Paul Elliott
c40bc1e406
Fix Changelog typo
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-21 18:58:12 +01:00
Paul Elliott
741beb1147
Improve Changelog
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-21 18:48:30 +01:00
Paul Elliott
3a16e014f2
Ensure tag lengths match in verification
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-21 18:05:04 +01:00
Paul Elliott
f47b0957ab
Set tag to 'impossible' value on failure to encrypt
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-21 18:05:04 +01:00
Paul Elliott
6eb959854b
Improve state logic
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-21 18:05:04 +01:00
Paul Elliott
6981fbcf10
Remove unneccessary guard for key unlock
...
Also make sure failure is not hidden by key unlock failure
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-21 18:05:04 +01:00
Paul Elliott
e95259f833
Remove some CCM leftovers
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-21 18:05:04 +01:00
Paul Elliott
60aa203e30
Remove temporary AEAD CCM implementation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 22:44:32 +01:00
Paul Elliott
e715f88d9d
Fix key slot being used uninitialised on error
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 21:55:39 +01:00
Paul Elliott
3dc1c242b4
Move AEAD contexts from primitives to composites
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
1a98acac1c
Properly handle GCM's range of nonce sizes
...
Add comment to the effect that we cannot really check nonce size as the
GCM spec allows almost arbitrarily large nonces. As a result of this,
change the operation nonce over to an allocated buffer to avoid overflow
situations.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
ee4ffe0079
Move AEAD length checks to PSA core
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
b91da71db1
Remove unrequired initialisation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
ac1b3fd5b6
Ensure that key gets unlocked in case of error
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
cee785cd72
Seperate id checks from other state checks
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
bb8bf6649e
Change function signature indentation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
e9eeea3290
Formatting fixes
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
5c656cbf99
Fix missed incorrect include guard
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
b91f331fce
Correct potential return values in documentation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
498d3503c4
Misc documentation fixes.
...
Misnamed function calls, typos and missed changes.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
9622c9aae0
Fix updated size macros in documentation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-20 18:39:58 +01:00
Paul Elliott
4148a68169
Update documentation for internal implementation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
b06e1c0d68
Remove unnecessary code
...
Calls to abort that are now being done by the psa_crypto layer, freeing
of tempory allocations (done by abort) and a couple of checks that had
already been done prior to that point
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
6108ee7c2d
Change logic to reduce indentation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
e2c788d480
Rename badly named variable
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
c10ad21a1b
Remove SetLengths() requirement for GCM
...
Also return NOT_SUPPORTED, rather than BAD_STATE for our current
workarounds for GCM/CCM
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
9e8ccd7e82
Make sure all statuses are initialised
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
ccaea40023
Replace hard coded buffer size with define
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
80acb7ee21
Formatting fixups and spelling mistake fixes
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
cc35859739
Pass key buffer size into psa_aead_setup
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
a559b3ce56
Remove key_set and use id instead
...
In keeping with the other PSA multipart operations.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
bbe90b5f7f
Formatting fixes for psa_crypto.c
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
81231f33f0
Return invalid argument for unsupported algorithm
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
39dc6b8aa5
Add abort call to all failure points
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
ef29e17a94
Add comment to non-obvious code guard
...
Ad and body lengths can only be too big on builds where size_t is bigger
than 32 bits. This checking code therefore generates always true
comparison warnings on 32 bit platforms, and thus had to be guarded.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
6edb7473db
Move safer_memcmp to psa_crypto_core.h
...
Same change as made by Steven Cooreman, although not yet merged.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
7f0a180107
Fix missed drivers header
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
cbbde5f28c
Split multipart AEAD contexts into two parts
...
Split to data required for internal implementation and data required for
driver implementation with data left over for the PSA layer.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
2df40057b3
Fix excessive line lengths
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
a218ceba93
Merge upstream test driver changes locally
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
f0e21de430
Fix generated files after adding config option
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
5d9fa8d675
Add define to allow multipart ccm to work
...
Add (internal only) define to config.h which allows the temporary
implementation of CCM to work, by removing the buffer zeroization on tag
fail when decrypting. This will obviously be removed when multipart CCM
is properaly implemented
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
fe5480a4c2
Fix transparent driver wrappers
...
Remove spurious "not supported" returns, and fix same issue that was
encountered with internal implementations - operation needs to be
marked as a type even if the initial call fails, otherwise cleanup won't
get done.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
7bc45ebf13
Add Changelog entry
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
16e6dcd72e
Add missing abort call to the end of tests
...
All tests should have an abort call in case of test failure to make sure
everything is cleaned up. Also removed unused define.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
72baf65819
Ensure operation id gets set even if failure
...
Although this deviates from the standard "auto-generated" code, the
M-AEAD setup functions set the key and thus allocate memory. If the
failure occurs after this (invalid tag size for example) then not having
the id set to the internal drivers means that abort does not get called,
and this causes the allocated data to leak.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
ac3c20013c
Prevent unsafe memcpy
...
Some tests cause a zero length input or output, which can mean the
allocated test output buffers can be zero length. Protect against
calling memcpy blindly in these situations.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
d4e99ed40c
Fix mistyped buffer size variable
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
4bbe82bdcc
Add transparent driver tests for M-AEAD
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
0023e0a1de
Add tests for multipart AEAD
...
Just clone of one shot tests for now - all additional data and body data
is passed in in one go.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00