Feature/mbedtls (#84)

* try to import mbedtls and build it * add stubs socket class * some boilterplate, read and write function implemented * more boilterplate / current error in handshake because no CA cert is setup * add something so skip ca verification, can ws curl https://google.com ! * cleanup / close implemented * tweak CMakefiles * typo in include * update readme * disable unittests
2019-06-01 17:41:48 -07:00
parent ba4a9e1586
commit 06cbebe22e
1614 changed files with 441051 additions and 13 deletions
--- a/third_party/mbedtls/crypto/doxygen/input/doc_encdec.h
+++ b/third_party/mbedtls/crypto/doxygen/input/doc_encdec.h
@@ -0,0 +1,72 @@
+/**
+ * \file doc_encdec.h
+ *
+ * \brief Encryption/decryption module documentation file.
+ */
+/*
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/**
+ * @addtogroup encdec_module Encryption/decryption module
+ *
+ * The Encryption/decryption module provides encryption/decryption functions.
+ * One can differentiate between symmetric and asymmetric algorithms; the
+ * symmetric ones are mostly used for message confidentiality and the asymmetric
+ * ones for key exchange and message integrity.
+ * Some symmetric algorithms provide different block cipher modes, mainly
+ * Electronic Code Book (ECB) which is used for short (64-bit) messages and
+ * Cipher Block Chaining (CBC) which provides the structure needed for longer
+ * messages. In addition the Cipher Feedback Mode (CFB-128) stream cipher mode,
+ * Counter mode (CTR) and Galois Counter Mode (GCM) are implemented for
+ * specific algorithms.
+ *
+ * All symmetric encryption algorithms are accessible via the generic cipher layer
+ * (see \c mbedtls_cipher_setup()).
+ *
+ * The asymmetric encryptrion algorithms are accessible via the generic public
+ * key layer (see \c mbedtls_pk_init()).
+ *
+ * The following algorithms are provided:
+ * - Symmetric:
+ *   - AES (see \c mbedtls_aes_crypt_ecb(), \c mbedtls_aes_crypt_cbc(), \c mbedtls_aes_crypt_cfb128() and
+ *     \c mbedtls_aes_crypt_ctr()).
+ *   - ARCFOUR (see \c mbedtls_arc4_crypt()).
+ *   - Blowfish / BF (see \c mbedtls_blowfish_crypt_ecb(), \c mbedtls_blowfish_crypt_cbc(),
+ *     \c mbedtls_blowfish_crypt_cfb64() and \c mbedtls_blowfish_crypt_ctr())
+ *   - Camellia (see \c mbedtls_camellia_crypt_ecb(), \c mbedtls_camellia_crypt_cbc(),
+ *     \c mbedtls_camellia_crypt_cfb128() and \c mbedtls_camellia_crypt_ctr()).
+ *   - DES/3DES (see \c mbedtls_des_crypt_ecb(), \c mbedtls_des_crypt_cbc(), \c mbedtls_des3_crypt_ecb()
+ *     and \c mbedtls_des3_crypt_cbc()).
+ *   - GCM (AES-GCM and CAMELLIA-GCM) (see \c mbedtls_gcm_init())
+ *   - XTEA (see \c mbedtls_xtea_crypt_ecb()).
+ * - Asymmetric:
+ *   - Diffie-Hellman-Merkle (see \c mbedtls_dhm_read_public(), \c mbedtls_dhm_make_public()
+ *     and \c mbedtls_dhm_calc_secret()).
+ *   - RSA (see \c mbedtls_rsa_public() and \c mbedtls_rsa_private()).
+ *   - Elliptic Curves over GF(p) (see \c mbedtls_ecp_point_init()).
+ *   - Elliptic Curve Digital Signature Algorithm (ECDSA) (see \c mbedtls_ecdsa_init()).
+ *   - Elliptic Curve Diffie Hellman (ECDH) (see \c mbedtls_ecdh_init()).
+ *
+ * This module provides encryption/decryption which can be used to provide
+ * secrecy.
+ *
+ * It also provides asymmetric key functions which can be used for
+ * confidentiality, integrity, authentication and non-repudiation.
+ */
--- a/third_party/mbedtls/crypto/doxygen/input/doc_hashing.h
+++ b/third_party/mbedtls/crypto/doxygen/input/doc_hashing.h
@@ -0,0 +1,44 @@
+/**
+ * \file doc_hashing.h
+ *
+ * \brief Hashing module documentation file.
+ */
+/*
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/**
+ * @addtogroup hashing_module Hashing module
+ *
+ * The Message Digest (MD) or Hashing module provides one-way hashing
+ * functions. Such functions can be used for creating a hash message
+ * authentication code (HMAC) when sending a message. Such a HMAC can be used
+ * in combination with a private key for authentication, which is a message
+ * integrity control.
+ *
+ * All hash algorithms can be accessed via the generic MD layer (see
+ * \c mbedtls_md_setup())
+ *
+ * The following hashing-algorithms are provided:
+ * - MD2, MD4, MD5 128-bit one-way hash functions by Ron Rivest.
+ * - SHA-1, SHA-256, SHA-384/512 160-bit or more one-way hash functions by
+ *   NIST and NSA.
+ *
+ * This module provides one-way hashing which can be used for authentication.
+ */
--- a/third_party/mbedtls/crypto/doxygen/input/doc_mainpage.h
+++ b/third_party/mbedtls/crypto/doxygen/input/doc_mainpage.h
@@ -0,0 +1,49 @@
+/**
+ * \file doc_mainpage.h
+ *
+ * \brief Main page documentation file.
+ */
+/*
+ *
+ *  Copyright (C) 2006-2019, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/**
+ * @mainpage Mbed Crypto v0.1.0 source code documentation
+ *
+ * This documentation describes the internal structure of mbed TLS.  It was
+ * automatically generated from specially formatted comment blocks in
+ * mbed TLS's source code using Doxygen.  (See
+ * http://www.stack.nl/~dimitri/doxygen/ for more information on Doxygen)
+ *
+ * Mbed Crypto provides an implementation of the PSA Crypto API. The library is
+ * comprised of a number of independent modules, listed in the \ref
+ * mainpage_modules "Modules section". This "Modules section" introduces the
+ * high-level module concepts used throughout this documentation.
+ *
+ * @section mainpage_modules Modules
+ *
+ * Mbed Crypto provides the following modules:
+ * - Random number generation
+ * - Hashing
+ * - Encryption/decryption
+ *
+ * Above functions are split up neatly into logical interfaces. These can be
+ * used separately to provide any of the above functions or to mix-and-match.
+ *
+ */
--- a/third_party/mbedtls/crypto/doxygen/input/doc_rng.h
+++ b/third_party/mbedtls/crypto/doxygen/input/doc_rng.h
@@ -0,0 +1,46 @@
+/**
+ * \file doc_rng.h
+ *
+ * \brief Random number generator (RNG) module documentation file.
+ */
+/*
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/**
+ * @addtogroup rng_module Random number generator (RNG) module
+ *
+ * The Random number generator (RNG) module provides random number
+ * generation, see \c mbedtls_ctr_drbg_random().
+ *
+ * The block-cipher counter-mode based deterministic random
+ * bit generator (CTR_DBRG) as specified in NIST SP800-90. It needs an external
+ * source of entropy. For these purposes \c mbedtls_entropy_func() can be used.
+ * This is an implementation based on a simple entropy accumulator design.
+ *
+ * The other number generator that is included is less strong and uses the
+ * HAVEGE (HArdware Volatile Entropy Gathering and Expansion) software heuristic
+ * which considered unsafe for primary usage, but provides additional random
+ * to the entropy pool if enables.
+ *
+ * Meaning that there seems to be no practical algorithm that can guess
+ * the next bit with a probability larger than 1/2 in an output sequence.
+ *
+ * This module can be used to generate random numbers.
+ */