1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-11 21:41:47 +03:00
Commit Graph

4287 Commits

Author SHA1 Message Date
105031b1e1 asn1_write documentation: say that integers must be non-negative
The documentation never said it explicitly, but the ASN.1 library
doesn't support negative integers. Say it explicitly.

Also fix a copypasta error.
2019-09-11 15:46:45 +02:00
bcbe1dfb23 Improve the documentation of ASN.1 parsing functions
Document preconditions on parameters, values changed through pointers,
and error codes.

This commit leaves some issues regarding integers (especially negative
integers) open, because we don't have a policy decision on how to
handle them yet.
2019-09-11 15:46:44 +02:00
4c61c1a736 Move psa_destroy_key and psa_copy_key to Key Management section 2019-09-11 14:40:51 +01:00
9298dca14d Merge pull request #185 from gilles-peskine-arm/harvard-md
Remove method dispatch from md
2019-09-10 18:38:39 +01:00
4badc92438 Merge pull request #117 from gilles-peskine-arm/psa_error_code_coverage
PSA return status coverage script
2019-09-10 16:39:23 +01:00
4864eb5bec Merge pull request #247 from athoelke/at-key-handles
Update the behavior of key handles
2019-09-10 14:38:56 +01:00
970629fc9a Fix grammar. 2019-09-09 09:56:34 +01:00
be061337c1 Document more error codes 2019-09-06 19:29:52 +02:00
1983512803 Add backward compatibility alias for PSA_ERROR_CORRUPTION_DETECTED
This was renamed from PSA_ERROR_TAMPERING_DETECTED. Add a backward
compatibility alias in case somebody was already using it.
2019-09-06 17:48:56 +02:00
bfaa718e90 Add cfg dep MBEDTLS_MEMORY_DEBUG->MBEDTLS_MEMORY_BUFFER_ALLOC_C 2019-09-06 07:44:37 -04:00
af46c5f9eb Check dependencies of MBEDTLS_MEMORY_BACKTRACE in check_config.h 2019-09-06 07:40:26 -04:00
92348d1c49 Merge remote-tracking branch 'crypto/development' into development-restricted
* crypto/development: (77 commits)
  all.sh: disable MEMORY_BUFFER_ALLOC in cmake asan build
  Unify gcc and clang cmake flags to test with UBsan
  Add an input check in psa_its_set
  Remove storage errors from psa_generate_random
  Update getting_started.md
  Update based on Jaeden's comments.
  Update getting_started.md
  Fix return code warnings
  Update getting_started.md
  Fix warnings
  Add PSA_ERROR_STORAGE_FAILURE to psa_cipher_generate_iv
  Remove errorneous insert
  Add STORAGE_FAILURE everywhere + add missing codes
  Add storage failure to psa_mac_verify_finish
  Add storage failure to psa_mac_sign_finish
  Add PSA_ERROR_STORAGE_FAILURE to psa_aead_*_setup functions
  Added PSA_ERROR_BAD_STATE to functions with operations
  Added extra bad state case to psa_hash_setup
  Add missing return codes to psa_generate_key
  Add PSA_ERROR_BUFFER_TOO_SMALL to psa_mac_compute
  ...
2019-09-06 08:56:21 +01:00
7c2cc479b0 Merge pull request #213 from adrianlshaw/psa-api-1.0-beta
Update function return codes
2019-09-06 08:53:29 +01:00
75f2c20f9c ECDSA: Explain limitations of constant blinding 2019-09-05 11:18:58 +01:00
1231d210e1 Add warning for alternative ECDSA implementations
Alternative implementations are often hardware accelerators and might
not need an RNG for blinding. But if they do, then we make them misuse
the RNG in the deterministic case.

There are several way around this:
- Exposing a lower level function for replacement. This would be the
optimal solution, but litters the API and is not backward compatible.
- Introducing a new compile time option for replacing the deterministic
function. This would mostly cover the same code as
MBEDTLS_ECDSA_DETERMINISTIC and would be yet another compile time flag.
- Reusing the existing MBEDTLS_ECDSA_DETERMINISTIC macro. This changes
the algorithm used by the PK layer from deterministic to randomised if
the alternative implementation is present.

This commit implements the third option. This is a temporary solution
and should be fixed at the next device driver API change.
2019-09-05 11:18:58 +01:00
e65e0597a8 Deprecate the old deterministic ECDSA function
The current interface does not allow passing an RNG, which is needed for
blinding. Using the scheme's internal HMAC-DRBG results the same
blinding values for the same key and message, diminishing the
effectiveness of the countermeasure. A new function
`mbedtls_ecdsa_det_ext` is available to address this problem.
2019-09-05 11:18:58 +01:00
dca667ac80 Add a safer deterministic ECDSA function
`mbedtls_ecdsa_sign_det` reuses the internal HMAC-DRBG instance to
implement blinding. The advantage of this is that the algorithm is
deterministic too, not just the resulting signature. The drawback is
that the blinding is always the same for the same key and message.
This diminishes the efficiency of blinding and leaks information about
the private key.

A function that takes external randomness fixes this weakness.
2019-09-05 11:18:58 +01:00
8619f8cd07 Remove storage errors from psa_generate_random 2019-09-05 10:37:22 +01:00
de183416f8 Update the behavior of key handles
* open output distinct key handles
* each handle must be closed
* destroying a key does not invalidate other handles
* closing a key can/might fail an active operation (but not required)
2019-09-05 09:38:06 +01:00
3b5975641e Fix return code warnings
- Remove STORAGE_FAILURE from hash and abort functions
- Remove BUFFER_TOO_SMALL from psa_mac_verify
2019-09-04 19:20:32 +01:00
8096969905 Merge pull request #139 from Patater/des-faster-and-typo-fix
Make DES self-test faster, and fix a typo
2019-09-04 12:18:39 +01:00
fa2cefa001 Fix warnings 2019-09-04 11:36:15 +01:00
f483973c37 Add PSA_ERROR_STORAGE_FAILURE to psa_cipher_generate_iv 2019-09-04 11:35:32 +01:00
599c712668 Remove errorneous insert 2019-09-04 11:35:32 +01:00
1505b2108a Add STORAGE_FAILURE everywhere + add missing codes 2019-09-04 11:35:32 +01:00
1f1e1a5253 Add storage failure to psa_mac_verify_finish 2019-09-04 11:35:32 +01:00
56b32b126c Add storage failure to psa_mac_sign_finish 2019-09-04 11:35:32 +01:00
22bc8fff0c Add PSA_ERROR_STORAGE_FAILURE to psa_aead_*_setup functions 2019-09-04 11:35:06 +01:00
8f7cd1ee55 Added PSA_ERROR_BAD_STATE to functions with operations
In the case that the operation object has not been initialized
appropriately.
2019-09-04 11:34:22 +01:00
97d3bc3674 Added extra bad state case to psa_hash_setup 2019-09-04 11:34:22 +01:00
2364924619 Add missing return codes to psa_generate_key 2019-09-04 11:34:22 +01:00
1f42a84a13 Add PSA_ERROR_BUFFER_TOO_SMALL to psa_mac_compute 2019-09-04 11:33:32 +01:00
650229ba38 Added PSA_ERROR_STORAGE_FAILURE to psa_mac_compute
In case the key could not be retrieved from
storage.
2019-09-04 11:31:14 +01:00
2a889781c5 Add PSA_ERROR_STORAGE_FAILURE to psa_export_public_key
The same reason that it is included in psa_export_key
2019-09-04 11:31:14 +01:00
11638b99a0 Added PSA_ERROR_INSUFFICIENT_MEMORY to psa_export_public_key
For the same reasons that psa_export_key can fail with this error
2019-09-04 11:31:14 +01:00
7f1863c905 Add PSA_ERROR_INSUFFICIENT_MEMORY to psa_export_key
It may be possible that the implementation runs out of
memory when exporting a key from storage or a secure
element. For example, it may not be possible to directly
move the data from storage to the caller, so the implementation
will have to buffer the material temporarily (an issue if dynamic
memory allocation scheme is used). For a large key
this is more likely to return.
2019-09-04 11:31:14 +01:00
15731c1422 Added PSA_ERROR_STORAGE_FAILURE to psa_export_key
It may be possible that an implementation does not
fetch key material until a command like
this is called and such an error may occur if an
off-chip secure storage dependency may have been wiped.
2019-09-04 11:31:14 +01:00
23c006f45e Added missing return codes to get_key_attributes
Note that PSA_ERROR_NOT_PERMITTED is not included
because I can't think of a scenario where you have
a valid key handle but aren't allowed to read the
attributes
2019-09-04 11:31:14 +01:00
39797aa34c Fix erroneous cut and paste 2019-09-04 11:30:18 +01:00
fbf7f121f9 Separate return codes for unsupported and invalid algorithms 2019-09-04 11:30:18 +01:00
66200c4e98 Add PSA_ERROR_STORAGE_FAILURE to psa_cipher_generate_iv 2019-09-04 11:30:18 +01:00
f97c8523ee Add CORRUPTION_DETECTED to psa_close_key 2019-09-04 11:30:18 +01:00
6725757cec Remove errorneous insert 2019-09-04 11:30:18 +01:00
484ba88a0f Add STORAGE_FAILURE everywhere + add missing codes 2019-09-04 11:30:18 +01:00
dc5bf5c8e7 Add storage failure to (encrypt/decrypt)_setup 2019-09-04 11:30:18 +01:00
d9e9024885 Add storage failure to psa_mac_verify_finish 2019-09-04 11:30:18 +01:00
263223689f Add storage failure to psa_mac_sign_finish 2019-09-04 11:30:18 +01:00
8d0bcf27ec Add PSA_ERROR_INVALID_ARGUMENT to psa_hash_compare 2019-09-04 11:30:17 +01:00
df3c7ac645 Remove trailing whitespace 2019-09-04 11:30:17 +01:00
d789dc13da Added a few more return codes 2019-09-04 11:30:17 +01:00