Andrzej Kurek
cead70dbe5
doxygen: fix missing asterisk in ecp.h
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-24 10:48:10 -05:00
Manuel Pégourié-Gonnard
fcca7cfa97
Merge pull request #5428 from gstrauss/mbedtls_ssl_ciphersuite
...
Add accessors for ciphersuite info
2022-01-24 11:13:31 +01:00
Dave Rodgman
b032685543
Merge pull request #5309 from gilles-peskine-arm/pkparse-pkcs8-unencrypted-no-alloc
...
mbedtls_pk_parse_key: don't allocate if not needed
2022-01-24 10:03:48 +00:00
Manuel Pégourié-Gonnard
ff743a7f38
Merge pull request #5425 from gabor-mezei-arm/5181_tls_cipher_extend_testing_of_tickets
...
TLS Cipher 1a: extend testing of tickets
2022-01-24 10:25:29 +01:00
Glenn Strauss
6eef56392a
Add tests for accessors for ciphersuite info
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-01-23 08:37:02 -05:00
Gilles Peskine
6249603e7c
Merge pull request #5438 from SebastianBoe/check_config
...
Add missing config check for PKCS5.
2022-01-22 00:52:07 +01:00
Gilles Peskine
6d6d93ea4a
Merge pull request #5350 from AndrzejKurek/psa-aead-invalid-tag-lengths-setup
...
Detect invalid tag lengths in psa_aead_setup
2022-01-21 21:46:37 +01:00
Gilles Peskine
c191addc8b
Merge pull request #5267 from mprse/mac_multipart
...
Extend driver dispatch tests for MAC multipart
2022-01-21 21:46:25 +01:00
Gilles Peskine
fe271b9c92
Merge pull request #5253 from AndrzejKurek/chacha-iv-len-16-fixes
...
Return an error from `mbedtls_cipher_set_iv` for an invalid IV length with ChaCha20 and ChaCha20+Poly
2022-01-21 21:46:08 +01:00
Przemyslaw Stekiel
daaf38b178
Remove multipart part from mac_verify test case
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-21 09:37:49 +01:00
Przemyslaw Stekiel
6ec59f817f
Add mac_verify_multipart test case + test data
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-21 09:37:49 +01:00
Przemyslaw Stekiel
1af1983352
Remove multipart part from mac_sign test case
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-21 09:37:49 +01:00
Przemyslaw Stekiel
f47b8d39a4
Add mac_sign_multipart test case + test data
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-21 09:37:49 +01:00
Andrzej Kurek
f881601c91
Detect invalid tag lengths in psa_aead_setup
...
Read tag lengths from the driver and validate against preset values.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-20 07:40:12 -05:00
Andrzej Kurek
031df4a93a
Clarify test descriptions
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 12:44:49 -05:00
Andrzej Kurek
e5f94fb556
PSA AEAD: test long plaintext lengths for psa_set_lengths
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 12:36:50 -05:00
Andrzej Kurek
1e8e1745a8
PSA AEAD: test more combinations of set_nonce and set_lengths
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 12:36:50 -05:00
Andrzej Kurek
a2ce72e5bf
Test calling psa_aead_set_lengths and set_nonce in various order
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 12:36:50 -05:00
Andrzej Kurek
ad2b8b5c3c
Fix a dependence in chacha cipher test suite
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-19 07:35:27 -05:00
Sebastian Bøe
24e88018d2
Add missing config check for PKCS5.
...
PKCS5 depends on MD, but is missing a config check resulting in
obscure errors on invalid configurations.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
2022-01-19 12:04:35 +01:00
Manuel Pégourié-Gonnard
d2da19b8eb
Merge pull request #5380 from AndrzejKurek/key-id-encodes-owner-psa-fixes
...
Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO
2022-01-18 09:16:25 +01:00
Gabor Mezei
29ec0c42f1
Remove unneeded changelog entry
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-01-17 15:21:02 +01:00
Manuel Pégourié-Gonnard
a15503fcdd
Merge pull request #5344 from AndrzejKurek/psa-aead-more-generate-nonce-combinations
...
PSA AEAD: test more combinations of generate_nonce and set_lengths
2022-01-17 13:12:04 +01:00
Ronald Cron
188ed19456
Merge pull request #5351 from yuhaoth/pr/remove-duplicate-supported_group_ext
...
Remove duplicate function for writing supported_groups extension
2022-01-17 09:13:14 +01:00
Andrzej Kurek
b9fbc11e2c
Dynamically allocate iv in dec_empty_buf tests
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00
Andrzej Kurek
f2d4e275a8
Add a changelog entry for the ChaCha20 default behavior change
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00
Andrzej Kurek
8be8e4a524
Add a missing test case to ChaCha20 tests - decrypt empty buffer
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00
Andrzej Kurek
63439eda62
Return an error for IV lengths other than 12 with ChaCha20+Poly1305
...
The implementation was silently overwriting the IV length to 12
even though the caller passed a different value.
Change the behavior to signal that a different length is not supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00
Andrzej Kurek
33ca6af8a3
Return an error for IV lengths other than 12 with ChaCha20
...
The implementation was silently overwriting the IV length to 12
even though the caller passed a different value.
Change the behavior to signal that a different length is not supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-14 16:31:54 +01:00
Manuel Pégourié-Gonnard
73839e02a7
Merge pull request #5353 from gstrauss/mbedtls_ssl_config_defaults-repeat
...
Reset dhm_P and dhm_G if config call repeated; avoid memory leak
2022-01-14 10:41:06 +01:00
Gilles Peskine
6bfe4e263b
Merge pull request #5272 from bensze01/psa_aead_setup_error
...
PSA: Return the same error in multipart and single shot AEAD operations
2022-01-13 21:16:20 +01:00
Bence Szépkúti
aa3a6e4ea7
Fix brace placement
...
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2022-01-13 16:26:03 +01:00
Bence Szépkúti
39fb9d170b
Rename helper function to psa_aead_check_algorithm
...
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2022-01-13 14:33:45 +01:00
Jerry Yu
d491ea4f18
fix comment issue
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-01-13 16:15:25 +08:00
Glenn Strauss
8f52690956
Add accessors for ciphersuite info
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-01-13 00:05:48 -05:00
Gilles Peskine
dfc5c7117e
Merge pull request #5420 from yanesca/update_mailing_list_links
...
Update mailing list links
2022-01-12 16:46:52 +01:00
Gabor Mezei
bc5b6b9602
Add changelog entry
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-01-12 16:46:28 +01:00
Gabor Mezei
6e5aae63f8
Add tests for ticket_aead option
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-01-12 16:29:58 +01:00
Gabor Mezei
d4bea1efd5
Add ticket_aead option for ssl_server2
...
The ticket_aead option allows to specify the session ticket protection.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-01-12 16:21:15 +01:00
Janos Follath
88addc4883
Update mailing list links
...
The mailing list software has been updated and the links have changed.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-01-12 13:09:17 +00:00
Jerry Yu
b925f21806
fix comment issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-01-12 11:17:02 +08:00
Jerry Yu
f0fede56a6
minor performance improvement
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-01-12 10:57:47 +08:00
Jerry Yu
1510cea0f3
fix coding style issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-01-12 10:56:49 +08:00
Jerry Yu
3ad14ac9e9
Add named group IANA value check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-01-11 17:13:16 +08:00
Jerry Yu
f46b016058
skip some extensions if ephemeral not enabled
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-01-11 16:28:00 +08:00
Jerry Yu
63282b4321
Refactor write supported group
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-01-11 15:43:53 +08:00
Jerry Yu
7f029d8a94
fix coding style issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-01-11 11:08:53 +08:00
Gilles Peskine
e1cc60eca9
Add positive test case with self-signed certificates
...
Add a positive test case where both the client and the server require
authentication and both use a non-CA self-signed certificate.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-01-07 23:10:56 +01:00
Bence Szépkúti
08f34656cb
Return the same error in multipart and single shot AEAD
...
psa_aead_encrypt_setup() and psa_aead_decrypt_setup() were returning
PSA_ERROR_INVALID_ARGUMENT, while the same failed checks were producing
PSA_ERROR_NOT_SUPPORTED if they happened in psa_aead_encrypt() or
psa_aead_decrypt().
The PSA Crypto API 1.1 spec will specify PSA_ERROR_INVALID_ARGUMENT
in the case that the supplied algorithm is not an AEAD one.
Also move these shared checks to a helper function, to reduce code
duplication and ensure that the functions remain in sync.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2022-01-07 19:36:07 +01:00
Gilles Peskine
d1d0b41fc0
Merge pull request #5388 from bensze01/multipart_aead_compliance_tests
...
Fix the multipart AEAD compliance tests
2022-01-06 19:11:28 +01:00