Hanno Becker
0eb8fb85a6
Correct typo in documentation of MBEDTLS_SSL_RENEGOTIATION
2018-10-26 09:53:16 +01:00
Simon Butcher
76cf60beb3
Remove merge conflict marker in ssl-opt.sh
...
Commit 6346a75dfb
introduced a merge conflict marker into ssl-opt.sh
by accident. This commit removes it.
2018-10-25 21:51:32 +01:00
Hanno Becker
e4f965da14
Adapt ChangeLog
2018-10-25 15:21:28 +01:00
Nir Sonnenschein
b46e7ca16b
add additional generator tests and generalize key derivation test
...
Key derivation test now uses an indirect way to test generator validity
as the direct way previously used isn't compatible with the PSA IPC
implementation. Additional bad path test for the generator added
to check basic bad-path scenarios.
2018-10-25 14:46:09 +03:00
Mohammad AboMokh
87576c5c5a
Improve line coverage for asymmetric verify function by adding new bad scenarios
2018-10-25 13:49:59 +03:00
Mohammad AboMokh
8ffded300d
Improve line coverage for asymmetric sign function by adding new bad scenarios
2018-10-25 13:49:38 +03:00
Simon Butcher
169712e15a
Merge remote-tracking branch 'restricted/pr/390' into development
2018-10-24 18:34:30 +01:00
Jaeden Amero
ec57c5579a
Merge pull request #161 from ARMmbed/driver_api
...
Added the crypto driver API header file
2018-10-24 16:15:58 +01:00
Derek Miller
6f960ab063
Additional fixes per comments in PR#92 in psa-crypto
2018-10-23 15:58:06 -05:00
Derek Miller
81133a6f76
More changes due to PR feedback
2018-10-23 14:55:32 -05:00
Gilles Peskine
2d23af75da
Merge pull request #165 from ARMmbed/dev/dgreen-arm/windows_proj_wip
...
Windows build fixes (#165 )
2018-10-23 13:15:01 +02:00
Jaeden Amero
a74faba27a
aes: xts: Correct NIST 80-38E to 800-38E
...
Correct a typo in an AES XTS implementation comment where the relevant
NIST standard was incorrectly referred to as NIST 80-38E instead of NIST
800-38E.
2018-10-23 12:07:18 +01:00
Jaeden Amero
8381fcb3f9
aes: xts: Update inaccurate comments
...
It is inaccurate to call a data unit a "sector". A disk sector is a
common use case for the data unit, but there exist other types of data
units that are not sectors.
2018-10-23 12:07:18 +01:00
Darryl Green
6c0f94cbd0
Add better handling when deleting files on Windows
...
Windows complains if you try to delete a file that doesn't exist.
Makefiles now check if the files exist before trying to delete them.
2018-10-23 12:03:31 +01:00
Darryl Green
3b80ab93ce
Add path handling for psa_constant_names on Windows
2018-10-23 12:03:31 +01:00
Darryl Green
608e091d9a
Add pre Visual Studio 2015 support to psa_constant_names
...
snprintf was only added in Visual Studio 2015. This adds support
for building using Visual Studio versions prior to 2015.
This implementation of snprintf has been taken from platform.c
2018-10-23 12:02:37 +01:00
Hanno Becker
cc40d86edb
Improve documentation of mbedtls_ssl_get_verify_result()
...
Fixes #517 .
2018-10-23 10:28:01 +01:00
Manuel Pégourié-Gonnard
a966fdea72
Fix some documentation typos and improve a comment
2018-10-23 10:41:11 +02:00
Derek Miller
765682cf09
Added detailed descriptions for modules. Additional small edits.
2018-10-22 15:27:27 -05:00
Gilles Peskine
9ba61d0ce5
Ignore generated files under crypto/ from crypto/.gitignore
...
In /crypto/.gitignore, list files that are generated by a build done
under /crypto/. In the outer /.gitignore, list files under /crypto/
only if they are created by the export process.
This commit slightly refines both lists and adds some build products
to /crypto/.gitignore.
2018-10-22 19:37:04 +02:00
Gilles Peskine
6dee5c9649
Add test_suite_psa_crypto_metadata to cmake builds
...
This test suite was run by make builds, but I had forgotten to add it
to CMakeLists.txt.
2018-10-22 19:37:04 +02:00
Nir Sonnenschein
e5204c94a1
add tests that increase key derivation code coverage slightly
...
added tests that increase code coverage for the key derivation functions slightly
by reaching error cases not covered before.
2018-10-22 17:24:55 +03:00
Simon Butcher
c774e32939
Merge remote-tracking branch 'restricted/pr/517' into development
2018-10-22 14:23:29 +01:00
Simon Butcher
837f821bc2
Merge remote-tracking branch 'public/pr/1990' into development
2018-10-22 14:22:56 +01:00
Darryl Green
1824696681
Fix integer conversion warnings in psa_constant_names
2018-10-22 09:05:33 +01:00
Manuel Pégourié-Gonnard
ca29fdf569
Fix some typos in documentation and comments
2018-10-22 09:56:53 +02:00
Manuel Pégourié-Gonnard
bcedb92e7b
Merge branch 'development' into iotssl-1260-non-blocking-ecc-restricted
...
* development:
Add Jenkinsfile for PR job
2018-10-22 09:52:46 +02:00
Gilles Peskine
a3678224b3
Merge pull request #167 from ARMmbed/mbedtls-psa-jenkinsfile
...
Add Jenkinsfile to run PR job testing
2018-10-19 18:17:05 +02:00
Simon Butcher
c028afba53
Merge pull request #2121 from dgreen-arm/mbedtls-jenkinsfile
...
Add Jenkinsfile for PR job
2018-10-19 17:02:07 +01:00
Darryl Green
ddb4f3bdf7
Add a Jenkinsfile for PR job testing
2018-10-19 16:41:54 +01:00
Darryl Green
b51e267bee
Add Jenkinsfile for PR job
2018-10-19 15:25:10 +01:00
Derek Miller
f3d0a56841
Integrated mostly cosmetic feedback from Alex
2018-10-18 16:41:08 -05:00
Gilles Peskine
d004ffa59e
Merge pull request #138 from ARMmbed/truncated_mac
...
Truncated MAC and AEAD modes (#138 )
2018-10-18 20:06:30 +02:00
Gilles Peskine
e0e9c7c417
New macro PSA_ALG_FULL_LENGTH_MAC
...
Provide a documented way of constructing the full-length MAC algorithm
from a truncated version.
2018-10-17 18:30:47 +02:00
Gilles Peskine
57fbdb1939
Use a public macro for AEAD tag length variations
...
Avoid depending on the encoding of algorithms inside psa_crypto.c.
2018-10-17 18:30:47 +02:00
Gilles Peskine
7fa99d90dd
Add metadata tests for truncated MAC and short-tag AEAD
2018-10-17 18:30:47 +02:00
Hanno Becker
f24c3360fc
Adapt ChangeLog
2018-10-17 14:53:05 +01:00
Hanno Becker
dd3ab13da3
Fail when encountering invalid CBC padding in EtM records
...
This commit changes the behavior of the record decryption routine
`ssl_decrypt_buf()` in the following situation:
1. A CBC ciphersuite with Encrypt-then-MAC is used.
2. A record with valid MAC but invalid CBC padding is received.
In this situation, the previous code would not raise and error but
instead forward the decrypted packet, including the wrong padding,
to the user.
This commit changes this behavior to return the error
MBEDTLS_ERR_SSL_INVALID_MAC instead.
While erroneous, the previous behavior does not constitute a
security flaw since it can only happen for properly authenticated
records, that is, if the peer makes a mistake while preparing the
padded plaintext.
2018-10-17 14:43:14 +01:00
Hanno Becker
198611db32
Add missing return value check in ECDSA test suite
...
The test case `ecdsa_det_test_vectors` from the ECDSA test suite
called `mbedtls_md()` without checking its return value.
2018-10-17 13:58:19 +01:00
Gilles Peskine
f8a8fe60f8
Fix memory leak with AEAD with non-default tag lengths
...
When freeing the key context, choose the context format based on the
base algorithm value stored in the operation object.
2018-10-17 13:54:48 +02:00
Gilles Peskine
c26eae1a9d
Clarify the description of a CCM truncated tag test
2018-10-17 13:54:48 +02:00
Gilles Peskine
85ea2b397c
Add some negative tests of CCM and GCM with invalid tag lengths
2018-10-17 13:54:48 +02:00
Gilles Peskine
8cac2e628e
Translate GCM_BAD_INPUT to INVALID_ARGUMENT, not NOT_SUPPORTED
2018-10-17 13:54:48 +02:00
Gilles Peskine
28dfea6bb9
Add test cases for truncated MAC with a too short/long length
2018-10-17 13:54:47 +02:00
Gilles Peskine
99b7d6b700
Wipe sensitive data in psa_mac_verify_finish
...
Wipe the whole MAC intermediate buffer, not just the requested MAC
size. With truncated MAC algorithms, the requested MAC size may be
smaller than what is written to the intermediate buffer.
2018-10-17 13:54:47 +02:00
Gilles Peskine
87b0ac49f8
Fix possible buffer overread in psa_mac_finish_internal (CMAC)
2018-10-17 13:54:47 +02:00
Gilles Peskine
6d72ff9e79
Document that the minimum truncated MAC length is implementation-defined
2018-10-17 13:54:47 +02:00
Gilles Peskine
e1f2d7d1ac
Document and check the consistency of truncated MAC encodings
...
Add comments noting that the maximum length of a MAC must fit in
PSA_ALG_MAC_TRUNCATION_MASK. Add a unit test that verifies that the
maximum MAC size fits.
2018-10-17 13:54:47 +02:00
Gilles Peskine
96f3b4ee42
Remove yotta support from check-files.py
...
Complements "Remove Yotta support from the docs, tests and build scripts".
2018-10-16 14:10:21 +02:00
Manuel Pégourié-Gonnard
b25cb603bb
Add a comment to clarify code flow
2018-10-16 11:48:09 +02:00