eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
mbedtls/library
History
Gilles Peskine 695c4cb7ea If a cipher algorithm is not supported, fail during setup 
In some cases, a cipher operation for an unsupported algorithm could succeed
in psa_cipher_{encrypt,decrypt}_setup() and fail only when input is actually
fed. This is not a major bug, but it has several minor downsides: fail-late
is harder to diagnose for users than fail-early; some code size can be
gained; tests that expect failure for not-supported parameters would have to
be accommodated to also accept success.

This commit at least partially addresses the issue. The only completeness
goal in this commit is to pass our full CI, which discovered that disabling
only PSA_WANT_ALG_STREAM_CIPHER or PSA_WANT_ALG_ECB_NO_PADDING (but keeping
the relevant key type) allowed cipher setup to succeed, which caused
failures in test_suite_psa_crypto_op_fail.generated in
component_test_psa_crypto_config_accel_xxx.

Changes in this commit:
* mbedtls_cipher_info_from_psa() now returns NULL for unsupported cipher
  algorithms. (No change related to key types.)
* Some code that is only relevant for ECB is no longer built if
  PSA_WANT_ALG_ECB_NO_PADDING is disabled.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-05 15:03:39 +02:00
..
.gitignore Add psa_crypto_driver_wrappers.c to .gitignore 2021-12-18 13:29:10 +05:30
aes.c Ensure ctr_drbg is initialised every time 2022-02-10 18:38:53 +00:00
aesni.c Move aesni.h to library 2021-03-10 12:52:37 +00:00
aesni.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
aria.c Replace 3 byte shift with appropriate macro 2021-08-19 09:55:42 +01:00
asn1parse.c Add missing const attribute to asn1 api 2021-01-26 13:57:46 +01:00
asn1write.c Replace MBEDTLS_CHAR_x with MBEDTLS_BYTE_x 2021-08-19 09:56:47 +01:00
base64.c Delete base64_invasive.h due to functions are moved to the constant-time module 2021-11-26 17:20:02 +01:00
bignum.c mbedtls_mpi_read_binary() document that function guarantees to return an MPI with exactly the necessary number of limbs and remove redundant call to mbedtls_mpi_grow() 2022-02-22 13:35:27 +01:00
bn_mul.h Fix aarch64 assembly for bignum multiplication 2021-09-22 18:31:35 +01:00
camellia.c Add Character byte reading macros 2021-08-19 09:55:41 +01:00
ccm.c Ignore plaintext length for CCM*-no-tag. 2021-10-21 11:33:37 +02:00
chacha20.c Replace instances of byte reading macros with PUT 2021-08-19 09:56:47 +01:00
chachapoly.c Replace instances of byte reading macros with PUT 2021-08-19 09:56:47 +01:00
check_crypto_config.h psa: config: Add CAMELLIA to the list of possible CMAC ciphers 2021-03-25 14:25:46 +01:00
cipher.c Return an error for IV lengths other than 12 with ChaCha20+Poly1305 2022-01-14 16:31:54 +01:00
cipher_wrap.c Use separate MBEDTLS_MODE for the CCM*. 2021-10-27 10:42:31 +02:00
cipher_wrap.h Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO 2022-01-03 12:53:24 +01:00
cmac.c Allow skipping 3DES in CMAC self-test when ALT implemented 2021-03-02 10:18:08 +01:00
CMakeLists.txt Review comments addressed 2021-12-19 13:37:37 +05:30
common.h fix wrong para name in doxygen comments 2021-10-28 10:26:13 +08:00
constant_time.c Cap the workaround for mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to MSVC versions prior to 17.1. 2022-01-31 13:34:01 -08:00
constant_time_internal.h Add documentation for the functions 2021-11-26 17:25:14 +01:00
constant_time_invasive.h Add documentation for the functions 2021-11-26 17:25:14 +01:00
ctr_drbg.c Tidy up grouped MBEDTLS_BYTE_x macros 2021-08-23 11:52:28 +01:00
debug.c Add missing parentheses 2021-06-17 21:46:29 +02:00
des.c Catch failures of AES or DES operations 2021-09-27 16:22:08 +02:00
dhm.c Use byte reading macros in places not using a byte mask 2021-08-19 09:56:47 +01:00
ecdh.c Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3 2021-12-10 13:47:55 +01:00
ecdh_misc.h Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3 2021-12-10 13:47:55 +01:00
ecdsa.c Rename error translation functions and move them to library/pk_wrap.* 2022-03-01 15:21:02 +01:00
ecjpake.c Tidy up grouped MBEDTLS_BYTE_x macros 2021-08-23 11:52:28 +01:00
ecp.c Make more use of helper function for init/free of MPI array 2022-01-11 05:06:54 +00:00
ecp_curves.c Add prefix to BYTES_TO_T_UINT_* 2021-06-25 12:46:40 +01:00
ecp_internal_alt.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
ecp_invasive.h Move mbedtls_mpi_random to the bignum module 2021-06-03 18:10:04 +02:00
entropy.c Merge pull request #4640 from TRodziewicz/move_part_of_timing_module_out_of_the_library_and_to_test 2021-06-18 16:35:58 +01:00
entropy_poll.c Rename config.h to mbedtls_config.h 2021-06-28 09:28:33 +01:00
entropy_poll.h Rename config.h to mbedtls_config.h 2021-06-28 09:28:33 +01:00
gcm.c Merge pull request #5213 from tom-cosgrove-arm/pr_4950 2021-11-22 22:22:37 +01:00
hkdf.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
hmac_drbg.c Rename the _ret() functions 2021-06-08 16:45:41 +02:00
Makefile Review comments addressed 2021-12-19 13:37:37 +05:30
md.c Add function to get md info from md context 2021-12-28 16:32:00 +01:00
md5.c GET macros use a target variable 2021-08-19 09:31:55 +01:00
md_wrap.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
memory_buffer_alloc.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
mps_common.h Capitalise MPS trace macros 2021-04-07 12:45:35 +01:00
mps_error.h Fix Doxygen headers for MPS files 2021-03-29 14:20:18 +01:00
mps_reader.c Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3 2021-12-10 13:47:55 +01:00
mps_reader.h Fix Doxygen headers for MPS files 2021-03-29 14:20:18 +01:00
mps_trace.c Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3 2021-12-10 13:47:55 +01:00
mps_trace.h Capitalise MPS trace macros 2021-04-07 12:45:35 +01:00
net_sockets.c Add a missing guard for time.h in net_sockets.c 2022-03-04 05:07:45 -05:00
nist_kw.c Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module 2021-11-24 10:44:13 +01:00
oid.c Remove MD2, MD4, RC4, Blowfish and XTEA 2021-06-16 10:34:25 +02:00
padlock.c Move padlock.h to library 2021-03-10 12:52:37 +00:00
padlock.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
pem.c Rename the _ret() functions 2021-06-08 16:45:41 +02:00
pk.c Rename error translation functions and move them to library/pk_wrap.* 2022-03-01 15:21:02 +01:00
pk_wrap.c Use new PSA to mbedtls PK error mapping functions in rsa_sign_wrap() 2022-03-03 16:41:23 +01:00
pk_wrap.h Rename error translation functions and move them to library/pk_wrap.* 2022-03-01 15:21:02 +01:00
pkcs5.c Apply MBEDTLS_ERROR_ADD to library 2021-04-15 11:19:47 +01:00
pkcs12.c Remove incorrect hashing 2021-12-02 18:03:12 +00:00
pkparse.c mbedtls_pk_parse_key: don't allocate if not needed 2021-12-10 17:36:37 +01:00
pkwrite.c Rename max sizes of RSA & EC DER keys defines 2022-03-01 10:03:21 +01:00
pkwrite.h Rename max sizes of RSA & EC DER keys defines 2022-03-01 10:03:21 +01:00
platform.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
platform_util.c Correction to callback declaration and usage 2021-07-13 12:23:12 +02:00
poly1305.c Replace instances of byte reading macros with PUT 2021-08-19 09:57:41 +01:00
psa_crypto.c Make psa_key_derivation_setup return early if the key agreement is not supported 2022-04-05 15:00:01 +02:00
psa_crypto_aead.c Merge pull request #5047 from paul-elliott-arm/psa-m-aead-ccm 2021-12-09 14:49:42 +01:00
psa_crypto_aead.h Restore internal driver for aead_set_lengths 2021-09-28 11:16:27 +01:00
psa_crypto_cipher.c If a cipher algorithm is not supported, fail during setup 2022-04-05 15:03:39 +02:00
psa_crypto_cipher.h Merge branch 'development-restricted' into mbedtls-3.1.0rc-pr 2021-12-14 10:58:18 +01:00
psa_crypto_client.c Move the inclusion of crypto_spe.h to psa/crypto_platform.h 2021-06-17 11:43:58 +02:00
psa_crypto_core.h Code style improvements 2021-09-08 22:04:13 +05:30
psa_crypto_driver_wrappers.h Merge pull request #5292 from mprse/asym_encrypt 2022-03-10 20:07:38 +01:00
psa_crypto_ecp.c psa: Remove test code in the library 2021-12-06 07:50:27 +01:00
psa_crypto_ecp.h psa: test driver: Move driver test entry points prototypes 2021-12-06 07:50:27 +01:00
psa_crypto_hash.c psa: Fix and improve comments 2021-12-06 07:50:27 +01:00
psa_crypto_hash.h psa: test driver: Move driver test entry points prototypes 2021-12-06 07:50:27 +01:00
psa_crypto_invasive.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
psa_crypto_its.h Update documentation 2020-11-25 13:10:50 +01:00
psa_crypto_mac.c psa: Fix and improve comments 2021-12-06 07:50:27 +01:00
psa_crypto_mac.h psa: test driver: Move driver test entry points prototypes 2021-12-06 07:50:27 +01:00
psa_crypto_random_impl.h Work around MSVC bug with duplicate static declarations 2021-02-16 18:55:05 +01:00
psa_crypto_rsa.c psa_asymmetric_decrypt: move build-in impl to mbedtls_psa_asymmetric_decrypt 2022-01-10 12:55:06 +01:00
psa_crypto_rsa.h psa_asymmetric_decrypt: move build-in impl to mbedtls_psa_asymmetric_decrypt 2022-01-10 12:55:06 +01:00
psa_crypto_se.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
psa_crypto_se.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
psa_crypto_slot_management.c Merge pull request #4878 from SiliconLabs/remove_dependency_4877 2021-09-20 22:20:16 +02:00
psa_crypto_slot_management.h psa: Fix error code when creating/registering a key with invalid id 2021-04-01 14:05:41 +02:00
psa_crypto_storage.c Erase secrets in allocated memory before freeing said memory 2022-02-25 11:14:59 +01:00
psa_crypto_storage.h Rename PSA_KEY_SLOT_COUNT to MBEDTLS_PSA_KEY_SLOT_COUNT 2021-02-15 14:26:44 +01:00
psa_its_file.c Update library/psa_its_file.c 2022-02-14 12:24:56 +01:00
ripemd160.c GET macros use a target variable 2021-08-19 09:31:55 +01:00
rsa.c Rename error translation functions and move them to library/pk_wrap.* 2022-03-01 15:21:02 +01:00
rsa_alt_helpers.c Rename rsa_internal.* to rsa_alt_helpers.* 2021-03-10 12:52:37 +00:00
rsa_alt_helpers.h Replace all inclusions of config.h 2021-06-28 09:24:07 +01:00
sha1.c GET macros use a target variable 2021-08-19 09:31:55 +01:00
sha256.c Rename mbedtls_a64_crypto_sha256_check_support() to mbedtls_a64_crypto_sha256_determine_support() 2022-02-24 08:33:11 +00:00
sha512.c Add UINT64 GET and PUT macros 2021-08-19 09:56:47 +01:00
ssl_cache.c Fix search for outdated entries in SSL session cache 2021-05-14 14:55:15 +01:00
ssl_ciphersuites.c Add accessors for ciphersuite info 2022-01-13 00:05:48 -05:00
ssl_cli.c Add missing key destruction calls in ssl_write_client_key_exchange 2022-02-25 04:36:40 -05:00
ssl_cookie.c mbedtls_ssl_cookie_check: zeroize expected cookie on cookie mismatch 2021-12-13 12:35:08 +01:00
ssl_debug_helpers.h Add prototype for automatically generated debug helper 2022-02-21 15:14:01 +01:00
ssl_misc.h Merge pull request #5454 from gstrauss/cert_cb-user_data 2022-03-10 11:51:42 +01:00
ssl_msg.c ssl_msg.c: Change message in MBEDTLS_SSL_DEBUG_RET() to be the failed function name instead current function name 2022-02-07 15:12:05 +01:00
ssl_srv.c Add accessor to retrieve SNI during handshake 2022-02-25 19:55:53 -05:00
ssl_ticket.c Create public macros for ssl_ticket key,name sizes 2022-02-09 15:28:28 -05:00
ssl_tls.c Add accessor to retrieve SNI during handshake 2022-02-25 19:55:53 -05:00
ssl_tls13_client.c Merge pull request #5448 from lhuang04/tls13_alpn 2022-03-08 17:53:38 +00:00
ssl_tls13_generic.c Merge pull request #5524 from mprse/tls_ecdh_2c 2022-03-08 11:43:45 +01:00
ssl_tls13_invasive.h Implement HKDF expand in TLS 1.3 based on PSA HMAC 2022-02-10 10:57:23 +01:00
ssl_tls13_keys.c Merge pull request #5524 from mprse/tls_ecdh_2c 2022-03-08 11:43:45 +01:00
ssl_tls13_keys.h Update based on comments 2021-12-02 06:36:27 +00:00
ssl_tls13_server.c tls13_only: improve guards of files. 2022-02-21 09:06:00 +08:00
threading.c Rename config.h to mbedtls_config.h 2021-06-28 09:28:33 +01:00
timing.c Provide a dummy implementation of timing.c 2022-03-04 05:07:45 -05:00
version.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
x509.c Merge pull request #3777 from hanno-arm/x509-info-optimization_rebased 2021-04-28 17:31:55 +01:00
x509_create.c Update copyright notices to use Linux Foundation guidance 2020-08-19 10:35:41 +02:00
x509_crl.c Do not include time.h without MBEDTLS_HAVE_TIME 2022-03-04 05:07:45 -05:00
x509_crt.c Merge pull request #3624 from daxtens/timeless 2022-03-15 16:43:19 +00:00
x509_csr.c Merge pull request #3777 from hanno-arm/x509-info-optimization_rebased 2021-04-28 17:31:55 +01:00
x509write_crt.c Improving readability of x509_crt and x509write_crt for PR 2022-03-07 13:59:44 +01:00
x509write_csr.c Improving readability of x509_crt and x509write_crt for PR 2022-03-07 13:59:44 +01:00