yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
14857 commits 1 branch 0 tags 94 MiB
Commit graph

14857 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dave Rodgman
74755e484c Update Changelog for 2.26.0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-03-08 18:35:44 +00:00
Dave Rodgman
b4fe1053e4 Add missing changelog entry 
Add missing changelog entry for 3698: Mark basic constraints critical
as appropriate.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-03-08 18:34:24 +00:00
Dave Rodgman
2d83ac100d Add a missing changelog entry 
Add a missing changelog entry for #3996: Allow loading external wrapped
keys.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-03-08 18:34:16 +00:00
Dave Rodgman
5cce6a24d0 Merge branch 'development-restricted' into mbedtls-2.26.0-rc 2021-03-08 17:01:24 +00:00
Gilles Peskine
e252868be4
Merge pull request #4067 from stevew817/feature/allow_multilength_aead 
Add support for key policies (MAC & AEAD)
 2021-03-08 15:04:17 +01:00
Steven Cooreman
1fb691aea9 Remove superfluous check 
mac size is previously checked to not be less than 4, so it can't be zero
anymore at this point.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-08 14:00:34 +01:00
Steven Cooreman
cd64093222 Language & code readability updates 
No functional/behavioral changes in this commit

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-08 14:00:29 +01:00
Janos Follath
477a463684
Merge pull request #4168 from stevew817/fix/unreferenced_function_in_ecp_c 
Remove unreferenced static functions when ECP_NO_FALLBACK is used
 2021-03-05 08:51:13 +00:00
Manuel Pégourié-Gonnard
edc589bdd8
Merge pull request #808 from paul-elliott-arm/cf_base64_work 
Constant Flow Base64 Table Access
 2021-03-04 17:25:37 +01:00
Paul Elliott
be165bd32b Code style fixups 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-03-04 14:34:50 +00:00
Paul Elliott
a5dce14291 Fixup changelog formatting 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-03-04 14:24:57 +00:00
Paul Elliott
3c973f4d32 Fix misnamed base64 test 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-03-04 14:23:03 +00:00
Janos Follath
d0b0ba8179
Merge pull request #4173 from gilles-peskine-arm/net_poll-fd_setsize-development 
Fix stack corruption in mbedtls_net_poll with large file descriptor
 2021-03-04 12:16:33 +00:00
Steven Cooreman
31a876da09 Clarify some policy-handling code comments 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-03 20:47:40 +01:00
Steven Cooreman
f9f7fdfe49 Rework MAC algorithm / key type validation 
Reworked the validation of MAC algorithm with the used key type by
introducing psa_mac_key_can_do, which guarantees that PSA_MAC_LENGTH can
be called successfully after validation of the algorithm and key type.

This means psa_get_mac_output_length is no longer required.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-03 19:58:02 +01:00
Paul Elliott
07fa1f1a39 Fix carelessly copy pasted comment 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-03-03 17:21:17 +00:00
Paul Elliott
3ffd13465a Fix constant flow mask maths 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-03-03 17:11:32 +00:00
Paul Elliott
88f2eb664f Remove multiplication from conditional assignments 
Multiplication is not constant flow on any CPU we are generally
targetting, so replace this with bit twiddling.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-03-03 15:31:17 +00:00
Gilles Peskine
9264e01730 Update error codes listed in the net_sockets documentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-03-03 12:27:17 +01:00
Steven Cooreman
4ff9a29686 Check truncation length explicitly 
Comparing algorithm with its FULL_LENGTH_MAC version doesn't work in
cases where algorithm is a wildcard. Wildcard input is not specified in
the documentation of the function, but in order to test the function
using the same test as PSA_MAC_LENGTH we're mimicking that behaviour here.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-03 12:07:20 +01:00
Steven Cooreman
58c94d39ae Make psa_get_mac_output_length testable and test it 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-03 10:37:35 +01:00
Paul Elliott
c48cb80b1f Prevent false positive CF Test Failures 
Marked dirty memory ends up in the result buffer after encoding (due to
the input having been marked dirty), and then the final comparison
to make sure that we got what we expected was triggering the constant
flow checker.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-03-02 22:48:40 +00:00
Paul Elliott
c1a895d897 Add further more rigorous tests for base64 
Original author was gilles.peskine@arm.com

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-03-02 22:44:37 +00:00
Steven Cooreman
7d4b0d778f Reuse PSA_MAC_LENGTH in psa_get_mac_output_length 
Avoid code duplication. Also update the guarantees made by the function
doc to match the guarantees given by PSA_MAC_LENGTH.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-02 21:40:03 +01:00
Steven Cooreman
5a17267442 Add a note about why key_type is required 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-02 21:40:03 +01:00
Steven Cooreman
1ac5ce3b91 Make psa_key_policy_algorithm_intersection MAC-length aware 
This makes it more in-line with how psa_key_policy_permits works. It
also adds consistency: the intersection of MAC with default length and
MAC with exact-length is now computed correctly in case the exact length
equals the default length of the algorithm when used with the given
key type.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-02 21:39:26 +01:00
Steven Cooreman
15472f8c70 Clean up psa_mac_setup now that we have an output length calculator 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-02 21:36:33 +01:00
Steven Cooreman
5ad4bf75e3 Move MAC default length checking into psa_key_policy_permits 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-02 21:36:33 +01:00
Steven Cooreman
328f11c50e Language & readability touchups 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-02 11:44:51 +01:00
Steven Cooreman
e538896ad8 Remove unreferenced static functions when ECP_NO_FALLBACK is used 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-02 10:14:24 +01:00
Ronald Cron
2a0278734b
Merge pull request #4148 from stevew817/add_missing_non_12b_gcm_test_skip 
Add missing test skip for ALT-implemented GCM (#4010 fix-up)
 2021-03-02 09:18:41 +01:00
Paul Elliott
0544d49330 Fix Non CF access to table in base64 decrypt 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-03-01 19:15:43 +00:00
Paul Elliott
6e152fa362 Optimise unneccesary cf table accesses away 
Also fix missed bare access of base_64_dec_map

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-03-01 18:33:09 +00:00
Paul Elliott
717ba77e52 Fix incorrect assumptions about the size of size_t 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-03-01 17:49:42 +00:00
Steven Cooreman
d788fab4ff Clarify usage of psa_key_policy_permits 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:09:24 +01:00
Steven Cooreman
16a05f5881 Add metadata tests intertwining truncated and at-least-length algos 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:09:24 +01:00
Steven Cooreman
947bb0b06f Code readability improvements 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:09:24 +01:00
Steven Cooreman
a1d8322f74 Fix typos & copy-paste errors 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:09:24 +01:00
Steven Cooreman
fb9cb92055 Move wildcard-to-exercisable conversion to exercise_key in test suite 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:09:24 +01:00
Steven Cooreman
7e39f05929 Using a wildcard as a specific algorithm now reports invalid argument 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:03:40 +01:00
Steven Cooreman
ae3f13bf5e Add more test cases and fix AT_LEAST_THIS_LENGTH against base algorithm 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:03:40 +01:00
Steven Cooreman
a96e2410e7 Test _AT_LEAST_THIS_LENGTH macros in the PSA Crypto metadata test suite 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:03:40 +01:00
Steven Cooreman
2c2efa488b Fix dependency-setting script and test dependencies for new tests 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:03:39 +01:00
Steven Cooreman
d927ed7901 Rename _MINIMUM_LENGTH flags to _AT_LEAST_THIS_LENGTH 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:03:39 +01:00
Steven Cooreman
4400c3a44a Add _AT_LEAST_THIS_LENGTH_ macros to PSA constants test 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:03:39 +01:00
Steven Cooreman
7de9e2db1f Language / verbiage fixes 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:03:39 +01:00
Steven Cooreman
aaec341c9b Exercise CCM with the right amount of IV bytes in test 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:03:39 +01:00
Steven Cooreman
5d81481a1c Rename AEAD WITH_MINIMUM_LENGTH to AT_LEAST_THIS_LENGTH 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

# Conflicts:
#	include/psa/crypto_values.h
#	tests/suites/test_suite_psa_crypto.data
 2021-03-01 16:00:31 +01:00
Steven Cooreman
caad49316b rename MAC_WITH_MINIMUM_LENGTH_TAG to AT_LEAST_THIS_LENGTH_MAC 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2021-03-01 16:00:31 +01:00
Steven Cooreman
37389c768d Update validity domain of min_tag_length / min_mac_length 
Review indicated explicit validity domain should be [1, max_alg_length]

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

# Conflicts:
#	include/psa/crypto_values.h
 2021-03-01 16:00:31 +01:00