Paul Elliott
eac6c757a2
Make nonce length check return error where it can
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
12acb6bb4c
Remove missed references to aead_verify from docs
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
b183d56b5f
Use safer size for tag checking
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
06b6b8c8d6
Add missing zeroize for sensitive tag data.
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
3d7d52c2ed
Formatting fixes
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-01 15:09:15 +01:00
Paul Elliott
5e69aa5709
Remove NULL check for set nonce
...
Also remove tests which would pass NULL to this function.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-25 17:40:40 +01:00
Paul Elliott
2e450093e1
Remove variables declared as unused
...
They are now always being used.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-25 17:40:40 +01:00
Paul Elliott
efda3408ce
Fix formatting issues
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-25 17:40:40 +01:00
Paul Elliott
3242f6c8ef
Fix formatting issue
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-25 17:40:40 +01:00
Paul Elliott
b8db2c5726
Remove extra blank lines
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-25 17:40:40 +01:00
Paul Elliott
daf5c8954c
Remove extraneous state checks
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-25 17:40:40 +01:00
Paul Elliott
d9343f2f0f
Refactor is_encrypt into aead setup arguments
...
Avoid touching the operation until later.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-25 17:40:40 +01:00
Paul Elliott
36869706e2
Remove duplicated statements in documentation.
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-19 19:18:28 +01:00
Paul Elliott
e0a12bd852
Refactor aead setup functions into single function
...
Move common encrypt / decrypt code into common function, and roll in
previously refactored setup checks function, as this is now the only
place it is called.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-19 19:18:28 +01:00
Paul Elliott
5d3a3c3ee4
Fix arguments formatting mistake
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-19 19:18:28 +01:00
Paul Elliott
66696b5591
Improve nonce length checks
...
Add the missing nonce length checks (this function is being used by
oneshot functions as well as multipart, and thus all cipher suites are
being used) and cover the case where a NULL buffer gets passed in.
Extended the set nonce test to cover this.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-16 18:44:50 +01:00
Paul Elliott
814fffbd72
Remove overly strict final checks
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-08-16 18:44:42 +01:00
Paul Elliott
ecce901907
Change over to specific per algorith size checks
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-23 18:53:53 +01:00
Paul Elliott
ed08cf884a
Add safety check to chachapoly finish
...
Previous code checked that the buffer was big enough for the tag size
for the given algorithm, however chachapoly finish expects a 16 byte
buffer passed in, no matter what. If we start supporting smaller
chachapoly tags in the future, this could potentially end up in buffer
overflow, so add a safety check.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-22 18:52:20 +01:00
Paul Elliott
2fe5db87d5
Fix passing wrong tag size to GCM finish
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-22 18:52:20 +01:00
Paul Elliott
99f548d974
Fix format issues with check nonce size
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-22 18:52:20 +01:00
Paul Elliott
315628d91a
Remove internal aead_verify endpoint
...
The internal verify endpoint was only calling the finish endpoint to get
a tag to compare against the tag passed in. Moved this logic to the
driver wrapper (still allowing a driver to call verify if required) and
removed the internal implementation endpoint.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-21 18:51:23 +01:00
Paul Elliott
32925b9e5b
Make sure unused parts of tag buffer are cleared
...
We already did this on failure, but make sure the buffer does not leak
what was in it previously on success
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-21 18:51:23 +01:00
Paul Elliott
96b0173cec
Add common nonce checking to oneshot encrypt
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-21 18:51:23 +01:00
Paul Elliott
a561444561
Add missing space
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-07-21 18:51:23 +01:00
Paul Elliott
ed68d7464d
Move buffer size checks up to psa_crypto layer
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-24 20:40:47 +01:00
Paul Elliott
c2b7144da0
Simplify logic and factor out initial checks
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-24 20:40:47 +01:00
Paul Elliott
7f429b747b
Remove code duplication and fix formatting
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-24 20:40:47 +01:00
Paul Elliott
a8940ed876
Fix documented error codes
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-24 20:40:47 +01:00
Paul Elliott
cf2d66e022
Remove permitting of 8 byte nonce with PolyChaCha
...
Also unify nonce length checking
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-23 18:50:59 +01:00
Paul Elliott
95271f10c3
Call set_nonce direct rather than by wrapper
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-23 18:30:20 +01:00
Paul Elliott
d7ab9f1260
Move the setting of id in driver wrappers
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-23 09:58:05 +01:00
Paul Elliott
ad53dcc975
Move common final checks to function
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-23 08:51:29 +01:00
Paul Elliott
534d0b4484
Finish / Verify state checks
...
Ensure finish only called when encrypting and verify only called for
decrypting, and add tests to ensure this.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-22 22:14:48 +01:00
Paul Elliott
f88a565f18
Better tag size default for m-aead finish
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-22 22:14:48 +01:00
Paul Elliott
d89304ebb7
Fix formatting issues
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-22 22:14:48 +01:00
Paul Elliott
e4030f2cd1
Replace function with macro that already exists
...
I wrote a function to determine the base algorithm given a variant,
however this is already implemented by
PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-22 22:14:48 +01:00
Paul Elliott
7220cae93c
Ensure generate nonce unavailable in decrypt
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-22 22:14:47 +01:00
Paul Elliott
8eb9dafda1
Add generate nonce test
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-22 16:31:09 +01:00
Paul Elliott
1c8de15490
Update documentation to tally with recent changes
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-22 16:31:09 +01:00
Paul Elliott
bc94978d8c
Add missing unused arguments
...
No algorithm defined case generally doesn't use the operation.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-22 16:31:09 +01:00
Paul Elliott
40ef3a9454
Fix state logic and return codes
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-01 17:17:58 +01:00
Paul Elliott
83f09ef056
Proper multipart AEAD GCM Implementation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-01 17:17:47 +01:00
Paul Elliott
b2ce2ed6d8
Merge remote-tracking branch 'upstream/development' into psa-m-aead
...
Conflicts:
* None
2021-06-01 17:13:19 +01:00
Gilles Peskine
9f5c34cc88
Merge pull request #4596 from gilles-peskine-arm/nist_kw-null_dereference-3.0
...
Fix null pointer arithmetic in NIST_KW
2021-06-01 16:40:19 +02:00
Gilles Peskine
89ee599092
Fix null pointer arithmetic in error case
...
When mbedtls_nist_kw_wrap was called with output=NULL and out_size=0, it
performed arithmetic on the null pointer before detecting that the output
buffer is too small and returning an error code. This was unlikely to have
consequences on real-world hardware today, but it is undefined behavior and
UBSan with Clang 10 flagged it. So fix it (fix #4025 ).
Fix a similar-looking pattern in unwrap, though I haven't verified that it's
reachable there.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-01 11:22:56 +02:00
Manuel Pégourié-Gonnard
6d84e917bb
Merge pull request #4568 from creiter32/to_upstream/csr_critical_extensions
...
Expose flag for critical extensions
2021-05-31 12:46:59 +02:00
Ronald Cron
ea62d2f391
Merge pull request #4369 from hanno-arm/relax_psk_config
...
Implement relaxed semantics for static PSK configuration in Mbed TLS 3.0
2021-05-31 10:03:56 +02:00
Ronald Cron
f1eb425782
Merge pull request #4469 from xiaoxiang781216/padlock
...
aes: Check aes_padlock_ace > 0 before calling padlock
2021-05-28 11:06:40 +02:00
Ronald Cron
c44a1d522a
Merge pull request #4507 from Venafi/userid-oid
...
Add OID for User ID
2021-05-28 10:43:41 +02:00