Commit graph

8397 commits

Author SHA1 Message Date
Hanno Becker 2f6de42622 Move SHA256_VALIDATE[_RET] outside of MBEDTLS_SHA256_ALT guard
Somehow, mbedtls_sha256_ret() is defined even if MBEDTLS_SHA256_ALT
is set, and it is using SHA256_VALIDATE_RET. The documentation should
be enhanced to indicate that MBEDTLS_SHA256_ALT does _not_ replace
the entire module, but only the core SHA-256 functions.
2018-12-20 10:24:29 +00:00
Hanno Becker c756049dc3 Move SHA512_VALIDATE[_RET] outside of MBEDTLS_SHA512_ALT guard
Somehow, mbedtls_sha512_ret() is defined even if MBEDTLS_SHA512_ALT
is set, and it is using SHA512_VALIDATE_RET. The documentation should
be enhanced to indicate that MBEDTLS_SHA512_ALT does _not_ replace
the entire module, but only the core SHA-512 functions.
2018-12-20 10:24:00 +00:00
Hanno Becker b3c70230d2 Move SHA1_VALIDATE[_RET] outside of MBEDTLS_SHA1_ALT guard
Somehow, mbedtls_sha1_ret() is defined even if MBEDTLS_SHA1_ALT
is set, and it is using SHA1_VALIDATE_RET. The documentation should
be enhanced to indicate that MBEDTLS_SHA1_ALT does _not_ replace
the entire module, but only the core SHA-1 functions.
2018-12-20 10:18:05 +00:00
Hanno Becker 73b79841b2 Remove parameter validation for deprecated function in ECDSA module 2018-12-20 09:53:24 +00:00
k-stachowiak 247a782668 Increase strictness of NULL parameter validity in CCM's doxygen 2018-12-19 19:02:39 +01:00
k-stachowiak 6adb0574ea Improve details of CCM parameter validation and documentation 2018-12-19 19:02:39 +01:00
k-stachowiak 9da5d7cd83 Adjust mbedtls_ccm_free() documentation 2018-12-19 19:02:39 +01:00
k-stachowiak 373a660193 Fix a documentation typo 2018-12-19 19:02:39 +01:00
k-stachowiak 270a125946 Add a change log entry 2018-12-19 19:02:39 +01:00
k-stachowiak b92f9334e4 Doxygen comments improvement 2018-12-19 19:02:39 +01:00
k-stachowiak dd63359dae Add tests for valid NULL in ccm_free() 2018-12-19 19:02:39 +01:00
k-stachowiak 508bcd96db Remove unneeded test for the CCM free function 2018-12-19 19:02:39 +01:00
k-stachowiak 12f0d5c66d Improve the constraints definition in the doxygen comments in CCM 2018-12-19 19:02:39 +01:00
k-stachowiak f712534801 Add missing validation code in CCM 2018-12-19 19:02:39 +01:00
k-stachowiak ff8a0989c8 Allow empty arguments in some CCM functions' parameter validation 2018-12-19 19:02:39 +01:00
k-stachowiak fd42d531ba Explicitly allow NULL as an argument to mbedtls_ccm_free() 2018-12-19 19:02:39 +01:00
k-stachowiak 438448e45f Format NULL occurrences in CCM's Doxygen comments 2018-12-19 19:02:39 +01:00
k-stachowiak 26d365eb54 Add parameter validation for CCM 2018-12-19 19:02:39 +01:00
k-stachowiak fb54360f8c Prevent unused variable in some configurations 2018-12-19 18:34:21 +01:00
Gilles Peskine 6af45ec53e PK: document context validity requirements
Document when a context must be initialized or not, when it must be
set up or not, and whether it needs a private key or a public key will
do.

The implementation is sometimes more liberal than the documentation,
accepting a non-set-up context as a context that can't perform the
requested information. This preserves backward compatibility.
2018-12-19 18:10:03 +01:00
k-stachowiak a85edd9415 Split the unconditional and conditional parameter validation tests 2018-12-19 18:06:35 +01:00
Hanno Becker f25ee7f79d Fix parameter validation for mbedtls_mpi_lsb()
The MPI_VALIDATE_RET() macro cannot be used for parameter
validation of mbedtls_mpi_lsb() because this function returns
a size_t.

Use the underlying MBEDTLS_INTERNAL_VALIDATE_RET() insteaed,
returning 0 on failure.

Also, add a test for this behaviour.
2018-12-19 16:51:50 +00:00
Gilles Peskine 8c71b3ecb3 pk_parse*keyfile: explicitly validate path=NULL
Don't rely on the check in pk_load_file, that's fragile.
2018-12-19 17:37:02 +01:00
Gilles Peskine d54b97503b pk parse: the password is optional
For mbedtls_pk_parse_key and mbedtls_pk_parse_keyfile, the password is
optional. Clarify what this means: NULL is ok and means no password.
Validate parameters and test accordingly.
2018-12-19 17:36:14 +01:00
k-stachowiak 516897a44a Remove unnecessary parameter validation from the Cipher module 2018-12-19 17:34:58 +01:00
k-stachowiak 1a9df6bcb7 Improve style in the Cipher module 2018-12-19 17:34:58 +01:00
k-stachowiak e4b8d28ca7 Remove imprecise clause from documenting comment 2018-12-19 17:34:58 +01:00
k-stachowiak 95070a8286 Make some cipher parameter validation unconditional 2018-12-19 17:34:58 +01:00
k-stachowiak 6df25e7930 Increase strictness of NULL parameter validity in Cipher's doxygen 2018-12-19 17:34:58 +01:00
k-stachowiak d409285cfa Add a change log entry 2018-12-19 17:34:58 +01:00
k-stachowiak 5b01f8b3ae Add a new line at the end of the test data file 2018-12-19 17:34:13 +01:00
k-stachowiak 90b8d4a11e Include static cipher functions in the parameter validation scheme 2018-12-19 17:34:13 +01:00
k-stachowiak c29d94c7bf Account for optional NULL buffer arguments in the Cipher module 2018-12-19 17:34:13 +01:00
k-stachowiak d5913bc115 Improve documentation of the parameter validation in the Cipher module 2018-12-19 17:34:13 +01:00
k-stachowiak a539070f82 Make all parameter validation tests optional 2018-12-19 17:34:13 +01:00
Krzysztof Stachowiak e0215d7869 Add Cipher module parameter validation 2018-12-19 17:34:13 +01:00
k-stachowiak 6009ece91d Increase strictness of NULL parameter validity in GCM's doxygen 2018-12-19 17:32:19 +01:00
k-stachowiak 21298a20c4 Improve parameter validation in mbedtls_gcm_free() 2018-12-19 17:32:19 +01:00
k-stachowiak 9af22e4790 Update change log 2018-12-19 17:32:19 +01:00
k-stachowiak 2ae7ae5301 Doxygen comments improvement 2018-12-19 17:30:38 +01:00
k-stachowiak 5fccb3edf3 Add tests for valid NULL in gcm_free() 2018-12-19 17:30:38 +01:00
k-stachowiak 8ffc92a1e8 Add parameter validation for the GCM module 2018-12-19 17:30:38 +01:00
Hanno Becker 8ce11a323e Minor improvements to bignum module 2018-12-19 16:18:52 +00:00
Gilles Peskine ee3cfec3cc PK sign/verify: hash=NULL is ok if md_alg=0 and hash_len=0 2018-12-19 17:11:44 +01:00
Gilles Peskine 998fbfbe68 Properly test pk_write with an empty output buffer
This needs a real key to test properly.
2018-12-19 17:08:51 +01:00
Gilles Peskine cc274c2ebf Do run the valid parameters test function 2018-12-19 17:08:01 +01:00
Gilles Peskine 159171b72a PK parse/write: support keylen=0 correctly
A 0-length buffer for the key is a legitimate edge case. Ensure that
it works, even with buf=NULL. Document the key and keylen parameters.

There are already test cases for parsing an empty buffer. A subsequent
commit will add tests for writing to an empty buffer.
2018-12-19 17:03:28 +01:00
Hanno Becker df4b59696d Minor Camellia documentation improvements 2018-12-19 15:50:02 +00:00
Hanno Becker ed54128fdb Minor Blowfish documentation improvements 2018-12-19 15:48:37 +00:00
Hanno Becker 70ded3602c Minor improvements to Camellia module and documentation 2018-12-19 13:42:05 +00:00