yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
16508 commits 89 branches 205 tags 114 MiB
Commit graph

16508 commits

This branch
This branch
All branches
Author SHA1 Message Date
Hanno Becker 2fc9a652bc Address review feedback 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker 2e3ecda684 Adust migration guide for SSL error codes 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker 90d59dddf5 Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker c3411d4041 Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker 9ed1ba5926 Rename MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE 
New name MBEDTLS_ERR_SSL_BAD_CERTIFICATE

Also, replace some instances of MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE
by MBEDTLS_ERR_SSL_DECODE_ERROR and MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER
as fit.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker 5697af0d3d Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker cbc8f6fd5d Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker a0ca87eb68 Remove MBEDTLS_ERR_SSL_BAD_HS_FINISHED 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker d200296f17 Remove MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker d934a2aafc Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker d3eec78258 Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker 666b5b45f7 Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker 029cc2f97b Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker b24e74bff7 Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP error code 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker d01fc5f583 Introduce MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE error code 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker 241c19707b Remove MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker bc00044279 Rename MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION 
New name is MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker 93636cce4a Add MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker 2fe5f61e1a Add generic codes for syntactic and semantic message parsing errors 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Janos Follath 8a88f6274c
Merge pull request #4726 from athoelke/at-pbkdf2-doc-fixes 
Fixes for PBKDF2 documentation
 2021-06-28 09:47:57 +01:00
Dave Rodgman 10bda58b49
Merge pull request #4259 from CJKay/cmake-config 
Add CMake package config file
 2021-06-25 20:32:13 +01:00
Dave Rodgman 63ad854de8
Merge pull request #4712 from daverodgman/psa_cipher_and_mac_abort_on_error 
Psa cipher and mac abort on error
 2021-06-25 15:39:59 +01:00
Gilles Peskine 918708b824
Merge pull request #4729 from paul-elliott-arm/fix_test_illegal_access 
Fix potential free of uninitialised pointer
 2021-06-25 13:43:56 +02:00
Paul Elliott e57dd2d450 Fix potential free of uninitialised pointer 
A test was added in that could cause a jump to exit prior to
initialisation of a pointer that would get freed if that test failed.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-25 11:17:12 +01:00
Andrew Thoelke 52d18cd9a4
Remove trailing space 
Signed-off-by: Andrew Thoelke <andrew.thoelke@arm.com>
 2021-06-25 11:03:57 +01:00
Dave Rodgman 90d1cb83a0 Use more standard label name 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-25 09:09:02 +01:00
Ronald Cron 3698fa1043
Merge pull request #4673 from gilles-peskine-arm/psa_crypto_spm-from_platform_h 
Fix and test the MBEDTLS_PSA_CRYPTO_SPM build
 2021-06-25 09:01:08 +02:00
Gilles Peskine 1fed4b8324
Merge pull request #4720 from gilles-peskine-arm/gcm-finish-outlen 
Add output_length parameter to mbedtls_gcm_finish
 2021-06-24 20:02:40 +02:00
Dave Rodgman 6f7105818c Improve psa_hash_update negative test 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 18:15:23 +01:00
Andrew Thoelke a0f4b595c5
Fixes for PBKDF2 documentation 
Fix typos in the PBKDF2 documentation

Correct the constraints on PSA_KEY_USAGE_DERIVE and PSA_KEY_USAGE_VERIFY_DERIVATION, aligning them with the note against psa_key_derivation_input_key(). All key inputs must have the required usage flag to permit output or verification.

Correct the constraints on PSA_KEY_DERIVATION_INPUT_SECRET and PSA_KEY_DERIVATION_INPUT_PASSWORD, aligning them with 4feb611. psa_key_derivation_verify_key() does not require the secret/password input to be a key.

Signed-off-by: Andrew Thoelke <andrew.thoelke@arm.com>
 2021-06-24 16:47:14 +01:00
Dave Rodgman 8036bddb01 Tidy up logic in psa_mac_sign_finish 
Simplify the logic in psa_mac_sign_finish.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 16:19:08 +01:00
Dave Rodgman b5dd7c794d Correct coding style issues 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 16:17:43 +01:00
Dave Rodgman 54648243cd Call abort on error in psa_mac/cipher setup 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 11:49:45 +01:00
Dave Rodgman 685b6a742b Update multipart hash operations to abort on error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 11:49:14 +01:00
Dave Rodgman 5ae6f7547c Add negative tests for psa_abort in hash functions 
Various functions for PSA hash operations call abort
on failure; test that this is done. The PSA spec does not require
this behaviour, but it makes our implementation more robust in
case the user does not abort the operation as required by the
PSA spec.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-24 11:41:05 +01:00
Gilles Peskine fedd52ca19
Merge pull request #4707 from gilles-peskine-arm/require-matching-hashlen-rsa-implementation 
Require matching hashlen in RSA functions: implementation
 2021-06-24 10:28:20 +02:00
Gilles Peskine 5a7be10419 Add output_length parameter to mbedtls_gcm_finish 
Without this parameter, it would be hard for callers to know how many bytes
of output the function wrote into the output buffer. It would be possible,
since the cumulated output must have the same length as the cumulated input,
but it would be cumbersome for the caller to keep track.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-23 21:51:32 +02:00
Dave Rodgman 38e62aebc3 Update cipher and mac functions to abort on error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-23 18:59:17 +01:00
Dave Rodgman 647791da5b Add negative tests for psa_abort in cipher and mac functions 
Various functions for PSA cipher and mac operations call abort
on failure; test that this is done. The PSA spec does not require
this behaviour, but it makes our implementation more robust in
case the user does not abort the operation as required by the
PSA spec.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-23 18:59:17 +01:00
Gilles Peskine f06b92d724
Merge pull request #4567 from mstarzyk-mobica/gcm_ad 
Enable multiple calls to mbedtls_gcm_update_ad
 2021-06-23 19:36:23 +02:00
Dave Rodgman cb17fc34cf
Merge pull request #4671 from mpg/x509-crt-profile-public 
Make the fields of mbedtls_x509_crt_profile public
 2021-06-23 16:06:12 +01:00
Ronald Cron 4f7cc1bb63
Merge pull request #4713 from gilles-peskine-arm/psa-storage-format-test-lifetimes-3.0 
PSA storage format: test lifetimes
Almost straightforward of #4392 thus merging with only one approval.
 2021-06-23 15:22:03 +02:00
Janos Follath aa5938edb3
Merge pull request #4703 from gilles-peskine-arm/mpi_montmul-null-3.0 
Fix several bugs with the value 0 in bignum
 2021-06-23 13:40:14 +01:00
Mateusz Starzyk 939a54cda3 Fix typos and style issues. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:15 +02:00
Mateusz Starzyk 469c9f35f6 Add GCM tests for empty ciphertext/plaintext and empty AD. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:15 +02:00
Mateusz Starzyk 58d3a7ef97 Add GCM tests with vectors lengths non-dividable by 16. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:15 +02:00
Mateusz Starzyk 032a1ceaf3 Remove init_result check from custom gcm test functions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:15 +02:00
Mateusz Starzyk f8a0d4d3bf Fix nested loops set_step in gcm test suite. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:15 +02:00
Mateusz Starzyk fc60622710 Add customized test functions for GCM update and update_ad. 
New functions are used to cover corner cases:
* authentication data is fed to gcm with 0, 1 or 2 calls to gcm_update
* ciphertext is fed to gcm with 0, 1 or 2 calls to gcm_update_ad

AES-GCM NIST test vectors downloaded at 16.06.2021 from:
csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-06-23 14:30:03 +02:00
Ronald Cron 44a0ae920c
Merge pull request #4710 from mstarzyk-mobica/ccm_taglen 
Add missing tag_len in ccm api.
PR-4710-merge TLS Testing  run successfully and the failure in PR-4710-head TLS Testing are CI problems thus merging.
 2021-06-23 14:20:26 +02:00