mbedtls

Author	SHA1	Message	Date
Steven Cooreman	dbf8ceda54	Change the way driver context structures are used Apparently there's a goal to make the PSA Crypto core free from dynamic memory allocations. Therefore, all driver context structures need to be known at compile time in order for the core to know their final size. This change defines & implements for hashing operations how the context structures get defined. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-10 13:00:25 +01:00
Steven Cooreman	8e9e407fed	Clarify documentation of internal hash software driver interface Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-10 13:00:25 +01:00
Steven Cooreman	1e58235d8b	Dispatch hashing calls through the driver wrapper layer Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-10 13:00:25 +01:00
Steven Cooreman	84d670d20c	Make psa_hash_compare go through hash_compute It's more efficient when dealing with hardware drivers. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-10 13:00:25 +01:00
Steven Cooreman	0e307647e6	Split hashing operations out into an mbedTLS hash driver Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-10 13:00:25 +01:00
Manuel Pégourié-Gonnard	17605f072b	Merge pull request #4151 from ronald-cron-arm/psa-sign_verify-hash PSA sign and verify hash rework	2021-03-10 10:08:50 +01:00
paul-elliott-arm	0135516d55	Merge pull request #4203 from paul-elliott-arm/memsan_fix_build Fix memsan build with Clang 11	2021-03-09 16:31:31 +00:00
Gilles Peskine	e252868be4	Merge pull request #4067 from stevew817/feature/allow_multilength_aead Add support for key policies (MAC & AEAD)	2021-03-08 15:04:17 +01:00
Steven Cooreman	1fb691aea9	Remove superfluous check mac size is previously checked to not be less than 4, so it can't be zero anymore at this point. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-08 14:00:34 +01:00
Steven Cooreman	cd64093222	Language & code readability updates No functional/behavioral changes in this commit Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-08 14:00:29 +01:00
Paul Elliott	fb91a48616	Fix memsan build with clang 11 Memsan build was reporting a false positive use of uninitialised memory in x509_crt.c on a struct filled by an _stat function call. According to the man pages, the element reported has to be filled in by the call, so to be safe, and keep memsan happy, zero the struct first. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-03-05 14:24:03 +00:00
Janos Follath	477a463684	Merge pull request #4168 from stevew817/fix/unreferenced_function_in_ecp_c Remove unreferenced static functions when ECP_NO_FALLBACK is used	2021-03-05 08:51:13 +00:00
Ronald Cron	bb9cbc7a23	psa: ecdsa: Prefer NOT_SUPPORTED error code When ECDSA is not supported by the library, prefer to return NOT_SUPPORTED than INVALID_ARGUMENT when asked for an ECDSA signature. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-03-04 17:43:31 +01:00
Ronald Cron	9103d490e8	psa: ecdsa: Rework deterministic support check Move the check that ECDSA is supported from the caller of the function responsible for Mbed TLS ECDSA signatures to this function, namely mbedtls_psa_ecdsa_sign_hash(). This makes the caller code more readable and is more aligned with what is expected from a sign_hash() PSA driver entry point. Add a negative test case where a deterministic ECDSA signature is requested while the library does not support deterministic ECDSA. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-03-04 13:32:27 +01:00
Janos Follath	d0b0ba8179	Merge pull request #4173 from gilles-peskine-arm/net_poll-fd_setsize-development Fix stack corruption in mbedtls_net_poll with large file descriptor	2021-03-04 12:16:33 +00:00
Ronald Cron	566899eefa	psa: Remove outdated comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-03-04 09:52:03 +01:00
Ronald Cron	cbc135599e	psa: wrapper: Remove unnecessary compiler warning workarounds Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-03-04 09:46:45 +01:00
Steven Cooreman	31a876da09	Clarify some policy-handling code comments Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-03 20:47:40 +01:00
Steven Cooreman	f9f7fdfe49	Rework MAC algorithm / key type validation Reworked the validation of MAC algorithm with the used key type by introducing psa_mac_key_can_do, which guarantees that PSA_MAC_LENGTH can be called successfully after validation of the algorithm and key type. This means psa_get_mac_output_length is no longer required. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-03 19:58:02 +01:00
Gilles Peskine	9264e01730	Update error codes listed in the net_sockets documentation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-03-03 12:27:17 +01:00
Steven Cooreman	4ff9a29686	Check truncation length explicitly Comparing algorithm with its FULL_LENGTH_MAC version doesn't work in cases where algorithm is a wildcard. Wildcard input is not specified in the documentation of the function, but in order to test the function using the same test as PSA_MAC_LENGTH we're mimicking that behaviour here. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-03 12:07:20 +01:00
Steven Cooreman	58c94d39ae	Make psa_get_mac_output_length testable and test it Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-03 10:37:35 +01:00
Steven Cooreman	7d4b0d778f	Reuse PSA_MAC_LENGTH in psa_get_mac_output_length Avoid code duplication. Also update the guarantees made by the function doc to match the guarantees given by PSA_MAC_LENGTH. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-02 21:40:03 +01:00
Steven Cooreman	5a17267442	Add a note about why key_type is required Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-02 21:40:03 +01:00
Steven Cooreman	1ac5ce3b91	Make psa_key_policy_algorithm_intersection MAC-length aware This makes it more in-line with how psa_key_policy_permits works. It also adds consistency: the intersection of MAC with default length and MAC with exact-length is now computed correctly in case the exact length equals the default length of the algorithm when used with the given key type. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-02 21:39:26 +01:00
Steven Cooreman	15472f8c70	Clean up psa_mac_setup now that we have an output length calculator Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-02 21:36:33 +01:00
Steven Cooreman	5ad4bf75e3	Move MAC default length checking into psa_key_policy_permits Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-02 21:36:33 +01:00
Steven Cooreman	328f11c50e	Language & readability touchups Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-02 11:44:51 +01:00
Steven Cooreman	e538896ad8	Remove unreferenced static functions when ECP_NO_FALLBACK is used Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-02 10:14:24 +01:00
Ronald Cron	2a0278734b	Merge pull request #4148 from stevew817/add_missing_non_12b_gcm_test_skip Add missing test skip for ALT-implemented GCM (#4010 fix-up)	2021-03-02 09:18:41 +01:00
Steven Cooreman	d788fab4ff	Clarify usage of psa_key_policy_permits Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:09:24 +01:00
Steven Cooreman	16a05f5881	Add metadata tests intertwining truncated and at-least-length algos Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:09:24 +01:00
Steven Cooreman	947bb0b06f	Code readability improvements Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:09:24 +01:00
Steven Cooreman	a1d8322f74	Fix typos & copy-paste errors Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:09:24 +01:00
Steven Cooreman	fb9cb92055	Move wildcard-to-exercisable conversion to exercise_key in test suite Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:09:24 +01:00
Steven Cooreman	7e39f05929	Using a wildcard as a specific algorithm now reports invalid argument Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:03:40 +01:00
Steven Cooreman	ae3f13bf5e	Add more test cases and fix AT_LEAST_THIS_LENGTH against base algorithm Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:03:40 +01:00
Steven Cooreman	a96e2410e7	Test _AT_LEAST_THIS_LENGTH macros in the PSA Crypto metadata test suite Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:03:40 +01:00
Steven Cooreman	2c2efa488b	Fix dependency-setting script and test dependencies for new tests Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:03:39 +01:00
Steven Cooreman	d927ed7901	Rename _MINIMUM_LENGTH flags to _AT_LEAST_THIS_LENGTH Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:03:39 +01:00
Steven Cooreman	4400c3a44a	Add _AT_LEAST_THIS_LENGTH_ macros to PSA constants test Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:03:39 +01:00
Steven Cooreman	7de9e2db1f	Language / verbiage fixes Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:03:39 +01:00
Steven Cooreman	aaec341c9b	Exercise CCM with the right amount of IV bytes in test Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:03:39 +01:00
Steven Cooreman	5d81481a1c	Rename AEAD WITH_MINIMUM_LENGTH to AT_LEAST_THIS_LENGTH Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com> # Conflicts: # include/psa/crypto_values.h # tests/suites/test_suite_psa_crypto.data	2021-03-01 16:00:31 +01:00
Steven Cooreman	caad49316b	rename MAC_WITH_MINIMUM_LENGTH_TAG to AT_LEAST_THIS_LENGTH_MAC Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:00:31 +01:00
Steven Cooreman	37389c768d	Update validity domain of min_tag_length / min_mac_length Review indicated explicit validity domain should be [1, max_alg_length] Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com> # Conflicts: # include/psa/crypto_values.h	2021-03-01 16:00:31 +01:00
Steven Cooreman	0348802247	Remove generic wildcard checks after review feedback Applied specific wildcard checks instead. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com> # Conflicts: # library/psa_crypto.c	2021-03-01 16:00:31 +01:00
Steven Cooreman	ee18b1f5a4	Style and language updates after review Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2021-03-01 16:00:31 +01:00
Steven Cooreman	b3ce8156ce	Add support for minimum-tag-length AEAD and MAC policies Includes tests. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com> # Conflicts: # include/psa/crypto_values.h # tests/suites/test_suite_psa_crypto.function	2021-03-01 16:00:31 +01:00
Gilles Peskine	34045c1d6a	Merge pull request #4145 from stevew817/fix_return_code Return NOT_SUPPORTED according to the API contract for psa_key_derivation_setup	2021-03-01 13:20:50 +01:00

1 2 3 4 5 ...

14865 commits