yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
16508 commits 1 branch 0 tags 94 MiB
Commit graph

16508 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bence Szépkúti
dbf5d2b1a7 Improve the instructions in the migration guide 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 10:37:41 +01:00
Bence Szépkúti
1b2a8836c4 Correct documentation references to Mbed TLS 
Use the correct formatting of the product name in the documentation.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 10:37:19 +01:00
Bence Szépkúti
a1d1f5b84f Fix typo 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:49:04 +01:00
Bence Szépkúti
5c70c140b7 Remove def directive for version symbol 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:49 +01:00
Bence Szépkúti
60c863411c Remove references to MBEDTLS_USER_CONFIG_VERSION 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:48 +01:00
Bence Szépkúti
1cafe5ce20 Base config compat check on MBETLS_VERSION_NUMBER 
Any config with a version older than 3.0.0 or newer than
MBETLS_VERSION_NUMBER will be rejected.

This does mean that the current development version doesn'T accept *any*
value of MBETLS_CONFIG_VERSION, but this will be fixed when we bump the
version during our normal release process.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:48 +01:00
Bence Szépkúti
fc04aa2be5 Remove MBEDTLS_USER_CONFIG_VERSION handling 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:48 +01:00
Bence Szépkúti
36da4ccc51 Update changelog and migration guide 
This reflect changes to the config version symbols.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:48 +01:00
Bence Szépkúti
2bb7456334 Base the config version on MBEDTLS_VERSION_NUMBER 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:48 +01:00
Bence Szépkúti
b2e23de0f3 Make config version symbols optional 
Also remove them from the example configs, but keep the one in
mbedtls_config.h.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:48 +01:00
Bence Szépkúti
04982f7b6b Move version defines to build_info.h 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:48 +01:00
Bence Szépkúti
8d9132f43c Fix typo 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:48 +01:00
Bence Szépkúti
90b79ab342 Add migration guide and changelog 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:48 +01:00
Bence Szépkúti
c850054759 Remove reference to including check_config.h 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:47 +01:00
Bence Szépkúti
d3da503c29 Move comment closer to relevant code 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:47 +01:00
Bence Szépkúti
ba7248abc4 Introduce versioning in the config files 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:47 +01:00
Bence Szépkúti
dba968f59b Realign Markdown table 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:47 +01:00
Bence Szépkúti
bb0cfeb2d4 Rename config.h to mbedtls_config.h 
This commit was generated using the following script:

# ========================
#!/bin/sh
git ls-files | grep -v '^ChangeLog' | xargs sed -b -E -i '
s/((check|crypto|full|mbedtls|query)_config)\.h/\1\nh/g
s/config\.h/mbedtls_config.h/g
y/\n/./
'
mv include/mbedtls/config.h include/mbedtls/mbedtls_config.h
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:28:33 +01:00
Bence Szépkúti
2893269cbb Remove reference to obsolete inclusion guard 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:24:42 +01:00
Bence Szépkúti
c5c9eb4741 Move preprocessor logic to build_info.h 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:24:42 +01:00
Bence Szépkúti
c662b36af2 Replace all inclusions of config.h 
Also remove preprocessor logic for MBEDTLS_CONFIG_FILE, since
build_info.h alreadyy handles it.

This commit was generated using the following script:

# ========================
#!/bin/sh
git ls-files | grep -v '^include/mbedtls/build_info\.h$' | xargs sed -b -E -i '
/^#if !?defined\(MBEDTLS_CONFIG_FILE\)/i#include "mbedtls/build_info.h"
//,/^#endif/d
'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:24:07 +01:00
Bence Szépkúti
5ab7303409 Introduce a level of indirection in config header 
Create a separate header file (mbedtls/build_info.h) to use when
depending on the config options defined in config.h.

Also copy the handling of the MBEDTLS_CONFIG_FILE macro into the new
header, so that the next commit can remove this code from every other
place where config.h used to be included.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:14:17 +01:00
Dave Rodgman
10bda58b49
Merge pull request #4259 from CJKay/cmake-config 
Add CMake package config file
 2021-06-25 20:32:13 +01:00
Dave Rodgman
63ad854de8
Merge pull request #4712 from daverodgman/psa_cipher_and_mac_abort_on_error 
Psa cipher and mac abort on error
 2021-06-25 15:39:59 +01:00
Gilles Peskine
918708b824
Merge pull request #4729 from paul-elliott-arm/fix_test_illegal_access 
Fix potential free of uninitialised pointer
 2021-06-25 13:43:56 +02:00
Paul Elliott
e57dd2d450 Fix potential free of uninitialised pointer 
A test was added in that could cause a jump to exit prior to
initialisation of a pointer that would get freed if that test failed.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-25 11:17:12 +01:00
Dave Rodgman
90d1cb83a0 Use more standard label name 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-25 09:09:02 +01:00
Ronald Cron
3698fa1043
Merge pull request #4673 from gilles-peskine-arm/psa_crypto_spm-from_platform_h 
Fix and test the MBEDTLS_PSA_CRYPTO_SPM build
 2021-06-25 09:01:08 +02:00
Gilles Peskine
1fed4b8324
Merge pull request #4720 from gilles-peskine-arm/gcm-finish-outlen 
Add output_length parameter to mbedtls_gcm_finish
 2021-06-24 20:02:40 +02:00
Dave Rodgman
6f7105818c Improve psa_hash_update negative test 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 18:15:23 +01:00
Dave Rodgman
8036bddb01 Tidy up logic in psa_mac_sign_finish 
Simplify the logic in psa_mac_sign_finish.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 16:19:08 +01:00
Dave Rodgman
b5dd7c794d Correct coding style issues 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 16:17:43 +01:00
Dave Rodgman
54648243cd Call abort on error in psa_mac/cipher setup 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 11:49:45 +01:00
Dave Rodgman
685b6a742b Update multipart hash operations to abort on error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 11:49:14 +01:00
Dave Rodgman
5ae6f7547c Add negative tests for psa_abort in hash functions 
Various functions for PSA hash operations call abort
on failure; test that this is done. The PSA spec does not require
this behaviour, but it makes our implementation more robust in
case the user does not abort the operation as required by the
PSA spec.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 11:41:05 +01:00
Gilles Peskine
fedd52ca19
Merge pull request #4707 from gilles-peskine-arm/require-matching-hashlen-rsa-implementation 
Require matching hashlen in RSA functions: implementation
 2021-06-24 10:28:20 +02:00
Gilles Peskine
5a7be10419 Add output_length parameter to mbedtls_gcm_finish 
Without this parameter, it would be hard for callers to know how many bytes
of output the function wrote into the output buffer. It would be possible,
since the cumulated output must have the same length as the cumulated input,
but it would be cumbersome for the caller to keep track.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-23 21:51:32 +02:00
Dave Rodgman
38e62aebc3 Update cipher and mac functions to abort on error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-23 18:59:17 +01:00
Dave Rodgman
647791da5b Add negative tests for psa_abort in cipher and mac functions 
Various functions for PSA cipher and mac operations call abort
on failure; test that this is done. The PSA spec does not require
this behaviour, but it makes our implementation more robust in
case the user does not abort the operation as required by the
PSA spec.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-23 18:59:17 +01:00
Gilles Peskine
f06b92d724
Merge pull request #4567 from mstarzyk-mobica/gcm_ad 
Enable multiple calls to mbedtls_gcm_update_ad
 2021-06-23 19:36:23 +02:00
Dave Rodgman
cb17fc34cf
Merge pull request #4671 from mpg/x509-crt-profile-public 
Make the fields of mbedtls_x509_crt_profile public
 2021-06-23 16:06:12 +01:00
Ronald Cron
4f7cc1bb63
Merge pull request #4713 from gilles-peskine-arm/psa-storage-format-test-lifetimes-3.0 
PSA storage format: test lifetimes
Almost straightforward of #4392 thus merging with only one approval.
 2021-06-23 15:22:03 +02:00
Janos Follath
aa5938edb3
Merge pull request #4703 from gilles-peskine-arm/mpi_montmul-null-3.0 
Fix several bugs with the value 0 in bignum
 2021-06-23 13:40:14 +01:00
Mateusz Starzyk
939a54cda3 Fix typos and style issues. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:15 +02:00
Mateusz Starzyk
469c9f35f6 Add GCM tests for empty ciphertext/plaintext and empty AD. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:15 +02:00
Mateusz Starzyk
58d3a7ef97 Add GCM tests with vectors lengths non-dividable by 16. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:15 +02:00
Mateusz Starzyk
032a1ceaf3 Remove init_result check from custom gcm test functions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:15 +02:00
Mateusz Starzyk
f8a0d4d3bf Fix nested loops set_step in gcm test suite. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:15 +02:00
Mateusz Starzyk
fc60622710 Add customized test functions for GCM update and update_ad. 
New functions are used to cover corner cases:
* authentication data is fed to gcm with 0, 1 or 2 calls to gcm_update
* ciphertext is fed to gcm with 0, 1 or 2 calls to gcm_update_ad

AES-GCM NIST test vectors downloaded at 16.06.2021 from:
csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:03 +02:00
Ronald Cron
44a0ae920c
Merge pull request #4710 from mstarzyk-mobica/ccm_taglen 
Add missing tag_len in ccm api.
PR-4710-merge TLS Testing  run successfully and the failure in PR-4710-head TLS Testing are CI problems thus merging.
 2021-06-23 14:20:26 +02:00