mbedtls

mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 15:35:50 +01:00

Author	SHA1	Message	Date
Andrzej Kurek	266d907c87	pk_wrap.c: fix length mismatch check placement	2018-11-22 13:37:14 -05:00
Andrzej Kurek	96cc1b3def	pk_wrap.c: tidy up signature extraction Add a sanity check for signature length, remove superfluous bounds check.	2018-11-22 13:37:14 -05:00
Andrzej Kurek	e30ad542a1	Cosmetic changes Move memset to a more relevant spot, fix one whitespace error	2018-11-22 13:37:14 -05:00
Andrzej Kurek	73bf6b9e00	pk_wrap: rework and tidy up signature extraction Improve comments, use a normal buffer instead of mbedtls_asn1_buf, remove unneeded variables and use shared utilities where possible.	2018-11-22 13:37:14 -05:00
Andrzej Kurek	688ea8d10d	pk_wrap: reuse a static buffer for signature extraction Use a buffer left over after importing a key to hold an extracted signature.	2018-11-22 13:37:14 -05:00
Andrzej Kurek	3016de3eeb	pk_wrap: rework signature extraction to work with small r and s values There is a probability that r will be encoded as 31 or less bytes in DER, so additional padding is added in such case. Added a signature-part extraction function to tidy up the code further.	2018-11-22 13:37:14 -05:00
Manuel Pégourié-Gonnard	7b7808cc76	Add tests for ECDSA verify with short r, s values This is intended to test transcoding the signature to the format expected by PSA (fixed-length encoding of r, s) when r and s have respectively: - full length with initial null byte - full length without initial null byte - non-full length with initial null byte - non-full length without initial null byte The signatures were generated using: programs/pkey/pk_sign tests/data_files/server5.key foo where foo is an empty file, and with a variant of one of the following patches applied: diff --git a/library/ecdsa.c b/library/ecdsa.c index abac015cebc6..e4a27b044516 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group grp, ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } + printf("\ngenerating r...\n"); +gen: MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) ); #if defined(MBEDTLS_ECP_RESTARTABLE) @@ -317,6 +319,11 @@ mul: MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G, f_rng, p_rng, ECDSA_RS_ECP ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) ); + + size_t bits = mbedtls_mpi_bitlen( pr ); + printf("%zu ", bits); + if( bits != 255 ) + goto gen; } while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 ); or: diff --git a/library/ecdsa.c b/library/ecdsa.c index abac015cebc6..d704376e0c42 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group grp, ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } + printf("\ngenerating r...\n"); +gen: MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) ); #if defined(MBEDTLS_ECP_RESTARTABLE) @@ -353,6 +355,11 @@ modn: MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) ); + + size_t bits = mbedtls_mpi_bitlen( s ); + printf("%zu ", bits); + if( bits != 247 ) + goto gen; } while( mbedtls_mpi_cmp_int( s, 0 ) == 0 ); with the value edited manually between each run to get the desired bit length.	2018-11-22 13:37:14 -05:00
Andrzej Kurek	45fc464156	pk_wrap: improve error codes returned from ecdsa_verify_wrap Use the shared PSA utilities to translate errors.	2018-11-22 13:37:14 -05:00
Andrzej Kurek	ca6330992e	pk_wrap: switch to helper functions defined in psa_util.h Remove duplicated helper functions. Remove an unnecessary call to psa_crypto_init().	2018-11-22 13:37:14 -05:00
Andrzej Kurek	510ee70501	pk_wrap: test if a valid md_alg is passed to ecdsa_verify_wrap Adjust tests to pass a valid algorithm	2018-11-22 13:37:14 -05:00
Andrzej Kurek	2f69b1a059	pk_wrap: destroy key slot on errors with policy or key importing	2018-11-22 13:37:14 -05:00
Andrzej Kurek	c097b0fded	pk_wrap: add a check for equal signature parts	2018-11-22 13:37:14 -05:00
Andrzej Kurek	f8c94a811a	pk_wrap: check if curve conversion is successful	2018-11-22 13:37:14 -05:00
Andrzej Kurek	6d49ae9223	pk_wrap: nullify the signature pointer on error in extract_ecdsa_sig Fix a double free error in ecdsa_verify_wrap	2018-11-22 13:37:14 -05:00
Andrzej Kurek	1e3b6865d7	pk_wrap: cosmetic changes Adjust whitespaces and variable names	2018-11-22 13:37:14 -05:00
Andrzej Kurek	39d1f4b29f	pk_wrap.c: add support for ecdsa signature verification using PSA Use PSA internally to verify signatures. Add a conversion to a raw signature format.	2018-11-22 13:37:14 -05:00
Hanno Becker	12bd57b8c8	Refer to PSA through MBEDTLS_USE_PSA_CRYPTO, not USE_PSA, in all.sh	2018-11-22 16:27:57 +00:00
Hanno Becker	fc359fd837	Remove double white space	2018-11-22 16:27:57 +00:00
Hanno Becker	47a6291445	Use MBEDTLS_PSA_UTIL_H instead of MBEDTLS_PSA_COMPAT_H in psa_util.h This is still an artifact from when psa_util.h was called psa_compat.h.	2018-11-22 16:27:57 +00:00
Hanno Becker	56a78dd4ad	State explicitly that any API depending on PSA is unstable	2018-11-22 16:27:57 +00:00
Hanno Becker	77030426a0	Update VisualC files	2018-11-22 16:27:57 +00:00
Hanno Becker	4d9e1e0ac4	Improve documentation of mbedtls_psa_err_translate_pk()	2018-11-22 16:27:57 +00:00
Hanno Becker	dec64735e2	Add AEAD tag length parameter to mbedtls_psa_translate_cipher_mode() In case of AEAD ciphers, the cipher mode (and not even the entire content of mbedtls_cipher_info_t) doesn't uniquely determine a psa_algorithm_t because it doesn't specify the AEAD tag length, which however is included in psa_algorithm_t identifiers. This commit adds a tag length value to mbedtls_psa_translate_cipher_mode() to account for that ambiguity.	2018-11-22 16:27:57 +00:00
Hanno Becker	14f78b03bb	Add function to translate PSA errors to PK module errors	2018-11-22 16:27:57 +00:00
Hanno Becker	639a4320ca	Fix Doxygen annotation in psa_util.h	2018-11-22 16:27:57 +00:00
Hanno Becker	06b6f34e9f	Initialize PSA Crypto implementation in ssl_server2	2018-11-22 16:27:57 +00:00
Hanno Becker	50955d1c18	Initialize PSA Crypto implementation in ssl_client2.c	2018-11-22 16:27:56 +00:00
Hanno Becker	eba9993171	Initialize PSA Crypto implementation at the start of each test suite	2018-11-22 16:27:56 +00:00
Hanno Becker	5f48818712	Make PSA utility functions static inline Compilers warn about unused static functions.	2018-11-22 16:27:56 +00:00
Hanno Becker	28b9d35904	Add PSA-to-Mbed TLS translations for cipher module	2018-11-22 16:27:56 +00:00
Hanno Becker	560aeaf26b	Add internal header for PSA utility functions This commit adds the header file mbedtls/psa_util.h which contains static utility functions `mbedtls_psa_xxx()` used in the integration of PSA Crypto into Mbed TLS. Warning: These functions are internal only and may change at any time.	2018-11-22 16:27:56 +00:00
Manuel Pégourié-Gonnard	dde4442581	Add build using PSA to all.sh	2018-11-22 16:27:52 +00:00
Manuel Pégourié-Gonnard	26fd730876	Add config option for X.509/TLS to use PSA	2018-11-22 16:25:36 +00:00
Gilles Peskine	a678f233a7	Merge pull request #197 from netanelgonen/entropy-inject Add entropy inject API (#197)	2018-11-21 19:21:05 +01:00
avolinski	0d2c266c06	change MBEDTLS_RANDOM_SEED_ITS define to be PSA_CRYPTO_ITS_RANDOM_SEED_UID	2018-11-21 17:31:07 +02:00
avolinski	1c66205df6	Remove trailing space in psa_crypto.c	2018-11-21 16:54:09 +02:00
Gilles Peskine	83146e10bb	Merge pull request #211 from ARMmbed/bug_fix_210 Fix memory allocation check in psa_save_generated_persistent_key (#211)	2018-11-21 15:51:07 +01:00
avolinski	13beb100c2	Adjust psa entropy inject tests to take as minimum seed size the maximum of MBEDTLS_ENTROPY_MIN_PLATFORM and MBEDTLS_ENTROPY_BLOCK_SIZE	2018-11-21 16:24:53 +02:00
avolinski	7cc8229d80	Replace MBED_RANDOM_SEED_ITS_UID with MBEDTLS_RANDOM_SEED_ITS_UID Update mbedtls_psa_inject_entropy function documentation	2018-11-21 16:24:53 +02:00
avolinski	4d27c94aee	Adding testcase for PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_MIN_PLATFORM	2018-11-21 16:24:53 +02:00
Netanel Gonen	21f37cbbec	Add Tests for psa crypto entropy incjection Adjust code to handle and work with MBEDTLS_ENTROPY_BLOCK_SIZE definition option	2018-11-21 16:24:52 +02:00
Gilles Peskine	ee2ffd311b	Document the maximum seed size as well as the minimum	2018-11-21 16:23:42 +02:00
Gilles Peskine	0338ded2f4	Improve documentation of mbedtls_psa_inject_entropy Explain what the function does, why one would use it, how to use it, how to handle its input, and what the status codes mean.	2018-11-21 16:23:42 +02:00
Netanel Gonen	212a793217	add MBEDTLS_PSA_HAS_ITS_IO to config.h	2018-11-21 16:23:42 +02:00
Netanel Gonen	9468bb241c	Add Tests for psa crypto entropy incjection	2018-11-21 16:23:41 +02:00
Netanel Gonen	2bcd312cda	Add entropy injection function to psa cripto APIs	2018-11-21 16:15:14 +02:00
itayzafrir	910c76b3d1	Check that memory allocation was successful in psa_save_generated_persistent_key	2018-11-21 16:10:33 +02:00
Gilles Peskine	3d5d8372a5	Merge pull request #198 from ARMmbed/psa_crypto_its PSA Crypto Storage backend implementation over PSA ITS APIs (#198)	2018-11-21 15:04:03 +01:00
Jaeden Amero	dbb83ac5f7	Merge pull request #194 from ARMmbed/dev/Patater/enable-use-as-submodule-only Enable use as submodule only (no removal of non-crypto)	2018-11-21 12:53:12 +00:00
Jaeden Amero	3c7cc5eb18	Makefile: Install PSA headers When running `make install`, it can be desirable for the PSA Crypto header files to get installed as well, so that the PSA portions of the library are usable.	2018-11-21 12:17:31 +00:00

1 2 3 4 5 ...

8799 Commits