mbedtls/library
Hanno Becker 17263803aa Simplify AEAD nonce derivation
This commit simplifies nonce derivation for AEAD based record protection
routines in the following way.

So far, code distinguished between the cases of GCM+CCM and ChachaPoly:

- In the case of GCM+CCM, the AEAD nonce is the concatentation
  of a 4-byte Fixed IV and a dynamically chosen 8-byte IV which is prepended
  to the record. In Mbed TLS, this is always chosen to be the record sequence
  number, but it need not to.

- In the case of ChaChaPoly, the AEAD nonce is derived as

    `( 12-byte Fixed IV ) XOR ( 0 || 8-byte dynamic IV == record seq nr )`

  and the dynamically chosen IV is no longer prepended to the record.

This commit removes this distinction by always computing the record nonce
via the formula

  `IV == ( Fixed IV || 0 ) XOR ( 0 || Dynamic IV )`

The ChaChaPoly case is recovered in case `Len(Fixed IV) == Len(IV)`, and
GCM+CCM is recovered when `Len(IV) == Len(Fixed IV) + Len(Dynamic IV)`.

Moreover, a getter stub `ssl_transform_aead_dynamic_iv_is_explicit()`
is introduced which infers from a transform whether the dynamically
chosen part of the IV is explicit, which in the current implementation
of `mbedtls_ssl_transform` can be derived from the helper field
`mbedtls_ssl_transform::fixed_ivlen`.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-05-28 10:32:23 +01:00
..
.gitignore
aes.c Fix GCC format-signedness warnings 2020-04-22 16:01:48 +02:00
aesni.c Remove crypto C files 2019-08-15 15:44:50 +01:00
arc4.c Remove crypto C files 2019-08-15 15:44:50 +01:00
aria.c Remove crypto C files 2019-08-15 15:44:50 +01:00
asn1parse.c Replace use of uint8_t by unsigned char in ASN.1 seq traversal API 2020-02-03 10:39:55 +00:00
asn1write.c Merge pull request #323 from yanesca/iotcrypt-942-initialise-return-values 2019-12-19 10:24:22 +00:00
base64.c Remove crypto C files 2019-08-15 15:44:50 +01:00
bignum.c Fix GCC format-signedness warnings 2020-04-22 16:01:48 +02:00
blowfish.c Remove crypto C files 2019-08-15 15:44:50 +01:00
camellia.c Remove crypto C files 2019-08-15 15:44:50 +01:00
ccm.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
certs.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
chacha20.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
chachapoly.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
cipher.c Remove redundant block_size validity check 2020-01-21 15:02:14 +01:00
cipher_wrap.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
cmac.c Fix GCC format-signedness warnings 2020-04-22 16:01:48 +02:00
CMakeLists.txt Merge pull request #3147 from gocarlos/gocarlos-patch-1 2020-04-29 17:14:48 +01:00
ctr_drbg.c Merge branch 'development' into development-restricted 2020-01-15 15:55:11 +00:00
debug.c Fix GCC format-signedness warnings 2020-04-22 16:01:48 +02:00
des.c des: Reduce number of self-test iterations 2019-09-04 10:11:45 +01:00
dhm.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
ecdh.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
ecdsa.c Fix incrementing pointer instead of value 2020-01-24 12:11:56 +01:00
ecjpake.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
ecp.c Merge pull request #3209 from aurel32/fix-ecp_double_add_mxz 2020-04-24 09:28:17 +02:00
ecp_curves.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
entropy.c Merge pull request #323 from yanesca/iotcrypt-942-initialise-return-values 2019-12-19 10:24:22 +00:00
entropy_poll.c Add support for midipix, a POSIX layer for Microsoft Windows 2020-05-20 18:14:45 +00:00
error.c Merge pull request #3219 from aggarg/err_optimization 2020-05-04 09:37:13 +02:00
gcm.c Merge branch 'development' into development-restricted 2020-01-15 15:55:11 +00:00
havege.c Remove crypto C files 2019-08-15 15:44:50 +01:00
hkdf.c hkdf_expand: explicitly initialize t 2020-04-02 19:54:51 +02:00
hmac_drbg.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
Makefile Sort lists in Makefiles and have one item per line 2020-04-17 11:57:50 +02:00
md.c Fix "same actions in two cases of a switch statement" warning 2020-04-20 13:56:09 +03:00
md2.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
md4.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
md5.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
memory_buffer_alloc.c Remove crypto C files 2019-08-15 15:44:50 +01:00
net_sockets.c Add support for midipix, a POSIX layer for Microsoft Windows 2020-05-20 18:14:45 +00:00
nist_kw.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
oid.c Fix GCC format-signedness warnings 2020-04-22 16:01:48 +02:00
padlock.c Remove crypto C files 2019-08-15 15:44:50 +01:00
pem.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
pk.c pk: USE_PSA_CRYPTO: don't translate via the TLS ID 2020-01-31 10:15:32 +01:00
pk_wrap.c Remove mbedtls_psa_translate_ecc_group 2020-01-31 10:15:32 +01:00
pkcs5.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
pkcs11.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
pkcs12.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
pkparse.c Fix pkparse bug wrt MBEDTLS_RSA_ALT 2020-02-18 10:31:29 +01:00
pkwrite.c Change key types to a 16-bit encoding 2020-01-31 10:24:21 +01:00
platform.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
platform_util.c Check for zero length and NULL buffer pointer. 2019-09-04 11:31:35 +01:00
poly1305.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
psa_crypto.c psa: Define mbedtls_ecc_group_to_psa() inline 2020-05-05 12:41:48 +01:00
psa_crypto_core.h Rename internal macro to pass check-names.sh 2019-08-08 10:58:09 +02:00
psa_crypto_invasive.h Add a facility to configure entropy sources 2018-11-23 22:58:38 +01:00
psa_crypto_its.h Add psa_trusted_storage_linux persistent storage support for v1.0.0 APIs 2019-07-23 17:30:37 +01:00
psa_crypto_se.c Update SE support to pass a location when registering a driver 2020-05-11 11:15:26 +02:00
psa_crypto_se.h Update SE support to pass a location when registering a driver 2020-05-11 11:15:26 +02:00
psa_crypto_service_integration.h Add common header for crypto service integration 2019-02-19 15:09:14 +02:00
psa_crypto_slot_management.c Make psa_close_key(0) and psa_destroy_key(0) succeed 2019-10-08 15:57:27 +02:00
psa_crypto_slot_management.h Rename psa_internal_allocate_key_slot to psa_get_empty_key_slot 2019-08-08 10:58:09 +02:00
psa_crypto_storage.c Change key types to a 16-bit encoding 2020-01-31 10:24:21 +01:00
psa_crypto_storage.h Switch storage functions over to psa_core_key_attributes_t 2019-07-31 14:15:27 +02:00
psa_its_file.c Add an input check in psa_its_set 2019-09-05 09:34:34 -04:00
ripemd160.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
rsa.c Final review comments 2020-01-28 14:43:52 -05:00
rsa_internal.c Remove crypto C files 2019-08-15 15:44:50 +01:00
sha1.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
sha256.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
sha512.c Fix some whitespace issues 2020-01-29 09:46:49 +01:00
ssl_cache.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
ssl_ciphersuites.c Rename identifiers containing double-underscore 2020-03-23 17:55:32 +01:00
ssl_cli.c Merge branch 'development-restricted' into prepare-rc-2.22.0-updated 2020-04-09 12:17:11 +02:00
ssl_cookie.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
ssl_msg.c Simplify AEAD nonce derivation 2020-05-28 10:32:23 +01:00
ssl_srv.c Merge pull request #3150 from irwir/fix_ssl_srv 2020-04-22 09:31:00 +02:00
ssl_ticket.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
ssl_tls.c Merge pull request #3312 from sander-visser/cleanup-nullptr-deref 2020-05-11 21:59:07 +02:00
threading.c Remove crypto C files 2019-08-15 15:44:50 +01:00
timing.c Add support for midipix, a POSIX layer for Microsoft Windows 2020-05-20 18:14:45 +00:00
version.c
version_features.c Refresh generated files 2020-03-23 21:54:07 +01:00
x509.c fix mbedtls_x509_dn_gets to escape non-ASCII characters 2020-05-21 01:56:55 +09:00
x509_create.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
x509_crl.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
x509_crt.c Merge remote-tracking branch 'upstream/development' into fix_x509_crt.c 2020-04-27 18:01:08 +03:00
x509_csr.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
x509write_crt.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
x509write_csr.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
xtea.c Remove crypto C files 2019-08-15 15:44:50 +01:00