Steven Cooreman
ef8575e1bf
Apply review feedback
...
* Reworked the cipher context once again to be more robustly defined
* Removed redundant memset
* Unified behaviour on failure between driver and software in cipher_finish
* Cipher test driver setup function now also returns early when its status
is overridden, like the other test driver functions
* Removed redundant test cases
* Added bad-order checking to verify the driver doesn't get called where
the spec says it won't.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 17:00:47 +02:00
Steven Cooreman
89e54f2edc
Add mock and negative testing to cipher driver
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 17:00:47 +02:00
Steven Cooreman
a07b9970c6
Update semantics around driver context use in psa_cipher_setup
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 17:00:39 +02:00
Steven Cooreman
eca33c60f8
Add testing of fallback to cipher operations
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:33 +02:00
Steven Cooreman
fe0ab55c61
Implement one-shot cipher in test driver
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:33 +02:00
Steven Cooreman
e55f3e8de4
Make sure to not call mbedtls_cipher_free on an uninitialised context
...
As pointed out by Gilles
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:33 +02:00
Steven Cooreman
b5e52f2e31
Remove superfluous call in PSA cipher setup
...
As pointed out by Ronald. The key slot is populated using
get_key_from_slot, and after calling the driver the slot is
validated to not contain an external key, so calling
get_transparent_key is superfluous.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:33 +02:00
Steven Cooreman
16afd3d9b4
Unify cipher setup function inside test driver
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:33 +02:00
Steven Cooreman
7df0292f5a
Check & set operation flags for both driver and software in the core
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:35:30 +02:00
Steven Cooreman
cfeea8fa1e
Unify driver context struct handling
...
Added zeroization of the wrapper context on failure/abort, and reliance on
the crypto core to not call an uninitialised wrapper.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:32:50 +02:00
Steven Cooreman
150c99b884
Simplify cipher setup wrapper body
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:32:50 +02:00
Steven Cooreman
fb81aa5889
Only pass the driver-relevant portion of the context struct
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
5240e8b519
Style and language fixes from review
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
acb5a100a7
Structify cipher test driver hook variables
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
435beeaef3
Add new files to IDE project
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
a32193fae8
Add changelog entry
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
d53c1bf6f2
Exercise the AES-CTR multipart driver and check it gets called
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
8b12225717
Add a working implementation of a multipart AES-CTR test driver
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:58 +02:00
Steven Cooreman
3ec4018e2b
Update license texts
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:57 +02:00
Steven Cooreman
d3feccd3a5
Restructure cipher context object to contain driver switch
...
Once an operation has been 'accepted' by a driver, the remainder is bound
to the same driver, since driver-specific context structs cannot be shared.
This provides a pretty good gate mechanism for the fallback logic, too.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:31:52 +02:00
Steven Cooreman
37941cb5e1
Add initial pass on a multi-part test driver
...
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-14 16:30:14 +02:00
Gilles Peskine
b1d3f2779b
Merge pull request #3480 from stevew817/feature/aes-ecb
...
Added support for AES-ECB to the PSA Crypto implementation
2020-09-14 14:45:14 +02:00
Gilles Peskine
a0a210fc1b
Merge pull request #3628 from gilles-peskine-arm/psa-conditional-inclusion-c-proposal
...
Pure C configuration of PSA crypto mechanisms
2020-09-12 00:33:08 +02:00
Yonatan Goldschmidt
6e2af094b0
Fix docs to desribe written-into buffer parameter as writable
...
Signed-off-by: Yonatan Goldschmidt <yon.goldschmidt@gmail.com>
2020-09-12 01:24:45 +03:00
Gilles Peskine
2a739c41bd
Merge pull request #3569 from cm6n/fix_mbedtlssslsetbio_description
...
Fix typo in mbedtls_ssl_set_bio description.
2020-09-11 21:17:37 +02:00
Janos Follath
963c9e41e8
Merge pull request #3588 from guidovranken/fix-clang12-Wstring-concatenation
...
Prevent triggering Clang 12 -Wstring-concatenation warning
2020-09-11 15:27:52 +01:00
Gilles Peskine
a75a06bde6
Merge pull request #3630 from mpg/rm-useless-cast-x509
...
x509.c: Remove one unnecessary cast
2020-09-10 22:01:52 +02:00
Gilles Peskine
6bf4f5fb65
Merge pull request #3585 from jdurkop/fix/undefined-reference-3294
...
Fix the build with MBEDTLS_USE_PSA_CRYPTO without ECDSA
2020-09-10 21:59:49 +02:00
Dave Rodgman
e5874e1903
Merge pull request #3525 from HowJMay/typo
...
Fix typo in comment
2020-09-10 12:39:25 +01:00
Hanno Becker
2dfe1327e5
Fix miscalculation of maximum TLS 1.3 HKDF label length
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-10 09:23:12 +01:00
Dave Rodgman
0e9afb8bd1
Minor fixes to changelog
...
Change section from "Bugfix" to "Changes". Minor grammar tidy-up.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2020-09-10 08:26:39 +08:00
HowJMay
ccbd622ed7
Fix typo in comment
...
Fix typo in program/pkey/ecdh_curve25519.c
Signed-off-by: HowJMay <vulxj0j8j8@gmail.com>
2020-09-10 08:25:36 +08:00
Hanno Becker
29ea84e906
Avoid duplicated test case names in TLS 1.3 key schedule unit tests
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 13:52:40 +01:00
John Durkop
d61712233e
Remove check compilation guards from travis build
...
With the increase in depends testing for PSA changes introduced
here the Travis builds are now taking too long. The check for
compilation guards will only be run on Jenkins now. See this comment
for further details.
https://github.com/ARMmbed/mbedtls/pull/3585#discussion_r485189748
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
2020-09-09 05:18:51 -07:00
Hanno Becker
5cfc7245c8
Remove outdated documentation of mbedtls_ssl_tls1_3_derive_secret()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 13:00:29 +01:00
Hanno Becker
0c42fd94bb
Fix Doxygen documentation of mbedtls_ssl_tls1_3_derive_secret()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:58:29 +01:00
Hanno Becker
97a21567df
Move misplaced comment
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:57:16 +01:00
Hanno Becker
0973ff9545
Remove macro definitions between Doxygen block and prototype
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:56:28 +01:00
Hanno Becker
3eb3563c0b
Fix TLS 1.3 key schedule unit test case name
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:47:56 +01:00
Hanno Becker
1413bd8ae9
Simplify identification of TLS 1.3 labels in unit test suite
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:46:09 +01:00
Hanno Becker
8c82bfdf22
Use TLS1_3_CONTEXT_[UN]HASHED in 1.3 key schedule tests
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 11:03:08 +01:00
Hanno Becker
2fe043a6d1
Remove guard for TLS 1.3 specific declarations
...
We only guard the implementations of modules, not their declarations.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:58:53 +01:00
Hanno Becker
59b50a1997
Don't use _xxx naming for local variables in ssl_tls13_keys.c
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:58:52 +01:00
Hanno Becker
9b9be00606
Remove DTLS 1.3 specific label
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:58:52 +01:00
Hanno Becker
81e91d46ad
Add further unit tests for TLS 1.3 key schedule
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:58:49 +01:00
Hanno Becker
00cfc1ce52
Add "e exp master" TLS 1.3 key schedule label
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:41:23 +01:00
Hanno Becker
70d7fb0c2d
Don't hardcode TLS 1.3 labels in test cases
...
ssl_tls1_3_keys.c exports a structure containing all labels used
in the TLS 1.3 key schedule, but the TLS 1.3 key scheduling unit
tests so far replicated those labels in the test file. In particular,
wrong label values in ssl_tls1_3_keys.c wouldn't have been caught
by the unit tests.
This commit modifies the TLS 1.3 key schedule unit tests to use
the TLS 1.3 labels as exported by ssl_tls1_3_keys.c. This not only
makes sure that those labels are correct, but also avoids hardcoding
their hex-encoding in the test file.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:17:37 +01:00
Hanno Becker
90551c7a26
Use uniform naming scheme for TLS 1.3 label structure
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 09:25:23 +01:00
Hanno Becker
9a7a2ac2de
Fix typo in ssl_internal.h
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 09:24:54 +01:00
Manuel Pégourié-Gonnard
628ed4e54f
Merge pull request #3592 from d-otte/development
...
adjusting size of sliding window array to correct size.
2020-09-09 10:00:26 +02:00