Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The big merge that makes t_cose 2.0 the main line #87

Open
wants to merge 135 commits into
base: master
Choose a base branch
from
Open

The big merge that makes t_cose 2.0 the main line #87

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
135 commits
Select commit Hold shift + click to select a range
d183b9f
Indicate this is the branch for 2.0 in the README
Jul 14, 2022
c59990a
New parameter handling and tbs handling (#78)
laurencelundblade Jul 17, 2022
05bf287
New sign API supporting COSE_Sign (#79)
laurencelundblade Jul 20, 2022
e597cf2
First work on multiple signature verification (#81)
laurencelundblade Jul 24, 2022
9b42e83
Fix compiler warning in COSE header parameter decoding (#85)
laurencelundblade Jul 25, 2022
4501c1e
Simplified and improved signing API (#82)
laurencelundblade Jul 27, 2022
021566a
Algorithm variability strategy (#84)
laurencelundblade Jul 27, 2022
66beb64
Parameters bug fix and add a short-circuit signer and verifier (#88)
laurencelundblade Jul 29, 2022
240b048
Enable CI to use HPKE (#83)
d3zd3z Aug 30, 2022
82a0d3a
Add mac0 support (#80)
adam2809 Sep 10, 2022
dcdbcc5
A few Mac0 nits needed to have the tdv/b.sh build run (#99)
laurencelundblade Sep 10, 2022
fde2f52
Replace t_cose_sign1 with compatibility layer (#89)
laurencelundblade Sep 20, 2022
c649114
Parameter handling improvements and testing (#113)
laurencelundblade Oct 22, 2022
e6b9e93
Add Encrypt and Encrypto0
laurencelundblade Nov 11, 2022
fdd5041
Documentation and comment improvements for signing (#117)
laurencelundblade Nov 14, 2022
327e4a9
Reference RFC 9053 in Mac0 code (#120)
davidvincze Nov 17, 2022
4e54b90
Use q_useful_buf and macros with matching style (#118)
davidvincze Nov 17, 2022
79fdb24
Fix make install for encrypt, multiple signers...
kentakayama Nov 22, 2022
bafe2e8
Align Mac0 function names to convention (#119)
davidvincze Nov 22, 2022
68fa986
Add HMAC IDs to the list of supported algorithms (#123)
davidvincze Nov 25, 2022
3528494
Function ...one_short... -> ...one_shot...
Dec 1, 2022
ac654ba
Merge master with RSA and EdDSA into dev (#121)
laurencelundblade Dec 7, 2022
7f24331
Use struct instead of 4 params for sig input (#129)
laurencelundblade Dec 7, 2022
9aed5d4
improve signer/verifier interface (#131)
laurencelundblade Dec 9, 2022
895c31f
Crypto context for special configuration of crypto libraries
laurencelundblade Dec 11, 2022
fb6238c
Param processing documentation and function naming (#133)
laurencelundblade Dec 15, 2022
6b6f98c
Integrate HPKE into t_cose
laurencelundblade Dec 15, 2022
3e10f04
Support 'Make warn' (#140)
laurencelundblade Dec 15, 2022
e386b57
Fix warnings and enable hpke for PSA (#141)
laurencelundblade Dec 19, 2022
84114bb
Better AEAD crypto adaptor; HPKE uses AEAD adaptor. (#142)
laurencelundblade Jan 6, 2023
70707b7
Optimize algorithm ID and error code mapping (#145)
laurencelundblade Jan 8, 2023
9442b9b
Fix and optimize data hash for COSE_Sign and _Sign1 (#147)
laurencelundblade Jan 10, 2023
b8c9898
key wrap crypto for OSSL adaptor plus key wrap tests,... (#149)
laurencelundblade Jan 16, 2023
9328fad
Add detached payload for mac (#143)
kentakayama Jan 16, 2023
ea44654
fix tamper_offset variable (#150)
laurencelundblade Jan 16, 2023
bcbf084
Big refactor making encrypt recipients an object, plus more...
laurencelundblade Jan 23, 2023
cd565bc
Verification of COSE_Sign with multiple COSE_Signature(s) (#153)
laurencelundblade Jan 29, 2023
b3c827a
Cose_Recipient decryption object (#154)
laurencelundblade Feb 4, 2023
49b6b4e
Add Makefile.common and other Makefile improvements
laurencelundblade Feb 15, 2023
03c9bfc
Rework of t_cose_encrypt_enc() (#159)
laurencelundblade Feb 17, 2023
b8a15f6
Split cose_key out and make symmetric key handling library independen…
laurencelundblade Feb 20, 2023
538b7cf
Improve examples and initialization of keys for test and examples
laurencelundblade Feb 25, 2023
a124b08
Decryption supports multiple recipients, returns parameters,... (#178)
laurencelundblade Feb 28, 2023
2d541ce
Fixes for C++ and compliation ifdefs
Mar 10, 2023
6769628
Fixes for full #define fan-out test (#179)
laurencelundblade Mar 15, 2023
778a712
Rename "aes_kw" to "keywrap" (#180)
laurencelundblade Mar 15, 2023
064e084
HPKE hackathon -- Aligning with -04 version of draft. (#184)
hannestschofenig Mar 25, 2023
417cfff
HPKE_sender_info enc/dec works, but... (#185)
laurencelundblade Mar 25, 2023
445a639
Add protection of headers for HPKE (#187)
laurencelundblade Mar 25, 2023
69078e4
Provide a non-detached encryption example (#188)
laurencelundblade Mar 25, 2023
a06bba2
Improvements for multiple sig verification (#183)
laurencelundblade Mar 25, 2023
197e5da
Adding test cases. (#191)
hannestschofenig Mar 26, 2023
b4f5d76
Fix a key handle memory leak (#192)
laurencelundblade Mar 26, 2023
ffc1c13
Fix another memory leak (#193)
laurencelundblade Mar 26, 2023
7d29cf0
One more leak (#194)
laurencelundblade Mar 26, 2023
1cedfc6
Final round of leak fixes (#195)
laurencelundblade Mar 26, 2023
1243c9f
fix double free causing ossl crash (#196)
laurencelundblade Mar 27, 2023
852192a
fix encryption/decryption/hpke nits (#197)
laurencelundblade Mar 27, 2023
19dc061
Print out all the context sizes (#198)
laurencelundblade Mar 29, 2023
baa6001
Improve two-step interface for signing and Mac
kentakayama Mar 31, 2023
a2ae352
t_cose_sign_sign documentation is made correct
laurencelundblade Apr 2, 2023
6715ad8
Repair, update and improve signing examples (#200)
laurencelundblade Apr 2, 2023
167c067
Add HKDF to the crypto adaptation layer (#201)
laurencelundblade Apr 8, 2023
57fa359
Align MAC related symbols to naming conventions (#204)
davidvincze Apr 23, 2023
1d1a345
Fixes & tests for verification of multiple signatures; parameter deco…
laurencelundblade Apr 23, 2023
a38899d
Code formatting and unused var
laurencelundblade Apr 23, 2023
2a75d03
Remove mention of short-circuit from MAC code (#209)
davidvincze Apr 26, 2023
bed70b8
Work around lack of #warning in MSVC (#207)
dthaler Apr 27, 2023
01e48d5
Crit param decoding is working (#208)
laurencelundblade May 8, 2023
39e11c4
Naming consistency for parameter-related functions (#212)
laurencelundblade May 12, 2023
c7c47c5
Update MAC documentation and improve code tidiness (#210)
davidvincze May 13, 2023
34f1c7c
Fix straggler from last commit (#214)
laurencelundblade May 13, 2023
86e0929
Improve param testing (#213)
laurencelundblade May 18, 2023
f8e93f8
Reporting of tests that didn't do any testing (#215)
laurencelundblade May 19, 2023
9ed0144
HMAC for OpenSSL; HMAC fixes, tests and error codes
laurencelundblade May 22, 2023
56dec89
Remove kid from crypto adaptor layer (#218)
laurencelundblade May 26, 2023
4b53b0e
T_COSE_DISABLE_EDDSA is removed in favor of dead_strip (#219)
laurencelundblade May 28, 2023
90a3335
Pass content encryption alg info to recipient objects (#223)
laurencelundblade Jun 7, 2023
7edd20f
Remove T_COSE_DISABLE_MAC0 option (#211)
davidvincze Jun 7, 2023
52e0577
Add restartable api, building on crypto context (#181)
matetothpal Jun 11, 2023
d5a2e12
Introduce T_COSE_DISABLE_COSE_SIGN option (#222)
davidvincze Jun 11, 2023
44f3dff
Fix straggler warnings (#229)
laurencelundblade Jun 13, 2023
ca1a898
Fixes for tdv fan out test (#230)
laurencelundblade Jun 15, 2023
b7fd66d
fix warning in crypto test and in params (#231)
laurencelundblade Jun 16, 2023
557dea3
Consolidate keys for test and examples (#232)
laurencelundblade Jun 17, 2023
1039e7e
Support multiple sig verify without QCBOR 2 (#226)
laurencelundblade Jun 17, 2023
e82aa93
Add crypto adaptor layer for ECDH (#233)
laurencelundblade Jun 21, 2023
02fa902
Ephemeral-Static Diffie-Hellman Implementation for COSE (#221)
hannestschofenig Jul 1, 2023
9ce16b3
Remove HPKE (it will come in after t_cose 2.0) (#235)
laurencelundblade Jul 1, 2023
38843ee
Straggler fixes for addition of esdh and remove of hpke (#237)
laurencelundblade Jul 2, 2023
9dab8a8
sign restart bug fix minor t_cose_sign_sign improvements (#234)
laurencelundblade Jul 2, 2023
63de173
Updates and unifies tag and message type processing for all message t…
laurencelundblade Jul 8, 2023
097d98e
Fix some todo's and compiler warnings (#239)
laurencelundblade Jul 10, 2023
34cb2c0
Not-quite-running esdh decrypt (#238)
laurencelundblade Jul 13, 2023
7a81f17
Replace all int_fast32_t with int32_t in test code
laurencelundblade Jul 15, 2023
b8ee193
Successful encrypt/decrypt for PSA crypto
laurencelundblade Jul 16, 2023
a3165bc
Last PR for ESDH was missing some stuff (#243)
laurencelundblade Jul 17, 2023
d921f8f
Interface for info struct, party u, party v... (#244)
laurencelundblade Jul 18, 2023
e6fcb67
ESDH working for OSSL (#245)
laurencelundblade Jul 18, 2023
9fd30c6
Improve var names and such in crypto layer; no semantic changes (#246)
laurencelundblade Jul 19, 2023
5760b2e
Reorganize esdh recipient -- no semantic changes (#247)
laurencelundblade Jul 20, 2023
80da6f3
More edsh tidy up (#248)
laurencelundblade Jul 21, 2023
8522ded
Implement info struct new API (#250)
laurencelundblade Jul 23, 2023
98e8d06
Fix kdf context; tests passing for ossl and mbed (#253)
laurencelundblade Jul 24, 2023
2aa32e6
Disable complex multiple sig test when es384 is off (#254)
laurencelundblade Jul 25, 2023
1f35dd6
Fix EdDSA aux buf size calc (#255)
laurencelundblade Jul 25, 2023
5011092
Line lengths, tabs, space (no behavior change) (#256)
laurencelundblade Jul 25, 2023
117159b
Add missing goto from PSA crypto adapter (#259)
matetothpal Jul 27, 2023
45b8242
KDF context tests passing; fix big memory leak (#258)
laurencelundblade Aug 3, 2023
bf0b638
Bug fix in ECDH encrypt; clean up ossl key import (#260)
laurencelundblade Aug 3, 2023
59002f9
Mac0: Add external example to test against (#236)
davidvincze Aug 7, 2023
ee1a6c9
Add version number and update readme for alpha (#249)
laurencelundblade Aug 8, 2023
6ebef8d
Rework so COSE_Signature implementations are simpler + easier DECODE_…
laurencelundblade Aug 8, 2023
c9328fd
Test improvements for crit params; t_cose 1 compat (#261)
laurencelundblade Aug 14, 2023
cb7b832
Fix straggler warning
Aug 14, 2023
316a662
tdv #define test fan out fix
Aug 15, 2023
a0296b6
tdv #define test fan out fix
Aug 15, 2023
6c5c8e6
Clean up XCode project file
Oct 20, 2023
14d5975
Fix prototype of functions with no args (#264)
laurencelundblade Oct 26, 2023
fa047af
Support for empty protected headers (#267)
laurencelundblade Nov 4, 2023
bd24e8f
"aad"->"ext_sup_data" and other documentation improvements
laurencelundblade Nov 4, 2023
451f8a1
Add decryption fail tests plus bug fixes (#266)
laurencelundblade Nov 4, 2023
58e70ca
Initialise PSA signing context (#263)
matetothpal Nov 4, 2023
437a35b
Encode empty prot params as an empty bstr (#268)
laurencelundblade Nov 4, 2023
76cdae4
Add AES-CTR and AES-CBC (#265)
kentakayama Nov 5, 2023
2d65e0a
Further non-aead fixes (#269)
laurencelundblade Nov 5, 2023
876ae76
Various minor warning and test fixes (#270)
laurencelundblade Nov 5, 2023
227eb48
Update readme (#271)
laurencelundblade Nov 5, 2023
3076010
More rework for empty protected headers (#272)
laurencelundblade Nov 6, 2023
af3c971
Fill out parameter features for HMAC
Nov 8, 2023
04b172e
Finish off ext sup data (aad) for MAC (#273)
laurencelundblade Nov 8, 2023
ade036c
Re order and fix XCode project file (#274)
laurencelundblade Nov 12, 2023
00992ed
More tests and error handling fixes for COSE_Encrypt (#275)
laurencelundblade Nov 15, 2023
1eeef3b
Remove limit on MAC protected headers; MAC code size smaller (#276)
laurencelundblade Nov 16, 2023
672a803
Fix nonce sizes for various AES-based encryption algorithms
kentakayama Jul 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 40 additions & 11 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,30 @@ jobs:
- os-image: ubuntu-latest
container: ubuntu:20.04
crypto-provider: MbedTLS
crypto-provider-version: '2.28.0'
crypto-provider-version: 'v2.28.0'
crypto-provider-extra: ''
crypto-provider-build-extra: ''

- os-image: ubuntu-latest
container: ubuntu:20.04
crypto-provider: MbedTLS
crypto-provider-version: '3.1.0'
crypto-provider-version: 'v3.1.0'
crypto-provider-extra: ''
crypto-provider-build-extra: ''

- os-image: ubuntu-latest
container: ubuntu:20.04
crypto-provider: MbedTLS
crypto-provider-version: 'v3.4.0'
crypto-provider-extra: ''
crypto-provider-build-extra: ''

- os-image: ubuntu-latest
container: ubuntu:20.04
crypto-provider: MbedTLS
crypto-provider-version: 'v3.4.0'
crypto-provider-extra: ''
crypto-provider-build-extra: 'python3 scripts/config.py set MBEDTLS_ECP_RESTARTABLE'

- os-image: ubuntu-latest
container: ubuntu:20.04
Expand All @@ -47,7 +65,8 @@ jobs:
set -ex
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y build-essential cmake python3 ${{ matrix.c-compiler }}
apt-get install -y build-essential cmake python3 ${{ matrix.c-compiler }} \
python3-jinja2 python3-jsonschema
echo "CC=${{ matrix.c-compiler }}" >> $GITHUB_ENV

- name: Install OpenSSL
Expand All @@ -59,13 +78,14 @@ jobs:
uses: actions/checkout@v3
with:
repository: ARMmbed/mbedtls
ref: v${{ matrix.config.crypto-provider-version }}
ref: ${{ matrix.config.crypto-provider-version }}
path: mbedtls

- name: Install MbedTLS
if: matrix.config.crypto-provider == 'MbedTLS'
run: |
cd mbedtls
${{ matrix.config.crypto-provider-build-extra }}
make -j $(nproc)
make install

Expand All @@ -86,16 +106,25 @@ jobs:
set -ex
mkdir build
cd build
cmake -DCRYPTO_PROVIDER=${{ matrix.config.crypto-provider }} ..
cmake -DCRYPTO_PROVIDER=${{ matrix.config.crypto-provider }} \
${{ matrix.config.crypto-provider-extra }} \
${{ matrix.config.defines }} \
..
make -j $(nproc)

- name: Run OpenSSL example
if: matrix.config.crypto-provider == 'OpenSSL'
run: build/t_cose_basic_example_ossl
- name: Run examples
run: build/t_cose_examples

- name: Run MbedTLS example
if: matrix.config.crypto-provider == 'MbedTLS'
run: build/t_cose_basic_example_psa
- name: Run tests
if: matrix.config.crypto-provider == 'MbedTLS' &&
matrix.config.crypto-provider-version == 'v3.4.0' &&
matrix.config.crypto-provider-build-extra == ''
# This Mbed TLS version has the option of restartable ECP, however it is
# not turned on. In this case the restartable testcase should fail.
run: build/t_cose_test | grep 'restart_test_2_step FAILED'

- name: Run tests
if: ${{ ! ( matrix.config.crypto-provider == 'MbedTLS' &&
matrix.config.crypto-provider-version == 'v3.4.0' &&
matrix.config.crypto-provider-build-extra == '' ) }}
run: build/t_cose_test
2 changes: 2 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,8 @@ dkms.conf
# Compiled binaries
t_cose_test
t_cose_basic_example_ossl
t_cose_basic_example_psa
t_cose_encryption_example_psa

# CMake build folder
build/
Expand Down
65 changes: 52 additions & 13 deletions CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ if(CRYPTO_PROVIDER STREQUAL "MbedTLS")

find_package(MbedTLS REQUIRED)
set(CRYPTO_LIBRARY MbedTLS::MbedCrypto)
set(CRYPTO_COMPILE_DEFS -DT_COSE_USE_PSA_CRYPTO=1)
set(CRYPTO_COMPILE_DEFS -DT_COSE_USE_PSA_CRYPTO=1 ${CC_DEFINES})
set(CRYPTO_ADAPTER_SRC crypto_adapters/t_cose_psa_crypto.c)

elseif(CRYPTO_PROVIDER STREQUAL "OpenSSL")
Expand Down Expand Up @@ -66,6 +66,23 @@ set(T_COSE_SRC_COMMON
src/t_cose_parameters.c
src/t_cose_sign1_verify.c
src/t_cose_util.c
src/t_cose_key.c
src/t_cose_sign_sign.c
src/t_cose_mac_compute.c
src/t_cose_signature_sign_main.c
src/t_cose_signature_sign_restart.c
src/t_cose_signature_sign_eddsa.c
src/t_cose_sign_verify.c
src/t_cose_mac_validate.c
src/t_cose_signature_verify_main.c
src/t_cose_signature_verify_eddsa.c
src/t_cose_encrypt_enc.c
src/t_cose_encrypt_dec.c
src/t_cose_recipient_dec_keywrap.c
src/t_cose_recipient_enc_keywrap.c
src/t_cose_recipient_dec_esdh.c
src/t_cose_recipient_enc_esdh.c
src/t_cose_qcbor_gap.c
)

find_package(QCBOR REQUIRED)
Expand All @@ -86,50 +103,72 @@ install(DIRECTORY inc/ DESTINATION ${CMAKE_INSTALL_INCLUDEDIR})

if (BUILD_EXAMPLES)

set(EXAMPLE_SRC_COMMON
examples/examples_main.c
examples/print_buf.c
examples/signing_examples.c
examples/encryption_examples.c
examples/example_keys.c
)

if (CRYPTO_PROVIDER STREQUAL "MbedTLS")
add_executable(t_cose_basic_example_psa examples/t_cose_basic_example_psa.c)
target_link_libraries(t_cose_basic_example_psa PRIVATE t_cose ${CRYPTO_LIBRARY})
elseif (CRYPTO_PROVIDER STREQUAL "OpenSSL")
add_executable(t_cose_basic_example_ossl examples/t_cose_basic_example_ossl.c)
target_link_libraries(t_cose_basic_example_ossl PRIVATE t_cose ${CRYPTO_LIBRARY})
set(EXAMPLE_SRC_EXTRA examples/init_keys_psa.c)
elseif(CRYPTO_PROVIDER STREQUAL "OpenSSL")
set(EXAMPLE_SRC_EXTRA examples/init_keys_ossl.c)
elseif(CRYPTO_PROVIDER STREQUAL "Test")
set(EXAMPLE_SRC_EXTRA examples/init_keys_test.c)
else()
message(FATAL_ERROR "Bug!")
endif()

add_executable(t_cose_examples ${EXAMPLE_SRC_COMMON} ${EXAMPLE_SRC_EXTRA})

target_include_directories(t_cose_examples PRIVATE examples)
target_link_libraries(t_cose_examples PRIVATE t_cose ${CRYPTO_LIBRARY})
# Crypto defs are needed because the tests include headers from src/
target_compile_definitions(t_cose_examples PRIVATE ${CRYPTO_COMPILE_DEFS} ${EXAMPLE_EXTRA_DEFS})

endif()


if (BUILD_TESTS)

enable_testing()

set(TEST_SRC_COMMON
main.c
test/run_tests.c
test/t_cose_compute_validate_mac_test.c
test/t_cose_crypto_test.c
test/t_cose_encrypt_decrypt_test.c
test/t_cose_make_test_messages.c
test/data/test_messages.c
test/t_cose_param_test.c
test/t_cose_test.c
examples/example_keys.c
)

if (NOT CRYPTO_PROVIDER STREQUAL "Test")
list(APPEND TEST_SRC_COMMON test/t_cose_sign_verify_test.c)
endif()

if (CRYPTO_PROVIDER STREQUAL "MbedTLS")
set(TEST_SRC_EXTRA test/t_cose_make_psa_test_key.c)
set(TEST_EXTRA_DEFS)
set(TEST_SRC_EXTRA examples/init_keys_psa.c)
elseif(CRYPTO_PROVIDER STREQUAL "OpenSSL")
set(TEST_SRC_EXTRA test/t_cose_make_openssl_test_key.c)
set(TEST_EXTRA_DEFS)
set(TEST_SRC_EXTRA examples/init_keys_ossl.c)
elseif(CRYPTO_PROVIDER STREQUAL "Test")
set(TEST_SRC_EXTRA)
set(TEST_SRC_EXTRA examples/init_keys_test.c)
set(TEST_EXTRA_DEFS -DT_COSE_ENABLE_HASH_FAIL_TEST -DT_COSE_DISABLE_SIGN_VERIFY_TESTS)
else()
message(FATAL_ERROR "Bug!")
endif()

add_executable(t_cose_test ${TEST_SRC_COMMON} ${TEST_SRC_EXTRA})
target_include_directories(t_cose_test PRIVATE src test)
target_include_directories(t_cose_test PRIVATE src test examples)
target_link_libraries(t_cose_test PRIVATE t_cose ${CRYPTO_LIBRARY})
# Crypto defs are needed because the tests include headers from src/
target_compile_definitions(t_cose_test PRIVATE ${CRYPTO_COMPILE_DEFS} ${TEST_EXTRA_DEFS})

add_test(NAME t_cose_test COMMAND t_cose_test)

endif()
Loading
Loading