Dave Rodgman
03edc8614f
Fix docs in error.h
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-29 11:06:18 +01:00
Dave Rodgman
bb05cd09b7
Remove MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-29 10:41:06 +01:00
Dave Rodgman
53c8689e88
Introduce new TLS error codes
...
Introduce new codes:
* MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION
* MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL
These are returned when the corresponding alert is raised.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-29 10:02:06 +01:00
Dave Rodgman
096c41111e
Remove MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-29 09:52:06 +01:00
Dave Rodgman
858894056d
Improve changelog
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-29 09:43:55 +01:00
Dave Rodgman
43fcb8d7c1
Address review feedback
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-29 08:57:19 +01:00
Dave Rodgman
e8dbd53966
Update error code for cert parsing failure
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-28 12:35:08 +01:00
Dave Rodgman
5f8c18b0d0
Update error code from ssl_parse_signature_algorithm
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-28 12:35:08 +01:00
Dave Rodgman
8f127397f8
Update alert message for parsing PSK hint
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
b561bedadd
Make MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE more generic
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
77b4a6592a
Address review feedback
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
2fc9a652bc
Address review feedback
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
2e3ecda684
Adust migration guide for SSL error codes
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
90d59dddf5
Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
c3411d4041
Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
9ed1ba5926
Rename MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE
...
New name MBEDTLS_ERR_SSL_BAD_CERTIFICATE
Also, replace some instances of MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE
by MBEDTLS_ERR_SSL_DECODE_ERROR and MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER
as fit.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
5697af0d3d
Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
cbc8f6fd5d
Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
a0ca87eb68
Remove MBEDTLS_ERR_SSL_BAD_HS_FINISHED
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
d200296f17
Remove MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
d934a2aafc
Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
d3eec78258
Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
666b5b45f7
Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
029cc2f97b
Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
b24e74bff7
Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP error code
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
d01fc5f583
Introduce MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE error code
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
241c19707b
Remove MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
bc00044279
Rename MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION
...
New name is MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
93636cce4a
Add MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
2fe5f61e1a
Add generic codes for syntactic and semantic message parsing errors
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Janos Follath
8a88f6274c
Merge pull request #4726 from athoelke/at-pbkdf2-doc-fixes
...
Fixes for PBKDF2 documentation
2021-06-28 09:47:57 +01:00
Dave Rodgman
10bda58b49
Merge pull request #4259 from CJKay/cmake-config
...
Add CMake package config file
2021-06-25 20:32:13 +01:00
Dave Rodgman
63ad854de8
Merge pull request #4712 from daverodgman/psa_cipher_and_mac_abort_on_error
...
Psa cipher and mac abort on error
2021-06-25 15:39:59 +01:00
Gilles Peskine
918708b824
Merge pull request #4729 from paul-elliott-arm/fix_test_illegal_access
...
Fix potential free of uninitialised pointer
2021-06-25 13:43:56 +02:00
Paul Elliott
e57dd2d450
Fix potential free of uninitialised pointer
...
A test was added in that could cause a jump to exit prior to
initialisation of a pointer that would get freed if that test failed.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-25 11:17:12 +01:00
Andrew Thoelke
52d18cd9a4
Remove trailing space
...
Signed-off-by: Andrew Thoelke <andrew.thoelke@arm.com>
2021-06-25 11:03:57 +01:00
Dave Rodgman
90d1cb83a0
Use more standard label name
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-25 09:09:02 +01:00
Ronald Cron
3698fa1043
Merge pull request #4673 from gilles-peskine-arm/psa_crypto_spm-from_platform_h
...
Fix and test the MBEDTLS_PSA_CRYPTO_SPM build
2021-06-25 09:01:08 +02:00
Gilles Peskine
1fed4b8324
Merge pull request #4720 from gilles-peskine-arm/gcm-finish-outlen
...
Add output_length parameter to mbedtls_gcm_finish
2021-06-24 20:02:40 +02:00
Dave Rodgman
6f7105818c
Improve psa_hash_update negative test
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-24 18:15:23 +01:00
Andrew Thoelke
a0f4b595c5
Fixes for PBKDF2 documentation
...
Fix typos in the PBKDF2 documentation
Correct the constraints on PSA_KEY_USAGE_DERIVE and PSA_KEY_USAGE_VERIFY_DERIVATION, aligning them with the note against psa_key_derivation_input_key(). All key inputs must have the required usage flag to permit output or verification.
Correct the constraints on PSA_KEY_DERIVATION_INPUT_SECRET and PSA_KEY_DERIVATION_INPUT_PASSWORD, aligning them with 4feb611
. psa_key_derivation_verify_key() does not require the secret/password input to be a key.
Signed-off-by: Andrew Thoelke <andrew.thoelke@arm.com>
2021-06-24 16:47:14 +01:00
Dave Rodgman
8036bddb01
Tidy up logic in psa_mac_sign_finish
...
Simplify the logic in psa_mac_sign_finish.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-24 16:19:08 +01:00
Dave Rodgman
b5dd7c794d
Correct coding style issues
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-24 16:17:43 +01:00
Dave Rodgman
54648243cd
Call abort on error in psa_mac/cipher setup
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-24 11:49:45 +01:00
Dave Rodgman
685b6a742b
Update multipart hash operations to abort on error
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-24 11:49:14 +01:00
Dave Rodgman
5ae6f7547c
Add negative tests for psa_abort in hash functions
...
Various functions for PSA hash operations call abort
on failure; test that this is done. The PSA spec does not require
this behaviour, but it makes our implementation more robust in
case the user does not abort the operation as required by the
PSA spec.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-24 11:41:05 +01:00
Gilles Peskine
fedd52ca19
Merge pull request #4707 from gilles-peskine-arm/require-matching-hashlen-rsa-implementation
...
Require matching hashlen in RSA functions: implementation
2021-06-24 10:28:20 +02:00
Gilles Peskine
5a7be10419
Add output_length parameter to mbedtls_gcm_finish
...
Without this parameter, it would be hard for callers to know how many bytes
of output the function wrote into the output buffer. It would be possible,
since the cumulated output must have the same length as the cumulated input,
but it would be cumbersome for the caller to keep track.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-23 21:51:32 +02:00
Dave Rodgman
38e62aebc3
Update cipher and mac functions to abort on error
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-23 18:59:17 +01:00
Dave Rodgman
647791da5b
Add negative tests for psa_abort in cipher and mac functions
...
Various functions for PSA cipher and mac operations call abort
on failure; test that this is done. The PSA spec does not require
this behaviour, but it makes our implementation more robust in
case the user does not abort the operation as required by the
PSA spec.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-23 18:59:17 +01:00