yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
15977 commits 89 branches 205 tags 114 MiB
Commit graph

15977 commits

This branch
This branch
All branches
Author SHA1 Message Date
Hanno Becker 9caed14a21 Fix typo in ssl session cache documentation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 14:57:13 +01:00
Hanno Becker 78196e366f Fix search for outdated entries in SSL session cache 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 14:55:15 +01:00
Hanno Becker c3f4a97b8f Don't infer last element of SSL session cache twice 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 14:54:24 +01:00
Hanno Becker 466ed6fd08 Improve local variable naming in SSL session cache implementation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 14:54:00 +01:00
Hanno Becker 5cf6f7eafe Fix swapping of first and last entry in SSL session cache 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 14:45:04 +01:00
TRodziewicz 1cf33bf94d Corrections o the migration guide 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-14 14:35:26 +02:00
TRodziewicz 95f8f22c27 Migration guide added and ChangeLog clarified 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-14 14:07:51 +02:00
Hanno Becker 006f2cce2e Fix compile-time guard in session cache implementation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 04:57:44 +01:00
Hanno Becker 0d05f40222 Clarify that session cache query must return free-able session 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 04:57:43 +01:00
Hanno Becker b94fdae3c3 Improve code structure for session cache query 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-14 04:57:40 +01:00
gabor-mezei-arm 07a35f68ee
Update key type name 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 16:27:46 +02:00
gabor-mezei-arm d5218df572
Enable fallback to software implementation in psa_sign/verify_message driver 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm f048618b43
Unify variable type and rename to be unambiguous 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm 2b8373f856
Update documentation 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm 4bc0edb919
Typo 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm 041887bfc3
Update key usage determination for exercise key tests 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm 4a6fcda031
Typo 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:01 +02:00
gabor-mezei-arm 256443e64e
Change the driver calling logic for psa_sign/verify_messsage 
The changed logic is to try a sign-message driver (opaque or transparent);
if there isn't one, fallback to builtin sofware and do the hashing,
then try a sign-hash driver. This will enable to the opaque driver
to fallback to software.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm 6883fd248d
Rename sign/verify builtin functions called by driver wrapper functions 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm 6e2a8daef4
Add new tests for psa_sign/verify_message 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm d785a79477
Fix test 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm e088985496
Fix test names 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm ce8804fd6e
Update tests dependencies 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:19:00 +02:00
gabor-mezei-arm 4fabc5666b
Use non-deterministic ecdsa algorithm for verify_hash/message tests 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm 474a35f635
Return error if algorithm is not hash-then-sign for psa_sign_message 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm 8b3e88614c
Use bool variable instead of enum values 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm 12b4f34fff
Fix documentation 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm 6cdf637f88
Use switch-case for error handling 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm 6dcaa3b5a1
Update driver tests for psa_hash/verify_message 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm f9820f92cf
Fix for algorithms other than hash-then-sign 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:59 +02:00
gabor-mezei-arm b5c1e37aff
Use driver-wrapper functions for psa_sign/verify_message 
To avoid code duplication of the old-style SE interface usage
call psa_driver_wrapper_sign/verify_hash function instead of
the direct internal functions.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:58 +02:00
gabor-mezei-arm df0f230762
Typo 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:58 +02:00
gabor-mezei-arm 0f62240942
Enable algorithms other than hash-then-sign 
For psa_hash/verify_message other algorithms than hash-then-sign is
enabled like PureEdDSA.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:58 +02:00
gabor-mezei-arm 46c23a051c
Fix error checking 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:58 +02:00
gabor-mezei-arm 2522c0b1cd
Update macro names 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:58 +02:00
gabor-mezei-arm 4c6a47a833
Add test for sign/verify message key policies 
Update the mbedtls_test_psa_exercise_key to handle and use
PSA_KEY_USAGE_SIGN_MESSAGE and PSA_KEY_USAGE_VERIFY_MESSAGE key policies.
Add new tests for PSA_KEY_USAGE_SIGN_MESSAGE and PSA_KEY_USAGE_VERIFY_MESSAGE
policies.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:58 +02:00
gabor-mezei-arm 816886c8f3
Add driver tests for sign/verify_message 
Adopting the tests for sign/verify_hash.
The expected ouput data was created with python-ecdsa.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:58 +02:00
gabor-mezei-arm 2fcb393ebd
Rename driver test funtions and test cases 
Modify function and test case names that testing psa_sign_hash and
psa_verify_hash funtions to be less confusing with the newly introduced
function and test case names which tests psa_sign_message and
psa_verify_message functions.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:57 +02:00
gabor-mezei-arm 50eac35d58
Dispatch sign/verify funtions through the driver interface 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:57 +02:00
gabor-mezei-arm 38cbaf2881
Typo 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:57 +02:00
gabor-mezei-arm 5b44652593
Unify similar functions 
Use common funtion for psa_sign_hash and psa_sign_message and one for
psa_verify_hash and psa_verify_message to unify them.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:57 +02:00
gabor-mezei-arm 36658e46ba
Update PSA_ALG_IS_SIGN_MESSAGE 
Add missing algorithm for PSA_ALG_IS_SIGN_MESSAGE and update documentation.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:57 +02:00
gabor-mezei-arm 5302848ba5
Add tests for psa_sign_message and psa_verify_message 
The reference output data was created with cryptodome for RSA algorithms and
python-ecdsa for ECDSA algorithms.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:57 +02:00
gabor-mezei-arm b95302358f
Rename test funtions and test cases 
Modify function and test case names that testing psa_sign_hash and
psa_verify_hash funtions to be less confusing with the newly introduced
function and test case names which tests psa_sign_message and
psa_verify_message functions.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:51 +02:00
gabor-mezei-arm 4a21019653 Implement psa_sign_message and psa_verify_message functions 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-05-13 11:18:49 +02:00
Hanno Becker 845ceb7cc8 Improve readability and efficiency of SSL cache reference impl 
The reference session cache implementation may end up storing multiple
sessions associated to the same session ID if the set()-call for the
second session finds an outdated cache entry prior to noticing the entry
with the matching session ID. While this logically overwrites the existing
entry since we always search the cache in order, this is at least a waste
of resources.

This commit fixes this by always checking first whether the given ID is
already present in the cache.

It also restructures the code for easier readability.

Fixes #4509.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-13 07:11:30 +01:00
Hanno Becker f47199da26 Improve naming of helper function for reference session cache 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-13 07:09:09 +01:00
Hanno Becker 0248785081 Document session cache callbacks 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-13 07:09:09 +01:00
Hanno Becker df56402623 Fix memory leak upon ciphersuite mismatch during session resumption 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-13 07:09:06 +01:00
Hanno Becker 7ad77963d1 Use shorthand local variable for session under negotiation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-13 06:13:34 +01:00