Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: Update to Mbed Crypto 1.0.0d5 and then to 1.0.0d6 #9795

Merged
merged 2 commits into from
Feb 26, 2019
Merged

crypto: Update to Mbed Crypto 1.0.0d5 and then to 1.0.0d6 #9795

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c101a22
crypto: Update to Mbed Crypto 1.0.0d5
Patater Feb 21, 2019
e5c1e0b
crypto: Update to Mbed Crypto 1.0.0d6
Patater Feb 21, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion features/mbedtls/mbed-crypto/VERSION.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
mbedcrypto-1.0.0d4
mbedcrypto-1.0.0d6
2 changes: 1 addition & 1 deletion features/mbedtls/mbed-crypto/importer/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@

# Set the Mbed Crypto release to import (this can/should be edited before
# import)
CRYPTO_RELEASE ?= mbedcrypto-1.0.0d4
CRYPTO_RELEASE ?= mbedcrypto-1.0.0d6
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

did you mean mbedcrypto-1.0.0d5 or mbedcrypto-1.0.0d6
as in the headline?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated headline to explain what we are doing now. Originally, this was just d5, now it is both d5 and then d6.

CRYPTO_REPO_URL ?= git@github.com:ARMmbed/mbed-crypto.git

# Translate between Mbed Crypto namespace and Mbed OS namespace
Expand Down
23 changes: 23 additions & 0 deletions features/mbedtls/mbed-crypto/inc/psa/crypto_extra.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,29 @@ extern "C" {
/* UID for secure storage seed */
#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52

/*
* Deprecated PSA Crypto error code definitions
*/
#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#define PSA_ERROR_UNKNOWN_ERROR \
MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_GENERIC_ERROR )
#endif

#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#define PSA_ERROR_OCCUPIED_SLOT \
MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_ALREADY_EXISTS )
#endif

#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#define PSA_ERROR_EMPTY_SLOT \
MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_DOES_NOT_EXIST )
#endif

#if !defined(MBEDTLS_DEPRECATED_REMOVED)
#define PSA_ERROR_INSUFFICIENT_CAPACITY \
MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA )
#endif

/**
* \brief Library deinitialization.
*
Expand Down
68 changes: 46 additions & 22 deletions features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1373,7 +1373,13 @@ psa_status_t psa_hash_setup( psa_hash_operation_t *operation,
psa_algorithm_t alg )
{
int ret;
operation->alg = 0;

/* A context must be freshly initialized before it can be set up. */
if( operation->alg != 0 )
{
return( PSA_ERROR_BAD_STATE );
}

switch( alg )
{
#if defined(MBEDTLS_MD2_C)
Expand Down Expand Up @@ -1496,8 +1502,7 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation,
break;
#endif
default:
ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
break;
return( PSA_ERROR_BAD_STATE );
}

if( ret != 0 )
Expand Down Expand Up @@ -1569,8 +1574,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
break;
#endif
default:
ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
break;
return( PSA_ERROR_BAD_STATE );
}
status = mbedtls_to_psa_error( ret );

Expand Down Expand Up @@ -1994,6 +1998,12 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
unsigned char truncated = PSA_MAC_TRUNCATED_LENGTH( alg );
psa_algorithm_t full_length_alg = PSA_ALG_FULL_LENGTH_MAC( alg );

/* A context must be freshly initialized before it can be set up. */
if( operation->alg != 0 )
{
return( PSA_ERROR_BAD_STATE );
}

status = psa_mac_init( operation, full_length_alg );
if( status != PSA_SUCCESS )
return( status );
Expand Down Expand Up @@ -2112,9 +2122,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
{
psa_status_t status = PSA_ERROR_BAD_STATE;
if( ! operation->key_set )
goto cleanup;
return( PSA_ERROR_BAD_STATE );
if( operation->iv_required && ! operation->iv_set )
goto cleanup;
return( PSA_ERROR_BAD_STATE );
operation->has_input = 1;

#if defined(MBEDTLS_CMAC_C)
Expand All @@ -2137,10 +2147,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
{
/* This shouldn't happen if `operation` was initialized by
* a setup function. */
status = PSA_ERROR_BAD_STATE;
return( PSA_ERROR_BAD_STATE );
}

cleanup:
if( status != PSA_SUCCESS )
psa_mac_abort( operation );
return( status );
Expand Down Expand Up @@ -2232,6 +2241,11 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
{
psa_status_t status;

if( operation->alg == 0 )
{
return( PSA_ERROR_BAD_STATE );
}

/* Fill the output buffer with something that isn't a valid mac
* (barring an attack on the mac and deliberately-crafted input),
* in case the caller doesn't check the return status properly. */
Expand All @@ -2243,13 +2257,11 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,

if( ! operation->is_sign )
{
status = PSA_ERROR_BAD_STATE;
goto cleanup;
return( PSA_ERROR_BAD_STATE );
}

status = psa_mac_finish_internal( operation, mac, mac_size );

cleanup:
if( status == PSA_SUCCESS )
{
status = psa_mac_abort( operation );
Expand All @@ -2270,10 +2282,14 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
uint8_t actual_mac[PSA_MAC_MAX_SIZE];
psa_status_t status;

if( operation->alg == 0 )
{
return( PSA_ERROR_BAD_STATE );
}

if( operation->is_sign )
{
status = PSA_ERROR_BAD_STATE;
goto cleanup;
return( PSA_ERROR_BAD_STATE );
}
if( operation->mac_size != mac_length )
{
Expand Down Expand Up @@ -2895,6 +2911,12 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
PSA_KEY_USAGE_ENCRYPT :
PSA_KEY_USAGE_DECRYPT );

/* A context must be freshly initialized before it can be set up. */
if( operation->alg != 0 )
{
return( PSA_ERROR_BAD_STATE );
}

status = psa_cipher_init( operation, alg );
if( status != PSA_SUCCESS )
return( status );
Expand Down Expand Up @@ -2996,8 +3018,7 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
int ret;
if( operation->iv_set || ! operation->iv_required )
{
status = PSA_ERROR_BAD_STATE;
goto exit;
return( PSA_ERROR_BAD_STATE );
}
if( iv_size < operation->iv_size )
{
Expand Down Expand Up @@ -3029,8 +3050,7 @@ psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation,
int ret;
if( operation->iv_set || ! operation->iv_required )
{
status = PSA_ERROR_BAD_STATE;
goto exit;
return( PSA_ERROR_BAD_STATE );
}
if( iv_length != operation->iv_size )
{
Expand All @@ -3057,6 +3077,12 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
psa_status_t status;
int ret;
size_t expected_output_size;

if( operation->alg == 0 )
{
return( PSA_ERROR_BAD_STATE );
}

if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) )
{
/* Take the unprocessed partial block left over from previous
Expand Down Expand Up @@ -3098,13 +3124,11 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,

if( ! operation->key_set )
{
status = PSA_ERROR_BAD_STATE;
goto error;
return( PSA_ERROR_BAD_STATE );
}
if( operation->iv_required && ! operation->iv_set )
{
status = PSA_ERROR_BAD_STATE;
goto error;
return( PSA_ERROR_BAD_STATE );
}

if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT &&
Expand Down