Commit Graph

2629 Commits

Author SHA1 Message Date
k-stachowiak
4e36da32b3 Add documentation notes about the required size of the signature buffers 2019-06-06 13:13:54 +02:00
k-stachowiak
c775ee1cfe Add missing MBEDTLS_ECP_C dependencies in check_config.h 2019-06-06 13:13:44 +02:00
Hanno Becker
72309d0847 Document origin of hardcoded certificates in library/certs.c
All of them are copied from (former) CRT and key files in `tests/data_files`.
For files which have been regenerated since they've been copied to `certs.c`,
update the copy.

Add declarations for DER encoded test CRTs to certs.h

Add DER encoded versions of CRTs to certs.c

fix comment in certs.c

Don't use (signed) char for DER encoded certificates

Consistently use `const char *` for test CRTs regardless of encoding

Remove non-sensical and unused PW variable for DER encoded key

Provide test CRTs in PEM and DER fmt, + pick suitable per config

This commit modifies `certs.h` and `certs.c` to start following the
following pattern for the provided test certificates and files:

- Raw test data is named `NAME_ATTR1_ATTR2_..._ATTRn`

  For example, there are
     `TEST_CA_CRT_{RSA|EC}_{PEM|DER}_{SHA1|SHA256}`.

- Derived test data with fewer attributes, iteratively defined as one
  of the raw test data instances which suits the current configuration.

  For example,
     `TEST_CA_CRT_RSA_PEM`
  is one of `TEST_CA_CRT_RSA_PEM_SHA1` or `TEST_CA_CRT_RSA_PEM_SHA256`,
  depending on whether SHA-1 and/or SHA-256 are defined in the current
  config.

Add missing public declaration of test key password

Fix signedness and naming mismatches

Further improve structure of certs.h and certs.c

Fix definition of mbedtls_test_cas test CRTs depending on config

Remove semicolon after macro string constant in certs.c
2019-05-30 10:27:49 +01:00
Renz Christian Bagaporo
ac859f39bd Create link to include/mbedtls only when testing is enabled 2019-05-27 15:58:36 +08:00
Jaeden Amero
cbcd327376 Merge remote-tracking branch 'origin/pr/2611' into mbedtls-2.16
* origin/pr/2611:
  Update change log
  Reword ssl_conf_max_frag_len documentation for clarity
2019-05-23 15:14:06 +01:00
k-stachowiak
d707783cf3 Reword ssl_conf_max_frag_len documentation for clarity 2019-04-29 11:39:58 +02:00
Hanno Becker
d6028a1894 Improve macro hygiene
This commit improves hygiene and formatting of macro definitions
throughout the library. Specifically:
- It adds brackets around parameters to avoid unintended
  interpretation of arguments, e.g. due to operator precedence.
- It adds uses of the `do { ... } while( 0 )` idiom for macros that
  can be used as commands.
2019-04-24 10:51:54 +02:00
Jaeden Amero
186c2c054d Merge remote-tracking branch 'restricted/pr/553' into mbedtls-2.16
* restricted/pr/553:
  Fix mbedtls_ecdh_get_params with new ECDH context
  Add changelog entry for mbedtls_ecdh_get_params robustness
  Fix ecdh_get_params with mismatching group
  Add test case for ecdh_get_params with mismatching group
  Add test case for ecdh_calc_secret
  Fix typo in documentation
2019-03-27 14:54:00 +00:00
Jaeden Amero
9f4f8eec93 Update library version to 2.16.1 2019-03-19 16:20:02 +00:00
Janos Follath
9f24b73151 Add warning for alternative ECDSA implementations
Alternative implementations are often hardware accelerators and might
not need an RNG for blinding. But if they do, then we make them misuse
the RNG in the deterministic case.

There are several way around this:
- Exposing a lower level function for replacement. This would be the
optimal solution, but litters the API and is not backward compatible.
- Introducing a new compile time option for replacing the deterministic
function. This would mostly cover the same code as
MBEDTLS_ECDSA_DETERMINISTIC and would be yet another compile time flag.
- Reusing the existing MBEDTLS_ECDSA_DETERMINISTIC macro. This changes
the algorithm used by the PK layer from deterministic to randomised if
the alternative implementation is present.

This commit implements the third option. This is a temporary solution
and should be fixed at the next device driver API change.
2019-03-06 16:51:22 +00:00
Janos Follath
f1713e96c9 Add a safer deterministic ECDSA function
`mbedtls_ecdsa_sign_det` reuses the internal HMAC-DRBG instance to
implement blinding. The advantage of this is that the algorithm is
deterministic too, not just the resulting signature. The drawback is
that the blinding is always the same for the same key and message.
This diminishes the efficiency of blinding and leaks information about
the private key.

A function that takes external randomness fixes this weakness.
2019-03-06 14:41:44 +00:00
Simon Butcher
799cd57c72 Merge remote-tracking branch 'restricted/pr/550' into mbedtls-2.16
* restricted/pr/550:
  Update query_config.c
  Fix failure in SSLv3 per-version suites test
  Adjust DES exclude lists in test scripts
  Clarify 3DES changes in ChangeLog
  Fix documentation for 3DES removal
  Exclude 3DES tests in test scripts
  Fix wording of ChangeLog and 3DES_REMOVE docs
  Reduce priority of 3DES ciphersuites
2019-03-01 13:05:43 +00:00
Andres Amaya Garcia
7c86e9a03e Fix documentation for 3DES removal 2019-03-01 10:29:49 +01:00
Andres Amaya Garcia
6882ec1521 Fix wording of ChangeLog and 3DES_REMOVE docs 2019-03-01 10:29:49 +01:00
Andres Amaya Garcia
5d8aade01d Reduce priority of 3DES ciphersuites 2019-03-01 10:29:13 +01:00
Gilles Peskine
4dc50bc06e Fix typo in documentation 2019-02-21 16:58:20 +01:00
Antonin Décimo
d5f4759594 Fix #2370, minor typos and spelling mistakes 2019-02-18 14:50:57 +00:00
Andres Amaya Garcia
6490034fb2 Improve docs for ASN.1 bitstrings and their usage 2019-02-11 21:25:09 +00:00
Jaeden Amero
5788314d63 Merge remote-tracking branch 'origin/pr/2319' into mbedtls-2.16 2019-01-30 16:09:56 +00:00
Jaeden Amero
f0f8c09178 Merge remote-tracking branch 'origin/pr/1375' into mbedtls-2.16 2019-01-30 16:09:08 +00:00
Jeffrey Martin
541055e197
Backport #1949 into mbedtls-2.16
Signed-off-by: Jeffrey Martin <Jeffrey_Martin@rapid7.com>
2019-01-14 18:16:34 -06:00
Simon Butcher
874b60423e Merge remote-tracking branch 'public/pr/975' into mbedtls-2.16 2019-01-08 16:34:19 +00:00
Darryl Green
b779759745 Move ecp_restartable definitions out of the MBEDTLS_ECP_ALT guards
As there are some definitions that are defined regardless of
whether MBEDTLS_ECP_RESTARTABLE is defined or not, these definitions
need to be moved outside the MBEDTLS_ECP_ALT guards. This is a simple
move as MBEDTLS_ECP_ALT and MBEDTLS_ECP_RESTARTABLE are mutually
exclusive options.
2019-01-07 13:12:44 +00:00
GuHaijun
983acb75f0 Fix include file path 2018-12-28 11:11:10 +08:00
Simon Butcher
6c164e754b Update the version of the library to 2.16.0 2018-12-21 10:51:51 +00:00
Simon Butcher
fed19be501 Merge remote-tracking branch 'public/pr/2126' into development-restricted 2018-12-20 12:35:09 +00:00
Simon Butcher
6df8c53cd4 Merge remote-tracking branch 'public/pr/2134' into development-restricted 2018-12-20 12:34:44 +00:00
Simon Butcher
ad7c2105a2 Merge remote-tracking branch 'public/pr/2274' into development 2018-12-20 12:16:57 +00:00
Simon Butcher
12b4240300 Merge remote-tracking branch 'public/pr/2288' into development 2018-12-20 12:16:46 +00:00
Simon Butcher
c831193c85 Merge remote-tracking branch 'public/pr/2302' into development 2018-12-20 12:16:39 +00:00
Simon Butcher
1efda39f8a Merge remote-tracking branch 'public/pr/2297' into development 2018-12-20 12:16:29 +00:00
Simon Butcher
5aa7809ac8 Merge remote-tracking branch 'public/pr/2275' into development 2018-12-20 12:15:19 +00:00
Simon Butcher
780cf189b0 Merge remote-tracking branch 'public/pr/2271' into development 2018-12-20 12:15:08 +00:00
Simon Butcher
032c037052 Merge remote-tracking branch 'public/pr/2270' into development 2018-12-20 12:04:13 +00:00
Simon Butcher
a033633bb0 Merge remote-tracking branch 'public/pr/2269' into development 2018-12-20 12:02:56 +00:00
Simon Butcher
70935a4001 Merge remote-tracking branch 'public/pr/2299' into development 2018-12-20 12:02:23 +00:00
Simon Butcher
003c0e032f Merge remote-tracking branch 'public/pr/2292' into development 2018-12-20 12:02:17 +00:00
Simon Butcher
decf2f5c2c Merge remote-tracking branch 'public/pr/2291' into development 2018-12-20 12:02:11 +00:00
Simon Butcher
65ce5dc981 Merge remote-tracking branch 'public/pr/2290' into development 2018-12-20 12:02:05 +00:00
Simon Butcher
ad2e0dae32 Merge remote-tracking branch 'public/pr/2283' into development 2018-12-20 12:01:58 +00:00
Simon Butcher
0bbf7f450d Merge remote-tracking branch 'public/pr/2279' into development 2018-12-20 12:01:49 +00:00
Simon Butcher
962b7b17d5 Merge remote-tracking branch 'public/pr/2273' into development 2018-12-20 12:01:17 +00:00
Simon Butcher
6be67a6518 Merge remote-tracking branch 'public/pr/2281' into development 2018-12-20 12:01:09 +00:00
Simon Butcher
dac513e246 Merge remote-tracking branch 'public/pr/2282' into development 2018-12-20 12:01:04 +00:00
Simon Butcher
ccafd14fee Merge remote-tracking branch 'public/pr/2276' into development 2018-12-20 12:00:57 +00:00
Simon Butcher
2a8d32c6c1 Merge remote-tracking branch 'public/pr/2287' into development 2018-12-20 12:00:50 +00:00
k-stachowiak
247a782668 Increase strictness of NULL parameter validity in CCM's doxygen 2018-12-19 19:02:39 +01:00
k-stachowiak
6adb0574ea Improve details of CCM parameter validation and documentation 2018-12-19 19:02:39 +01:00
k-stachowiak
9da5d7cd83 Adjust mbedtls_ccm_free() documentation 2018-12-19 19:02:39 +01:00
k-stachowiak
373a660193 Fix a documentation typo 2018-12-19 19:02:39 +01:00
k-stachowiak
b92f9334e4 Doxygen comments improvement 2018-12-19 19:02:39 +01:00
k-stachowiak
12f0d5c66d Improve the constraints definition in the doxygen comments in CCM 2018-12-19 19:02:39 +01:00
k-stachowiak
fd42d531ba Explicitly allow NULL as an argument to mbedtls_ccm_free() 2018-12-19 19:02:39 +01:00
k-stachowiak
438448e45f Format NULL occurrences in CCM's Doxygen comments 2018-12-19 19:02:39 +01:00
k-stachowiak
26d365eb54 Add parameter validation for CCM 2018-12-19 19:02:39 +01:00
Gilles Peskine
6af45ec53e PK: document context validity requirements
Document when a context must be initialized or not, when it must be
set up or not, and whether it needs a private key or a public key will
do.

The implementation is sometimes more liberal than the documentation,
accepting a non-set-up context as a context that can't perform the
requested information. This preserves backward compatibility.
2018-12-19 18:10:03 +01:00
Gilles Peskine
d54b97503b pk parse: the password is optional
For mbedtls_pk_parse_key and mbedtls_pk_parse_keyfile, the password is
optional. Clarify what this means: NULL is ok and means no password.
Validate parameters and test accordingly.
2018-12-19 17:36:14 +01:00
k-stachowiak
e4b8d28ca7 Remove imprecise clause from documenting comment 2018-12-19 17:34:58 +01:00
k-stachowiak
95070a8286 Make some cipher parameter validation unconditional 2018-12-19 17:34:58 +01:00
k-stachowiak
6df25e7930 Increase strictness of NULL parameter validity in Cipher's doxygen 2018-12-19 17:34:58 +01:00
k-stachowiak
90b8d4a11e Include static cipher functions in the parameter validation scheme 2018-12-19 17:34:13 +01:00
k-stachowiak
d5913bc115 Improve documentation of the parameter validation in the Cipher module 2018-12-19 17:34:13 +01:00
Krzysztof Stachowiak
e0215d7869 Add Cipher module parameter validation 2018-12-19 17:34:13 +01:00
k-stachowiak
6009ece91d Increase strictness of NULL parameter validity in GCM's doxygen 2018-12-19 17:32:19 +01:00
k-stachowiak
21298a20c4 Improve parameter validation in mbedtls_gcm_free() 2018-12-19 17:32:19 +01:00
k-stachowiak
2ae7ae5301 Doxygen comments improvement 2018-12-19 17:30:38 +01:00
k-stachowiak
8ffc92a1e8 Add parameter validation for the GCM module 2018-12-19 17:30:38 +01:00
Hanno Becker
8ce11a323e Minor improvements to bignum module 2018-12-19 16:18:52 +00:00
Gilles Peskine
159171b72a PK parse/write: support keylen=0 correctly
A 0-length buffer for the key is a legitimate edge case. Ensure that
it works, even with buf=NULL. Document the key and keylen parameters.

There are already test cases for parsing an empty buffer. A subsequent
commit will add tests for writing to an empty buffer.
2018-12-19 17:03:28 +01:00
Hanno Becker
df4b59696d Minor Camellia documentation improvements 2018-12-19 15:50:02 +00:00
Hanno Becker
ed54128fdb Minor Blowfish documentation improvements 2018-12-19 15:48:37 +00:00
Hanno Becker
70ded3602c Minor improvements to Camellia module and documentation 2018-12-19 13:42:05 +00:00
Hanno Becker
20376d631d Don't promise that passing NULL input to Blowfish works
It seems to work, but we don't test it currently,
so we shouldn't promise it.
2018-12-19 12:52:59 +00:00
Hanno Becker
3d9a3490f8 Improve Blowfish documentation 2018-12-19 12:52:59 +00:00
Hanno Becker
49acc64c69 Minor improvements to Blowfish documentation and tests 2018-12-19 12:52:59 +00:00
Hanno Becker
3b4d6c6925 Document parameter preconditions for Blowfish module 2018-12-19 12:52:59 +00:00
Hanno Becker
938a15e584 Leave behaviour on NULL input unspecified in ARIA
We allow a NULL input buffer if the input length is zero,
but we don't test it. As long as that's the case, we shouldn't
promise to support it.
2018-12-19 12:51:00 +00:00
Hanno Becker
2f87504cb7 Minor ARIA documentation improvements 2018-12-19 12:51:00 +00:00
Hanno Becker
02d524c05c Minor ARIA documentation improvements 2018-12-19 12:51:00 +00:00
Hanno Becker
139d8313d9 Document parameter preconditions for the ARIA module 2018-12-19 12:51:00 +00:00
Hanno Becker
1e2f3ed08f Remove merge artifact 2018-12-19 12:47:55 +00:00
Hanno Becker
bdb7cd4840 Don't promise that passing NULL input to Camellia works 2018-12-19 12:47:55 +00:00
Hanno Becker
c7579ecb17 Improve Camellia documentation 2018-12-19 12:47:55 +00:00
Hanno Becker
af4b83bb2a Minor improvements to CAMELLIA documentation 2018-12-19 12:47:55 +00:00
Hanno Becker
e939de7247 Minor fixes to Camellia parameter validation 2018-12-19 12:47:55 +00:00
Hanno Becker
f10905a6a7 Use full sentences in documentation of CAMELLIA preconditions 2018-12-19 12:47:55 +00:00
Hanno Becker
b4b7fb7504 Implement parameter validation for CAMELLIA module 2018-12-19 12:47:55 +00:00
Hanno Becker
7a16aaddba Document parameter preconditions in CAMELLIA module 2018-12-19 12:47:55 +00:00
Hanno Becker
bb186f89fc Weaken preconditions for mbedtls[_internal]_sha512_process() 2018-12-19 10:27:24 +00:00
Hanno Becker
fbf67770d8 Improve ECJPAKE documentation 2018-12-19 10:14:43 +00:00
Hanno Becker
185e516309 Minor fixes to ECJPAKE parameter validation 2018-12-19 09:48:50 +00:00
Simon Butcher
54b789aa74 Merge remote-tracking branch 'public/pr/2298' into development 2018-12-19 08:08:14 +00:00
Gilles Peskine
a310b41ebe Add null-pointer support information to init/free 2018-12-19 00:51:21 +01:00
Hanno Becker
035c6baefe Fix documentation bug in ECDSA module 2018-12-18 23:35:53 +00:00
Hanno Becker
c81cfece8f Minor fixes to parameter validation in ECDH module 2018-12-18 23:32:42 +00:00
Hanno Becker
3f1f4ad9bd Weaken preconditions on mbedtls_[internal_]sha256_process() 2018-12-18 23:19:37 +00:00
Hanno Becker
79b9e39732 Weaken preconditions for mbedtls[_internal]_sha1_process() 2018-12-18 23:17:49 +00:00
Hanno Becker
d01ff493e5 Minor improvements in bignum documentation 2018-12-18 23:10:28 +00:00
Hanno Becker
3f2d1ef169 Fix typo in SHA512 documentation 2018-12-18 18:41:40 +00:00
Hanno Becker
42f783d3b7 Fix minor issues in SHA1 documentation 2018-12-18 18:39:32 +00:00