Paul Elliott
6043e49039
Fix missed documentation header pt 2
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-20 09:43:46 +01:00
Paul Elliott
8eec8d4436
Fix missed documentation header
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 22:39:06 +01:00
Paul Elliott
ec95cc9489
Add safety for NULL tag being passed to finish
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 22:39:06 +01:00
Paul Elliott
8ff74217e4
Add comment explaining finish output size
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
4c916e8d74
Improve comment on buffer clearing
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
69bf5fc901
Const correctness
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
70f447dfe5
Replace individual zeroization with memset
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
f94bd99368
Add missing aead state tests.
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
5221ef638a
Add aead setup tests
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
1c67e0b38c
Add extra verify edge test cases
...
Add ability to pass NULL tag buffer (with length zero)
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
9961a668bd
Remove negative tests from multipart_decrypt
...
Multipart decrypt now always expects positive result (i.e. the plaintext
that is passed in). Added new test that expects fail, and does no
multipart versions and concentrates on aead_verify.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
fd0c154ce3
Add tests to oversend data/ad when lengths set
...
Previous tests only tested when the expected lengths were set to zero.
New test sends all data/ad then goes over by one byte.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
ce2c1faf1a
Remove uneccesary postive buffer size tests
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
6a60b12ef9
Make buffer size checks +-1 from correct size
...
i.e Check correct buffer size +1 and correct buffer size -1 (where
applicable) to check too big and too small cases, and hopefully catch
edge cases.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:17 +01:00
Paul Elliott
eac6c757a2
Make nonce length check return error where it can
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
12acb6bb4c
Remove missed references to aead_verify from docs
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
a3d153f928
Make nonce based test descriptions more clear
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
f38adbe558
Ensure tests expected to fail actually fail
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
e49fe45478
Remove unneccesary nesting
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
4e4d71a838
Move hidden logic into loop 'for' statement
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
33746aac32
Convert set lengths options over to enum
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
9454cfa911
Remove unneccesary safety check in test
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
6bfd0fbbc6
Convert all uint32_t lengths over to size_t
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
5a9642ff28
Correct switched blocks for output sizes
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
b183d56b5f
Use safer size for tag checking
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
06b6b8c8d6
Add missing zeroize for sensitive tag data.
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
719c1324a1
Add tag buffer size tests to finish buffer tests
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
e58cb1e0cf
Aligh finish_buffer_test vars with PSA standard
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
4023ffd275
Re-add option of NULL buffer for nonce tests
...
NULL/zero length or valid buffer/zero length both now tested
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Paul Elliott
e64deda873
Add missing check to multipart decrypt
...
Ensure that the test actually does something, rather than skipping both
parts, also add comment to this effect.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-09-19 18:43:16 +01:00
Ronald Cron
133740b74e
tests: Improve incomplete then overflow tests
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-17 09:38:07 +02:00
Gilles Peskine
5b1df10470
Update the list of issues fixed
...
This had actually been reported multiple times.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-15 17:07:21 +02:00
Jerry Yu
7a5ab044ca
Add tls13 test with everst and ecp restartable
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-15 22:06:11 +08:00
Jerry Yu
388bd0d53c
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-15 22:06:11 +08:00
Gilles Peskine
d337fbc4cb
x86_64 MULADDC assembly: add missing constraints about memory
...
MULADDC_CORE reads from (%%rsi) and writes to (%%rdi). This fragment is
repeated up to 16 times, and %%rsi and %%rdi are s and d on entry
respectively. Hence the complete asm statement reads 16 64-bit words
from memory starting at s, and writes 16 64-bit words starting at d.
Without any declaration of modified memory, Clang 12 and Clang 13 generated
non-working code for mbedtls_mpi_mod_exp. The constraints make the unit
tests pass with Clang 12.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-15 15:51:43 +02:00
Jerry Yu
dd1fb9e37e
add mbedtls_ecdh_setup_no_everest
...
Setup ecdh without everest for TLS1.3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-15 11:10:15 +08:00
Jerry Yu
bdc71888fc
Remove restartable and everest from tls1.3
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-14 19:33:31 +08:00
Janos Follath
cacec723c8
Merge pull request #4938 from gilles-peskine-arm/psa_cipher_update_ecp-unused_parameter
...
Fix parameter set but unused on psa_cipher_update_ecb
2021-09-13 13:55:38 +01:00
Gilles Peskine
d87d87371f
Fix the size in bytes
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-13 12:21:22 +02:00
Gilles Peskine
1716f32864
psa_cipher_update_ecb: remove parameter output_size
...
This parameter was set but not used, which was pointless. Clang 14 detects
this and legitimately complains.
Remove the parameter. This is an internal function, only called once. The
caller already has a sufficient check on the output buffer size which
applies in more cases, so there is no real gain in robustness in adding the
same check inside the internal function.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-13 09:46:41 +02:00
Gilles Peskine
55dffe58a0
Document the internal function psa_cipher_update_ecb
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-13 09:33:28 +02:00
Jerry Yu
335aca9c52
fix format issue
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-12 20:18:56 +08:00
Gilles Peskine
78e84e860d
Merge pull request #4766 from SiliconLabs/silabs_import_copy_key_opaque
...
Add partial support to import/copy opaque keys
2021-09-10 09:13:40 +02:00
Jerry Yu
72fc69bd40
fix typo error
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-10 10:23:37 +08:00
Archana
9d17bf4215
Styling and refactoring
...
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-10 07:16:08 +05:30
Archana
9a2b6ff8f2
Fix test vector dependency
...
Fix opaque key test vector dependency to PSA_CRYPTO_DRIVER_TEST
instead of MBEDTLS_PSA_CRYPTO_DRIVERS while validating with
test drivers.
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-09 12:32:16 +05:30
Archana
a316b7e42b
Rebase and update signature for curve448 tests
...
Also include the opaque test cases for curve448 vectors.
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-09 10:11:02 +05:30
Archana
74d99c6bfc
Add a test to validate copy to read only lifetime
...
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-09 10:11:02 +05:30
Archana
374fe5b8d2
Handle zeroed attributes key bits and type in copy
...
The target attributes for key copy could have key bits and
type zeroed. If so, they need to be overwritten/ inherited
from the source key.
This is now forcefully overwritten after validating the
optional attributes. As a result assigning attributes type
and bits after copy are no longer necessary.
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-09 10:09:19 +05:30
Archana
449608bc61
Code style improvements
...
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-08 22:04:13 +05:30