yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
16013 commits 89 branches 205 tags 114 MiB
Commit graph

6965 commits

Author SHA1 Message Date
Paul Elliott ad53dcc975 Move common final checks to function 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-23 08:51:29 +01:00
Paul Elliott 534d0b4484 Finish / Verify state checks 
Ensure finish only called when encrypting and verify only called for
decrypting, and add tests to ensure this.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 22:14:48 +01:00
Paul Elliott f88a565f18 Better tag size default for m-aead finish 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 22:14:48 +01:00
Paul Elliott d89304ebb7 Fix formatting issues 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 22:14:48 +01:00
Paul Elliott e4030f2cd1 Replace function with macro that already exists 
I wrote a function to determine the base algorithm given a variant,
however this is already implemented by
PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 22:14:48 +01:00
Paul Elliott 7220cae93c Ensure generate nonce unavailable in decrypt 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 22:14:47 +01:00
Paul Elliott 8eb9dafda1 Add generate nonce test 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 16:31:09 +01:00
Paul Elliott 1c8de15490 Update documentation to tally with recent changes 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 16:31:09 +01:00
Paul Elliott bc94978d8c Add missing unused arguments 
No algorithm defined case generally doesn't use the operation.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-22 16:31:09 +01:00
Paul Elliott 40ef3a9454 Fix state logic and return codes 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-01 17:17:58 +01:00
Paul Elliott 83f09ef056 Proper multipart AEAD GCM Implementation 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-06-01 17:17:47 +01:00
Paul Elliott b2ce2ed6d8 Merge remote-tracking branch 'upstream/development' into psa-m-aead 
Conflicts:
* None
 2021-06-01 17:13:19 +01:00
Gilles Peskine 9f5c34cc88
Merge pull request #4596 from gilles-peskine-arm/nist_kw-null_dereference-3.0 
Fix null pointer arithmetic in NIST_KW
 2021-06-01 16:40:19 +02:00
Gilles Peskine 89ee599092 Fix null pointer arithmetic in error case 
When mbedtls_nist_kw_wrap was called with output=NULL and out_size=0, it
performed arithmetic on the null pointer before detecting that the output
buffer is too small and returning an error code. This was unlikely to have
consequences on real-world hardware today, but it is undefined behavior and
UBSan with Clang 10 flagged it. So fix it (fix #4025).

Fix a similar-looking pattern in unwrap, though I haven't verified that it's
reachable there.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-01 11:22:56 +02:00
Manuel Pégourié-Gonnard 6d84e917bb
Merge pull request #4568 from creiter32/to_upstream/csr_critical_extensions 
Expose flag for critical extensions
 2021-05-31 12:46:59 +02:00
Ronald Cron ea62d2f391
Merge pull request #4369 from hanno-arm/relax_psk_config 
Implement relaxed semantics for static PSK configuration in Mbed TLS 3.0
 2021-05-31 10:03:56 +02:00
Ronald Cron f1eb425782
Merge pull request #4469 from xiaoxiang781216/padlock 
aes: Check aes_padlock_ace > 0 before calling padlock
 2021-05-28 11:06:40 +02:00
Ronald Cron c44a1d522a
Merge pull request #4507 from Venafi/userid-oid 
Add OID for User ID
 2021-05-28 10:43:41 +02:00
Christoph Reiter 95273f4b07 Expose flag for critical extensions 
Enables creating X.509 CSRs with critical extensions.

Signed-off-by: Christoph Reiter <christoph.reiter@infineon.com>
 2021-05-27 14:27:43 +02:00
Ronald Cron 142c205ffc
Merge pull request #4513 from Patater/psa-without-genprime-fix 
psa: Support RSA signature without MBEDTLS_GENPRIME
 2021-05-27 14:19:24 +02:00
TRodziewicz 46cccb8f39 _SSL_DTLS_BADMAC_LIMIT config.h option removed 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-26 13:36:21 +02:00
Gilles Peskine b7abba28e3
Merge pull request #4515 from tom-daubney-arm/remove_rsa_mode_params_2 
Remove rsa mode params part 2
 2021-05-25 20:36:33 +02:00
Gilles Peskine 8a5304d446
Merge pull request #4553 from gilles-peskine-arm/aria_alt-3.0 
Fix ARIA_ALT header and self-test and CAMELLIA_ALT self-test
 2021-05-25 20:32:40 +02:00
Gilles Peskine c537aa83f4 CAMELLIA: add missing context init/free 
This fixes the self-test with alternative implementations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-05-25 09:23:10 +02:00
Gilles Peskine be89fea1a7 ARIA: add missing context init/free 
This fixes the self-test with alternative implementations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-05-25 09:23:10 +02:00
TRodziewicz 4ca18aae38 Corrections after the code review 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 13:38:00 +02:00
TRodziewicz 6370dbeb1d Remove the _SSL_FALLBACK_ parts 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:49:59 +02:00
TRodziewicz 2d8800e227 Small corrections in the comments 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:49:24 +02:00
TRodziewicz b5850c5216 Correction of too restrictive ssl cli minor check 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:49:15 +02:00
TRodziewicz ef73f01927 Removing strayed dtls1 after doing tests 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:49:04 +02:00
TRodziewicz 28126050f2 Removal of constants and functions and a new ChangeLog file 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:48:12 +02:00
TRodziewicz 0f82ec6740 Remove the TLS 1.0 and 1.1 support 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:45:20 +02:00
Paul Elliott 3a16e014f2 Ensure tag lengths match in verification 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-21 18:05:04 +01:00
Paul Elliott f47b0957ab Set tag to 'impossible' value on failure to encrypt 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-21 18:05:04 +01:00
Paul Elliott 6eb959854b Improve state logic 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-21 18:05:04 +01:00
Paul Elliott 6981fbcf10 Remove unneccessary guard for key unlock 
Also make sure failure is not hidden by key unlock failure

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-21 18:05:04 +01:00
Paul Elliott e95259f833 Remove some CCM leftovers 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-21 18:05:04 +01:00
Thomas Daubney d58ed587fd Restores erroneously removed checks 
Some padding checks in rsa.c were
erroneously removed in a previous
commit and are restored in this
commit.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2021-05-21 11:50:39 +01:00
Janos Follath 7fc487c4d6
Merge pull request #4347 from hanno-arm/ssl_session_cache_3_0 
Add session ID as an explicit parameter to SSL session cache API
 2021-05-21 09:28:55 +01:00
Ronald Cron ca72287583
Merge pull request #4304 from mstarzyk-mobica/convert_NO_SHA384_to_positive 
Modify config option for SHA384.
 2021-05-21 08:04:33 +02:00
Paul Elliott 60aa203e30 Remove temporary AEAD CCM implementation 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-20 22:44:32 +01:00
Paul Elliott e715f88d9d Fix key slot being used uninitialised on error 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-20 21:55:39 +01:00
Paul Elliott 1a98acac1c Properly handle GCM's range of nonce sizes 
Add comment to the effect that we cannot really check nonce size as the
GCM spec allows almost arbitrarily large nonces. As a result of this,
change the operation nonce over to an allocated buffer to avoid overflow
situations.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-20 18:39:58 +01:00
Paul Elliott ee4ffe0079 Move AEAD length checks to PSA core 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-20 18:39:58 +01:00
Paul Elliott b91da71db1 Remove unrequired initialisation 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-20 18:39:58 +01:00
Paul Elliott ac1b3fd5b6 Ensure that key gets unlocked in case of error 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-20 18:39:58 +01:00
Paul Elliott cee785cd72 Seperate id checks from other state checks 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-20 18:39:58 +01:00
Paul Elliott bb8bf6649e Change function signature indentation 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-20 18:39:58 +01:00
Paul Elliott e9eeea3290 Formatting fixes 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-20 18:39:58 +01:00
Paul Elliott 5c656cbf99 Fix missed incorrect include guard 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-05-20 18:39:58 +01:00