lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity
16,030 Commits 176 Branches 276 Tags
2c78f980711481f70478d9e3a3d08ca15c59f52c
Commit Graph

16030 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Rodgman
e1a97cb3eb Merge pull request #847 from ARMmbed/mbedtls-2.27.0_merge_into_release 
Mbedtls 2.27.0 merge into release
 2021-07-07 11:18:19 +01:00
Gilles Peskine
3008c58df9 Speed up the generation of storage format test cases 
Restore the optimization done in
 HEAD^{/Speed up the generation of storage format test cases}
which was lost during refactoring made when adding support for
implicit usage flags.

There are still more than one call to the C compiler, but the extra
calls are only for some key usage test cases.

This is an internal refactoring. This commit does not change the
output of generate_psa_tests.py

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-07-06 21:08:46 +02:00
Dave Rodgman
f71e287808 Merge pull request #843 from paul-elliott-arm/mbedtls-2.27.0rc0-pr 
Mbedtls 2.27.0rc0 pr
v2.27.0 mbedtls-2.27.0 		2021-07-06 12:59:58 +01:00
Dave Rodgman
4614cb175d Fix Changelog indentation 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-07-05 18:50:01 +01:00
Dave Rodgman
699ccf83db Fix indentation in the Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-07-05 18:10:27 +01:00
Paul Elliott
610a9cc43f Bump SO version for libmbedcrypto 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-07-02 14:59:26 +01:00
Paul Elliott
f3e1a25ef8 Revert ChangeLog change 
_ALT was actually more accurate than alternative when describing
implementations in this case.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-07-02 14:28:53 +01:00
Paul Elliott
40d3fd389a Grammar and typo changelog cleanup 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-07-02 11:08:07 +01:00
Paul Elliott
46c0cf7dfe Actually remove compiled changelog entries 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-07-02 08:29:33 +01:00
Paul Elliott
3ca4892432 Update changelog to cover #4197 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-07-01 18:08:30 +01:00
Paul Elliott
d925ee0a6e Set ChangeLog version and release date 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-07-01 17:58:07 +01:00
Paul Elliott
bece7374ce Bump Library Version Number 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-07-01 17:52:07 +01:00
Paul Elliott
671233280e Build aggregated ChangeLog 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-07-01 17:37:55 +01:00
Paul Elliott
4128c2032e Merge remote-tracking branch 'restricted/development_2.x-restricted' into mbedtls-2.27.0rc0-pr 2021-07-01 17:26:38 +01:00
Dave Rodgman
ba940cc695 Merge pull request #4182 from gabor-mezei-arm/3258_implement_one-shot_MAC_and_cipher 
[Backport 2.x] Implement one-shot cipher
 2021-06-30 17:04:11 +01:00
Dave Rodgman
af9b4841fb Merge pull request #4605 from gabor-mezei-arm/3267_sign_verify_key_policies 
[Backport 2.x] Key policy extension for PSA_KEY_USAGE_SIGN/VERIFY_HASH
 2021-06-30 14:51:03 +01:00
gabor-mezei-arm
e4be8a3bea Remove obsolete comment 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-30 10:34:28 +02:00
gabor-mezei-arm
05dac4a20b Give a better name for struct member 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-30 10:31:18 +02:00
Dave Rodgman
0a4046e9ca Merge pull request #4736 from daverodgman/alert_bugfixes_2.x 
Backport 2.x: Fix alert raised for invalid fragment length
 2021-06-30 09:02:49 +01:00
Dave Rodgman
7ed75e21c9 Correct required config flag in ECJPAKE tests 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-29 21:15:58 +01:00
gabor-mezei-arm
252304594b Fix minor issues 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 19:06:30 +02:00
gabor-mezei-arm
a3669ac7e7 Restoring the multi-part cipher_verify_output() testing 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 18:58:42 +02:00
Gilles Peskine
bdba86f4d5 Merge pull request #4718 from nick-child-ibm/hash_len_devel 
Backport 2.x: pk.c: Ensure min hash_len in pk_hashlen_helper
 2021-06-29 18:16:51 +02:00
gabor-mezei-arm
3ea27325c9 Fix pylint issue 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 17:21:21 +02:00
gabor-mezei-arm
809634d5d9 Check the return status of the functions first 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 16:49:51 +02:00
gabor-mezei-arm
42373bdde7 Add buffer overflow check 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 16:49:51 +02:00
gabor-mezei-arm
6f8d43df20 Remove invalid buffer overflow check 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 16:39:49 +02:00
Dave Rodgman
0dfb7dbe15 TLS UNSUPPORTED_EXTENSION error code changes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-29 15:21:44 +01:00
Dave Rodgman
de8c91bbae Improve Changelog for TLS alert codes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-29 14:43:09 +01:00
gabor-mezei-arm
ea840dea61 Return iterator instead of list 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 15:42:57 +02:00
gabor-mezei-arm
912eca3847 Rename function 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 15:39:56 +02:00
Nick Child
8930e14f3a test_suite_pk.function: Do not use MD_MAX_SIZE 
In order to for tests to pass from the previous commit (which it mandatory for all pk verify/sign
functions to be given a hash_len that is exactly equal to the message digest length of md_alg) the
hash_len that is supplied to the fucntion cannot be MBEDTLS_MD_MAX_SIZE. This would result in all tests failing. Since the md alg for all of these funtions are SHA256, we can use mbedtls functions to get
the required length of a SHA256 digest (32 bytes). Then that number can be used for allocating the
hash buffer.

Signed-off-by: Nick Child <nick.child@ibm.com>
 2021-06-29 09:31:06 -04:00
Nick Child
b6d5693be2 pk.c: Ensure hash_len equals hash in pk_hashlen_helper 
The function `pk_hashlen_helper` exists to ensure a valid hash_len is
used in pk_verify and pk_sign functions. This function has been
used to adjust to the corrsponding hash_len if the user passes in 0
for the hash_len argument based on the md algorithm given. If the user
does not pass in 0 as the hash_len, then it is not adjusted. This is
problematic if the user gives a hash_len and hash buffer that is less than the
associated length of the md algorithm. This error would go unchecked
and eventually lead to buffer overread when given to specific pk_sign/verify
functions, since they both ignore the hash_len argument if md_alg is not MBEDTLS_MD_NONE.

This commit, adds a conditional to `pk_hashlen_helper` so that an
error is thrown if the user specifies a hash_length (not 0) and it is
not equal to the expected for the associated message digest algorithm.
This aligns better with the api documentation where it states "If
hash_len is 0, then the length associated with md_alg is used instead,
or an error returned if it is invalid"

Signed-off-by: Nick Child <nick.child@ibm.com>
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
 2021-06-29 09:31:06 -04:00
gabor-mezei-arm
e4b7499f74 Refactor handlibg of the key usage flags 
Move implicit usage flags handling to the StorageKey class.
Create a subclass for test case data.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 15:29:24 +02:00
gabor-mezei-arm
61739e3fd3 Fix changelog entry 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 11:22:34 +02:00
gabor-mezei-arm
5071a2e30e Use regexp pattern instaed of string 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 11:19:41 +02:00
gabor-mezei-arm
7e0d724d40 Keep the imported classes sorted 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 11:17:14 +02:00
gabor-mezei-arm
7b302089b1 Update key policy testing test cases 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 11:08:47 +02:00
gabor-mezei-arm
5eca4f2bb5 Rename test cases 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 11:07:34 +02:00
gabor-mezei-arm
659af9e2f3 Remove unneeded test case parameter 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 11:06:16 +02:00
Dave Rodgman
dd5f624f32 Fix TLS alert codes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-29 09:45:08 +01:00
gabor-mezei-arm
7a163603ea Add changelog entry 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-28 21:36:58 +02:00
gabor-mezei-arm
805c735a8b Move key type validation to crypto_knowledge 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-28 21:36:58 +02:00
gabor-mezei-arm
5ea30377d3 Refactor key generation 
Remove the key builder and use iterator instead of lists.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-28 21:36:58 +02:00
gabor-mezei-arm
acfcc18697 Rename variables and funcions 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-28 19:39:31 +02:00
gabor-mezei-arm
e84d321317 Use string in dict instead of Expr object 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-28 16:54:11 +02:00
gabor-mezei-arm
4781263704 Remove unnecessary test cases 
It is enough only one test case for a key type, algorithm pair when
testing the implicit usage flags.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-28 16:41:36 +02:00
gabor-mezei-arm
927742ec71 Add better name for variables 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-28 16:41:35 +02:00
gabor-mezei-arm
705c452fd0 Simplify code 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-28 16:41:35 +02:00
gabor-mezei-arm
6c18541a5e Fix comment 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-28 16:41:31 +02:00