Update external polarssl to 1.3.8

There were some fixes back on March 13th, 2014 for fixing compiling on MIPS64. Also some fixes on June 25th, 2014 for SPARC64 fixes. Probably more things, but those are what I care about.
2025-07-23 06:09:50 -06:00 · 2014-09-08 01:58:33 -05:00
parent 6ea82790ba
commit a48e284317
130 changed files with 12346 additions and 4632 deletions
--- a/Externals/polarssl/library/gcm.c
+++ b/Externals/polarssl/library/gcm.c
@ -1,7 +1,7 @@
 /*
 *  NIST SP800-38D compliant GCM implementation
 *
- *  Copyright (C) 2006-2013, Brainspark B.V.
+ *  Copyright (C) 2006-2014, Brainspark B.V.
 *
 *  This file is part of PolarSSL (http://www.polarssl.org)
 *  Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -33,7 +33,11 @@
 * [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory.
 */

+#if !defined(POLARSSL_CONFIG_FILE)
 #include "polarssl/config.h"
+#else
+#include POLARSSL_CONFIG_FILE
+#endif

 #if defined(POLARSSL_GCM_C)

@ -43,6 +47,12 @@
 #include "polarssl/aesni.h"
 #endif

+#if defined(POLARSSL_PLATFORM_C)
+#include "polarssl/platform.h"
+#else
+#define polarssl_printf printf
+#endif
+
 /*
 * 32-bit integer manipulation macros (big endian)
 */
@ -66,6 +76,11 @@
 }
 #endif

+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
 /*
 * Precompute small multiples of H, that is set
 *      HH[i] || HL[i] = H times i,
@ -119,7 +134,7 @@ static int gcm_gen_table( gcm_context *ctx )
        ctx->HH[i] = vh;
    }

-    for (i = 2; i < 16; i <<= 1 )
+    for( i = 2; i < 16; i <<= 1 )
    {
        uint64_t *HiL = ctx->HL + i, *HiH = ctx->HH + i;
        vh = *HiH;
@ -142,6 +157,8 @@ int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key,

    memset( ctx, 0, sizeof(gcm_context) );

+    cipher_init( &ctx->cipher_ctx );
+
    cipher_info = cipher_info_from_values( cipher, keysize, POLARSSL_MODE_ECB );
    if( cipher_info == NULL )
        return( POLARSSL_ERR_GCM_BAD_INPUT );
@ -185,7 +202,6 @@ static void gcm_mult( gcm_context *ctx, const unsigned char x[16],
                      unsigned char output[16] )
 {
    int i = 0;
-    unsigned char z[16];
    unsigned char lo, hi, rem;
    uint64_t zh, zl;

@ -201,9 +217,7 @@ static void gcm_mult( gcm_context *ctx, const unsigned char x[16],
        aesni_gcm_mult( output, x, h );
        return;
    }
-#endif
-
-    memset( z, 0x00, 16 );
+#endif /* POLARSSL_AESNI_C && POLARSSL_HAVE_X86_64 */

    lo = x[15] & 0xf;
    hi = x[15] >> 4;
@ -254,6 +268,13 @@ int gcm_starts( gcm_context *ctx,
    const unsigned char *p;
    size_t use_len, olen = 0;

+    /* IV and AD are limited to 2^64 bits, so 2^61 bytes */
+    if( ( (uint64_t) iv_len  ) >> 61 != 0 ||
+        ( (uint64_t) add_len ) >> 61 != 0 )
+    {
+        return( POLARSSL_ERR_GCM_BAD_INPUT );
+    }
+
    memset( ctx->y, 0x00, sizeof(ctx->y) );
    memset( ctx->buf, 0x00, sizeof(ctx->buf) );

@ -330,6 +351,14 @@ int gcm_update( gcm_context *ctx,
    if( output > input && (size_t) ( output - input ) < length )
        return( POLARSSL_ERR_GCM_BAD_INPUT );

+    /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes
+     * Also check for possible overflow */
+    if( ctx->len + length < ctx->len ||
+        (uint64_t) ctx->len + length > 0x03FFFFE0llu )
+    {
+        return( POLARSSL_ERR_GCM_BAD_INPUT );
+    }
+
    ctx->len += length;

    p = input;
@ -375,7 +404,7 @@ int gcm_finish( gcm_context *ctx,
    uint64_t orig_len = ctx->len * 8;
    uint64_t orig_add_len = ctx->add_len * 8;

-    if( tag_len > 16 )
+    if( tag_len > 16 || tag_len < 4 )
        return( POLARSSL_ERR_GCM_BAD_INPUT );

    if( tag_len != 0 )
@ -457,7 +486,7 @@ int gcm_auth_decrypt( gcm_context *ctx,

    if( diff != 0 )
    {
-        memset( output, 0, length );
+        polarssl_zeroize( output, length );
        return( POLARSSL_ERR_GCM_AUTH_FAILED );
    }

@ -466,8 +495,8 @@ int gcm_auth_decrypt( gcm_context *ctx,

 void gcm_free( gcm_context *ctx )
 {
-    (void) cipher_free_ctx( &ctx->cipher_ctx );
-    memset( ctx, 0, sizeof( gcm_context ) );
+    cipher_free( &ctx->cipher_ctx );
+    polarssl_zeroize( ctx, sizeof( gcm_context ) );
 }

 #if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
@ -716,7 +745,8 @@ int gcm_self_test( int verbose )
        for( i = 0; i < MAX_TESTS; i++ )
        {
            if( verbose != 0 )
-                printf( "  AES-GCM-%3d #%d (%s): ", key_len, i, "enc" );
+                polarssl_printf( "  AES-GCM-%3d #%d (%s): ",
+                                 key_len, i, "enc" );

            gcm_init( &ctx, cipher, key[key_index[i]], key_len );

@ -731,7 +761,7 @@ int gcm_self_test( int verbose )
                memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
            {
                if( verbose != 0 )
-                    printf( "failed\n" );
+                    polarssl_printf( "failed\n" );

                return( 1 );
            }
@ -739,10 +769,11 @@ int gcm_self_test( int verbose )
            gcm_free( &ctx );

            if( verbose != 0 )
-                printf( "passed\n" );
+                polarssl_printf( "passed\n" );

            if( verbose != 0 )
-                printf( "  AES-GCM-%3d #%d (%s): ", key_len, i, "dec" );
+                polarssl_printf( "  AES-GCM-%3d #%d (%s): ",
+                                 key_len, i, "dec" );

            gcm_init( &ctx, cipher, key[key_index[i]], key_len );

@ -757,7 +788,7 @@ int gcm_self_test( int verbose )
                memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
            {
                if( verbose != 0 )
-                    printf( "failed\n" );
+                    polarssl_printf( "failed\n" );

                return( 1 );
            }
@ -765,10 +796,11 @@ int gcm_self_test( int verbose )
            gcm_free( &ctx );

            if( verbose != 0 )
-                printf( "passed\n" );
+                polarssl_printf( "passed\n" );

            if( verbose != 0 )
-                printf( "  AES-GCM-%3d #%d split (%s): ", key_len, i, "enc" );
+                polarssl_printf( "  AES-GCM-%3d #%d split (%s): ",
+                                 key_len, i, "enc" );

            gcm_init( &ctx, cipher, key[key_index[i]], key_len );

@ -778,7 +810,7 @@ int gcm_self_test( int verbose )
            if( ret != 0 )
            {
                if( verbose != 0 )
-                    printf( "failed\n" );
+                    polarssl_printf( "failed\n" );

                return( 1 );
            }
@ -790,16 +822,17 @@ int gcm_self_test( int verbose )
                if( ret != 0 )
                {
                    if( verbose != 0 )
-                        printf( "failed\n" );
+                        polarssl_printf( "failed\n" );

                    return( 1 );
                }

-                ret = gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32, buf + 32 );
+                ret = gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32,
+                                  buf + 32 );
                if( ret != 0 )
                {
                    if( verbose != 0 )
-                        printf( "failed\n" );
+                        polarssl_printf( "failed\n" );

                    return( 1 );
                }
@ -810,7 +843,7 @@ int gcm_self_test( int verbose )
                if( ret != 0 )
                {
                    if( verbose != 0 )
-                        printf( "failed\n" );
+                        polarssl_printf( "failed\n" );

                    return( 1 );
                }
@ -822,7 +855,7 @@ int gcm_self_test( int verbose )
                memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
            {
                if( verbose != 0 )
-                    printf( "failed\n" );
+                    polarssl_printf( "failed\n" );

                return( 1 );
            }
@ -830,10 +863,11 @@ int gcm_self_test( int verbose )
            gcm_free( &ctx );

            if( verbose != 0 )
-                printf( "passed\n" );
+                polarssl_printf( "passed\n" );

            if( verbose != 0 )
-                printf( "  AES-GCM-%3d #%d split (%s): ", key_len, i, "dec" );
+                polarssl_printf( "  AES-GCM-%3d #%d split (%s): ",
+                                 key_len, i, "dec" );

            gcm_init( &ctx, cipher, key[key_index[i]], key_len );

@ -843,7 +877,7 @@ int gcm_self_test( int verbose )
            if( ret != 0 )
            {
                if( verbose != 0 )
-                    printf( "failed\n" );
+                    polarssl_printf( "failed\n" );

                return( 1 );
            }
@ -855,16 +889,17 @@ int gcm_self_test( int verbose )
                if( ret != 0 )
                {
                    if( verbose != 0 )
-                        printf( "failed\n" );
+                        polarssl_printf( "failed\n" );

                    return( 1 );
                }

-                ret = gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32, buf + 32 );
+                ret = gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32,
+                                  buf + 32 );
                if( ret != 0 )
                {
                    if( verbose != 0 )
-                        printf( "failed\n" );
+                        polarssl_printf( "failed\n" );

                    return( 1 );
                }
@ -875,7 +910,7 @@ int gcm_self_test( int verbose )
                if( ret != 0 )
                {
                    if( verbose != 0 )
-                        printf( "failed\n" );
+                        polarssl_printf( "failed\n" );

                    return( 1 );
                }
@ -887,7 +922,7 @@ int gcm_self_test( int verbose )
                memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
            {
                if( verbose != 0 )
-                    printf( "failed\n" );
+                    polarssl_printf( "failed\n" );

                return( 1 );
            }
@ -895,13 +930,13 @@ int gcm_self_test( int verbose )
            gcm_free( &ctx );

            if( verbose != 0 )
-                printf( "passed\n" );
+                polarssl_printf( "passed\n" );

        }
    }

    if( verbose != 0 )
-        printf( "\n" );
+        polarssl_printf( "\n" );

    return( 0 );
 }
@ -910,4 +945,4 @@ int gcm_self_test( int verbose )

 #endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */

-#endif
+#endif /* POLARSSL_GCM_C */