diff options
Diffstat (limited to 'modules/mbedtls')
-rwxr-xr-x | modules/mbedtls/SCsub | 8 | ||||
-rwxr-xr-x | modules/mbedtls/config.py | 1 | ||||
-rw-r--r-- | modules/mbedtls/crypto_mbedtls.cpp | 26 | ||||
-rw-r--r-- | modules/mbedtls/crypto_mbedtls.h | 4 | ||||
-rw-r--r-- | modules/mbedtls/dtls_server_mbedtls.cpp | 2 | ||||
-rwxr-xr-x | modules/mbedtls/packet_peer_mbed_dtls.cpp | 16 | ||||
-rwxr-xr-x | modules/mbedtls/register_types.h | 5 | ||||
-rw-r--r-- | modules/mbedtls/ssl_context_mbedtls.cpp | 14 | ||||
-rwxr-xr-x | modules/mbedtls/stream_peer_mbedtls.cpp | 14 |
9 files changed, 48 insertions, 42 deletions
diff --git a/modules/mbedtls/SCsub b/modules/mbedtls/SCsub index 0c6c703e16..5f5d25a3ee 100755 --- a/modules/mbedtls/SCsub +++ b/modules/mbedtls/SCsub @@ -1,11 +1,11 @@ #!/usr/bin/env python -Import('env') -Import('env_modules') +Import("env") +Import("env_modules") env_mbed_tls = env_modules.Clone() -if env['builtin_mbedtls']: +if env["builtin_mbedtls"]: # Thirdparty source files thirdparty_sources = [ "aes.c", @@ -86,7 +86,7 @@ if env['builtin_mbedtls']: "x509_csr.c", "x509write_crt.c", "x509write_csr.c", - "xtea.c" + "xtea.c", ] thirdparty_dir = "#thirdparty/mbedtls/library/" diff --git a/modules/mbedtls/config.py b/modules/mbedtls/config.py index 1c8cd12a2d..d22f9454ed 100755 --- a/modules/mbedtls/config.py +++ b/modules/mbedtls/config.py @@ -1,5 +1,6 @@ def can_build(env, platform): return True + def configure(env): pass diff --git a/modules/mbedtls/crypto_mbedtls.cpp b/modules/mbedtls/crypto_mbedtls.cpp index c8a8240a19..a47a4503a5 100644 --- a/modules/mbedtls/crypto_mbedtls.cpp +++ b/modules/mbedtls/crypto_mbedtls.cpp @@ -66,7 +66,7 @@ Error CryptoKeyMbedTLS::load(String p_path) { } memdelete(f); - int ret = mbedtls_pk_parse_key(&pkey, out.ptr(), out.size(), NULL, 0); + int ret = mbedtls_pk_parse_key(&pkey, out.ptr(), out.size(), nullptr, 0); // We MUST zeroize the memory for safety! mbedtls_platform_zeroize(out.ptrw(), out.size()); ERR_FAIL_COND_V_MSG(ret, FAILED, "Error parsing private key '" + itos(ret) + "'."); @@ -167,11 +167,11 @@ void CryptoMbedTLS::initialize_crypto() { } void CryptoMbedTLS::finalize_crypto() { - Crypto::_create = NULL; - Crypto::_load_default_certificates = NULL; + Crypto::_create = nullptr; + Crypto::_load_default_certificates = nullptr; if (default_certs) { memdelete(default_certs); - default_certs = NULL; + default_certs = nullptr; } X509CertificateMbedTLS::finalize(); CryptoKeyMbedTLS::finalize(); @@ -180,7 +180,7 @@ void CryptoMbedTLS::finalize_crypto() { CryptoMbedTLS::CryptoMbedTLS() { mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_entropy_init(&entropy); - int ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0); + int ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, nullptr, 0); if (ret != 0) { ERR_PRINT(" failed\n ! mbedtls_ctr_drbg_seed returned an error" + itos(ret)); } @@ -191,17 +191,17 @@ CryptoMbedTLS::~CryptoMbedTLS() { mbedtls_entropy_free(&entropy); } -X509CertificateMbedTLS *CryptoMbedTLS::default_certs = NULL; +X509CertificateMbedTLS *CryptoMbedTLS::default_certs = nullptr; X509CertificateMbedTLS *CryptoMbedTLS::get_default_certificates() { return default_certs; } void CryptoMbedTLS::load_default_certificates(String p_path) { - ERR_FAIL_COND(default_certs != NULL); + ERR_FAIL_COND(default_certs != nullptr); default_certs = memnew(X509CertificateMbedTLS); - ERR_FAIL_COND(default_certs == NULL); + ERR_FAIL_COND(default_certs == nullptr); if (p_path != "") { // Use certs defined in project settings. @@ -227,15 +227,15 @@ Ref<CryptoKey> CryptoMbedTLS::generate_rsa(int p_bytes) { Ref<CryptoKeyMbedTLS> out; out.instance(); int ret = mbedtls_pk_setup(&(out->pkey), mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)); - ERR_FAIL_COND_V(ret != 0, NULL); + ERR_FAIL_COND_V(ret != 0, nullptr); ret = mbedtls_rsa_gen_key(mbedtls_pk_rsa(out->pkey), mbedtls_ctr_drbg_random, &ctr_drbg, p_bytes, 65537); - ERR_FAIL_COND_V(ret != 0, NULL); + ERR_FAIL_COND_V(ret != 0, nullptr); return out; } Ref<X509Certificate> CryptoMbedTLS::generate_self_signed_certificate(Ref<CryptoKey> p_key, String p_issuer_name, String p_not_before, String p_not_after) { Ref<CryptoKeyMbedTLS> key = static_cast<Ref<CryptoKeyMbedTLS>>(p_key); - ERR_FAIL_COND_V_MSG(key.is_null(), NULL, "Invalid private key argument."); + ERR_FAIL_COND_V_MSG(key.is_null(), nullptr, "Invalid private key argument."); mbedtls_x509write_cert crt; mbedtls_x509write_crt_init(&crt); @@ -250,7 +250,7 @@ Ref<X509Certificate> CryptoMbedTLS::generate_self_signed_certificate(Ref<CryptoK mbedtls_mpi_init(&serial); uint8_t rand_serial[20]; mbedtls_ctr_drbg_random(&ctr_drbg, rand_serial, 20); - ERR_FAIL_COND_V(mbedtls_mpi_read_binary(&serial, rand_serial, 20), NULL); + ERR_FAIL_COND_V(mbedtls_mpi_read_binary(&serial, rand_serial, 20), nullptr); mbedtls_x509write_crt_set_serial(&crt, &serial); mbedtls_x509write_crt_set_validity(&crt, p_not_before.utf8().get_data(), p_not_after.utf8().get_data()); @@ -268,7 +268,7 @@ Ref<X509Certificate> CryptoMbedTLS::generate_self_signed_certificate(Ref<CryptoK mbedtls_mpi_free(&serial); mbedtls_x509write_crt_free(&crt); ERR_PRINT("Generated invalid certificate: " + itos(err)); - return NULL; + return nullptr; } mbedtls_mpi_free(&serial); diff --git a/modules/mbedtls/crypto_mbedtls.h b/modules/mbedtls/crypto_mbedtls.h index 6c1c0e255d..db3d00a5e3 100644 --- a/modules/mbedtls/crypto_mbedtls.h +++ b/modules/mbedtls/crypto_mbedtls.h @@ -49,7 +49,7 @@ private: public: static CryptoKey *create(); static void make_default() { CryptoKey::_create = create; } - static void finalize() { CryptoKey::_create = NULL; } + static void finalize() { CryptoKey::_create = nullptr; } virtual Error load(String p_path); virtual Error save(String p_path); @@ -78,7 +78,7 @@ private: public: static X509Certificate *create(); static void make_default() { X509Certificate::_create = create; } - static void finalize() { X509Certificate::_create = NULL; } + static void finalize() { X509Certificate::_create = nullptr; } virtual Error load(String p_path); virtual Error load_from_memory(const uint8_t *p_buffer, int p_len); diff --git a/modules/mbedtls/dtls_server_mbedtls.cpp b/modules/mbedtls/dtls_server_mbedtls.cpp index 215b511758..f31f067f4e 100644 --- a/modules/mbedtls/dtls_server_mbedtls.cpp +++ b/modules/mbedtls/dtls_server_mbedtls.cpp @@ -65,7 +65,7 @@ void DTLSServerMbedTLS::initialize() { } void DTLSServerMbedTLS::finalize() { - _create = NULL; + _create = nullptr; available = false; } diff --git a/modules/mbedtls/packet_peer_mbed_dtls.cpp b/modules/mbedtls/packet_peer_mbed_dtls.cpp index bdf36ad1b1..b2aa5f5827 100755 --- a/modules/mbedtls/packet_peer_mbed_dtls.cpp +++ b/modules/mbedtls/packet_peer_mbed_dtls.cpp @@ -36,11 +36,11 @@ int PacketPeerMbedDTLS::bio_send(void *ctx, const unsigned char *buf, size_t len) { - if (buf == NULL || len <= 0) return 0; + if (buf == nullptr || len <= 0) return 0; PacketPeerMbedDTLS *sp = (PacketPeerMbedDTLS *)ctx; - ERR_FAIL_COND_V(sp == NULL, 0); + ERR_FAIL_COND_V(sp == nullptr, 0); Error err = sp->base->put_packet((const uint8_t *)buf, len); if (err == ERR_BUSY) { @@ -53,11 +53,11 @@ int PacketPeerMbedDTLS::bio_send(void *ctx, const unsigned char *buf, size_t len int PacketPeerMbedDTLS::bio_recv(void *ctx, unsigned char *buf, size_t len) { - if (buf == NULL || len <= 0) return 0; + if (buf == nullptr || len <= 0) return 0; PacketPeerMbedDTLS *sp = (PacketPeerMbedDTLS *)ctx; - ERR_FAIL_COND_V(sp == NULL, 0); + ERR_FAIL_COND_V(sp == nullptr, 0); int pc = sp->base->get_available_packet_count(); if (pc == 0) { @@ -125,7 +125,7 @@ Error PacketPeerMbedDTLS::connect_to_peer(Ref<PacketPeerUDP> p_base, bool p_vali ERR_FAIL_COND_V(err != OK, err); mbedtls_ssl_set_hostname(ssl_ctx->get_context(), p_for_hostname.utf8().get_data()); - mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, NULL); + mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, nullptr); mbedtls_ssl_set_timer_cb(ssl_ctx->get_context(), &timer, mbedtls_timing_set_delay, mbedtls_timing_get_delay); status = STATUS_HANDSHAKING; @@ -154,7 +154,7 @@ Error PacketPeerMbedDTLS::accept_peer(Ref<PacketPeerUDP> p_base, Ref<CryptoKey> ERR_FAIL_V_MSG(FAILED, "Error setting DTLS client cookie"); } - mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, NULL); + mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, nullptr); mbedtls_ssl_set_timer_cb(ssl_ctx->get_context(), &timer, mbedtls_timing_set_delay, mbedtls_timing_get_delay); status = STATUS_HANDSHAKING; @@ -223,7 +223,7 @@ void PacketPeerMbedDTLS::poll() { ERR_FAIL_COND(!base.is_valid()); - int ret = mbedtls_ssl_read(ssl_ctx->get_context(), NULL, 0); + int ret = mbedtls_ssl_read(ssl_ctx->get_context(), nullptr, 0); if (ret < 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) { @@ -292,6 +292,6 @@ void PacketPeerMbedDTLS::initialize_dtls() { } void PacketPeerMbedDTLS::finalize_dtls() { - _create = NULL; + _create = nullptr; available = false; } diff --git a/modules/mbedtls/register_types.h b/modules/mbedtls/register_types.h index f179d39438..90c81b1682 100755 --- a/modules/mbedtls/register_types.h +++ b/modules/mbedtls/register_types.h @@ -28,5 +28,10 @@ /* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ /*************************************************************************/ +#ifndef MBEDTLS_REGISTER_TYPES_H +#define MBEDTLS_REGISTER_TYPES_H + void register_mbedtls_types(); void unregister_mbedtls_types(); + +#endif // MBEDTLS_REGISTER_TYPES_H diff --git a/modules/mbedtls/ssl_context_mbedtls.cpp b/modules/mbedtls/ssl_context_mbedtls.cpp index 52630bd98c..1ffb9bda05 100644 --- a/modules/mbedtls/ssl_context_mbedtls.cpp +++ b/modules/mbedtls/ssl_context_mbedtls.cpp @@ -53,7 +53,7 @@ Error CookieContextMbedTLS::setup() { mbedtls_ssl_cookie_init(&cookie_ctx); inited = true; - int ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0); + int ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, nullptr, 0); if (ret != 0) { clear(); // Never leave unusable resources around. ERR_FAIL_V_MSG(FAILED, "mbedtls_ctr_drbg_seed returned an error " + itos(ret)); @@ -94,7 +94,7 @@ Error SSLContextMbedTLS::_setup(int p_endpoint, int p_transport, int p_authmode) mbedtls_entropy_init(&entropy); inited = true; - int ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0); + int ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, nullptr, 0); if (ret != 0) { clear(); // Never leave unusable resources around. ERR_FAIL_V_MSG(FAILED, "mbedtls_ctr_drbg_seed returned an error " + itos(ret)); @@ -134,7 +134,7 @@ Error SSLContextMbedTLS::init_server(int p_transport, int p_authmode, Ref<Crypto } // Adding CA chain if available. if (certs->cert.next) { - mbedtls_ssl_conf_ca_chain(&conf, certs->cert.next, NULL); + mbedtls_ssl_conf_ca_chain(&conf, certs->cert.next, nullptr); } // DTLS Cookies if (p_transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { @@ -153,7 +153,7 @@ Error SSLContextMbedTLS::init_client(int p_transport, int p_authmode, Ref<X509Ce Error err = _setup(MBEDTLS_SSL_IS_CLIENT, p_transport, p_authmode); ERR_FAIL_COND_V(err != OK, err); - X509CertificateMbedTLS *cas = NULL; + X509CertificateMbedTLS *cas = nullptr; if (p_valid_cas.is_valid()) { // Locking CA certificates @@ -163,14 +163,14 @@ Error SSLContextMbedTLS::init_client(int p_transport, int p_authmode, Ref<X509Ce } else { // Fall back to default certificates (no need to lock those). cas = CryptoMbedTLS::get_default_certificates(); - if (cas == NULL) { + if (cas == nullptr) { clear(); ERR_FAIL_V_MSG(ERR_UNCONFIGURED, "SSL module failed to initialize!"); } } // Set valid CAs - mbedtls_ssl_conf_ca_chain(&conf, &(cas->cert), NULL); + mbedtls_ssl_conf_ca_chain(&conf, &(cas->cert), nullptr); mbedtls_ssl_setup(&ssl, &conf); return OK; } @@ -195,7 +195,7 @@ void SSLContextMbedTLS::clear() { } mbedtls_ssl_context *SSLContextMbedTLS::get_context() { - ERR_FAIL_COND_V(!inited, NULL); + ERR_FAIL_COND_V(!inited, nullptr); return &ssl; } diff --git a/modules/mbedtls/stream_peer_mbedtls.cpp b/modules/mbedtls/stream_peer_mbedtls.cpp index 03c5922267..983095c536 100755 --- a/modules/mbedtls/stream_peer_mbedtls.cpp +++ b/modules/mbedtls/stream_peer_mbedtls.cpp @@ -35,11 +35,11 @@ int StreamPeerMbedTLS::bio_send(void *ctx, const unsigned char *buf, size_t len) { - if (buf == NULL || len <= 0) return 0; + if (buf == nullptr || len <= 0) return 0; StreamPeerMbedTLS *sp = (StreamPeerMbedTLS *)ctx; - ERR_FAIL_COND_V(sp == NULL, 0); + ERR_FAIL_COND_V(sp == nullptr, 0); int sent; Error err = sp->base->put_partial_data((const uint8_t *)buf, len, sent); @@ -54,11 +54,11 @@ int StreamPeerMbedTLS::bio_send(void *ctx, const unsigned char *buf, size_t len) int StreamPeerMbedTLS::bio_recv(void *ctx, unsigned char *buf, size_t len) { - if (buf == NULL || len <= 0) return 0; + if (buf == nullptr || len <= 0) return 0; StreamPeerMbedTLS *sp = (StreamPeerMbedTLS *)ctx; - ERR_FAIL_COND_V(sp == NULL, 0); + ERR_FAIL_COND_V(sp == nullptr, 0); int got; Error err = sp->base->get_partial_data((uint8_t *)buf, len, got); @@ -112,7 +112,7 @@ Error StreamPeerMbedTLS::connect_to_stream(Ref<StreamPeer> p_base, bool p_valida ERR_FAIL_COND_V(err != OK, err); mbedtls_ssl_set_hostname(ssl_ctx->get_context(), p_for_hostname.utf8().get_data()); - mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, NULL); + mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, nullptr); status = STATUS_HANDSHAKING; @@ -133,7 +133,7 @@ Error StreamPeerMbedTLS::accept_stream(Ref<StreamPeer> p_base, Ref<CryptoKey> p_ base = p_base; - mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, NULL); + mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, nullptr); status = STATUS_HANDSHAKING; @@ -320,5 +320,5 @@ void StreamPeerMbedTLS::initialize_ssl() { void StreamPeerMbedTLS::finalize_ssl() { available = false; - _create = NULL; + _create = nullptr; } |