Commit graph

16232 commits

Author SHA1 Message Date
Gilles Peskine c668de6f7f
Merge pull request #5200 from AndrzejKurek/fix-getting-started-2_x
Backport 2.x: Fix duplicate variable name in getting_started.md
2021-11-24 20:51:03 +01:00
Gilles Peskine 3107b337e1
Merge pull request #5154 from gabor-mezei-arm/3649_bp2x_move_constant_time_functions_into_separate_module
[Backport 2.x] Move constant-time functions into a separate module
2021-11-24 19:33:03 +01:00
Gilles Peskine 989a4e9388
Merge pull request #5132 from openluopworld/origin/development_2.x
Backport 2.x: Fix GCM calculation with very long IV
2021-11-22 22:22:47 +01:00
Gilles Peskine b80aa7c609
Merge pull request #5214 from tom-cosgrove-arm/pr5105_2.x
Backport 2.x: doc improvements in aes and sha256 includes
2021-11-22 22:21:56 +01:00
Tom Cosgrove 8100bf5d67 further improvements to sha256 docs
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2021-11-22 15:35:58 +00:00
Tom Cosgrove bcd2f67624 doc improvements in aes and sha256 includes
- Add return value description to the docs of mbedtls_sha256
- Remove description of non-existing "mode" parameter from the docs of mbedtls_aes_crypt_ctr

Backport of #5105

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2021-11-22 15:02:29 +00:00
Andrzej Kurek f236bbb735 Fix duplicate variable name in getting_started.md
Rename the key id variables to not clash with the raw key data.
This was introduced in cf56a0a3.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2021-11-19 13:50:35 +01:00
Manuel Pégourié-Gonnard 1d7f7a7c6e
Merge pull request #5194 from bensze01/invalid_nonce_error_2.x
Backport 2.x: PSA: Indicate in the error returned when we know that an AEAD nonce length is invalid, not just unsupported
2021-11-18 09:41:15 +01:00
Gilles Peskine 90321622e6
Merge pull request #5196 from bensze01/test_psa_compliance_2.x
Backport 2.x: Remove superfluous expected failure from test_psa_compliance
2021-11-17 17:14:22 +01:00
Bence Szépkúti 2be65d5134 Remove expected failure from test_psa_compliance
Issue #5143 was fixed in PR #5192.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-11-17 14:47:56 +01:00
Manuel Pégourié-Gonnard 394c65e0f0
Merge pull request #5169 from bensze01/test_psa_compliance_2.x
Backport 2.x: Run the PSA Compliance test suite in all.sh
2021-11-17 14:10:05 +01:00
Bence Szépkúti 358e0ea464 Indicate nonce sizes invalid for ChaCha20-Poly1305
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-11-17 14:03:08 +01:00
Manuel Pégourié-Gonnard 1a3201a7b9
Merge pull request #5192 from daverodgman/development_2.x
Backport 2.x: PSA error code fix
2021-11-17 13:09:43 +01:00
paul-elliott-arm 0372792415
Merge pull request #5165 from mprse/aps_mem_leak_2x
(Backport 2x) ssl_client2, ssl_server2: add check for psa memory leaks
2021-11-17 11:54:39 +00:00
Dave Rodgman dc4e4b72c0 Fix derive_input test ignoring parameter
Fix derive_input test hardcoding key type instead of using test argument.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-11-17 10:02:52 +00:00
Dave Rodgman bc92abed8c Update test to handle changed error code
Update test to handle changed error code from psa_key_derivation_output_key

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-11-17 10:02:51 +00:00
Dave Rodgman 021e724936 Improve PSA error return code
psa_key_derivation_output_key: prioritize BAD_STATE over NOT_PERMITTED

If psa_key_derivation_output_key() is called on an operation which hasn't been
set up or which has been aborted, return PSA_ERROR_BAD_STATE. Only return
PSA_ERROR_NOT_PERMITTED if the operation state is ok for
psa_key_derivation_input_bytes() or psa_key_derivation_output_bytes() but not
ok to output a key.

Ideally psa_key_derivation_output_key() would return PSA_ERROR_NOT_PERMITTED
only when psa_key_derivation_output_bytes() is possible, but this is clumsier
to implement.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-11-17 10:02:48 +00:00
Gabor Mezei 2dcccbfc19
Fix function name in debug message
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-16 13:34:05 +01:00
Przemyslaw Stekiel a226ac9738 ssl_client2/ssl_server2: Rework ordering of cleanup
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-11-14 20:03:24 +01:00
Przemyslaw Stekiel e9dea7c3b0 ssl_client2: move memory leak check before rng_free()
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-11-14 20:03:24 +01:00
Przemyslaw Stekiel b66bc0ad4a Move psa_crypto_slot_management.h out from psa_crypto_helpers.h
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-11-14 20:03:23 +01:00
Przemyslaw Stekiel d6e0a5824a ssl_client2/ssl_server2: Move is_psa_leaking() before mbedtls_psa_crypto_free() (and rng_free())
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-11-14 20:03:23 +01:00
Przemyslaw Stekiel 7c7fb877c6 ssl_client2, ssl_server2: add check for psa memory leaks
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2021-11-14 20:03:23 +01:00
Bence Szépkúti c1e79fd2e3 Enable CMAC for PSA crypto compliance tests
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-11-11 20:47:32 +01:00
Bence Szépkúti 24ec529f82 Multipart AEAD is not supported in Mbed TLS 2.x
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-11-11 20:47:29 +01:00
Bence Szépkúti e30fcb6ed5 Remove superfluous expected failures from list
Issue #5144 doesn't affect development_2.x

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-11-11 16:24:19 +01:00
Gabor Mezei b9e1f2a3cf
Update generated files
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 15:42:41 +01:00
Gabor Mezei 84d739846c
Update changelog with the new public API
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:33:19 +01:00
Gabor Mezei dbe0f892b3
Fix documentation and comments
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:33:19 +01:00
Gabor Mezei c0ae1cf45a
Rename internal header constant_time.h to constant_time_internal.h
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:33:19 +01:00
Gabor Mezei 18a44949d0
Rename constant-time functions to have mbedtls_ct prefix
Rename functions to better suite with the module name.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:32:01 +01:00
Gabor Mezei f127a0e2b1
Remove unneeded include
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:54 +01:00
Gabor Mezei da20651b73
Fix documentation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:54 +01:00
Gabor Mezei 61bf64fbd0
Bind functions' availability for config options
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:54 +01:00
Gabor Mezei e24dea8225
Move mbedtls_cf_memcmp to a new public header
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:54 +01:00
Gabor Mezei 6e0e990544
Add macro guard for header file
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:53 +01:00
Gabor Mezei 2b35880d41
Bind functions' availability for config options
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:53 +01:00
Gabor Mezei 4e2de62fef
Remove unused function
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:53 +01:00
Gabor Mezei fd8a42d914
Make functions static
These functions are only used as an auxiliary function for constant-time functions.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:53 +01:00
Gabor Mezei 4b4e4d8880
Update documentation and comments
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:53 +01:00
Gabor Mezei 91deea7765
Rename and reorder function parameters
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:53 +01:00
Gabor Mezei 150bdee126
Use condition for not sensitive data
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:53 +01:00
Gabor Mezei 3c38b6e9e1
Move implementation specific comment
This comment is about how the functions are implemented, not about their
public interface, so it doesn't belong in the header file.
It applies to everything in constant_time.c so moved there.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:52 +01:00
Gabor Mezei 2c5ed2244b
Make mbedtls_cf_size_mask_lt function static
The mbedtls_cf_size_mask_lt is solely used as an auxiliary function
for mbedtls_cf_size_mask_ge.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:52 +01:00
gabor-mezei-arm d5a392aa2c
Fix missing includes
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:52 +01:00
gabor-mezei-arm 10117d673e
Add changelog entry
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:52 +01:00
gabor-mezei-arm 7e6a1eaf8f
Add documentation for the functions
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:52 +01:00
gabor-mezei-arm 1ffd0ccf02
Unify equality checker functions return value
The equality checker functions always return 0 or 1 value,
thus the type of return value can be the same dispite of the
size of the parameters.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:52 +01:00
gabor-mezei-arm 60febd5d8a
Propagate usage of mask generation functions
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:52 +01:00
gabor-mezei-arm 2f2c0bead3
Unify mask generation functions
Generate all-bits 0 or all bits 1 mask from a value instead of from a bit.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-11 11:04:51 +01:00