lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity
20,973 Commits 176 Branches 276 Tags
e09aff8f5a46cba41a280739d23fa44ec0940f15
Commit Graph

1110 Commits

Author SHA1 Message Date
gabor-mezei-arm
258ae07fb0 Add checks for buffer size 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 19:49:00 +02:00
gabor-mezei-arm
6f4e5bbe37 Initialize output buffer length to 0 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 19:49:00 +02:00
gabor-mezei-arm
0dfeaaf5c9 Remove confising comments 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 19:49:00 +02:00
gabor-mezei-arm
9951b50b8a Remove comments 
These comment cannot bring more information than the code does.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 19:49:00 +02:00
gabor-mezei-arm
a9449a0b07 Dispatch cipher functions through the driver interface 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 19:48:59 +02:00
gabor-mezei-arm
ba0fa75eae Implement one-shot cipher 
Implement one-shot cipher APIs, psa_cipher_encrypt and psa_cipher_decrypt, introduced in PSA Crypto API 1.0.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 19:14:34 +02:00
Ronald Cron
8682faeb09 Merge pull request #4694 from gilles-peskine-arm/out_size-3.0 
Add output size parameter to signature functions
 2021-06-29 09:43:17 +02:00
Dave Rodgman
63ad854de8 Merge pull request #4712 from daverodgman/psa_cipher_and_mac_abort_on_error 
Psa cipher and mac abort on error
 2021-06-25 15:39:59 +01:00
Dave Rodgman
90d1cb83a0 Use more standard label name 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-25 09:09:02 +01:00
Ronald Cron
3698fa1043 Merge pull request #4673 from gilles-peskine-arm/psa_crypto_spm-from_platform_h 
Fix and test the MBEDTLS_PSA_CRYPTO_SPM build
 2021-06-25 09:01:08 +02:00
Gilles Peskine
f9f1bdfa7b Translate MBEDTLS_ERR_PK_BUFFER_TOO_SMALL for PSA 
The error is currently never returned to any function that PSA calls,
but keep mbedtls_to_psa_error up to date in case this changes.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-25 00:46:22 +02:00
Paul Elliott
ed68d7464d Move buffer size checks up to psa_crypto layer 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-24 20:40:47 +01:00
Paul Elliott
c2b7144da0 Simplify logic and factor out initial checks 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-24 20:40:47 +01:00
Paul Elliott
7f429b747b Remove code duplication and fix formatting 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-24 20:40:47 +01:00
Dave Rodgman
8036bddb01 Tidy up logic in psa_mac_sign_finish 
Simplify the logic in psa_mac_sign_finish.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 16:19:08 +01:00
Dave Rodgman
b5dd7c794d Correct coding style issues 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 16:17:43 +01:00
Dave Rodgman
54648243cd Call abort on error in psa_mac/cipher setup 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 11:49:45 +01:00
Dave Rodgman
685b6a742b Update multipart hash operations to abort on error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 11:49:14 +01:00
Dave Rodgman
38e62aebc3 Update cipher and mac functions to abort on error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-23 18:59:17 +01:00
Paul Elliott
95271f10c3 Call set_nonce direct rather than by wrapper 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-23 18:30:20 +01:00
Gilles Peskine
f9a046ecb5 Remove duplicate wipe call in psa_destroy_key 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-23 13:53:56 +02:00
Gilles Peskine
6687cd07f3 Refuse to destroy read-only keys 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-23 13:44:35 +02:00
Paul Elliott
ad53dcc975 Move common final checks to function 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-23 08:51:29 +01:00
Paul Elliott
534d0b4484 Finish / Verify state checks 
Ensure finish only called when encrypting and verify only called for
decrypting, and add tests to ensure this.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 22:14:48 +01:00
Paul Elliott
f88a565f18 Better tag size default for m-aead finish 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 22:14:48 +01:00
Paul Elliott
d89304ebb7 Fix formatting issues 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 22:14:48 +01:00
Paul Elliott
e4030f2cd1 Replace function with macro that already exists 
I wrote a function to determine the base algorithm given a variant,
however this is already implemented by
PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 22:14:48 +01:00
Paul Elliott
7220cae93c Ensure generate nonce unavailable in decrypt 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 22:14:47 +01:00
Paul Elliott
8eb9dafda1 Add generate nonce test 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 16:31:09 +01:00
Gilles Peskine
36ff66c4b4 Merge pull request #4316 from gabor-mezei-arm/3258_implement_one-shot_MAC 
Implement one-shot MAC
 2021-06-22 12:18:25 +02:00
Manuel Pégourié-Gonnard
a805d57261 Merge pull request #4588 from TRodziewicz/remove_MD2_MD4_RC4_Blowfish_and_XTEA 
Remove MD2, MD4, RC4, Blowfish and XTEA
 2021-06-22 09:27:41 +02:00
Ronald Cron
a587cbc3a4 psa: mac: Add driver delegation support for psa_mac_verify() 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-21 09:19:22 +02:00
Ronald Cron
cd989b5598 psa: mac: Introduce psa_mac_compute_internal 
Introduce psa_mac_compute_internal with an
additional `is_sign` parameter compared to
the psa_mac_compute API. The intent is to
call psa_mac_compute_internal() from
psa_mac_verify() as well to compute the
message MAC.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-21 09:19:22 +02:00
Ronald Cron
c3dd75f71b psa: mac: Improve MAC finalization code 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-21 09:19:22 +02:00
Ronald Cron
51131b53fe psa: mac: Add driver delegation support for psa_mac_compute() 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-21 09:19:09 +02:00
Ronald Cron
79bdd82eaa psa: mac: Improve implementation of psa_mac_finalize_alg_and_key_validation() 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-18 22:18:06 +02:00
Ronald Cron
2dff3b2a18 psa: mac: Split psa_mac_setup() 
Split out of psa_mac_setup() the final checks on
the requested algorithm and the key attributes.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-18 22:09:28 +02:00
Ronald Cron
28ea050cf4 psa: mac: Re-organize psa_mac_setup() internal function 
Re-organize psa_mac_setup() to prepare the move
to a dedicated function of the additional checks
on the algorithm and the key attributes done by
this function. We want to move those checks in
a dedicated function to be able to do them
without duplicating them in psa_mac_compute().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-18 21:02:32 +02:00
Gilles Peskine
e96c5854d0 Move the inclusion of crypto_spe.h to psa/crypto_platform.h 
This makes it easier to ensure that crypto_spe.h is included everywhere it
needs to be, and that it's included early enough to do its job (it must be
included before any mention of psa_xxx() functions with external linkage,
because it defines macros to rename these functions).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-17 11:43:58 +02:00
Gilles Peskine
532327b429 Merge pull request #4576 from gilles-peskine-arm/psa_key_derivation-bad_workflow-20210527 
PSA key derivation bad-workflow tests
 2021-06-17 09:55:39 +02:00
gabor-mezei-arm
4076d3e9f3 Implement one-shot MAC functions 
Implement one-shot MAC APIs, psa_mac_compute and psa_mac_verify, introduced in PSA Crypto API 1.0.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-16 16:28:07 +02:00
TRodziewicz
10e8cf5fef Remove MD2, MD4, RC4, Blowfish and XTEA 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-16 10:34:25 +02:00
Gilles Peskine
b1edaec18f Fix missing state check for tls12_prf output 
Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive
about missing inputs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-11 22:41:46 +02:00
Ronald Cron
ea7631be1c Change mbedtls_rsa_set_padding() signature 
mbedtls_rsa_set_padding() now returns the error
code MBEDTLS_ERR_RSA_INVALID_PADDING when
padding parameters are invalid.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-08 14:11:10 +02:00
TRodziewicz
58d6eb5024 Removing unneeded comment 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-02 14:43:11 +02:00
Paul Elliott
40ef3a9454 Fix state logic and return codes 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-01 17:17:58 +01:00
Paul Elliott
b2ce2ed6d8 Merge remote-tracking branch 'upstream/development' into psa-m-aead 
Conflicts:
* None
 2021-06-01 17:13:19 +01:00
TRodziewicz
062f353804 Changes after code review 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-27 17:34:14 +02:00
TRodziewicz
cc7074128a Remove MBEDTLS_CHECK_PARAMS option 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-27 17:33:32 +02:00
Ronald Cron
142c205ffc Merge pull request #4513 from Patater/psa-without-genprime-fix 
psa: Support RSA signature without MBEDTLS_GENPRIME
 2021-05-27 14:19:24 +02:00