mbedtls

mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-27 19:44:18 +01:00

Author	SHA1	Message	Date
gabor-mezei-arm	e4b7499f74	Refactor handlibg of the key usage flags Move implicit usage flags handling to the StorageKey class. Create a subclass for test case data. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-29 15:29:24 +02:00
gabor-mezei-arm	61739e3fd3	Fix changelog entry Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-29 11:22:34 +02:00
gabor-mezei-arm	5071a2e30e	Use regexp pattern instaed of string Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-29 11:19:41 +02:00
gabor-mezei-arm	7e0d724d40	Keep the imported classes sorted Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-29 11:17:14 +02:00
gabor-mezei-arm	7b302089b1	Update key policy testing test cases Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-29 11:08:47 +02:00
gabor-mezei-arm	5eca4f2bb5	Rename test cases Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-29 11:07:34 +02:00
gabor-mezei-arm	659af9e2f3	Remove unneeded test case parameter Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-29 11:06:16 +02:00
Dave Rodgman	dd5f624f32	Fix TLS alert codes Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2021-06-29 09:45:08 +01:00
gabor-mezei-arm	7a163603ea	Add changelog entry Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 21:36:58 +02:00
gabor-mezei-arm	805c735a8b	Move key type validation to crypto_knowledge Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 21:36:58 +02:00
gabor-mezei-arm	5ea30377d3	Refactor key generation Remove the key builder and use iterator instead of lists. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 21:36:58 +02:00
gabor-mezei-arm	acfcc18697	Rename variables and funcions Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 19:39:31 +02:00
gabor-mezei-arm	e84d321317	Use string in dict instead of Expr object Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 16:54:11 +02:00
gabor-mezei-arm	4781263704	Remove unnecessary test cases It is enough only one test case for a key type, algorithm pair when testing the implicit usage flags. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 16:41:36 +02:00
gabor-mezei-arm	927742ec71	Add better name for variables Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 16:41:35 +02:00
gabor-mezei-arm	705c452fd0	Simplify code Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 16:41:35 +02:00
gabor-mezei-arm	6c18541a5e	Fix comment Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 16:41:31 +02:00
gabor-mezei-arm	79df41dfca	Remove unneeded test case parameter Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:37:36 +02:00
gabor-mezei-arm	58e510f201	Simplify test function Use the updated usage flags as expected. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:37:36 +02:00
gabor-mezei-arm	ff03fd6213	Rename function to conform to the library Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:37:36 +02:00
gabor-mezei-arm	7907be3f32	Give better name for test cases Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:37:36 +02:00
gabor-mezei-arm	7d2ec9a223	Fix generated file modification Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:28:36 +02:00
gabor-mezei-arm	bce8527698	Fix test case duplication Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:28:36 +02:00
gabor-mezei-arm	b92d61b7e6	Fix pylint issues Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:28:36 +02:00
gabor-mezei-arm	de25402300	Fix tests Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:28:36 +02:00
gabor-mezei-arm	044fefcdfb	Add test case generation for usage extensions when loading keys Add test cases validating that if a stored key only had the hash policy, then after loading it psa_get_key_attributes reports that it also has the message policy, and the key can be used with message functions. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:28:36 +02:00
gabor-mezei-arm	15c1f03f78	Add key usage policy extension support for key generation Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:28:34 +02:00
gabor-mezei-arm	4d9fb73c99	Use different subslasses for the test data files Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:27:55 +02:00
gabor-mezei-arm	8b0c91c91f	Create a function for gather all the keys. Prepare for using subclasses. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:27:55 +02:00
gabor-mezei-arm	d71659f447	Extend description generation Add an extra optional parameter to generate a more detailed description for test cases. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:27:55 +02:00
gabor-mezei-arm	0996080652	Use builder method pattern to generate a key Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-28 15:27:49 +02:00
Gilles Peskine	51e1936f83	Merge pull request #840 from yanesca/reject-low-order-points-early-x25519-restricted-2.x [Backport 2.x] Reject low order points early x25519	2021-06-28 13:45:51 +02:00
gabor-mezei-arm	9ac4847a5d	Unify multipart cipher operation tester functions Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-25 18:30:38 +02:00
Dave Rodgman	78c601b529	Merge pull request #4717 from daverodgman/psa_cipher_and_mac_abort_on_error_2.x Backport 2.x: Psa cipher and mac abort on error	2021-06-25 15:39:43 +01:00
Janos Follath	2667fb708e	Fix unused parameter warning Signed-off-by: Janos Follath <janos.follath@arm.com>	2021-06-25 15:36:55 +01:00
Janos Follath	ef15ce502c	Add ChangeLog entry Signed-off-by: Janos Follath <janos.follath@arm.com>	2021-06-25 14:59:30 +01:00
Janos Follath	bc58902a32	Add prefix to BYTES_TO_T_UINT_* These macros were moved into a header and now check-names.sh is failing. Add an MBEDTLS_ prefix to the macro names to make it pass. Signed-off-by: Janos Follath <janos.follath@arm.com>	2021-06-25 14:59:15 +01:00
Janos Follath	51ccd62a08	Fix ecp_check_pub() test cases Negative x coordinate was tested with the value -1. It happens to be one of the low order points both for Curve25519 and Curve448 and might be rejected because of that and not because it is negative. Make sure that x < 0 is the only plausible reason for the point to be rejected. Signed-off-by: Janos Follath <janos.follath@arm.com>	2021-06-25 14:59:15 +01:00
Janos Follath	be89c357ae	Add ecp_check_pub tests for Curve 448 Signed-off-by: Janos Follath <janos.follath@arm.com>	2021-06-25 14:59:15 +01:00
Janos Follath	7d4ebddbb6	Reject low-order points on Curve448 early We were already rejecting them at the end, due to the fact that with the usual (x, z) formulas they lead to the result (0, 0) so when we want to normalize at the end, trying to compute the modular inverse of z will give an error. If we wanted to support those points, we'd a special case in ecp_normalize_mxz(). But it's actually permitted by all sources (RFC 7748 say we MAY reject 0 as a result) and recommended by some to reject those points (either to ensure contributory behaviour, or to protect against timing attack when the underlying field arithmetic is not constant-time). Since our field arithmetic is indeed not constant-time, let's reject those points before they get mixed with sensitive data (in ecp_mul_mxz()), in order to avoid exploitable leaks caused by the special cases they would trigger. (See the "May the Fourth" paper https://eprint.iacr.org/2017/806.pdf) Signed-off-by: Janos Follath <janos.follath@arm.com>	2021-06-25 14:59:15 +01:00
Janos Follath	701742500d	Add DoS test case for ecp_check_pub A test case for which the loop would take practically forever if it was reached. The point would be to validate that the loop is not reached. The test case should cause the CI to time out if starting with the current code, ecp_check_pubkey_mx() was changed to call ecp_check_pubkey_x25519() first and run the mbedtls_mpi_size(() test afterwards, which would make no semantic difference in terms of memory contents when the function returns, but would open the way for a DoS. Signed-off-by: Janos Follath <janos.follath@arm.com>	2021-06-25 14:59:15 +01:00
Janos Follath	1c6a439783	Use mbedtls_mpi_lset() more Signed-off-by: Janos Follath <janos.follath@arm.com>	2021-06-25 14:59:15 +01:00
Janos Follath	bc96a79854	Move mpi constant macros to bn_mul.h Signed-off-by: Janos Follath <janos.follath@arm.com>	2021-06-25 14:59:01 +01:00
gabor-mezei-arm	43611b089b	Rename test functions Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-25 15:50:36 +02:00
gabor-mezei-arm	7aa1efd919	Remove duplicated tests Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-25 15:50:35 +02:00
gabor-mezei-arm	0e1d31bf06	Typo Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-25 15:50:35 +02:00
gabor-mezei-arm	d52c8dc783	Fix possible unreachable code Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-25 15:50:35 +02:00
gabor-mezei-arm	f4cc6c9064	Update documentation Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-25 15:50:35 +02:00
gabor-mezei-arm	3fd792d076	Add checks for buffer size Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-25 15:50:35 +02:00
gabor-mezei-arm	7fbea09847	Use local variable instead of an ouput parameter Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-06-25 15:50:35 +02:00

... 2 3 4 5 6 ...

15947 Commits