Manuel Pégourié-Gonnard
02969bf882
ChaCha20: allow in-place en/decryption
...
All other ciphers so far allow this. In particular, the TLS layer depends on
this, despite what's documented in the Cipher layer, see
https://github.com/ARMmbed/mbedtls/issues/1085
https://github.com/ARMmbed/mbedtls/issues/1087
Also, this can be useful for implementing chachapoly without depending on the
semi-internal function keystream_block(), see next commit.
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
d4bd8569d4
Rename aead_chacha20_poly1305 to chachapoly
...
While the old name is explicit and aligned with the RFC, it's also very long,
so with the mbedtls_ prefix prepended we get a 31-char prefix to each
identifier, which quickly conflicts with our 80-column policy.
The new name is shorter, it's what a lot of people use when speaking about
that construction anyway, and hopefully should not introduce confusion at
it seems unlikely that variants other than 20/1305 be standardised in the
foreseeable future.
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
54b1a7342c
Rename poly1305_setkey() to poly1305_starts()
...
For consistency with the existing CMAC and HMAC APIs
2018-05-10 13:22:14 +02:00
Manuel Pégourié-Gonnard
726cf72fce
Avoid using %zu in selftest functions
...
This is a C99 feature and unfortunately we can't rely on it yet considering
the set of toolchain (versions) we want to support.
2018-05-10 13:22:14 +02:00
Manuel Pégourié-Gonnard
a9ed291d2d
Add missing extern "C" guard to new headers
2018-05-10 13:22:14 +02:00
Manuel Pégourié-Gonnard
deda80e80d
Adapt the _ALT style to our new standard
...
- in .h files: only put the context declaration inside the #ifdef _ALT
(this was changed in 2.9.0, ie after the original PR)
- in .c file: only leave selftest out of _ALT: even though some function are
trivial to build from other parts, alt implementors might want to go another
way about them (for efficiency or other reasons)
2018-05-10 13:22:14 +02:00
Manuel Pégourié-Gonnard
690d9e6fad
Add ChangeLog entry for new features.
...
Fixes #346
2018-05-10 13:22:14 +02:00
Daniel King
f589275d80
Minor style and formatting fixes.
...
This change corrects some minor style violations, mostly for spacing
around parentheses.
2018-05-10 13:22:14 +02:00
Daniel King
47252c739d
Correct signedness of printf specifier in self tests
2018-05-10 13:22:14 +02:00
Daniel King
b9a069d096
Fix unused function warning under certain configurations.
...
I refactored some code into the function mbedtls_constant_time_memcmp
in commit 7aad291 but this function is only used by GCM and
AEAD_ChaCha20_Poly1305 to check the tags. So this function is now
only enabled if either of these two ciphers is enabled.
2018-05-10 13:22:14 +02:00
Daniel King
5b7f1d8035
Fix test suite when GCM Is disabled, but AEAD_ChaCha20_Poly1305 is enabled.
2018-05-10 13:21:40 +02:00
Daniel King
89c7b10c6a
Add ChaCha20 test vectors from RFC 7539
2018-05-10 13:21:40 +02:00
Daniel King
a7472e16bc
Add ChaCha20/Poly1305 ciphers to the selftest program
2018-05-10 13:21:40 +02:00
Daniel King
d00afaf2ba
Adjust verbose self-test output to match other ciphers.
2018-05-10 13:21:40 +02:00
Daniel King
b437a98faf
Add ChaCha20+Poly1305 to the Cipher module
2018-05-10 13:21:40 +02:00
Daniel King
f28c2aa64e
Allow some parameters to be NULL if the length is 0.
...
This change permits users of the ChaCha20/Poly1305 algorithms
(and the AEAD construction thereof) to pass NULL pointers for
data that they do not need, and avoids the need to provide a valid
buffer for data that is not used.
2018-05-10 13:20:52 +02:00
Daniel King
31ac12e004
Implement AEAD-ChaCha20-Poly1305.
...
This implementation is based off the description in RFC 7539.
The ChaCha20 code is also updated to provide a means of generating
keystream blocks with arbitrary counter values. This is used to
generated the one-time Poly1305 key in the AEAD construction.
2018-05-10 13:20:52 +02:00
Daniel King
5d77eaa233
Add Poly1305 authenticator algorithm (RFC 7539)
...
Test vectors are included from RFC 7539.
Poly1305 is also added to the benchmark program.
2018-05-10 13:20:52 +02:00
Daniel King
0fe7b5b8c5
Add ChaCha20 to the Cipher module
2018-05-10 13:19:31 +02:00
Daniel King
a98ff5eadf
Initial implementation of ChaCha20
2018-05-10 13:19:31 +02:00
Jaeden Amero
a331e0f0af
Merge remote-tracking branch 'upstream-restricted/pr/421' into development-proposed
2018-05-04 14:39:24 +01:00
Jaeden Amero
fb19399f41
Merge remote-tracking branch 'upstream-public/pr/1498' into development-proposed
2018-05-04 11:09:14 +01:00
Jaeden Amero
09c4e7ef5a
Merge remote-tracking branch 'upstream-public/pr/1486' into development-proposed
2018-05-04 11:03:16 +01:00
Jaeden Amero
070e356476
Merge remote-tracking branch 'upstream-restricted/pr/481' into development-restricted
2018-05-01 15:28:18 +01:00
Simon Butcher
e6a2a1aa97
Add the uodate to the soversion to the ChangeLog
2018-05-01 14:02:24 +01:00
Jaeden Amero
78d2f7d5df
Merge remote-tracking branch 'upstream-restricted/pr/478' into development-restricted
2018-04-30 17:37:42 +01:00
Simon Butcher
b03120ad41
Fix the ChangeLog for clarity, english and credit
2018-04-30 17:13:42 +01:00
Jaeden Amero
00cbed23b8
Merge remote-tracking branch 'upstream-restricted/pr/474' into development-restricted
2018-04-30 10:21:25 +01:00
Jaeden Amero
7d7bad6b1f
Update version to 2.9.0
...
Bump SOVERSION for parity with 2.7.2 and 2.7.3.
2018-04-30 09:58:33 +01:00
Jaeden Amero
8b98498e9a
Merge remote-tracking branch 'upstream-restricted/pr/477' into development-restricted-proposed
2018-04-27 18:27:47 +01:00
Jaeden Amero
fe0669f52a
ecp: Fix binary compatibility with group ID
...
We naturally added the new Curve448 ECP group ID in alphabetical order in
the mbedtls_ecp_group_id enum. However, this causes binary incompatibility
issues as previous binaries will use values for groups that now have a
different meaning. For example, MBEDTLS_ECP_DP_SECP192K1, old value 10,
would mean Curve448 (MBEDTLS_ECP_DP_CURVE448) and the wrong group ID used.
Fix the binary compatibility issue by adding new enum entries to the end of
the enum, even though this isn't so great for readbility as the list is no
longer in alphabetical order. However, the list wasn't perfectly in
alphabetical order before anyway.
2018-04-27 18:20:31 +01:00
Jaeden Amero
c64a300027
Merge remote-tracking branch 'upstream-restricted/pr/471' into development-restricted-proposed
...
Remove trailing whitespace in ChangeLog.
2018-04-26 09:06:33 +01:00
Jaeden Amero
bd05dfd49f
Merge branch 'development-proposed' into development-restricted-proposed
...
Resolve conflicts in ChangeLog
2018-04-26 09:03:03 +01:00
Jaeden Amero
84a1107818
Merge remote-tracking branch 'upstream-public/pr/1592' into development-proposed
2018-04-25 14:22:12 +01:00
Jaeden Amero
38c42d5afa
Merge remote-tracking branch 'upstream-public/pr/1570' into development-proposed
...
Resolve merge conflict in ChangeLog.
2018-04-25 14:20:08 +01:00
Andrzej Kurek
b7a18c0498
Changelog entry
2018-04-25 05:25:30 -04:00
Andrzej Kurek
03bac448db
Change accepted ciphersuite versions when parsing server hello
...
Accept only ciphersuites for version chosen by the server
2018-04-25 05:06:07 -04:00
Jaeden Amero
8945343a51
Merge branch 'development-proposed' into development-restricted-proposed
...
Resolve merge conflict in ecp.h, where `mbedtls_ecp_keypair` was moved.
2018-04-24 17:16:34 +01:00
Andres Amaya Garcia
8491406803
Remove preprocessor directives around platform_util.h include
2018-04-24 08:40:46 -05:00
Andres Amaya Garcia
6698d2fc5c
Fix style for mbedtls_mpi_zeroize()
2018-04-24 08:39:07 -05:00
Andres Amaya Garcia
56e06db102
Improve mbedtls_platform_zeroize() docs
2018-04-24 08:37:52 -05:00
Andres Amaya Garcia
708c5cb6ab
mbedtls_zeroize -> mbedtls_platform_zeroize in docs
2018-04-24 08:33:31 -05:00
Andres Amaya Garcia
d0ef468d39
Reword config.h docs for MBEDTLS_PLATFORM_ZEROIZE_ALT
2018-04-24 08:31:34 -05:00
Andres Amaya Garcia
bc7bdbf5c8
Organize CMakeLists targets in alphabetical order
2018-04-24 08:29:20 -05:00
Andres Amaya Garcia
21b376b56c
Organize output objs in alfabetical order in Makefile
2018-04-24 08:28:26 -05:00
Jaeden Amero
1afdec1812
Merge remote-tracking branch 'upstream-public/pr/1578' into development-proposed
2018-04-24 14:19:41 +01:00
Jaeden Amero
3dd8abd037
Regenerate errors after ecp.h updates
...
The error descriptions were updated in ecp.h (PR #1578 ), so also update
the strings in error.c.
2018-04-24 14:13:15 +01:00
Jaeden Amero
519b129f78
Merge remote-tracking branch 'upstream-public/pr/1580' into development-proposed
2018-04-24 13:20:11 +01:00
Rose Zadik
a7a6155272
Update ecp.h
...
One fix. Removed trailing whitespaces
2018-04-24 13:14:01 +01:00
Andrzej Kurek
a9ceef8e03
Change variable bytes_written to header_bytes in record decompression
...
The name is changed to better reflect the input, decompression case
2018-04-24 06:34:17 -04:00