Most supported ciphers have a 128-bit, 192-bit or 256-bit keys. List the
exceptions explicitly.
This commit fixes a test failure with the null cipher and an incorrect
comment that omitted several key lengths.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This was already documented for mbedtls_md_info_t. Also document it for
mbedtls_pk_info_t (where it's fairly obvious since the structure is not
defined in a public header) and for mbedtls_cipher_info_t (where it's not
obvious since the structure is defined in a public header).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The structures mbedtls_x509_time, mbedtls_x509_crl_entry, mbedtls_x509_crl,
mbedtls_x509_crt, mbedtls_x509_san_other_name,
mbedtls_x509_subject_alternative_name, mbedtls_x509_csr are designed to
expose the result of parsing X.509 data. Document many of their fields as
being publicly readable.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The structures mbedtls_asn1_buf, mbedtls_asn1_bitstring,
mbedtls_asn1_sequence and mbedtls_asn1_named_data are designed to allow
access to data after parsing. Make their fields public.
Document that chaining fields are essentially read-only.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
On platforms with BSD-like sockets, it is useful for applications to have
access to the underlying file descriptor so that they can use functions like
select() and poll().
Do not promise that the field will exist on other platforms such as
Windows (where the type and name of the field are technically wrong because
Windows socket handles are actually not file descriptors).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add functions to read the type, mode, name and key_bitlen fields from
mbedtls_cipher_info_t. These are the fields that applications are most
likely to care about.
TLS code also uses iv_size and block_size, which it might make sense to
expose, but most applications shouldn't need those, so I'm not exposing them
for now.
Call the new functions in unit tests, so they're at least smoke-tested.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The whole point of this structure is to provide information, both for the
library's own sake and to applications.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Warning reported with IAR compiler:
"mbedtls\library\pkparse.c",1167 Warning[Pe550]: variable "ret" was set but never used
Signed-off-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
Conflicts:
library/ccm.c
Conflict resolved by re-applying the MBEDTLS_BYTE_0 macro.
Conflict resolved by ignoring the MBEDTLS_PUT_UINT16_BE macro
used in development branch on the 'b' buffer, because the 'b'
buffer is removed in current branch.
- Problem() is a parent abstract class that should only be used for
subclassing.
- With the help of ABC, implement abstract methods that force
subclasses to implement quiet and verbose outputs.
- The repeated logic of "if self.quiet" is consolidated in Problem.
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
exchange groups of the byte reading macros with MBEDTLS_PUT_UINTxyz
and then shift the pointer afterwards. Easier to read as you can
see how big the data is that you are putting in, and in the case of
UINT32 AND UINT64 it saves some vertical space.
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
exchange groups of the byte reading macros with MBEDTLS_PUT_UINTxyz
and then shift the pointer afterwards. Easier to read as you can
see how big the data is that you are putting in, and in the case of
UINT32 AND UINT64 it saves some vertical space.
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
Move common encrypt / decrypt code into common function, and roll in
previously refactored setup checks function, as this is now the only
place it is called.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
minor changes, such as improving the documentation for the byte reading
macros, and using MBEDTLS_PUT_UINT16_xy in place of byte reading
macro combinations
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
Replace the contents of MBEDTLS_PUT_UINTx_yz contained inconsitent
but similar/duplicate code to the MBEDTLS_BYTE_x macros. Therefore
the contents of the macros now utilise the byte reading macros.
MBEDTLS_PUT_UINT64_LE's written order was also not consitent with
the other PUT macros, so that was modified.
Documentation comment said LSB instead of MSB and that has also been
resolved.
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
