yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
29777 commits 89 branches 205 tags 114 MiB
Commit graph

12964 commits

Author SHA1 Message Date
Yanray Wang 2bef7fbc8d tls13: early_data: cli: remove guard to fix failure 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 12:02:56 +08:00
Dave Rodgman 059f66ce7c Remove redundant check 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 11:02:03 +00:00
Dave Rodgman 6eee57bc07 Merge remote-tracking branch 'origin/development' into msft-aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 11:01:50 +00:00
Dave Rodgman 12d1c3ad4f Use MBEDTLS_HAVE_NEON_INTRINSICS in aesce 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 09:38:38 +00:00
Dave Rodgman d879b47b52 tidy up macros in mbedtls_xor 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 09:35:14 +00:00
Dave Rodgman 59059ec503 Merge remote-tracking branch 'origin/development' into msft-aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 09:34:41 +00:00
Yanray Wang b3e207d762 tls13: early_data: cli: rename early_data parser in nst 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 16:49:51 +08:00
Yanray Wang 0790041dc6 Revert "tls13: early_data: cli: remove nst_ prefix" 
This reverts commit 3781ab40fb.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 16:44:44 +08:00
Dave Rodgman 10dfe76425
Merge pull request #8573 from daverodgman/iar-aesce2 
Disable hw AES on Arm for IAR
 2023-11-30 08:22:09 +00:00
Yanray Wang f4bad42670 itls13: early_data: cli: improve comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 15:58:07 +08:00
Valerio Setti ad6d016b8f pkwrite: fix return value in pk_get_type_ext() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-30 08:10:36 +01:00
Valerio Setti 3cc486aa11 pkparse: make pk_internal.h always available 
This is needed because now "pk_internal.h" contains defines for
PEM strings

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-30 08:09:47 +01:00
Yanray Wang a29db7da2e tls13: early_data: cli: assign ciphersuite properly 
When early_data extension is enabled and sent in ClientHello,
the client does not know if the server will accept early data
and select the first proposed pre-shared key with a ciphersuite
that is different from the ciphersuite associated to the selected
pre-shared key. To address aforementioned case, we do associated
verification when parsing early_data ext in EncryptedExtensions.
Therefore we have to assign the ciphersuite in current handshake
to session_negotiate later than the associated verification.
This won't impact decryption of EncryptedExtensions since we
compute handshake keys by the ciphersuite in handshake not via
the one in session_negotiate.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 14:27:38 +08:00
Valerio Setti bcc004b549 pkwrite: some reshaping for Montgomery keys in mbedtls_pk_write_pubkey_der() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-29 17:16:55 +01:00
Valerio Setti a4f70fe3fe pkwrite: simplify management of opaque keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-29 15:05:47 +01:00
Janos Follath c6f1637f8c
Merge pull request #8534 from paul-elliott-arm/fix_mutex_abstraction 
Make mutex abstraction and tests thread safe
 2023-11-29 13:26:23 +00:00
Dave Rodgman fb96d800ab
Merge pull request #8569 from yuhaoth/pr/fix-warning-on-arm64-gcc-5.4 
fix build warning with arm64 gcc 5.4
 2023-11-29 11:52:18 +00:00
Jerry Yu 92787e42c4 fix wrong gcc version check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-29 16:30:38 +08:00
Jerry Yu e743aa74b5 add non-gcc arm_neon support 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-29 15:54:32 +08:00
Valerio Setti f9362b7324 pk_internal: small renaming for mbedtls_pk_get_group_id() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-29 08:42:27 +01:00
Jerry Yu d33f7a8c72 improve document 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-29 15:09:21 +08:00
Jerry Yu 71fada10e5 Guards neon path 
Old GCC(<7.3) reports warning in NEON path

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-29 10:38:07 +08:00
Jerry Yu 5b96b81980 Revert "fix build warning with arm64 gcc 5.4" 
This reverts commit da3c206ebd.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-29 10:25:00 +08:00
Valerio Setti bcd305913f pk: move functions to verify RFC8410 group ID to pk_internal 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-28 16:27:55 +01:00
Dave Rodgman 410ad44725 Disable hw AES on Arm for IAR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-28 13:42:17 +00:00
Valerio Setti d5604bacc4 pkwrite: add internal defines for proper key buffer sizes 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-28 14:10:43 +01:00
Valerio Setti 605f03cb76 pkwrite: reorganize code 
This commits just moves code around. The goal is to group together
functions by guards and functionality:
- RSA, EC, Opaque
- internal VS public

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-28 12:46:39 +01:00
Manuel Pégourié-Gonnard 294f5d7ea9
Merge pull request #8540 from valeriosetti/issue8060 
[G2] Make CCM and GCM work with the new block_cipher module
 2023-11-28 08:18:45 +00:00
Valerio Setti 854c737db1 pk: use common header/footer macros for pkwrite and pkparse 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-28 08:37:57 +01:00
Valerio Setti 180915018d pem: auto add newlines to header/footer in mbedtls_pem_write_buffer() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-28 08:37:06 +01:00
Jerry Yu da3c206ebd fix build warning with arm64 gcc 5.4 
GCC 5.4 reports below warning on Arm64
```
warning: 'vst1q_u8' is static but used in inline function 'mbedtls_xor' which is not static
```
This inline function miss `static`, others have the keyword

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-28 14:28:03 +08:00
Dave Rodgman 4e9d5aa2ba
Merge pull request #8515 from mschulz-at-hilscher/fixes/pragma-error-gcc452 
Fix compiler error on gcc 4.5.2.
 2023-11-27 11:28:30 +00:00
Dave Rodgman 9fbac381e6
Merge pull request #8326 from daverodgman/aesce-thumb2 
Support hw-accelerated AES on Thumb and Arm
 2023-11-27 09:58:58 +00:00
Dave Rodgman c94f8f1163
Merge pull request #8551 from daverodgman/sign-conversion-part1 
Sign conversion part 1
 2023-11-24 15:12:00 +00:00
Dave Rodgman a3b80386d9 Merge remote-tracking branch 'origin/development' into sign-conversion-part1 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-24 11:27:18 +00:00
Janos Follath 905409abe2
Merge pull request #8500 from Ryan-Everett-arm/8409-make-empty-key-slots-explicit 
Make empty key slots explicit
 2023-11-24 08:52:01 +00:00
Oldes Huhuman 1b58ecbfb0 Fixed compilation for Haiku OS 
Related to: https://github.com/Mbed-TLS/mbedtls/issues/8562

Signed-off-by: Oldes Huhuman <oldes.huhuman@gmail.com>
 2023-11-23 22:46:20 +01:00
Paul Elliott 8c6d332c44 Fix comment typos 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-23 18:53:13 +00:00
Dave Rodgman 8cd4bc4ac2
Merge pull request #8124 from yanrayw/support_cipher_encrypt_only 
Support the negative option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
 2023-11-23 17:43:00 +00:00
Ryan Everett 2a0d4e2995 Revert "Refactor psa_load_persistent_key_into_slot to remove bad goto" 
This reverts commit d69f4017fb.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-23 16:34:35 +00:00
Dave Rodgman c44042ddbc
Merge pull request #7905 from lpy4105/issue/misc-improvement 
misc improvements
 2023-11-23 16:20:58 +00:00
Ryan Everett d69f4017fb Refactor psa_load_persistent_key_into_slot to remove bad goto 
Merges the two calls to `psa_copy_key_material_into_slot.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-23 16:20:45 +00:00
Yanray Wang 3781ab40fb tls13: early_data: cli: remove nst_ prefix 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-23 18:17:14 +08:00
Yanray Wang d012084e91 tls13: early_data: cli: optimize code 
- remove unnecessary check
- using local variable session

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-23 16:38:20 +08:00
Yanray Wang 690ee81533 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-11-23 10:31:26 +08:00
Gilles Peskine 3f5e1e81b2
Merge pull request #8440 from yuhaoth/pr/fix-missing-pre_shared_key-ext-sent-mask 
Fix missing pre shared key ext sent mask
 2023-11-22 16:40:12 +00:00
Yanray Wang 554ee62fba tls13: early_data: fix wrong debug_ret message 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-22 18:55:03 +08:00
Yanray Wang 5da8ecffe6 tls13: nst early_data: remove duplicate code 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-22 18:52:21 +08:00
Yanray Wang 1136fad126 ssl_tls: improve readability in ssl_*_preset_*_sig_algs 
- fix wrong comment in #endif
- no semantics changes

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-22 17:41:52 +08:00
Jerry Yu 87b5ed4e5b Add server side end-of-early-data handler 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-22 16:48:39 +08:00
Jerry Yu 7d8c3fe12c Add wait flight2 state. 
The state is come from RFC8446 section A.2

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-22 16:48:39 +08:00
Jerry Yu 4e9b70e03a Add early transform computation when accepted 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-22 16:48:39 +08:00
Yanray Wang 69ceb391a0 ssl_tls: remove RSA sig-algs in ssl_tls12_preset_suiteb_sig_algs 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-22 16:32:55 +08:00
Yanray Wang b1f60163ba ssl_tls: remove RSA sig-algs in ssl_preset_suiteb_sig_algs 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-22 16:28:54 +08:00
Yanray Wang fd25654311 ssl_tls: remove unnecessary guard 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-22 10:33:11 +08:00
Yanray Wang 365ee3eaa9 ssl_tls: return correct error code if mbedtls_calloc fails 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-22 10:33:11 +08:00
Yanray Wang 920db45818 tls13: early_data: support to parse max_early_data_size ext 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-22 10:33:11 +08:00
Dave Rodgman e467d62042 Add casts for NEON 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman c37ad4432b misc type fixes in ssl 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman df4d42106a Use standard byte conversion fns in lms 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman a3d0f61aec Use MBEDTLS_GET_UINTxx_BE macro 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman b2e8419b50 Fix types in entropy_poll.c 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman e4a6f5a7ec Use size_t cast for pointer subtractions 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Manuel Pégourié-Gonnard d4dc354185
Merge pull request #8541 from yanrayw/issue/ssl-fix-missing-guard 
ssl_tls: add missing macro guard
 2023-11-21 14:57:47 +00:00
Ryan Everett 9f176a2766 Fix status assignments when loading persistent keys 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-21 11:49:57 +00:00
Jerry Yu 60e997205d replace check string 
The output has been changed

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:25 +08:00
Jerry Yu 713ce1f889 various improvement 
- improve change log entry
- improve comments
- remove unnecessary statement
- change type of client_age

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:25 +08:00
Jerry Yu d84c14f80c improve code style 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:24 +08:00
Jerry Yu 9cb953a402 improve document 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:24 +08:00
Jerry Yu 8e0174ac05 Add maximum ticket lifetime check 
Also add comments for age cast

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:24 +08:00
Jerry Yu 472a69260b fix build failure 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:20 +08:00
Jerry Yu cf9135100e fix various issues 
- fix CI failure due to wrong usage of ticket_lifetime
- Improve document and comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu 342a555eef rename ticket received 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu 25ba4d40ef rename ticket_creation to ticket_creation_time 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu 46c7926f74 Add maximum ticket lifetime check 
Also add comments for age cast

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu 28e7c554f4 Change the bottom of tolerance window 
The unit of ticket time has been changed to milliseconds.
And age difference might be negative

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu 31b601aa15 improve comments 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Jerry Yu ec6d07870d Replace start with ticket_creation 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Jerry Yu f16efbc78d fix various issues 
- Add comments for ticket test hooks
- improve code style.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Jerry Yu cebffc3446 change time unit of ticket to milliseconds 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Valerio Setti d0eebc1f94 ccm/gcm: improve code maintainability 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-20 15:17:53 +01:00
Gilles Peskine 473ff34d59
Merge pull request #8489 from valeriosetti/issue8482 
Make CCM* and CCM independent
 2023-11-20 14:07:14 +00:00
Ronald Cron 97137f91b6
Merge pull request #7071 from yuhaoth/pr/tls13-ticket-add-max_early_data_size-field 
TLS 1.3 EarlyData: add `max_early_data_size` field for ticket
 2023-11-20 08:04:57 +00:00
Paul Elliott 5fa986c8cb Move handling of mutex->is_valid into threading_helpers.c 
This is now a field only used for testing.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:13:05 +00:00
Ryan Everett 975d411d92 Only set slot to OCCUPIED on successful key loading 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-16 13:37:51 +00:00
Valerio Setti 9b7a8b2a0c ccm/gcm: reaplace CIPHER_C functions with BLOCK_CIPHER_C ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-16 11:48:00 +01:00
Yanray Wang 19e4dc8df7 tls: fix unused parameter in mbedtls_ssl_cipher_to_psa 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-16 18:05:51 +08:00
Yanray Wang 1a369d68aa ssl_tls: add missing guard for mbedtls_ssl_cipher_to_psa 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-16 15:17:33 +08:00
Manuel Pégourié-Gonnard dc848955d6
Merge pull request #8519 from mpg/block-cipher 
[G2] Add internal module block_cipher
 2023-11-15 11:53:22 +00:00
Valerio Setti 5e378d70e6 ssl_misc: remove DES from the list of key types supporting CBC 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:18:14 +01:00
Dave Rodgman cba4091581
Merge pull request #8516 from mschulz-at-hilscher/fixes/divided-assembler-syntax-error-gcc493 
Fixes invalid default choice of thumb assembler syntax.
 2023-11-14 17:57:37 +00:00
Matthias Schulz 90c8c3235b
Update library/constant_time_impl.h 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com>
 2023-11-14 16:35:50 +01:00
Matthias Schulz 3f80ffb9ff
Update library/constant_time_impl.h 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com>
 2023-11-14 16:35:45 +01:00
Manuel Pégourié-Gonnard 752dd39a69
Merge pull request #8508 from valeriosetti/issue6323 
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
 2023-11-14 11:39:06 +00:00
Yanray Wang c43479103a aesce: fix unused parameter 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-14 11:09:56 +08:00
Matthias Schulz e94525bd17 Updated comments. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-13 14:01:02 +01:00
Matthias Schulz 35842f52f2 Simplified check. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-13 13:57:05 +01:00
Ryan Everett 34d6a5c3df Move enum definition to satisfy check_names.py 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-13 09:52:12 +00:00
Matthias Schulz ca8981c1ee Added proposed fixes 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-13 10:04:19 +01:00
Matthias Schulz be1e9c5951 Pop only when pushed. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-13 09:33:33 +01:00
Tom Cosgrove 08ea9bfa1f
Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data 
TLS 1.3: Rename early_data and max_early_data_size configuration function
 2023-11-10 19:35:46 +00:00
Manuel Pégourié-Gonnard 76fa16cab3 block_cipher: add encrypt() 
Test data copied from existing test suites.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 12:14:53 +01:00
Manuel Pégourié-Gonnard 3e0884fc53 block_cipher: add setkey() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 11:52:10 +01:00
Yanray Wang 0287b9d260 padlock.c: guard mbedtls_padlock_xcryptcbc by CIPHER_MODE_CBC 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-10 18:21:22 +08:00
Manuel Pégourié-Gonnard 21718769d1 Start adding internal module block_cipher.c 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 11:21:17 +01:00
Yanray Wang cd25d22526 cipher.c: remove checks for CBC,XTS,KW,KWP in cipher_setkey 
We have checks for CBC, XTS and KW modes in check_config.h. This
means we should never get a successful build with above three modes.
Therefore, the checks in cipher_setkey is not necessary as other
error will be emitted if asking for those modes in the cipher.
Additionally, removing the checks can save extra code size.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-10 15:40:58 +08:00
Valerio Setti 01c4fa3e88 ssl: move MBEDTLS_SSL_HAVE internal symbols to ssl.h 
This is useful to properly define MBEDTLS_PSK_MAX_LEN when
it is not defined explicitly in mbedtls_config.h

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-10 08:12:07 +01:00
Yanray Wang 111159b89c BLOCK_CIPHER_NO_DECRYPT: call encrypt direction unconditionally 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-10 15:03:23 +08:00
Matthias Schulz 5ffc42442d Fix preprocessor syntax error. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-09 15:44:24 +01:00
Matthias Schulz 2e068cef09 fixes invalid default choice of thumb assembler syntax. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-09 15:25:52 +01:00
Matthias Schulz ee10b8470a Fix compiler error on gcc 4.5.2. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-09 15:19:28 +01:00
Matthias Schulz 9916b06ce7 Fix uninitialized variable warnings. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-09 14:25:01 +01:00
Manuel Pégourié-Gonnard 7d7ce0e66a
Merge pull request #8495 from lpy4105/issue/6322/driver-only-cipher_aead-tls 
[G3] Driver-only cipher+aead: TLS: main test suite
 2023-11-09 11:10:34 +00:00
Yanray Wang f03b49122c aes.c: guard RSb and RTx properly 
If we enabled AES_DECRYPT_ALT and either AES_SETKEY_DEC_ALT or
AES_USE_HARDWARE_ONLY, this means RSb and RTx are not needed.
This commit extends how we guard RSb and RTx for the combinations of
these configurations.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-09 11:43:21 +08:00
Gilles Peskine 4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377 
Fixes "CSR parsing with critical fields fails"
 2023-11-08 18:07:04 +00:00
Dave Rodgman 0d22539de0
Merge pull request #8468 from daverodgman/mbedtls-3.5.1-pr 
Mbed TLS 3.5.1
 2023-11-08 18:01:32 +00:00
Ryan Everett 5567e3a34b Make empty key slots explicit 
Add new status field to key slots, and use it.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-08 13:28:20 +00:00
Dave Rodgman 28d40930ae Restore bump version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:40:08 +00:00
Yanray Wang 004a60c087 aes.c: remove non-functional code 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 19:05:31 +08:00
Pengyu Lv 2bd56de3f4 ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros 
MBEDTLS_SSL_HAVE_<block_cipher>_CBC equals
MBEDTLS_SSL_HAVE_<block_cipher> and MBEDTLS_SSL_HAVE_CBC.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 14:21:19 +08:00
Pengyu Lv 65458fa969 ssl: MBEDTLS_SSL_HAVE_* in ssl_misc.h 
Done by commands:

```
sed -i "300,$ s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 12:16:29 +08:00
Pengyu Lv 829dd2048a ssl: use MBEDTLS_SSL_HAVE_* in ssl_ciphersuites.c 
Mainly done by the commands, with some manual adjust.

```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 12:01:26 +08:00
Pengyu Lv f1b86b088f ssl: add macro to indicate CBC mode is available 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 11:28:42 +08:00
Pengyu Lv e870cc8c86 ssl: add macro for available key types 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 11:28:36 +08:00
Tom Cosgrove 53199b1c0a
Merge pull request #6720 from yuhaoth/pr/tls13-early-data-receive-0_rtt-and-eoed 
TLS 1.3: EarlyData SRV: Write early data extension  in EncryptedExtension
 2023-11-07 13:59:13 +00:00
Yanray Wang 4995e0c31b cipher.c: return error for ECB-decrypt under BLOCK_CIPHER_NO_DECRYPT 
- fix remaining dependency in test_suite_psa_crypto.data

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 17:51:32 +08:00
Tom Cosgrove 4122c16abd
Merge pull request #6945 from lpy4105/issue/6935/ticket_flags-kex-mode-determination 
TLS 1.3: SRV: Check ticket_flags on kex mode determination when resumption
 2023-11-07 09:26:21 +00:00
Jerry Yu 7cca7f6820 move ext print to the end of write client hello 
pre_shared_key extension is done at the end. The
information should be print after that

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-07 15:19:13 +08:00
Jerry Yu 1ccd6108e8 Revert "fix miss sent extensions mask" 
This reverts commit 06b364fdfd.

It has been set in write_binders

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-07 14:57:44 +08:00
Jerry Yu 7ef9fd8989 fix various issues 
- Debug message
- Improve comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-07 14:31:37 +08:00
Jerry Yu 2bea94ce2e check the ticket version unconditional 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-07 14:18:17 +08:00
Yanray Wang 0751761b49 max_early_data_size: rename configuration function 
Rename mbedtls_ssl_tls13_conf_max_early_data_size as
mbedtls_ssl_conf_max_early_data_size since in the future
this may not be specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 11:49:34 +08:00
Yanray Wang d5ed36ff24 early data: rename configuration function 
Rename mbedtls_ssl_tls13_conf_early_data as
mbedtls_ssl_conf_early_data since in the future this may not be
specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 11:49:24 +08:00
Pengyu Lv 44670c6eda Revert "TLS 1.3: SRV: Don't select ephemeral mode on resumption" 
This reverts commit dadeb20383.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-07 09:58:53 +08:00
Dave Rodgman 4b67ac8adf
Merge pull request #8444 from Mbed-TLS/cvv-code-size 
code size for mbedtls_cipher_validate_values
 2023-11-06 12:50:37 +00:00
Yanray Wang 0d76b6ef76 Return an error if asking for decrypt under BLOCK_CIPHER_NO_DECRYPT 
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is enabled, but decryption is
still requested in some incompatible modes, we return an error of
FEATURE_UNAVAILABLE as additional indication.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00
Yanray Wang de0e2599ad cipher_wrap.c: remove unnecessary NO_DECRYPT guard for DES 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00
Gilles Peskine 8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407 
[G2] Make TLS work without Cipher
 2023-11-04 15:05:00 +00:00
Dave Rodgman bb5a18344a Bump version 
./scripts/bump_version.sh --version 3.5.1 --so-crypto 15 --so-x509 6 --so-tls 20

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:31:30 +00:00
Dave Rodgman a9b6c64a69 Fix some non-standard headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:24:58 +00:00
Dave Rodgman e3c05853d6 Header updates 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:21:36 +00:00
Dave Rodgman 4eb44e4780 Standardise some more headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:15:12 +00:00
Dave Rodgman ce38adb731 Fix header in ssl_tls13_keys.c 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 10:29:25 +00:00
Dave Rodgman f8be5f6ade Fix overlooked files 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 20:43:00 +00:00
Dave Rodgman 16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
Dave Rodgman e91d7c5d68 Update comment to mention IAR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 10:36:38 +00:00
Dave Rodgman b351d60e99 Merge remote-tracking branch 'origin/development' into msft-aarch64 2023-11-01 13:20:53 +00:00
Jerry Yu 960b7ebbcf move psk check to EE message on client side 
early_data extension is sent in EE. So it should
not be checked in SH message.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-01 10:32:18 +08:00
Jerry Yu 82fd6c11bd Add selected key and ciphersuite check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-01 10:32:17 +08:00
Jerry Yu ce3b95e2c9 move ticket version check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-01 10:32:17 +08:00
Jerry Yu 454dda3e25 fix various issues 
- improve output message
- Remove unnecessary checks
- Simplify test command

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-01 10:28:43 +08:00
Dave Rodgman 9ba640d318 Simplify use of __has_builtin 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 23:34:02 +00:00
Dave Rodgman 90c8ac2205 Add case for MSVC 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 23:27:24 +00:00
Dave Rodgman 64bdeb89b9 Use non-empty definition for fallback 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 23:27:04 +00:00
Dave Rodgman 52e7052b6c tidy up comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 23:26:44 +00:00
Dave Rodgman 3e5cc175e0 Reduce code size in mbedtls_cipher_validate_values 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 18:00:01 +00:00
Dave Rodgman 6d2c1b3748 Restructure mbedtls_cipher_validate_values 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 18:00:01 +00:00
Dave Rodgman fb24a8425a Introduce MBEDTLS_ASSUME 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-31 17:59:56 +00:00
Yanray Wang b67b47425e Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-10-31 17:22:06 +08:00
Pengyu Lv dbd1e0d986 tls13: add helpers to check if psk[_ephemeral] allowed by ticket 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-31 10:17:17 +08:00
Pengyu Lv 29daf4a36b tls13: server: fully check ticket_flags with available kex mode. 
We need to fully check if the provided session ticket could be
used in the handshake, so that we wouldn't cause handshake
failure in some cases. Here we bring f8e50a9 back.

Example scenario:
A client proposes to a server, that supports only the psk_ephemeral
key exchange mode, two tickets, the first one is allowed only for
pure PSK key exchange mode and the second one is psk_ephemeral only.
We need to select the second tickets instead of the first one whose
ticket_flags forbid psk_ephemeral and thus cause a handshake
failure.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-31 09:34:14 +08:00
Dave Rodgman b06d701f56
Merge pull request #8406 from beni-sandu/aesni 
AES-NI: use target attributes for x86 32-bit intrinsics
 2023-10-30 17:01:06 +00:00
Tom Cosgrove 3857bad9a2
Merge pull request #8427 from tom-cosgrove-arm/fix-linux-builds-in-conda-forge 
Fix builds in conda-forge, which doesn't have CLOCK_BOOTTIME
 2023-10-30 15:29:26 +00:00
Valerio Setti 467271dede ssl_misc: ignore ALG_CBC_PKCS7 for MBEDTLS_SSL_HAVE_xxx_CBC 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:40:32 +01:00
Valerio Setti 1ebb6cd68d ssl_misc: add internal MBEDTLS_SSL_HAVE_[AES/ARIA/CAMELLIA]_CBC symbols 
These are used in tests to determine whether there is support for
one of those keys for CBC mode.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:36:32 +01:00
Jerry Yu 06b364fdfd fix miss sent extensions mask 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-30 17:18:42 +08:00
Pengyu Lv cfb23b8090 tls13: server: parse pre_shared_key only when some psk is selectable 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-30 15:26:26 +08:00
Beniamin Sandu 800f2b7c02 AES-NI: use target attributes for x86 32-bit intrinsics 
This way we build with 32-bit gcc/clang out of the box.
We also fallback to assembly for 64-bit clang-cl if needed cpu
flags are not provided, instead of throwing an error.

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
 2023-10-27 17:02:22 +01:00
Valerio Setti 36fe8b9f4b psa_crypto_cipher: add guard for unused variable 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-27 09:13:33 +02:00
Valerio Setti 1e21f26d88 psa_crypto_cipher: add helper to validate PSA cipher values 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-27 09:13:33 +02:00
Valerio Setti 4a249828a8 psa_crypto_cipher: add mbedtls_cipher_values_from_psa() 
This commit splits mbedtls_cipher_info_from_psa() in 2 parts:

- mbedtls_cipher_values_from_psa() that performs parameters' validation and
  return cipher's values

- mbedtls_cipher_info_from_psa() which then use those values to return
  the proper cipher_info pointer. Of course this depends on CIPHER_C.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-27 09:12:06 +02:00
Valerio Setti 2c2adedd82 psa_crypto_aead: add guard for CIPHER_C dependency 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-27 09:12:06 +02:00
Jerry Yu 71c14f1db6 write early data indication in EE msg 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-27 10:52:49 +08:00
Jerry Yu 985c967a14 tls13: add more checks for server early data 
- check if it is enabled
- check if it is psk mode
- check if it is resumption
- check if it is tls13 version

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-27 10:52:27 +08:00
Bence Szépkúti 51328162e6
Merge pull request #8374 from sergio-nsk/sergio-nsk/8372/2 
Fix compiling AESNI in Mbed-TLS with clang on Windows
 2023-10-26 21:21:01 +00:00
Dave Rodgman 2db1e354e3
Merge pull request #8408 from daverodgman/iar-fix-aes 
Fix MBEDTLS_MAYBE_UNUSED for IAR
 2023-10-26 15:53:11 +00:00
Gilles Peskine b3d0ed2e6e
Merge pull request #8303 from valeriosetti/issue6316 
Add test component with all ciphers and AEADs accelerated only
 2023-10-26 15:53:10 +00:00
Tom Cosgrove 257f6dd57d Fix builds in conda-forge, which doesn't have CLOCK_BOOTTIME 
Fixes #8422

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-10-26 14:04:34 +01:00
Ronald Cron 95b735530c
Merge pull request #6719 from yuhaoth/pr/tls13-early-data-add-early-data-of-client-hello 
TLS 1.3: EarlyData SRV: Add early data extension parser.
 2023-10-26 08:31:53 +00:00
Valerio Setti bbc46b4cc2 cipher: improve code readibility in mbedtls_cipher_setup() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-26 09:00:21 +02:00
Dave Rodgman 6e51abf11d Merge remote-tracking branch 'origin/development' into msft-aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 15:17:11 +01:00
Dave Rodgman d1c4fb07ee Support older IAR versions 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 15:07:35 +01:00
Valerio Setti 79a02de79f cipher: check that ctx_alloc_func is not NULL before calling it 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-25 12:03:36 +02:00
Valerio Setti a6c0761c43 cipher_wrap: fix guards for GCM/CCM AES 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-25 12:03:36 +02:00
Valerio Setti e86677d0c3 pkparse: fix missing guards for pkcs5/12 functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-25 12:03:36 +02:00
Dave Rodgman 5e41937eba Remove dependency on asm/hwcap.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman 9fd1b526c3 Use MBEDTLS_ARCH_IS_ARMV8_A not MBEDTLS_ARCH_IS_ARMV8 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman cb5c9fb0c2 Add volatile to prevent asm being optimised out 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman b34fe8b88b Fix #error typo 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman 90291dfe33 Share some definitions that are common for clang and GCC 5 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman 46267f6a2d Tidy-up: move GCM code into one place 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman f4ee5d4c94 Code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman 2c25bdb7cf Don't use #ifdef on vreinterpretq_xxx 
Co-authored-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman f60e44d063 Add link to ACLE docs in comment 
Co-authored-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman 48b965d941 Update clang version requirements 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman 472a1906d5 fix tabs 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman 4b8e8dc043 Improve compiler version checking + docs + testing for armclang 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman ece803b0ae Fix behaviour for Armv8 targets without Neon 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman 851cf5a325 Fix runtime detection on A32/T32 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman 27e3c87fc1 Suppport AESCE on A32 and T32 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:22 +01:00
Dave Rodgman d69d3cda34
Merge pull request #8298 from daverodgman/sha-armce-thumb2 
Support SHA256 acceleration on Armv8 thumb2 and arm
 2023-10-24 21:23:15 +00:00
Dave Rodgman f842868dd9 Fix MBEDTLS_MAYBE_UNUSED for IAR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-24 14:18:38 +01:00
Pengyu Lv 7b711710b2 Add check_ticket_flags helper function 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-24 17:07:14 +08:00
Dave Rodgman 514590210b Merge remote-tracking branch 'origin/development' into sha-armce-thumb2 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-23 15:35:07 +01:00
Dave Rodgman 66d5512571 Remove dependency on asm/hwcap.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-23 15:12:32 +01:00
Dave Rodgman bcb810252c
Merge pull request #8363 from daverodgman/iar-fixes-2 
Stop IAR warning about goto skipping variable definition
 2023-10-23 14:59:15 +01:00
Tom Cosgrove 235e361b6c
Merge pull request #8339 from lpy4105/issue/support-cpuid-for-win32 
Support cpuid for win32
 2023-10-23 10:43:39 +00:00
Manuel Pégourié-Gonnard 2bf0870e25
Merge pull request #7861 from mpg/cleanup-pk-parse 
cleanup PK parse - part 1
 2023-10-23 08:49:16 +00:00
Matthias Schulz edc32eaf1a Uncrustified 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-10-19 16:09:08 +02:00
Sergey Markelov 3898f10fed Fix #8372 - Error compiling AESNI in Mbed-TLS with clang on Windows 
It can successfully compile w/ the clang options -maes -mpclmul.

Signed-off-by: Sergey Markelov <sergey@solidstatenetworks.com>
 2023-10-18 20:24:39 -07:00
Gilles Peskine 6407f8fc54
Merge pull request #8322 from valeriosetti/issue8257 
Improve location of MD_CAN macros
 2023-10-18 14:31:28 +00:00
Paul Elliott 4fb1955b31 Remove NULL-ing of passed in SSL context in ssl_populate_transform() 
Remove a piece of code that was meant to ensure non-usage of the ssl
context under conditions where it should not be used, as this now makes
less sense and also triggers coverity.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-10-18 15:16:45 +01:00
Matthias Schulz ab4082290e Added parameters to add callback function to handle unsupported extensions. Similar to how the callback functions work when parsing certificates. Also added new test cases. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-10-18 13:20:59 +02:00
Gilles Peskine f6f4695824
Merge pull request #8320 from valeriosetti/issue8263 
Fix dependencies of mbedtls_pk_ec_ro and mbedtls_pk_ec_rw
 2023-10-18 10:03:46 +00:00
Pengyu Lv ed5e4e86a5 Merge branch 'development' into issue/6935/ticket_flags-kex-mode-determination 2023-10-18 18:03:07 +08:00
Jerry Yu b47b2990d6 fix various issues 
- fix wrong typo
- remove redundant check
- remove psk mode tests

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-18 15:50:35 +08:00
Manuel Pégourié-Gonnard c6d633ffbc
Merge pull request #8297 from valeriosetti/issue8064 
Change accel_aead component to full config
 2023-10-18 07:15:59 +00:00
Matthias Schulz 873a202d18 Now handling critical extensions similarly to how its done in x509_get_crt_ext just without the callback function to handle unknown extensions. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-10-17 16:02:20 +02:00
Matthias Schulz cc923f307e Added missing like between variables and function body. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-10-17 12:36:56 +02:00
Matthias Schulz adb3cc4d43 Fixes #8377. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-10-17 11:57:10 +02:00
Valerio Setti 2f00b7a5da cipher: reset MBEDTLS_CIPHER_HAVE_AEAD to MBEDTLS_CIPHER_MODE_AEAD 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-17 11:43:34 +02:00
Manuel Pégourié-Gonnard 745ec5d75e Fix static initializer warning 
In a hypothetical build with no curves, or in the future when we add a
new curve type and possibly forget updating this function with a new
block for the new type, we write to `ret` at the beginning or the
function then immediately overwrite it with MPI_CHK(check_privkey),
which static analyzers understandably find questionable.

Use `ret` here and check the key only if it was actually set.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-17 10:13:45 +02:00
Yanray Wang 4b6595aa83 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-10-17 11:13:00 +08:00
Dave Rodgman 2fde39a22c
Merge pull request #8283 from daverodgman/more-aes-checks 
More AES guards testing and some fixes
 2023-10-16 18:22:51 +00:00
Valerio Setti 9fc1f24331 md: restore md.h includes in source files directly using its elements 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-16 14:39:38 +02:00
Valerio Setti 74cb404b0d ssl: improve ssl_check_key_curve() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-16 13:40:50 +02:00
Yanray Wang aa01ee303a Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-10-16 17:38:32 +08:00
Valerio Setti dcee98730b cipher_wrap: add VIA_LEGACY_OR_USE_PSA to new internal symbols 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-16 11:35:57 +02:00
Valerio Setti 596ef6c0b1 cipher: reset MBEDTLS_CIPHER_HAVE_AEAD_LEGACY to previous naming 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-16 11:26:08 +02:00
Valerio Setti 0521633559 cipher: fix guards in mbedtls_cipher_auth_[encrypt/decrypt]_ext() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-16 11:22:21 +02:00
Manuel Pégourié-Gonnard 52e9548c22 Fix check for format supported by PSA 
For non-Weierstrass curves there's only one format and it's supported.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard f1b7633443 Use clearer function name 
I went for "may be" as I was thinking just checking the tag technically
does not guarantee that what follows is correct, but I was wrong:
according to ASN.1, when there are variants, the tag does distinguish
unambiguously between variants, so we can be more positive here.
(Whether the thing inside that variant is correct is a different
question.)

As a welcome side effect, this makes the name more standard hence more
readable.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard 842ffc5085 Make code more robust 
Using return here is only correct if we know that group_load() is atomic
(either succeeds, or allocates no ressources). I'm not sure it is, and
even if it were, goto exit is more obviously correct, so let's use that.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard 94cf1f82ad Fix a typo in a comment 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard 564bc1bb96 Fix limitation in checking supported alg in pk_sign 
The recent changes in pkparse made it so ECDSA (deterministic or not) is
set as the secondary alg and ECDH the first one. This broke the wrapper
in pk_wrap as it was only checking the first alg when deciding whether
to use deterministic or not. The wrapper should not have unnecessary
requirements on how algs are set up, so make the check more flexible.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard 53d3e40a21 Fix unused warnings in dummy definition 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard 12ea63a5f7 Abstract away MBEDTLS_PK_PARSE_EC_EXTENDED 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard fac9819edc Fix and document return of pk_ecc_set_pubkey() 
One of the calling site needs to distinguish between "the format is
potentially valid but not supported" vs "other errors", and it uses
MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE for that.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard ff72ea9d51 Rework pk_ecc_set_pubkey() 
- Fix the logic around format: we were just assuming that if the format
was not compressed, it was uncompressed, but it could also have been
just invalid.
- Remove redundant length check: the fallback does its own checks.
- Remove set_algorithm() that's not needed and introduced a depencency
on ECDSA.
- Some style / naming / scope reduction.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard e4c883bc8c New signature for pk_ecc_set_pubkey() 
Also new name, for consistency, and documentation.

The signature **p, *end is mostly for parsing functions that may not
consume everything, and need to update the "current" pointer to reflect
what has been consumed. This is not the case here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard 681e30b727 Rework pk_ecc_set_pubkey_psa_ecp_fallback() 
- new semantic: sets the pubkey directly in the PK context
- new name to reflect that semantic and obey the naming scheme
- trivial case first
- documentation and better parameter names

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard 0b8e45650f Tune body of pk_ecc_set_pubkey_from_prv() 
- avoid useless use of ret in PSA code, keep only status
- improve variable names
- keep declarations closer to use
- a few internal comments

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard de25194a20 Rename and document pk_ecc_set_pubkey_from_prv() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard d1aa642394 Document pk_ecc_set_group() and pk_ecc_set_key() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard 5470898e37 Move code around again 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard 997a95e592 Merge two consecutive #ifs 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard 212517b87d Start re-ordering functions in pkparse 
The general order is low-level first, top-level last, for the sake of
static function and avoiding forward declarations.

The obvious exception was functions that parse files that were at the
beginning; move them to the end.

Also start defining sections in the file; this is incomplete as I don't
have a clear view of the beginning of the file yet. Will continue in
further commits.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard df151bbc37 Minor improvements to pk_ecc_read_compressed() 
- new name starting with pk_ecc for consistency
- re-order params to match the PSA convention: buf, len, &size
- add comment about input consumption

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard e82fcd9c9e Avoid nested #ifs in body of pk_get_ecpubkey() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard 116175c5d7 Use helper macro for (deterministic) ECDSA 
- centralizes decision making about which version to use when
- avoids nested #ifs in pk_ecc_set_key()

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:27:22 +02:00
Dave Rodgman 0a48717b83 Simplify Windows-on-Arm macros 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Dave Rodgman c5cc727dd0 Use new MBEDTLS_ARCH_IS_xxx macros 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Dave Rodgman a0f10da9d2 Use MBEDTLS_HAVE_NEON_INTRINSICS instead of __ARM_NEON 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Dave Rodgman 4ffd7c7614 Introduce MBEDTLS_HAVE_NEON_INTRINSICS and simplify NEON header inclusion 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Dave Rodgman be09286666 Enable 8-byte fastpath in mbedtls_xor on ARM64 and ARM64EC 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Dave Rodgman ad71b6a834 Support ARM64EC in the same way as ARM64 in sha256 and sha512 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Dave Rodgman 78fc0bd1db Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS on Windows-on-Arm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Manuel Pégourié-Gonnard dcd98fffab Factor similar code into pk_ecc_set_key() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard 6db11d5068 Group two versions of the same code 
Just moving code around. The two blocks do morally the same thing: load
the key, and grouping them makes the #if #else structure clearer.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard d5b4372012 Slightly simplify pk_derive_public_key() 
- add a comment explain potentially surprising parameters
- avoid nesting #if guards: I find the linear structure #if #elif #else
makes the three cases clearer.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard 2585852231 Factor common code into a function 
There were two places that were calling either pk_update_ecparams() or
mbedtls_ecp_group_load() depending on the same guard. Factor this into a
single function, that works in both configs, so that callers don't have
to worry about guards.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard 5fcbe4c1f8 Further rationalize includes 
- only include psa_util when we use PSA Crypto
- re-order includes

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard da88c380bd Minimize key-type-related includes 
- we don't use any ECDSA function here
- we only need to include ecp.h when supporting ECC keys

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard 4b0e8f0e2c Remove redundant include 
It's also included later, guarded by support for ECC keys, and actually
that's the only case where we need it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Valerio Setti 5f5573fa90 cipher: reintroduce symbol for legacy AEAD support 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-13 17:29:27 +02:00
Dave Rodgman 515af1d80d Stop IAR warning about goto skipping variable definition 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-13 16:03:25 +01:00
Bence Szépkúti 195411bb17
Merge pull request #8062 from yanrayw/save_stack_usage_pkwrite 
pkwrite: use heap to save stack usage for writing keys in PEM string
 2023-10-13 14:27:13 +00:00
Dave Rodgman 2457bcd26c Tidy up logic for MBEDTLS_MAYBE_UNUSED 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-13 12:31:45 +01:00
Gilles Peskine 97a6231b5c
Revert "Fix a few IAR warnings" 2023-10-13 11:39:53 +02:00
Dave Rodgman 2d67e3a07b
Merge pull request #8352 from daverodgman/iar-fixes 
Fix a few IAR warnings
 2023-10-13 09:20:28 +01:00
Tom Cosgrove 71f2e398bd
Merge pull request #8345 from mcagriaksoy/branch_issue_8344 
Add missing casting size_t to int on ssl_tls13_keys.c
 2023-10-12 18:39:33 +00:00
Dave Rodgman 584c8108b3 Use a block to save 12b 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:55:23 +01:00
Dave Rodgman 351a81c65d Keep initialisation of p in its original location 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:36:05 +01:00
Dave Rodgman bcb1818e19 Fix IAR 'transfer of control bypasses initialization' warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:23:11 +01:00
Dave Rodgman 4b779bef9e
Merge branch 'development' into more-aes-checks 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:17:10 +01:00
Dave Rodgman 54bb76e106
Merge pull request #8348 from kasjer/kasjer/aes-rcon-rename 
Rename local variable in aes.c
 2023-10-12 12:30:35 +00:00
Ryan Everett 1a91309324 Restore array formatting 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-10-12 12:00:01 +01:00
Maciej Zwoliński 720c638717 Add AES encrypted keys support for PKCS5 PBES2 
Signed-off-by: Maciej Zwoliński <mac.zwolinski@gmail.com>
 2023-10-12 12:00:01 +01:00
Valerio Setti db1ca8fc33 cipher: keep MBEDTLS_CIPHER_HAVE symbols private 
This commit also improve the usage of these new symbols in
cipher_wrap code

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-12 10:39:54 +02:00
Valerio Setti e570704f1f ssl: use MBEDTLS_SSL_HAVE_[CCM/GCM/CHACHAPOLY/AEAD] macros for ssl code 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-12 10:39:37 +02:00
Dave Rodgman 4fd868e4b1
Refer to Armv8-A (not Armv8) in comments 
Co-authored-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 09:09:42 +01:00
Jerry Yu ab0da370a4 Add early data status update 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-12 15:02:01 +08:00
Jerry Yu 1eb0bd557d Add not-received status 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-12 15:02:01 +08:00
Jerry Yu 33bf240e53 Add max_early_data_size into copy list 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-12 15:00:26 +08:00
Jerry Yu 02e3a074a3 Add max_early_data_size into ticket 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-12 15:00:26 +08:00
Jerzy Kasenberg ee62fceade Rename local variable in aes.c 
This changes local variable name RCON to round_constants.

RCON being definition in xc32 compiler headers for some PIC32 register.
Without this change, mynewt project for PIC32 platform fails to build due to
macro redefinition.

This does not changes behavior of library in any way.

Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
 2023-10-11 16:36:24 +02:00
Mehmet Cagri Aksoy 56e9011bde Add casting size_t to int 
Signed-off-by: Mehmet Cagri Aksoy <mcagriaksoy@yandex.com>
 2023-10-11 15:28:06 +02:00
Mehmet Cagri Aksoy 66f9b3f810 Add casting size_t to int 
Signed-off-by: Mehmet Cagri Aksoy <mcagriaksoy@yandex.com>
 2023-10-11 15:26:23 +02:00
Dave Rodgman b0d9830373
Merge branch 'development' into sha-armce-thumb2 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-11 13:53:41 +01:00
Valerio Setti 02a634decd md: remove unnecessary inclusions of mbedtls/md.h 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-11 13:15:58 +02:00
Valerio Setti 4d0e84628c ssl: reorganize guards surrounding ssl_get_ecdh_params_from_cert() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-11 13:15:29 +02:00
Valerio Setti d4a10cebe4 cipher/tls: use new symbols for guarding AEAD code 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-11 13:10:34 +02:00
Dave Rodgman be7915aa6c Revert renaming of SHA512 options 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-11 10:59:05 +01:00
Ronald Cron a89d2ba132
Merge pull request #8327 from ronald-cron-arm/adapt-psa-crypto-repo-name 
Adapt to new PSA Crypto repo name
 2023-10-11 06:45:30 +00:00
Pengyu Lv 0ecb635ca5 aesni: select __cpuid impl based on compiler type 
MinGW provides both kinds of implementations of `__cpuid`,
but since `cpuid.h` is provided by GNUC, so we should choose
the implementation by the compiler type instead of OS type.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-11 11:09:58 +08:00
Dave Rodgman 5b89c55bb8 Rename MBEDTLS_SHAxxx_USE_ARMV8_yyy to MBEDTLS_SHAxxx_USE_ARMV8_A_yyy 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-10 15:14:57 +01:00
Dave Rodgman fe9fda81aa Rename MBEDTLS_ARCH_IS_ARMV8 to MBEDTLS_ARCH_IS_ARMV8_A 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-10 15:14:56 +01:00
Dave Rodgman 5d4ef83e01 Fix hwcap detection on 32-bit Arm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-10 13:04:07 +01:00
Dave Rodgman 94a634db96 Rename A64 config options 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-10 12:59:29 +01:00
Pengyu Lv e8c4bf180b aesni: declare cpuinfo as int 
Change the type of array that stores the cpuinfo
data to int[4] to match the signature of `__cpuinfo`
in `intrin.h` header file.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-10 18:12:43 +08:00
Pengyu Lv 308cb232bf aesni: support cpuid on WIN32 
`__cpuid` has two kinds of signatures in different
headers depending on the target OS. We make it
consistent between the usages ang the included header.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-10 17:56:12 +08:00
Dave Rodgman 78d78462ac Make asm without side-effects not optimisable-out 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-10 09:53:44 +01:00
Ronald Cron 7871cb14a7 Include psa/build_info.h instead of mbedtls/build_info.h 
In PSA headers include psa/build_info.h instead
of mbedtls/build_info.h. In Mbed TLS, both are
equivalent but not in TF-PSA-Crypto where
psa/build_info.h is the correct one.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-10-10 09:35:22 +02:00
Dave Rodgman e7ebec6723
Merge pull request #8281 from daverodgman/fix-hwonly-warnings 
Improve AES hardware-only check
 2023-10-09 11:25:50 +00:00
Dave Rodgman 8ba9f42acd Fix arch detection for auto setting of clang flags 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-08 10:46:25 +01:00
Dave Rodgman 866b3a1886
Merge pull request #8323 from tom-daubney-arm/fix_mbedtls_styling_docs 
Correct styling of Mbed TLS in documentation
 2023-10-06 19:10:10 +00:00
Thomas Daubney 540324cd21 Correct styling of Mbed TLS in documentation 
Several bits of documentation were incorrectly styling Mbed TLS
as MbedTLS.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-10-06 17:07:24 +01:00
Paul Elliott 3677352631
Merge pull request #8308 from valeriosetti/issue8052 
PKCS12: use one-shot API
 2023-10-06 15:39:31 +00:00
Dave Rodgman 8e00fe0cd8
Merge pull request #8309 from daverodgman/iar-warnings2 
Fix IAR warnings
 2023-10-06 13:24:12 +00:00
Valerio Setti e7cefae5f4 ssl: fix getting group id in ssl_check_key_curve() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-06 13:19:48 +02:00
Valerio Setti d3925d25ec pk_internal: change guards for mbedtls_pk_ec_[ro/rw] 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-06 13:13:19 +02:00
Valerio Setti f484884fba pkcs12: use mbedtls_cipher_crypt() instead of explicitly defining all steps 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-06 11:25:08 +02:00
Dave Rodgman 2eab462a8c Fix IAR warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-05 13:30:37 +01:00
Dave Rodgman 9a36f4cb97 Fix cast errors on IAR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-05 11:25:52 +01:00
Dave Rodgman 790370b392 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-05 11:02:23 +01:00
Dave Rodgman 3ba9ce3c1d Warn if using runtime detection and no Neon 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-05 09:58:33 +01:00
Dave Rodgman 7ed619d3fa Enable run-time detection for Thumb and Arm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-05 09:39:56 +01:00
Dave Rodgman 9bf752c45d Support MSVS with clang 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-05 08:20:44 +01:00
Minos Galanakis 4855fdf887 Revert "Auto-generated files for v3.5.0" 
This reverts commit 591416f32b.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-05 00:17:21 +01:00
Dave Rodgman 749f2227c6 Get MBEDTLS_MAYBE_UNUSED to cover more compilers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-04 22:12:33 +01:00
Dave Rodgman 04d0d06e83 Code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-04 18:05:08 +01:00
Dave Rodgman ebe4292a9c Improve behaviour on gcc targetting arm or thumb 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-04 17:36:44 +01:00
Dave Rodgman 793e264fbb Fix indentation 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-04 17:36:20 +01:00
Minos Galanakis e35e387ad7 Bump library so-crypto, so-x509, so-tls versions. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-04 16:17:46 +01:00
Minos Galanakis 8f4c19a680 Merge pull request #8273 from davidhorstmann-arm:target-prefix-3rdparty 
Add MBEDTLS_TARGET_PREFIX to 3rdparty CMake
 2023-10-04 16:03:22 +01:00
Dave Rodgman feadcaf4a6 Support MBEDTLS_MAYBE_UNUSED in MSVC and IAR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-04 15:27:33 +01:00
Dave Rodgman 18ddf61a75 Use MBEDTLS_MAYBE_UNUSED to simplify aes.c and let compiler remove unused variables 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-04 14:03:12 +01:00
Dave Rodgman 1ec1a0f0cc Introduce MBEDTLS_MAYBE_UNUSED 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-04 13:50:54 +01:00
Minos Galanakis 591416f32b Auto-generated files for v3.5.0 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-04 00:55:02 +01:00
Minos Galanakis 31ca313efa Bump version to 3.5.0 
```
./scripts/bump_version.sh --version 3.5.0
```

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 22:02:18 +01:00
Minos Galanakis 1a3ad265cc Merge branch 'development-restricted' into mbedtls-3.5.0rc0-pr 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-10-03 21:57:51 +01:00
Dave Rodgman cc5bf4946f Make SHA256 depend on Armv8, not aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-03 18:02:56 +01:00
Gilles Peskine 3713bee34c Remove leftover local debug line 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 18:43:18 +02:00
Gilles Peskine 7910cdd47f Avoid compiler warning about size comparison 
GCC warns about comparing uint8_t to a size that may be >255.

Strangely, casting the uint8_t to a size_t in the comparison expression
doesn't avoid the warning. So change the type of the variable.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 16:11:05 +02:00
Gilles Peskine 530c423ad2 Improve some debug messages and error codes 
On a parsing error in TLS, return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE, not a
crypto error code.

On error paths, emit a level-1 debug message. Report the offending sizes.

Downgrade an informational message's level to 3.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:42:11 +02:00
Gilles Peskine c29df535ee Improve robustness of ECDH public key length validation 
In client-side code with MBEDTLS_USE_PSA_CRYPTO, use the buffer size to
validate what is written in handshake->xxdh_psa_peerkey. The previous code
was correct, but a little fragile to misconfiguration or maintenance.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:02:39 +02:00
Gilles Peskine c8df898204 Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing 
Fix a buffer overflow in TLS 1.2 ClientKeyExchange parsing. When
MBEDTLS_USE_PSA_CRYPTO is enabled, the length of the public key in an ECDH
or ECDHE key exchange was not validated. This could result in an overflow of
handshake->xxdh_psa_peerkey, overwriting further data in the handshake
structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:02:33 +02:00
Gilles Peskine 12c5aaae57 Fix buffer overflow in TLS 1.3 ECDH public key parsing 
Fix a buffer overflow in TLS 1.3 ServerHello and ClientHello parsing. The
length of the public key in an ECDH- or FFDH-based key exchange was not
validated. This could result in an overflow of handshake->xxdh_psa_peerkey,
overwriting further data in the handshake structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-02 15:02:10 +02:00
Dave Rodgman a06d45ec4a Code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-29 18:59:34 +01:00
Dave Rodgman 450c1ff353 Fix some more incorrect guards in aes.c 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-29 16:23:37 +01:00
Gilles Peskine 16e9256fe8
Merge pull request #8272 from daverodgman/iar-warnings 
Fix IAR warnings
 2023-09-29 13:11:03 +00:00
Dave Rodgman e81a632257 Restore missing #if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-29 13:54:27 +01:00
Dave Rodgman 782df03553 Improve AES hardware-only check 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-29 13:04:36 +01:00
David Horstmann de527fbfe0 Add MBEDTLS_TARGET_PREFIX to 3rdparty CMake 
MBEDTLS_TARGET_PREFIX is prepended to the CMake targets for Mbed TLS
except for targets in 3rdparty. Change this so that 3rdparty targets use
the prefix as well.

This allows multiple copies of Mbed TLS to be used in the same CMake
tree when using code in the 3rdparty directory.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-09-28 18:39:33 +01:00
Dave Rodgman 90330a4a2d Fix IAR control bypasses initialisation warning 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-28 18:13:46 +01:00
Dave Rodgman 02a53d7bef Fix IAR pointless integer comparison 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-28 17:19:50 +01:00
Dave Rodgman 7e9af05409 Fix IAR control bypasses initialisation warning 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-28 17:08:49 +01:00
Dave Rodgman 73d8591f7f Fix IAR change of sign warning 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-28 17:00:50 +01:00
Gilles Peskine 42f8d5f0c9
Merge pull request #8261 from Mbed-TLS/fix-cmake-header-include 
Add CMake include path for generated header
 2023-09-28 15:16:15 +00:00
Manuel Pégourié-Gonnard f07ce3b8ff Don't extend support for deprecated functions 
Restore guards from the previous release, instead of the new, more
permissive guards.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:51:51 +02:00
Dave Rodgman 0fc86b2ddf
Merge pull request #8075 from valeriosetti/issue8016 
driver-only ECC: curve acceleration macros
 2023-09-27 14:39:02 +00:00
David Horstmann b7b4f23c38 Add CMake include path for generated header 
Now that we are generating psa_crypto_driver_wrappers.h, we need to pass
build/library as an include directory.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-09-27 14:05:32 +01:00
Xiaokang Qian e9dc63e069 No need to include the 3rd party entry point head file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian b909aeafa3 Remove useless spaces in Makefile 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 0e5b53c7e4 Move the dependency adjacent to the generated file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 1b61d6e13f Change include guards of psa_crypto_driver_wrappers_no_static.h 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 845693c513 Change comments to psa_crypto_driver_wrappers.h 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian fe9666b8c0 Change the extension type of the file psa_crypto_driver_wrapper 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 54a4fdfe91 Automaticly generate psa_crypto_driver_wrappers_no_static.c 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 97d1ccb781 Dont't generate object file for file only include static functions 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 42266dd670 Revert the Makefile to remove the dependency of generate_files 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 9345b2e98f Move functions out of the static file 
Move get_key_buf_size/get_builtin_key out of
    the psa wrapper auto generated file
Slot_management.c include the head file instead of the source file

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian cad99fa998 Change code style 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian e9c39c42fd Enable build of non-static psa wrapper functions 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian e518eeada9 Move function psa_driver_wrapper_export_public_key out of auto-generated 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 5db65c72ec Remove static inline functions declare and make it only in c file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:06 +00:00
Xiaokang Qian 077ffc0991 Ensure build of P256 pass 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:06 +00:00
Xiaokang Qian b862031afa Remove useless declaration 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:06 +00:00
Thomas Daubney 7046468a02 Define the psa wrapper functions as static inline 
This is a commit from Thomas Daubney.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:06 +00:00
Gilles Peskine 391dd7fe87 Fix propagation of return value from parse_attribute_value_hex_der_encoded 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-25 19:59:31 +02:00
Gilles Peskine 7f420faf03 parse_attribute_value_hex_der_encoded: clean up length validation 
Separate the fits-in-buffer check (*data_length <= data_size) from the
we-think-it's-a-sensible-size check (*data_length <=
MBEDTLS_X509_MAX_DN_NAME_SIZE).

This requires using an intermediate buffer for the DER data, since its
maximum sensible size has to be larger than the maximum sensible size for
the payload, due to the overhead of the ASN.1 tag+length.

Remove test cases focusing on the DER length since the implementation no
longer has a threshold for it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-25 19:59:31 +02:00
Gilles Peskine 7077781af5 Fix integer overflow with an input buffer larger than INT_MAX 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-25 19:59:31 +02:00
Gilles Peskine 25665781f6 Rewrite parse_attribute_value_hex_der_encoded() 
Rename the function from parse_attribute_value_der_encoded: the hex aspect
seems important.

There was a buffer overflow due to not validating that the intermediate data
fit in the stack buffer. The rewrite doesn't use this buffer, and takes care
not to overflow the buffer that it does use.

Document all that's going on.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-25 19:59:31 +02:00
Dave Rodgman 6da7872aa2
Merge pull request #1083 from gilles-peskine-arm/development-restricted-merge-20230925 
Merge development into development-restricted
 2023-09-25 18:16:01 +01:00
Valerio Setti c437faeaa1 psa_crypto: fix guards in mbedtls_ecc_group_to_psa() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:41 +02:00
Valerio Setti db6b4db7a0 Renaming all MBEDTLS_HAVE for curves to MBEDTLS_ECP_HAVE 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:41 +02:00
Valerio Setti cf29c5d9d5 ssl: don't require MBEDTLS_ECP_DP with TLS1.3 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:41 +02:00
Valerio Setti 6d809cc969 lib/test: use new internal helpers in library's code and tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:41 +02:00
Valerio Setti f250ada3ab tls/oid: add PSA_WANT_ECC_xxx guards together with existing MBEDTLS_ECP_DP_xxx 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:40 +02:00
Gilles Peskine ffe590d197
Merge pull request #1058 from waleed-elmelegy-arm/check-set_padding-is-called 
Check set_padding has been called in mbedtls_cipher_finish
 2023-09-25 17:12:36 +02:00
Minos Galanakis 21087754a5 x509_crt: Removed unused intsafe.h 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 15:17:38 +01:00
Gilles Peskine ca1e605b9c Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925 
Conflicts:
* `include/mbedtls/build_info.h`: a new fragment to auto-enable
  `MBEDTLS_CIPHER_PADDING_PKCS7` was added in
  c9f4040f7f in `development-restricted`.
  In `development`, this section of the file has moved to
  `include/mbedtls/config_adjust_legacy_crypto.h`.
* `library/bignum.c`: function name change in `development-restricted` vs
  comment change in development. The comment change in `development` is not
  really relevant, so just take the line from `development-restricted`.
 2023-09-25 16:16:26 +02:00
Minos Galanakis a9bb34cd73 x509_crt: Removed length_as_int intermediate variable 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:42:41 +01:00
Minos Galanakis 59108d3f4d x509_crt: Adjusted the len of lpMultiByteStr arg in WideCharToMultiByte 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:23 +01:00
Minos Galanakis 08a67ccefd x509_crt: Set WideCharToMultiByte to use -1 for length. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>

WideCharToMultiByte
 2023-09-25 14:12:23 +01:00
Minos Galanakis 40995e1390 x509_crt: Removed checks for windows versions < WINXP 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis fac45fbafe entropy_poll: Removed checks for windows versions < WINXP 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis e8a5d1afbd entropy_poll: Updated documentation for entropy_poll loop. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis 2c6e561ff8 entropy_poll.c: Added looping logic to mbedtls_platform_entropy_poll(). 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis 4952f705ee Removed unsupported Visual Studio related code in entropy_poll.c and x509_crt.c. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis 12b493f4dc entropy_poll/x509_crt: Added MBEDTLS_POP_TARGET_PRAGMA define guards. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:21 +01:00
Minos Galanakis 24a1c16fac library Makefile: Moved -lbcrypt to LOCAL_LDFLAGS 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:21 +01:00
Minos Galanakis a277b210ff Code style fixes 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:21 +01:00
Simon Butcher de573f56e5 Fix coding style of length_as_int var in x509_crt.c 
Variable had the very Windows name of lengthAsInt, which is fine for C# but
doesn't match the Mbed TLS coding standards.

Signed-off-by: Simon Butcher <simon.butcher@arm.com>
 2023-09-25 14:12:21 +01:00
Simon Butcher 35e5dad865 Add clarifying comment on use of MultiByteToWideChar() and CP_ACP 
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
 2023-09-25 14:12:21 +01:00
Simon Butcher def90f4966 Fix formatting and detail of comments in PR #730 
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
 2023-09-25 14:12:20 +01:00
Simon Butcher e068aa7ad5 Fix the build for mingw and CMake + VStudio 
Changes to the build to add the new Win32 Crypto API's inadvertently broke
the build for mingw and Visual Studio builds when generated by CMake.

Signed-off-by: Simon Butcher <simon.butcher@arm.com>
 2023-09-25 14:12:20 +01:00
Kevin Kane 0ec1e68548 Replace Windows APIs that are banned in Windows Store apps 
CryptGenRandom and lstrlenW are not permitted in Windows Store apps,
meaning apps that use mbedTLS can't ship in the Windows Store.
Instead, use BCryptGenRandom and wcslen, respectively, which are
permitted.

Also make sure conversions between size_t, ULONG, and int are
always done safely; on a 64-bit platform, these types are different
sizes.

Also suppress macro redefinition warning for intsafe.h:

Visual Studio 2010 and earlier generates C4005 when including both
<intsafe.h> and <stdint.h> because a number of <TYPE>_MAX constants
are redefined. This is fixed in later versions of Visual Studio.
The constants are guaranteed to be the same between both files,
however, so we can safely suppress the warning when including
intsafe.h.

Signed-off-by: Kevin Kane <kkane@microsoft.com>
 2023-09-25 14:12:20 +01:00
Dave Rodgman 025bed9eb7
Merge pull request #1076 from daverodgman/more-ct 
Use CT module more consistently
 2023-09-25 11:50:10 +01:00
Dave Rodgman 5a3add2c67
Merge pull request #8234 from kouzhudong/development 
Fix MSVC error C4703 about possibly uninitialized variable in pkwrite.c
 2023-09-25 10:51:46 +01:00
Gilles Peskine 6809f231a6
Merge pull request #8210 from yanrayw/aes_128bit_improvement 
AES 128bit only: add guards in cipher_wrap.c
 2023-09-22 18:15:03 +00:00
Gilles Peskine 18e1d11cfe
Merge pull request #1049 from waleed-elmelegy-arm/Switch-pkparse-to-mbedtls_pkcs5_pbe2_ext 
Switch pkparse to use new pkcs5/12 pbe functions
 2023-09-22 18:06:50 +02:00
Dave Rodgman 4f53520f54
Merge pull request #8241 from daverodgman/cast_warning 
fix cast warning
 2023-09-22 14:23:05 +00:00
Dave Rodgman c0633bc777 Add comment 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 10:54:43 +01:00
Dave Rodgman 38c3228f3e fix cast warning 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 10:51:37 +01:00
Gilles Peskine 193f94276e
Merge pull request #1071 from gilles-peskine-arm/ssl_decrypt_stream_short_buffer 
Fix buffer overread in mbedtls_ssl_decrypt_buf with stream cipher
 2023-09-22 11:43:03 +02:00
Dave Rodgman d03f483dbe Use mbedtls_ct_error_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 10:01:47 +01:00
Dave Rodgman fbe74a9e51 Add mbedtls_ct_error_if, with tests 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 09:58:25 +01:00
Tom Cosgrove 41434d043c
Merge pull request #8237 from tom-cosgrove-arm/mbedtls_pk_write_key_der-unused-len-and-unreachable-ret 
Remove unused variable and unreachable return from mbedtls_pk_write_key_der()
 2023-09-22 08:45:48 +00:00
Dave Rodgman a9d70125a3 Remove mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 21:53:54 +01:00
Dave Rodgman 7ad37e40a6 Remove use of mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 21:53:31 +01:00
Dave Rodgman 530c3da698 Improve implementation of mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 21:06:48 +01:00
Dave Rodgman 61f1beaccf Update library to use mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 19:23:17 +01:00
Dave Rodgman f81b2a14f2 Generalise mbedtls_ct_error_if to mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 19:22:43 +01:00
Dave Rodgman aaebc9be51
Merge pull request #8235 from daverodgman/misc-size 2023-09-21 18:42:37 +01:00
Tom Cosgrove 8d276fbc23 Remove unused variable and unreachable return from mbedtls_pk_write_key_der() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-09-21 17:19:36 +01:00
correy a15b4851d4 Fix MSVC error C4703 about possibly uninitialized variable in pkwrite.c 
Signed-off-by: correy <112426112@qq.com>
 2023-09-21 20:18:52 +08:00
Dave Rodgman 1a404e8f34 Use mbedtls_ct_error for CT error selection 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 13:12:28 +01:00
Dave Rodgman e50b537266 Add mbedtls_ct_error_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 11:29:58 +01:00
Dave Rodgman ef6795d2a9 Reduce size of mbedtls_asn1_get_len 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 10:35:33 +01:00
Pengyu Lv 6f0259e6da AESNI: improve comments on some guards in aesni.h 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-09-21 10:34:32 +08:00
Dave Rodgman 584a08f91d Add cast for MSVC 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 20:15:52 +01:00
Gilles Peskine efaee9a299 Give a production-sounding name to the p256m option 
Now that p256-m is officially a production feature and not just an example,
give it a more suitable name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-20 20:49:47 +02:00
Waleed Elmelegy 1db5cdaf57 Add tests to test pkcs8 parsing of encrypted keys 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-20 19:29:02 +01:00
Waleed Elmelegy 5e48cad7f0 Fix codestyle issues in pkcs12.h & pkparse.c 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-20 19:29:02 +01:00
Waleed Elmelegy d527896b7e Switch pkparse to use new mbedtls_pkcs12_pbe_ext function 
Switch pkparse to use new mbedtls_pkcs12_pbe_ext function
and deprecate mbedtls_pkcs12_pbe function.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-20 19:29:02 +01:00
Waleed Elmelegy c9f4040f7f Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function 
Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function
and deprecate mbedtls_pkcs5_pbes2 function.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-20 19:28:28 +01:00
Dave Rodgman 1cf181fd46 Reinstate more robust return value handling 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:10:17 +01:00
Dave Rodgman c43a0a4adb rename dont_ignore to in_padding 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Dave Rodgman e834d6c9f2 Move declaration for robustness against future edits 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Dave Rodgman c62f7fcce9 Use more meaningful variable name in mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Dave Rodgman e94cd0b99b Correct use of mbedtls_ct_mpi_uint_if_else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Gilles Peskine eda1b1f744
Merge pull request #7921 from valeriosetti/issue7613 
TLS: Clean up ECDSA dependencies
 2023-09-20 12:47:55 +00:00
Dave Rodgman ee5464fab9 Simplify unnecessarily complex error code handling 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 09:13:12 +01:00
Dave Rodgman fd96579ecd Use properly typed versions of mbedtls_ct_xxx_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 21:52:13 +01:00
Dave Rodgman 143f5f7c68 Add mbedtls_ct_bool_if and mbedtls_ct_bool_if_else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 21:52:13 +01:00
Dave Rodgman 437500c5b1 Fix MSVC type complaint 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 21:52:13 +01:00
Dave Rodgman 814d096420 Fix error in handling of return value from mbedtls_nist_kw_unwrap 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 20:48:51 +01:00
Dave Rodgman 6be4bcff16 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 19:47:51 +01:00
Dave Rodgman 4fc14cc4ae Fix error in handling of return value from mbedtls_nist_kw_unwrap 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 19:45:54 +01:00
Dave Rodgman f8182d91a7 Simplify add_zeros_padding 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:39:33 +01:00
Dave Rodgman d8c68a948a Use CT interface in get_zeros_padding 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:39:33 +01:00
Dave Rodgman 1cfc43c77b Rename mbedtls_ct_bool_xor to mbedtls_ct_bool_ne 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:39:33 +01:00
Dave Rodgman 89a9bd5887 Use CT interface in get_one_and_zeros_padding 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:39:33 +01:00
Dave Rodgman 6cec41c3bb use CT interface in add_zeros_and_len_padding() 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:34:06 +01:00
Dave Rodgman 6b7e2a5809 Use CT interface in get_pkcs_padding 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:34:06 +01:00
Dave Rodgman b4e6b41aa0 Use const-time interface throughout mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:34:06 +01:00
Dave Rodgman 51c15309f2 Make padlen check const-time 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 17:22:18 +01:00
Dave Rodgman c2630fac52 Simplify mbedtls_ct_memcmp_partial 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 17:21:50 +01:00
Dave Rodgman 66d6ac92e6 Use mbedtls_ct_memcmp in mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 09:10:59 +01:00
Dave Rodgman d337bd9bfe Improve const-timeness of mbedtls_nist_kw_unwrap 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 09:10:59 +01:00
Dave Rodgman 9c14007ac3 Add mbedtls_ct_memcmp_partial 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 09:10:59 +01:00
Dave Rodgman d26a3d6da7 Eliminate duplicate ct memcmp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-18 19:09:45 +01:00
Gilles Peskine faf0b8604a mbedtls_ssl_decrypt_buf(): fix buffer overread with stream cipher 
With stream ciphers, add a check that there's enough room to read a MAC in
the record. Without this check, subtracting the MAC length from the data
length resulted in an integer underflow, causing the MAC calculation to try
reading (SIZE_MAX + 1 - maclen) bytes of input, which is a buffer overread.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-18 19:07:50 +02:00
Gilles Peskine bd50d5baec
Merge pull request #8177 from gilles-peskine-arm/generated-files-off-in-release 
Generated files off in release
 2023-09-18 14:11:58 +00:00
Dave Rodgman 25c271a035
Merge pull request #8182 from daverodgman/asn1write-size 
Reduce code size in mbedtls_asn1_write_len
 2023-09-18 10:27:23 +00:00
Manuel Pégourié-Gonnard 275afe187f Fix preset shared between 1.2 and 1.3 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-18 11:19:20 +02:00
Gilles Peskine 67c86e626b
Merge pull request #7961 from gilles-peskine-arm/psa_crypto_config-in-full 
Enable MBEDTLS_PSA_CRYPTO_CONFIG in the full config
 2023-09-18 08:13:12 +00:00
Dave Rodgman 0c9516ea89 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-15 18:30:09 +01:00
Dave Rodgman 127f35d5e5 Merge remote-tracking branch 'origin/development' into asn1write-size 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-15 18:02:59 +01:00
Dave Rodgman ecdfc1c94f Fix poorly named function 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-15 18:00:37 +01:00
Gilles Peskine 8a7fb2d799
Merge pull request #1055 from waleed-elmelegy-arm/add-new-pkcs12-pbe2-ext-fun 
Add new pkcs12 pbe2 ext fun
 2023-09-15 18:43:03 +02:00
Gilles Peskine 170be457bd
Merge pull request #8207 from mcagriaksoy/branch_old_try 
Fixes log level for got supported group message
 2023-09-15 05:53:00 +00:00
Dave Rodgman a11eac4292 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-14 16:16:04 +01:00
Dave Rodgman e99b24dd9f Fix some clang-18 warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-14 15:52:02 +01:00
Yanray Wang 7732ced037 cipher_wrap: remove 192- and 256-bit for AES_ONLY_128_BIT_KEY_LENGTH 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-14 14:35:44 +08:00
mcagriaksoy d9f22804ea Fixes log level for got supported group message 
Signed-off-by: mcagriaksoy <mcagriaksoy@yandex.com>
 2023-09-13 22:43:38 +02:00
Gilles Peskine 0ddffb6de2
Merge pull request #7210 from sergio-nsk/patch-2 
Fix llvm error: variable 'default_iv_length' and other may be used uninitialized
 2023-09-13 16:38:55 +02:00
Gilles Peskine 9b5d7d7801
Merge pull request #8195 from daverodgman/improve_sslmsg 
Improve use of ct interface in mbedtls_ssl_decrypt_buf
 2023-09-13 12:32:12 +00:00
Gilles Peskine 3cea3efc25
Merge pull request #8025 from AgathiyanB/accept-numericoid-hexstring-x509 
Accept numericoid hexstring x509
 2023-09-13 08:54:33 +00:00
Gilles Peskine f22999e99f
Merge pull request #8093 from yuhaoth/pr/add-target-architecture-macros 
Add architecture detection macros
 2023-09-13 08:53:47 +00:00
Dave Rodgman da0bb9fae8
Merge pull request #8034 from gilles-peskine-arm/bump_version-doc_mainpage 
Update capitalization of "Mbed" and fix bump_version.sh
 2023-09-13 08:41:20 +00:00
Dave Rodgman 7d52f2a0d9 Improve use of ct interface in mbedtls_ssl_decrypt_buf 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-13 09:30:03 +01:00
Gilles Peskine e820c0abc8 Update spelling "mbed TLS" to "Mbed TLS" 
The official spelling of the trade mark changed from all-lowercase "mbed"
to normal proper noun capitalization "Mbed" a few years ago. We've been
using the new spelling in new text but still have the old spelling in a
lot of text. This commit updates most occurrences of "mbed TLS":

```
sed -i -e 's/mbed TLS/Mbed TLS/g' $(git ls-files ':!ChangeLog' ':!tests/data_files/**' ':!tests/suites/*.data' ':!programs/x509/*' ':!configs/tfm*')
```

Justification for the omissions:

* `ChangeLog`: historical text.
* `test/data_files/**`, `tests/suites/*.data`, `programs/x509/*`: many
  occurrences are significant names in certificates and such. Changing
  the spelling would invalidate many signatures and tests.
* `configs/tfm*`: this is an imported file. We'll follow the upstream
  updates.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-12 19:18:17 +02:00
Agathiyan Bragadeesh a72ea814d8 Remove double blank line in x509_create.c 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-12 17:57:09 +01:00
Agathiyan Bragadeesh c7959b22c6 Remove magic number in x509.c 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-12 17:56:58 +01:00
Tom Cosgrove 9d8a7d62f5 Use the correct variable when tracking padding length 
Fixes an error introduced in a81373f80

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-09-12 16:01:52 +01:00
Waleed Elmelegy 57d09b72ef Return back to modifying input parameters in pkcs12_parse_pbe_params 
Return back to modifying input parameters in pkcs12_parse_pbe_params
to avoid change in behaviour.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-12 14:05:10 +01:00
Waleed Elmelegy a7d206fce6 Check set_padding has been called in mbedtls_cipher_finish 
Check set_padding has been called in mbedtls_cipher_finish
in modes that require padding.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-12 13:39:36 +01:00
Dave Rodgman bd58944252 Avoid implementation defined behaviour 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-12 12:38:53 +01:00
Dave Rodgman 2b0d53a2a8
Merge pull request #7590 from daverodgman/ct-x86-asm 
Constant time asm for x86 and x86-64
 2023-09-12 09:58:44 +00:00
Dave Rodgman 50b0a35494 Test INT_MAX rather than UINT_MAX 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-12 09:30:44 +01:00
Dave Rodgman 98926d5fb1 Update comment, and replace bit-twiddling with #error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-12 09:29:33 +01:00
Ronald Cron ad2f351c6b
Merge pull request #8171 from ronald-cron-arm/misc-minor-fixes 
One minor fix
 2023-09-12 06:00:48 +00:00
Dave Rodgman 4f26770291 Ensure mbedtls_ct_memcpy behaves correctly with 16-bit int 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 19:10:09 +01:00
Dave Rodgman dc669a1944 Fix type error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 18:39:57 +01:00
Dave Rodgman 5265c318a0 Fix type-conversion error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 18:04:13 +01:00
Dave Rodgman 49352832c9 Eliminate duplicate of mbedtls_asn1_find_named_data 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 17:10:43 +01:00
Dave Rodgman 33287ae134 Tidy up mbedtls_asn1_write_len 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 17:10:43 +01:00
Dave Rodgman cf5f746a8c Refactor out some common code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 16:27:34 +01:00
Dave Rodgman 7fda906a68
Merge pull request #8161 from gilles-peskine-arm/config-boolean-options-wrong-section-202309 
Fix module configuration options in mbedtls_config.h
 2023-09-11 15:08:56 +00:00
Dave Rodgman 3bbedf6ba0 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 16:06:28 +01:00
Dave Rodgman 9f366b07ea Reduce code size in mbedtls_asn1_write_len 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 16:00:03 +01:00
Dave Rodgman 82fe0828b2
Merge pull request #8180 from daverodgman/sha2-zeroize 
Ensure all md_<hash>_finish functions perform zeroization
 2023-09-11 15:13:27 +01:00
Dave Rodgman aafd1e0924 Ensure all md_<hash>_finish functions perform zeroization 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 12:59:36 +01:00
Tom Cosgrove 876346e451 Remove always-false null pointer check in sha3.c that Coverity complains about 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-09-11 09:03:01 +01:00
Dave Rodgman 3f8e483eed Mark y as modified in x86 asm for mbedtls_ct_uint_lt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:57:40 +01:00
Dave Rodgman 4a97e73661 Eliminate a redundant not from x86 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:26:18 +01:00
Dave Rodgman b6b8f6c68d Make variable name consistent in x86_64 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:19:32 +01:00
Dave Rodgman 5f249852a5 Better register allocation for x86_64 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:18:29 +01:00
Dave Rodgman 99f0cdc0e0 Remove not-needed mov in x86_64 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:18:04 +01:00
Waleed Elmelegy e1cb35b719 Add new mbedtls_pkcs12_pbe_ext function to replace old function 
Add new mbedtls_pkcs12_pbe_ext function to replace
old mbedtls_pkcs12_pbe function that have security
issues.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-08 16:51:26 +01:00
Gilles Peskine 0b62b7a21f Allow turning off re-generation of files with make 
In make builds, when GEN_FILES is false (empty), don't try to re-generate
configuration-independent source files, regardless of whether they seem
out of date. This is useful, for example, if you have a source tree where
`make generated_files` has already run and file timestamps reflect the
time the files were copied or extracted, and you are now in an environment
that lacks some of the necessary tools to re-generate the files.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-08 16:19:13 +02:00
Gilles Peskine 31d49cd57f
Merge pull request #1053 from waleed-elmelegy-arm/Improve-and-test-mbedtls_pkcs12_pbe 
Improve & test legacy mbedtls_pkcs12_pbe
 2023-09-08 13:08:05 +02:00
Agathiyan Bragadeesh 706a1c3c3f Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-08 12:04:41 +01:00
Agathiyan Bragadeesh c34804dea2 Fix bug with checking max dn length with hexpairs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-08 11:32:19 +01:00
Ronald Cron b9c7953442 pkwrite: Fix defined but not used warning 
Fix defined but not used warning when
MBEDTLS_USE_PSA_CRYPTO, MBEDTLS_PK_HAVE_RFC8410_CURVES
and MBEDTLS_PK_HAVE_ECC_KEYS are defined but not
MBEDTLS_PEM_WRITE_C.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-09-07 14:20:49 +02:00
Yanray Wang 56e27b9938 des: don't consider DES for CIPHER_ENCRYPT_ONLY 
We only support ECB and CBC modes for DES. Those two modes require
both encrypt and decrypt directions, so we don't consider DES with
CIPHER_ENCRYPT_ONLY.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-07 18:00:35 +08:00
Yanray Wang 9b811658a8 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-09-07 16:18:00 +08:00
Gilles Peskine 58590983c5
Merge pull request #8160 from daverodgman/warn-unreachable 
Fix clang warnings about unreachable code
 2023-09-06 09:47:03 +00:00
Dave Rodgman 85061b97b5 Improve sanity checking of MBEDTLS_HAVE_INTxx 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-06 08:41:05 +01:00
Dave Rodgman b7b8c09c81
Update bignum_core.c 
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 20:35:19 +01:00
Gilles Peskine ff2558a470 Fix unused variable in some TLS 1.3 builds 
Fix unused variable when MBEDTLS_SSL_PROTO_TLS1_3 and
MBEDTLS_SSL_SESSION_TICKETS are enabled but not MBEDTLS_DEBUG_C.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-05 21:10:39 +02:00
Dave Rodgman 7e1e7be8fc Simplify fixes for unreachable code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 18:15:31 +01:00
Dave Rodgman cfa722324c Fix warnings about unreachable code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 16:53:33 +01:00
Dave Rodgman 0364c8a773 Introduce MBEDTLS_IGNORE_UNREACHABLE_BEGIN 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 16:20:19 +01:00
Waleed Elmelegy 255db80910 Improve & test legacy mbedtls_pkcs12_pbe 
* Prevent pkcs12_pbe encryption when PKCS7 padding has been
  disabled since this not part of the specs.
* Allow decryption when PKCS7 padding is disabled for legacy
  reasons, However, invalid padding is not checked.
* Document new behaviour, known limitations and possible
  security concerns.
* Add tests to check these scenarios. Test data has been
  generated by the below code using OpenSSL as a reference:

#include <openssl/pkcs12.h>
#include <openssl/evp.h>
#include <openssl/des.h>
#include <openssl/asn1.h>
#include "crypto/asn1.h"
#include <string.h>

int main()
{
    char pass[] = "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB";
    unsigned char salt[] = "\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC";
    unsigned char plaintext[] = "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA";
    unsigned char *ciphertext = NULL;
    int iter = 10;
    X509_ALGOR *alg =  X509_ALGOR_new();
    int ciphertext_len = 0;
    int alg_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
    alg->parameter = ASN1_TYPE_new();
    struct asn1_object_st * aobj;
    PKCS5_pbe_set0_algor(alg, alg_nid, iter,
                         salt, sizeof(salt)-1);

    aobj = alg->algorithm;
    printf("\"30%.2X", 2 + aobj->length + alg->parameter->value.asn1_string->length);
    printf("06%.2X", aobj->length);
    for (int i = 0; i < aobj->length; i++) {
        printf("%.2X", aobj->data[i]);
    }

    for (int i = 0; i < alg->parameter->value.asn1_string->length; i++) {
        printf("%.2X", alg->parameter->value.asn1_string->data[i]);
    }
    printf("\":\"");

    for (int i = 0; i < sizeof(pass)-1; i++) {
        printf("%.2X", pass[i] & 0xFF);
    }
    printf("\":\"");
    for (int i = 0; i < sizeof(plaintext)-1; i++) {
        printf("%.2X", plaintext[i]);
    }
    printf("\":");
    printf("0");
    printf(":\"");

    unsigned char * res = PKCS12_pbe_crypt(alg, pass, sizeof(pass)-1, plaintext, sizeof(plaintext)-1, &ciphertext, &ciphertext_len, 1);

    if (res == NULL)
        printf("Encryption failed!\n");
    for (int i = 0; i < ciphertext_len; i++) {
        printf("%.2X", res[i]);
    }
    printf("\"\n");

    return 0;
}

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
#
 2023-09-05 15:45:55 +01:00
Paul Elliott 945d674c8d
Merge pull request #8157 from actonlang/fix-include-psa-utils-internals 
Use quotes include of psa_util_internal.h
 2023-09-05 12:52:19 +00:00
Tom Cosgrove 8bd8a462d2
Merge pull request #8141 from tom-cosgrove-arm/define-psa-macros-to-1 
Define all PSA_xxx macros to 1 rather than have them empty, for consistency
 2023-09-04 21:27:01 +00:00
Agathiyan Bragadeesh fca0861e8e Add asn1 get tag and len to x509 create config 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-04 15:45:37 +01:00
Agathiyan Bragadeesh 86dc08599b Add asn1 write tag and len to x509 use c config 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-04 15:40:41 +01:00
Gilles Peskine 1a7d387072
Merge pull request #1041 from waleed-elmelegy-arm/add-new-pkcs5-pbe2-ext-fun 
Add new pkcs5 pbe2 ext fun
 2023-09-04 15:33:42 +02:00
Kristian Larsson a1aeff4124 Use quotes include of psa_util_internal.h 
psa_utils_internal.h was broken out of mbedtls/psa_utils.h, which in
some places were included as <mbedtls/psa_utils.h>. But since
psa_utils_internals.h should be internal, we should not rely on the
system include paths. I suspect a regexp replace gone slightly wrong.

Signed-off-by: Kristian Larsson <kristian@spritelink.net>
 2023-09-04 10:36:37 +02:00
Dave Rodgman 4f69668558
Merge pull request #8082 from daverodgman/misc-code-size 
Misc code size improvements
 2023-09-02 11:44:31 +00:00
Dave Rodgman 662c497395
Merge pull request #8144 from daverodgman/zeroize-stronger 
Add more protection to mbedtls_platform_zeroize
 2023-09-02 10:59:12 +01:00
Dave Rodgman 1dab445804 Update guard for ecp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-02 10:56:44 +01:00
Dave Rodgman 16a76721b6
Merge pull request #8068 from paul-elliott-arm/fix_tls_zeroization 
Fix TLS pad buffer zeroization
 2023-09-01 23:35:23 +00:00
Waleed-Ziad Maamoun-Elmelegy c5fef82c52 Fix typo in pkcs5.c 
Co-authored-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-01 11:45:39 +01:00
Dave Rodgman fe55320b5c Avoid error from old gcc version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 11:15:28 +01:00
Dave Rodgman 5f6060a1f3 Code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 11:00:58 +01:00
Yanray Wang dbcc0c6172 aes: define internal macro to simplify #if Directive 
No semantic changes, only yo simplify #if Directive
with introduction of MBEDTLS_AES_NEED_FORWARD_S_BOXES and
MBEDTLS_AES_NEED_REVERSE_TABLES.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 17:35:58 +08:00
Yanray Wang db9b3095fb cipher_wrap: remove *setkey_dec_func in CIPHER_ENCRYPT_ONLY 
There is no need to set decrypt key under CIPHER_ENCRYPT_ONLY,
so we can remove *setkey_dec_func from ctx to save extra code size.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 17:35:31 +08:00
Dave Rodgman ba67451562 Fix gcc compile warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 10:14:46 +01:00
Dave Rodgman ac3cf7c20b Add more protection to mbedtls_platform_zeroize 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 10:09:31 +01:00
Yanray Wang 9141ad1223 aria/camellia/des: guard setkey_dec by CIPHER_ENCRYPT_ONLY 
This is a pre-step to remove *setkey_dec_func in cipher_wrap ctx
when CIPHER_ENCRYPT_ONLY is enabled.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 17:06:38 +08:00
Yanray Wang 380be5af3a AESNI: add macro guard of CIPHER_ENCRYPT_ONLY 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 16:40:11 +08:00
Yanray Wang 590c9b7abe AESCE: add macro guard of CIPHER_ENCRYPT_ONLY 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 16:39:28 +08:00
Yanray Wang 78ee0c9e4f aes.c: add config option to support cipher_encrypt_only 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 16:35:33 +08:00
Paul Elliott 6ebe7d2e3a
Merge pull request #8095 from davidhorstmann-arm/initialize-struct-get-other-name 
Coverity fix: Set `type_id` in `x509_get_other_name()`
 2023-08-31 16:26:00 +00:00
Tom Cosgrove c43c3aaf02 Define all PSA_xxx macros to 1 rather than have them empty, for consistency 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-08-31 17:06:58 +01:00
Dave Rodgman 4f47f3dac8 Covert PSA guards to MBEDTLS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 12:10:00 +01:00
Dave Rodgman a9a53a05f0 Merge remote-tracking branch 'origin/development' into misc-code-size 2023-08-31 11:53:46 +01:00
Dave Rodgman dea266f3f5 Use MBEDTLS_MD_LIGHT instead of MBEDTLS_MD_C 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 11:52:43 +01:00
Dave Rodgman 8d706f6b59 Simplify camellia error conversion macros 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 11:48:44 +01:00
Dave Rodgman 09a9e589c1 Add missing error conversion case 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 11:05:22 +01:00
Dave Rodgman 68efcf56ed Remove not-needed #include 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 10:09:05 +01:00
Dave Rodgman 984309c2c3 Call mbedtls_platform_zeroize via mbedtls_sha3_free 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-30 19:22:28 +01:00
Dave Rodgman dbddb00158 Ensure mbedtls_sha3_finish zeroizes the context 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-30 18:43:23 +01:00
Gilles Peskine 03e9dea30b Merge remote-tracking branch 'development' into psa_crypto_config-in-full 
Conflicts:
* `include/psa/crypto_sizes.h`: the addition of the `u` suffix in this branch
  conflicts with the rework of the calculation of `PSA_HASH_MAX_SIZE` and
  `PSA_HMAC_MAX_HASH_BLOCK_SIZE` in `development`. Use the new definitions
  from `development`, and add the `u` suffix to the relevant constants.
 2023-08-30 18:32:57 +02:00
Agathiyan Bragadeesh a2423debcc Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 16:24:31 +01:00