Commit graph

5099 commits

Author SHA1 Message Date
Brian Murray afdb60f84f Only compile AES CMAC PRF support if MBEDTLS_AES_C is defined and other cleanups 2016-10-13 13:51:09 +01:00
Brian Murray d666eb5c11 More cleanup of CMAC selftests 2016-10-13 13:51:09 +01:00
Brian Murray 3c0412a443 Fixed CMAC tag length 2016-10-13 13:51:09 +01:00
Brian Murray 029d79bf25 Updated comments for CMAC in config.h 2016-10-13 13:51:09 +01:00
Brian Murray 7c6476c330 CMAC support for cipher with 64bit blocks (DES/3DES) 2016-10-13 13:51:09 +01:00
Brian Murray 5a8c004f79 Added cmac.o to libary/Makefile 2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard 2b0e21f130 cmac: more cosmetic changes 2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard a878d3b6e3 cmac: avoid useless wrapping of function
probably a leftover from an earlier stage
2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard 5f8639fea2 cmac: reduce visibility of macros
The #undef is usefull for people who want to to amalgamated releases
2016-10-13 13:51:09 +01:00
Manuel Pégourié-Gonnard 59ae4bad18 cmac: some more padding-related tune-ups
- use one less temporary buffer
- pedantic: in_len + 15 was a potential overflow
- use a more explicit name instead of 'flag'
- Mn was a bit misleading
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard da8724fbc6 cmac: clean up padding function and comments 2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard 89b8d83723 cmac: make subkey gen more constant-time
The previous version had secret-dependent memory accesses. While it was
probably not an issue in practice cause the two bytes of the array are
probably on the same cache line anyway, as a matter of principle this should
be avoided.
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard 28ea791521 cmac: zeroize sensitive intermediate values 2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard 756bcf7631 cmac: factor multiply by u to its own function
We're doing exactly the same operation for K1 and K2.
2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard a4dfa0550f cmac: fix whitespace/codingstyle issues 2016-10-13 13:51:08 +01:00
Manuel Pégourié-Gonnard 9c83eebe67 cmac: improve argument order and naming
- always use the pattern "buffer, length"
- avoid using unqualified "length" as a name when there are more than one
2016-10-13 13:51:08 +01:00
Robert Cragie 9bf1e5dd3b Line endings wrong 2016-10-13 13:51:08 +01:00
Robert Cragie 468320d6f5 Bad code in function documentation 2016-10-13 13:51:08 +01:00
Robert Cragie 9518e88fa0 Use autogenerated version_features.c 2016-10-13 13:51:07 +01:00
Robert Cragie 2fa11cd197 Added CMAC as proper low-level module and changed error returns 2016-10-13 13:51:07 +01:00
Robert Cragie c45554448c Added MBEDTLS_CMAC_C 2016-10-13 13:51:07 +01:00
Robert Cragie 45feb6ef20 Add support for AES-128-CMAC and AES-CMAC-PRF-128 2016-10-13 13:51:07 +01:00
Janos Follath 0be2b01a6b Add safety check to sample mutex implementation
Due to inconsistent freeing strategy in pkparse.c the sample mutex
implementation in threading.c could lead to undefined behaviour by
destroying the same mutex several times.

This fix prevents mutexes from being destroyed several times in the
sample threading implementation.
2016-10-13 13:51:07 +01:00
Andres AG 42547d0cf7 Set selftest verbose flag to boost coverage 2016-10-13 13:48:48 +01:00
Andres AG 84c46db746 Fix scripts to support multiple openssl and gnutls 2016-10-13 13:48:48 +01:00
Andres AG 94d73b0b0a Add config macro for min bytes hw entropy 2016-10-13 13:48:48 +01:00
Andres AG ba66e8958d Add new config.h that does not need entropy source 2016-10-13 13:48:48 +01:00
Andres AG 3616f6f261 Rename net.{c,h} to net_sockets.{c,h}
The library/net.c and its corresponding include/mbedtls/net.h file are
renamed to library/net_sockets.c and include/mbedtls/net_sockets.h
respectively. This is to avoid naming collisions in projects which also
have files with the common name 'net'.
2016-10-13 13:48:48 +01:00
Simon Butcher 77d779e8bb Update for ChangeLog for fixes for cert_app 2016-10-13 13:48:48 +01:00
Paul Bakker 2d6599284f Do not add empty cert / key in cert_app 2016-10-13 13:46:04 +01:00
Paul Bakker e9bdaa251f Actually apply debug_level settings in cert_app 2016-10-13 13:46:04 +01:00
Simon Butcher 1c8b33ad19 Merge branch 'development' 2016-10-13 13:40:41 +01:00
Simon Butcher bb42068a91 Merge branch 'development-restricted'
Conflicts:
	ChangeLog
2016-10-13 13:33:29 +01:00
Janos Follath e709f7c9e0 Fix global variable shadowing 2016-10-13 13:20:12 +01:00
Simon Butcher e019296ab7 Fix stdio redirection memory leak in test suites 2016-10-13 10:03:08 +01:00
Simon Butcher edf2a3fba7 Fix stdio redirection memory leak in test suites 2016-10-13 09:59:46 +01:00
Simon Butcher 4d69ecd9cb Added credit to Changelog for fix #558 2016-10-13 00:32:28 +01:00
Janos Follath ef44178474 Restore P>Q in RSA key generation (#558)
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.

This commit restores this behaviour.
2016-10-13 00:25:07 +01:00
Simon Butcher f6e3b9e8b2 Clarified Changelog for fix #602 2016-10-12 19:52:38 +01:00
Andres AG 821da84ff9 Fix documentation for mbedtls_gcm_finish()
Fix implementation and documentation missmatch for the function
arguments to mbedtls_gcm_finish(). Also, removed redundant if condition
that always evaluates to true.
2016-10-12 19:49:41 +01:00
Simon Butcher 3a5e070982 Updated Changelog for fix #599 2016-10-12 16:46:48 +01:00
Andres AG 776a6fcd1a Fix 1 byte overread in mbedtls_asn1_get_int() 2016-10-12 16:43:37 +01:00
Andres AG d5766f62e4 Fix typo in docs for mbedtls_x509write_csr_der() 2016-10-12 15:32:54 +01:00
Janos Follath 99d09d2747 Fix memory leaks in CMAC tests 2016-10-12 15:32:54 +01:00
Andres AG c4424c0a69 Fix memory leak in test_suite_cmac.function 2016-10-12 15:32:53 +01:00
Andres AG cd153278eb Fix typo in docs for mbedtls_x509write_csr_der() 2016-10-12 14:39:39 +01:00
Janos Follath d444358247 Fix memory leaks in CMAC tests 2016-10-12 14:31:01 +01:00
Andres AG 8abc6b86f9 Fix memory leak in test_suite_cmac.function 2016-10-12 00:40:16 +01:00
Janos Follath b48c8ac45d Add safety check to sample mutex implementation
Due to inconsistent freeing strategy in pkparse.c the sample mutex
implementation in threading.c could lead to undefined behaviour by
destroying the same mutex several times.

This fix prevents mutexes from being destroyed several times in the
sample threading implementation.
2016-10-12 00:36:31 +01:00
Andres AG c47857dbf4 Add seed cmdline arg to test scripts 2016-10-12 00:36:31 +01:00