mbedtls

Author	SHA1	Message	Date
Mateusz Starzyk	bccbf88bc3	Rename CCM test functions. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 14:00:14 +02:00
Mateusz Starzyk	2f1754916c	Improve comment on local_output. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 14:00:14 +02:00
Mateusz Starzyk	a42f9537b5	Improve documentation for CCM's `processed` variable. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 14:00:14 +02:00
Mateusz Starzyk	b73c3ec1bc	Restore MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED as default ret. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 14:00:14 +02:00
Mateusz Starzyk	62d22f9782	Use additional state in CCM to track auth data input. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 14:00:14 +02:00
Mateusz Starzyk	4f2dd8aada	Fix errors returned by CCM functions. Add new error code for calling functions in wrong order. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 14:00:14 +02:00
Mateusz Starzyk	f337850738	Use const size buffer for local output in CCM decryption. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:59:36 +02:00
Mateusz Starzyk	c562788068	Fix local buffer allocation conditions. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	ceb5bc6150	Fix typos. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	8788906947	Add CCM test for edge cases. Cover: - not calling auth data update - not calling cipher text update - exceeding configured auth data length - exceeding configured cipher text length Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	c8bdf36a72	Validate tag pointer in ccm function. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	1bda9451ef	Factor out common code from ccm decrypt functions. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	eb395c00c9	Move 'Authenticated decryption' comment. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	22f7a35ca4	Do not use output buffer for internal XOR during decryption. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	36d3b89c84	Verify input data lengths. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	2d5652acee	Move ccm error state handling. Remove error clearing from ccm_starts() and ccm_set_lengths(). Add error check in ccm_update_ad(), ccm_update() and ccm_finish(). Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	5d97601e81	Remove ccm input validation. VALIDATE and VALIDATE_RET macros are obsolete. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	ca9dc8d1d7	Rename ccm_calculate_first_block function. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	c52220d775	Clear temporary buffer after block crypt operation. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	a9cbdfbb34	Replace ccm status flags with bitshifts. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	4df9ac4882	Reorganize ccm context structure. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	de7a83da0d	Add changelog for chunked CCM implementation. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	27a1bef89d	Tidy up test functions. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	29ec75b34e	Add multipart testing to CCM* tests. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	663055f784	Remove UPDATE_CBC macro and working b buffer. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	25a3dfe7dd	Add multipart tests for ccm suite. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	20bac2fbe4	Fix chunked ccm update. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	05e92d67bb	Fix crypt mode configuration. Validate parameters in chunked input functions. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	6a15bcf61b	Add support for chunked plaintext/cyphertext input. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	2ad7d8e1ff	Replace CCM_CRYPT macro with a more versatile static function. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	33392450b7	Add chunked auth data support Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	eb2ca96d69	Store set lenghts in ccm context. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	88c4d624f8	Clear context state if previous operation failed. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	793692cbcb	Split ccm_auth function. Move logic to ccm_starts, ccm_set_lengths, ccm_update_ad, ccm_update and ccm_finish Use separate variable to track context state. Encode first block only if both mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() were called. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	89d469cdb4	Move working variables to ccm context structure Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Gilles Peskine	78f6f05778	Merge pull request #4695 from yutotakano/fix-ssl-opt.sh-hard-abort ssl-opt.sh: Skip tests instead of conditional hard abort	2021-08-04 10:16:19 +02:00
Gilles Peskine	3fbc5d3cf2	Merge pull request #4815 from gilles-peskine-arm/generate_errors-multiline-3.0 Move MBEDTLS_ERR_xxx Doxygen comments before the definition	2021-08-03 13:46:21 +02:00
Gilles Peskine	cfb5d393ed	Merge pull request #4659 from spencer-burke/fixing_4222 Remove duplicated check in `check_config.h`	2021-08-03 12:53:34 +02:00
Gilles Peskine	58887bab12	Show warnings if something looks wrong This makes no difference to the output. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-08-02 22:53:40 +02:00
Gilles Peskine	7f8e2770fa	Document the big regex Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-08-02 22:51:03 +02:00
Gilles Peskine	d297157fe8	Move MBEDTLS_ERR_xxx Doxygen comments before the definition Now that descriptions of error codes no longer have to be on the same line for the sake of generate_errors.pl, move them to their own line before the definition. This aligns them with what we do for other definitions, and means that we no longer need to have very long lines containing both the C definition and the comment. ``` perl -i -pe 's~^(#define +MBEDTLS_ERR_\w+ +-\w+) /\[!]<(.)\/~/$2/\n$1~' include/mbedtls/*.h ``` This commit does not change the output of generate_errors.pl. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-08-02 22:51:03 +02:00
Gilles Peskine	05aa543b73	Better support multiline comments for MBEDTLS_ERR_xxx They were recognized by a prior commit. In this commit, replace line breaks (with optional comment continuation marker) by spaces. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-08-02 22:51:03 +02:00
Gilles Peskine	47b09567ab	More flexible parsing of Doxygen comments for MBEDTLS_ERR_xxx Before this commit, definitions of error codes must match a strict pattern, with a Doxygen comment following the definition on the same line and starting with "/*<". Change how generate_errors.pl so that the Doxygen comment can be before the definition instead of after, and doesn't have to be on the same line. Also allow spaces between "#" and "define", and allow Doxygen comments to start with "/!" rather than "/**". Starting with "///" or "//!" is not supported. This commit does not change the output of generate_errors.pl. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-08-02 22:51:00 +02:00
Gilles Peskine	8bb9b80d18	Merge pull request #4806 from hanno-arm/ssl_session_serialization_version Store TLS version in SSL session structure	2021-08-02 12:45:55 +02:00
Hanno Becker	fa0d61e559	Fix typo Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-02 08:56:14 +01:00
Hanno Becker	57723135b3	Document temporary overlap of TLS version in SSL context and session Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-01 19:40:44 +01:00
Hanno Becker	dce50974bf	Prefix "version" with "library" or "protocol" to avoid ambiguity Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-01 05:39:23 +01:00
Hanno Becker	37bdbe6c4d	Remove mentions of truncated HMAC from ssl_tls.c Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-01 05:38:58 +01:00
Gilles Peskine	69813477b0	Merge pull request #4758 from paul-elliott-arm/fix_cipher_output_size Fix divide by zero if macro used with wrong key type	2021-07-30 18:56:18 +02:00
Dave Rodgman	677c6c4cac	Merge pull request #4801 from hanno-arm/ssl_session_exported_private Explicitly mark fields as private via MBEDTLS_PRIVATE(...)	2021-07-30 14:39:07 +01:00

1 2 3 4 5 ...

16876 commits