Jaeden Amero
b1e4fc60ac
Merge remote-tracking branch 'upstream-public/pr/1617' into evaluation-2
2018-05-11 11:07:30 +01:00
Jaeden Amero
7d8f00e1b5
Merge remote-tracking branch 'upstream-public/pr/1602' into evaluation-2
2018-05-11 10:56:21 +01:00
Jaeden Amero
b7f36548df
Merge remote-tracking branch 'upstream-public/pr/1593' into evaluation-2
2018-05-11 10:24:43 +01:00
Thomas Fossati
eb01024a06
Add an HKDF (RFC 5869) implementation
2018-05-10 13:18:13 +01:00
Manuel Pégourié-Gonnard
f66a4bd11d
cipher: add stream test vectors for chacha20(poly1305)
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
619b3092c2
chachapoly: add test for state flow
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
7a2c7f1475
poly1305: add test with multiple small fragments
...
This exercises the code path where data is just appended to the waiting queue
while it isn't empty.
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
6dbfb69c12
chachapoly: add test for parameter validation
...
Also fix two bugs found by the new tests.
Also remove redundant test case dependency declarations while at it.
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
550c20fcf9
poly1305: add test for parameter validation
...
Also fix two validation bugs found while adding the tests.
Also handle test dependencies the right way while at it.
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
114f28b3d9
chacha20: add test for parameter validation
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
e9ea6d6e11
Fix selftest verbosity in test suites
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
996477d84b
cipher: add chachapoly test vector + unauth case
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
97e34bf2f2
poly1305: fix bug in starts() and add test for it
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
b60045aacb
chacha20: fix bug in starts() and add test for it
...
Previously the streaming API would fail when encrypting multiple messages with
the same key.
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
2faaa10e68
chachapoly: add test with unauthentic data
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
f11d8e5f4d
Reduce size of buffers in test suites
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
9b7a93cf1f
poly1305: adjust parameter order
...
This module used (len, pointer) while (pointer, len) is more common in the
rest of the library, in particular it's what's used in the CMAC API that is
very comparable to Poly1305, so switch to (pointer, len) for consistency.
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
52a56d3b86
chachapoly: split crypt_and_mac() to match GCM API
...
In addition to making the APIs of the various AEAD modules more consistent
with each other, it's useful to have an auth_decrypt() function so that we can
safely check the tag ourselves, as the user might otherwise do it in an
insecure way (or even forget to do it altogether).
2018-05-10 13:23:02 +02:00
Manuel Pégourié-Gonnard
d4bd8569d4
Rename aead_chacha20_poly1305 to chachapoly
...
While the old name is explicit and aligned with the RFC, it's also very long,
so with the mbedtls_ prefix prepended we get a 31-char prefix to each
identifier, which quickly conflicts with our 80-column policy.
The new name is shorter, it's what a lot of people use when speaking about
that construction anyway, and hopefully should not introduce confusion at
it seems unlikely that variants other than 20/1305 be standardised in the
foreseeable future.
2018-05-10 13:23:02 +02:00
Daniel King
5b7f1d8035
Fix test suite when GCM Is disabled, but AEAD_ChaCha20_Poly1305 is enabled.
2018-05-10 13:21:40 +02:00
Daniel King
89c7b10c6a
Add ChaCha20 test vectors from RFC 7539
2018-05-10 13:21:40 +02:00
Daniel King
b437a98faf
Add ChaCha20+Poly1305 to the Cipher module
2018-05-10 13:21:40 +02:00
Daniel King
31ac12e004
Implement AEAD-ChaCha20-Poly1305.
...
This implementation is based off the description in RFC 7539.
The ChaCha20 code is also updated to provide a means of generating
keystream blocks with arbitrary counter values. This is used to
generated the one-time Poly1305 key in the AEAD construction.
2018-05-10 13:20:52 +02:00
Daniel King
5d77eaa233
Add Poly1305 authenticator algorithm (RFC 7539)
...
Test vectors are included from RFC 7539.
Poly1305 is also added to the benchmark program.
2018-05-10 13:20:52 +02:00
Daniel King
0fe7b5b8c5
Add ChaCha20 to the Cipher module
2018-05-10 13:19:31 +02:00
Daniel King
a98ff5eadf
Initial implementation of ChaCha20
2018-05-10 13:19:31 +02:00
Jaeden Amero
e4daf77c2e
cipher: Add wrappers for AES-XTS
...
AES-XTS does not support multipart use as it can only operate on an entire
sector at a time.
2018-05-10 09:17:25 +01:00
Jaeden Amero
184d06942e
tests: Add AES-XTS test suite
...
Add a test suite for AES-XTS, comprising checks for error reporting and
running the IEEE P1619/D16 test vectors.
2018-05-09 17:41:48 +01:00
Jaeden Amero
49411ccd0d
tests: Fix name of 33 byte AES cipher tests
...
We named the tests "32 bytes", but actually tested with 33 bytes. Fix the
mistake.
2018-05-09 17:03:12 +01:00
Jaeden Amero
a331e0f0af
Merge remote-tracking branch 'upstream-restricted/pr/421' into development-proposed
2018-05-04 14:39:24 +01:00
Jaeden Amero
09c4e7ef5a
Merge remote-tracking branch 'upstream-public/pr/1486' into development-proposed
2018-05-04 11:03:16 +01:00
Jaeden Amero
7d7bad6b1f
Update version to 2.9.0
...
Bump SOVERSION for parity with 2.7.2 and 2.7.3.
2018-04-30 09:58:33 +01:00
Simon Butcher
df67d3a575
Remove unused variable in AES OFB test suite
...
Remove iv_len, an unused variable, in AES OFB test suite function, to fix gcc
compiler warning.
2018-04-29 14:51:35 +01:00
Simon Butcher
7ac93f430c
Fix AES-OFB support for errors, tests and self-test
...
Adds error handling into mbedtls_aes_crypt_ofb for AES errors, a self-test
for the OFB mode using NIST SP 800-38A test vectors and adds a check to
potential return errors in setting the AES encryption key in the OFB test
suite.
2018-04-29 11:40:01 +01:00
Simon Butcher
91e254cdaa
Add cipher abstraction and test cases for OFB block mode
...
Adds OFB as additional block mode in the cipher abstraction, and additional
test cases for that block mode.
2018-04-29 11:40:01 +01:00
Simon Butcher
a11c940b63
Add test cases for AES OFB block mode
...
Adds test cases from NIST SP800-38A for OFB block mode to AES-128/192/256, for
the configuration of MBEDTLS_CIPHER_MODE_OFB.
2018-04-29 11:36:38 +01:00
Jaeden Amero
38c42d5afa
Merge remote-tracking branch 'upstream-public/pr/1570' into development-proposed
...
Resolve merge conflict in ChangeLog.
2018-04-25 14:20:08 +01:00
Andres Amaya Garcia
708c5cb6ab
mbedtls_zeroize -> mbedtls_platform_zeroize in docs
2018-04-24 08:33:31 -05:00
Andrzej Kurek
f13ca9536c
Test suites: print error on failed platform_setup
...
Return encountered errors instead of covering them
Fix return value on the broken snprintf implementation
2018-04-18 04:14:31 -04:00
Andres Amaya Garcia
eecea0e281
Update zeroize test to use mbedtls_platform_zeroize()
2018-04-17 10:14:53 -05:00
Andres Amaya Garcia
757cd72edf
Update license headers year and branding
2018-04-17 09:21:49 -05:00
Andres Amaya Garcia
42defd10a6
Improve docs for zeroize.c and test_zeroize.gdb
2018-04-17 09:21:49 -05:00
Andres Amaya Garcia
806f403a02
Improve detection of program exit code in gdb script
2018-04-17 09:19:05 -05:00
Andres Amaya Garcia
7111a0d13b
Change test_zeroize.gdb script breakpoint due to zeroize.c change
2018-04-17 09:19:05 -05:00
Andres Amaya Garcia
2967381ccd
Extend zeroize tests to multiple optimizations
...
Extend the all.sh test to cover multiple compiler optimization levels.
At the momment, the test is run using gcc and clang.
2018-04-17 09:19:05 -05:00
Andres Amaya Garcia
24768bfa37
Improve test_zeroize.gdb breakpoint
...
Improve the position of the breakpoint to be set at a line of code that
is less likely to be optimised out by the compiler. Setting the breakpoint
at a place that can be easily optimised out by the compiler will cause the
gdb script to fail as it cannot match the source code line to the
compiled code. For this reason the breakpoint is now set at the fclose()
call which is very unlikely to be optimised out or there might be a
resource leak.
2018-04-17 09:19:05 -05:00
Andres Amaya Garcia
d0d7bf614e
Add gdb zeroize test when compiling with clang
2018-04-17 09:17:38 -05:00
Andres Amaya Garcia
f2d17929c0
Document test_zeroize.gdb script
2018-04-17 09:17:38 -05:00
Andres Amaya Garcia
ddebc49f28
Add gdb script to test mbedtls_zeroize()
...
The gdb script loads the programs/test/zeroize program and feeds it as
imput its own source code. Then sets a breakpoint just before the last
program's return code and checks that every element in memory was
zeroized. Otherwise it signals a failure and terminates.
The test was added to all.sh.
2018-04-17 09:17:38 -05:00
Andrzej Kurek
a282270a10
Add explicit checks for non-zero result of platform setup in test suites
2018-04-16 06:33:28 -04:00