Commit graph

2513 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
59ae4bad18 cmac: some more padding-related tune-ups
- use one less temporary buffer
- pedantic: in_len + 15 was a potential overflow
- use a more explicit name instead of 'flag'
- Mn was a bit misleading
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
da8724fbc6 cmac: clean up padding function and comments 2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
89b8d83723 cmac: make subkey gen more constant-time
The previous version had secret-dependent memory accesses. While it was
probably not an issue in practice cause the two bytes of the array are
probably on the same cache line anyway, as a matter of principle this should
be avoided.
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
28ea791521 cmac: zeroize sensitive intermediate values 2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
756bcf7631 cmac: factor multiply by u to its own function
We're doing exactly the same operation for K1 and K2.
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
a4dfa0550f cmac: fix whitespace/codingstyle issues 2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard
9c83eebe67 cmac: improve argument order and naming
- always use the pattern "buffer, length"
- avoid using unqualified "length" as a name when there are more than one
2016-10-13 13:51:08 +01:00
Robert Cragie
9bf1e5dd3b Line endings wrong 2016-10-13 13:51:08 +01:00
Robert Cragie
9518e88fa0 Use autogenerated version_features.c 2016-10-13 13:51:07 +01:00
Robert Cragie
2fa11cd197 Added CMAC as proper low-level module and changed error returns 2016-10-13 13:51:07 +01:00
Robert Cragie
c45554448c Added MBEDTLS_CMAC_C 2016-10-13 13:51:07 +01:00
Robert Cragie
45feb6ef20 Add support for AES-128-CMAC and AES-CMAC-PRF-128 2016-10-13 13:51:07 +01:00
Janos Follath
0be2b01a6b Add safety check to sample mutex implementation
Due to inconsistent freeing strategy in pkparse.c the sample mutex
implementation in threading.c could lead to undefined behaviour by
destroying the same mutex several times.

This fix prevents mutexes from being destroyed several times in the
sample threading implementation.
2016-10-13 13:51:07 +01:00
Andres AG
3616f6f261 Rename net.{c,h} to net_sockets.{c,h}
The library/net.c and its corresponding include/mbedtls/net.h file are
renamed to library/net_sockets.c and include/mbedtls/net_sockets.h
respectively. This is to avoid naming collisions in projects which also
have files with the common name 'net'.
2016-10-13 13:48:48 +01:00
Andres AG
4bdbe09f90 Fix sig->tag update in mbedtls_x509_get_sig() 2016-09-19 17:09:45 +01:00
Andres AG
f9113194af Allow the entry_name size to be set in config.h
Allow the size of the entry_name character array in x509_crt.c to be
configurable through a macro in config.h. entry_name holds a
path/filename string. The macro introduced in
MBEDTLS_X509_MAX_FILE_PATH_LEN.
2016-09-16 11:42:35 +01:00
Simon Butcher
669c635ec0 Fix unused variable warnings for null entropy config 2016-09-15 18:57:34 +01:00
Andres Amaya Garcia
a928e67278 Documentation and entropy self test changes (#610)
Ensure that the entropy self test always fails whenever
MBEDTLS_TEST_NULL_ENTROPY is defined. This is because the option is
meant to be for testing and development purposes rather than production
quality software. Also, this patch enhances the documentation for
mbedtls_entropy_source_self_test() and mbedtls_entropy_self_test().
2016-09-13 13:30:02 +01:00
Paul Bakker
29f221f183 Fix guards in SSL for ECDH key exchanges 2016-09-05 01:48:31 +03:00
palaviv
a9f90f00aa Removing in compile time unused entries from oid_ecp_grp list 2016-09-04 15:14:38 +01:00
palaviv
06f1828fa2 Removing in compile time unused entries from oid_sig_alg list 2016-09-04 15:14:38 +01:00
palaviv
4636fc6b0d oid_x520_attr_type list is defined only when MBEDTLS_X509_USE_C or MBEDTLS_X509_CREATE_C 2016-09-04 15:14:38 +01:00
palaviv
5730320225 Removing in compile time unused entries from oid_md_alg list 2016-09-04 15:14:38 +01:00
Andres AG
e7723ec284 Make entropy bias self test poll multiple times
Instead of polling the hardware entropy source a single time and
comparing the output with itself, the source is polled at least twice
and make sure that the separate outputs are different.
2016-08-30 16:50:48 +01:00
Andres AG
b34e42e69e Add a new self test to entropy module
The self test is a quick way to check at startup whether the entropy
sources are functioning correctly. The self test only polls 8 bytes
from the default entropy source and performs the following checks:

- The bytes are not all 0x00 or 0xFF.
- The hardware does not return an error when polled.
- The entropy does not provide data in a patter. Only check pattern
  at byte, word and long word sizes.
2016-08-30 16:50:48 +01:00
Paul Bakker
4400ecc9fb Fix output of PKCS#5 and RIPEMD-160 self tests 2016-08-25 16:36:35 +01:00
Paul Bakker
217efbcb4b Allow compilation without MBEDTLS_SELF_TEST enabled 2016-08-25 15:42:28 +01:00
Paul Bakker
c7d6bd4b5f Add mbedtls_asn1_write_len() support for 3 and 4 byte lengths
As a consequence also adds coverage for reading 3 and 4 byte lengths
(which were not covered before)
2016-08-25 15:42:27 +01:00
Paul Bakker
7eb1243fb4 Add check for lengths over 65535 in mbedtls_asn1_write_len() 2016-08-25 15:42:27 +01:00
Simon Butcher
23e9778684 Adds missing conditions for platform time
In platform.c, made the time functions dependent on the configuration
MBEDTLS_HAVE_TIME to fix a build break where the functions could be
built but the mbedtls_time_t was not defined.
2016-07-13 14:47:07 +01:00
Simon Butcher
b5b6af2663 Puts platform time abstraction into its own header
Separates platform time abstraction into it's own header from the
general platform abstraction as both depend on different build options.
(MBEDTLS_PLATFORM_C vs MBEDTLS_HAVE_TIME)
2016-07-13 14:46:18 +01:00
Simon Butcher
905cef6c2c Changed library version number to 2.3.0 2016-06-27 19:36:45 +01:00
Simon Butcher
ab069c6b46 Merge branch 'development' into development-restricted 2016-06-23 21:42:26 +01:00
Brian J Murray
e7be5bdb96 Fixed unchecked calls to mbedtls_md_setup in rsa.c (#502)
* Fixed unchecked calls to mbedtls_md_setup in rsa.c:

* style fixes
2016-06-23 20:57:03 +01:00
Jussi Kivilinna
4b541bec0f Fix unused variable in AES selftest when CBC and CFB disabled (#393)
This commit fixes following warning:

> CC:  aes.c
> aes.c: In function 'mbedtls_aes_self_test':
> aes.c:1225:19: error: unused variable 'iv' [-Werror=unused-variable]
>      unsigned char iv[16];
>                    ^
> cc1: all warnings being treated as errors
2016-06-22 16:48:16 +01:00
Janos Follath
1b8571cd25 Merge branch 'development' into development-restricted 2016-06-21 13:51:17 +01:00
Simon Butcher
1ceab6e43a Adds a check and warning for the null entropy option
If the option MBEDTLS_TEST_NULL_ENTROPY is enabled, the cmake generated
makefile will generate an error unless a UNSAFE_BUILD switch is also enabled.

Equally, a similar warning will always be generated if the Makefile is built,
and another warning is generated on every compilation of entropy.c.

This is to ensure the user is aware of what they're doing when they enable the
null entropy option.
2016-06-21 10:14:00 +01:00
Janos Follath
15ab7ed0f3 Merge branch 'development' into development-restricted
Conflicts:
	programs/pkey/rsa_decrypt.c
	programs/pkey/rsa_encrypt.c
	programs/test/selftest.c
2016-06-14 09:20:46 +01:00
Simon Butcher
124646e4b5 Updates version feature list for NV Seed 2016-06-12 11:56:03 +01:00
Simon Butcher
4157b6004d Renames null entropy source function for clarity 2016-06-12 00:31:33 +01:00
Simon Butcher
ab5df40054 Rename the 'no entropy' feature to MBEDTLS_TEST_NULL_ENTROPY
Following review and for clarity, changed the name of the feature to 'null
entropy'.
2016-06-11 02:31:21 +01:00
Paul Bakker
bddf9ab8ff Update features file 2016-06-10 19:42:15 +01:00
Paul Bakker
fc9c7c8bf4 Initial entropy run should be context specific
Otherwise test influence each other.
Is a change to the context but only if the NV seed feature is enabled
2016-06-10 19:42:15 +01:00
Paul Bakker
d5c9f6d226 Automatically update NV seed on initial entropy run
Update the NV entropy seed before generating any entropy for outside
use. The reason this is triggered here and not in mbedtls_entropy_init(),
is that not all entropy sources mights have been added at that time.
2016-06-10 19:42:14 +01:00
Paul Bakker
9988d6bbd9 Introduce mbedtls_nv_seed_poll() entropy polling function 2016-06-10 19:42:14 +01:00
Paul Bakker
cf0a9f96c5 Introduce platform-layer functions for reading/writing seed from NV
Introduces mbedtls_nv_seed_read() and mbedtls_nv_seed_write().

The platform-layer functions are only available when
MBEDTLS_ENTROPY_NV_SEED is enabled.
2016-06-10 19:42:14 +01:00
Janos Follath
51bcd9355b Update version features. 2016-06-09 13:55:37 +01:00
Janos Follath
53de78444c Add entropy safety switch.
Add a switch that turns entropy collecting off entirely, but enables
mbed TLS to run in an entirely unsafe mode. Enables to test mbed TLS
on platforms that don't have their entropy sources integrated yet.
2016-06-09 11:54:54 +01:00
Janos Follath
ce52d7823c Address user reported coverity issues. 2016-06-07 14:52:35 +01:00
Simon Butcher
78da223f68 Revert accidental changes to file mode of rsa.c 2016-06-07 14:52:34 +01:00