
||||
0 \
|
||||
-C "X509 - A fatal error occured"
|
||||
-C "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: client max_int+1 chain, server default" \
|
||||
@ -2774,7 +2774,7 @@ run_test "Authentication: client max_int+1 chain, server default" \
|
||||
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
0 \
|
||||
-S "X509 - A fatal error occured"
|
||||
-S "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: client max_int+1 chain, server optional" \
|
||||
@ -2782,7 +2782,7 @@ run_test "Authentication: client max_int+1 chain, server optional" \
|
||||
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
1 \
|
||||
-s "X509 - A fatal error occured"
|
||||
-s "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: client max_int+1 chain, server required" \
|
||||
@ -2790,7 +2790,7 @@ run_test "Authentication: client max_int+1 chain, server required" \
|
||||
"$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
|
||||
key_file=data_files/dir-maxpath/10.key" \
|
||||
1 \
|
||||
-s "X509 - A fatal error occured"
|
||||
-s "X509 - A fatal error occurred"
|
||||
|
||||
requires_full_size_output_buffer
|
||||
run_test "Authentication: client max_int chain, server required" \
|
||||
@ -2798,7 +2798,7 @@ run_test "Authentication: client max_int chain, server required" \
|
||||
"$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
|
||||
key_file=data_files/dir-maxpath/09.key" \
|
||||
0 \
|
||||
-S "X509 - A fatal error occured"
|
||||
-S "X509 - A fatal error occurred"
|
||||
|
||||
# Tests for CA list in CertificateRequest messages
|
||||
|
||||
|
@ -41,7 +41,7 @@ ccm_lengths:5:10:5:18:MBEDTLS_ERR_CCM_BAD_INPUT
|
||||
CCM lengths #6 tag length not even
|
||||
ccm_lengths:5:10:5:7:MBEDTLS_ERR_CCM_BAD_INPUT
|
||||
|
||||
CCM lenghts #7 AD too long (2^16 - 2^8 + 1)
|
||||
CCM lengths #7 AD too long (2^16 - 2^8 + 1)
|
||||
depends_on:!MBEDTLS_CCM_ALT
|
||||
ccm_lengths:5:10:65281:8:MBEDTLS_ERR_CCM_BAD_INPUT
|
||||
|
||||
|
@ -351,7 +351,7 @@ void ecdh_restart( int id, char *dA_str, char *dB_str, char *z_str,
|
||||
mbedtls_ecdh_enable_restart( &cli );
|
||||
}
|
||||
|
||||
/* server writes its paramaters */
|
||||
/* server writes its parameters */
|
||||
memset( buf, 0x00, sizeof( buf ) );
|
||||
len = 0;
|
||||
|
||||
|
@ -30,7 +30,7 @@ void mbedtls_nist_kw_mix_contexts( )
|
||||
memset( key, 0, sizeof( key ) );
|
||||
|
||||
/*
|
||||
* 1. Check wrap and unwrap with two seperate contexts
|
||||
* 1. Check wrap and unwrap with two separate contexts
|
||||
*/
|
||||
mbedtls_nist_kw_init( &ctx1 );
|
||||
mbedtls_nist_kw_init( &ctx2 );
|
||||
|
@ -478,7 +478,7 @@ mbedtls_rsa_import:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bb
|
||||
RSA Import (N,-,-,D,E)
|
||||
mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:1:0:0
|
||||
|
||||
RSA Import (N,-,-,D,E), succesive
|
||||
RSA Import (N,-,-,D,E), successive
|
||||
mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1:0:0
|
||||
|
||||
RSA Import (N,P,Q,-,E)
|
||||
@ -565,7 +565,7 @@ mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7
|
||||
RSA Export (N,-,-,D,E)
|
||||
mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:0
|
||||
|
||||
RSA Export (N,-,-,D,E), succesive
|
||||
RSA Export (N,-,-,D,E), successive
|
||||
mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1
|
||||
|
||||
RSA Export (N,P,Q,-,E)
|
||||
@ -586,7 +586,7 @@ mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f
|
||||
RSA Export Raw (N,-,-,D,E)
|
||||
mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:0
|
||||
|
||||
RSA Export Raw (N,-,-,D,E), succesive
|
||||
RSA Export Raw (N,-,-,D,E), successive
|
||||
mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:1
|
||||
|
||||
RSA Export Raw (N,P,Q,-,E)
|
||||
|
Loading…
Reference in New Issue
Block a user