You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by st...@apache.org on 2016/09/28 00:43:29 UTC
[03/51] [abbrv] [partial] incubator-mynewt-core git commit: directory
re-org, part 1
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/0216c73e/libs/mbedtls/include/mbedtls/ctr_drbg.h
----------------------------------------------------------------------
diff --git a/libs/mbedtls/include/mbedtls/ctr_drbg.h b/libs/mbedtls/include/mbedtls/ctr_drbg.h
deleted file mode 100644
index 059d3c5..0000000
--- a/libs/mbedtls/include/mbedtls/ctr_drbg.h
+++ /dev/null
@@ -1,290 +0,0 @@
-/**
- * \file ctr_drbg.h
- *
- * \brief CTR_DRBG based on AES-256 (NIST SP 800-90)
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-#ifndef MBEDTLS_CTR_DRBG_H
-#define MBEDTLS_CTR_DRBG_H
-
-#include "aes.h"
-
-#if defined(MBEDTLS_THREADING_C)
-#include "mbedtls/threading.h"
-#endif
-
-#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */
-#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< Too many random requested in single call. */
-#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< Input too large (Entropy + additional). */
-#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read/write error in file. */
-
-#define MBEDTLS_CTR_DRBG_BLOCKSIZE 16 /**< Block size used by the cipher */
-#define MBEDTLS_CTR_DRBG_KEYSIZE 32 /**< Key size used by the cipher */
-#define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 )
-#define MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE )
- /**< The seed length (counter + AES key) */
-
-/**
- * \name SECTION: Module settings
- *
- * The configuration options you can set for this module are in this section.
- * Either change them in config.h or define them on the compiler command line.
- * \{
- */
-
-#if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
-#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
-#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
-#else
-#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
-#endif
-#endif
-
-#if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
-#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
-#endif
-
-#if !defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
-#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
-#endif
-
-#if !defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
-#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
-#endif
-
-#if !defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
-#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
-#endif
-
-/* \} name SECTION: Module settings */
-
-#define MBEDTLS_CTR_DRBG_PR_OFF 0 /**< No prediction resistance */
-#define MBEDTLS_CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief CTR_DRBG context structure
- */
-typedef struct
-{
- unsigned char counter[16]; /*!< counter (V) */
- int reseed_counter; /*!< reseed counter */
- int prediction_resistance; /*!< enable prediction resistance (Automatic
- reseed before every random generation) */
- size_t entropy_len; /*!< amount of entropy grabbed on each
- (re)seed */
- int reseed_interval; /*!< reseed interval */
-
- mbedtls_aes_context aes_ctx; /*!< AES context */
-
- /*
- * Callbacks (Entropy)
- */
- int (*f_entropy)(void *, unsigned char *, size_t);
-
- void *p_entropy; /*!< context for the entropy function */
-
-#if defined(MBEDTLS_THREADING_C)
- mbedtls_threading_mutex_t mutex;
-#endif
-}
-mbedtls_ctr_drbg_context;
-
-/**
- * \brief CTR_DRBG context initialization
- * Makes the context ready for mbedtls_ctr_drbg_seed() or
- * mbedtls_ctr_drbg_free().
- *
- * \param ctx CTR_DRBG context to be initialized
- */
-void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
-
-/**
- * \brief CTR_DRBG initial seeding
- * Seed and setup entropy source for future reseeds.
- *
- * Note: Personalization data can be provided in addition to the more generic
- * entropy source to make this instantiation as unique as possible.
- *
- * \param ctx CTR_DRBG context to be seeded
- * \param f_entropy Entropy callback (p_entropy, buffer to fill, buffer
- * length)
- * \param p_entropy Entropy context
- * \param custom Personalization data (Device specific identifiers)
- * (Can be NULL)
- * \param len Length of personalization data
- *
- * \return 0 if successful, or
- * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
- */
-int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
- int (*f_entropy)(void *, unsigned char *, size_t),
- void *p_entropy,
- const unsigned char *custom,
- size_t len );
-
-/**
- * \brief Clear CTR_CRBG context data
- *
- * \param ctx CTR_DRBG context to clear
- */
-void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx );
-
-/**
- * \brief Enable / disable prediction resistance (Default: Off)
- *
- * Note: If enabled, entropy is used for ctx->entropy_len before each call!
- * Only use this if you have ample supply of good entropy!
- *
- * \param ctx CTR_DRBG context
- * \param resistance MBEDTLS_CTR_DRBG_PR_ON or MBEDTLS_CTR_DRBG_PR_OFF
- */
-void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
- int resistance );
-
-/**
- * \brief Set the amount of entropy grabbed on each (re)seed
- * (Default: MBEDTLS_CTR_DRBG_ENTROPY_LEN)
- *
- * \param ctx CTR_DRBG context
- * \param len Amount of entropy to grab
- */
-void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
- size_t len );
-
-/**
- * \brief Set the reseed interval
- * (Default: MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
- *
- * \param ctx CTR_DRBG context
- * \param interval Reseed interval
- */
-void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
- int interval );
-
-/**
- * \brief CTR_DRBG reseeding (extracts data from entropy source)
- *
- * \param ctx CTR_DRBG context
- * \param additional Additional data to add to state (Can be NULL)
- * \param len Length of additional data
- *
- * \return 0 if successful, or
- * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
- */
-int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
- const unsigned char *additional, size_t len );
-
-/**
- * \brief CTR_DRBG update state
- *
- * \param ctx CTR_DRBG context
- * \param additional Additional data to update state with
- * \param add_len Length of additional data
- *
- * \note If add_len is greater than MBEDTLS_CTR_DRBG_MAX_SEED_INPUT,
- * only the first MBEDTLS_CTR_DRBG_MAX_SEED_INPUT bytes are used,
- * the remaining ones are silently discarded.
- */
-void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
- const unsigned char *additional, size_t add_len );
-
-/**
- * \brief CTR_DRBG generate random with additional update input
- *
- * Note: Automatically reseeds if reseed_counter is reached.
- *
- * \param p_rng CTR_DRBG context
- * \param output Buffer to fill
- * \param output_len Length of the buffer
- * \param additional Additional data to update with (Can be NULL)
- * \param add_len Length of additional data
- *
- * \return 0 if successful, or
- * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or
- * MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG
- */
-int mbedtls_ctr_drbg_random_with_add( void *p_rng,
- unsigned char *output, size_t output_len,
- const unsigned char *additional, size_t add_len );
-
-/**
- * \brief CTR_DRBG generate random
- *
- * Note: Automatically reseeds if reseed_counter is reached.
- *
- * \param p_rng CTR_DRBG context
- * \param output Buffer to fill
- * \param output_len Length of the buffer
- *
- * \return 0 if successful, or
- * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or
- * MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG
- */
-int mbedtls_ctr_drbg_random( void *p_rng,
- unsigned char *output, size_t output_len );
-
-#if defined(MBEDTLS_FS_IO)
-/**
- * \brief Write a seed file
- *
- * \param ctx CTR_DRBG context
- * \param path Name of the file
- *
- * \return 0 if successful,
- * MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error, or
- * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
- */
-int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
-
-/**
- * \brief Read and update a seed file. Seed is added to this
- * instance
- *
- * \param ctx CTR_DRBG context
- * \param path Name of the file
- *
- * \return 0 if successful,
- * MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error,
- * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
- * MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG
- */
-int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
-#endif /* MBEDTLS_FS_IO */
-
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- */
-int mbedtls_ctr_drbg_self_test( int verbose );
-
-/* Internal functions (do not call directly) */
-int mbedtls_ctr_drbg_seed_entropy_len( mbedtls_ctr_drbg_context *,
- int (*)(void *, unsigned char *, size_t), void *,
- const unsigned char *, size_t, size_t );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* ctr_drbg.h */
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/0216c73e/libs/mbedtls/include/mbedtls/debug.h
----------------------------------------------------------------------
diff --git a/libs/mbedtls/include/mbedtls/debug.h b/libs/mbedtls/include/mbedtls/debug.h
deleted file mode 100644
index d859dd5..0000000
--- a/libs/mbedtls/include/mbedtls/debug.h
+++ /dev/null
@@ -1,125 +0,0 @@
-/**
- * \file debug.h
- *
- * \brief Debug functions
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-#ifndef MBEDTLS_DEBUG_H
-#define MBEDTLS_DEBUG_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "ssl.h"
-
-#if defined(MBEDTLS_ECP_C)
-#include "ecp.h"
-#endif
-
-#if defined(MBEDTLS_DEBUG_C)
-
-#define MBEDTLS_DEBUG_STRIP_PARENS( ... ) __VA_ARGS__
-
-#define MBEDTLS_SSL_DEBUG_MSG( level, args ) \
- mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__, \
- MBEDTLS_DEBUG_STRIP_PARENS args )
-
-#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) \
- mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret )
-
-#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) \
- mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len )
-
-#if defined(MBEDTLS_BIGNUM_C)
-#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) \
- mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X )
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) \
- mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X )
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \
- mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt )
-#endif
-
-#else /* MBEDTLS_DEBUG_C */
-
-#define MBEDTLS_SSL_DEBUG_MSG( level, args ) do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
-
-#endif /* MBEDTLS_DEBUG_C */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief Set the level threshold to handle globally. Messages that have a
- * level over the threshold value are ignored.
- * (Default value: 0 (No debug))
- *
- * \param threshold maximum level of messages to pass on
- */
-void mbedtls_debug_set_threshold( int threshold );
-
-void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *format, ... );
-
-void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *text, int ret );
-
-void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line, const char *text,
- const unsigned char *buf, size_t len );
-
-#if defined(MBEDTLS_BIGNUM_C)
-void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *text, const mbedtls_mpi *X );
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *text, const mbedtls_ecp_point *X );
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
- const char *file, int line,
- const char *text, const mbedtls_x509_crt *crt );
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* debug.h */
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/0216c73e/libs/mbedtls/include/mbedtls/des.h
----------------------------------------------------------------------
diff --git a/libs/mbedtls/include/mbedtls/des.h b/libs/mbedtls/include/mbedtls/des.h
deleted file mode 100644
index 5ca2ecf..0000000
--- a/libs/mbedtls/include/mbedtls/des.h
+++ /dev/null
@@ -1,306 +0,0 @@
-/**
- * \file des.h
- *
- * \brief DES block cipher
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-#ifndef MBEDTLS_DES_H
-#define MBEDTLS_DES_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#define MBEDTLS_DES_ENCRYPT 1
-#define MBEDTLS_DES_DECRYPT 0
-
-#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */
-
-#define MBEDTLS_DES_KEY_SIZE 8
-
-#if !defined(MBEDTLS_DES_ALT)
-// Regular implementation
-//
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief DES context structure
- */
-typedef struct
-{
- uint32_t sk[32]; /*!< DES subkeys */
-}
-mbedtls_des_context;
-
-/**
- * \brief Triple-DES context structure
- */
-typedef struct
-{
- uint32_t sk[96]; /*!< 3DES subkeys */
-}
-mbedtls_des3_context;
-
-/**
- * \brief Initialize DES context
- *
- * \param ctx DES context to be initialized
- */
-void mbedtls_des_init( mbedtls_des_context *ctx );
-
-/**
- * \brief Clear DES context
- *
- * \param ctx DES context to be cleared
- */
-void mbedtls_des_free( mbedtls_des_context *ctx );
-
-/**
- * \brief Initialize Triple-DES context
- *
- * \param ctx DES3 context to be initialized
- */
-void mbedtls_des3_init( mbedtls_des3_context *ctx );
-
-/**
- * \brief Clear Triple-DES context
- *
- * \param ctx DES3 context to be cleared
- */
-void mbedtls_des3_free( mbedtls_des3_context *ctx );
-
-/**
- * \brief Set key parity on the given key to odd.
- *
- * DES keys are 56 bits long, but each byte is padded with
- * a parity bit to allow verification.
- *
- * \param key 8-byte secret key
- */
-void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-
-/**
- * \brief Check that key parity on the given key is odd.
- *
- * DES keys are 56 bits long, but each byte is padded with
- * a parity bit to allow verification.
- *
- * \param key 8-byte secret key
- *
- * \return 0 is parity was ok, 1 if parity was not correct.
- */
-int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-
-/**
- * \brief Check that key is not a weak or semi-weak DES key
- *
- * \param key 8-byte secret key
- *
- * \return 0 if no weak key was found, 1 if a weak key was identified.
- */
-int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-
-/**
- * \brief DES key schedule (56-bit, encryption)
- *
- * \param ctx DES context to be initialized
- * \param key 8-byte secret key
- *
- * \return 0
- */
-int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-
-/**
- * \brief DES key schedule (56-bit, decryption)
- *
- * \param ctx DES context to be initialized
- * \param key 8-byte secret key
- *
- * \return 0
- */
-int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-
-/**
- * \brief Triple-DES key schedule (112-bit, encryption)
- *
- * \param ctx 3DES context to be initialized
- * \param key 16-byte secret key
- *
- * \return 0
- */
-int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
- const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
-
-/**
- * \brief Triple-DES key schedule (112-bit, decryption)
- *
- * \param ctx 3DES context to be initialized
- * \param key 16-byte secret key
- *
- * \return 0
- */
-int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
- const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
-
-/**
- * \brief Triple-DES key schedule (168-bit, encryption)
- *
- * \param ctx 3DES context to be initialized
- * \param key 24-byte secret key
- *
- * \return 0
- */
-int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
- const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
-
-/**
- * \brief Triple-DES key schedule (168-bit, decryption)
- *
- * \param ctx 3DES context to be initialized
- * \param key 24-byte secret key
- *
- * \return 0
- */
-int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
- const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
-
-/**
- * \brief DES-ECB block encryption/decryption
- *
- * \param ctx DES context
- * \param input 64-bit input block
- * \param output 64-bit output block
- *
- * \return 0 if successful
- */
-int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
- const unsigned char input[8],
- unsigned char output[8] );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/**
- * \brief DES-CBC buffer encryption/decryption
- *
- * \note Upon exit, the content of the IV is updated so that you can
- * call the function same function again on the following
- * block(s) of data and get the same result as if it was
- * encrypted in one call. This allows a "streaming" usage.
- * If on the other hand you need to retain the contents of the
- * IV, you should either save it manually or use the cipher
- * module instead.
- *
- * \param ctx DES context
- * \param mode MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
- * \param length length of the input data
- * \param iv initialization vector (updated after use)
- * \param input buffer holding the input data
- * \param output buffer holding the output data
- */
-int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[8],
- const unsigned char *input,
- unsigned char *output );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-/**
- * \brief 3DES-ECB block encryption/decryption
- *
- * \param ctx 3DES context
- * \param input 64-bit input block
- * \param output 64-bit output block
- *
- * \return 0 if successful
- */
-int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
- const unsigned char input[8],
- unsigned char output[8] );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/**
- * \brief 3DES-CBC buffer encryption/decryption
- *
- * \note Upon exit, the content of the IV is updated so that you can
- * call the function same function again on the following
- * block(s) of data and get the same result as if it was
- * encrypted in one call. This allows a "streaming" usage.
- * If on the other hand you need to retain the contents of the
- * IV, you should either save it manually or use the cipher
- * module instead.
- *
- * \param ctx 3DES context
- * \param mode MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
- * \param length length of the input data
- * \param iv initialization vector (updated after use)
- * \param input buffer holding the input data
- * \param output buffer holding the output data
- *
- * \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
- */
-int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[8],
- const unsigned char *input,
- unsigned char *output );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-/**
- * \brief Internal function for key expansion.
- * (Only exposed to allow overriding it,
- * see MBEDTLS_DES_SETKEY_ALT)
- *
- * \param SK Round keys
- * \param key Base key
- */
-void mbedtls_des_setkey( uint32_t SK[32],
- const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
-#ifdef __cplusplus
-}
-#endif
-
-#else /* MBEDTLS_DES_ALT */
-#include "des_alt.h"
-#endif /* MBEDTLS_DES_ALT */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- */
-int mbedtls_des_self_test( int verbose );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* des.h */
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/0216c73e/libs/mbedtls/include/mbedtls/dhm.h
----------------------------------------------------------------------
diff --git a/libs/mbedtls/include/mbedtls/dhm.h b/libs/mbedtls/include/mbedtls/dhm.h
deleted file mode 100644
index cd056d1..0000000
--- a/libs/mbedtls/include/mbedtls/dhm.h
+++ /dev/null
@@ -1,305 +0,0 @@
-/**
- * \file dhm.h
- *
- * \brief Diffie-Hellman-Merkle key exchange
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-#ifndef MBEDTLS_DHM_H
-#define MBEDTLS_DHM_H
-
-#include "bignum.h"
-
-/*
- * DHM Error codes
- */
-#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */
-#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
-#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
-#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
-#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */
-#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
-#define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */
-#define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */
-#define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */
-
-/**
- * RFC 3526 defines a number of standardized Diffie-Hellman groups
- * for IKE.
- * RFC 5114 defines a number of standardized Diffie-Hellman groups
- * that can be used.
- *
- * Some are included here for convenience.
- *
- * Included are:
- * RFC 3526 3. 2048-bit MODP Group
- * RFC 3526 4. 3072-bit MODP Group
- * RFC 3526 5. 4096-bit MODP Group
- * RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup
- */
-#define MBEDTLS_DHM_RFC3526_MODP_2048_P \
- "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
- "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
- "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
- "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
- "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
- "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
- "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
- "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \
- "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \
- "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
- "15728E5A8AACAA68FFFFFFFFFFFFFFFF"
-
-#define MBEDTLS_DHM_RFC3526_MODP_2048_G "02"
-
-#define MBEDTLS_DHM_RFC3526_MODP_3072_P \
- "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
- "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
- "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
- "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
- "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
- "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
- "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
- "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \
- "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \
- "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
- "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \
- "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \
- "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \
- "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \
- "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \
- "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"
-
-#define MBEDTLS_DHM_RFC3526_MODP_3072_G "02"
-
-#define MBEDTLS_DHM_RFC3526_MODP_4096_P \
- "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
- "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
- "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
- "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
- "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
- "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
- "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
- "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \
- "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \
- "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
- "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \
- "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \
- "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \
- "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \
- "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \
- "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" \
- "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" \
- "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" \
- "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" \
- "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" \
- "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" \
- "FFFFFFFFFFFFFFFF"
-
-#define MBEDTLS_DHM_RFC3526_MODP_4096_G "02"
-
-#define MBEDTLS_DHM_RFC5114_MODP_2048_P \
- "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \
- "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \
- "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \
- "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207" \
- "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708" \
- "B3BF8A317091883681286130BC8985DB1602E714415D9330" \
- "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D" \
- "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" \
- "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763" \
- "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \
- "CF9DE5384E71B81C0AC4DFFE0C10E64F"
-
-#define MBEDTLS_DHM_RFC5114_MODP_2048_G \
- "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\
- "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\
- "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"\
- "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"\
- "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"\
- "F180EB34118E98D119529A45D6F834566E3025E316A330EF"\
- "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"\
- "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"\
- "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"\
- "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"\
- "81BC087F2A7065B384B890D3191F2BFA"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief DHM context structure
- */
-typedef struct
-{
- size_t len; /*!< size(P) in chars */
- mbedtls_mpi P; /*!< prime modulus */
- mbedtls_mpi G; /*!< generator */
- mbedtls_mpi X; /*!< secret value */
- mbedtls_mpi GX; /*!< self = G^X mod P */
- mbedtls_mpi GY; /*!< peer = G^Y mod P */
- mbedtls_mpi K; /*!< key = GY^X mod P */
- mbedtls_mpi RP; /*!< cached R^2 mod P */
- mbedtls_mpi Vi; /*!< blinding value */
- mbedtls_mpi Vf; /*!< un-blinding value */
- mbedtls_mpi pX; /*!< previous X */
-}
-mbedtls_dhm_context;
-
-/**
- * \brief Initialize DHM context
- *
- * \param ctx DHM context to be initialized
- */
-void mbedtls_dhm_init( mbedtls_dhm_context *ctx );
-
-/**
- * \brief Parse the ServerKeyExchange parameters
- *
- * \param ctx DHM context
- * \param p &(start of input buffer)
- * \param end end of buffer
- *
- * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
- */
-int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
- unsigned char **p,
- const unsigned char *end );
-
-/**
- * \brief Setup and write the ServerKeyExchange parameters
- *
- * \param ctx DHM context
- * \param x_size private value size in bytes
- * \param output destination buffer
- * \param olen number of chars written
- * \param f_rng RNG function
- * \param p_rng RNG parameter
- *
- * \note This function assumes that ctx->P and ctx->G
- * have already been properly set (for example
- * using mbedtls_mpi_read_string or mbedtls_mpi_read_binary).
- *
- * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
- */
-int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
- unsigned char *output, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-/**
- * \brief Import the peer's public value G^Y
- *
- * \param ctx DHM context
- * \param input input buffer
- * \param ilen size of buffer
- *
- * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
- */
-int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
- const unsigned char *input, size_t ilen );
-
-/**
- * \brief Create own private value X and export G^X
- *
- * \param ctx DHM context
- * \param x_size private value size in bytes
- * \param output destination buffer
- * \param olen must be equal to ctx->P.len
- * \param f_rng RNG function
- * \param p_rng RNG parameter
- *
- * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
- */
-int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
- unsigned char *output, size_t olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-/**
- * \brief Derive and export the shared secret (G^Y)^X mod P
- *
- * \param ctx DHM context
- * \param output destination buffer
- * \param output_size size of the destination buffer
- * \param olen on exit, holds the actual number of bytes written
- * \param f_rng RNG function, for blinding purposes
- * \param p_rng RNG parameter
- *
- * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
- *
- * \note If non-NULL, f_rng is used to blind the input as
- * countermeasure against timing attacks. Blinding is
- * automatically used if and only if our secret value X is
- * re-used and costs nothing otherwise, so it is recommended
- * to always pass a non-NULL f_rng argument.
- */
-int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
- unsigned char *output, size_t output_size, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-/**
- * \brief Free and clear the components of a DHM key
- *
- * \param ctx DHM context to free and clear
- */
-void mbedtls_dhm_free( mbedtls_dhm_context *ctx );
-
-#if defined(MBEDTLS_ASN1_PARSE_C)
-/** \ingroup x509_module */
-/**
- * \brief Parse DHM parameters in PEM or DER format
- *
- * \param dhm DHM context to be initialized
- * \param dhmin input buffer
- * \param dhminlen size of the buffer
- * (including the terminating null byte for PEM data)
- *
- * \return 0 if successful, or a specific DHM or PEM error code
- */
-int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
- size_t dhminlen );
-
-#if defined(MBEDTLS_FS_IO)
-/** \ingroup x509_module */
-/**
- * \brief Load and parse DHM parameters
- *
- * \param dhm DHM context to be initialized
- * \param path filename to read the DHM Parameters from
- *
- * \return 0 if successful, or a specific DHM or PEM error code
- */
-int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
-#endif /* MBEDTLS_FS_IO */
-#endif /* MBEDTLS_ASN1_PARSE_C */
-
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- */
-int mbedtls_dhm_self_test( int verbose );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* dhm.h */
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/0216c73e/libs/mbedtls/include/mbedtls/ecdh.h
----------------------------------------------------------------------
diff --git a/libs/mbedtls/include/mbedtls/ecdh.h b/libs/mbedtls/include/mbedtls/ecdh.h
deleted file mode 100644
index 625a281..0000000
--- a/libs/mbedtls/include/mbedtls/ecdh.h
+++ /dev/null
@@ -1,214 +0,0 @@
-/**
- * \file ecdh.h
- *
- * \brief Elliptic curve Diffie-Hellman
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-#ifndef MBEDTLS_ECDH_H
-#define MBEDTLS_ECDH_H
-
-#include "ecp.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * When importing from an EC key, select if it is our key or the peer's key
- */
-typedef enum
-{
- MBEDTLS_ECDH_OURS,
- MBEDTLS_ECDH_THEIRS,
-} mbedtls_ecdh_side;
-
-/**
- * \brief ECDH context structure
- */
-typedef struct
-{
- mbedtls_ecp_group grp; /*!< elliptic curve used */
- mbedtls_mpi d; /*!< our secret value (private key) */
- mbedtls_ecp_point Q; /*!< our public value (public key) */
- mbedtls_ecp_point Qp; /*!< peer's public value (public key) */
- mbedtls_mpi z; /*!< shared secret */
- int point_format; /*!< format for point export in TLS messages */
- mbedtls_ecp_point Vi; /*!< blinding value (for later) */
- mbedtls_ecp_point Vf; /*!< un-blinding value (for later) */
- mbedtls_mpi _d; /*!< previous d (for later) */
-}
-mbedtls_ecdh_context;
-
-/**
- * \brief Generate a public key.
- * Raw function that only does the core computation.
- *
- * \param grp ECP group
- * \param d Destination MPI (secret exponent, aka private key)
- * \param Q Destination point (public key)
- * \param f_rng RNG function
- * \param p_rng RNG parameter
- *
- * \return 0 if successful,
- * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
- */
-int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-/**
- * \brief Compute shared secret
- * Raw function that only does the core computation.
- *
- * \param grp ECP group
- * \param z Destination MPI (shared secret)
- * \param Q Public key from other party
- * \param d Our secret exponent (private key)
- * \param f_rng RNG function (see notes)
- * \param p_rng RNG parameter
- *
- * \return 0 if successful,
- * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
- *
- * \note If f_rng is not NULL, it is used to implement
- * countermeasures against potential elaborate timing
- * attacks, see \c mbedtls_ecp_mul() for details.
- */
-int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
- const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-/**
- * \brief Initialize context
- *
- * \param ctx Context to initialize
- */
-void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
-
-/**
- * \brief Free context
- *
- * \param ctx Context to free
- */
-void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
-
-/**
- * \brief Generate a public key and a TLS ServerKeyExchange payload.
- * (First function used by a TLS server for ECDHE.)
- *
- * \param ctx ECDH context
- * \param olen number of chars written
- * \param buf destination buffer
- * \param blen length of buffer
- * \param f_rng RNG function
- * \param p_rng RNG parameter
- *
- * \note This function assumes that ctx->grp has already been
- * properly set (for example using mbedtls_ecp_group_load).
- *
- * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
- */
-int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
- unsigned char *buf, size_t blen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-/**
- * \brief Parse and procress a TLS ServerKeyExhange payload.
- * (First function used by a TLS client for ECDHE.)
- *
- * \param ctx ECDH context
- * \param buf pointer to start of input buffer
- * \param end one past end of buffer
- *
- * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
- */
-int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
- const unsigned char **buf, const unsigned char *end );
-
-/**
- * \brief Setup an ECDH context from an EC key.
- * (Used by clients and servers in place of the
- * ServerKeyEchange for static ECDH: import ECDH parameters
- * from a certificate's EC key information.)
- *
- * \param ctx ECDH constext to set
- * \param key EC key to use
- * \param side Is it our key (1) or the peer's key (0) ?
- *
- * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
- */
-int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key,
- mbedtls_ecdh_side side );
-
-/**
- * \brief Generate a public key and a TLS ClientKeyExchange payload.
- * (Second function used by a TLS client for ECDH(E).)
- *
- * \param ctx ECDH context
- * \param olen number of bytes actually written
- * \param buf destination buffer
- * \param blen size of destination buffer
- * \param f_rng RNG function
- * \param p_rng RNG parameter
- *
- * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
- */
-int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
- unsigned char *buf, size_t blen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-/**
- * \brief Parse and process a TLS ClientKeyExchange payload.
- * (Second function used by a TLS server for ECDH(E).)
- *
- * \param ctx ECDH context
- * \param buf start of input buffer
- * \param blen length of input buffer
- *
- * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
- */
-int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
- const unsigned char *buf, size_t blen );
-
-/**
- * \brief Derive and export the shared secret.
- * (Last function used by both TLS client en servers.)
- *
- * \param ctx ECDH context
- * \param olen number of bytes written
- * \param buf destination buffer
- * \param blen buffer length
- * \param f_rng RNG function, see notes for \c mbedtls_ecdh_compute_shared()
- * \param p_rng RNG parameter
- *
- * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
- */
-int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
- unsigned char *buf, size_t blen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* ecdh.h */
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/0216c73e/libs/mbedtls/include/mbedtls/ecdsa.h
----------------------------------------------------------------------
diff --git a/libs/mbedtls/include/mbedtls/ecdsa.h b/libs/mbedtls/include/mbedtls/ecdsa.h
deleted file mode 100644
index 52827d8..0000000
--- a/libs/mbedtls/include/mbedtls/ecdsa.h
+++ /dev/null
@@ -1,248 +0,0 @@
-/**
- * \file ecdsa.h
- *
- * \brief Elliptic curve DSA
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-#ifndef MBEDTLS_ECDSA_H
-#define MBEDTLS_ECDSA_H
-
-#include "ecp.h"
-#include "md.h"
-
-/*
- * RFC 4492 page 20:
- *
- * Ecdsa-Sig-Value ::= SEQUENCE {
- * r INTEGER,
- * s INTEGER
- * }
- *
- * Size is at most
- * 1 (tag) + 1 (len) + 1 (initial 0) + ECP_MAX_BYTES for each of r and s,
- * twice that + 1 (tag) + 2 (len) for the sequence
- * (assuming ECP_MAX_BYTES is less than 126 for r and s,
- * and less than 124 (total len <= 255) for the sequence)
- */
-#if MBEDTLS_ECP_MAX_BYTES > 124
-#error "MBEDTLS_ECP_MAX_BYTES bigger than expected, please fix MBEDTLS_ECDSA_MAX_LEN"
-#endif
-/** Maximum size of an ECDSA signature in bytes */
-#define MBEDTLS_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) )
-
-/**
- * \brief ECDSA context structure
- */
-typedef mbedtls_ecp_keypair mbedtls_ecdsa_context;
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief Compute ECDSA signature of a previously hashed message
- *
- * \note The deterministic version is usually prefered.
- *
- * \param grp ECP group
- * \param r First output integer
- * \param s Second output integer
- * \param d Private signing key
- * \param buf Message hash
- * \param blen Length of buf
- * \param f_rng RNG function
- * \param p_rng RNG parameter
- *
- * \return 0 if successful,
- * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
- */
-int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
- const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
-
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-/**
- * \brief Compute ECDSA signature of a previously hashed message,
- * deterministic version (RFC 6979).
- *
- * \param grp ECP group
- * \param r First output integer
- * \param s Second output integer
- * \param d Private signing key
- * \param buf Message hash
- * \param blen Length of buf
- * \param md_alg MD algorithm used to hash the message
- *
- * \return 0 if successful,
- * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
- */
-int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
- const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
- mbedtls_md_type_t md_alg );
-#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
-
-/**
- * \brief Verify ECDSA signature of a previously hashed message
- *
- * \param grp ECP group
- * \param buf Message hash
- * \param blen Length of buf
- * \param Q Public key to use for verification
- * \param r First integer of the signature
- * \param s Second integer of the signature
- *
- * \return 0 if successful,
- * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid
- * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
- */
-int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
- const unsigned char *buf, size_t blen,
- const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s);
-
-/**
- * \brief Compute ECDSA signature and write it to buffer,
- * serialized as defined in RFC 4492 page 20.
- * (Not thread-safe to use same context in multiple threads)
- *
- * \note The deterministice version (RFC 6979) is used if
- * MBEDTLS_ECDSA_DETERMINISTIC is defined.
- *
- * \param ctx ECDSA context
- * \param md_alg Algorithm that was used to hash the message
- * \param hash Message hash
- * \param hlen Length of hash
- * \param sig Buffer that will hold the signature
- * \param slen Length of the signature written
- * \param f_rng RNG function
- * \param p_rng RNG parameter
- *
- * \note The "sig" buffer must be at least as large as twice the
- * size of the curve used, plus 9 (eg. 73 bytes if a 256-bit
- * curve is used). MBEDTLS_ECDSA_MAX_LEN is always safe.
- *
- * \return 0 if successful,
- * or a MBEDTLS_ERR_ECP_XXX, MBEDTLS_ERR_MPI_XXX or
- * MBEDTLS_ERR_ASN1_XXX error code
- */
-int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg,
- const unsigned char *hash, size_t hlen,
- unsigned char *sig, size_t *slen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
-#if defined(MBEDTLS_DEPRECATED_WARNING)
-#define MBEDTLS_DEPRECATED __attribute__((deprecated))
-#else
-#define MBEDTLS_DEPRECATED
-#endif
-/**
- * \brief Compute ECDSA signature and write it to buffer,
- * serialized as defined in RFC 4492 page 20.
- * Deterministic version, RFC 6979.
- * (Not thread-safe to use same context in multiple threads)
- *
- * \deprecated Superseded by mbedtls_ecdsa_write_signature() in 2.0.0
- *
- * \param ctx ECDSA context
- * \param hash Message hash
- * \param hlen Length of hash
- * \param sig Buffer that will hold the signature
- * \param slen Length of the signature written
- * \param md_alg MD algorithm used to hash the message
- *
- * \note The "sig" buffer must be at least as large as twice the
- * size of the curve used, plus 9 (eg. 73 bytes if a 256-bit
- * curve is used). MBEDTLS_ECDSA_MAX_LEN is always safe.
- *
- * \return 0 if successful,
- * or a MBEDTLS_ERR_ECP_XXX, MBEDTLS_ERR_MPI_XXX or
- * MBEDTLS_ERR_ASN1_XXX error code
- */
-int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
- const unsigned char *hash, size_t hlen,
- unsigned char *sig, size_t *slen,
- mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED;
-#undef MBEDTLS_DEPRECATED
-#endif /* MBEDTLS_DEPRECATED_REMOVED */
-#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
-
-/**
- * \brief Read and verify an ECDSA signature
- *
- * \param ctx ECDSA context
- * \param hash Message hash
- * \param hlen Size of hash
- * \param sig Signature to read and verify
- * \param slen Size of sig
- *
- * \return 0 if successful,
- * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid,
- * MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH if the signature is
- * valid but its actual length is less than siglen,
- * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_ERR_MPI_XXX error code
- */
-int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
- const unsigned char *hash, size_t hlen,
- const unsigned char *sig, size_t slen );
-
-/**
- * \brief Generate an ECDSA keypair on the given curve
- *
- * \param ctx ECDSA context in which the keypair should be stored
- * \param gid Group (elliptic curve) to use. One of the various
- * MBEDTLS_ECP_DP_XXX macros depending on configuration.
- * \param f_rng RNG function
- * \param p_rng RNG parameter
- *
- * \return 0 on success, or a MBEDTLS_ERR_ECP_XXX code.
- */
-int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
- int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
-
-/**
- * \brief Set an ECDSA context from an EC key pair
- *
- * \param ctx ECDSA context to set
- * \param key EC key to use
- *
- * \return 0 on success, or a MBEDTLS_ERR_ECP_XXX code.
- */
-int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key );
-
-/**
- * \brief Initialize context
- *
- * \param ctx Context to initialize
- */
-void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx );
-
-/**
- * \brief Free context
- *
- * \param ctx Context to free
- */
-void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* ecdsa.h */
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/0216c73e/libs/mbedtls/include/mbedtls/ecjpake.h
----------------------------------------------------------------------
diff --git a/libs/mbedtls/include/mbedtls/ecjpake.h b/libs/mbedtls/include/mbedtls/ecjpake.h
deleted file mode 100644
index b7b6160..0000000
--- a/libs/mbedtls/include/mbedtls/ecjpake.h
+++ /dev/null
@@ -1,238 +0,0 @@
-/**
- * \file ecjpake.h
- *
- * \brief Elliptic curve J-PAKE
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
-#ifndef MBEDTLS_ECJPAKE_H
-#define MBEDTLS_ECJPAKE_H
-
-/*
- * J-PAKE is a password-authenticated key exchange that allows deriving a
- * strong shared secret from a (potentially low entropy) pre-shared
- * passphrase, with forward secrecy and mutual authentication.
- * https://en.wikipedia.org/wiki/Password_Authenticated_Key_Exchange_by_Juggling
- *
- * This file implements the Elliptic Curve variant of J-PAKE,
- * as defined in Chapter 7.4 of the Thread v1.0 Specification,
- * available to members of the Thread Group http://threadgroup.org/
- *
- * As the J-PAKE algorithm is inherently symmetric, so is our API.
- * Each party needs to send its first round message, in any order, to the
- * other party, then each sends its second round message, in any order.
- * The payloads are serialized in a way suitable for use in TLS, but could
- * also be use outside TLS.
- */
-
-#include "ecp.h"
-#include "md.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * Roles in the EC J-PAKE exchange
- */
-typedef enum {
- MBEDTLS_ECJPAKE_CLIENT = 0, /**< Client */
- MBEDTLS_ECJPAKE_SERVER, /**< Server */
-} mbedtls_ecjpake_role;
-
-/**
- * EC J-PAKE context structure.
- *
- * J-PAKE is a symmetric protocol, except for the identifiers used in
- * Zero-Knowledge Proofs, and the serialization of the second message
- * (KeyExchange) as defined by the Thread spec.
- *
- * In order to benefit from this symmetry, we choose a different naming
- * convetion from the Thread v1.0 spec. Correspondance is indicated in the
- * description as a pair C: client name, S: server name
- */
-typedef struct
-{
- const mbedtls_md_info_t *md_info; /**< Hash to use */
- mbedtls_ecp_group grp; /**< Elliptic curve */
- mbedtls_ecjpake_role role; /**< Are we client or server? */
- int point_format; /**< Format for point export */
-
- mbedtls_ecp_point Xm1; /**< My public key 1 C: X1, S: X3 */
- mbedtls_ecp_point Xm2; /**< My public key 2 C: X2, S: X4 */
- mbedtls_ecp_point Xp1; /**< Peer public key 1 C: X3, S: X1 */
- mbedtls_ecp_point Xp2; /**< Peer public key 2 C: X4, S: X2 */
- mbedtls_ecp_point Xp; /**< Peer public key C: Xs, S: Xc */
-
- mbedtls_mpi xm1; /**< My private key 1 C: x1, S: x3 */
- mbedtls_mpi xm2; /**< My private key 2 C: x2, S: x4 */
-
- mbedtls_mpi s; /**< Pre-shared secret (passphrase) */
-} mbedtls_ecjpake_context;
-
-/**
- * \brief Initialize a context
- * (just makes it ready for setup() or free()).
- *
- * \param ctx context to initialize
- */
-void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx );
-
-/**
- * \brief Set up a context for use
- *
- * \note Currently the only values for hash/curve allowed by the
- * standard are MBEDTLS_MD_SHA256/MBEDTLS_ECP_DP_SECP256R1.
- *
- * \param ctx context to set up
- * \param role Our role: client or server
- * \param hash hash function to use (MBEDTLS_MD_XXX)
- * \param curve elliptic curve identifier (MBEDTLS_ECP_DP_XXX)
- * \param secret pre-shared secret (passphrase)
- * \param len length of the shared secret
- *
- * \return 0 if successfull,
- * a negative error code otherwise
- */
-int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
- mbedtls_ecjpake_role role,
- mbedtls_md_type_t hash,
- mbedtls_ecp_group_id curve,
- const unsigned char *secret,
- size_t len );
-
-/*
- * \brief Check if a context is ready for use
- *
- * \param ctx Context to check
- *
- * \return 0 if the context is ready for use,
- * MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise
- */
-int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx );
-
-/**
- * \brief Generate and write the first round message
- * (TLS: contents of the Client/ServerHello extension,
- * excluding extension type and length bytes)
- *
- * \param ctx Context to use
- * \param buf Buffer to write the contents to
- * \param len Buffer size
- * \param olen Will be updated with the number of bytes written
- * \param f_rng RNG function
- * \param p_rng RNG parameter
- *
- * \return 0 if successfull,
- * a negative error code otherwise
- */
-int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
- unsigned char *buf, size_t len, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-/**
- * \brief Read and process the first round message
- * (TLS: contents of the Client/ServerHello extension,
- * excluding extension type and length bytes)
- *
- * \param ctx Context to use
- * \param buf Pointer to extension contents
- * \param len Extension length
- *
- * \return 0 if successfull,
- * a negative error code otherwise
- */
-int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
- const unsigned char *buf,
- size_t len );
-
-/**
- * \brief Generate and write the second round message
- * (TLS: contents of the Client/ServerKeyExchange)
- *
- * \param ctx Context to use
- * \param buf Buffer to write the contents to
- * \param len Buffer size
- * \param olen Will be updated with the number of bytes written
- * \param f_rng RNG function
- * \param p_rng RNG parameter
- *
- * \return 0 if successfull,
- * a negative error code otherwise
- */
-int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
- unsigned char *buf, size_t len, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-/**
- * \brief Read and process the second round message
- * (TLS: contents of the Client/ServerKeyExchange)
- *
- * \param ctx Context to use
- * \param buf Pointer to the message
- * \param len Message length
- *
- * \return 0 if successfull,
- * a negative error code otherwise
- */
-int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
- const unsigned char *buf,
- size_t len );
-
-/**
- * \brief Derive the shared secret
- * (TLS: Pre-Master Secret)
- *
- * \param ctx Context to use
- * \param buf Buffer to write the contents to
- * \param len Buffer size
- * \param olen Will be updated with the number of bytes written
- * \param f_rng RNG function
- * \param p_rng RNG parameter
- *
- * \return 0 if successfull,
- * a negative error code otherwise
- */
-int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
- unsigned char *buf, size_t len, size_t *olen,
- int (*f_rng)(void *, unsigned char *, size_t),
- void *p_rng );
-
-/**
- * \brief Free a context's content
- *
- * \param ctx context to free
- */
-void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx );
-
-#if defined(MBEDTLS_SELF_TEST)
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if a test failed
- */
-int mbedtls_ecjpake_self_test( int verbose );
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* ecjpake.h */