yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
17502 commits 1 branch 0 tags 94 MiB
Commit graph

7499 commits

Author SHA1 Message Date
Mateusz Starzyk
c48f43b44d Fix PSA AEAD GCM's update output buffer length verification. 
Move GCM's update output buffer length verification
from PSA AEAD to the built-in implementation of the GCM.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-04 13:54:55 +02:00
Mateusz Starzyk
f28261fc14 Remove output buffer limitation for PSA with GCM. 
The requirement of minimum 15 bytes for output buffer in
psa_aead_finish() and psa_aead_verify() does not apply
to the built-in implementation of the GCM.

Alternative implementations are expected to verify the
length of the provided output buffers and to return
the MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL in case the
buffer length is too small.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-10-04 13:54:54 +02:00
Ronald Cron
cd51e76583
Merge pull request #4338 from paul-elliott-arm/psa-m-aead 
Implement multipart PSA AEAD
 2021-09-29 22:48:33 +02:00
Paul Elliott
60116aee9e Invert logic on nonce length tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-29 14:40:16 +01:00
Paul Elliott
355f59edbe Fix formatting issues 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-29 14:40:16 +01:00
Paul Elliott
e716e6c00b Switch cipher enabled macros 
Switch from using MBEDTLS_PSA_BUILTIN_ macros over to using PSA_WANT_
macros, as code was moved from the internal drivers to the PSA Core.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-29 14:40:16 +01:00
Gilles Peskine
bfe3d87f24
Merge pull request #4842 from gilles-peskine-arm/public_fields-3.0-info 
Make some structure fields public: key info, ASN.1 and X.509 parsing, socket fd
 2021-09-29 12:37:09 +02:00
Manuel Pégourié-Gonnard
1869377146
Merge pull request #4942 from yuhaoth/pr/add-tls13-client-dummy-state-handlers 
add tls13 client dummy state handlers and improve dispatch test
 2021-09-29 10:45:16 +02:00
Paul Elliott
baff51c8b7 Make sure nonce length checks use base algorithm 
Nonce length checks are now being used in the oneshot AEAD code as well,
which passes variant algorithms, not the base version, so need to
convert to base if necessary.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-28 17:47:24 +01:00
Paul Elliott
814f0c5fb1 Remove check for lack of supported ciphers 
Add comment explaining (currently) empty function.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-28 14:42:36 +01:00
Paul Elliott
946c920475 Add safety for nonce length to internal driver 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-28 14:42:36 +01:00
Paul Elliott
bb0f9e1740 Move all nonce length checks to PSA Core 
Remove duplicated code from oneshot API

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-28 11:16:27 +01:00
Paul Elliott
dff6c5d963 Restore internal driver for aead_set_lengths 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-28 11:16:27 +01:00
Jerry Yu
ad8d0bad10 Keep consistency order. 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-28 17:58:26 +08:00
Jerry Yu
d52398d31f fix double underscore fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-28 16:13:44 +08:00
Paul Elliott
4ed1ed18d2 Move nonce size checking to PSA Core 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-27 18:24:11 +01:00
Paul Elliott
325d374e3d Move set lengths checking to PSA Core 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-27 18:24:11 +01:00
Paul Elliott
c78833abc7 Add reminder of assumption to documentation 
Key size is not verified by this function, but by the level above it.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-27 16:00:40 +01:00
Jerry Yu
3bf1f97a0e fix various issue on pending send alert 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
bbd5a3fded fix pending_alert issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
394ece6cdd Add function for set pending alert flag 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
e7047819ee add pend fatal alert 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:38 +08:00
Jerry Yu
e86cd65754 fix unused-variable fail without MBEDTLS_DEBUG_C 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Jerry Yu
860b4ee42e Rename *_read_* to *_process_* 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Jerry Yu
6e81b27003 Add client state number check 
It is temporary check. If any change on `mbedtls_ssl_states`, please
double check those tests

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Jerry Yu
435756ffc0 Keep consistent order in dummy functions 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Jerry Yu
6c983524a8 Move msvc compatible fix to common.h 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Jerry Yu
687101b2e6 tls13: add dummy state machine handler 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:25:05 +08:00
Gilles Peskine
aafb21f320
Merge pull request #4968 from davidhorstmann-arm/fix-aarch64-asm-constraints 
Fix aarch64 assembly for bignum multiplication
 2021-09-27 09:01:15 +02:00
Paul Elliott
71b0567c87 Merge remote-tracking branch 'upstream/development' into psa-m-aead-merge 
Also fiixed the following merge problems:

crypto_struct.h   : Added MBEDTLS_PRIVATE to psa_aead_operation_s
                    members (merge conflict)
psa_crypto_aead.c : Added ciphertext_length to mbedtls_gcm_finish
                    call (change of API during development)

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-24 11:18:13 +01:00
Ronald Cron
f2cb19f921
Merge pull request #4891 from yuhaoth/pr/enable-key-exchange-in-client-hello 
TLS1.3: Client Hello : Add  extensions and test case.
 2021-09-23 18:45:01 +02:00
Paul Elliott
90fdc117dd Make NULL tag check more explicit 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
Paul Elliott
70618b22a9 Change sizeof to variable rather than struct 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-22 22:34:17 +01:00
David Horstmann
11c81df707 Fix aarch64 assembly for bignum multiplication 
Add memory constraints to the aarch64 inline assembly in MULADDC_STOP.
This fixes an issue where Clang 12 and 13 were generating
non-functional code on aarch64 platforms. See #4962, #4943
for further details.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2021-09-22 18:31:35 +01:00
Gilles Peskine
f0f2294f57
Merge pull request #4708 from mstarzyk-mobica/ccm_chunked 
Ccm chunked - enable multipart CCM in PSA
 2021-09-21 13:46:52 +02:00
Gilles Peskine
304689e4c4
Merge pull request #4947 from gilles-peskine-arm/muladdc-amd64-memory-development 
Fix x86_64 assembly for bignum multiplication
 2021-09-20 22:23:49 +02:00
Gilles Peskine
93cb6111ba
Merge pull request #4878 from SiliconLabs/remove_dependency_4877 
Remove dependency of built-in keys on storage
 2021-09-20 22:20:16 +02:00
Paul Elliott
ec95cc9489 Add safety for NULL tag being passed to finish 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 22:39:06 +01:00
Paul Elliott
8ff74217e4 Add comment explaining finish output size 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
4c916e8d74 Improve comment on buffer clearing 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
69bf5fc901 Const correctness 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
70f447dfe5 Replace individual zeroization with memset 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:17 +01:00
Paul Elliott
eac6c757a2 Make nonce length check return error where it can 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
12acb6bb4c Remove missed references to aead_verify from docs 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
b183d56b5f Use safer size for tag checking 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Paul Elliott
06b6b8c8d6 Add missing zeroize for sensitive tag data. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-09-19 18:43:16 +01:00
Jerry Yu
388bd0d53c fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-15 22:06:11 +08:00
Gilles Peskine
d337fbc4cb x86_64 MULADDC assembly: add missing constraints about memory 
MULADDC_CORE reads from (%%rsi) and writes to (%%rdi). This fragment is
repeated up to 16 times, and %%rsi and %%rdi are s and d on entry
respectively. Hence the complete asm statement reads 16 64-bit words
from memory starting at s, and writes 16 64-bit words starting at d.

Without any declaration of modified memory, Clang 12 and Clang 13 generated
non-working code for mbedtls_mpi_mod_exp. The constraints make the unit
tests pass with Clang 12.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-09-15 15:51:43 +02:00
Jerry Yu
dd1fb9e37e add mbedtls_ecdh_setup_no_everest 
Setup ecdh without everest for TLS1.3

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-15 11:10:15 +08:00
Jerry Yu
bdc71888fc Remove restartable and everest from tls1.3 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-14 19:33:31 +08:00