MirrorSave
/
nodemcu-firmware
mirror of https://github.com/nodemcu/nodemcu-firmware.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nodemcu-firmware/app/include/mbedtls/md4.h

312 lines
9.3 KiB
C
Raw Normal View History

Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
/**
* \file md4.h
*
* \brief MD4 message digest algorithm (hash function)
*
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
* \warning MD4 is considered a weak message digest and its use constitutes a
* security risk. We recommend considering stronger message digests
* instead.
*/
/*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
*/
#ifndef MBEDTLS_MD4_H
#define MBEDTLS_MD4_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h>
#include <stdint.h>
SSL rampage (#2938) * Remove stale putative MD2 support This hasn't worked in a while, presumably since one of our upstream merges. Don't bother making it work, since MD2 is generally considered insecure. * Land mbedtls 2.16.3-77-gf02988e57 * TLS: remove some dead code from espconn_mbedtls There was some... frankly kind of scary buffer and data shuffling if ESP8266_PLATFORM was defined. Since we don't, in fact, define that preprocessor symbol, just drop the code lest anyone (possibly future-me) be scared. * TLS: espconn_mbedtls: run through astyle No functional changes * TLS: espconn_mbedtls: put the file_params on the stack There's no need to malloc a structure that's used only locally. * TLS: Further minor tidying of mbedtls glue What an absolute shitshow this is. mbedtls should absolutely not be mentioned inside sys/socket.h and app/mbedtls/app/lwIPSocket.c is not so much glue as it as a complete copy of a random subset of lwIP; it should go, but we aren't there yet. Get rid of the mysterious "mbedlts_record" struct, which housed merely a length of bytes sent solely for gating the "record sent" callback. Remove spurious __attribute__((weak)) from symbols not otherwise defined and rename them to emphasize that they are not actually part of mbedtls proper. * TLS: Rampage esp mbedtls glue and delete unused code This at least makes the shitshow smaller * TLS: lwip: fix some memp definitions I presume these also need the new arguments * TLS: Remove more non-NodeMCU code from our mbedtls * TLS: drop support for 1.1 Depending on who you ask it's either EOL already or EOL soon, so we may as well get rid of it now.
2019-12-27 14:17:44 +01:00
/* MBEDTLS_ERR_MD4_HW_ACCEL_FAILED is deprecated and should not be used. */
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
#define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED -0x002D /**< MD4 hardware accelerator failed */
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
#ifdef __cplusplus
extern "C" {
#endif
SSL rampage (#2938) * Remove stale putative MD2 support This hasn't worked in a while, presumably since one of our upstream merges. Don't bother making it work, since MD2 is generally considered insecure. * Land mbedtls 2.16.3-77-gf02988e57 * TLS: remove some dead code from espconn_mbedtls There was some... frankly kind of scary buffer and data shuffling if ESP8266_PLATFORM was defined. Since we don't, in fact, define that preprocessor symbol, just drop the code lest anyone (possibly future-me) be scared. * TLS: espconn_mbedtls: run through astyle No functional changes * TLS: espconn_mbedtls: put the file_params on the stack There's no need to malloc a structure that's used only locally. * TLS: Further minor tidying of mbedtls glue What an absolute shitshow this is. mbedtls should absolutely not be mentioned inside sys/socket.h and app/mbedtls/app/lwIPSocket.c is not so much glue as it as a complete copy of a random subset of lwIP; it should go, but we aren't there yet. Get rid of the mysterious "mbedlts_record" struct, which housed merely a length of bytes sent solely for gating the "record sent" callback. Remove spurious __attribute__((weak)) from symbols not otherwise defined and rename them to emphasize that they are not actually part of mbedtls proper. * TLS: Rampage esp mbedtls glue and delete unused code This at least makes the shitshow smaller * TLS: lwip: fix some memp definitions I presume these also need the new arguments * TLS: Remove more non-NodeMCU code from our mbedtls * TLS: drop support for 1.1 Depending on who you ask it's either EOL already or EOL soon, so we may as well get rid of it now.
2019-12-27 14:17:44 +01:00
#if !defined(MBEDTLS_MD4_ALT)
// Regular implementation
//
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
/**
* \brief MD4 context structure
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
*/
SSL rampage (#2938) * Remove stale putative MD2 support This hasn't worked in a while, presumably since one of our upstream merges. Don't bother making it work, since MD2 is generally considered insecure. * Land mbedtls 2.16.3-77-gf02988e57 * TLS: remove some dead code from espconn_mbedtls There was some... frankly kind of scary buffer and data shuffling if ESP8266_PLATFORM was defined. Since we don't, in fact, define that preprocessor symbol, just drop the code lest anyone (possibly future-me) be scared. * TLS: espconn_mbedtls: run through astyle No functional changes * TLS: espconn_mbedtls: put the file_params on the stack There's no need to malloc a structure that's used only locally. * TLS: Further minor tidying of mbedtls glue What an absolute shitshow this is. mbedtls should absolutely not be mentioned inside sys/socket.h and app/mbedtls/app/lwIPSocket.c is not so much glue as it as a complete copy of a random subset of lwIP; it should go, but we aren't there yet. Get rid of the mysterious "mbedlts_record" struct, which housed merely a length of bytes sent solely for gating the "record sent" callback. Remove spurious __attribute__((weak)) from symbols not otherwise defined and rename them to emphasize that they are not actually part of mbedtls proper. * TLS: Rampage esp mbedtls glue and delete unused code This at least makes the shitshow smaller * TLS: lwip: fix some memp definitions I presume these also need the new arguments * TLS: Remove more non-NodeMCU code from our mbedtls * TLS: drop support for 1.1 Depending on who you ask it's either EOL already or EOL soon, so we may as well get rid of it now.
2019-12-27 14:17:44 +01:00
typedef struct mbedtls_md4_context
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
{
uint32_t total[2]; /*!< number of bytes processed */
uint32_t state[4]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */
}
mbedtls_md4_context;
SSL rampage (#2938) * Remove stale putative MD2 support This hasn't worked in a while, presumably since one of our upstream merges. Don't bother making it work, since MD2 is generally considered insecure. * Land mbedtls 2.16.3-77-gf02988e57 * TLS: remove some dead code from espconn_mbedtls There was some... frankly kind of scary buffer and data shuffling if ESP8266_PLATFORM was defined. Since we don't, in fact, define that preprocessor symbol, just drop the code lest anyone (possibly future-me) be scared. * TLS: espconn_mbedtls: run through astyle No functional changes * TLS: espconn_mbedtls: put the file_params on the stack There's no need to malloc a structure that's used only locally. * TLS: Further minor tidying of mbedtls glue What an absolute shitshow this is. mbedtls should absolutely not be mentioned inside sys/socket.h and app/mbedtls/app/lwIPSocket.c is not so much glue as it as a complete copy of a random subset of lwIP; it should go, but we aren't there yet. Get rid of the mysterious "mbedlts_record" struct, which housed merely a length of bytes sent solely for gating the "record sent" callback. Remove spurious __attribute__((weak)) from symbols not otherwise defined and rename them to emphasize that they are not actually part of mbedtls proper. * TLS: Rampage esp mbedtls glue and delete unused code This at least makes the shitshow smaller * TLS: lwip: fix some memp definitions I presume these also need the new arguments * TLS: Remove more non-NodeMCU code from our mbedtls * TLS: drop support for 1.1 Depending on who you ask it's either EOL already or EOL soon, so we may as well get rid of it now.
2019-12-27 14:17:44 +01:00
#else /* MBEDTLS_MD4_ALT */
#include "md4_alt.h"
#endif /* MBEDTLS_MD4_ALT */
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
/**
* \brief Initialize MD4 context
*
* \param ctx MD4 context to be initialized
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
*/
void mbedtls_md4_init( mbedtls_md4_context *ctx );
/**
* \brief Clear MD4 context
*
* \param ctx MD4 context to be cleared
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
*/
void mbedtls_md4_free( mbedtls_md4_context *ctx );
/**
* \brief Clone (the state of) an MD4 context
*
* \param dst The destination context
* \param src The context to be cloned
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
*/
void mbedtls_md4_clone( mbedtls_md4_context *dst,
const mbedtls_md4_context *src );
/**
* \brief MD4 context setup
*
* \param ctx context to be initialized
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
*
* \return 0 if successful
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*/
int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx );
/**
* \brief MD4 process buffer
*
* \param ctx MD4 context
* \param input buffer holding the data
* \param ilen length of the input data
*
* \return 0 if successful
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
const unsigned char *input,
size_t ilen );
/**
* \brief MD4 final digest
*
* \param ctx MD4 context
* \param output MD4 checksum result
*
* \return 0 if successful
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
unsigned char output[16] );
/**
* \brief MD4 process data block (internal use only)
*
* \param ctx MD4 context
* \param data buffer holding one block of data
*
* \return 0 if successful
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
const unsigned char data[64] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief MD4 context setup
*
* \deprecated Superseded by mbedtls_md4_starts_ret() in 2.7.0
*
* \param ctx context to be initialized
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
*/
Update TLS protocol support (#2587) * Update TLS protocol support TLS1.0 is past PCI's EOL; BEAST is no more Enable elliptic curve key exchanges Do not enable the smallest ECs for security Do not enable the largest ECs for computational time Do not enable 25519 (sad) because it doesn't go across the wire Drop non-PFS key exchanges Drop ARC4, Blowfish, DES, genprime, XTEA code Drop renegotiation support completely It takes so much heap that it's not likely to work out well Tidy handling of SSL_BUFFER_SIZE Update docs Drop mention of startcom, since they are no more, for letsencrypt * Update mbedtls to 2.7.7 Preserve our vsnprintf and platform hacks * Introduce TLS maximum fragment size knob Reduce buffer size to 4Ki by default and advertize that. That's the largest we can advertize with the TLS MFL extension, so there's no point in making them larger. The truly adventurous can re-raise SSL_BUFFER_SIZE and undefine the SSL_MAX_FRAGMENT_LENGTH_CODE and get back to the earlier behavior. * Default to mbedTLS debug with DEVELOP_VERSION
2019-01-15 17:02:32 +01:00
MBEDTLS_DEPRECATED void mbedtls_md4_starts( mbedtls_md4_context *ctx );
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
/**
* \brief MD4 process buffer
*
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
* \deprecated Superseded by mbedtls_md4_update_ret() in 2.7.0
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
* \param ctx MD4 context
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
* \param input buffer holding the data
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
* \param ilen length of the input data
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
*/
Update TLS protocol support (#2587) * Update TLS protocol support TLS1.0 is past PCI's EOL; BEAST is no more Enable elliptic curve key exchanges Do not enable the smallest ECs for security Do not enable the largest ECs for computational time Do not enable 25519 (sad) because it doesn't go across the wire Drop non-PFS key exchanges Drop ARC4, Blowfish, DES, genprime, XTEA code Drop renegotiation support completely It takes so much heap that it's not likely to work out well Tidy handling of SSL_BUFFER_SIZE Update docs Drop mention of startcom, since they are no more, for letsencrypt * Update mbedtls to 2.7.7 Preserve our vsnprintf and platform hacks * Introduce TLS maximum fragment size knob Reduce buffer size to 4Ki by default and advertize that. That's the largest we can advertize with the TLS MFL extension, so there's no point in making them larger. The truly adventurous can re-raise SSL_BUFFER_SIZE and undefine the SSL_MAX_FRAGMENT_LENGTH_CODE and get back to the earlier behavior. * Default to mbedTLS debug with DEVELOP_VERSION
2019-01-15 17:02:32 +01:00
MBEDTLS_DEPRECATED void mbedtls_md4_update( mbedtls_md4_context *ctx,
const unsigned char *input,
size_t ilen );
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
/**
* \brief MD4 final digest
*
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
* \deprecated Superseded by mbedtls_md4_finish_ret() in 2.7.0
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
* \param ctx MD4 context
* \param output MD4 checksum result
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
*/
Update TLS protocol support (#2587) * Update TLS protocol support TLS1.0 is past PCI's EOL; BEAST is no more Enable elliptic curve key exchanges Do not enable the smallest ECs for security Do not enable the largest ECs for computational time Do not enable 25519 (sad) because it doesn't go across the wire Drop non-PFS key exchanges Drop ARC4, Blowfish, DES, genprime, XTEA code Drop renegotiation support completely It takes so much heap that it's not likely to work out well Tidy handling of SSL_BUFFER_SIZE Update docs Drop mention of startcom, since they are no more, for letsencrypt * Update mbedtls to 2.7.7 Preserve our vsnprintf and platform hacks * Introduce TLS maximum fragment size knob Reduce buffer size to 4Ki by default and advertize that. That's the largest we can advertize with the TLS MFL extension, so there's no point in making them larger. The truly adventurous can re-raise SSL_BUFFER_SIZE and undefine the SSL_MAX_FRAGMENT_LENGTH_CODE and get back to the earlier behavior. * Default to mbedTLS debug with DEVELOP_VERSION
2019-01-15 17:02:32 +01:00
MBEDTLS_DEPRECATED void mbedtls_md4_finish( mbedtls_md4_context *ctx,
unsigned char output[16] );
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
/**
* \brief MD4 process data block (internal use only)
*
* \deprecated Superseded by mbedtls_internal_md4_process() in 2.7.0
*
* \param ctx MD4 context
* \param data buffer holding one block of data
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
Update TLS protocol support (#2587) * Update TLS protocol support TLS1.0 is past PCI's EOL; BEAST is no more Enable elliptic curve key exchanges Do not enable the smallest ECs for security Do not enable the largest ECs for computational time Do not enable 25519 (sad) because it doesn't go across the wire Drop non-PFS key exchanges Drop ARC4, Blowfish, DES, genprime, XTEA code Drop renegotiation support completely It takes so much heap that it's not likely to work out well Tidy handling of SSL_BUFFER_SIZE Update docs Drop mention of startcom, since they are no more, for letsencrypt * Update mbedtls to 2.7.7 Preserve our vsnprintf and platform hacks * Introduce TLS maximum fragment size knob Reduce buffer size to 4Ki by default and advertize that. That's the largest we can advertize with the TLS MFL extension, so there's no point in making them larger. The truly adventurous can re-raise SSL_BUFFER_SIZE and undefine the SSL_MAX_FRAGMENT_LENGTH_CODE and get back to the earlier behavior. * Default to mbedTLS debug with DEVELOP_VERSION
2019-01-15 17:02:32 +01:00
MBEDTLS_DEPRECATED void mbedtls_md4_process( mbedtls_md4_context *ctx,
const unsigned char data[64] );
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
/**
* \brief Output = MD4( input buffer )
*
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD4 checksum result
*
* \return 0 if successful
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
int mbedtls_md4_ret( const unsigned char *input,
size_t ilen,
unsigned char output[16] );
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief Output = MD4( input buffer )
*
* \deprecated Superseded by mbedtls_md4_ret() in 2.7.0
*
* \param input buffer holding the data
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
* \param ilen length of the input data
* \param output MD4 checksum result
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
*/
Update TLS protocol support (#2587) * Update TLS protocol support TLS1.0 is past PCI's EOL; BEAST is no more Enable elliptic curve key exchanges Do not enable the smallest ECs for security Do not enable the largest ECs for computational time Do not enable 25519 (sad) because it doesn't go across the wire Drop non-PFS key exchanges Drop ARC4, Blowfish, DES, genprime, XTEA code Drop renegotiation support completely It takes so much heap that it's not likely to work out well Tidy handling of SSL_BUFFER_SIZE Update docs Drop mention of startcom, since they are no more, for letsencrypt * Update mbedtls to 2.7.7 Preserve our vsnprintf and platform hacks * Introduce TLS maximum fragment size knob Reduce buffer size to 4Ki by default and advertize that. That's the largest we can advertize with the TLS MFL extension, so there's no point in making them larger. The truly adventurous can re-raise SSL_BUFFER_SIZE and undefine the SSL_MAX_FRAGMENT_LENGTH_CODE and get back to the earlier behavior. * Default to mbedTLS debug with DEVELOP_VERSION
2019-01-15 17:02:32 +01:00
MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input,
size_t ilen,
unsigned char output[16] );
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
#undef MBEDTLS_DEPRECATED
#endif /* !MBEDTLS_DEPRECATED_REMOVED */
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
SSL rampage (#2938) * Remove stale putative MD2 support This hasn't worked in a while, presumably since one of our upstream merges. Don't bother making it work, since MD2 is generally considered insecure. * Land mbedtls 2.16.3-77-gf02988e57 * TLS: remove some dead code from espconn_mbedtls There was some... frankly kind of scary buffer and data shuffling if ESP8266_PLATFORM was defined. Since we don't, in fact, define that preprocessor symbol, just drop the code lest anyone (possibly future-me) be scared. * TLS: espconn_mbedtls: run through astyle No functional changes * TLS: espconn_mbedtls: put the file_params on the stack There's no need to malloc a structure that's used only locally. * TLS: Further minor tidying of mbedtls glue What an absolute shitshow this is. mbedtls should absolutely not be mentioned inside sys/socket.h and app/mbedtls/app/lwIPSocket.c is not so much glue as it as a complete copy of a random subset of lwIP; it should go, but we aren't there yet. Get rid of the mysterious "mbedlts_record" struct, which housed merely a length of bytes sent solely for gating the "record sent" callback. Remove spurious __attribute__((weak)) from symbols not otherwise defined and rename them to emphasize that they are not actually part of mbedtls proper. * TLS: Rampage esp mbedtls glue and delete unused code This at least makes the shitshow smaller * TLS: lwip: fix some memp definitions I presume these also need the new arguments * TLS: Remove more non-NodeMCU code from our mbedtls * TLS: drop support for 1.1 Depending on who you ask it's either EOL already or EOL soon, so we may as well get rid of it now.
2019-12-27 14:17:44 +01:00
#if defined(MBEDTLS_SELF_TEST)
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
Update mbedTLS to 2.7.0 (#2267) * mbedtls 2.7.0 (mbedtls-2.7.0-0-g32605dc8) Wholesale import, with a few changes from earlier preserved through. Ideally we would soon get to the point of having no divergences from upstream. * tls: add function to adjust mbedTLS debug level
2018-03-03 23:28:26 +01:00
*
* \warning MD4 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
*/
int mbedtls_md4_self_test( int verbose );
SSL rampage (#2938) * Remove stale putative MD2 support This hasn't worked in a while, presumably since one of our upstream merges. Don't bother making it work, since MD2 is generally considered insecure. * Land mbedtls 2.16.3-77-gf02988e57 * TLS: remove some dead code from espconn_mbedtls There was some... frankly kind of scary buffer and data shuffling if ESP8266_PLATFORM was defined. Since we don't, in fact, define that preprocessor symbol, just drop the code lest anyone (possibly future-me) be scared. * TLS: espconn_mbedtls: run through astyle No functional changes * TLS: espconn_mbedtls: put the file_params on the stack There's no need to malloc a structure that's used only locally. * TLS: Further minor tidying of mbedtls glue What an absolute shitshow this is. mbedtls should absolutely not be mentioned inside sys/socket.h and app/mbedtls/app/lwIPSocket.c is not so much glue as it as a complete copy of a random subset of lwIP; it should go, but we aren't there yet. Get rid of the mysterious "mbedlts_record" struct, which housed merely a length of bytes sent solely for gating the "record sent" callback. Remove spurious __attribute__((weak)) from symbols not otherwise defined and rename them to emphasize that they are not actually part of mbedtls proper. * TLS: Rampage esp mbedtls glue and delete unused code This at least makes the shitshow smaller * TLS: lwip: fix some memp definitions I presume these also need the new arguments * TLS: Remove more non-NodeMCU code from our mbedtls * TLS: drop support for 1.1 Depending on who you ask it's either EOL already or EOL soon, so we may as well get rid of it now.
2019-12-27 14:17:44 +01:00
#endif /* MBEDTLS_SELF_TEST */
Upgrade to SDK 2.0.0 (#1435) * Update LWIP from SDK * mbedTLS integration * Fix argument type in dbg_printf (#1624) * Migrate to espressif’s download center (#1604) * Fixed BBS links to firmware * Adjust net module docs with mbedTLS info * Remove unrelevant axTLS notice
2016-12-11 21:03:00 +01:00
#ifdef __cplusplus
}
#endif
#endif /* mbedtls_md4.h */