Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

The big merge that makes t_cose 2.0 the main line #87

Open
wants to merge 135 commits into
base: master
Choose a base branch
from

Conversation

laurencelundblade
Copy link
Owner

This merge won't happen until 2.0 is in good shape. Probably late 2022 or maybe 2023. The PR is to be able to see the diff easily.

Laurence Lundblade and others added 8 commits July 14, 2022 16:39
Getting started on the 2.0 work. This adds completely new parameter handling to accommodate custom parameters and re-use of the parameter handling for COSE_Encrypt and COSE_Mac as well as parameters for COSE_Signature.

The tbs functions are tweaked so they can be used for multiple signers with COSE_Sign.

* Add in the new parameter handling code

* New tbs_hash function; makefile fixes

* couple more makefile fixes

* Add API design; some parameter fixes

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
This is t_cose_sign (not t_cose_sign1 which it is to eventually replace). It supports both COSE_Sign and COSE_Sign1.

It makes use of the new parameter handling functions so it supports custom parameters. This is in t_cose_parameters.h and is now public. 

This makes use of the abstract base class for COSE_Signature. This is in t_cose_signature_sign. 

There is one concrete instkantation of t_cose_signature_sign which is t_cose_signature_sign_ecdsa.

No work was done on the verification side yet.

The old t_cose_sign1 is still present.

* Add in the new parameter handling code

* New tbs_hash function; makefile fixes

* couple more makefile fixes

* Add API design; some parameter fixes

* First version of COSE_Sign + COSE_Sign1

* Seems to be working...

* Fix erroneous include

* add inline declaration to fix warning

* Fix return type for a few tests

* Add new source files to cmake

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
This is the new verify API for multiple recipients. Supports COSE_Sign, COSE_Sign1 and COSE_Signatures.

Code is running, but lots of testing is needed.

* The new COSE verify is mostly working

* add some more crude documentation

* Improve makefile

* Clean up the Makefile

* More makefile fixes

* Update copyright (and trigger re test in CI)

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
This improves the new API for signing and adds a lot of documentation.


* Simplified and improved signing API

* Documentation clean up

* More documentation improvements

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
New more flexible algorithm variability strategy for t_cose 2.0 -- how to link or not link algorithms in libraries that are available or not available...

* Add t_cose_is_algorithm_supported()

* Readme improvements; test conditional on run time

* discuss omitting algorithms

* Fix use of the CRYPTO_DISABLE macros

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
This picks up a particular version of Mbedtls that supports HPKE that is not yet part of the mainline. 

* Build CI with HPKE mbedtls PR

Bring in PR 5078 from MbedTLS to build CI.  This builds this version
with -DTEST_HPKE in the cmake invocation.

* Make generated files in mbed TLS

The released versions of mbed TLS contain various generated files which
are missing in pull request branches.  Generate these so that they will
always be present.

* Try only generating files for mbed TLS on branch

Only run the generated files target when fetching the branch.

* Try fix for build issue

Instead of pulling in the crypto version, pull in one that fixes the
build error.

* Install jinja2

Newer versions of mbed TLS have a python dependency on this package.

* Fix cmake invocation syntax

Symbols must have values.


/* --- Add the CBOR tag indicating COSE_Sign1 --- */
if(!(me->option_flags & T_COSE_OPT_OMIT_CBOR_TAG)) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The problem with this if-clause is that it does not create COSE_SIGN-tagged structures. Change it to:

if(!(me->option_flags & T_COSE_OPT_OMIT_CBOR_TAG)) {
    if(me->option_flags & T_COSE_OPT_COSE_SIGN1) {
        QCBOREncode_AddTag(cbor_encode_ctx, CBOR_TAG_COSE_SIGN1);
    } else
    {
        QCBOREncode_AddTag(cbor_encode_ctx, CBOR_TAG_COSE_SIGN);
    }
}

adam2809 and others added 19 commits September 10, 2022 02:04
This is a large change that introduces support for COSE_Mac0.

This is merged to get it into the main dev code line sooner rather than later. Various follow up issues will be filed.


* Fix PSA 1.0 alignment

Replace internal type definiton with public one:
- mbedtls_svc_key_id_t -> psa_key_handle_t

Signed-off-by: Adam Kulesza <adam.kulesza@arm.com>
Change-Id: I94f2e8c5df4a75c8b9653dae3a376f708431861a

* Add COSE_Mac0 support

COSE_Mac0 support is already available in the forked
version of t_cose in the TF-M project:
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/lib/ext/t_cose

Co-authored-by: David Hu <david.hu@arm.com>
Signed-off-by: Adam Kulesza <adam.kulesza@arm.com>
Change-Id: I7a8d04e4d8de3028acb9e1c879cd9997334fdf41

* Adds t_cose_mac0_sign to mac0 API

Signed-off-by: Adam Kulesza <adam.kulesza@arm.com>
Change-Id: I6422735e14a8da9ed454301f21ca7c42d5db27eb

* Adds tests for COSE_Mac0

t_cose_sign_verify_mac0_test.h/c was derived from
t_cose_sign_verify_test.h/c

Signed-off-by: Adam Kulesza <adam.kulesza@arm.com>
Change-Id: Idfa7bf624ca7cf825fe5a823c0f83c5bdc918481

* Generalizes function name

Signed-off-by: Adam Kulesza <adam.kulesza@arm.com>
Change-Id: I05d8ff40bfcf709ccec39a5efb5f19bdc63690aa

* Allows for disabling sign1

Sign1 functionality can be disabled to reduce
the program size.

Signed-off-by: Adam Kulesza <adam.kulesza@arm.com>
Change-Id: Id458c0e67c27eab7c8af44ef1a97b02038805c9f

* Renames t_cose_mac0_* to t_cose_mac_*

Signed-off-by: Adam Kulesza <adam.kulesza@arm.com>
Change-Id: Iae2d744d30beb3ec135f91bd10378f940872d553

* Removes unnecessary ifs

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I7027110479d0aa6b876450f0dcd8894351a67815

* Resolves conflict marker

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I01bf68acb56a6f7a9c20f8348bd7d8c82aae1c21

* Moves function from common to util

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I3763605994b32a9e667773798452479e1612f967

* Adds aad and detached to sign mac API

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I1513c994aaa8391006416e9f6e372230476f1ef5

* Fixes return values in mac test

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I8ff585dd89ded68b826ddc72b85da3ea58dc8dcd

* Adds tstr make header param macro

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: Id682df2dc5c91f6ac9a8f53848d22e98da6fa816

* Updates mac sign to new parameter encoding API

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I29ece54d96eb2d986bb9b5ccbb1b7aff4761ad7e

* Changes SIGN1 to MAC0 in process_tags

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: Ief581eb3a6a488040dba3ec43cc3d665077360fa

* Adds missing include

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I1288ef94bfb3de53815346b52d39f75187f5f8b8

* Moves num headers definition to common file

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I1381bc69c99f0fb7d54bcdb27c9ced1662287268

* Updates mac verify to new parameter decoding API

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: Ibac865a7f23d7a0f67e2702d95aafb23c97fdb4c

* Adds aad and detached to verify api

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I4c400adf51291fb969f32be8c58368a2ea4c1ff3

* Removes short circuit from mac

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: If0f857937d373c1272f8567d5511692e63482d5a

* Converts all cose_alg parameters to uint32_t

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: Ifbca08e0b988a43ad7b6a6c70cbbacb344bbb77f

* Renames mac sign functions and struct to mac compute

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: Icbff801626418585981d2b65de33804f77902852

* Renames mac sign files to mac compute

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I9c32ef2104cb719208a82f07e908d9d8a8ecb482

* Renames mac verify functions and struct to mac validate

Change-Id: I0d58dc75b7ea0fc2fd6de96c84de5ae829d7ea85
Signed-off-by: Adam Kulesza <adam.kule@gmail.com>

* Renames mac verify files to mac validate

Change-Id: I2b2aa7a2c6613bd7f4d62a782195b7fa5fbf71ac
Signed-off-by: Adam Kulesza <adam.kule@gmail.com>

* Removes unnecessary include

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I96aa95be1764538efc8b4a090415f06b350cf24f

* Renames mac test file

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: Ia8b760ec06c82db004a4db5f255df265aa9cc086

* Changes params size to correct definition

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I437d6fb4dfc18c598bbe4278bad51bf746b1be23

* Fixes returning stack variable address

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: Ie3fa2bdd2b1cf4677b105420245cf59091ea7c70

* Converts option_flags to uint32_t in mac struct

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I9f14cfd6f276dff190413125662bc48f7afcff96

* Removes unused variable and label warnings

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I1c4dd88963446523a2d3fc43dfde3c21336dcc5b

* Removes empty array initializer warning

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: Ic97e8cd4ead66daa57642bd3083e2f75f6c5c27a

* Removes wrong type warnings

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: Iebaf0be2d7be1f44aae643d5d4982012aefbb0ca

* Adds void argument to prevent warnings

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: Id2780a4f059bf2e916c5ccb4fd900eb4d0ca4ebf

* Moves params to validate context struct

Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Change-Id: I977afeba4e2a6d858e78ba110883db9842f5dbba

* Adds mac files to CMakeLists.txt

Change-Id: I6cd83499c9d9fef27085cd736ef2025a2a2bcdbb
Signed-off-by: Adam Kulesza <adam.kule@gmail.com>

* Disables mac for unsupported crypto providers

Change-Id: I5380e2b193e27f2dd2c00b7b1e166ee64a2103f8
Signed-off-by: Adam Kulesza <adam.kule@gmail.com>

* Adds mac test file to test src

Change-Id: I52fc4009182609e1e9a55af89a0d816386cfd229
Signed-off-by: Adam Kulesza <adam.kule@gmail.com>

* Updates t_cose_mac_compute_private comment

Change-Id: I4d08f1c29e642c4ca646050d7d447045bc6d1ed4
Signed-off-by: Adam Kulesza <adam.kule@gmail.com>

Signed-off-by: Adam Kulesza <adam.kulesza@arm.com>
Signed-off-by: Adam Kulesza <adam.kule@gmail.com>
Co-authored-by: Tamas Ban <tamas.ban@arm.com>
Co-authored-by: David Hu <david.hu@arm.com>
Co-authored-by: Adam Kulesza <adam.kulesza@arm.com>
Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
The t_cose_sign1 implementation now rests on the t_cose_sign implementation.  This PR also fixes a bunch of bugs in t_cose_sign to the point that it mostly works properly for COSE_SIgn1. It doesn't work properly for COSE_Sign yet.

This PR fixes a bunch of bugs in header parameter encoding and decoding, something that Mac and Encrypt will make use of.

Also, some tests are not passing. They are disabled.  They will be fixed on a more incremental pace.


* t_cose_sign1 build on top of t_cose_sign

* signing compatibility layer is passing most tests

* compatibility mode tests passing; dup encode param detection

* Checkpoint COSE_Sign1 compatibility layer

* checkpoint compatibiliy work -- tests are passing

* add files to CMakeLists

* Check point work on option flags

* tdv tests passing

* Fixes for parameter look up functions

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
* Checkpoint parameters work and more...

* Parameter work checkpoing -- big rename and encode tests mostly finished and passing

* check point parameter work

* Add a bunch of parameter tests

* Parameter documentation clean up and lots more...

* Add tests of find_xxx and MAKE_xx for params

* Add some more tests

* Fix some warnings

* The t_cose_make_xxx_parameter now works for c++

* Parameters lists are linked lists rather than arrays and vectors of arrays

* make t_cose_standard_constants public

* unify / rename all the standard constants

* straggler missing include

* Last clean up odds and ends

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Supports direct, key wrap and and an early version of HPKE. Still needs test. Changes in the encrypt API are expected.


* Checkpoint -- compiling and linking

* Add the example file (missed in previous commits)

* Mostly passing the all the tests now

* tdv tests passing, no more compiler warnings

* fix long lines and formatting

* Fix line endings; no other change

* Disable HPKE in Makefile, other tweaks

* Clean a few unnecessary changes

* reverse more unnecessary changes

* Disable HPKE in X Code project

* option to disable AES KW

* hacking CI, does mbed 2.28 work?

* CI hacking disable KW in cmake

* More disabling of key wrap

* CI hacking -- try to disable AES

* CI hacking -- syntax error

* Straggler nits

* Update readme

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
This doesn't change any code other than a few renames. This is improvements in documentation and code comments for signing. There's still a ways to go on documentation, but this is still a big step forward.


* Lots of documentation improvements for signing

* More documentation and related changes

* More documentation and comment improvements

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
RFC 8152 is obsolete now, it has been
replaced by RFC 9052 and 9053.

Change-Id: Ic959050b12cda15999160795263863eccf04d28f
Signed-off-by: David Vincze <david.vincze@arm.com>

Signed-off-by: David Vincze <david.vincze@arm.com>
Use lower case q_useful_buf type instead of UsefulBuf in Mac0 code.
Use the matching style Q_USEFUL_BUF_MAKE_STACK_UB and
NULL_Q_USEFUL_BUF* macros in the code for consistency.

Change-Id: Ied28c58a85c4dbc464372457b97868810e767fe5
Signed-off-by: David Vincze <david.vincze@arm.com>

Signed-off-by: David Vincze <david.vincze@arm.com>
The make files were out of date for installation of all the new stuff in dev.  This PR also cleans up a bunch of formatting.  Thank you Ken!

* add: headers to be installed

* refactor: Makefile.(psa|ossl)

* ignore: psa examples
This is just naming changes, no semantic changes. It aligns to the use of "compute" and "validate" for HMAC operations rather than "sign" and "verify" that might be confused with COSE_Sign.

* Align Mac0 function names to convention

- align MAC function names to convention
- fix alignment differences in MAC code for
  consistency and better readability

Change-Id: I587fca31a21da310e1442a6696a83ce0c51ed89e
Signed-off-by: David Vincze <david.vincze@arm.com>

* Align Mac0 test function names to convention

Change-Id: Ie6dee86581f60e993050f259b9e76b56c411128b
Signed-off-by: David Vincze <david.vincze@arm.com>

* Correct algorithm/key parameters in Mac0 code

- The algorithm IDs are int32_t parameters in the code,
  update Mac0 code sections to be consistent,
- HMAC uses symmetric keys, therefore the "key_pair"
  naming is misleading in the code.

Change-Id: Idf6b127a8ed243f4a70d9f64332330c696eb96bb
Signed-off-by: David Vincze <david.vincze@arm.com>

Signed-off-by: David Vincze <david.vincze@arm.com>
Add HMAC algorithms to the list of supported algorithms
to be able to query whether a particular one is supported
or not - the t_cose tests are actively using this feature.
These lists vary per crypto libraries.

Change-Id: I75a5e4ea2dae7a3b0ee9ebebe8a1294a21334466
Signed-off-by: David Vincze <david.vincze@arm.com>

Signed-off-by: David Vincze <david.vincze@arm.com>
Brings in support for RSA and EdDSA signing from the main branch.

Rename the ECDSA signer/verifier to "main" as it handles RSA and ECDSA. EdDSA is in a separate signer/verifier.

Short-circuit is no longer a fake mode of ECDSA keying off a special key ID or a signer/verifier of its own. It is now what the test crypto uses for signing. It has its own algorithm ID and is invoked by algorithm ID. It is supported by the "main" signer, but only when test crypto is used.

Many test cases were upgraded so they run with real crypto instead of only with short-circuit signatures. This increases test coverage when test crypto is used.

Interface change to signer/verifiers so that the full option flag set is passed to them.

This is a fairly large PR that touches a lot of files.


* Fix include directory ordering in Makefile.test

* Add support for RSASSA-PSS signatures. (#90)

This is described in RFC8230. Both OpenSSL and MbedTLS support is added.

The test suite includes some sign/verify self-tests, along with some
"known good" signatures, that are verified. As additional confirmation,
I've made sure the signatures produced by t_cose could be verified by
the pycose library, and vice-versa.

Reduces stack requirement for ECDSA signature by making use of OpenBytes API in QCBOR 1.1.

* Address CR comments.

* Fix formatting of known good signatures.

* Fix RSASSA-PSS warnings

* Fix warnings

* Fix some makefile and test.

* Fix more warnings

* Add pragmas to ignore Wcast-qual on OpenSSL calls.

* Remove extraneous includes.

* Add check for QCBOR1.1

* Update README

Co-authored-by: Paul Liétar <lietarpaul@microsoft.com>

* Add Paul Liétar  to credits

* Fix rarely occuring memory leak (#94)

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>

* Add EdDSA signatures support. (#92)

Support for EdDSA signature is added for PSA and OpenSSL crypto.

Thanks Paul!

* A few straggler nits from EdDSA addition (#98)

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>

* checkpoint -- most tests are passing now

* Fix the cmake file

* All tests passing, but still work to do....

* All tests passing

* Short circuit signer now part of the main signer

* Remove short from cmake

* Another cmake fix

* Tody cwt test; will it fix CI issue?

* Cmake fixes for CI

* rename ecdsa signer/verifier to main

* Fix installation of eddsa related headers

* More minor tweaks and fixes

* fix compiler warnings; add signature header for eddsa

* documentation and formatting

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Co-authored-by: Paul Liétar <plietar@users.noreply.github.com>
Co-authored-by: Paul Liétar <lietarpaul@microsoft.com>
* Use struct instead of 4 params for sig input and save 100's of bytes

* Documentation and formatting

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
* improve signer/verifier interface

* A little formatting

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>

A crypto context (a pointer to a structure) can be passed from the public interface to the crypto adapter to accommodate special configuration of the crypto library, returning other data from the crypto library or tracking special state in the crypto library. This context is specific to the particular crypto library.

The plan is that this will be used for crypto restart (the public key crypto will yield part way through the operation when it is running at an elevated priority).

* Add crypto context pointer for signing

* documentation; remove crypto_context from eddsa

* Comment block formatting

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
No functional change, just lots of documentation change and better naming for function names, types and variables.


Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
This makes the HPKE implementation part of the t_cose source, not something supplied by the crypto library. HPKE still relies on a crypto library for the underlying diffie helman, HKDF and such.

This is a crude first pass only for PSA. It needs to have the crypto adapter layer augmented so t_cose can support HPKE with OpenSSL (in fact this HPKE code started out in the OpenSSL library). It still has compiler warnings and other issues. There is no test other than running the example code.

This PR also fixes key handle memory leaks in encryption.



* Make hpke part of t_cose

* Makefile and conditional fixes for CI tests

* remove use of md.h

* disable hpke for test crypto

* remove ref to mbedtls/build_info.h

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
laurencelundblade and others added 30 commits July 25, 2023 12:54
Fix #251

* Fix EdDSA aux buf size calc

* Tidy up the size test case

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
No semantic or behavior changes here. Just reducing long lines to get to the 2% limit. Get rid of tabs and trailing spaces.

Fixed a few obscure warnings too.


* Line lengths, tabs, space (no behavior change)

* Forgot

* Fix a few warnings, lots of line lengths

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Add missing goto to t_cose_crypto_sign_restart for PSA crypto adapter
when crypto_context is NULL.


Change-Id: Ia89c2eb772d9f9cd597a6288286e28b3393d7564

Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
This completes work on the KDF context, PartyU, PartyV and such.  It also adds support for the salt. There's a big recommendation for what to do with the KDF context.

This also fixes a big leak of t_cose_keys for encryption.

This also tidy's up the encryption code some.



* KDF context tests mostly done and passing

* Documentation improvement

* Fix big memory/key leak; tests now running

* Fix minor test stuff caught in CI

* A few documentation tweaks

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
    Fix ECDH encrypt bug (pub and priv key were reversed)
    Use COSE Example keys more completely
    Examples import public key separately from private key to match reality of use in examples
    Add some encrypt-decrypt testing
    Add long discussion about EC key formats


* Bug fix in ECDH encrypt; clean up ossl key import

* Get the 521 cose ex key working

* More tidiness

* disable enc_dec test for Mbed TLS 2.28 -- no KW

* fixes

* More documentation how/why key formats

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
* Fix intermediate MAC_structure in Mac0 computation

Fix Mac0 implementation, the context field of the intermediate
MAC_structure (ToBeMaced) must be a text string instead of a
byte string. See: RFC 8152 section-6.3

Change-Id: I35e812c32d827d8f071bb7961de1679fb3bd672e
Signed-off-by: David Vincze <david.vincze@arm.com>

* Do not include 'kid' parameter in Mac0 when it is omitted

Previously an empty byte string was added to the Mac0 structure
when the Key ID parameter was omitted (which is an option).

Change-Id: Ibc2575da1c60dd8905b68e6c271c490a61891ff9
Signed-off-by: David Vincze <david.vincze@arm.com>

* Add Mac0 test case to verify against external example

Change-Id: Icb261e1fa80f62b1caf6dc76d4aad7cbcbdeb84a
Signed-off-by: David Vincze <david.vincze@arm.com>

---------

Signed-off-by: David Vincze <david.vincze@arm.com>
* Add version number and update readme for alpha

* Readme update

* rewording; contributors

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
…ONLY (#257)

This is a major change to the internal way COSE_Sign is processed. No big API changes.

Verifier objects no longer need to decode COSE_Signatures and are half as complex as before. The COSE_SIgnature decoding is centralized. This also allows DECODE_ONLY with no verifiers (as long as COSE_Signatures don't use non-string or integer headers or need buffer size calculations).

Tests for DECODE_ONLY with multiple signatures




* Might fix aux buf size calc for multiple signatures

* Rework multiple COSE_Signatures

* Remove files that shouldn't have been added

* Documentation and clean up

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
* Support for empty protected headers

* decoding/encoding of unprotected alg id param

* documentation formatting

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Documentation for sign is improved

Comments for sign implementation improved

Rename "aad" to "ext_sup_data" in the interface to align with 4.3 in RFC 9052.

Improved error reporting for signing.
Better testing for decryption. Better error reporting for decryption failures.

New general test mechanism for testing against COSE messages specified in diag.


* Add decryption fail tests plus bug fixes

* Straggler makefile

* Straggler makefile

* Fix merge error; other clean up

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Initialise the PSA signing context in the PSA crypto adapter when the
restartable signing API called with started==false.

Change-Id: I9f5c40d2908f1cd32aa35b8d9562b63873d21471
Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
* add: AES-CTR and AES-CBC mode

* add: AES-CTR and AEC-CBC tests

* update: skip decrypt_known_good_aeskw_non_aead_test() with MbedTLS 2.28

* add: non_aead functions to test_crypto

* update: returns T_COSE_ERR_AAD_WITH_NON_AEAD if necessary

* update: confirm that the t_cose_encrypt_enc returns T_COSE_ERR_AAD_WITH_NON_AEAD for AES-CTR and AES-CBC

* update: move all params to unprotected header only for non AEAD

* add: enc-dec test for AES-CTR and AES-CBC

* update: allow algorithm id in unprotected header

* fix: t_cose_param_find_alg_id_unprot

* del: unused variable dummy_length

* del: psa_crypto_init()

* add: appropriate cast

* fix: typo

* update: AES-KW + non AEAD test binary

* update: move AES-CTR and AES-CBC test case into test/data/*diag

* fix: nit
* Further non-aead fixes

* Encrypt0 tests with non-aead

* Remove some #if'd junk

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
* More rework for empty protected headers

* Test and key wrap fixes

* Fix check for alt empty parameters form

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
* Finish of ext sup data (aad) for MAC

* Formatting and documentation

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
This adds test coverage for most things that can go wrong with a COSE_Encrypt and fixes the error handling for these things.

The shell script that processes diag into test input is improved.


* More tests and error handling fixes for COSE_Encrypt

* Fill out error handling for COSE_Encrypt decoding

* Fix left over merge issue

* Add .diag files to Xcode project

* error checking in script for making test messages

* Describe test cases; fix rcpt test case; rename some

* straggler files

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
* Rework of crypto adaptor layer for MAC

* A little more tidying up

* Improve comments; re order

* More code formatting and comments

* More code formatting and comments

* More code formatting and comments

---------

Co-authored-by: Laurence Lundblade <lgl@securitytheory.com>
* fix: IV size for AES-GCM

* del: IV size for AES-KW
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants