mohammad1603
f14394b25f
add policy checks
2018-09-05 12:41:52 +03:00
mohammad1603
96910d807e
fix block size depending on algorithm
2018-09-05 12:41:51 +03:00
mohammad1603
60a64d079a
remove unnecessary argument to the psa_aead_unpadded_locate_tag function
2018-09-05 12:41:51 +03:00
mohammad1603
15223a8b89
write the tag directly on the ciphertext buffer.
2018-09-05 12:41:51 +03:00
mohammad1603
4fc744f8af
change the check of block size for all supported algorithms
2018-09-05 12:41:51 +03:00
mohammad1603
0f21465175
use mbedtls_cipher_info_from_psa to get cipher ID
2018-09-05 12:41:51 +03:00
mohammad1603
f58aa6ade6
use memset instead of mbedtils_zeroize
2018-09-05 12:41:51 +03:00
mohammad1603
554faad260
return NOT_SUPPORTED instead of INVLID_ARGUMENT
2018-09-05 12:41:51 +03:00
mohammad1603
95893f834d
remove usless cast
2018-09-05 12:41:51 +03:00
mohammad1603
f08a550e68
set output length to zero to cover output length in error case
2018-09-05 12:41:51 +03:00
mohammad1603
f4f0d612ba
change mbedtls_cipher_info_from_psa to provide cipher_id also
2018-09-05 12:41:51 +03:00
mohammad1603
9375f8403a
fix code offsets after rebase
2018-09-05 12:41:51 +03:00
Gilles Peskine
ee652a344c
Fix psa_aead_decrypt to read the tag at the end of the ciphertext
2018-09-05 12:41:51 +03:00
Gilles Peskine
a40d77477d
Whitespace fixes
...
Changed indentation to match Mbed TLS style. Wrapped some lines to 80 columns.
2018-09-05 12:41:51 +03:00
mohammad1603
39574652ae
add else for not supported algorithm
2018-09-05 12:38:18 +03:00
mohammad1603
5c8845f563
return invalid argument for unsupported algorithms
2018-09-05 12:38:18 +03:00
mohammad1603
e58e68458e
fix condition over key type
2018-09-05 12:38:18 +03:00
mohammad1603
17638efc46
remove unused variable
2018-09-05 12:38:18 +03:00
mohammad1603
dad36fa855
add Key and Algorithm validation
2018-09-05 12:38:18 +03:00
mohammad1603
a7e6df76ea
Validation fixes for key_type
2018-09-05 12:38:18 +03:00
mohammad1603
4f5eb7cb54
Fill the the output buffer with zero data in case of failure
2018-09-05 12:38:18 +03:00
mohammad1603
6bbd8c75dc
Remove unnecessary cast
...
Remove unnecessary cast
2018-09-05 12:38:18 +03:00
mohammad1603
db6247315f
Parameters validation fixes
...
Fix key_type validation test and no need to ask for place for tag in decryption
2018-09-05 12:38:18 +03:00
mohammad1603
ce5cba9a6a
unify the concatenation of the tag and update output length
2018-09-05 12:38:18 +03:00
mohammad1603
9e5a515aa8
Fix parameter validation
2018-09-05 12:38:18 +03:00
mohammad1603
47ddf3d544
Concatenate the tag to the output buffer
...
Concatenate the tag to the output buffer.
2018-09-05 12:38:18 +03:00
mohammad1603
5955c98779
Initial implementation of the AEAD decrypt/encrypt APIs
...
Initial implementation for the AEAD APIs, missing the following:
* Concatenation of the tag to the output buffer.
* Updated documentation of the new functions.
* argument validations
* tests
2018-09-05 12:38:18 +03:00
itayzafrir
7b30f8b0c9
Added handling for MBEDTLS_ERR_ECP_XXX error codes
...
Added handling for MBEDTLS_ERR_ECP_XXX error codes
2018-09-05 12:10:47 +03:00
itayzafrir
5c7533923a
ECDSA sign and verify implementation and tests
...
ECDSA sign and verify implementation and tests
2018-09-05 12:10:47 +03:00
Gilles Peskine
a0655c3501
Merge remote-tracking branch 'psa/pr/13' into feature-psa
...
Conflicts:
library/psa_crypto.c
tests/suites/test_suite_psa_crypto.data
tests/suites/test_suite_psa_crypto.function
All the conflicts are concurrent additions where the order doesn't
matter. I put the code from feature-psa (key policy) before the code
from PR #13 (key lifetime).
2018-09-05 12:10:43 +03:00
mohammad1603
ea0500936e
Change behavior of psa_get_key_lifetime()
...
psa_get_key_lifetime() behavior changed regarding empty slots, now
it return the lifetime of and empty slots. Documentation in header
file updated accordingly.
2018-09-05 12:01:37 +03:00
mohammad1603
5d7ec2033d
fix key lifetime set implementation , tests accordingly
2018-09-05 12:01:37 +03:00
mohammad1603
ba178511f4
Remove unused and duplicated erros, fix documentation and tests
...
Remove unused and duplicated erros, fix documentation and tests
2018-09-05 12:01:37 +03:00
mohammad1603
060ad8ac34
Compilation and tests fixes
2018-09-05 12:01:37 +03:00
mohammad1603
804cd71bf8
initial key lifetime implementation and tests
2018-09-05 12:01:37 +03:00
Gilles Peskine
c63b6ba754
Merge remote-tracking branch 'psa/pr/14' into feature-psa
...
Conflict resolution:
* `tests/suites/test_suite_psa_crypto.data`: in the new tests from PR #14 ,
rename `PSA_ALG_RSA_PKCS1V15_RAW` to `PSA_ALG_RSA_PKCS1V15_SIGN_RAW` as
was done in PR #15 in the other branch.
2018-09-05 12:01:34 +03:00
Gilles Peskine
47c1bc0458
Correct some return codes
2018-09-05 11:53:26 +03:00
mohammad1603
38a622b68b
Function psa_get_key_policy() now return policy value for empty slots
...
Function psa_get_key_policy() now return policy value for empty slots
2018-09-05 11:53:26 +03:00
mohammad1603
5feda72d7a
Remove usage of PSA_ERROR_INVALID_KEY_POLICY
...
use PSA_ERROR_INVALID_ARGUMENT instead of INVALID_KEY_POLICY error
2018-09-05 11:53:26 +03:00
mohammad1603
6df908f234
Add static internal MAC finish function
...
add new psa_mac_finish_internal() to be called by psa_mac_finish() and
psa_mac_verify() in order to be able to check key usage separatly.
2018-09-05 11:53:26 +03:00
mohammad1603
4eed757901
add new test scenarios
2018-09-05 11:53:26 +03:00
mohammad1603
06e7920be5
integrate policy key usage in export and asymmetric sign functions
2018-09-05 11:53:26 +03:00
Gilles Peskine
a59262338a
Rename PKCS1V15 to PKCS1V15_SIGN
...
There's PKCS1V15_CRYPT as well (to be added soon).
2018-09-05 11:53:26 +03:00
mohammad1603
8cc1ceec3e
Key Policy APIs implementation
2018-09-05 11:53:26 +03:00
Gilles Peskine
dc2fc8443f
Rename xxx_of_psa functions to xxx_from_psa
...
Be consistent with how similar functions are named in Mbed TLS.
2018-09-05 11:53:25 +03:00
Gilles Peskine
3c6e970752
Fix memory leak in psa_destroy_key
2018-09-05 11:53:25 +03:00
Gilles Peskine
6d9121381a
Add some comments to document some non-obvious coding choices
2018-09-05 11:53:25 +03:00
Gilles Peskine
e4ebc12fcd
psa_crypto_init: set the global initialized flag
2018-09-05 11:53:25 +03:00
Gilles Peskine
8c9def3e7f
PSA: Implement MAC functions
...
Implement psa_mac_start, psa_mac_update and psa_mac_final.
Implement HMAC anc CMAC.
Smoke tests.
2018-09-05 11:53:25 +03:00
Gilles Peskine
9ef733faa0
Implement hash functions
...
New header file crypto_struct.h. The main file crypto.sh declares
structures which are implementation-defined. These structures must be
defined in crypto_struct.h, which is included at the end so that the
structures can use types defined in crypto.h.
Implement psa_hash_start, psa_hash_update and psa_hash_final. This
should work for all hash algorithms supported by Mbed TLS, but has
only been smoke-tested for SHA-256, and only in the nominal case.
2018-09-05 11:53:25 +03:00