summaryrefslogtreecommitdiff
path: root/modules/mbedtls
diff options
context:
space:
mode:
Diffstat (limited to 'modules/mbedtls')
-rw-r--r--modules/mbedtls/crypto_mbedtls.cpp23
-rw-r--r--modules/mbedtls/crypto_mbedtls.h1
-rw-r--r--modules/mbedtls/dtls_server_mbedtls.cpp4
-rw-r--r--modules/mbedtls/packet_peer_mbed_dtls.cpp12
-rw-r--r--modules/mbedtls/ssl_context_mbedtls.h8
-rw-r--r--modules/mbedtls/stream_peer_mbedtls.cpp6
-rw-r--r--modules/mbedtls/tests/test_crypto_mbedtls.cpp2
7 files changed, 32 insertions, 24 deletions
diff --git a/modules/mbedtls/crypto_mbedtls.cpp b/modules/mbedtls/crypto_mbedtls.cpp
index 73931b0365..2522f1bb11 100644
--- a/modules/mbedtls/crypto_mbedtls.cpp
+++ b/modules/mbedtls/crypto_mbedtls.cpp
@@ -30,7 +30,7 @@
#include "crypto_mbedtls.h"
-#include "core/os/file_access.h"
+#include "core/io/file_access.h"
#include "core/config/engine.h"
#include "core/config/project_settings.h"
@@ -58,7 +58,7 @@ Error CryptoKeyMbedTLS::load(String p_path, bool p_public_only) {
FileAccess *f = FileAccess::open(p_path, FileAccess::READ);
ERR_FAIL_COND_V_MSG(!f, ERR_INVALID_PARAMETER, "Cannot open CryptoKeyMbedTLS file '" + p_path + "'.");
- int flen = f->get_len();
+ uint64_t flen = f->get_length();
out.resize(flen + 1);
f->get_buffer(out.ptrw(), flen);
out.write[flen] = 0; // string terminator
@@ -146,7 +146,7 @@ Error X509CertificateMbedTLS::load(String p_path) {
FileAccess *f = FileAccess::open(p_path, FileAccess::READ);
ERR_FAIL_COND_V_MSG(!f, ERR_INVALID_PARAMETER, "Cannot open X509CertificateMbedTLS file '" + p_path + "'.");
- int flen = f->get_len();
+ uint64_t flen = f->get_length();
out.resize(flen + 1);
f->get_buffer(out.ptrw(), flen);
out.write[flen] = 0; // string terminator
@@ -249,6 +249,13 @@ PackedByteArray HMACContextMbedTLS::finish() {
return out;
}
+HMACContextMbedTLS::~HMACContextMbedTLS() {
+ if (ctx != nullptr) {
+ mbedtls_md_free((mbedtls_md_context_t *)ctx);
+ memfree((mbedtls_md_context_t *)ctx);
+ }
+}
+
Crypto *CryptoMbedTLS::create() {
return memnew(CryptoMbedTLS);
}
@@ -324,7 +331,7 @@ void CryptoMbedTLS::load_default_certificates(String p_path) {
Ref<CryptoKey> CryptoMbedTLS::generate_rsa(int p_bytes) {
Ref<CryptoKeyMbedTLS> out;
- out.instance();
+ out.instantiate();
int ret = mbedtls_pk_setup(&(out->pkey), mbedtls_pk_info_from_type(MBEDTLS_PK_RSA));
ERR_FAIL_COND_V(ret != 0, nullptr);
ret = mbedtls_rsa_gen_key(mbedtls_pk_rsa(out->pkey), mbedtls_ctr_drbg_random, &ctr_drbg, p_bytes, 65537);
@@ -366,7 +373,7 @@ Ref<X509Certificate> CryptoMbedTLS::generate_self_signed_certificate(Ref<CryptoK
buf[4095] = '\0'; // Make sure strlen can't fail.
Ref<X509CertificateMbedTLS> out;
- out.instance();
+ out.instantiate();
out->load_from_memory(buf, strlen((char *)buf) + 1); // Use strlen to find correct output size.
return out;
}
@@ -409,7 +416,7 @@ Vector<uint8_t> CryptoMbedTLS::sign(HashingContext::HashType p_hash_type, Vector
int ret = mbedtls_pk_sign(&(key->pkey), type, p_hash.ptr(), size, buf, &sig_size, mbedtls_ctr_drbg_random, &ctr_drbg);
ERR_FAIL_COND_V_MSG(ret, out, "Error while signing: " + itos(ret));
out.resize(sig_size);
- copymem(out.ptrw(), buf, sig_size);
+ memcpy(out.ptrw(), buf, sig_size);
return out;
}
@@ -432,7 +439,7 @@ Vector<uint8_t> CryptoMbedTLS::encrypt(Ref<CryptoKey> p_key, Vector<uint8_t> p_p
int ret = mbedtls_pk_encrypt(&(key->pkey), p_plaintext.ptr(), p_plaintext.size(), buf, &size, sizeof(buf), mbedtls_ctr_drbg_random, &ctr_drbg);
ERR_FAIL_COND_V_MSG(ret, out, "Error while encrypting: " + itos(ret));
out.resize(size);
- copymem(out.ptrw(), buf, size);
+ memcpy(out.ptrw(), buf, size);
return out;
}
@@ -446,6 +453,6 @@ Vector<uint8_t> CryptoMbedTLS::decrypt(Ref<CryptoKey> p_key, Vector<uint8_t> p_c
int ret = mbedtls_pk_decrypt(&(key->pkey), p_ciphertext.ptr(), p_ciphertext.size(), buf, &size, sizeof(buf), mbedtls_ctr_drbg_random, &ctr_drbg);
ERR_FAIL_COND_V_MSG(ret, out, "Error while decrypting: " + itos(ret));
out.resize(size);
- copymem(out.ptrw(), buf, size);
+ memcpy(out.ptrw(), buf, size);
return out;
}
diff --git a/modules/mbedtls/crypto_mbedtls.h b/modules/mbedtls/crypto_mbedtls.h
index 5ced4d136c..afa1ea7a64 100644
--- a/modules/mbedtls/crypto_mbedtls.h
+++ b/modules/mbedtls/crypto_mbedtls.h
@@ -119,6 +119,7 @@ public:
virtual PackedByteArray finish();
HMACContextMbedTLS() {}
+ ~HMACContextMbedTLS();
};
class CryptoMbedTLS : public Crypto {
diff --git a/modules/mbedtls/dtls_server_mbedtls.cpp b/modules/mbedtls/dtls_server_mbedtls.cpp
index 5d895d8579..b1b6b3844b 100644
--- a/modules/mbedtls/dtls_server_mbedtls.cpp
+++ b/modules/mbedtls/dtls_server_mbedtls.cpp
@@ -45,7 +45,7 @@ void DTLSServerMbedTLS::stop() {
Ref<PacketPeerDTLS> DTLSServerMbedTLS::take_connection(Ref<PacketPeerUDP> p_udp_peer) {
Ref<PacketPeerMbedDTLS> out;
- out.instance();
+ out.instantiate();
ERR_FAIL_COND_V(!out.is_valid(), out);
ERR_FAIL_COND_V(!p_udp_peer.is_valid(), out);
@@ -68,7 +68,7 @@ void DTLSServerMbedTLS::finalize() {
}
DTLSServerMbedTLS::DTLSServerMbedTLS() {
- _cookies.instance();
+ _cookies.instantiate();
}
DTLSServerMbedTLS::~DTLSServerMbedTLS() {
diff --git a/modules/mbedtls/packet_peer_mbed_dtls.cpp b/modules/mbedtls/packet_peer_mbed_dtls.cpp
index 8a6cdfb131..114bf49e9e 100644
--- a/modules/mbedtls/packet_peer_mbed_dtls.cpp
+++ b/modules/mbedtls/packet_peer_mbed_dtls.cpp
@@ -31,8 +31,8 @@
#include "packet_peer_mbed_dtls.h"
#include "mbedtls/platform_util.h"
+#include "core/io/file_access.h"
#include "core/io/stream_peer_ssl.h"
-#include "core/os/file_access.h"
int PacketPeerMbedDTLS::bio_send(void *ctx, const unsigned char *buf, size_t len) {
if (buf == nullptr || len <= 0) {
@@ -74,7 +74,7 @@ int PacketPeerMbedDTLS::bio_recv(void *ctx, unsigned char *buf, size_t len) {
if (err != OK) {
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
}
- copymem(buf, buffer, buffer_size);
+ memcpy(buf, buffer, buffer_size);
return buffer_size;
}
@@ -87,10 +87,10 @@ void PacketPeerMbedDTLS::_cleanup() {
int PacketPeerMbedDTLS::_set_cookie() {
// Setup DTLS session cookie for this client
uint8_t client_id[18];
- IP_Address addr = base->get_packet_address();
+ IPAddress addr = base->get_packet_address();
uint16_t port = base->get_packet_port();
- copymem(client_id, addr.get_ipv6(), 16);
- copymem(&client_id[16], (uint8_t *)&port, 2);
+ memcpy(client_id, addr.get_ipv6(), 16);
+ memcpy(&client_id[16], (uint8_t *)&port, 2);
return mbedtls_ssl_set_client_transport_id(ssl_ctx->get_context(), client_id, 18);
}
@@ -245,7 +245,7 @@ int PacketPeerMbedDTLS::get_max_packet_size() const {
}
PacketPeerMbedDTLS::PacketPeerMbedDTLS() {
- ssl_ctx.instance();
+ ssl_ctx.instantiate();
}
PacketPeerMbedDTLS::~PacketPeerMbedDTLS() {
diff --git a/modules/mbedtls/ssl_context_mbedtls.h b/modules/mbedtls/ssl_context_mbedtls.h
index 30632018a8..1b55a54a10 100644
--- a/modules/mbedtls/ssl_context_mbedtls.h
+++ b/modules/mbedtls/ssl_context_mbedtls.h
@@ -33,9 +33,9 @@
#include "crypto_mbedtls.h"
-#include "core/os/file_access.h"
+#include "core/io/file_access.h"
-#include "core/object/reference.h"
+#include "core/object/ref_counted.h"
#include <mbedtls/config.h>
#include <mbedtls/ctr_drbg.h>
@@ -46,7 +46,7 @@
class SSLContextMbedTLS;
-class CookieContextMbedTLS : public Reference {
+class CookieContextMbedTLS : public RefCounted {
friend class SSLContextMbedTLS;
protected:
@@ -63,7 +63,7 @@ public:
~CookieContextMbedTLS();
};
-class SSLContextMbedTLS : public Reference {
+class SSLContextMbedTLS : public RefCounted {
protected:
bool inited = false;
diff --git a/modules/mbedtls/stream_peer_mbedtls.cpp b/modules/mbedtls/stream_peer_mbedtls.cpp
index b39a6ecc2f..5727f5f82f 100644
--- a/modules/mbedtls/stream_peer_mbedtls.cpp
+++ b/modules/mbedtls/stream_peer_mbedtls.cpp
@@ -30,8 +30,8 @@
#include "stream_peer_mbedtls.h"
+#include "core/io/file_access.h"
#include "core/io/stream_peer_tcp.h"
-#include "core/os/file_access.h"
int StreamPeerMbedTLS::bio_send(void *ctx, const unsigned char *buf, size_t len) {
if (buf == nullptr || len <= 0) {
@@ -242,7 +242,7 @@ void StreamPeerMbedTLS::poll() {
return;
}
- // We could pass NULL as second parameter, but some behaviour sanitizers don't seem to like that.
+ // We could pass nullptr as second parameter, but some behaviour sanitizers don't seem to like that.
// Passing a 1 byte buffer to workaround it.
uint8_t byte;
int ret = mbedtls_ssl_read(ssl_ctx->get_context(), &byte, 0);
@@ -273,7 +273,7 @@ int StreamPeerMbedTLS::get_available_bytes() const {
}
StreamPeerMbedTLS::StreamPeerMbedTLS() {
- ssl_ctx.instance();
+ ssl_ctx.instantiate();
}
StreamPeerMbedTLS::~StreamPeerMbedTLS() {
diff --git a/modules/mbedtls/tests/test_crypto_mbedtls.cpp b/modules/mbedtls/tests/test_crypto_mbedtls.cpp
index 4217497082..8762838883 100644
--- a/modules/mbedtls/tests/test_crypto_mbedtls.cpp
+++ b/modules/mbedtls/tests/test_crypto_mbedtls.cpp
@@ -28,7 +28,7 @@
/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */
/*************************************************************************/
-#include "modules/mbedtls/tests/test_crypto_mbedtls.h"
+#include "test_crypto_mbedtls.h"
#include "modules/mbedtls/crypto_mbedtls.h"
#include "tests/test_macros.h"
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-30 14:12:37 +0000