Commit graph

74 commits

Author SHA1 Message Date
Dave Rodgman
16799db69a update headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Gilles Peskine
2387bdab0f
Merge pull request #1038 from Mbed-TLS/development
Merge development into development-restricted
2023-07-21 15:40:36 +02:00
Dave Rodgman
3d0c8255aa
Merge pull request #7825 from daverodgman/cipher_wrap_size
Cipher wrap size improvement
2023-07-05 15:45:48 +01:00
Dave Rodgman
2e8f6aabc2 Fix direct use of cipher_info->type
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 17:32:18 +01:00
Dave Rodgman
85a88133aa Use fewer bits for block_size
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 13:37:28 +01:00
Dave Rodgman
a0b166e11e Use mbedtls_xor_no_simd from cmac and cbc
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-15 18:44:16 +01:00
Gilles Peskine
9e930e2887 Rename MBEDTLS_CIPHER_BLKSIZE_MAX internally
Replace all occurrences of MBEDTLS_CIPHER_BLKSIZE_MAX by the new name with
the same semantics MBEDTLS_CMAC_MAX_BLOCK_SIZE, except when defining or
testing the old name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-06-14 18:00:37 +02:00
Yanray Wang
dd56add42d cmac selftest: add macro for non-128-bit data/test
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-05-11 17:57:17 +08:00
Arto Kinnunen
0f06618db0 AES: skip 192bit and 256bit key in selftest if 128bit_only enabled
This includes:
 - aes.c
 - cmac.c
 - gcm.c
 - nist_kw.c

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-05-05 11:20:59 +08:00
Gilles Peskine
449bd8303e Switch to the new code style
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-11 14:50:10 +01:00
Dave Rodgman
8c0ff81ce7 Use mbedtls_xor in CMAC
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-11-22 17:32:44 +00:00
Steven Cooreman
d367990ef3 Allow skipping 3DES in CMAC self-test when ALT implemented
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-02 10:18:08 +01:00
Steven Cooreman
c7da6a48dd Update comment to only apply to AES-192
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-01-29 11:09:50 +01:00
Steven Cooreman
03f40849c5 Apply suggestions from code review
Code style changes.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

Co-authored-by: Chris Jones <70633990+chris-jones-arm@users.noreply.github.com>
2021-01-19 13:34:56 +01:00
Steven Cooreman
b2f3e6ca35 Restrict test skipping to AES-192 specifically
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-01-15 16:49:55 +01:00
Steven Cooreman
655b012b6c Unconditionally include platform.h in CMAC
As is the case for aes.c et al

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-01-11 14:34:51 +01:00
Steven Cooreman
830d5af2f3 Allow CMAC self test to skip tests for unsupported primitives
Same type of skipping as in AES and GCM self test routines.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-01-08 18:01:46 +01:00
Rodrigo Dias Correa
2c424570e2 Fix mismatched function parameters (prototype/definition)
In GCC 11, parameters declared as arrays in function prototypes
cannot be declared as pointers in the function definition. The
same is true for the other way around.

The definition of `mbedtls_aes_cmac_prf_128` was changed to match
its public prototype in `cmac.h`. The type `output` was
`unsigned char *`, now is `unsigned char [16]`.

In `ssl_tls.c`, all the `ssl_calc_verify_*` variants now use pointers
for the output `hash` parameter. The array parameters were removed
because those functions must be compatible with the function pointer
`calc_verify` (defined in `ssl_internal.h`).

Signed-off-by: Rodrigo Dias Correa <rodrigo@correas.us>
2020-11-25 01:13:12 -03:00
Bence Szépkúti
1e14827beb Update copyright notices to use Linux Foundation guidance
As a result, the copyright of contributors other than Arm is now
acknowledged, and the years of publishing are no longer tracked in the
source files.

Also remove the now-redundant lines declaring that the files are part of
MbedTLS.

This commit was generated using the following script:

# ========================
#!/bin/sh

# Find files
find '(' -path './.git' -o -path './3rdparty' ')' -prune -o -type f -print | xargs sed -bi '

# Replace copyright attribution line
s/Copyright.*Arm.*/Copyright The Mbed TLS Contributors/I

# Remove redundant declaration and the preceding line
$!N
/This file is part of Mbed TLS/Id
P
D
'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-08-19 10:35:41 +02:00
Gilles Peskine
db09ef6d22 Include common.h instead of config.h in library source files
In library source files, include "common.h", which takes care of
including "mbedtls/config.h" (or the alternative MBEDTLS_CONFIG_FILE)
and other things that are used throughout the library.

FROM=$'#if !defined(MBEDTLS_CONFIG_FILE)\n#include "mbedtls/config.h"\n#else\n#include MBEDTLS_CONFIG_FILE\n#endif' perl -i -0777 -pe 's~\Q$ENV{FROM}~#include "common.h"~' library/*.c 3rdparty/*/library/*.c scripts/data_files/error.fmt scripts/data_files/version_features.fmt

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 11:26:57 +02:00
Kenneth Soerensen
518d435e7b Fix GCC format-signedness warnings
Signed-off-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
2020-04-22 16:01:48 +02:00
Janos Follath
24eed8d2d2 Initialise return values to an error
Initialising the return values to and error is best practice and makes
the library more robust.
2019-12-03 16:07:18 +00:00
Simon Butcher
6665b67ddf Merge remote-tracking branch 'public/pr/1390' into development 2018-06-27 10:51:47 +01:00
Andres Amaya Garcia
1f6301b3c8 Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
Andres Amaya Garcia
e32df087fb Remove individual copies of mbedtls_zeroize()
This commit removes all the static occurrencies of the function
mbedtls_zeroize() in each of the individual .c modules. Instead the
function has been moved to utils.h that is included in each of the
modules.
2018-04-17 09:19:05 -05:00
Gilles Peskine
0818540ff7 Merge branch 'pr_726' into development-proposed 2018-03-22 21:50:48 +01:00
Gilles Peskine
df761d5a6b Fix build with gcc -O -Wall
Fix warnings from gcc -O -Wall about `ret` used uninitialized in
CMAC selftest auxiliary functions. The variable was indeed
uninitialized if the function was called with num_tests=0 (which
never happens).
2018-03-01 22:18:14 +01:00
Gilles Peskine
3fcc045c23 Merge remote-tracking branch 'upstream-public/pr/866' into development
Conflict resolution: additions in the same places as
upstream-public/pr/865, both adding into lexicographically sorted
lists, resolved by taking the additions in lexicographic order.
2018-01-02 15:55:55 +01:00
Ron Eldor
621080d7c6 Fix compilation issue weh self test defined
1. Surround the generate keys with
`#if ! defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)`
to resolve build issue when `MBEDTLS_SELF_TEST` is defined for
alternative CMAC as well
2. Update ChangeLog
2017-12-21 10:57:43 +02:00
Hanno Becker
61937d4a83 Rename time and index parameter to avoid name conflict.
As noted in #557, several functions use 'index' resp. 'time'
as parameter names in their declaration and/or definition, causing name
conflicts with the functions in the C standard library of the same
name some compilers warn about.

This commit renames the arguments accordingly.
2017-07-28 22:28:08 +01:00
Andres Amaya Garcia
af610a0baf Fix check-doxy-blocks.pl errors (cmac.c ecjpake.h) 2017-05-12 00:18:04 +01:00
Steven Cooreman
6334277320 Allow alternate core implementation of CMAC 2017-04-04 11:47:16 +02:00
Brian Murray
2fab5c9605 Work around for GCC bug 2017-02-04 17:44:45 -08:00
Janos Follath
cd13bd2819 Update CMAC test vectors. 2016-12-13 16:00:52 +00:00
Simon B
3249cb780b Fix various compiler warnings with MSVC
Fixes various compiler warnings found with Microsoft Visual Studio 2015
(and earlier versions).
2016-11-10 15:37:33 +00:00
Brian J Murray
2adecba01f Clarify Comments and Fix Typos (#651)
Fixes many typos, and errors in comments.

* Clarifies many comments
* Grammar correction in config.pl help text
* Removed comment about MBEDTLS_X509_EXT_NS_CERT_TYPE.
* Comment typo fix (Dont => Don't)
* Comment typo fix (assure => ensure)
* Comment typo fix (byes => bytes)
* Added citation for quoted standard
* Comment typo fix (one complement => 1's complement)

The is some debate about whether to prefer "one's complement",  "ones'
complement", or "1's complement".  The more recent RFCs related to TLS
(RFC 6347,  RFC 4347, etc) use " 1's complement", so I followed that
convention.

* Added missing ")" in comment
* Comment alignment
* Incorrect comment after #endif
2016-11-06 12:45:15 +00:00
Janos Follath
d444358247 Fix memory leaks in CMAC tests 2016-10-12 14:31:01 +01:00
Janos Follath
e3d882ad4a Remove unnecessary flag from CMAC context 2016-10-11 13:38:36 +01:00
Simon Butcher
6b0774ab1a Fix issues in CMAC in repeated updates
Successive calls to mbedtls_cipher_cmac_update() which weren't block aligned
were failing, which is fixed by this commit.
2016-10-11 12:25:04 +01:00
Simon Butcher
420be4ea04 Fix bracketing in cmac.c
The bracketing in some expressions where an assignment was being made in an if statement in cmac.c had been accidentally broken and was causing compiler warnings with armcc.
2016-10-07 12:55:43 +01:00
Andres AG
a592dcc1c6 Clean up of formatting, and potential integer overflow fix 2016-10-06 15:23:39 +01:00
Simon Butcher
d241f1cf17 Fixes following review
Fixes issue of not zeroing entire block on reset and conditional compilation.
2016-10-06 12:53:33 +01:00
Simon Butcher
69283e51d5 Clean up and minor fixes following review
Minor fixes following review including:
    * formatting changes including indentation and code style
    * corrections
    * removal of debug code
    * clarification of code through variable renaming
    * memory leak
    * compiler warnings
2016-10-06 12:49:58 +01:00
Simon Butcher
94ffde7b0a Fix CMAC interface for doxygen
Parameters didn't match the function definition.
2016-10-05 15:33:53 +01:00
Simon Butcher
327398ad3a Refactor and change CMAC interface
Change the CMAC interface to match the mbedtls_md_hmac_xxxx() interface. This
changes the overall design of the CMAC interface to make it more consistent with
the existing HMAC interface, and will allow incremental updates of input data
rather than requiring all data to be presented at once, which is what the
current interface requires.
2016-10-05 14:19:18 +01:00
Brian Murray
8b4111c516 Fix build failure for thread config 2016-10-05 14:19:17 +01:00
Brian Murray
72b69e3808 Minor fixes to comments 2016-10-05 14:19:17 +01:00
Brian Murray
53e23b684f Minor CMAC fixes for merge 2016-10-05 14:19:17 +01:00
Brian Murray
9ce2e091de cleaned up indentation and braket issues in mbedtls_cmac_verify 2016-10-05 14:19:17 +01:00
Brian Murray
ae1cb12d82 Changed test function to inline to pass tests/scripts/check-names.sh 2016-10-05 14:19:17 +01:00