Commit graph

2536 commits

Author SHA1 Message Date
Simon Butcher 8a1a68cb2b Regenerate error.c file to remove CMAC 2016-10-13 13:51:12 +01:00
Simon Butcher 0c79073a8b Refactor and change CMAC interface
Change the CMAC interface to match the mbedtls_md_hmac_xxxx() interface. This
changes the overall design of the CMAC interface to make it more consistent with
the existing HMAC interface, and will allow incremental updates of input data
rather than requiring all data to be presented at once, which is what the
current interface requires.
2016-10-13 13:51:11 +01:00
Brian Murray 7b07e0e4b4 Fix build failure for thread config 2016-10-13 13:51:11 +01:00
Brian Murray 5168618294 Minor fixes to comments 2016-10-13 13:51:11 +01:00
Brian Murray 3d64431a33 Minor CMAC fixes for merge 2016-10-13 13:51:11 +01:00
Brian Murray 0b21cdf7bc cleaned up indentation and braket issues in mbedtls_cmac_verify 2016-10-13 13:51:11 +01:00
Brian Murray bbed660aa1 Changed test function to inline to pass tests/scripts/check-names.sh 2016-10-13 13:51:10 +01:00
Brian Murray fe9ff01c49 Fixed some build warnings 2016-10-13 13:51:10 +01:00
Brian Murray 4e067035b7 Do not zeroize null pointer 2016-10-13 13:51:10 +01:00
Brian Murray cdd1f6d96c Removed unneed memsets and fixed spacing 2016-10-13 13:51:10 +01:00
Brian Murray 6eae89bb6f No CMAC minimum tag length is specified by NIST SP800-38B A
Minor Typo Changes
2016-10-13 13:51:10 +01:00
Brian Murray e260feacbe cmac.c whitespace cleanup 2016-10-13 13:51:10 +01:00
Brian Murray db5c70e080 better handling of failed calloc 2016-10-13 13:51:10 +01:00
Brian Murray 86ff986884 selftest supports cmac if only MBEDTLS_DES_C is defined
Other minor typo fixes
2016-10-13 13:51:10 +01:00
Brian Murray 3d3c9b8be7 More cleanup of CMAC self tests 2016-10-13 13:51:09 +01:00
Brian Murray afdb60f84f Only compile AES CMAC PRF support if MBEDTLS_AES_C is defined and other cleanups 2016-10-13 13:51:09 +01:00
Brian Murray d666eb5c11 More cleanup of CMAC selftests 2016-10-13 13:51:09 +01:00
Brian Murray 3c0412a443 Fixed CMAC tag length 2016-10-13 13:51:09 +01:00
Brian Murray 7c6476c330 CMAC support for cipher with 64bit blocks (DES/3DES) 2016-10-13 13:51:09 +01:00
Brian Murray 5a8c004f79 Added cmac.o to libary/Makefile 2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard 2b0e21f130 cmac: more cosmetic changes 2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard a878d3b6e3 cmac: avoid useless wrapping of function
probably a leftover from an earlier stage
2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard 5f8639fea2 cmac: reduce visibility of macros
The #undef is usefull for people who want to to amalgamated releases
2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard 59ae4bad18 cmac: some more padding-related tune-ups
- use one less temporary buffer
- pedantic: in_len + 15 was a potential overflow
- use a more explicit name instead of 'flag'
- Mn was a bit misleading
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard da8724fbc6 cmac: clean up padding function and comments 2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard 89b8d83723 cmac: make subkey gen more constant-time
The previous version had secret-dependent memory accesses. While it was
probably not an issue in practice cause the two bytes of the array are
probably on the same cache line anyway, as a matter of principle this should
be avoided.
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard 28ea791521 cmac: zeroize sensitive intermediate values 2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard 756bcf7631 cmac: factor multiply by u to its own function
We're doing exactly the same operation for K1 and K2.
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard a4dfa0550f cmac: fix whitespace/codingstyle issues 2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard 9c83eebe67 cmac: improve argument order and naming
- always use the pattern "buffer, length"
- avoid using unqualified "length" as a name when there are more than one
2016-10-13 13:51:08 +01:00
Robert Cragie 9bf1e5dd3b Line endings wrong 2016-10-13 13:51:08 +01:00
Robert Cragie 9518e88fa0 Use autogenerated version_features.c 2016-10-13 13:51:07 +01:00
Robert Cragie 2fa11cd197 Added CMAC as proper low-level module and changed error returns 2016-10-13 13:51:07 +01:00
Robert Cragie c45554448c Added MBEDTLS_CMAC_C 2016-10-13 13:51:07 +01:00
Robert Cragie 45feb6ef20 Add support for AES-128-CMAC and AES-CMAC-PRF-128 2016-10-13 13:51:07 +01:00
Janos Follath 0be2b01a6b Add safety check to sample mutex implementation
Due to inconsistent freeing strategy in pkparse.c the sample mutex
implementation in threading.c could lead to undefined behaviour by
destroying the same mutex several times.

This fix prevents mutexes from being destroyed several times in the
sample threading implementation.
2016-10-13 13:51:07 +01:00
Andres AG 3616f6f261 Rename net.{c,h} to net_sockets.{c,h}
The library/net.c and its corresponding include/mbedtls/net.h file are
renamed to library/net_sockets.c and include/mbedtls/net_sockets.h
respectively. This is to avoid naming collisions in projects which also
have files with the common name 'net'.
2016-10-13 13:48:48 +01:00
Andres AG 4bdbe09f90 Fix sig->tag update in mbedtls_x509_get_sig() 2016-09-19 17:09:45 +01:00
Andres AG f9113194af Allow the entry_name size to be set in config.h
Allow the size of the entry_name character array in x509_crt.c to be
configurable through a macro in config.h. entry_name holds a
path/filename string. The macro introduced in
MBEDTLS_X509_MAX_FILE_PATH_LEN.
2016-09-16 11:42:35 +01:00
Simon Butcher 669c635ec0 Fix unused variable warnings for null entropy config 2016-09-15 18:57:34 +01:00
Andres Amaya Garcia a928e67278 Documentation and entropy self test changes (#610)
Ensure that the entropy self test always fails whenever
MBEDTLS_TEST_NULL_ENTROPY is defined. This is because the option is
meant to be for testing and development purposes rather than production
quality software. Also, this patch enhances the documentation for
mbedtls_entropy_source_self_test() and mbedtls_entropy_self_test().
2016-09-13 13:30:02 +01:00
Paul Bakker 29f221f183 Fix guards in SSL for ECDH key exchanges 2016-09-05 01:48:31 +03:00
palaviv a9f90f00aa Removing in compile time unused entries from oid_ecp_grp list 2016-09-04 15:14:38 +01:00
palaviv 06f1828fa2 Removing in compile time unused entries from oid_sig_alg list 2016-09-04 15:14:38 +01:00
palaviv 4636fc6b0d oid_x520_attr_type list is defined only when MBEDTLS_X509_USE_C or MBEDTLS_X509_CREATE_C 2016-09-04 15:14:38 +01:00
palaviv 5730320225 Removing in compile time unused entries from oid_md_alg list 2016-09-04 15:14:38 +01:00
Andres AG e7723ec284 Make entropy bias self test poll multiple times
Instead of polling the hardware entropy source a single time and
comparing the output with itself, the source is polled at least twice
and make sure that the separate outputs are different.
2016-08-30 16:50:48 +01:00
Andres AG b34e42e69e Add a new self test to entropy module
The self test is a quick way to check at startup whether the entropy
sources are functioning correctly. The self test only polls 8 bytes
from the default entropy source and performs the following checks:

- The bytes are not all 0x00 or 0xFF.
- The hardware does not return an error when polled.
- The entropy does not provide data in a patter. Only check pattern
  at byte, word and long word sizes.
2016-08-30 16:50:48 +01:00
Paul Bakker 4400ecc9fb Fix output of PKCS#5 and RIPEMD-160 self tests 2016-08-25 16:36:35 +01:00
Paul Bakker 217efbcb4b Allow compilation without MBEDTLS_SELF_TEST enabled 2016-08-25 15:42:28 +01:00