mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-17 07:20:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
15,997 Commits 172 Branches 263 Tags
Commit Graph

15997 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paul Elliott
16e6dcd72e Add missing abort call to the end of tests 
All tests should have an abort call in case of test failure to make sure
everything is cleaned up. Also removed unused define.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
72baf65819 Ensure operation id gets set even if failure 
Although this deviates from the standard "auto-generated" code, the
M-AEAD setup functions set the key and thus allocate memory. If the
failure occurs after this (invalid tag size for example) then not having
the id set to the internal drivers means that abort does not get called,
and this causes the allocated data to leak.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
ac3c20013c Prevent unsafe memcpy 
Some tests cause a zero length input or output, which can mean the
allocated test output buffers can be zero length. Protect against
calling memcpy blindly in these situations.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
d4e99ed40c Fix mistyped buffer size variable 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
4bbe82bdcc Add transparent driver tests for M-AEAD 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
0023e0a1de Add tests for multipart AEAD 
Just clone of one shot tests for now - all additional data and body data
is passed in in one go.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
fd3ca24e56 Move CCM ouput to update step. 
Move CCM to update all data at update step, as final step can only
output at most a block length, so outputting all data at this step
significantly breaks the tests. Had to add unpleasant workaround for the
validate stage, but this is the only way I can do things without
breaking CCM Alt implementations.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
72c10082dd Fix logic issues with state checks 
Also fix missing return values.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
c4e1dcf006 Fix incorrect PSA key usage 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
811d8d462f Fix incorrect enums being used 
Fix memory leak due to aead_abort() using incorrect enums to identify
algorithm used. Fix incorrect return on failure to check tag on
aead_verify()

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
5653da0201 Fix errors with missing tests 
Return not supported for the time being whilst we don't have the
transparent driver tests done.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
302ff6bdd6 Implement multipart AEAD PSA interface 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
6504aa6451 First pass addition of driver wrappers 
Transparent driver test functions not yet implemented.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
adb8b16b16 Add internal implementation of multipart AEAD 
For the time being CCM and GCM are not entirely implemented correctly
due to issues with their underlying implentations, which would be
difficult to fix in 2.x, and thus require all the AD and data to be
passed in in one go.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Paul Elliott
07a30c4c00 Convert oneshot AEAD over to multipart struct 
Multipart AEAD operation struct has to be public as it's allocated by
the caller, so to save duplication of code, switch oneshot AEAD over to
using the multipart operation struct.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-14 19:03:26 +01:00
Hanno Becker
59b97bbe06 Fixup glitch in ChangeLog entry 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 17:12:15 +01:00
Hanno Becker
8e184e2deb Add migration guide 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 17:10:27 +01:00
Hanno Becker
a808ec3f0d Add ChangeLog entry 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 17:10:15 +01:00
Hanno Becker
541af8575e Use -1 instead of 1 as failure return value in internal SSL function 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 16:49:01 +01:00
Hanno Becker
fc1f4135c3 Use memset( x, 0, sizeof( x ) ) to clear local structure 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 14:57:54 +01:00
Hanno Becker
9caed14a21 Fix typo in ssl session cache documentation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 14:57:13 +01:00
Hanno Becker
78196e366f Fix search for outdated entries in SSL session cache 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 14:55:15 +01:00
Hanno Becker
c3f4a97b8f Don't infer last element of SSL session cache twice 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 14:54:24 +01:00
Hanno Becker
466ed6fd08 Improve local variable naming in SSL session cache implementation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 14:54:00 +01:00
Hanno Becker
5cf6f7eafe Fix swapping of first and last entry in SSL session cache 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 14:45:04 +01:00
TRodziewicz
1cf33bf94d Corrections o the migration guide 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-14 14:35:26 +02:00
TRodziewicz
95f8f22c27 Migration guide added and ChangeLog clarified 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-14 14:07:51 +02:00
Hanno Becker
006f2cce2e Fix compile-time guard in session cache implementation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 04:57:44 +01:00
Hanno Becker
0d05f40222 Clarify that session cache query must return free-able session 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 04:57:43 +01:00
Hanno Becker
b94fdae3c3 Improve code structure for session cache query 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 04:57:40 +01:00
gabor-mezei-arm
07a35f68ee
Update key type name 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 16:27:46 +02:00
gabor-mezei-arm
d5218df572
Enable fallback to software implementation in psa_sign/verify_message driver 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm
f048618b43
Unify variable type and rename to be unambiguous 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm
2b8373f856
Update documentation 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm
4bc0edb919
Typo 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm
041887bfc3
Update key usage determination for exercise key tests 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm
4a6fcda031
Typo 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm
256443e64e
Change the driver calling logic for psa_sign/verify_messsage 
The changed logic is to try a sign-message driver (opaque or transparent);
if there isn't one, fallback to builtin sofware and do the hashing,
then try a sign-hash driver. This will enable to the opaque driver
to fallback to software.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm
6883fd248d
Rename sign/verify builtin functions called by driver wrapper functions 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm
6e2a8daef4
Add new tests for psa_sign/verify_message 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm
d785a79477
Fix test 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm
e088985496
Fix test names 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm
ce8804fd6e
Update tests dependencies 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm
4fabc5666b
Use non-deterministic ecdsa algorithm for verify_hash/message tests 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm
474a35f635
Return error if algorithm is not hash-then-sign for psa_sign_message 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm
8b3e88614c
Use bool variable instead of enum values 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm
12b4f34fff
Fix documentation 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm
6cdf637f88
Use switch-case for error handling 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm
6dcaa3b5a1
Update driver tests for psa_hash/verify_message 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm
f9820f92cf
Fix for algorithms other than hash-then-sign 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00