The big merge that makes t_cose 2.0 the main line #87
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Getting started on the 2.0 work. This adds completely new parameter handling to accommodate custom parameters and re-use of the parameter handling for COSE_Encrypt and COSE_Mac as well as parameters for COSE_Signature. The tbs functions are tweaked so they can be used for multiple signers with COSE_Sign. * Add in the new parameter handling code * New tbs_hash function; makefile fixes * couple more makefile fixes * Add API design; some parameter fixes Co-authored-by: Laurence Lundblade <[email protected]>
This is t_cose_sign (not t_cose_sign1 which it is to eventually replace). It supports both COSE_Sign and COSE_Sign1. It makes use of the new parameter handling functions so it supports custom parameters. This is in t_cose_parameters.h and is now public. This makes use of the abstract base class for COSE_Signature. This is in t_cose_signature_sign. There is one concrete instkantation of t_cose_signature_sign which is t_cose_signature_sign_ecdsa. No work was done on the verification side yet. The old t_cose_sign1 is still present. * Add in the new parameter handling code * New tbs_hash function; makefile fixes * couple more makefile fixes * Add API design; some parameter fixes * First version of COSE_Sign + COSE_Sign1 * Seems to be working... * Fix erroneous include * add inline declaration to fix warning * Fix return type for a few tests * Add new source files to cmake Co-authored-by: Laurence Lundblade <[email protected]>
This is the new verify API for multiple recipients. Supports COSE_Sign, COSE_Sign1 and COSE_Signatures. Code is running, but lots of testing is needed. * The new COSE verify is mostly working * add some more crude documentation * Improve makefile * Clean up the Makefile * More makefile fixes * Update copyright (and trigger re test in CI) Co-authored-by: Laurence Lundblade <[email protected]>
Co-authored-by: Laurence Lundblade <[email protected]>
This improves the new API for signing and adds a lot of documentation. * Simplified and improved signing API * Documentation clean up * More documentation improvements Co-authored-by: Laurence Lundblade <[email protected]>
New more flexible algorithm variability strategy for t_cose 2.0 -- how to link or not link algorithms in libraries that are available or not available... * Add t_cose_is_algorithm_supported() * Readme improvements; test conditional on run time * discuss omitting algorithms * Fix use of the CRYPTO_DISABLE macros Co-authored-by: Laurence Lundblade <[email protected]>
Co-authored-by: Laurence Lundblade <[email protected]>
This picks up a particular version of Mbedtls that supports HPKE that is not yet part of the mainline. * Build CI with HPKE mbedtls PR Bring in PR 5078 from MbedTLS to build CI. This builds this version with -DTEST_HPKE in the cmake invocation. * Make generated files in mbed TLS The released versions of mbed TLS contain various generated files which are missing in pull request branches. Generate these so that they will always be present. * Try only generating files for mbed TLS on branch Only run the generated files target when fetching the branch. * Try fix for build issue Instead of pulling in the crypto version, pull in one that fixes the build error. * Install jinja2 Newer versions of mbed TLS have a python dependency on this package. * Fix cmake invocation syntax Symbols must have values.
src/t_cose_sign_sign.c
Outdated
|
|
||
|
|
||
| /* --- Add the CBOR tag indicating COSE_Sign1 --- */ | ||
| if(!(me->option_flags & T_COSE_OPT_OMIT_CBOR_TAG)) { |
There was a problem hiding this comment.
The problem with this if-clause is that it does not create COSE_SIGN-tagged structures. Change it to:
if(!(me->option_flags & T_COSE_OPT_OMIT_CBOR_TAG)) { if(me->option_flags & T_COSE_OPT_COSE_SIGN1) { QCBOREncode_AddTag(cbor_encode_ctx, CBOR_TAG_COSE_SIGN1); } else { QCBOREncode_AddTag(cbor_encode_ctx, CBOR_TAG_COSE_SIGN); } }
This is a large change that introduces support for COSE_Mac0. This is merged to get it into the main dev code line sooner rather than later. Various follow up issues will be filed. * Fix PSA 1.0 alignment Replace internal type definiton with public one: - mbedtls_svc_key_id_t -> psa_key_handle_t Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I94f2e8c5df4a75c8b9653dae3a376f708431861a * Add COSE_Mac0 support COSE_Mac0 support is already available in the forked version of t_cose in the TF-M project: https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/lib/ext/t_cose Co-authored-by: David Hu <[email protected]> Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I7a8d04e4d8de3028acb9e1c879cd9997334fdf41 * Adds t_cose_mac0_sign to mac0 API Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I6422735e14a8da9ed454301f21ca7c42d5db27eb * Adds tests for COSE_Mac0 t_cose_sign_verify_mac0_test.h/c was derived from t_cose_sign_verify_test.h/c Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Idfa7bf624ca7cf825fe5a823c0f83c5bdc918481 * Generalizes function name Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I05d8ff40bfcf709ccec39a5efb5f19bdc63690aa * Allows for disabling sign1 Sign1 functionality can be disabled to reduce the program size. Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Id458c0e67c27eab7c8af44ef1a97b02038805c9f * Renames t_cose_mac0_* to t_cose_mac_* Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Iae2d744d30beb3ec135f91bd10378f940872d553 * Removes unnecessary ifs Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I7027110479d0aa6b876450f0dcd8894351a67815 * Resolves conflict marker Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I01bf68acb56a6f7a9c20f8348bd7d8c82aae1c21 * Moves function from common to util Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I3763605994b32a9e667773798452479e1612f967 * Adds aad and detached to sign mac API Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I1513c994aaa8391006416e9f6e372230476f1ef5 * Fixes return values in mac test Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I8ff585dd89ded68b826ddc72b85da3ea58dc8dcd * Adds tstr make header param macro Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Id682df2dc5c91f6ac9a8f53848d22e98da6fa816 * Updates mac sign to new parameter encoding API Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I29ece54d96eb2d986bb9b5ccbb1b7aff4761ad7e * Changes SIGN1 to MAC0 in process_tags Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Ief581eb3a6a488040dba3ec43cc3d665077360fa * Adds missing include Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I1288ef94bfb3de53815346b52d39f75187f5f8b8 * Moves num headers definition to common file Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I1381bc69c99f0fb7d54bcdb27c9ced1662287268 * Updates mac verify to new parameter decoding API Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Ibac865a7f23d7a0f67e2702d95aafb23c97fdb4c * Adds aad and detached to verify api Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I4c400adf51291fb969f32be8c58368a2ea4c1ff3 * Removes short circuit from mac Signed-off-by: Adam Kulesza <[email protected]> Change-Id: If0f857937d373c1272f8567d5511692e63482d5a * Converts all cose_alg parameters to uint32_t Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Ifbca08e0b988a43ad7b6a6c70cbbacb344bbb77f * Renames mac sign functions and struct to mac compute Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Icbff801626418585981d2b65de33804f77902852 * Renames mac sign files to mac compute Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I9c32ef2104cb719208a82f07e908d9d8a8ecb482 * Renames mac verify functions and struct to mac validate Change-Id: I0d58dc75b7ea0fc2fd6de96c84de5ae829d7ea85 Signed-off-by: Adam Kulesza <[email protected]> * Renames mac verify files to mac validate Change-Id: I2b2aa7a2c6613bd7f4d62a782195b7fa5fbf71ac Signed-off-by: Adam Kulesza <[email protected]> * Removes unnecessary include Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I96aa95be1764538efc8b4a090415f06b350cf24f * Renames mac test file Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Ia8b760ec06c82db004a4db5f255df265aa9cc086 * Changes params size to correct definition Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I437d6fb4dfc18c598bbe4278bad51bf746b1be23 * Fixes returning stack variable address Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Ie3fa2bdd2b1cf4677b105420245cf59091ea7c70 * Converts option_flags to uint32_t in mac struct Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I9f14cfd6f276dff190413125662bc48f7afcff96 * Removes unused variable and label warnings Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I1c4dd88963446523a2d3fc43dfde3c21336dcc5b * Removes empty array initializer warning Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Ic97e8cd4ead66daa57642bd3083e2f75f6c5c27a * Removes wrong type warnings Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Iebaf0be2d7be1f44aae643d5d4982012aefbb0ca * Adds void argument to prevent warnings Signed-off-by: Adam Kulesza <[email protected]> Change-Id: Id2780a4f059bf2e916c5ccb4fd900eb4d0ca4ebf * Moves params to validate context struct Signed-off-by: Adam Kulesza <[email protected]> Change-Id: I977afeba4e2a6d858e78ba110883db9842f5dbba * Adds mac files to CMakeLists.txt Change-Id: I6cd83499c9d9fef27085cd736ef2025a2a2bcdbb Signed-off-by: Adam Kulesza <[email protected]> * Disables mac for unsupported crypto providers Change-Id: I5380e2b193e27f2dd2c00b7b1e166ee64a2103f8 Signed-off-by: Adam Kulesza <[email protected]> * Adds mac test file to test src Change-Id: I52fc4009182609e1e9a55af89a0d816386cfd229 Signed-off-by: Adam Kulesza <[email protected]> * Updates t_cose_mac_compute_private comment Change-Id: I4d08f1c29e642c4ca646050d7d447045bc6d1ed4 Signed-off-by: Adam Kulesza <[email protected]> Signed-off-by: Adam Kulesza <[email protected]> Signed-off-by: Adam Kulesza <[email protected]> Co-authored-by: Tamas Ban <[email protected]> Co-authored-by: David Hu <[email protected]> Co-authored-by: Adam Kulesza <[email protected]>
Co-authored-by: Laurence Lundblade <[email protected]>
The t_cose_sign1 implementation now rests on the t_cose_sign implementation. This PR also fixes a bunch of bugs in t_cose_sign to the point that it mostly works properly for COSE_SIgn1. It doesn't work properly for COSE_Sign yet. This PR fixes a bunch of bugs in header parameter encoding and decoding, something that Mac and Encrypt will make use of. Also, some tests are not passing. They are disabled. They will be fixed on a more incremental pace. * t_cose_sign1 build on top of t_cose_sign * signing compatibility layer is passing most tests * compatibility mode tests passing; dup encode param detection * Checkpoint COSE_Sign1 compatibility layer * checkpoint compatibiliy work -- tests are passing * add files to CMakeLists * Check point work on option flags * tdv tests passing * Fixes for parameter look up functions Co-authored-by: Laurence Lundblade <[email protected]>
* Checkpoint parameters work and more... * Parameter work checkpoing -- big rename and encode tests mostly finished and passing * check point parameter work * Add a bunch of parameter tests * Parameter documentation clean up and lots more... * Add tests of find_xxx and MAKE_xx for params * Add some more tests * Fix some warnings * The t_cose_make_xxx_parameter now works for c++ * Parameters lists are linked lists rather than arrays and vectors of arrays * make t_cose_standard_constants public * unify / rename all the standard constants * straggler missing include * Last clean up odds and ends Co-authored-by: Laurence Lundblade <[email protected]>
Supports direct, key wrap and and an early version of HPKE. Still needs test. Changes in the encrypt API are expected. * Checkpoint -- compiling and linking * Add the example file (missed in previous commits) * Mostly passing the all the tests now * tdv tests passing, no more compiler warnings * fix long lines and formatting * Fix line endings; no other change * Disable HPKE in Makefile, other tweaks * Clean a few unnecessary changes * reverse more unnecessary changes * Disable HPKE in X Code project * option to disable AES KW * hacking CI, does mbed 2.28 work? * CI hacking disable KW in cmake * More disabling of key wrap * CI hacking -- try to disable AES * CI hacking -- syntax error * Straggler nits * Update readme Co-authored-by: Laurence Lundblade <[email protected]>
This doesn't change any code other than a few renames. This is improvements in documentation and code comments for signing. There's still a ways to go on documentation, but this is still a big step forward. * Lots of documentation improvements for signing * More documentation and related changes * More documentation and comment improvements Co-authored-by: Laurence Lundblade <[email protected]>
RFC 8152 is obsolete now, it has been replaced by RFC 9052 and 9053. Change-Id: Ic959050b12cda15999160795263863eccf04d28f Signed-off-by: David Vincze <[email protected]> Signed-off-by: David Vincze <[email protected]>
Use lower case q_useful_buf type instead of UsefulBuf in Mac0 code. Use the matching style Q_USEFUL_BUF_MAKE_STACK_UB and NULL_Q_USEFUL_BUF* macros in the code for consistency. Change-Id: Ied28c58a85c4dbc464372457b97868810e767fe5 Signed-off-by: David Vincze <[email protected]> Signed-off-by: David Vincze <[email protected]>
The make files were out of date for installation of all the new stuff in dev. This PR also cleans up a bunch of formatting. Thank you Ken! * add: headers to be installed * refactor: Makefile.(psa|ossl) * ignore: psa examples
This is just naming changes, no semantic changes. It aligns to the use of "compute" and "validate" for HMAC operations rather than "sign" and "verify" that might be confused with COSE_Sign. * Align Mac0 function names to convention - align MAC function names to convention - fix alignment differences in MAC code for consistency and better readability Change-Id: I587fca31a21da310e1442a6696a83ce0c51ed89e Signed-off-by: David Vincze <[email protected]> * Align Mac0 test function names to convention Change-Id: Ie6dee86581f60e993050f259b9e76b56c411128b Signed-off-by: David Vincze <[email protected]> * Correct algorithm/key parameters in Mac0 code - The algorithm IDs are int32_t parameters in the code, update Mac0 code sections to be consistent, - HMAC uses symmetric keys, therefore the "key_pair" naming is misleading in the code. Change-Id: Idf6b127a8ed243f4a70d9f64332330c696eb96bb Signed-off-by: David Vincze <[email protected]> Signed-off-by: David Vincze <[email protected]>
Add HMAC algorithms to the list of supported algorithms to be able to query whether a particular one is supported or not - the t_cose tests are actively using this feature. These lists vary per crypto libraries. Change-Id: I75a5e4ea2dae7a3b0ee9ebebe8a1294a21334466 Signed-off-by: David Vincze <[email protected]> Signed-off-by: David Vincze <[email protected]>
Brings in support for RSA and EdDSA signing from the main branch. Rename the ECDSA signer/verifier to "main" as it handles RSA and ECDSA. EdDSA is in a separate signer/verifier. Short-circuit is no longer a fake mode of ECDSA keying off a special key ID or a signer/verifier of its own. It is now what the test crypto uses for signing. It has its own algorithm ID and is invoked by algorithm ID. It is supported by the "main" signer, but only when test crypto is used. Many test cases were upgraded so they run with real crypto instead of only with short-circuit signatures. This increases test coverage when test crypto is used. Interface change to signer/verifiers so that the full option flag set is passed to them. This is a fairly large PR that touches a lot of files. * Fix include directory ordering in Makefile.test * Add support for RSASSA-PSS signatures. (#90) This is described in RFC8230. Both OpenSSL and MbedTLS support is added. The test suite includes some sign/verify self-tests, along with some "known good" signatures, that are verified. As additional confirmation, I've made sure the signatures produced by t_cose could be verified by the pycose library, and vice-versa. Reduces stack requirement for ECDSA signature by making use of OpenBytes API in QCBOR 1.1. * Address CR comments. * Fix formatting of known good signatures. * Fix RSASSA-PSS warnings * Fix warnings * Fix some makefile and test. * Fix more warnings * Add pragmas to ignore Wcast-qual on OpenSSL calls. * Remove extraneous includes. * Add check for QCBOR1.1 * Update README Co-authored-by: Paul Liétar <[email protected]> * Add Paul Liétar to credits * Fix rarely occuring memory leak (#94) Co-authored-by: Laurence Lundblade <[email protected]> * Add EdDSA signatures support. (#92) Support for EdDSA signature is added for PSA and OpenSSL crypto. Thanks Paul! * A few straggler nits from EdDSA addition (#98) Co-authored-by: Laurence Lundblade <[email protected]> * checkpoint -- most tests are passing now * Fix the cmake file * All tests passing, but still work to do.... * All tests passing * Short circuit signer now part of the main signer * Remove short from cmake * Another cmake fix * Tody cwt test; will it fix CI issue? * Cmake fixes for CI * rename ecdsa signer/verifier to main * Fix installation of eddsa related headers * More minor tweaks and fixes * fix compiler warnings; add signature header for eddsa * documentation and formatting Co-authored-by: Laurence Lundblade <[email protected]> Co-authored-by: Paul Liétar <[email protected]> Co-authored-by: Paul Liétar <[email protected]>
* Use struct instead of 4 params for sig input and save 100's of bytes * Documentation and formatting Co-authored-by: Laurence Lundblade <[email protected]>
* improve signer/verifier interface * A little formatting Co-authored-by: Laurence Lundblade <[email protected]>
A crypto context (a pointer to a structure) can be passed from the public interface to the crypto adapter to accommodate special configuration of the crypto library, returning other data from the crypto library or tracking special state in the crypto library. This context is specific to the particular crypto library. The plan is that this will be used for crypto restart (the public key crypto will yield part way through the operation when it is running at an elevated priority). * Add crypto context pointer for signing * documentation; remove crypto_context from eddsa * Comment block formatting Co-authored-by: Laurence Lundblade <[email protected]>
No functional change, just lots of documentation change and better naming for function names, types and variables. Co-authored-by: Laurence Lundblade <[email protected]>
This makes the HPKE implementation part of the t_cose source, not something supplied by the crypto library. HPKE still relies on a crypto library for the underlying diffie helman, HKDF and such. This is a crude first pass only for PSA. It needs to have the crypto adapter layer augmented so t_cose can support HPKE with OpenSSL (in fact this HPKE code started out in the OpenSSL library). It still has compiler warnings and other issues. There is no test other than running the example code. This PR also fixes key handle memory leaks in encryption. * Make hpke part of t_cose * Makefile and conditional fixes for CI tests * remove use of md.h * disable hpke for test crypto * remove ref to mbedtls/build_info.h Co-authored-by: Laurence Lundblade <[email protected]>
Co-authored-by: Laurence Lundblade <[email protected]>
Fix #251 * Fix EdDSA aux buf size calc * Tidy up the size test case --------- Co-authored-by: Laurence Lundblade <[email protected]>
No semantic or behavior changes here. Just reducing long lines to get to the 2% limit. Get rid of tabs and trailing spaces. Fixed a few obscure warnings too. * Line lengths, tabs, space (no behavior change) * Forgot * Fix a few warnings, lots of line lengths --------- Co-authored-by: Laurence Lundblade <[email protected]>
Add missing goto to t_cose_crypto_sign_restart for PSA crypto adapter when crypto_context is NULL. Change-Id: Ia89c2eb772d9f9cd597a6288286e28b3393d7564 Signed-off-by: Mate Toth-Pal <[email protected]>
This completes work on the KDF context, PartyU, PartyV and such. It also adds support for the salt. There's a big recommendation for what to do with the KDF context. This also fixes a big leak of t_cose_keys for encryption. This also tidy's up the encryption code some. * KDF context tests mostly done and passing * Documentation improvement * Fix big memory/key leak; tests now running * Fix minor test stuff caught in CI * A few documentation tweaks --------- Co-authored-by: Laurence Lundblade <[email protected]>
Fix ECDH encrypt bug (pub and priv key were reversed)
Use COSE Example keys more completely
Examples import public key separately from private key to match reality of use in examples
Add some encrypt-decrypt testing
Add long discussion about EC key formats
* Bug fix in ECDH encrypt; clean up ossl key import
* Get the 521 cose ex key working
* More tidiness
* disable enc_dec test for Mbed TLS 2.28 -- no KW
* fixes
* More documentation how/why key formats
---------
Co-authored-by: Laurence Lundblade <[email protected]>
* Fix intermediate MAC_structure in Mac0 computation Fix Mac0 implementation, the context field of the intermediate MAC_structure (ToBeMaced) must be a text string instead of a byte string. See: RFC 8152 section-6.3 Change-Id: I35e812c32d827d8f071bb7961de1679fb3bd672e Signed-off-by: David Vincze <[email protected]> * Do not include 'kid' parameter in Mac0 when it is omitted Previously an empty byte string was added to the Mac0 structure when the Key ID parameter was omitted (which is an option). Change-Id: Ibc2575da1c60dd8905b68e6c271c490a61891ff9 Signed-off-by: David Vincze <[email protected]> * Add Mac0 test case to verify against external example Change-Id: Icb261e1fa80f62b1caf6dc76d4aad7cbcbdeb84a Signed-off-by: David Vincze <[email protected]> --------- Signed-off-by: David Vincze <[email protected]>
* Add version number and update readme for alpha * Readme update * rewording; contributors --------- Co-authored-by: Laurence Lundblade <[email protected]>
…ONLY (#257) This is a major change to the internal way COSE_Sign is processed. No big API changes. Verifier objects no longer need to decode COSE_Signatures and are half as complex as before. The COSE_SIgnature decoding is centralized. This also allows DECODE_ONLY with no verifiers (as long as COSE_Signatures don't use non-string or integer headers or need buffer size calculations). Tests for DECODE_ONLY with multiple signatures * Might fix aux buf size calc for multiple signatures * Rework multiple COSE_Signatures * Remove files that shouldn't have been added * Documentation and clean up --------- Co-authored-by: Laurence Lundblade <[email protected]>
Co-authored-by: Laurence Lundblade <[email protected]>
Co-authored-by: Laurence Lundblade <[email protected]>
* Support for empty protected headers * decoding/encoding of unprotected alg id param * documentation formatting --------- Co-authored-by: Laurence Lundblade <[email protected]>
Documentation for sign is improved Comments for sign implementation improved Rename "aad" to "ext_sup_data" in the interface to align with 4.3 in RFC 9052. Improved error reporting for signing.
Better testing for decryption. Better error reporting for decryption failures. New general test mechanism for testing against COSE messages specified in diag. * Add decryption fail tests plus bug fixes * Straggler makefile * Straggler makefile * Fix merge error; other clean up --------- Co-authored-by: Laurence Lundblade <[email protected]>
Initialise the PSA signing context in the PSA crypto adapter when the restartable signing API called with started==false. Change-Id: I9f5c40d2908f1cd32aa35b8d9562b63873d21471
Co-authored-by: Laurence Lundblade <[email protected]>
* add: AES-CTR and AES-CBC mode * add: AES-CTR and AEC-CBC tests * update: skip decrypt_known_good_aeskw_non_aead_test() with MbedTLS 2.28 * add: non_aead functions to test_crypto * update: returns T_COSE_ERR_AAD_WITH_NON_AEAD if necessary * update: confirm that the t_cose_encrypt_enc returns T_COSE_ERR_AAD_WITH_NON_AEAD for AES-CTR and AES-CBC * update: move all params to unprotected header only for non AEAD * add: enc-dec test for AES-CTR and AES-CBC * update: allow algorithm id in unprotected header * fix: t_cose_param_find_alg_id_unprot * del: unused variable dummy_length * del: psa_crypto_init() * add: appropriate cast * fix: typo * update: AES-KW + non AEAD test binary * update: move AES-CTR and AES-CBC test case into test/data/*diag * fix: nit
* Further non-aead fixes * Encrypt0 tests with non-aead * Remove some #if'd junk --------- Co-authored-by: Laurence Lundblade <[email protected]>
Co-authored-by: Laurence Lundblade <[email protected]>
Co-authored-by: Laurence Lundblade <[email protected]>
* More rework for empty protected headers * Test and key wrap fixes * Fix check for alt empty parameters form --------- Co-authored-by: Laurence Lundblade <[email protected]>
* Finish of ext sup data (aad) for MAC * Formatting and documentation --------- Co-authored-by: Laurence Lundblade <[email protected]>
Co-authored-by: Laurence Lundblade <[email protected]>
This adds test coverage for most things that can go wrong with a COSE_Encrypt and fixes the error handling for these things. The shell script that processes diag into test input is improved. * More tests and error handling fixes for COSE_Encrypt * Fill out error handling for COSE_Encrypt decoding * Fix left over merge issue * Add .diag files to Xcode project * error checking in script for making test messages * Describe test cases; fix rcpt test case; rename some * straggler files --------- Co-authored-by: Laurence Lundblade <[email protected]>
* Rework of crypto adaptor layer for MAC * A little more tidying up * Improve comments; re order * More code formatting and comments * More code formatting and comments * More code formatting and comments --------- Co-authored-by: Laurence Lundblade <[email protected]>
* fix: IV size for AES-GCM * del: IV size for AES-KW
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This merge won't happen until 2.0 is in good shape. Probably late 2022 or maybe 2023. The PR is to be able to see the diff easily.