John Durkop
ac93e3b43c
Fix guard for test_size_function()
...
Previous guard was using original naming and did not
get updated to the new name. Guard is now using correct
definition of TEST_DRIVER_KEY_CONTEXT_SIZE_FUNCTION.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-10-16 06:48:55 -07:00
John Durkop
badd89f525
Added specific key size values for a test driver
...
Replaced generic values for the test driver with specific
ones for a 256-bit ECC private/public key pair.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-10-15 12:16:43 -07:00
John Durkop
750d0e4b72
Remove obsolete comment
...
Removed TBD comment that is no longer relevant since
that portion of the code has been updated.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-10-15 12:16:42 -07:00
John Durkop
9a689844f4
Add new size.h to vs2010 project
...
New file is needed for vs2010 project.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-10-15 12:16:42 -07:00
John Durkop
2c61835ec8
Add support for PSA crypto driver size_function
...
Updated get_expected_key_size in psa_crypto_driver_wrappers to properly
handle using the new size_function from PSA crypto drivers. Created
initial infrastructure to support size_function for the PSA crypto
drivers.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-10-15 12:15:20 -07:00
Gilles Peskine
5cb54f7b27
Merge pull request #3542 from gilles-peskine-arm/psa-unified-driver-specs-20200807
...
PSA unified driver specification: minor updates
2020-09-18 22:53:46 +02:00
Gilles Peskine
1d9c11081a
Merge pull request #3667 from Jongy/fix-docs
...
Fix docs to desribe written-into buffer parameter as writable
2020-09-17 00:02:08 +02:00
Janos Follath
2a25904f45
Merge pull request #3568 from hanno-arm/tls13_experimental_key_schedule_1
...
TLS 1.3: Add HKDF-based key derivation functionality
2020-09-16 11:40:06 +01:00
Hanno Becker
531fe3054c
Comment on hardcoding of maximum HKDF key expansion of 255 Bytes
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-16 09:50:17 +01:00
Hanno Becker
61baae7c9f
Minor fixes and improvements in TLS 1.3 key schedule documentation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-16 09:47:47 +01:00
Gilles Peskine
dc57c25e30
Merge pull request #3527 from ronald-cron-arm/key-extended-id
...
PSA key identifiers rework
2020-09-15 16:06:06 +02:00
Gilles Peskine
7107e661b8
Merge pull request #3644 from stevew817/feature/transparent_multipart_driver
...
Add multipart cipher accelerator support and test driver
2020-09-15 09:51:24 +02:00
Ronald Cron
7424f0d998
psa: Move key identifier related macros and functions
...
Move key identifier related macros and functions from
crypto_types.h to crypto_values.h as the latter is
the intended file to put them in.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-09-15 08:50:20 +02:00
Ronald Cron
cb54610e97
Set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER in baremetal configuration
...
No obvious reason to not enable owner identifier encoding
in baremetal as multi-client support is expected to be needed
for some embedded platforms. Thus enable it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-09-15 08:50:20 +02:00
Ronald Cron
9a2511e78f
Fix key owner identifier documentation
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-09-15 08:50:20 +02:00
Ronald Cron
5eba579c6c
Remove unnecessary inline definition
...
Define inline for some compiling environment only
in crypto_platform.h.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-09-15 08:48:15 +02:00
Steven Cooreman
6d81f7e119
Final feedback from @ronald-cron-arm
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 17:00:47 +02:00
Steven Cooreman
ef8575e1bf
Apply review feedback
...
* Reworked the cipher context once again to be more robustly defined
* Removed redundant memset
* Unified behaviour on failure between driver and software in cipher_finish
* Cipher test driver setup function now also returns early when its status
is overridden, like the other test driver functions
* Removed redundant test cases
* Added bad-order checking to verify the driver doesn't get called where
the spec says it won't.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 17:00:47 +02:00
Steven Cooreman
89e54f2edc
Add mock and negative testing to cipher driver
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 17:00:47 +02:00
Steven Cooreman
a07b9970c6
Update semantics around driver context use in psa_cipher_setup
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 17:00:39 +02:00
Steven Cooreman
eca33c60f8
Add testing of fallback to cipher operations
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:33 +02:00
Steven Cooreman
fe0ab55c61
Implement one-shot cipher in test driver
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:33 +02:00
Steven Cooreman
e55f3e8de4
Make sure to not call mbedtls_cipher_free on an uninitialised context
...
As pointed out by Gilles
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:33 +02:00
Steven Cooreman
b5e52f2e31
Remove superfluous call in PSA cipher setup
...
As pointed out by Ronald. The key slot is populated using
get_key_from_slot, and after calling the driver the slot is
validated to not contain an external key, so calling
get_transparent_key is superfluous.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:33 +02:00
Steven Cooreman
16afd3d9b4
Unify cipher setup function inside test driver
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:33 +02:00
Steven Cooreman
7df0292f5a
Check & set operation flags for both driver and software in the core
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:30 +02:00
Steven Cooreman
cfeea8fa1e
Unify driver context struct handling
...
Added zeroization of the wrapper context on failure/abort, and reliance on
the crypto core to not call an uninitialised wrapper.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:32:50 +02:00
Steven Cooreman
150c99b884
Simplify cipher setup wrapper body
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:32:50 +02:00
Steven Cooreman
fb81aa5889
Only pass the driver-relevant portion of the context struct
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
5240e8b519
Style and language fixes from review
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
acb5a100a7
Structify cipher test driver hook variables
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
435beeaef3
Add new files to IDE project
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
a32193fae8
Add changelog entry
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
d53c1bf6f2
Exercise the AES-CTR multipart driver and check it gets called
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
8b12225717
Add a working implementation of a multipart AES-CTR test driver
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
3ec4018e2b
Update license texts
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:57 +02:00
Steven Cooreman
d3feccd3a5
Restructure cipher context object to contain driver switch
...
Once an operation has been 'accepted' by a driver, the remainder is bound
to the same driver, since driver-specific context structs cannot be shared.
This provides a pretty good gate mechanism for the fallback logic, too.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:52 +02:00
Steven Cooreman
37941cb5e1
Add initial pass on a multi-part test driver
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:30:14 +02:00
Gilles Peskine
b1d3f2779b
Merge pull request #3480 from stevew817/feature/aes-ecb
...
Added support for AES-ECB to the PSA Crypto implementation
2020-09-14 14:45:14 +02:00
Gilles Peskine
a0a210fc1b
Merge pull request #3628 from gilles-peskine-arm/psa-conditional-inclusion-c-proposal
...
Pure C configuration of PSA crypto mechanisms
2020-09-12 00:33:08 +02:00
Yonatan Goldschmidt
6e2af094b0
Fix docs to desribe written-into buffer parameter as writable
...
Signed-off-by: Yonatan Goldschmidt <yon.goldschmidt@gmail.com>
2020-09-12 01:24:45 +03:00
Gilles Peskine
2a739c41bd
Merge pull request #3569 from cm6n/fix_mbedtlssslsetbio_description
...
Fix typo in mbedtls_ssl_set_bio description.
2020-09-11 21:17:37 +02:00
Janos Follath
963c9e41e8
Merge pull request #3588 from guidovranken/fix-clang12-Wstring-concatenation
...
Prevent triggering Clang 12 -Wstring-concatenation warning
2020-09-11 15:27:52 +01:00
Gilles Peskine
a75a06bde6
Merge pull request #3630 from mpg/rm-useless-cast-x509
...
x509.c: Remove one unnecessary cast
2020-09-10 22:01:52 +02:00
Gilles Peskine
6bf4f5fb65
Merge pull request #3585 from jdurkop/fix/undefined-reference-3294
...
Fix the build with MBEDTLS_USE_PSA_CRYPTO without ECDSA
2020-09-10 21:59:49 +02:00
Dave Rodgman
e5874e1903
Merge pull request #3525 from HowJMay/typo
...
Fix typo in comment
2020-09-10 12:39:25 +01:00
Hanno Becker
2dfe1327e5
Fix miscalculation of maximum TLS 1.3 HKDF label length
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-10 09:23:12 +01:00
Dave Rodgman
0e9afb8bd1
Minor fixes to changelog
...
Change section from "Bugfix" to "Changes". Minor grammar tidy-up.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2020-09-10 08:26:39 +08:00
HowJMay
ccbd622ed7
Fix typo in comment
...
Fix typo in program/pkey/ecdh_curve25519.c
Signed-off-by: HowJMay <vulxj0j8j8@gmail.com>
2020-09-10 08:25:36 +08:00
Hanno Becker
29ea84e906
Avoid duplicated test case names in TLS 1.3 key schedule unit tests
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 13:52:40 +01:00