Commit Graph

8799 Commits

Author SHA1 Message Date
Hanno Becker
2d8a2c0852 Modify existing X.509 test for also test new copyless API
The existing test `x509parse_crt()` for X.509 CRT parsing
so far used the generic parsing API `mbedtls_x509_crt_parse()`
capable of parsing both PEM encoded and DER encoded certficates,
but was actually only used with DER encoded input data. Moreover,
as the purpose of the test is the testing of the core DER X.509 parsing
functionality, not the PEM vs. DER dispatch (which is now already tested
in the various `x509_crt_info()` tests), the call can be replaced with a
direct call to `mbedtls_x509_parse_crt_der()`.

This commit does that, and further adds to the test an analogous
call to the new API `mbedtls_x509_parse_crt_der_nocopy()` to test
copyless parsing of X.509 certificates.
2019-02-08 14:24:58 +00:00
Hanno Becker
462c3e5210 Add test for mbedtls_x509_parse_file() with DER encoded CRT 2019-02-08 14:24:58 +00:00
Hanno Becker
1a65dcd44f Add a new X.509 API call for copy-less parsing of CRTs
Context:
The existing API `mbedtls_x509_parse_crt_der()` for parsing DER
encoded X.509 CRTs unconditionally makes creates a copy of the
input buffer in RAM. While this comes at the benefit of easy use,
-- specifically: allowing the user to free or re-use the input
buffer right after the call -- it creates a significant memory
overhead, as the CRT is duplicated in memory (at least temporarily).
This might not be tolerable a resource constrained device.

As a remedy, this commit adds a new X.509 API call

   `mbedtls_x509_parse_crt_der_nocopy()`

which has the same signature as `mbedtls_x509_parse_crt_der()`
and almost the same semantics, with one difference: The input
buffer must persist and be unmodified for the lifetime of the
established instance of `mbedtls_x509_crt`, that is, until
`mbedtls_x509_crt_free()` is called.
2019-02-08 14:24:58 +00:00
Jaeden Amero
fb236739da Revert "Forbid passing NULL input buffers to RSA encryption routines"
Resolve incompatibilties in the RSA module where changes made for
parameter validation prevent Mbed Crypto from working. Mbed Crypto
depends on being able to pass zero-length buffers that are NULL to RSA
encryption functions.

This reverts commit 2f660d047d.
2019-02-08 08:43:31 -05:00
Andrzej Kurek
02f39ace58 Adjust documentation of mbedtls_cipher_update_ad 2019-02-08 06:50:55 -05:00
Andrzej Kurek
57f04e56c1 Adjust documentation of mbedtls_cipher_update_ad
Fix indentation and capitalization
2019-02-08 06:44:43 -05:00
Andrzej Kurek
3c2b15d31e Update version_features file 2019-02-08 02:38:45 -05:00
Andrzej Kurek
85ac0aeb58 Update submodule version to include parameter validation for rsa.c 2019-02-07 09:09:13 -05:00
Andrzej Kurek
172457460b Add MBEDTLS_PSA_HAS_ITS_IO to config.pl exclude list 2019-02-07 08:49:53 -05:00
Andrzej Kurek
d3643ef29b Add PSA defines to config.pl exclude list 2019-02-07 07:41:27 -05:00
Andrzej Kurek
70d8a5b5d9 Update crypto submodule version to 94a3abcd 2019-02-07 07:40:33 -05:00
Andres Amaya Garcia
17c53c5c1e Fix check-generated-files.sh failure with query_config 2019-02-07 10:38:23 +00:00
Andres Amaya Garcia
e7856bfc6d Suppress visual studio preprocessor warnings on query_config.c 2019-02-07 10:38:23 +00:00
Andres Amaya Garcia
bc432b8232 Use \r instead of 0xD in generate_visualc_files.pl 2019-02-07 10:38:23 +00:00
Andres Amaya Garcia
8645f733cf Update query_config.c with new macros 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
ef672f0319 Exclude macros from query_config.c generation 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
27b3372c45 Fix query_config macro expansion for windows 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
5bc6e92b70 Fix query_config macro expansion for windows 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
c84a65da9d Fix missing include in vs proj files for query programs 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
cb9c015558 Improve cmake inclusion of query_config.c when building apps 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
c28da7ea43 Improve comments in query_config.fmt 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
5aca555391 Fix GCC 0-length printf format string error 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
2fdc2c299f Fix multiple stdio.h inclusion in query_config.c 2019-02-07 10:38:22 +00:00
Andres AG
08457ce76b Fix aligment in programs/test/query_compile_time_config.c 2019-02-07 10:38:22 +00:00
Andres AG
509ba69e16 Create programs/test/query_compile_time_config app 2019-02-07 10:38:22 +00:00
Andres AG
458148681d Ensure query_config.c includes stdio only when needed 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
109f8b6100 Fix typo in quenerate_query_config.pl comment 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
bb923642c3 Update programs/ssl/CMakeLists.txt with query_config.c dep 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
aabe52f036 Add ChangeLog entries 2019-02-07 10:38:22 +00:00
Andres Amaya Garcia
4c981a09e8 Add gen_query_config.pl to check-gen-files and bump_version 2019-02-07 10:37:39 +00:00
Andres Amaya Garcia
88121a96f6 Script generation of query_config.c file 2019-02-07 10:37:39 +00:00
Andres Amaya Garcia
3b2f9d3ca8 query_config.c: remove duplicated inc of platform.h 2019-02-07 10:37:39 +00:00
Andres Amaya Garcia
3169dc0619 ssl-opt: Use ssl_server2 to query config instead of grep and sed 2019-02-07 10:37:39 +00:00
Andres Amaya Garcia
bc81884e3a Query config through ssl_server2 and ssl_client2 cmdline 2019-02-07 10:36:50 +00:00
Andrzej Kurek
1767e40368 all.sh: fix submodule test names 2019-02-05 06:05:49 -05:00
Andrzej Kurek
8a2e97c2df Merge development-psa commit 80b5662 into development-psa-merged branch
Adjust crypto submodule version to use new, forked crypto version accordingly.
2019-02-05 06:02:51 -05:00
Andrzej Kurek
e9c3b8130a all.sh: move crypto submodule check to pre_check_git 2019-02-05 05:34:21 -05:00
Andrzej Kurek
c690523d2b Merge PSA config and check-config changes
Introduce MBEDTLS_PSA_HAS_ITS_IO, MBEDTLS_PSA_CRYPTO_SPM,
MBEDTLS_PSA_CRYPTO_STORAGE_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C,
MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C.
Disable crypto storage by default.
2019-02-05 05:26:00 -05:00
Andrzej Kurek
d142856846 cipher: remove unnecessary precondition
Already checked by parameter validation macros
2019-02-05 05:11:03 -05:00
Andrzej Kurek
efed323698 pk: restructure precondition check 2019-02-05 05:09:05 -05:00
Andrzej Kurek
b274f2739e Documentation fixes 2019-02-05 05:06:35 -05:00
Andrzej Kurek
fd0381a2c5 all.sh: change test_submodule to test_use_psa_crypto 2019-02-05 05:00:02 -05:00
Andrzej Kurek
8764ccc83d ChangeLog: rearrange misplaced sections.
Add information about  mbed TLS 2.15.0 and  mbed TLS 2.15.1.
2019-02-05 04:57:13 -05:00
Andrzej Kurek
246cc86f66 cipher: fix indentation 2019-02-05 04:40:53 -05:00
k-stachowiak
a1dc9117a7 Correct code formatting in the timing test suites 2019-02-05 09:22:20 +01:00
k-stachowiak
c5a4a13a5c Apply imperative style in the changelog entry 2019-02-05 09:11:58 +01:00
Jaeden Amero
80b566267f Merge remote-tracking branch 'origin/pr/2386' into development-psa 2019-02-04 16:42:23 +00:00
Jaeden Amero
d18b264eaf Merge remote-tracking branch 'origin/pr/2382' into development-psa 2019-02-04 16:41:46 +00:00
Jaeden Amero
65408c5f92 Merge remote-tracking branch 'origin/pr/2355' into development-psa 2019-02-04 16:41:12 +00:00
Jaeden Amero
d4a31d3581 Merge remote-tracking branch 'origin/pr/2350' into development-psa 2019-02-04 16:40:06 +00:00