lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-08 17:42:09 +03:00
Code Activity
24,020 Commits 174 Branches 272 Tags
sphinx-versioned-documentation
Commit Graph

10612 Commits

Author SHA1 Message Date
Nick Child
6671841d91 pkcs7.c: Do not ignore return value of mbedlts_md 
CI was failing due to the return value of mbedtls_md being ignored.
If this function does fail, return early and propogate the md error.

Signed-off-by: Nick Child <nick.child@ibm.com>
 2022-09-01 19:45:41 -05:00
Nick Child
c448c94fe3 pkcs7: pkcs7_get_content_info_type should reset *p on error 
The function `pkcs7_asn1_get_tag` should return an update pointer only
on success. Currently, the pointer is being updated on a failure case.
This commit resets *p to start if the first call to
mbedtls_asn1_get_tag fails.

Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Nick Child <nick.child@ibm.com>
 2022-09-01 19:45:41 -05:00
Daniel Axtens
aa91d4ef0b pkcs7: build under CMake 
The patch updates CMakeLists.txt to include pkcs7.

Signed-off-by: Daniel Axtens <dja@axtens.net>
 2022-09-01 19:45:41 -05:00
Nayna Jain
673a226698 pkcs7: add support for signed data 
OpenSSL provides APIs to generate only the signted data
format PKCS7 i.e. without content type OID. This patch
adds support to parse the data correctly even if formatted
only as signed data

Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
 2022-09-01 19:45:41 -05:00
Nayna Jain
c9deb184b0 mbedtls: add support for pkcs7 
PKCS7 signing format is used by OpenPOWER Key Management, which is
using mbedtls as its crypto library.

This patch adds the limited support of pkcs7 parser and verification
to the mbedtls. The limitations are:

* Only signed data is supported.
* CRLs are not currently handled.
* Single signer is supported.

Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Eric Richter <erichte@linux.ibm.com>
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
 2022-09-01 19:45:33 -05:00
Andrzej Kurek
e16e6edfce Remove the dependency on MD_MAX_SIZE from PKCS12 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-01 08:57:59 -04:00
Andrzej Kurek
7bd12c5d5e Remove MD dependency from pkcs12 module 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-01 08:57:41 -04:00
Tom Cosgrove
f0b2231fcd Update comments at the end of montmul following Gilles' feedback 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-08-31 17:57:34 +01:00
Tom Cosgrove
5eefc3db3f Move macros to come before function declarations 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-08-31 17:16:50 +01:00
Tom Cosgrove
630110ab23 Fix documentation where ciL should be biL 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-08-31 17:15:04 +01:00
Tom Cosgrove
ed43c6caeb In add_if(), B MAY be aliased to A. Also update another comment for consistency. 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-08-31 17:15:04 +01:00
Tom Cosgrove
9354990a54 Don't use multiplication by condition in even a semi-constant time function 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-08-31 17:15:02 +01:00
Jerry Yu
8253486c4f Add session ticket support for server 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-31 23:24:25 +08:00
Jerry Yu
95699e72f3 Add session ticket identity check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-31 23:24:25 +08:00
Jerry Yu
661dd943b6 Add dummy server name extension paser 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-31 23:24:25 +08:00
Jerry Yu
e976492a11 Add session ticket tests for client 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-31 23:24:25 +08:00
Jerry Yu
e6527512d2 Add obfuscated_ticket_age write 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-31 23:24:25 +08:00
Jerry Yu
49d63f8c36 Implement generate resumption master secret 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-31 23:24:25 +08:00
Jerry Yu
db8c5faed7 Add getting session ticket for client 
- Move ssl_get_psk_to_offer to `ssl_tls13_client.c`
- Rename to `ssl_tls13_get_psk_to_offer`
- Add session ticket parser

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-31 23:24:25 +08:00
Ronald Cron
e00d6d6b55 Merge pull request #6135 from yuhaoth/pr/tls13-finalize-external-psk-negotiation 
TLS 1.3: SRV: Finalize external PSK negotiation
 2022-08-31 17:21:57 +02:00
Tuvshinzaya Erdenekhuu
9077dbfd94 Remove NULL pointer validation in poly1305.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:18:14 +01:00
Tuvshinzaya Erdenekhuu
913819e73f Remove NULL pointer validation in chachapoly.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:18:14 +01:00
Tuvshinzaya Erdenekhuu
6a473b2f17 Remove NULL pointer validation in rsa.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:15:59 +01:00
Tuvshinzaya Erdenekhuu
1c5609df09 Remove NULL pointer validation in dhm.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:15:59 +01:00
Tuvshinzaya Erdenekhuu
5893ab02b6 Re-introduce ENUM validation in sha512.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:15:25 +01:00
Tuvshinzaya Erdenekhuu
3446c2603a Remove NULL pointer validation in sha512.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:15:25 +01:00
Tuvshinzaya Erdenekhuu
696dfb6b1e Re-introduce ENUM validation in sha256.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:15:25 +01:00
Tuvshinzaya Erdenekhuu
df2f560316 Remove NULL pointer validation in sha256.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:15:25 +01:00
Tuvshinzaya Erdenekhuu
6b150ad8fa Remove NULL pointer validation in sha1.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:15:25 +01:00
Tuvshinzaya Erdenekhuu
c6b8a6704e Re-introduce ENUM validation in gcm.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu
505ce0b37e Remove NULL pointer validation in gcm.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu
80a6af6ab5 Re-introduce ENUM validation in cipher.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu
5ce8e52907 Remove NULL pointer validation in cipher.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu
ce8908ed0a Remove NULL pointer validation in chacha20.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu
1fd7f98546 Re-introduce ENUM validation in camellia.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu
6291b131ca Remove NULL pointer validation in camellia.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu
a8ef1565bb Re-introduce ENUM validation in aes.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu
cac11d7797 Remove NULL pointer validation in aes.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:57 +01:00
Tuvshinzaya Erdenekhuu
c388af63e4 Remove extra spacings 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:25 +01:00
Tuvshinzaya Erdenekhuu
dcf9c96274 Remove NULL pointer validation in pkparse.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:25 +01:00
Tuvshinzaya Erdenekhuu
088e936839 Remove NULL pointer validation in pkwrite.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:25 +01:00
Tuvshinzaya Erdenekhuu
78c1d8c299 Re-introduce ENUM validation in pk.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:25 +01:00
Tuvshinzaya Erdenekhuu
26b39c6c6f Remove NULL pointer validation in pk.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:25 +01:00
Neil Armstrong
f19a3cb613 Use the mbedtls_ecjpake_write_shared_key() to input raw shared key material as derivation secret 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
12663092bc Introduce mbedtls_ecjpake_write_shared_key() to export the EC J-PAKE shared key material before the KDF() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
db05cbfb86 Introduce and use mbedtls_ecjpake_to_psa_error() to translate various ECP/MPI errors to expected PSA errors 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
1e855601ca Fix psa_pake_get_implicit_key() state & add corresponding tests in ecjpake_rounds() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
e92311176a Add missing parentheses on return statements 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
5fb07c6a96 No need to check for state in psa_pake_setup() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
a557cb8c8b Fixing XXX_ALG_ECJPAKE to XXX_ALG_JPAKE to match specification 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00