mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-12 10:13:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
mbedtls/library
History
Gilles Peskine 695c4cb7ea If a cipher algorithm is not supported, fail during setup 
In some cases, a cipher operation for an unsupported algorithm could succeed
in psa_cipher_{encrypt,decrypt}_setup() and fail only when input is actually
fed. This is not a major bug, but it has several minor downsides: fail-late
is harder to diagnose for users than fail-early; some code size can be
gained; tests that expect failure for not-supported parameters would have to
be accommodated to also accept success.

This commit at least partially addresses the issue. The only completeness
goal in this commit is to pass our full CI, which discovered that disabling
only PSA_WANT_ALG_STREAM_CIPHER or PSA_WANT_ALG_ECB_NO_PADDING (but keeping
the relevant key type) allowed cipher setup to succeed, which caused
failures in test_suite_psa_crypto_op_fail.generated in
component_test_psa_crypto_config_accel_xxx.

Changes in this commit:
* mbedtls_cipher_info_from_psa() now returns NULL for unsupported cipher
  algorithms. (No change related to key types.)
* Some code that is only relevant for ECB is no longer built if
  PSA_WANT_ALG_ECB_NO_PADDING is disabled.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:03:39 +02:00
..
.gitignore
Add psa_crypto_driver_wrappers.c to .gitignore
2021-12-18 13:29:10 +05:30
aes.c
Ensure ctr_drbg is initialised every time
2022-02-10 18:38:53 +00:00
aesni.c
Move aesni.h to library
2021-03-10 12:52:37 +00:00
aesni.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
aria.c
Replace 3 byte shift with appropriate macro
2021-08-19 09:55:42 +01:00
asn1parse.c
Add missing const attribute to asn1 api
2021-01-26 13:57:46 +01:00
asn1write.c
Replace MBEDTLS_CHAR_x with MBEDTLS_BYTE_x
2021-08-19 09:56:47 +01:00
base64.c
Delete base64_invasive.h due to functions are moved to the constant-time module
2021-11-26 17:20:02 +01:00
bignum.c
mbedtls_mpi_read_binary() document that function guarantees to return an MPI with exactly the necessary number of limbs and remove redundant call to mbedtls_mpi_grow()
2022-02-22 13:35:27 +01:00
bn_mul.h
Fix aarch64 assembly for bignum multiplication
2021-09-22 18:31:35 +01:00
camellia.c
Add Character byte reading macros
2021-08-19 09:55:41 +01:00
ccm.c
Ignore plaintext length for CCM*-no-tag.
2021-10-21 11:33:37 +02:00
chacha20.c
Replace instances of byte reading macros with PUT
2021-08-19 09:56:47 +01:00
chachapoly.c
Replace instances of byte reading macros with PUT
2021-08-19 09:56:47 +01:00
check_crypto_config.h
psa: config: Add CAMELLIA to the list of possible CMAC ciphers
2021-03-25 14:25:46 +01:00
cipher_wrap.c
Use separate MBEDTLS_MODE for the CCM*.
2021-10-27 10:42:31 +02:00
cipher_wrap.h
Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO
2022-01-03 12:53:24 +01:00
cipher.c
Return an error for IV lengths other than 12 with ChaCha20+Poly1305
2022-01-14 16:31:54 +01:00
cmac.c
Allow skipping 3DES in CMAC self-test when ALT implemented
2021-03-02 10:18:08 +01:00
CMakeLists.txt
Review comments addressed
2021-12-19 13:37:37 +05:30
common.h
fix wrong para name in doxygen comments
2021-10-28 10:26:13 +08:00
constant_time_internal.h
Add documentation for the functions
2021-11-26 17:25:14 +01:00
constant_time_invasive.h
Add documentation for the functions
2021-11-26 17:25:14 +01:00
constant_time.c
Cap the workaround for mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to MSVC versions prior to 17.1.
2022-01-31 13:34:01 -08:00
ctr_drbg.c
Tidy up grouped MBEDTLS_BYTE_x macros
2021-08-23 11:52:28 +01:00
debug.c
Add missing parentheses
2021-06-17 21:46:29 +02:00
des.c
Catch failures of AES or DES operations
2021-09-27 16:22:08 +02:00
dhm.c
Use byte reading macros in places not using a byte mask
2021-08-19 09:56:47 +01:00
ecdh_misc.h
Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3
2021-12-10 13:47:55 +01:00
ecdh.c
Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3
2021-12-10 13:47:55 +01:00
ecdsa.c
Rename error translation functions and move them to library/pk_wrap.*
2022-03-01 15:21:02 +01:00
ecjpake.c
Tidy up grouped MBEDTLS_BYTE_x macros
2021-08-23 11:52:28 +01:00
ecp_curves.c
Add prefix to BYTES_TO_T_UINT_*
2021-06-25 12:46:40 +01:00
ecp_internal_alt.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
ecp_invasive.h
Move mbedtls_mpi_random to the bignum module
2021-06-03 18:10:04 +02:00
ecp.c
Make more use of helper function for init/free of MPI array
2022-01-11 05:06:54 +00:00
entropy_poll.c
Rename config.h to mbedtls_config.h
2021-06-28 09:28:33 +01:00
entropy_poll.h
Rename config.h to mbedtls_config.h
2021-06-28 09:28:33 +01:00
entropy.c
Merge pull request #4640 from TRodziewicz/move_part_of_timing_module_out_of_the_library_and_to_test
2021-06-18 16:35:58 +01:00
gcm.c
Merge pull request #5213 from tom-cosgrove-arm/pr_4950
2021-11-22 22:22:37 +01:00
hkdf.c
Update copyright notices to use Linux Foundation guidance
2020-08-19 10:35:41 +02:00
hmac_drbg.c
Rename the _ret() functions
2021-06-08 16:45:41 +02:00
Makefile
Review comments addressed
2021-12-19 13:37:37 +05:30
md5.c
GET macros use a target variable
2021-08-19 09:31:55 +01:00
md_wrap.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
md.c
Add function to get md info from md context
2021-12-28 16:32:00 +01:00
memory_buffer_alloc.c
Update copyright notices to use Linux Foundation guidance
2020-08-19 10:35:41 +02:00
mps_common.h
Capitalise MPS trace macros
2021-04-07 12:45:35 +01:00
mps_error.h
Fix Doxygen headers for MPS files
2021-03-29 14:20:18 +01:00
mps_reader.c
Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3
2021-12-10 13:47:55 +01:00
mps_reader.h
Fix Doxygen headers for MPS files
2021-03-29 14:20:18 +01:00
mps_trace.c
Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3
2021-12-10 13:47:55 +01:00
mps_trace.h
Capitalise MPS trace macros
2021-04-07 12:45:35 +01:00
net_sockets.c
Add a missing guard for time.h in net_sockets.c
2022-03-04 05:07:45 -05:00
nist_kw.c
Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module
2021-11-24 10:44:13 +01:00
oid.c
Remove MD2, MD4, RC4, Blowfish and XTEA
2021-06-16 10:34:25 +02:00
padlock.c
Move padlock.h to library
2021-03-10 12:52:37 +00:00
padlock.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
pem.c
Rename the _ret() functions
2021-06-08 16:45:41 +02:00
pk_wrap.c
Use new PSA to mbedtls PK error mapping functions in rsa_sign_wrap()
2022-03-03 16:41:23 +01:00
pk_wrap.h
Rename error translation functions and move them to library/pk_wrap.*
2022-03-01 15:21:02 +01:00
pk.c
Rename error translation functions and move them to library/pk_wrap.*
2022-03-01 15:21:02 +01:00
pkcs5.c
Apply MBEDTLS_ERROR_ADD to library
2021-04-15 11:19:47 +01:00
pkcs12.c
Remove incorrect hashing
2021-12-02 18:03:12 +00:00
pkparse.c
mbedtls_pk_parse_key: don't allocate if not needed
2021-12-10 17:36:37 +01:00
pkwrite.c
Rename max sizes of RSA & EC DER keys defines
2022-03-01 10:03:21 +01:00
pkwrite.h
Rename max sizes of RSA & EC DER keys defines
2022-03-01 10:03:21 +01:00
platform_util.c
Correction to callback declaration and usage
2021-07-13 12:23:12 +02:00
platform.c
Update copyright notices to use Linux Foundation guidance
2020-08-19 10:35:41 +02:00
poly1305.c
Replace instances of byte reading macros with PUT
2021-08-19 09:57:41 +01:00
psa_crypto_aead.c
Merge pull request #5047 from paul-elliott-arm/psa-m-aead-ccm
2021-12-09 14:49:42 +01:00
psa_crypto_aead.h
Restore internal driver for aead_set_lengths
2021-09-28 11:16:27 +01:00
psa_crypto_cipher.c
If a cipher algorithm is not supported, fail during setup
2022-04-05 15:03:39 +02:00
psa_crypto_cipher.h
Merge branch 'development-restricted' into mbedtls-3.1.0rc-pr
2021-12-14 10:58:18 +01:00
psa_crypto_client.c
Move the inclusion of crypto_spe.h to psa/crypto_platform.h
2021-06-17 11:43:58 +02:00
psa_crypto_core.h
Code style improvements
2021-09-08 22:04:13 +05:30
psa_crypto_driver_wrappers.h
Merge pull request #5292 from mprse/asym_encrypt
2022-03-10 20:07:38 +01:00
psa_crypto_ecp.c
psa: Remove test code in the library
2021-12-06 07:50:27 +01:00
psa_crypto_ecp.h
psa: test driver: Move driver test entry points prototypes
2021-12-06 07:50:27 +01:00
psa_crypto_hash.c
psa: Fix and improve comments
2021-12-06 07:50:27 +01:00
psa_crypto_hash.h
psa: test driver: Move driver test entry points prototypes
2021-12-06 07:50:27 +01:00
psa_crypto_invasive.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
psa_crypto_its.h
Update documentation
2020-11-25 13:10:50 +01:00
psa_crypto_mac.c
psa: Fix and improve comments
2021-12-06 07:50:27 +01:00
psa_crypto_mac.h
psa: test driver: Move driver test entry points prototypes
2021-12-06 07:50:27 +01:00
psa_crypto_random_impl.h
Work around MSVC bug with duplicate static declarations
2021-02-16 18:55:05 +01:00
psa_crypto_rsa.c
psa_asymmetric_decrypt: move build-in impl to mbedtls_psa_asymmetric_decrypt
2022-01-10 12:55:06 +01:00
psa_crypto_rsa.h
psa_asymmetric_decrypt: move build-in impl to mbedtls_psa_asymmetric_decrypt
2022-01-10 12:55:06 +01:00
psa_crypto_se.c
Update copyright notices to use Linux Foundation guidance
2020-08-19 10:35:41 +02:00
psa_crypto_se.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
psa_crypto_slot_management.c
Merge pull request #4878 from SiliconLabs/remove_dependency_4877
2021-09-20 22:20:16 +02:00
psa_crypto_slot_management.h
psa: Fix error code when creating/registering a key with invalid id
2021-04-01 14:05:41 +02:00
psa_crypto_storage.c
Erase secrets in allocated memory before freeing said memory
2022-02-25 11:14:59 +01:00
psa_crypto_storage.h
Rename PSA_KEY_SLOT_COUNT to MBEDTLS_PSA_KEY_SLOT_COUNT
2021-02-15 14:26:44 +01:00
psa_crypto.c
Make psa_key_derivation_setup return early if the key agreement is not supported
2022-04-05 15:00:01 +02:00
psa_its_file.c
Update library/psa_its_file.c
2022-02-14 12:24:56 +01:00
ripemd160.c
GET macros use a target variable
2021-08-19 09:31:55 +01:00
rsa_alt_helpers.c
Rename rsa_internal.* to rsa_alt_helpers.*
2021-03-10 12:52:37 +00:00
rsa_alt_helpers.h
Replace all inclusions of config.h
2021-06-28 09:24:07 +01:00
rsa.c
Rename error translation functions and move them to library/pk_wrap.*
2022-03-01 15:21:02 +01:00
sha1.c
GET macros use a target variable
2021-08-19 09:31:55 +01:00
sha256.c
Rename mbedtls_a64_crypto_sha256_check_support() to mbedtls_a64_crypto_sha256_determine_support()
2022-02-24 08:33:11 +00:00
sha512.c
Add UINT64 GET and PUT macros
2021-08-19 09:56:47 +01:00
ssl_cache.c
Fix search for outdated entries in SSL session cache
2021-05-14 14:55:15 +01:00
ssl_ciphersuites.c
Add accessors for ciphersuite info
2022-01-13 00:05:48 -05:00
ssl_cli.c
Add missing key destruction calls in ssl_write_client_key_exchange
2022-02-25 04:36:40 -05:00
ssl_cookie.c
mbedtls_ssl_cookie_check: zeroize expected cookie on cookie mismatch
2021-12-13 12:35:08 +01:00
ssl_debug_helpers.h
Add prototype for automatically generated debug helper
2022-02-21 15:14:01 +01:00
ssl_misc.h
Merge pull request #5454 from gstrauss/cert_cb-user_data
2022-03-10 11:51:42 +01:00
ssl_msg.c
ssl_msg.c: Change message in MBEDTLS_SSL_DEBUG_RET() to be the failed function name instead current function name
2022-02-07 15:12:05 +01:00
ssl_srv.c
Add accessor to retrieve SNI during handshake
2022-02-25 19:55:53 -05:00
ssl_ticket.c
Create public macros for ssl_ticket key,name sizes
2022-02-09 15:28:28 -05:00
ssl_tls13_client.c
Merge pull request #5448 from lhuang04/tls13_alpn
2022-03-08 17:53:38 +00:00
ssl_tls13_generic.c
Merge pull request #5524 from mprse/tls_ecdh_2c
2022-03-08 11:43:45 +01:00
ssl_tls13_invasive.h
Implement HKDF expand in TLS 1.3 based on PSA HMAC
2022-02-10 10:57:23 +01:00
ssl_tls13_keys.c
Merge pull request #5524 from mprse/tls_ecdh_2c
2022-03-08 11:43:45 +01:00
ssl_tls13_keys.h
Update based on comments
2021-12-02 06:36:27 +00:00
ssl_tls13_server.c
tls13_only: improve guards of files.
2022-02-21 09:06:00 +08:00
ssl_tls.c
Add accessor to retrieve SNI during handshake
2022-02-25 19:55:53 -05:00
threading.c
Rename config.h to mbedtls_config.h
2021-06-28 09:28:33 +01:00
timing.c
Provide a dummy implementation of timing.c
2022-03-04 05:07:45 -05:00
version.c
Update copyright notices to use Linux Foundation guidance
2020-08-19 10:35:41 +02:00
x509_create.c
Update copyright notices to use Linux Foundation guidance
2020-08-19 10:35:41 +02:00
x509_crl.c
Do not include time.h without MBEDTLS_HAVE_TIME
2022-03-04 05:07:45 -05:00
x509_crt.c
Merge pull request #3624 from daxtens/timeless
2022-03-15 16:43:19 +00:00
x509_csr.c
Merge pull request #3777 from hanno-arm/x509-info-optimization_rebased
2021-04-28 17:31:55 +01:00
x509.c
Merge pull request #3777 from hanno-arm/x509-info-optimization_rebased
2021-04-28 17:31:55 +01:00
x509write_crt.c
Improving readability of x509_crt and x509write_crt for PR
2022-03-07 13:59:44 +01:00
x509write_csr.c
Improving readability of x509_crt and x509write_crt for PR
2022-03-07 13:59:44 +01:00