Simon Butcher
511526720c
Merge fix for branch SSL client overread
2016-10-13 15:39:09 +01:00
Simon Butcher
de319cb743
Merge branch 'development'
2016-10-13 15:14:04 +01:00
Russ Butler
bb83b42700
Use allocated memory for SHA self tests
...
Reduce the stack usage of the testing framework by dynamically
allocating the memory used for the test.
2016-10-13 15:10:14 +01:00
Janos Follath
e5dc202469
Restore P>Q in RSA key generation ( #558 )
...
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.
This commit restores this behaviour.
2016-10-13 13:54:48 +01:00
Andres AG
314d8a8400
Fix documentation for mbedtls_gcm_finish()
...
Fix implementation and documentation missmatch for the function
arguments to mbedtls_gcm_finish(). Also, removed redundant if condition
that always evaluates to true.
2016-10-13 13:54:47 +01:00
Andres AG
410d3dd3c7
Fix 1 byte overread in mbedtls_asn1_get_int()
2016-10-13 13:54:14 +01:00
Janos Follath
d7b9049806
Fix memory leaks in CMAC tests
2016-10-13 13:53:56 +01:00
Janos Follath
2b3b740574
Remove unnecessary flag from CMAC context
2016-10-13 13:53:33 +01:00
Simon Butcher
c61351df72
Fix issues in CMAC in repeated updates
...
Successive calls to mbedtls_cipher_cmac_update() which weren't block aligned
were failing, which is fixed by this commit.
2016-10-13 13:53:12 +01:00
Simon Butcher
ad882673dc
Fix bracketing in cmac.c
...
The bracketing in some expressions where an assignment was being made in an if statement in cmac.c had been accidentally broken and was causing compiler warnings with armcc.
2016-10-13 13:52:00 +01:00
Andres AG
8254b6c9f3
Clean up of formatting, and potential integer overflow fix
2016-10-13 13:51:13 +01:00
Simon Butcher
2127932fb8
Fixes following review
...
Fixes issue of not zeroing entire block on reset and conditional compilation.
2016-10-13 13:51:12 +01:00
Simon Butcher
f394e09431
Clean up and minor fixes following review
...
Minor fixes following review including:
* formatting changes including indentation and code style
* corrections
* removal of debug code
* clarification of code through variable renaming
* memory leak
* compiler warnings
2016-10-13 13:51:12 +01:00
Simon Butcher
5805fbedcb
Fix CMAC interface for doxygen
...
Parameters didn't match the function definition.
2016-10-13 13:51:12 +01:00
Simon Butcher
8a1a68cb2b
Regenerate error.c file to remove CMAC
2016-10-13 13:51:12 +01:00
Simon Butcher
0c79073a8b
Refactor and change CMAC interface
...
Change the CMAC interface to match the mbedtls_md_hmac_xxxx() interface. This
changes the overall design of the CMAC interface to make it more consistent with
the existing HMAC interface, and will allow incremental updates of input data
rather than requiring all data to be presented at once, which is what the
current interface requires.
2016-10-13 13:51:11 +01:00
Brian Murray
7b07e0e4b4
Fix build failure for thread config
2016-10-13 13:51:11 +01:00
Brian Murray
5168618294
Minor fixes to comments
2016-10-13 13:51:11 +01:00
Brian Murray
3d64431a33
Minor CMAC fixes for merge
2016-10-13 13:51:11 +01:00
Brian Murray
0b21cdf7bc
cleaned up indentation and braket issues in mbedtls_cmac_verify
2016-10-13 13:51:11 +01:00
Brian Murray
bbed660aa1
Changed test function to inline to pass tests/scripts/check-names.sh
2016-10-13 13:51:10 +01:00
Brian Murray
fe9ff01c49
Fixed some build warnings
2016-10-13 13:51:10 +01:00
Brian Murray
4e067035b7
Do not zeroize null pointer
2016-10-13 13:51:10 +01:00
Brian Murray
cdd1f6d96c
Removed unneed memsets and fixed spacing
2016-10-13 13:51:10 +01:00
Brian Murray
6eae89bb6f
No CMAC minimum tag length is specified by NIST SP800-38B A
...
Minor Typo Changes
2016-10-13 13:51:10 +01:00
Brian Murray
e260feacbe
cmac.c whitespace cleanup
2016-10-13 13:51:10 +01:00
Brian Murray
db5c70e080
better handling of failed calloc
2016-10-13 13:51:10 +01:00
Brian Murray
86ff986884
selftest supports cmac if only MBEDTLS_DES_C is defined
...
Other minor typo fixes
2016-10-13 13:51:10 +01:00
Brian Murray
3d3c9b8be7
More cleanup of CMAC self tests
2016-10-13 13:51:09 +01:00
Brian Murray
afdb60f84f
Only compile AES CMAC PRF support if MBEDTLS_AES_C is defined and other cleanups
2016-10-13 13:51:09 +01:00
Brian Murray
d666eb5c11
More cleanup of CMAC selftests
2016-10-13 13:51:09 +01:00
Brian Murray
3c0412a443
Fixed CMAC tag length
2016-10-13 13:51:09 +01:00
Brian Murray
7c6476c330
CMAC support for cipher with 64bit blocks (DES/3DES)
2016-10-13 13:51:09 +01:00
Brian Murray
5a8c004f79
Added cmac.o to libary/Makefile
2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard
2b0e21f130
cmac: more cosmetic changes
2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard
a878d3b6e3
cmac: avoid useless wrapping of function
...
probably a leftover from an earlier stage
2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard
5f8639fea2
cmac: reduce visibility of macros
...
The #undef is usefull for people who want to to amalgamated releases
2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard
59ae4bad18
cmac: some more padding-related tune-ups
...
- use one less temporary buffer
- pedantic: in_len + 15 was a potential overflow
- use a more explicit name instead of 'flag'
- Mn was a bit misleading
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
da8724fbc6
cmac: clean up padding function and comments
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
89b8d83723
cmac: make subkey gen more constant-time
...
The previous version had secret-dependent memory accesses. While it was
probably not an issue in practice cause the two bytes of the array are
probably on the same cache line anyway, as a matter of principle this should
be avoided.
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
28ea791521
cmac: zeroize sensitive intermediate values
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
756bcf7631
cmac: factor multiply by u to its own function
...
We're doing exactly the same operation for K1 and K2.
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
a4dfa0550f
cmac: fix whitespace/codingstyle issues
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
9c83eebe67
cmac: improve argument order and naming
...
- always use the pattern "buffer, length"
- avoid using unqualified "length" as a name when there are more than one
2016-10-13 13:51:08 +01:00
Robert Cragie
9bf1e5dd3b
Line endings wrong
2016-10-13 13:51:08 +01:00
Robert Cragie
9518e88fa0
Use autogenerated version_features.c
2016-10-13 13:51:07 +01:00
Robert Cragie
2fa11cd197
Added CMAC as proper low-level module and changed error returns
2016-10-13 13:51:07 +01:00
Robert Cragie
c45554448c
Added MBEDTLS_CMAC_C
2016-10-13 13:51:07 +01:00
Robert Cragie
45feb6ef20
Add support for AES-128-CMAC and AES-CMAC-PRF-128
2016-10-13 13:51:07 +01:00
Janos Follath
0be2b01a6b
Add safety check to sample mutex implementation
...
Due to inconsistent freeing strategy in pkparse.c the sample mutex
implementation in threading.c could lead to undefined behaviour by
destroying the same mutex several times.
This fix prevents mutexes from being destroyed several times in the
sample threading implementation.
2016-10-13 13:51:07 +01:00