yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
16874 commits 89 branches 205 tags 114 MiB
Commit graph

16874 commits

This branch
This branch
All branches
Author SHA1 Message Date
Mateusz Starzyk a42f9537b5 Improve documentation for CCM's processed variable. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk b73c3ec1bc Restore MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED as default ret. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk 62d22f9782 Use additional state in CCM to track auth data input. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk 4f2dd8aada Fix errors returned by CCM functions. 
Add new error code for calling functions in wrong order.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk f337850738 Use const size buffer for local output in CCM decryption. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:59:36 +02:00
Mateusz Starzyk c562788068 Fix local buffer allocation conditions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk ceb5bc6150 Fix typos. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk 8788906947 Add CCM test for edge cases. 
Cover:
- not calling auth data update
- not calling cipher text update
- exceeding configured auth data length
- exceeding configured cipher text length

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk c8bdf36a72 Validate tag pointer in ccm function. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk 1bda9451ef Factor out common code from ccm decrypt functions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk eb395c00c9 Move 'Authenticated decryption' comment. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk 22f7a35ca4 Do not use output buffer for internal XOR during decryption. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk 36d3b89c84 Verify input data lengths. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 2d5652acee Move ccm error state handling. 
Remove error clearing from ccm_starts() and ccm_set_lengths().
Add error check in ccm_update_ad(), ccm_update() and ccm_finish().

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 5d97601e81 Remove ccm input validation. 
VALIDATE and VALIDATE_RET macros are obsolete.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk ca9dc8d1d7 Rename ccm_calculate_first_block function. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk c52220d775 Clear temporary buffer after block crypt operation. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk a9cbdfbb34 Replace ccm status flags with bitshifts. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 4df9ac4882 Reorganize ccm context structure. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk de7a83da0d Add changelog for chunked CCM implementation. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 27a1bef89d Tidy up test functions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 29ec75b34e Add multipart testing to CCM* tests. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 663055f784 Remove UPDATE_CBC macro and working b buffer. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 25a3dfe7dd Add multipart tests for ccm suite. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 20bac2fbe4 Fix chunked ccm update. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 05e92d67bb Fix crypt mode configuration. Validate parameters in chunked input functions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 6a15bcf61b Add support for chunked plaintext/cyphertext input. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 2ad7d8e1ff Replace CCM_CRYPT macro with a more versatile static function. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 33392450b7 Add chunked auth data support 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk eb2ca96d69 Store set lenghts in ccm context. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 88c4d624f8 Clear context state if previous operation failed. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 793692cbcb Split ccm_auth function. 
Move logic to ccm_starts, ccm_set_lengths, ccm_update_ad,
ccm_update and ccm_finish
Use separate variable to track context state.
Encode first block only if both mbedtls_ccm_starts() and
mbedtls_ccm_set_lengths() were called.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk 89d469cdb4 Move working variables to ccm context structure 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Gilles Peskine 78f6f05778
Merge pull request #4695 from yutotakano/fix-ssl-opt.sh-hard-abort 
ssl-opt.sh: Skip tests instead of conditional hard abort
 2021-08-04 10:16:19 +02:00
Gilles Peskine 3fbc5d3cf2
Merge pull request #4815 from gilles-peskine-arm/generate_errors-multiline-3.0 
Move MBEDTLS_ERR_xxx Doxygen comments before the definition
 2021-08-03 13:46:21 +02:00
Gilles Peskine cfb5d393ed
Merge pull request #4659 from spencer-burke/fixing_4222 
Remove duplicated check in `check_config.h`
 2021-08-03 12:53:34 +02:00
Gilles Peskine 58887bab12 Show warnings if something looks wrong 
This makes no difference to the output.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-08-02 22:53:40 +02:00
Gilles Peskine 7f8e2770fa Document the big regex 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-08-02 22:51:03 +02:00
Gilles Peskine d297157fe8 Move MBEDTLS_ERR_xxx Doxygen comments before the definition 
Now that descriptions of error codes no longer have to be on the same line
for the sake of generate_errors.pl, move them to their own line before the
definition. This aligns them with what we do for other definitions, and
means that we no longer need to have very long lines containing both the C
definition and the comment.

```
perl -i -pe 's~^(#define +MBEDTLS_ERR_\w+ +-\w+) */\*[*!]<(.*)\*/~/**$2*/\n$1~' include/mbedtls/*.h
```

This commit does not change the output of generate_errors.pl.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-08-02 22:51:03 +02:00
Gilles Peskine 05aa543b73 Better support multiline comments for MBEDTLS_ERR_xxx 
They were recognized by a prior commit. In this commit, replace line
breaks (with optional comment continuation marker) by spaces.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-08-02 22:51:03 +02:00
Gilles Peskine 47b09567ab More flexible parsing of Doxygen comments for MBEDTLS_ERR_xxx 
Before this commit, definitions of error codes must match a strict pattern,
with a Doxygen comment following the definition on the same line and
starting with "/**<". Change how generate_errors.pl so that the Doxygen
comment can be before the definition instead of after, and doesn't have to
be on the same line.

Also allow spaces between "#" and "define", and allow Doxygen comments to
start with "/*!" rather than "/**". Starting with "///" or "//!" is not
supported.

This commit does not change the output of generate_errors.pl.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-08-02 22:51:00 +02:00
Gilles Peskine 8bb9b80d18
Merge pull request #4806 from hanno-arm/ssl_session_serialization_version 
Store TLS version in SSL session structure
 2021-08-02 12:45:55 +02:00
Hanno Becker fa0d61e559 Fix typo 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-02 08:56:14 +01:00
Hanno Becker 57723135b3 Document temporary overlap of TLS version in SSL context and session 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-01 19:40:44 +01:00
Hanno Becker dce50974bf Prefix "version" with "library" or "protocol" to avoid ambiguity 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-01 05:39:23 +01:00
Hanno Becker 37bdbe6c4d Remove mentions of truncated HMAC from ssl_tls.c 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-01 05:38:58 +01:00
Gilles Peskine 69813477b0
Merge pull request #4758 from paul-elliott-arm/fix_cipher_output_size 
Fix divide by zero if macro used with wrong key type
 2021-07-30 18:56:18 +02:00
Dave Rodgman 677c6c4cac
Merge pull request #4801 from hanno-arm/ssl_session_exported_private 
Explicitly mark fields as private via MBEDTLS_PRIVATE(...)
 2021-07-30 14:39:07 +01:00
Manuel Pégourié-Gonnard 8da9dc05e8
Merge pull request #4748 from TRodziewicz/re-introduce_ext_checks_for_psa_unlock-wipe_key_slot 
Re-introduction of key slot checks
 2021-07-29 13:45:57 +02:00
Manuel Pégourié-Gonnard 1a515d1bc2
Merge pull request #4777 from gilles-peskine-arm/save-coverage-summary-3.0 
Save the basic-build-test.sh test report summary to coverage-summary.txt
 2021-07-29 10:52:35 +02:00