mbedtls

mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00

Author	SHA1	Message	Date
valerio	eab9a85f4c	pk_wrap: add support for key pair check for EC opaque keys Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-05 11:05:40 +02:00
Manuel Pégourié-Gonnard	f37b94b5bf	Merge pull request #7533 from valeriosetti/issue7484 PK: add support for private key writing with "opaque" EC keys	2023-06-05 10:53:53 +02:00
Dave Rodgman	9a676a7f98	Comment tidy-up Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-04 20:43:05 -04:00
Dave Rodgman	b6e06549f5	Rename MULADDC_PRESERVE_R1 etc to MULADDC_PRESERVE_SCRATCH etc Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-04 20:42:17 -04:00
Dave Rodgman	f89e3c5fbd	Improve docs & check for non-gcc compilers Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-04 20:41:52 -04:00
Dave Rodgman	e0bd2c2375	Merge branch 'development' into development Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-04 14:57:19 -04:00
Dave Rodgman	6df1e54c1d	Do not use assembly on Thumb 1 / clang Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-02 13:51:31 -04:00
David Horstmann	62e7fae109	Fix bug in calculation of maximum possible bytes Each DER-encoded OID byte can only store 7 bits of actual data, so take account of that. Calculate the number of bytes required as: number_of_bytes = ceil(subidentifier_size * 8 / 7) Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-02 15:51:28 +01:00
David Horstmann	02127ab022	Allow subidentifiers of size UINT_MAX Make overflow check more accurate and add testcases Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-02 15:51:17 +01:00
Andrzej Kurek	e773978e68	Remove unnecessary addition to buffer size estimation Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-02 09:42:44 -04:00
Tom Cosgrove	9dc219ff9b	Merge pull request #7668 from tom-daubney-arm/code_size_md_light Remove certain null pointer checks when only MD_LIGHT enabled	2023-06-02 13:09:00 +01:00
Andrzej Kurek	7c86974d6d	Fix overflow checks in x509write_crt Previous ones could still overflow. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-02 05:02:41 -04:00
Andrzej Kurek	154a605ae8	Change the name of the temporary san variable Explain why it is used. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-01 18:20:26 +01:00
Paul Elliott	805a0a2d06	Merge pull request #7591 from minosgalanakis/ecp/6028_xtract_fast_reduction_curve25519 [Bignum] Implement fast reduction curve25519	2023-06-01 17:43:35 +01:00
David Horstmann	45d5e2dc1a	Rename minimum_mem to resized_mem This new name is clearer about its purpose. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:10:33 +01:00
David Horstmann	5d074168f3	Rearrange declarations for readability Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:09:27 +01:00
David Horstmann	017139751a	Change behaviour away from NUL-terminated strings Instead, require the length of the string to be passed. This is more useful for our use-case, as it is likely we will parse OIDs from the middle of strings. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:04:20 +01:00
Thomas Daubney	73cfde8f85	Remove certain null pointer checks when only MD_LIGHT enabled When MD_LIGHT is enabled but MD_C is not then certain null pointer checks can be removed on functions that take an mbedtls_md_context_t * as a parameter, since MD_LIGHT does not support these null pointers. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2023-06-01 13:05:28 +01:00
valerio	f9139e55ce	pk: minor code fixes - removing duplicated code - uninitialized variable usage Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	c6e6fb320f	pk: fix guard position Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	e279e50a76	pk: optimized/reshape code for writing private key PEM Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	c0bac57ac9	pk: optimized/reshape code for writing private key DER Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	52b675ffc3	pk: extend pk_write_ec_private to support opaque keys Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	ba1fd32eda	pk: optimize/reshape public key writing Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	9ea26173d6	pk: uniformmize public key writing functions Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:40 +02:00
valerio	b727314133	pk: add internal helpers for opaque keys Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:40 +02:00
valerio	a87601dc11	pk_internal: add support for opaque keys for getting EC curve ID Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:40 +02:00
Manuel Pégourié-Gonnard	0b68784053	Merge pull request #7577 from mprse/ffdh_drivers FFDH 3b: add driver testing (no TLS 1.3)	2023-06-01 10:26:08 +02:00
Manuel Pégourié-Gonnard	7b1136836c	Merge pull request #7438 from valeriosetti/issue7074 Avoid parse/unparse private ECC keys in PK with USE_PSA when !ECP_C	2023-06-01 10:06:45 +02:00
Gilles Peskine	a1b416670e	Merge pull request #7547 from silabs-Kusumit/PBKDF2_input_validation PBKDF2: Input Validation	2023-06-01 10:05:34 +02:00
David Horstmann	6883358c16	Hoist variable declarations to before goto This should appease IAR, which does not like declarations in the middle of goto sequences. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-05-31 17:27:28 +01:00
David Horstmann	25d65e8527	Refactor while loop for simplicity Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-05-31 14:53:07 +01:00
David Horstmann	ada7d72447	Improve line spacing after variable declarations Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-05-31 14:49:56 +01:00
Przemek Stekiel	28111dbf06	Adapt guards for psa_is_dh_key_size_valid Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-31 09:30:58 +02:00
Przemek Stekiel	33c91eb5d3	Add driver support for DH import key and export public key Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-30 15:19:14 +02:00
Przemek Stekiel	055ffed563	Revert "Handle simple copy import/export before driver dispatch" This reverts commit `c80e7506a0`. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-30 15:19:02 +02:00
Dave Rodgman	3964fe0f5e	Improve ISA detection Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 18:53:57 +01:00
Paul Elliott	981d8b6fc7	Merge pull request #7566 from paul-elliott-arm/core_ecp_mod_p448 [Bignum] Convert ecp_mod_p448 over to using core functions	2023-05-25 17:11:57 +01:00
Dave Rodgman	12b14b2c97	Simplify ifdefs Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 13:02:13 +01:00
Dave Rodgman	b047bf64e2	Restrict use of r7 in Thumb 1 code Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 12:54:56 +01:00
Dave Rodgman	cee166e3f5	Don't use r7 in generic codepath Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 11:00:05 +01:00
Dave Rodgman	7d6ec95517	Revert to detecting __GNUCC__ instead of armclang Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 09:41:42 +01:00
Valerio Setti	449803abff	pkwrite: remove unnecessary code duplication Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-25 09:37:05 +02:00
Dave Rodgman	92e8a88390	Improve comments Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 08:10:33 +01:00
Dave Rodgman	5c5a6dece6	Give options clearer names Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 23:24:16 +01:00
Dave Rodgman	6adaca6062	Minor tidy-up Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 19:53:21 +01:00
Gilles Peskine	835be986e0	Merge pull request #7631 from tom-daubney-arm/remove_surplus_loop_condition_issue_7529 Remove extraneous check in for loop condition	2023-05-24 20:24:28 +02:00
Dave Rodgman	ffbb7c5edc	Tidy-up macros and fix guards around option B Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 18:28:46 +01:00
Dave Rodgman	1416cba81f	Gate all arm asm on Armv6 or better architecture Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 18:07:48 +01:00
Kusumit Ghoderao	91f99f52c4	Change output length parameter in pbkdf2_hmac_set_password Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 22:21:48 +05:30
Kusumit Ghoderao	d7a3f8065f	Restructure set salt function Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 22:19:47 +05:30
Paul Elliott	7050662a48	Correct comment header block Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-05-24 17:31:57 +01:00
Dave Rodgman	0ffc6f48fa	First draft at fixing the choice of asm Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 17:19:10 +01:00
Minos Galanakis	e72bf2da3d	ecp_curves: Adjusted the expected limb size for `ecp_mod_p255()`. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-24 15:13:42 +01:00
Valerio Setti	a541e0108b	pkparse: avoid creating extra copy of the private key Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-24 16:02:36 +02:00
Valerio Setti	d0405093d9	tls: use pk_get_group_id() instead of directly accessing PK's structure Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-24 16:02:32 +02:00
Valerio Setti	1194ffa82f	pk: minor code fixes/enhancements Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-24 14:00:26 +02:00
Valerio Setti	51aa52eba4	pk: fix key properties when importing private key Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-24 14:00:09 +02:00
Dave Rodgman	4489c8dcef	Disable bignum assembly for certain Arm M-class CPUs Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 12:06:48 +01:00
Kusumit Ghoderao	aac9a581f8	Fix code style and initialize status Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 14:19:17 +05:30
Dave Rodgman	2b22834357	Merge pull request #7644 from tom-daubney-arm/alignment_h_refactoring Refactor reading of multi-byte values using functions in alignment.h	2023-05-24 08:32:52 +01:00
Kusumit Ghoderao	bd6cefb3da	Add HMAC specific function for setting password Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 12:36:34 +05:30
Kusumit Ghoderao	b538bb7a02	Restructure pbkdf2_set_salt function Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 12:32:14 +05:30
Kusumit Ghoderao	e66a8ad8d6	Define PSA_VENDOR_PBKDF2_MAX_ITERATIONS Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 12:30:43 +05:30
Kusumit Ghoderao	52fe517a77	Change pbkdf2 password to array Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 12:28:46 +05:30
Thomas Daubney	f9f0ba8211	Use functions in alignment.h to get value Refactor code using get functions from alignment.h to read values. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2023-05-24 06:24:16 +01:00
Paul Elliott	3b6bf105d1	Fix missed renames from N to X Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-05-23 17:51:52 +01:00
Minos Galanakis	ec00b500b5	ecp_curves: Adjusted input checking for `ecp_mod_p255`. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 17:31:01 +01:00
Valerio Setti	9efa8c4d14	pk: fix eckey_check_pair_psa The problem was that the private key ID was destroyed even when MBEDTLS_PK_USE_PSA_EC_DATA was enabled and of course this was not correct. At the same time the code has been slighlty reorganized to make it more readable. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	972077820b	tls/x509: minor enhancement for using the new private key format Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	ae8c628edb	pk: improve sign, check_pair and wrap_as_opaque functions with new format Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	00e8dd15d2	pk: manage parse and write for the new format Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	b536126183	pk: manage allocate and free space when working with PSA private key Allocation does not need to perform any action since the priv_id field is already present on the pk_context. Free should destroy the key. Of course this is true only if the key is not opaque (because in that case it's the user responsibility to do so). Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	e0e6311b64	pk: change location of Montgomery helpers This is to have them available only where they are really required. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	8a6225062a	pk: move PSA error translation macros to internal header Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Manuel Pégourié-Gonnard	9dc9204b77	Merge pull request #7554 from valeriosetti/issue7073-reshape Avoid parse/unparse public ECC keys in PK with USE_PSA when !ECP_C	2023-05-23 15:08:45 +02:00
Minos Galanakis	d6beda7af9	ecp_curves: Extended documentation for CURVE25519. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 09:57:09 +01:00
Minos Galanakis	47249fd9ec	ecp_curves: Added documentation for mbedtls_ecp_mod_p255_raw Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 09:57:09 +01:00
Minos Galanakis	31f0b452c7	ecp_curves: Reintroduced input checking for Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 09:57:09 +01:00
Minos Galanakis	65c386ee3d	ecp_curves: Switched to dynamic memory for Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 09:57:09 +01:00
Minos Galanakis	2daa374ea8	ecp_curves: Minor refactoring of `mbedtls_ecp_mod_p255_raw()` * Fixed whitespace issues. * Renamed variables to align with bignum conventions. * Updated alignment on test input data. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 09:57:09 +01:00
Minos Galanakis	d0292c2aca	ecp_curves: Refactored `mbedtls_ecp_mod_p255`. This patch introduces following methods, as implemented in the design prototype, and updates them to utilise the _core methods available for multiplication and addition. * `mbedtls_ecp_mod_p255()` * `mbedtls_ecp_mod_p255_raw()` An entry has been exposed in the `ecp_invasive.h` header to facilitate testing. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-22 22:22:32 +01:00
YxC	da609130f3	fix: correct calling to time function in tls13 client&server Call `mbedtls_time` to handle the case when MBEDTLS_PLATFORM_TIME_MACRO is defined Signed-off-by: Yuxiang Cao <yuxiang.cao@fortanix.com>	2023-05-22 13:22:00 -07:00
Valerio Setti	016264b6cb	pk: fix a return value and a typo in comment Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-22 18:40:35 +02:00
Valerio Setti	a7cb845705	pk: add checks for the returned ECC family Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-22 18:39:43 +02:00
Paul Elliott	26070670d6	Merge pull request #7565 from gabor-mezei-arm/7263_split_out_Koblitz_raw_functions [Bignum] Split out _raw Koblitz reduction functions	2023-05-22 16:03:17 +01:00
Thomas Daubney	850a0797ca	Remove extraneous check in for loop condition Issue 7529 uncovered an unrequired check in a for loop condition in ssl_tls.c. This commit removes said check. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2023-05-22 12:05:03 +01:00
Valerio Setti	f57007dd1e	pk: fixing and improving comments Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-19 13:54:39 +02:00
Dave Rodgman	68ef1d6ee6	Remove DIY SIZE_MAX definitions Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-18 20:49:03 +01:00
Paul Elliott	9a11f8a122	Merge pull request #7573 from tom-cosgrove-arm/add-psa_want_alg_some_pake Only include psa_pake_setup() and friends if some PAKE algorithms are required	2023-05-18 09:59:52 +01:00
Paul Elliott	aa266f29e6	Merge pull request #7602 from mprse/AuthorityKeyId_leak_fix Fix for memory leak while parsing AuthorityKeyId ext	2023-05-18 09:57:56 +01:00
Andrzej Kurek	63a6a267a4	Check for overflows when writing x509 SANs Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	908716f097	Add missing RFC822_NAME case to SAN setting Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	e488c454ea	Remove unnecessary zeroization Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	dc22090671	Return an error on an unsupported SubjectAltName Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	c6215b0ce1	Add braces to a switch case Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	1bc7df2540	Add documentation and a changelog entry Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Dave Rodgman	e4cbab6945	Merge pull request #7607 from daverodgman/pr6511	2023-05-17 19:11:56 +01:00
Paul Elliott	8203f2d89f	Merge pull request #7535 from minosgalanakis/ecp/7264_enable_core_shift_l [Bignum] Adjust mbedtls_mpi_core_shift_l to use the core function	2023-05-17 18:45:44 +01:00
Valerio Setti	c1541cb3c7	pk: minor fixes (guards and a wrong assignment) Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 19:23:02 +02:00

1 2 3 4 5 ...

11193 commits