yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
24652 commits 89 branches 205 tags 114 MiB
Commit graph

10866 commits

Author SHA1 Message Date
Valerio Setti 0c8ec3983e ssl_tls: fix proper guards for accelerated ECDH 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-22 10:48:34 +01:00
Valerio Setti 90df310d89 ssl_tls13: fix guards for accel ECDH 
These changes fix all failures found in test_suite_ssl

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-22 10:48:34 +01:00
Minos Galanakis 37f4cb6d0e ecp_curves: Minor rework for p384 
This patch adjusts formatting, documentation and testing.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-03-21 15:46:50 +00:00
Minos Galanakis 6fb105fb2e ecp_curves: Ported prototypes 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-03-21 15:41:26 +00:00
Paul Elliott f1eb5e2a04 Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-03-21 15:35:17 +00:00
Manuel Pégourié-Gonnard 7224086ebc Remove legacy_or_psa.h 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:29:31 +01:00
Manuel Pégourié-Gonnard bef824d394 SSL: use MD_CAN macros 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:29:31 +01:00
Manuel Pégourié-Gonnard a946489efd X.509: use MD_CAN macros 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard ebef58d301 OID + misc crypto: use MD_CAN and fix failures 
After this, only PK, X.509 and TLS remain to be done.

Deterministic uses HMAC-DRBG which uses MD, so it needs crypto_init()
when using a driver-only hash.

Also, remove a special-purpose macro that's no longer needed.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard a5f04621bd PKCS5: use MD_CAN macros 
sed -i -f md.sed library/pkcs5.c tests/suites/test_suite_pkcs5* include/mbedtls/pkcs5.h

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard 49e67f814f PKCS5: always use MD 
As a consequence, MD_C is now enabled in component accel_hash_use_psa.

Fix guards in X.509 info function to avoid this causing a failure now.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard c1f10441e0 RSA: use MD_CAN macros 
sed -i -f md.sed library/rsa.c tests/suites/test_suite_rsa* include/mbedtls/rsa.h tests/suites/test_suite_pkcs1_v*

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard fb8d90a2db RSA: always use MD light 
Note: already auto-enabled in build_info.h

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard 52d02a85d3 PEM: use MD_CAN macros 
sed -i -f md.sed library/pem.c tests/suites/test_suite_pem* include/mbedtls/pem.h

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard 1c2008fa37 PEM: always use MD light 
Note: PEM_PARSE already auto-enables MD_LIGHT in build_info.h

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard be97afe5d4 PKCS12: always use MD light 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard b2eb1f7456 ECJPAKE: use MD_CAN macros 
sed -i -f md.sed \
    library/ecjpake.c \
    include/medtls/ecjpake.h \
    tests/suites/test_suite_ecjpake.*

With md.sed as follows:

s/\bMBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_MD5/g
s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g
s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA1/g
s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA224/g
s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA256/g
s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA384/g
s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA512/g

s/\bMBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_MD5/g
s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g
s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA1/g
s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA224/g
s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA256/g
s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA384/g
s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA512/g

s/\bMBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_MD5/g
s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g
s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA1/g
s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA224/g
s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA256/g
s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA384/g
s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA512/g

s/\bMBEDTLS_MD5_C\b/MBEDTLS_MD_CAN_MD5/g
s/\bMBEDTLS_RIPEMD160_C\b/MBEDTLS_MD_CAN_RIPEMD160/g
s/\bMBEDTLS_SHA1_C\b/MBEDTLS_MD_CAN_SHA1/g
s/\bMBEDTLS_SHA224_C\b/MBEDTLS_MD_CAN_SHA224/g
s/\bMBEDTLS_SHA256_C\b/MBEDTLS_MD_CAN_SHA256/g
s/\bMBEDTLS_SHA384_C\b/MBEDTLS_MD_CAN_SHA384/g
s/\bMBEDTLS_SHA512_C\b/MBEDTLS_MD_CAN_SHA512/g

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard 41bc8b6b1e ECJPAKE: always use MD light 
This enables access to all available hashes, instead of the previous
situation where you had to choose by including MD_C or not.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard e0e161b54a
Merge pull request #7296 from valeriosetti/issue7253-part1 
driver-only ECDH: enable ECDH-based TLS 1.2 key exchanges -- part 1
 2023-03-21 16:09:02 +01:00
Dave Rodgman 3543806026
Merge pull request #7190 from yanrayw/6197_rsa_get_padding_hashID 
RSA: provide interface to retrieve padding mode and hash_id
 2023-03-20 18:34:53 +00:00
Dave Rodgman d3b6e92967
Merge pull request #997 from gilles-peskine-arm/aesni-intrinsics 
Implement AESNI with intrinsics
 2023-03-20 18:20:51 +00:00
Dave Rodgman c5807a6fa8
Merge pull request #6918 from yuhaoth/pr/add-gcm-with-armv8-crypto-extension 
Add GCM  with armv8 crypto extension
 2023-03-20 14:45:14 +00:00
Valerio Setti 5d1f29e700 ssl_tls: fix guards for accelerated ECDH 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-20 14:02:07 +01:00
Manuel Pégourié-Gonnard c9ef476431
Merge pull request #7192 from joerchan/psa-update-mbedtls 
psa_crypto: Fix psa_key_derivation_output_key ECC without builtin keys
 2023-03-20 09:47:07 +01:00
Manuel Pégourié-Gonnard 14c194aae9
Merge pull request #7271 from mpg/use-md-light 
Use md light
 2023-03-20 09:01:16 +01:00
Dave Rodgman f918d42332 Tidy up ARMCE terminology 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-17 17:52:23 +00:00
Gilles Peskine 36b9e47eed Fix preprocessor conditional 
This was intended as an if-else-if chain. Make it so.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-17 17:31:18 +01:00
Gilles Peskine 30e9f2a293 Finish sentence in comment 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-17 17:29:58 +01:00
Manuel Pégourié-Gonnard 3831637e85 Handle dependency on ECP_C in ECC KDF 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-17 15:21:26 +01:00
Joakim Andersson bb576febb2 psa_crypto: Fix psa_key_derivation_output_key ECC without builtin keys 
Fix psa_key_derivation_output_key not being able to derive ECC keys
without MBEDTLS_BUILTIN ECC key types enabled.
The PSA crypto drivers can generate these keys without requiring the
builtin key types.

Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
 2023-03-17 15:21:26 +01:00
Yanray Wang d41684e8bc rsa.c: rename getter function of hash_id 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-03-17 18:57:42 +08:00
Dave Rodgman 0e2b06a1ce
Merge pull request #7083 from KloolK/record-size-limit/parsing 
Add parsing for Record Size Limit extension in TLS 1.3
 2023-03-17 10:18:34 +00:00
Paul Elliott 9f02a4177b
Merge pull request #7009 from mprse/csr_write_san 
Added ability to include the SubjectAltName extension to a CSR - v.2
 2023-03-17 10:07:27 +00:00
Manuel Pégourié-Gonnard b33ef74d44 Use MD_LIGHT, not sha1.h, in RSA selftest 
Same note as previous commit regarding guards.

Note that we could auto-enable MD_LIGHT only when SELF_TEST is defined,
and even only when SHA1_C is defined too, but somewhere down the line
we'll want to auto-enable it for the sake of other RSA function (not in
selftest and could use any hash), so there's little point in optimizing
the temporary condition, let's use the simple one upfront.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-17 09:43:28 +01:00
Manuel Pégourié-Gonnard 8316209c02 Use MD_LIGHT rather than md5.h in pem.c 
But, for now, still guard things with MBEDTLS_MD5_C, as md.c can only
compute MD5 hashes when MBEDTLS_MD5_C is defined. We'll change the
guards once that has changed.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-17 09:43:27 +01:00
Manuel Pégourié-Gonnard ec000c1a00
Merge pull request #7242 from mpg/md-dispatch-psa 
Implement MD dispatch to PSA
 2023-03-17 09:42:40 +01:00
Janos Follath c18cd0c8e6
Merge pull request #7230 from gabor-mezei-arm/6850_Secp256r1_fast_reduction 
Extract Secp256r1 fast reduction from the prototype
 2023-03-16 19:43:25 +00:00
Gilles Peskine 9c682e724a AESNI: Overhaul implementation selection 
Have clearly separated code to:
* determine whether the assembly-based implementation is available;
* determine whether the intrinsics-based implementation is available;
* select one of the available implementations if any.

Now MBEDTLS_AESNI_HAVE_CODE can be the single interface for aes.c and
aesni.c to determine which AESNI is built.

Change the implementation selection: now, if both implementations are
available, always prefer assembly. Before, the intrinsics were used if
available. This preference is to minimize disruption, and will likely
be revised in a later minor release.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-16 17:21:33 +01:00
Gilles Peskine 0de8f853f0 Clean up AES context alignment code 
Use a single auxiliary function to determine rk_offset, covering both
setkey_enc and setkey_dec, covering both AESNI and PADLOCK. For AESNI, only
build this when using the intrinsics-based implementation, since the
assembly implementation supports unaligned access.

Simplify "do we need to realign?" to "is the desired offset now equal to
the current offset?".

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-16 17:14:59 +01:00
Dave Rodgman 3ac99fdf07
Merge pull request #7301 from gilles-peskine-arm/msan-explicit_bzero 
Fix Msan failure with explicit_bzero
 2023-03-16 14:55:18 +00:00
Gilles Peskine 0f454e4642 Use consistent guards for padlock code 
The padlock feature is enabled if
```
defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
```
with the second macro coming from `padlock.h`. The availability of the
macro `MBEDTLS_PADLOCK_ALIGN16` is coincidentally equivalent to
`MBEDTLS_HAVE_X86` but this is not meaningful.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-16 14:58:46 +01:00
Dave Rodgman 680dbd46ae
Merge pull request #7270 from DemiMarie/oid-fix 
Fix segfault in mbedtls_oid_get_numeric_string
 2023-03-16 12:21:36 +00:00
Gilles Peskine 148cad134a Fix unaligned access if the context is moved during operation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-16 13:08:42 +01:00
Gilles Peskine d0185f78c0 Fix typo in comment 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-16 13:08:18 +01:00
Gilles Peskine 0cd9ab7107 Fix code style 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-16 13:06:14 +01:00
Gilles Peskine a8d2ff3fdf Fix Msan failure with explicit_bzero 
On some platforms, including modern Linux, Clang with Msan does not
recognize that explicit_bzero() writes well-defined content to its output
buffer. For us, this causes CMAC operations to fail in Msan builds when
mbedtls_platform_zeroize() is implemented over explicit_bzero(). Fix this.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-16 10:53:46 +01:00
Manuel Pégourié-Gonnard f48b1f810e Rename internal function to something clearer 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-16 09:48:20 +01:00
Manuel Pégourié-Gonnard 39a376a417 Finish removing HMAC from MD-light 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard 9b14639342 Dispatch according to init status. 
We shouldn't dispatch to PSA when drivers have not been initialized yet.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard 7abdf7eee5 Add utility function to check for drivers init 
This will be used in the next commit.

While at it, move driver initialization before RNG init - this will be
handy when the entropy module wants to use drivers for hashes.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard d8ea37f1a3 Add engine field to context structure 
For multi-part operations, we want to make the decision to use PSA or
not only once, during setup(), and remember it afterwards. This supports
the introduction, in the next few commits, of a dynamic component to
that decision: has the PSA driver sub-system been initialized yet?

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-16 09:46:50 +01:00
Gilles Peskine 12612e5ab4 Implement md over PSA 
When MBEDTLS_MD_xxx_VIA_PSA is enabled (by mbdetls/md.h), route calls to xxx
over PSA rather than through the built-in implementation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-16 09:46:50 +01:00
Gilles Peskine 83d9e09b15 Switch metadata functions to the PSA-aware availability symbols 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-16 09:46:50 +01:00
Pengyu Lv b1895899f1 ssl_cache: Improve some comments 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-16 14:33:28 +08:00
Demi Marie Obenour 889534a4d2 Fix segfault in mbedtls_oid_get_numeric_string 
When passed an empty OID, mbedtls_oid_get_numeric_string would read one
byte from the zero-sized buffer and return an error code that depends on
its value.  This is demonstrated by the test suite changes, which
check that an OID with length zero and an invalid buffer pointer does
not cause Mbed TLS to segfault.

Also check that second and subsequent subidentifiers are terminated, and
add a test case for that.  Furthermore, stop relying on integer division
by 40, use the same loop for both the first and subsequent
subidentifiers, and add additional tests.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
 2023-03-16 01:06:41 -04:00
Jerry Yu f52078f5a1 fix win32 ms time fail 
`GetSystemTimeAsFileTime` returns 100 nano seconds elapsed time,
not 100 micro seconds.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-16 11:23:19 +08:00
Gilles Peskine dde3c6532e Fix MSVC portability 
MSVC doesn't have _mm_storeu_si64. Fortunately it isn't really needed here.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-15 23:16:27 +01:00
Gilles Peskine dafeee4814 Improve variable names 
To some extent anyway.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-15 21:47:40 +01:00
Tom Cosgrove 02edb7546f Get aesni.c compiling with Visual Studio 
Clang is nice enough to support bitwise operators on __m128i, but MSVC
isn't.

Also, __cpuid() in MSVC comes from <intrin.h> (which is included via
<emmintrin.h>), not <cpuid.h>.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-03-15 21:47:40 +01:00
Gilles Peskine d671917d0d AESNI: add implementation with intrinsics 
As of this commit, to use the intrinsics for MBEDTLS_AESNI_C:

* With MSVC, this should be the default.
* With Clang, build with `clang -maes -mpclmul` or equivalent.
* With GCC, build with `gcc -mpclmul -msse2` or equivalent.

In particular, for now, with a GCC-like compiler, when building specifically
for a target that supports both the AES and GCM instructions, the old
implementation using assembly is selected.

This method for platform selection will likely be improved in the future.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-15 20:47:59 +01:00
Gilles Peskine 7e67bd516d AES, GCM selftest: indicate which implementation is used 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-15 20:47:59 +01:00
Gilles Peskine 9af58cd7f8 New preprocessor symbol indicating that AESNI support is present 
The configuration symbol MBEDTLS_AESNI_C requests AESNI support, but it is
ignored if the platform doesn't have AESNI. This allows keeping
MBEDTLS_AESNI_C enabled (as it is in the default build) when building for
platforms other than x86_64, or when MBEDTLS_HAVE_ASM is disabled.

To facilitate maintenance, always use the symbol MBEDTLS_AESNI_HAVE_CODE to
answer the question "can I call mbedtls_aesni_xxx functions?", rather than
repeating the check `defined(MBEDTLS_AESNI_C) && ...`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-15 19:38:37 +01:00
Gilles Peskine 4e20144882 Improve the presentation of assembly blocks 
Uncrustify indents
```
    asm("foo"
        HELLO "bar"
              "wibble");
```
but we would like
```
    asm("foo"
        HELLO "bar"
        "wibble");
```
Make "bar" an argument of the macro HELLO, which makes the indentation from
uncrustify match the semantics (everything should be aligned to the same
column).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-15 19:36:03 +01:00
Gilles Peskine 2a44ac245f
Merge pull request #7217 from lpy4105/issue/6840/add-cache-entry-removal-api 
ssl_cache: Add cache entry removal api
 2023-03-15 15:38:06 +01:00
Jan Bruckner 1a38e54436 Changes from 2nd review 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-03-15 14:15:11 +01:00
Jerry Yu 205a741307 change the clock source to MONOTONIC 
We need a non-settable source to avoid security issues.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-15 18:59:19 +08:00
Jan Bruckner a0589e75a0 Changes from review 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-03-15 11:04:45 +01:00
Yanray Wang 644b901a4c rsa.c: remove MBEDTLS_PRIVATE 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-03-15 16:50:37 +08:00
Yanray Wang 83548b5c10 fix inappropriate description for function in RSA 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-03-15 16:49:52 +08:00
Yanray Wang 12cb39661c rsa.c: provide interface to get hash_id of RSA context 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-03-15 16:42:48 +08:00
Yanray Wang a730df6f86 rsa.c: provide interface to get padding mode of RSA context 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-03-15 16:42:26 +08:00
Manuel Pégourié-Gonnard 18336dace2
Merge pull request #7196 from mprse/ecjpake-driver-dispatch-peer-user 
EC J-PAKE: partial fix for role vs user+peer
 2023-03-15 09:37:30 +01:00
Jerry Yu be4fdef513 fix comment issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-15 14:50:42 +08:00
Pengyu Lv 0b9c012f21 ssl_cache: return the error code for mutex failure 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-15 14:37:32 +08:00
Pengyu Lv 744b507866 ssl_cache: use auxiliary function to zeroize cache entry 
This commit introduce a auxiliary function to zeroize
the cache entry, especially the session structure. The
function is called wherever we need to free the entry.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-15 12:17:14 +08:00
Jerry Yu 8f81060517 Replace median with `middle 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-15 09:58:34 +08:00
Jerry Yu f0526a9ad0 fix grammar issue in comment 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-15 09:58:34 +08:00
Jerry Yu 49b4367eee fix comment issue 
The algorithm is not karatsuba multiplication.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-15 09:58:33 +08:00
Jerry Yu 1ac7f6b09d Improve readability 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-15 09:58:33 +08:00
Jerry Yu 132d0cb74d Add miss intrinsic by gcc-5.x 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-15 09:58:29 +08:00
Jerry Yu 2c26651938 Improve comments for key expansion 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-15 09:57:37 +08:00
Jerry Yu df87a12c81 Add GCM support 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-15 09:57:32 +08:00
Dave Rodgman e59c46e161
Merge pull request #7278 from daverodgman/aesce-macro-name-tidyup 2023-03-14 20:33:31 +00:00
Dave Rodgman 4a1d3beaee
Merge pull request #7229 from tom-cosgrove-arm/static-assert 2023-03-14 16:57:38 +00:00
Dave Rodgman db6ab247fc Improve macro naming 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-14 16:03:57 +00:00
Dave Rodgman 023c8853ac
Merge pull request #7203 from yuhaoth/pr/add-cpu-modifier-for-aesce 
Add CPU modifier for AESCE
 2023-03-14 15:58:57 +00:00
Tom Cosgrove 57f04b81a0 Have MBEDTLS_STATIC_ASSERT() match current development more closely 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-03-14 12:03:47 +00:00
Przemek Stekiel c0e6250ff9 Fix documentation and tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-14 11:49:36 +01:00
Gilles Peskine 215ecd0439
Merge pull request #7252 from daverodgman/enable_pkcs7 
Enable PKCS 7
 2023-03-14 10:39:50 +01:00
Jan Bruckner 151f64283f Add parsing for Record Size Limit extension in TLS 1.3 
Fixes #7007

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-03-14 08:41:25 +01:00
Jan Bruckner 5a3629b613 Fix debug print of encrypted extensions 
Perform debug print of encrypted extensions buffer only after the buffer length was checked successfully

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-03-14 08:41:25 +01:00
Jerry Yu ec9be84ae6 skip pragma when cpu modifier has been set 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-14 10:42:47 +08:00
Jerry Yu b28d55b242 fix wrong typo and indent issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-14 10:36:47 +08:00
Paul Elliott e4622a3436 Merge remote-tracking branch 'development/development' into development-restricted 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-03-13 17:49:32 +00:00
Przemek Stekiel fde112830f Code optimizations and documentation fixes 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-13 16:28:27 +01:00
Dave Rodgman efbc5f7322 Update wording in comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-13 12:15:49 +00:00
Dave Rodgman 756b028511
Merge pull request #7171 from daverodgman/pr5527 
Fix undefined behavior in ssl_read if buf parameter is NULL
 2023-03-13 10:46:29 +00:00
Jerry Yu 6f86c19d62 Improve readability for compiler version check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-13 11:03:40 +08:00
Jerry Yu 02487a2123 Rename target option flag macro 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-13 10:19:35 +08:00
Jerry Yu 77a010e3b3 Remove the max version limitation for clang workaround 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-13 10:19:35 +08:00
Jerry Yu 490bf08dd9 fix comment issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-13 10:19:34 +08:00
Jerry Yu 7b4d9da08c fix wrong clang version check. 
Both inline assembly and intrinsic need pragma

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-13 10:19:34 +08:00
Jerry Yu ae129c3a20 Add new feature test macros 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-13 10:19:34 +08:00
Jerry Yu 48b999cd6e Add cpu modifiers for aesce.c 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-03-13 10:19:31 +08:00
Przemek Stekiel f309d6b7fb Fix peer user mismatch after rebase 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-12 16:59:28 +01:00
Przemek Stekiel 18cd6c908c Use local macros for j-pake slient/server strings 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-12 16:59:28 +01:00
Przemek Stekiel aa1834254e Fix code style 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-12 16:59:28 +01:00
Przemek Stekiel 09104b8712 rework psa_pake_set_role to be consistent with requirements and adapt tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-12 16:59:28 +01:00
Przemek Stekiel d7f6ad7bc8 Minor fixes (comments, cleanup) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-12 16:59:28 +01:00
Gilles Peskine d0f9b0bacc Don't warn about Msan/Valgrind if AESNI isn't actually built 
The warning is only correct if the assembly code for AESNI is built, not if
MBEDTLS_AESNI_C is activated but MBEDTLS_HAVE_ASM is disabled or the target
architecture isn't x86_64.

This is a partial fix for #7236.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-10 22:28:25 +01:00
Gilles Peskine d4f31c87d1 Update bibliographic references 
There are new versions of the Intel whitepapers and they've moved.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-10 22:21:47 +01:00
Przemek Stekiel 55ceff6d2f Code optimization and style fixes 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-10 14:36:16 +01:00
Przemek Stekiel 4cd20313fe Use user/peer instead role in jpake TLS code 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-10 09:18:03 +01:00
Przemek Stekiel 1e7a927118 Add input getters for jpake user and peer 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-10 09:18:03 +01:00
Przemek Stekiel 26c909d587 Enable support for user/peer for JPAKE 
This is only partial support. Only 'client' and 'server' values are accepted for peer and user.
Remove support for role.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-10 09:18:02 +01:00
Gilles Peskine 4da92832b0
Merge pull request #7117 from valeriosetti/issue6862 
driver-only ECDSA: enable ECDSA-based TLS 1.2 key exchanges
 2023-03-09 20:49:44 +01:00
Dave Rodgman bf4016e5d5
Merge pull request #6567 from mprse/ecjpake-driver-dispatch 2023-03-09 19:23:05 +00:00
Przemek Stekiel 42510a91c4 Use for loop instead while loop 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-09 14:04:17 +01:00
Gabor Mezei e4710ae9ed
Add and fix comments 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-09 13:43:02 +01:00
Dave Rodgman 5e5aa4a4e6
Merge pull request #7218 from tom-cosgrove-arm/fix-typos-230307 
Fix typos in development prior to release
 2023-03-08 17:19:59 +00:00
Dave Rodgman 51b62ef23d
Merge pull request #7228 from tom-cosgrove-arm/fix-alignment.h-on-32-bit-systems 
Fix mbedtls_bswap64() on 32-bit systems
 2023-03-08 17:19:29 +00:00
Manuel Pégourié-Gonnard 913d9bb921
Merge pull request #7162 from valeriosetti/issue7055 
Legacy MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C dependencies in test_suite_psa_crypto
 2023-03-08 17:07:19 +01:00
Valerio Setti 75fba32cb3 ssl: use new macros for ECDSA capabilities 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-08 16:47:28 +01:00
Manuel Pégourié-Gonnard 289e5baa83
Merge pull request #7082 from valeriosetti/issue6861 
driver-only ECDSA: add ssl-opt.sh testing with testing parity
 2023-03-08 16:45:38 +01:00
Gabor Mezei d1f16b937e
Add documentation 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-08 15:26:32 +01:00
Tom Cosgrove 6ef9bb3d74 Implement and use MBEDTLS_STATIC_ASSERT() 
Fixes #3693

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-03-08 14:19:51 +00:00
Tom Cosgrove bbe166e721 Fix mbedtls_bswap64() on 32-bit systems 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-03-08 13:23:24 +00:00
Gabor Mezei 716447ff32
Fix limb size calculation 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-08 14:09:51 +01:00
Gabor Mezei ed1acf642c
Apply naming conventions 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-08 14:09:50 +01:00
Gabor Mezei 5221c04b92
Change the p256_raw fuction to be testable 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-08 14:09:50 +01:00
Gabor Mezei ab6ac91a0a
Extract Secp256r1 from the prototype 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-08 14:09:50 +01:00
Tom Cosgrove c15a2b949d Update the text about gcc5 support for Armv8 CE 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-03-08 12:55:48 +00:00
Przemek Stekiel 07c5ea348c Add check for buffer overflow and fix style. 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-08 13:31:19 +01:00
Valerio Setti 733de595e3 psa_crypto_rsa: remove PK_WRITE_C in psa_rsa_export_key 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-08 11:03:09 +01:00
Valerio Setti 73a218513b psa_crypto_rsa: add comment/explanation for residual PK_WRITE_C guard 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-08 11:03:09 +01:00
Przemek Stekiel 691e91adac Further pake code optimizations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-08 09:54:00 +01:00
Gilles Peskine a2fc399f57
Merge pull request #6829 from AndrzejKurek/unify-psa-errors 
Unify PSA to Mbed TLS error translation
 2023-03-07 19:55:44 +01:00
Gilles Peskine 12e3c8e019
Merge pull request #7168 from mpg/use-md 
Use MD (not low-level hash interface) in X.509 and TLS
 2023-03-07 19:55:12 +01:00
Valerio Setti 2f1d967643 ssl: fix included pk header file 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-07 18:14:34 +01:00
Tom Cosgrove 503d71769c Enable explicit_bzero() on OpenBSD 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-03-07 12:51:11 +00:00
Tom Cosgrove 5c8505f061 Fix typos 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-03-07 11:39:52 +00:00
Janos Follath fe780a3c4b
Merge pull request #7184 from gabor-mezei-arm/6349_Secp224r1_fast_reduction 
Extract Secp224r1 fast reduction from the prototype
 2023-03-07 10:57:58 +00:00
Przemek Stekiel 57580f2539 Use proper enum types for pake state/sequence/step 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-07 10:50:09 +01:00
Przemek Stekiel 4aa99403f4 Fix configuration for accelerated jpake 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-07 10:50:09 +01:00
Przemek Stekiel 4dc83d40af Add check for pake operation buffer overflow 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-07 10:50:00 +01:00
Pengyu Lv 7b6299b49b ssl_cache: Add an interface to remove cache entry by session id 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-07 15:00:22 +08:00
Przemek Stekiel e3ef3a15cd Further pake code optimizations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-06 17:24:32 +01:00
Gabor Mezei 97803abd2a
Update comment 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-06 16:32:16 +01:00
Manuel Pégourié-Gonnard 947cee18a1 Fix memory leak. 
The function reset_checksum() can be called more than once with the same
handshake context (this happens with DTLS clients, and perhaps in other
cases as well). When that happens, we need to free the old MD contexts
before setting them up again.

Note: the PSA path was already doing the right thing by calling abort,
we just needed to do the same on the MD path.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-06 11:59:59 +01:00
Manuel Pégourié-Gonnard 228a30d16c
Merge pull request #7120 from mpg/md-light 
Define "MD light" subset of MD
 2023-03-06 11:02:19 +01:00
Dave Rodgman 4693fd9e9e
Merge pull request #7173 from daverodgman/zeroize-platform 
Use platform-provided secure zeroization
 2023-03-06 09:16:12 +00:00
Dave Rodgman b0d96a23a9 Remove not-needed EABI exclusion 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-03 17:06:09 +00:00
Dave Rodgman 45cef61fa4
Merge branch 'development' into md-light 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-03 14:28:13 +00:00
Przemek Stekiel 57207711d8 Add MBEDTLS_ASN1_CHK_CLEANUP_ADD macro to be able to release memory on failure 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-03 12:58:29 +01:00
Przemek Stekiel 5a49d3cce3 Replace mbedtls_x509_san_node with mbedtls_x509_subject_alternative_name 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-03 12:58:11 +01:00
Przemek Stekiel f40de93b1a Remove redundant variable 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-03 12:58:10 +01:00
Andrzej Kurek 270b3f9790 Rename error_pair_t to mbedtls_error_pair_t 
Required by our coding standards.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:54:13 -05:00
Andrzej Kurek daf5b56b02 Translate to MD errors in ssl-tls.c 
With the introduction of #7047, ssl_tls.c uses 
mbedtls_md_error_from_psa. This complicates
the dependencies for compiling in psa_to_md_errors,
since now these should be ifdeffed also by
MBEDTLS_USE_PSA_CRYPTO followed by a series of or'ed
MBEDTLS_HAS_ALG_SHA_XXX_VIA_MD_OR_PSA_BASED_ON_USE_PSA.
Since this mechanism will be removed soon, we can simplify it to
just MBEDTLS_USE_PSA_CRYPTO.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:52:28 -05:00
Andrzej Kurek 747ab4ea5e Introduce error_pair_t to psa utils 
This way error handling can be written in a cleaner way.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:23:45 -05:00
Andrzej Kurek 138b30ac62 Add missing const qualifiers 
Also improve documentation
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:23:45 -05:00
Andrzej Kurek ba24138e0f Duplicate error logic in pk_wrap deprecated functions 
GCC 4.6+ complains if a deprecated function calls another.
Working around this universally would require a lot of
preprocessing, this seems to be an easier solution.
Copy mbedtls_pk_error_from_psa code without duplicates
instead of calling the function.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:23:45 -05:00
Andrzej Kurek 8a045ce5e6 Unify PSA to Mbed TLS error translation 
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:23:44 -05:00
Gilles Peskine 6def41b146
Merge pull request #6932 from yuhaoth/pr/fix-arm64-host-build-and-illegal_instrucion-fail 
Replace CPU modifier check with file scope target cpu modifiers
 2023-03-02 15:36:41 +01:00
Dave Rodgman 528bfa640c Whitespace fix 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-02 13:54:43 +00:00
Gabor Mezei aeadc2d731
Apply naming convention 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-03-01 16:53:03 +01:00
Dave Rodgman 6d6a720603 Protect against possible macro redefinition warning 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-01 15:09:40 +00:00
Paul Elliott d1cddff71a
Merge pull request #7189 from daverodgman/armcc-fix 
Fix macro redefinition warning from armclang
 2023-03-01 11:59:26 +00:00
Gilles Peskine 802ff1b116
Merge pull request #7147 from paul-elliott-arm/interruptible_sign_hash_codestyle_drivers 
Remove driver entry points for psa_{get|set}_max_ops()
 2023-03-01 10:46:09 +01:00
Dave Rodgman 914c632646 Whitespace 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-01 09:30:14 +00:00
Gabor Mezei 620f0dc850
Fix for 32-bit 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-28 18:42:33 +01:00
Gabor Mezei 08a94953e1
Apply naming convention for p224 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-28 18:40:57 +01:00
Dave Rodgman e47899df20 Fix macro redefinition warning from armcc 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-28 17:39:03 +00:00
Gilles Peskine 7e677fa2c5
Merge pull request #6389 from gilles-peskine-arm/ecdsa-use-psa-without-pkwrite 
Remove pkwrite dependency in pk using PSA for ECDSA
 2023-02-28 18:17:16 +01:00
Gilles Peskine b52b788e55
Merge pull request #6895 from yuhaoth/pr/add-aes-with-armv8-crypto-extension 
Add AES with armv8 crypto extension
 2023-02-28 18:16:37 +01:00
Paul Elliott 6a459f5de5
Merge pull request #7143 from paul-elliott-arm/interruptible_sign_hash_codestyle_wipeout 
Update psa_wipe_output_buffer() and change name to psa_wipe_tag_output_buffer()
 2023-02-28 15:34:06 +00:00
Jerry Yu 608e1093de Improve comment about conflicts between aesce and sha512-crypto 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-02-28 12:50:00 +08:00
Paul Elliott 15d7d43904 Pacify Clang 15 
Changes for interruptible {sign|verify} hash were not merged at the time of the
previous clang 15 /retval fixes, thus this fixes code added at that time.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-27 17:25:57 +00:00
Gabor Mezei 5afb80e00a
Fix coding style issues 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-27 17:00:34 +01:00
Gabor Mezei 804cfd32ea
Follow the naming convention 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-27 16:50:09 +01:00
Gabor Mezei bf506361c4
Revert the illustration and remove unnecessary code 
This reverts commit 73e8553273.
Removes the second round of carry reduction from p224.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-27 16:37:32 +01:00
Gabor Mezei 73e8553273
Add comments to illustrate the second round of carry reduction is unnecessary 
The first round of carry reduction can not generate a carry thus the
secound round is not needed. The comments illustrating when the
carry is 1. The reduction is simmetric so the case when the carry is
-1 is similar.
The illustration is trying to calculate the input value starting with
setting the carry to 1 before the second round of the carry reduction.
It calculates backwords and tries to determine the value range of
each word. It ends up with a contradiction that A10 must have the
value of 0 and UINT32_MAX.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-27 16:32:42 +01:00
Gabor Mezei a835d20cde
Add documentation 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-02-27 15:58:30 +01:00
Paul Elliott ac2251dad1
Merge pull request #7076 from mprse/parse_RFC822_name 
Add parsing of x509 RFC822 name + test
 2023-02-27 14:16:13 +00:00
Jerry Yu fc2e128fc9 Fix grammar issues and remove useless code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-02-27 11:16:56 +08:00
Paul Elliott 7118d17df1 Pacify code style checker 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-26 16:57:05 +00:00
Dave Rodgman 096e72959b Fix case of include header for mingw 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-25 17:17:35 +00:00
Dave Rodgman f5e531a87b Fix code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-25 17:17:15 +00:00
Dave Rodgman 703f805f09 Improve explicit_bzero detection 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-25 15:19:52 +00:00
Dave Rodgman fe57a2e008 Remove newlib detection 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-25 14:16:34 +00:00
Dave Rodgman 82f3de55b2 tidy up brackets 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-25 14:08:22 +00:00
Dave Rodgman 828ec905db Improve explicit_bzero detection 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-25 13:32:26 +00:00
Dave Rodgman f0a0e43053 explicit_bzero is not available on arm-none-eabi 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-24 19:01:48 +00:00
Dave Rodgman a6fda16a41 Fix re-definition of __STDC_WANT_LIB_EXT1__ 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-24 19:00:38 +00:00
Dave Rodgman 8a7d26f12c Typo fix 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-24 18:19:24 +00:00
Paul Elliott dc42ca8a7e Use psa_wipe_tag_buffer() for MAC and aead code. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-24 18:11:59 +00:00
Dave Rodgman 8b6eded03d
Tidy-up comment 
Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-24 18:07:05 +00:00
Paul Elliott 7bc24cc512 Fix typos in documentation. 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-24 18:04:16 +00:00
Dave Rodgman 4daca63734 Documentation 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-24 17:43:00 +00:00
Dave Rodgman f55182d2bf Use platform-provided secure zeroization call 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-24 17:42:43 +00:00
Dave Rodgman f68402565a Add corresponding fix for mbedtls_ssl_write 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-24 15:57:30 +00:00