AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8,107 Commits 1 Branch 0 Tags 61 MiB
e852df8466
Commit Graph

8107 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jaeden Amero
e852df8466 fixup! Add PSA crypto module 2018-09-14 12:00:46 +01:00
Jaeden Amero
5ee4ee2659 Merge pull request #133 from jen3andruska/patch-2 
Update README.md
 2018-09-14 10:02:30 +01:00
Jaeden Amero
c0454a7369 Merge pull request #135 from ARMmbed/export_sanity_tests 
Document asymmetric key export formats
 2018-09-14 10:02:30 +01:00
Jen Andruska
517e73736e Update README.md 2018-09-14 10:02:29 +01:00
Jaeden Amero
27f451f04b Merge pull request #134 from ARMmbed/test_suite_import_export-exported_length 
Fix bug in test_import_export with non-canonical input
 2018-09-14 10:02:29 +01:00
Gilles Peskine
dea46cf8f1 Clarify comment in test 
In RSAPrivateKey, Version is an INTEGER. The version must be 0.
 2018-09-14 10:02:29 +01:00
Gilles Peskine
39f0c22c97 Merge pull request #126 from ARMmbed/multi-op-abort-on-error 
Multipart operations don't always call abort on error - FIX
 2018-09-14 10:02:29 +01:00
Gilles Peskine
8a1a8f31e3 Add test cases for PEM import 
This is not a standard PSA feature, it's an extension provided by the
current implementation.
 2018-09-14 10:02:29 +01:00
Gilles Peskine
c6290c043e Minor documentation improvements 2018-09-14 10:02:29 +01:00
Jaeden Amero
5ac5cec9a2 Merge pull request #127 from ARMmbed/documentation-update 
Update documentation due to function renaming
 2018-09-14 10:02:29 +01:00
itayzafrir
534bd7c33b Add missing calls to psa_cipher_abort in cipher functions 2018-09-14 10:02:29 +01:00
Gilles Peskine
b67f308c4f Fix re-import size in import_export test with non-canonical input 2018-09-14 10:02:29 +01:00
Gilles Peskine
6ef7983208 Fix copypasta in PSA_KEY_EXPORT_MAX_SIZE documentation 2018-09-14 10:02:29 +01:00
Jaeden Amero
357da5a009 Merge pull request #129 from ARMmbed/small_documentation_fix 
Documentation fix
 2018-09-14 10:02:29 +01:00
itayzafrir
ed7382f6a7 Update documentation due to function renaming 2018-09-14 10:02:29 +01:00
itayzafrir
40835d4e56 Add missing calls to psa_hash_abort in hash functions 2018-09-14 10:02:29 +01:00
Gilles Peskine
ae3d2a2c26 Avoid non-standard C constructs 
Don't rely on static initialization of a flexible array member, that's
a GNU extension. The previous code also triggered a Clang warning
"suggest braces around initialization of subobject" (-Wmissing-braces)
for `struct {char a[]} = {"foo"}`.
 2018-09-14 10:02:29 +01:00
Jaeden Amero
31aaba8828 Merge pull request #128 from ARMmbed/psa-constant_to_string-fix_whitespace 
Fix whitespace in psa_constant_names_generated.c
 2018-09-14 10:02:29 +01:00
mohammad1603
13f43948f3 typo fix 2018-09-14 10:02:29 +01:00
Jaeden Amero
33b9ff6d2d Merge pull request #124 from ARMmbed/reorder-psa-errors 
Rearrange PSA_ERROR_XXX error codes
 2018-09-14 10:02:29 +01:00
Gilles Peskine
8f609239d5 Do export sanity checks in import_export as well 
This is not useful to validate the implementation when importing
canonical input, which is the case for most import/export test cases,
but it helps validate the sanity checks themselves.
 2018-09-14 10:02:29 +01:00
Gilles Peskine
23b9d149a2 Fix indentation in generated C file 
The indentation now complies with Emacs's "k&r" style.
 2018-09-14 10:02:29 +01:00
Jaeden Amero
df3b74f168 Merge pull request #125 from ARMmbed/key_slot_index-fix 
Fix off-by-one errors in key slot index limits
 2018-09-14 10:02:29 +01:00
itayzafrir
f26dbfc096 Rearrange PSA_ERROR_XXX error codes 
Set PSA_ERROR_UNKNOWN_ERROR as the first error code to prevent the
need to change its value whenever a new error code is added.
 2018-09-14 10:02:29 +01:00
Gilles Peskine
dd2f95b855 Improve and augment export sanity checks 
Implement sanity checks of exported public keys, using ASN.1 parsing.
Rewrite the sanity checks of key pairs using ASN.1 parsing, so as to
check more things with simpler code.
 2018-09-14 10:02:29 +01:00
Gilles Peskine
ddeb55ad32 Remove trailing whitespace and fix indentation in generated C file 2018-09-14 10:02:29 +01:00
Jaeden Amero
63aaa538fa Merge pull request #119 from ARMmbed/dev/dgreen-arm/fix-all.sh 
All.sh fixes
 2018-09-14 10:02:29 +01:00
Gilles Peskine
9a05634558 psa_crypto_free: destroy the last slot 
The last slot in the array was not freed due to an off-by-one error.

Amend the fill_slots test to serve as a non-regression test for this
issue: without this bug fix, it would cause a memory leak.
 2018-09-14 10:02:29 +01:00
Gilles Peskine
cb6adbb750 fixup sizes 2018-09-14 10:02:29 +01:00
Gilles Peskine
996deb18cc Fix buffer overflow in the slot array 
Slots are numbered from 1, but the slot array is a C array so it's
numbered from 0.

Add a non-regression test.
 2018-09-14 10:02:29 +01:00
Gilles Peskine
4f6c77b0a9 fixup format spec 2018-09-14 10:02:29 +01:00
Gilles Peskine
d14664a79b Move export key sanity check from generate to exercise 
Move the code to perform sanity checks on the exported key from
generate_key to exercise_key. This way the sanity checks can be
performed after importing or deriving a key as well.

In addition to checking the exported key if its usage allows it, check
the exported public key if the key is asymmetric.
 2018-09-14 10:02:29 +01:00
Gilles Peskine
1be949b846 New macro PSA_KEY_EXPORT_MAX_SIZE 
Sufficient buffer size for psa_export_key() and psa_export_public_key().
 2018-09-14 10:02:29 +01:00
Gilles Peskine
4e1e9beb56 Define the encoding of ECC and DSA keys 2018-09-14 10:02:29 +01:00
Gilles Peskine
e877974794 Move key type feature test macros to a more logical place 2018-09-14 10:02:29 +01:00
Gilles Peskine
78b3bb670d Change the bitwise encoding of key type categories 
There were only 5 categories (now 4). Reduce the category mask from 7
bits to 3.

Combine unformatted, not-necessarily-uniform keys (HMAC, derivation)
with raw data.

Reintroduce a KEY_TYPE_IS_UNSTRUCTURED macro (which used to exist
under the name KEY_TYPE_IS_RAW_DATA macro) for key types that don't
have any structure, including both should-be-uniform keys (such as
block cipher and stream cipher keys) and not-necessarily-uniform
keys (such as HMAC keys and secrets for key derivation).
 2018-09-14 10:02:29 +01:00
Gilles Peskine
c32f0304db Fix bad key type constant that worked by accident 2018-09-14 10:02:29 +01:00
Jaeden Amero
4fddbe36fe Merge pull request #120 from ARMmbed/dev/dgreen-arm/conversion-warnings 
Fix key parameter in psa_key_derivation to use correct type
 2018-09-14 10:02:28 +01:00
Darryl Green
80bed236de Change psa_structs to use unsigned ints 
These structs are using bitfields of length one, which can only represent 0 and -1 for signed ints.
Changing these to unsigned int lets them represent 0 and 1, which is what we want.
 2018-09-14 10:02:28 +01:00
Jaeden Amero
8be946d602 Merge pull request #118 from ARMmbed/dev/Patater/add-license-header 
psa: Add license header to crypto.h
 2018-09-14 10:02:28 +01:00
Darryl Green
8800136156 Fix key parameter in psa_key_derivation to use correct type 2018-09-14 10:02:28 +01:00
Darryl Green
9e2d7a09f1 Add ifdefs for psa_internal_export_key function 
MBEDTLS_PK_WRITE_C only requires either MBEDTLS_RSA_C or MBEDTLS_ECP_C to be defined.
Added wrappers to handle the cases where only one has been defined.
Moved mbedtls_pk_init to be within the ifdefs, so it's only called if appropriate.
 2018-09-14 10:02:28 +01:00
Jaeden Amero
423e20430f Merge pull request #117 from ARMmbed/dev/Patater/generate-visualc 
Update generate_visualc_files.pl for PSA
 2018-09-14 10:02:28 +01:00
Jaeden Amero
cab5494b12 psa: Add license header to crypto.h 2018-09-14 10:02:28 +01:00
Darryl Green
10ccc641ac Add missing dependencies on MBEDTLS_ECDSA_C 2018-09-14 10:02:28 +01:00
Darryl Green
8f8aa8f931 Add ifdef for MBEDTLS_ECP_C around ecc_group_to_psa functions 
These are unused if MBEDTLS_ECP_C isn't defined.
 2018-09-14 10:02:28 +01:00
Darryl Green
efb52d53bf Add missing dependency on MBEDTLS_PKCS1_V15 2018-09-14 10:02:28 +01:00
Darryl Green
5cc689a821 Add handling for (sometimes) unused parameters 2018-09-14 10:02:28 +01:00
Darryl Green
77b33b2926 Add missing dependencies on MBEDTLS_SHA256_C 2018-09-14 10:02:28 +01:00
Darryl Green
9c862253cc Add handling for zero-length buffers in tests 
The buffer can be NULL if the length is zero, so we only check it's not NULL if the length is nonzero
 2018-09-14 10:02:28 +01:00