yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
28537 commits 89 branches 205 tags 114 MiB
Commit graph

12501 commits

Author SHA1 Message Date
Dave Rodgman a11eac4292 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-14 16:16:04 +01:00
Dave Rodgman e99b24dd9f Fix some clang-18 warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-14 15:52:02 +01:00
Yanray Wang 7732ced037 cipher_wrap: remove 192- and 256-bit for AES_ONLY_128_BIT_KEY_LENGTH 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-14 14:35:44 +08:00
mcagriaksoy d9f22804ea Fixes log level for got supported group message 
Signed-off-by: mcagriaksoy <mcagriaksoy@yandex.com>
 2023-09-13 22:43:38 +02:00
Gilles Peskine 0ddffb6de2
Merge pull request #7210 from sergio-nsk/patch-2 
Fix llvm error: variable 'default_iv_length' and other may be used uninitialized
 2023-09-13 16:38:55 +02:00
Gilles Peskine 9b5d7d7801
Merge pull request #8195 from daverodgman/improve_sslmsg 
Improve use of ct interface in mbedtls_ssl_decrypt_buf
 2023-09-13 12:32:12 +00:00
Gilles Peskine 3cea3efc25
Merge pull request #8025 from AgathiyanB/accept-numericoid-hexstring-x509 
Accept numericoid hexstring x509
 2023-09-13 08:54:33 +00:00
Gilles Peskine f22999e99f
Merge pull request #8093 from yuhaoth/pr/add-target-architecture-macros 
Add architecture detection macros
 2023-09-13 08:53:47 +00:00
Dave Rodgman da0bb9fae8
Merge pull request #8034 from gilles-peskine-arm/bump_version-doc_mainpage 
Update capitalization of "Mbed" and fix bump_version.sh
 2023-09-13 08:41:20 +00:00
Dave Rodgman 7d52f2a0d9 Improve use of ct interface in mbedtls_ssl_decrypt_buf 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-13 09:30:03 +01:00
Gilles Peskine e820c0abc8 Update spelling "mbed TLS" to "Mbed TLS" 
The official spelling of the trade mark changed from all-lowercase "mbed"
to normal proper noun capitalization "Mbed" a few years ago. We've been
using the new spelling in new text but still have the old spelling in a
lot of text. This commit updates most occurrences of "mbed TLS":

```
sed -i -e 's/mbed TLS/Mbed TLS/g' $(git ls-files ':!ChangeLog' ':!tests/data_files/**' ':!tests/suites/*.data' ':!programs/x509/*' ':!configs/tfm*')
```

Justification for the omissions:

* `ChangeLog`: historical text.
* `test/data_files/**`, `tests/suites/*.data`, `programs/x509/*`: many
  occurrences are significant names in certificates and such. Changing
  the spelling would invalidate many signatures and tests.
* `configs/tfm*`: this is an imported file. We'll follow the upstream
  updates.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-12 19:18:17 +02:00
Agathiyan Bragadeesh a72ea814d8 Remove double blank line in x509_create.c 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-12 17:57:09 +01:00
Agathiyan Bragadeesh c7959b22c6 Remove magic number in x509.c 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-12 17:56:58 +01:00
Tom Cosgrove 9d8a7d62f5 Use the correct variable when tracking padding length 
Fixes an error introduced in a81373f80

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-09-12 16:01:52 +01:00
Waleed Elmelegy 57d09b72ef Return back to modifying input parameters in pkcs12_parse_pbe_params 
Return back to modifying input parameters in pkcs12_parse_pbe_params
to avoid change in behaviour.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-12 14:05:10 +01:00
Waleed Elmelegy a7d206fce6 Check set_padding has been called in mbedtls_cipher_finish 
Check set_padding has been called in mbedtls_cipher_finish
in modes that require padding.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-12 13:39:36 +01:00
Dave Rodgman bd58944252 Avoid implementation defined behaviour 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-12 12:38:53 +01:00
Dave Rodgman 2b0d53a2a8
Merge pull request #7590 from daverodgman/ct-x86-asm 
Constant time asm for x86 and x86-64
 2023-09-12 09:58:44 +00:00
Dave Rodgman 50b0a35494 Test INT_MAX rather than UINT_MAX 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-12 09:30:44 +01:00
Dave Rodgman 98926d5fb1 Update comment, and replace bit-twiddling with #error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-12 09:29:33 +01:00
Ronald Cron ad2f351c6b
Merge pull request #8171 from ronald-cron-arm/misc-minor-fixes 
One minor fix
 2023-09-12 06:00:48 +00:00
Dave Rodgman 4f26770291 Ensure mbedtls_ct_memcpy behaves correctly with 16-bit int 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 19:10:09 +01:00
Dave Rodgman dc669a1944 Fix type error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 18:39:57 +01:00
Dave Rodgman 5265c318a0 Fix type-conversion error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 18:04:13 +01:00
Dave Rodgman 49352832c9 Eliminate duplicate of mbedtls_asn1_find_named_data 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 17:10:43 +01:00
Dave Rodgman 33287ae134 Tidy up mbedtls_asn1_write_len 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 17:10:43 +01:00
Dave Rodgman cf5f746a8c Refactor out some common code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 16:27:34 +01:00
Dave Rodgman 7fda906a68
Merge pull request #8161 from gilles-peskine-arm/config-boolean-options-wrong-section-202309 
Fix module configuration options in mbedtls_config.h
 2023-09-11 15:08:56 +00:00
Dave Rodgman 3bbedf6ba0 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 16:06:28 +01:00
Dave Rodgman 9f366b07ea Reduce code size in mbedtls_asn1_write_len 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 16:00:03 +01:00
Dave Rodgman 82fe0828b2
Merge pull request #8180 from daverodgman/sha2-zeroize 
Ensure all md_<hash>_finish functions perform zeroization
 2023-09-11 15:13:27 +01:00
Dave Rodgman aafd1e0924 Ensure all md_<hash>_finish functions perform zeroization 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 12:59:36 +01:00
Tom Cosgrove 876346e451 Remove always-false null pointer check in sha3.c that Coverity complains about 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-09-11 09:03:01 +01:00
Dave Rodgman 3f8e483eed Mark y as modified in x86 asm for mbedtls_ct_uint_lt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:57:40 +01:00
Dave Rodgman 4a97e73661 Eliminate a redundant not from x86 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:26:18 +01:00
Dave Rodgman b6b8f6c68d Make variable name consistent in x86_64 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:19:32 +01:00
Dave Rodgman 5f249852a5 Better register allocation for x86_64 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:18:29 +01:00
Dave Rodgman 99f0cdc0e0 Remove not-needed mov in x86_64 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:18:04 +01:00
Waleed Elmelegy e1cb35b719 Add new mbedtls_pkcs12_pbe_ext function to replace old function 
Add new mbedtls_pkcs12_pbe_ext function to replace
old mbedtls_pkcs12_pbe function that have security
issues.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-08 16:51:26 +01:00
Gilles Peskine 0b62b7a21f Allow turning off re-generation of files with make 
In make builds, when GEN_FILES is false (empty), don't try to re-generate
configuration-independent source files, regardless of whether they seem
out of date. This is useful, for example, if you have a source tree where
`make generated_files` has already run and file timestamps reflect the
time the files were copied or extracted, and you are now in an environment
that lacks some of the necessary tools to re-generate the files.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-08 16:19:13 +02:00
Gilles Peskine 31d49cd57f
Merge pull request #1053 from waleed-elmelegy-arm/Improve-and-test-mbedtls_pkcs12_pbe 
Improve & test legacy mbedtls_pkcs12_pbe
 2023-09-08 13:08:05 +02:00
Agathiyan Bragadeesh 706a1c3c3f Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-08 12:04:41 +01:00
Agathiyan Bragadeesh c34804dea2 Fix bug with checking max dn length with hexpairs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-08 11:32:19 +01:00
Ronald Cron b9c7953442 pkwrite: Fix defined but not used warning 
Fix defined but not used warning when
MBEDTLS_USE_PSA_CRYPTO, MBEDTLS_PK_HAVE_RFC8410_CURVES
and MBEDTLS_PK_HAVE_ECC_KEYS are defined but not
MBEDTLS_PEM_WRITE_C.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-09-07 14:20:49 +02:00
Yanray Wang 56e27b9938 des: don't consider DES for CIPHER_ENCRYPT_ONLY 
We only support ECB and CBC modes for DES. Those two modes require
both encrypt and decrypt directions, so we don't consider DES with
CIPHER_ENCRYPT_ONLY.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-07 18:00:35 +08:00
Yanray Wang 9b811658a8 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-09-07 16:18:00 +08:00
Gilles Peskine 58590983c5
Merge pull request #8160 from daverodgman/warn-unreachable 
Fix clang warnings about unreachable code
 2023-09-06 09:47:03 +00:00
Dave Rodgman 85061b97b5 Improve sanity checking of MBEDTLS_HAVE_INTxx 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-06 08:41:05 +01:00
Dave Rodgman b7b8c09c81
Update bignum_core.c 
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 20:35:19 +01:00
Gilles Peskine ff2558a470 Fix unused variable in some TLS 1.3 builds 
Fix unused variable when MBEDTLS_SSL_PROTO_TLS1_3 and
MBEDTLS_SSL_SESSION_TICKETS are enabled but not MBEDTLS_DEBUG_C.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-05 21:10:39 +02:00
Dave Rodgman 7e1e7be8fc Simplify fixes for unreachable code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 18:15:31 +01:00
Dave Rodgman cfa722324c Fix warnings about unreachable code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 16:53:33 +01:00
Dave Rodgman 0364c8a773 Introduce MBEDTLS_IGNORE_UNREACHABLE_BEGIN 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 16:20:19 +01:00
Waleed Elmelegy 255db80910 Improve & test legacy mbedtls_pkcs12_pbe 
* Prevent pkcs12_pbe encryption when PKCS7 padding has been
  disabled since this not part of the specs.
* Allow decryption when PKCS7 padding is disabled for legacy
  reasons, However, invalid padding is not checked.
* Document new behaviour, known limitations and possible
  security concerns.
* Add tests to check these scenarios. Test data has been
  generated by the below code using OpenSSL as a reference:

#include <openssl/pkcs12.h>
#include <openssl/evp.h>
#include <openssl/des.h>
#include <openssl/asn1.h>
#include "crypto/asn1.h"
#include <string.h>

int main()
{
    char pass[] = "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB";
    unsigned char salt[] = "\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC";
    unsigned char plaintext[] = "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA";
    unsigned char *ciphertext = NULL;
    int iter = 10;
    X509_ALGOR *alg =  X509_ALGOR_new();
    int ciphertext_len = 0;
    int alg_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
    alg->parameter = ASN1_TYPE_new();
    struct asn1_object_st * aobj;
    PKCS5_pbe_set0_algor(alg, alg_nid, iter,
                         salt, sizeof(salt)-1);

    aobj = alg->algorithm;
    printf("\"30%.2X", 2 + aobj->length + alg->parameter->value.asn1_string->length);
    printf("06%.2X", aobj->length);
    for (int i = 0; i < aobj->length; i++) {
        printf("%.2X", aobj->data[i]);
    }

    for (int i = 0; i < alg->parameter->value.asn1_string->length; i++) {
        printf("%.2X", alg->parameter->value.asn1_string->data[i]);
    }
    printf("\":\"");

    for (int i = 0; i < sizeof(pass)-1; i++) {
        printf("%.2X", pass[i] & 0xFF);
    }
    printf("\":\"");
    for (int i = 0; i < sizeof(plaintext)-1; i++) {
        printf("%.2X", plaintext[i]);
    }
    printf("\":");
    printf("0");
    printf(":\"");

    unsigned char * res = PKCS12_pbe_crypt(alg, pass, sizeof(pass)-1, plaintext, sizeof(plaintext)-1, &ciphertext, &ciphertext_len, 1);

    if (res == NULL)
        printf("Encryption failed!\n");
    for (int i = 0; i < ciphertext_len; i++) {
        printf("%.2X", res[i]);
    }
    printf("\"\n");

    return 0;
}

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
#
 2023-09-05 15:45:55 +01:00
Paul Elliott 945d674c8d
Merge pull request #8157 from actonlang/fix-include-psa-utils-internals 
Use quotes include of psa_util_internal.h
 2023-09-05 12:52:19 +00:00
Tom Cosgrove 8bd8a462d2
Merge pull request #8141 from tom-cosgrove-arm/define-psa-macros-to-1 
Define all PSA_xxx macros to 1 rather than have them empty, for consistency
 2023-09-04 21:27:01 +00:00
Agathiyan Bragadeesh fca0861e8e Add asn1 get tag and len to x509 create config 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-04 15:45:37 +01:00
Agathiyan Bragadeesh 86dc08599b Add asn1 write tag and len to x509 use c config 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-04 15:40:41 +01:00
Gilles Peskine 1a7d387072
Merge pull request #1041 from waleed-elmelegy-arm/add-new-pkcs5-pbe2-ext-fun 
Add new pkcs5 pbe2 ext fun
 2023-09-04 15:33:42 +02:00
Kristian Larsson a1aeff4124 Use quotes include of psa_util_internal.h 
psa_utils_internal.h was broken out of mbedtls/psa_utils.h, which in
some places were included as <mbedtls/psa_utils.h>. But since
psa_utils_internals.h should be internal, we should not rely on the
system include paths. I suspect a regexp replace gone slightly wrong.

Signed-off-by: Kristian Larsson <kristian@spritelink.net>
 2023-09-04 10:36:37 +02:00
Dave Rodgman 4f69668558
Merge pull request #8082 from daverodgman/misc-code-size 
Misc code size improvements
 2023-09-02 11:44:31 +00:00
Dave Rodgman 662c497395
Merge pull request #8144 from daverodgman/zeroize-stronger 
Add more protection to mbedtls_platform_zeroize
 2023-09-02 10:59:12 +01:00
Dave Rodgman 1dab445804 Update guard for ecp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-02 10:56:44 +01:00
Dave Rodgman 16a76721b6
Merge pull request #8068 from paul-elliott-arm/fix_tls_zeroization 
Fix TLS pad buffer zeroization
 2023-09-01 23:35:23 +00:00
Waleed-Ziad Maamoun-Elmelegy c5fef82c52 Fix typo in pkcs5.c 
Co-authored-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-01 11:45:39 +01:00
Dave Rodgman fe55320b5c Avoid error from old gcc version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 11:15:28 +01:00
Dave Rodgman 5f6060a1f3 Code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 11:00:58 +01:00
Yanray Wang dbcc0c6172 aes: define internal macro to simplify #if Directive 
No semantic changes, only yo simplify #if Directive
with introduction of MBEDTLS_AES_NEED_FORWARD_S_BOXES and
MBEDTLS_AES_NEED_REVERSE_TABLES.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 17:35:58 +08:00
Yanray Wang db9b3095fb cipher_wrap: remove *setkey_dec_func in CIPHER_ENCRYPT_ONLY 
There is no need to set decrypt key under CIPHER_ENCRYPT_ONLY,
so we can remove *setkey_dec_func from ctx to save extra code size.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 17:35:31 +08:00
Dave Rodgman ba67451562 Fix gcc compile warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 10:14:46 +01:00
Dave Rodgman ac3cf7c20b Add more protection to mbedtls_platform_zeroize 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 10:09:31 +01:00
Yanray Wang 9141ad1223 aria/camellia/des: guard setkey_dec by CIPHER_ENCRYPT_ONLY 
This is a pre-step to remove *setkey_dec_func in cipher_wrap ctx
when CIPHER_ENCRYPT_ONLY is enabled.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 17:06:38 +08:00
Yanray Wang 380be5af3a AESNI: add macro guard of CIPHER_ENCRYPT_ONLY 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 16:40:11 +08:00
Yanray Wang 590c9b7abe AESCE: add macro guard of CIPHER_ENCRYPT_ONLY 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 16:39:28 +08:00
Yanray Wang 78ee0c9e4f aes.c: add config option to support cipher_encrypt_only 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 16:35:33 +08:00
Paul Elliott 6ebe7d2e3a
Merge pull request #8095 from davidhorstmann-arm/initialize-struct-get-other-name 
Coverity fix: Set `type_id` in `x509_get_other_name()`
 2023-08-31 16:26:00 +00:00
Tom Cosgrove c43c3aaf02 Define all PSA_xxx macros to 1 rather than have them empty, for consistency 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-08-31 17:06:58 +01:00
Dave Rodgman 4f47f3dac8 Covert PSA guards to MBEDTLS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 12:10:00 +01:00
Dave Rodgman a9a53a05f0 Merge remote-tracking branch 'origin/development' into misc-code-size 2023-08-31 11:53:46 +01:00
Dave Rodgman dea266f3f5 Use MBEDTLS_MD_LIGHT instead of MBEDTLS_MD_C 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 11:52:43 +01:00
Dave Rodgman 8d706f6b59 Simplify camellia error conversion macros 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 11:48:44 +01:00
Dave Rodgman 09a9e589c1 Add missing error conversion case 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 11:05:22 +01:00
Dave Rodgman 68efcf56ed Remove not-needed #include 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 10:09:05 +01:00
Dave Rodgman 984309c2c3 Call mbedtls_platform_zeroize via mbedtls_sha3_free 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-30 19:22:28 +01:00
Dave Rodgman dbddb00158 Ensure mbedtls_sha3_finish zeroizes the context 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-30 18:43:23 +01:00
Gilles Peskine 03e9dea30b Merge remote-tracking branch 'development' into psa_crypto_config-in-full 
Conflicts:
* `include/psa/crypto_sizes.h`: the addition of the `u` suffix in this branch
  conflicts with the rework of the calculation of `PSA_HASH_MAX_SIZE` and
  `PSA_HMAC_MAX_HASH_BLOCK_SIZE` in `development`. Use the new definitions
  from `development`, and add the `u` suffix to the relevant constants.
 2023-08-30 18:32:57 +02:00
Agathiyan Bragadeesh a2423debcc Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 16:24:31 +01:00
Agathiyan Bragadeesh de02ee268e Refactor parse_attribute_value_string 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 16:12:57 +01:00
Agathiyan Bragadeesh 1aece47e8c Make hexpair_to_int take a char pointer 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 16:05:24 +01:00
Agathiyan Bragadeesh e9d1c8e1eb Reword and reformat comments 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 15:55:31 +01:00
Agathiyan Bragadeesh ef6abd4062 Add blank lines after variable declarations 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 15:55:12 +01:00
Dave Rodgman 730bbee226 Merge remote-tracking branch 'origin/development' into update-restricted-2023-08-30 2023-08-30 11:22:00 +01:00
Dave Rodgman 29bf911058
Merge pull request #7839 from daverodgman/psa-sha3 
SHA-3 via PSA
 2023-08-30 08:51:36 +00:00
Waleed Elmelegy 79b6e26b1b Improve mbedtls_pkcs5_pbes2_ext function test data 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-29 14:55:03 +01:00
Dave Rodgman 787011542b Fully replace mbedtls_psa_safer_memcmp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 14:20:18 +01:00
Dave Rodgman e97de40e7b Typo fix 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:47:35 +01:00
Dave Rodgman 6d5261e38f Fix typo in doxygen for mbedtls_ct_memcpy_offset 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman b69239c604 Improve docs in mbedtls_mpi_lt_mpi_ct 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman d44dd96132 Improve docs re duplicate declarations 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman 0cf9dd1056 Whitespace - tidy up asm and make it more consistent 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman 81673bba77 Add x86 const-time assembly 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman 664fea481c Add x86-64 const-time assembly 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman d395590597
Merge pull request #7579 from daverodgman/safer-ct-asm 
Arm assembly implementation of constant time primitives
 2023-08-28 08:26:29 +00:00
Jerry Yu f65f71eef3 improve various issues 
- duplicate definition
- wrong comments
- redundant include statement

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-28 10:58:24 +08:00
Yanray Wang 044eb16379 pkwrite: zeroize buf containing info of private key 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-28 10:35:41 +08:00
Gilles Peskine 2a296729d0
Merge pull request #8084 from AgathiyanB/remove-type-qualifier-in-assignment-casts 
Remove type qualifier in assignment casts
 2023-08-24 18:02:11 +00:00
Yanray Wang 427424768a aes.c: provide finer guard for RSb 
Variable RSb is only used for either computing reverse tables
in aes_gen_tables or AES-decryption function. This commit provides
more guards for when RSb is defined and used.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-24 11:12:22 +08:00
Yanray Wang 422a77f716 aes.c: clean up and fix wrong comment in #endif 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-24 11:11:46 +08:00
Agathiyan Bragadeesh 457ac84f01 Refactor previous fix 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 11:35:26 +01:00
Agathiyan Bragadeesh 4c7d7bf583 Add guard for empty AttributeValue 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 11:28:30 +01:00
Jerry Yu 782b966666 replace target arch macros in padlock 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-23 17:15:35 +08:00
Jerry Yu d6e312dde4 replace aesni target detection macros 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-23 17:15:34 +08:00
Jerry Yu 72fd0bdc71 replace arm64 macro and aesce enable flag 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-23 17:15:34 +08:00
Agathiyan Bragadeesh 15df01240d Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 17:50:00 +01:00
Agathiyan Bragadeesh 4606bf3f38 Refactor reading AttributeValue in dn gets 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 17:29:18 +01:00
Agathiyan Bragadeesh 022f86f108 Prevent output of escaped null characters dn gets 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:56:04 +01:00
Agathiyan Bragadeesh d9d79bb74b Rename parse_attribute_value_ber_encoded 
Now renamed to parse_attribute_value_der_encoded to be consistent with
names elsewhere

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:43:58 +01:00
Agathiyan Bragadeesh 8aa74ab6a9 Add return for buffer too small when reading OIDs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:42:27 +01:00
Agathiyan Bragadeesh f3b9724dcd Remove questionable use of macro. 
MBEDTLS_X509_SAFE_SNPRINTF was used after mbedtls_oid_get_numeric_string
so instead we have expanded the macro and kept the relevant code.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:37:11 +01:00
Agathiyan Bragadeesh 07f472a88b Add corruption detected return when writing asn1 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:29:39 +01:00
Tom Cosgrove 3d2d599d3e
Merge pull request #7996 from gilles-peskine-arm/small_primes-gaps 
Reduce the size of the small primes table used by primality testing
 2023-08-22 12:48:56 +00:00
Agathiyan Bragadeesh ba386ec23e Remove magic number for null tag 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 12b9d7040e Remove x509_oid_from_numericoid 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh fb94702762 Add catch for alloc error x509_oid_from_numericoid 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 4294ccc608 Use mbedtls_calloc instead of calloc 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 55d93192b1 Fix oid memory leak 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh f826d1113e Reject null bytes in DER encoded values in DNs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh eb55867520 Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 9caaa6d967 Reject escaped null hexpairs in DNs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 957ca0595d Accept short name/ber encoded data in DNs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 17984874af Change error from unknown oid to invalid name 
Since the implementation no longer needs to know the oid, it makes more
sense for the error message to be an invalid name.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh f88bd5ac86 Accept any valid oid in string_to_names 
Instead of using x509_attrs, use generic oid conversion.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh af70c7dce7 Write numeric oid directly to buffer 
mbedtls_oid_get_numeric_string now points to output buffer in dn_gets

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh a7f9630925 Remove duplicate '+' in comparison string 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 5adffb2488 Refactor dn_gets use library function to write tag 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 2bf09a61a3 Fix style on left shift operations 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh e18a1789fd Use MBEDTLS_X509_MAX_DN_NAME_SIZE for buffer size 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh ee642d93a8 Format preprocessor conditionals 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh ed88eefe8e Rename in_tag to in_attr_type 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 97178f231f Fix code style in mbedtls_x509_string_to_names 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 7f639fc7ab Fix Windows x64 build errors with type conversions 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 39ba121d3a Fix memory leak in alternative code route 
If no oid is found, and x509_attr_descr_from_numericoid returns NULL,
previously the memory allocated for the oid wasn't freed.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh f818e01edb FIx memory leak in x509_attr_descr_from_numericoid; 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh a1f5c2d06f Move declaration of variables in dn_gets to top 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 0a4b6d88d0 Alter conditions on hexstring output dn_gets 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 4987c8fcb0 Fix code style on x509.c and x509_create.c 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh c9d74f3109 Refactor AttributeType in mbedtls_x509_dn_gets 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 0eb6673a80 Add preprocessor config guards 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 6cbfae591a Parse DER tag mbedtls_x509_string_to_names 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh ddc720d209 Add mbedtls_x509_dn_gets hexstring output 
If the data is a bitstring or an octet string, instead use the hexstring
of the BER encoding (RFC 4514 Section 2.4)

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh b73778d8f9 Implement parse_attribute_value_ber_encoded 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh e119f3c0ea Refactor mbedtls_x509_string_to_names 
This refactor is to accomodate future support of numericoid/hexstring
attributetype value pairs.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh f0e1ac59d8 Rewrite nibble_to_hex_digit for readability 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 9d2507c81d Rename x509_int_to_hexdigit to nibble_to_hex_digit 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh ef2decbe4a Escape hexpairs characters RFC 4514 
Converts none ascii to escaped hexpairs in mbedtls_x509_dn_gets and
interprets hexpairs in mbedtls_x509_string_to_names.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:38:16 +01:00
Agathiyan Bragadeesh 48513b8639 Escape special characters RFC 4514 
This escapes special characters according to RFC 4514 in
mbedtls_x509_dn_gets and de-escapes in mbedtls_x509_string_to_names.
This commit does not handle hexpairs.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:38:16 +01:00
Gilles Peskine 30b0378008 Fix off-by-one error 
The value of p after adding the last entry in the gap table is not used.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-22 11:06:47 +02:00
Dave Rodgman e20d688463
Fix missing operand modifier 
Co-authored-by: Yanray Wang <yanray.wang@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-22 08:46:18 +01:00
Dave Rodgman 0c99a9083e Avoid signed right shift UB 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-21 17:06:24 +01:00
Tom Cosgrove 31b2d7414d
Merge pull request #8053 from gilles-peskine-arm/mpi_exp_mod-remove_initial_copy 
mbedtls_mpi_exp_mod: remove spurious copy of the output variable
 2023-08-21 15:50:28 +00:00
Gilles Peskine 0addbe6dc7
Merge pull request #8069 from paul-elliott-arm/fix_ecjpake_deadcode 
Fix logical dead code found by Coverity
 2023-08-21 14:44:36 +00:00
Dave Rodgman 65204f8fc8
Merge pull request #8035 from daverodgman/aesce-support-perf 
Make mbedtls_aesce_has_support more efficient
 2023-08-21 14:39:08 +00:00
Tom Cosgrove d29648026b
Merge pull request #8017 from ivq/unchecked_return 
Fix a few unchecked return values
 2023-08-21 13:02:53 +00:00
Janos Follath e220d258fd
Merge pull request #8086 from yanesca/remove-new-bignum 
Remove new bignum when not needed
 2023-08-21 10:59:41 +00:00
Yanray Wang 08d5f46c83 pkwrite.c: call calloc and free properly 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-21 15:15:24 +08:00
Dave Rodgman 0ce0fbc32a Simplify aarch64 asm for mbedtls_ct_uint_lt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-21 07:58:50 +01:00
Dave Rodgman 3ab114e3da Move non-function-specific macro outside of function definition 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-21 07:54:11 +01:00
Gilles Peskine ead1766b5f Fix PBKDF2 with empty salt segment on platforms where malloc(0)=NULL 
"Fix PBKDF2 with empty salt on platforms where malloc(0)=NULL" took care of
making an empty salt work. But it didn't fix the case of an empty salt
segment followed by a non-empty salt segment, which still invoked memcpy
with a potentially null pointer as the source. This commit fixes that case,
and also simplifies the logic in the function a little.

Test data obtained with:
```
pip3 install cryptodome
python3 -c 'import sys; from Crypto.Hash import SHA256; from Crypto.Protocol.KDF import PBKDF2; cost = int(sys.argv[1], 0); salt = bytes.fromhex(sys.argv[2]); password = bytes.fromhex(sys.argv[3]); n = int(sys.argv[4], 0); print(PBKDF2(password=password, salt=salt, dkLen=n, count=cost, hmac_hash_module=SHA256).hex())' 1 "" "706173737764" 64
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-20 22:05:16 +02:00
Dave Rodgman f2249ec905 Rename mbedtls_aesce_has_support macro to satisfy case rules 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-20 20:20:12 +01:00
Dave Rodgman b30adce7fd Use -1 as uninitialised marker 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-20 20:20:12 +01:00
Dave Rodgman 4566132163 Make mbedtls_aesce_has_support more efficient 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-20 20:20:12 +01:00
Dave Rodgman 1fdc884ed8
Merge pull request #7384 from yuhaoth/pr/add-aes-accelerator-only-mode 
AES: Add accelerator only mode
 2023-08-18 20:55:44 +00:00
David Horstmann cfae6a1ae9 Fix incorrect detection of HardwareModuleName 
The hardware module name otherName SAN contains 2 OIDs:

 OtherName ::= SEQUENCE {
      type-id    OBJECT IDENTIFIER,
      value      [0] EXPLICIT ANY DEFINED BY type-id }

 HardwareModuleName ::= SEQUENCE {
                           hwType OBJECT IDENTIFIER,
                           hwSerialNum OCTET STRING }

The first, type-id, is the one that identifies the otherName as a
HardwareModuleName. The second, hwType, identifies the type of hardware.

This change fixes 2 issues:

1. We were erroneously trying to identify HardwareModuleNames by looking
at hwType, not type-id.
2. We accidentally inverted the check so that we were checking that
hwType did NOT match HardwareModuleName.

This fix ensures that type-id is correctly checked to make sure that it
matches the OID for HardwareModuleName.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-18 19:31:39 +01:00
David Horstmann 2ea44d28de Fix: Set type_id in x509_get_other_name() 
When parsing a subject alternative name of type otherName, retain the
type-id field of the otherName. Previously this was not copied to the
mbedtls_x509_san_other_name struct when it should have been.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-18 18:36:02 +01:00
Jerry Yu 0a6272d6c9 revert padlock from aesni module 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-18 17:35:59 +08:00
Jerry Yu 61fc5ed5f3 improve readability of error message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-18 17:28:48 +08:00
Jerry Yu 372f7a04d0 Add missing check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-18 17:26:25 +08:00
Gilles Peskine eeaad50cd6
Merge pull request #8079 from adeaarm/port_IAR_build_fix 
Small fixes for IAR support
 2023-08-17 19:10:51 +00:00
Gilles Peskine 73936868b8 Merge remote-tracking branch 'development' into psa_crypto_config-in-full 
Conflicts:
* tests/scripts/all.sh: component_test_crypto_full_no_cipher was removed
  in the development branch.
 2023-08-17 19:46:34 +02:00
Antonio de Angelis 8e9d6b927e Remove the workaround for psa_key_agreement_internal 
Remove the workaround for psa_key_agreement_internal to
have a shared_secret array always non-zero. The spec is
recently updated so that PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
is always non-zero

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-17 15:27:56 +01:00
Janos Follath f2334b7b39 Remove new bignum when not needed 
New bignum modules are only needed when the new ecp_curves module is
present. Remove them when they are not needed to save code size.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-17 14:36:59 +01:00
Waleed Elmelegy 5d3f315478 Add new mbedtls_pkcs5_pbe2_ext function 
Add new mbedtls_pkcs5_pbe2_ext function to replace old
function with possible security issues.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-17 14:20:58 +01:00
Gilles Peskine 294be94922
Merge pull request #7818 from silabs-Kusumit/PBKDF2_cmac_implementation 
PBKDF2 CMAC implementation
 2023-08-17 11:15:16 +00:00
Jerry Yu 9608447545 replace padlock_c with padlock_have_code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 18:10:45 +08:00
Jerry Yu 3a0f044bde improve readability 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 17:06:21 +08:00
Agathiyan Bragadeesh 9ebfa7f64c Fix style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-17 10:00:45 +01:00
Yanray Wang 7226df0757 pkwrite.c: add a cleanup label to save code size 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-17 15:05:16 +08:00
Jerry Yu e9c6b53e74 remove return-type when runtime detection enabled without plain c 
This case does not exist

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 13:53:38 +08:00
Jerry Yu 1b4c7eda80 add hardware only check for padlock 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 11:25:17 +08:00
Jerry Yu 9e628621b4 Add via padlock detection macro 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 11:20:09 +08:00
Jerry Yu 2319af0d64 Change the order of runtime detection 
If aesni is available, we will use it.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 10:38:57 +08:00
Jerry Yu 35b59d7805 exclude arm64ec mode for aesni 
AESNI does not work correctly for msvc arm64ec

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 10:34:15 +08:00
Dave Rodgman f4efd19dd0 Reduce code size in ccm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 22:37:32 +01:00
Dave Rodgman 509b567911 add ifdefs to reduce size of mbedtls_to_psa_error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 22:37:29 +01:00
Dave Rodgman 6f6820345a add #ifdefs to reduce switch size 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 18:44:32 +01:00
Dave Rodgman 864f594acc Adjust layout of some stucts 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 18:04:44 +01:00
Dave Rodgman 164614af3d Reduce code-size to access key slots init flag 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 17:56:28 +01:00
Dave Rodgman 58c8b942d2 Eliminate redundant version of mbedtls_ct_memcmp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 17:51:04 +01:00
Dave Rodgman 6a9fb932fb Use MBEDTLS_GET_UINT16_BE in mbedtls_ecp_tls_read_group_id 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 17:50:36 +01:00
Agathiyan Bragadeesh 285f85f962 Remove unnecessary const type qualifiers in casts 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-16 17:15:48 +01:00
Antonio de Angelis f1adc2a7a1 Use asm instead of __asm in constant_time.c 
The original IAR fix submitted to TF-M directly changed asm to __asm.
But mbed TLS now has a workaround for such cases hence just remove the
original change modification.

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-16 12:48:48 +01:00
Antonio de Angelis 1ee4d1228c Fix error strings without quotes 
Some of the error strings that should be printed with the
error preprocessor directive are missing quotes

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-16 12:48:33 +01:00
TTornblom e4f6d79bbe BUILD: Update For IAR support 
Applied the same change as in mbed-crypto for using this as a sub
project with the IAR toolchain. Use __asm generic ,and avoid empty
enum. Avoid declaration of array with null size. This is a porting
of the original patch contributed to trusted-firmware-m.

Signed-off-by: TTornblom <thomas.tornblom@iar.com>
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-16 12:36:21 +01:00
Jerry Yu 516cf27d45 fix msvc build fail on i386 target 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 17:33:32 +08:00
Gilles Peskine a4c01dd6e9
Merge pull request #7991 from sarveshb14/fix/psa_rsa_signature_using_large_stack 
rsa_signature: Use heap memory to allocate DER encoded RSA private key
 2023-08-16 09:23:29 +00:00
Jerry Yu 3ce0398d1d Add compiler cflags error message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 17:22:18 +08:00
Gilles Peskine d370f93898
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn 
OPC UA - add support for RFC822 and DirectoryName SubjectAltNames when generating CSR's
 2023-08-16 09:19:46 +00:00
Jerry Yu c628486cd9 enable runtime detection when padlock enabled and plain c disabled 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 16:14:02 +08:00
Jerry Yu cc068ae631 fix -Werror=return-type when runtime detection enabled and plain c disabled 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 16:14:01 +08:00
Jerry Yu e62ff09569 Restore aesni for i386 
intrinsic code can be work on i386 also

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 14:33:16 +08:00
David Horstmann ba44e918b8 Remove unnecessary include from constant_time.c 
This was added in order to use TEST_CF_XYZ macros which have since been
removed.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-15 15:17:22 +01:00
Dave Rodgman e3330f86d2 Make naming more consistent 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-14 15:26:28 +01:00
Dave Rodgman 0b7bf876e4 Fix compile fail for empty enum in cipher_wrap 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-14 14:25:29 +01:00
Dave Rodgman 2f4e6e748c
Merge pull request #8066 from paul-elliott-arm/aes_memcpy_iv_fix 
Fix potential corruption of IV for AES CBC with zero length
 2023-08-14 09:32:45 +01:00
Paul Elliott 2a12fc20f2 Fix logical dead code found by Coverity 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-08-11 17:45:20 +01:00
Paul Elliott 2ad93674dc Fix potential corruption of IV for AES CBC 
If passed a zero length, AES CBC could potentially corrupt the passed
in IV by memcpying it over itself. Although this might be ok with
more recent compilers, its not for every compiler we support. Found
by coverity.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-08-11 17:04:06 +01:00
Paul Elliott ecb95bea1d Fix incorrect size used for zeroization of buffer 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-08-11 16:41:04 +01:00
Chien Wong 2e3858f5eb
Undo a change 
Signed-off-by: Chien Wong <m@xv97.com>
 2023-08-11 18:16:06 +08:00
Yanray Wang c84086e55c pkwrite.c: save stack usage for pk_write_key_pem 
mbedtls_pk_write_key_pem would allocate 5679 bytes in writing a DER
encoded RSA private key. To save stack usage significantly, we use
heap memory instead.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-11 16:30:37 +08:00
Yanray Wang 45ad306fbf pkwrite.c: save stack usage for pk_write_pubkey_pem 
mbedtls_pk_write_pubkey_pem would allocate 2086 bytes in writing a DER
encoded RSA public key. To save stack usage significantly, we use
heap memory instead.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-11 16:30:29 +08:00
Dave Rodgman 42391b4378 Perf improvement in memcpy_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-11 08:47:38 +01:00
Dave Rodgman 246210e3c4 Test CT asm under valgrind 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-11 08:47:38 +01:00
Dave Rodgman 822c9c7d4e Fix unified asm syntax issue 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-11 08:47:38 +01:00
Dave Rodgman ef2527901e Add aarch32 const-time asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-11 08:47:38 +01:00
Dave Rodgman c9ed5dee69 Add aarch64 const-time asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-11 08:47:38 +01:00
Valerio Setti 711f853b48 ssl_tls13: fix guard for FFDH function 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-11 06:33:52 +02:00
Jerry Yu 240bb11171 Add gnu check for aseni assembly code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-11 10:45:35 +08:00
Manuel Pégourié-Gonnard 54da1a69a2
Merge pull request #7578 from daverodgman/safer-ct5 
Improve constant-time interface
 2023-08-10 16:57:39 +00:00
Gilles Peskine e6cb45e68e mbedtls_mpi_exp_mod: remove spurious copy of the output variable 
Clear some confusion between `X` as the output variable and "X" as a name
given to the accumulator. Previous iterations of the code used the variable
`X` as the accumulator, but now that the accumulator is `W[x_index]`, some
of the comments didn't make sense.

Remove the copy of the initial value of `X` into `W[x_index]`, which was
meaningless: the initial value of an output variable should not, and did
not, matter. `W[x_index]` is later overridden unconditionally to take the
value `RR`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-10 15:59:28 +02:00
Dave Rodgman 48fb8a3448 Fix some renames that were missed 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 14:01:51 +01:00
Dave Rodgman b364a22adf
Fix mbedtls_ct_size_if_else_0 docs 
Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:25:25 +01:00
Dave Rodgman 38b227c16b Improve docs 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:18:27 +01:00
Dave Rodgman ac69b45486 Document and test mbedtls_ct_size_if_else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:18:13 +01:00
Dave Rodgman 065f912465 Fix comment typo 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:11:58 +01:00
Dave Rodgman 98ddc01a7c Rename ...if0 to ...else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:11:31 +01:00
Dave Rodgman b7825ceb3e Rename uint->bool operators to reflect input types 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 11:58:18 +01:00
Gilles Peskine b2bc1712a5 Reduce the size of the small primes table used by primality testing 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-10 12:16:02 +02:00
Manuel Pégourié-Gonnard 6beec7ca5e
Merge pull request #7989 from valeriosetti/issue7754 
driver-only ECC: BN.PK testing
 2023-08-10 09:43:56 +00:00
Manuel Pégourié-Gonnard d170419eab
Merge pull request #7999 from valeriosetti/issue7759 
Driver-only ECC: TLS: rm uses of mbedtls_debug_print_mpi
 2023-08-10 08:34:57 +00:00
Manuel Pégourié-Gonnard 91c8372c01
Merge pull request #6999 from ivq/ecp_doc 
Doc: Add note on special use of A in ecp group structure
 2023-08-10 08:24:05 +00:00
Dave Rodgman e5fbd93eaf
Merge pull request #8049 from daverodgman/bignum_codesize_misc 
Bignum codesize misc
 2023-08-10 10:58:13 +01:00
Jerry Yu 8189f32945 improve aesni check for x86_64 
`MBEDTLS_AESNI_C` does not depends on `MBEDTLS_HAVE_ASM`
when intrinsic is available.

And compiler relative checks only work on x86_64, it should
be only checked on x86_64.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-10 15:17:45 +08:00
Valerio Setti e1d7c9dabd pkwrite: fix internal buffer size in pk_write_ec_pubkey() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 07:40:18 +02:00
Jerry Yu 13696bb07b improve check config option for i386 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-10 13:36:32 +08:00
Jerry Yu ba42b076f9 Remove asm check for aarch64 aesce 
we implement it with aesce intrinsic. No asm needed.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-10 12:53:26 +08:00
Valerio Setti a7c9e09dd0 pkwrite: add new internal symbol to properly size DER buffer 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 06:43:23 +02:00
Valerio Setti 97b28f81d8 pkparse: remove unnecessary header 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 06:43:23 +02:00
Manuel Pégourié-Gonnard 7dccb66d49 test: disable RSA support on the test ecc_no_bignum component 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 06:43:23 +02:00
Valerio Setti ca4c15dd25 debug: remove redundant variable assignments 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 06:41:31 +02:00
Dave Rodgman 960eca997d code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-09 20:43:18 +01:00
Dave Rodgman 4883f109a0 Reduce code size for exp_mod_get_window_size 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-09 20:42:54 +01:00
Dave Rodgman ebcd78561c Remove redundant code in mbedtls_mpi_cmp_abs 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-09 18:57:22 +01:00
Dave Rodgman fa703e38a2 Use __builtin_ctz to count trailing zeros 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-09 18:56:07 +01:00
Dave Rodgman f3df105b37 Generate smaller code for picking a sign value 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-09 18:55:41 +01:00
Paul Elliott 2f12a29cdd
Merge pull request #7896 from AgathiyanB/gitignore-generated-files-toggle 
Add script to toggle ignoring generated files
 2023-08-09 14:54:32 +00:00
Janos Follath 115784bd3f
Merge pull request #1040 from waleed-elmelegy-arm/development-restricted 
Improve & test legacy mbedtls_pkcs5_pbe2
 2023-08-09 09:43:23 +01:00
Jerry Yu c4508c07f6 improve error message and config check for padlock 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-08 12:57:06 +08:00
Gilles Peskine 444d1e7608
Merge pull request #8036 from tom-cosgrove-arm/fix-rijndael-and-drbg-pdf-links 
Update links to Rijndael paper and NIST SP 800-90 DRBGs
 2023-08-07 19:15:58 +00:00
Gilles Peskine a79256472c
Merge pull request #7788 from marekjansta/fix-x509-ec-algorithm-identifier 
Fixed x509 certificate generation to conform to RFCs when using ECC key
 2023-08-07 19:14:54 +00:00
Chien Wong 153ae464db
Improve doc on special use of A in ecp group structure 
Signed-off-by: Chien Wong <m@xv97.com>
 2023-08-07 23:02:31 +08:00
Dave Rodgman c98f8d996a
Merge branch 'development' into safer-ct5 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-07 11:47:35 +01:00
Jerry Yu 5fcdd6a28a remove unnecessary definition 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-07 15:32:58 +08:00
Tom Cosgrove ce37c5e1ce Update links to Rijndael paper and NIST SP 800-90 DRBGs 
The link to the DRBG paper points to the March 2007 version, the same as the
original link (rather than the latest version).

The amended Rijndael paper has a two-page "Note on naming" prefix.

Fixes #7193

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-08-04 13:55:03 +01:00
Jerry Yu 9c0b7d13bf Remove unnecessary name check tag 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-04 17:25:59 +08:00
Jerry Yu fce351def8 improve platform relative check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-04 17:13:36 +08:00
Jerry Yu b241db3e26 remove padlock only mode 
padlock depends on pure c implementation

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-04 16:56:04 +08:00
Jerry Yu 29c91ba42d fix unreachable code warnings 
It is detected by clang with bellow patch
```
diff --git a/library/Makefile b/library/Makefile
index fdab4f4ba0..967f9e2e65 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -306,8 +306,8 @@ libmbedcrypto.dll: $(OBJS_CRYPTO)

 .c.o:
        echo "  CC    $<"
-       $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
-
+       $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $(@:%.o=%.i) -E $<
+       $(CC) $(LOCAL_CFLAGS) -Wunreachable-code -Werror -Wno-unused-command-line-argument $(CFLAGS) -o $@ -c $(@:%.o=%.i)
 .PHONY: generated_files
 GENERATED_FILES = \
        error.c version_features.c \
```

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-04 16:29:06 +08:00
Janos Follath 73568397a5
Merge pull request #8020 from yanesca/de-duplicate_ecp 
De duplicate the ECP module
 2023-08-04 08:27:09 +00:00
Dave Rodgman 003a5e1ca7
Merge pull request #1046 from Mbed-TLS/merge_3.4.1 
Merge 3.4.1
 2023-08-03 18:23:37 +01:00
Dave Rodgman a0fc9987da Merge branch 'development' into merge_3.4.1 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-03 15:56:59 +01:00
Dave Rodgman 6f80ac4979
Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size 
Enforce minimum key size when generating RSA key size
 2023-08-03 12:57:52 +00:00
Dave Rodgman 1d4d944e19
Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free 
Provide and use internal function mbedtls_zeroize_and_free()
 2023-08-03 12:56:21 +00:00
Valerio Setti e9646ecd08 tls: fix guards for ECDSA support 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-03 09:15:28 +02:00
Gilles Peskine ce64156f6d
Merge pull request #8021 from daverodgman/master-update 
Sync development with accidental merge directly onto master
 2023-08-02 13:30:35 +00:00
Janos Follath d8cb3d7fa4 De-duplicate ecp.c 
We duplicated ecp.c in the anticipation of heavy refactoring there. This
work has been suspended and the duplication is not useful anymore but
imposes an overhead.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-02 12:33:01 +01:00
Gilles Peskine 550d147078 Bump version to 3.4.1 
```
./scripts/bump_version.sh --version 3.4.1
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-02 12:50:23 +02:00
Gilles Peskine 267bee9be8
Merge pull request #7903 from valeriosetti/issue7773 
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/DH
 2023-08-02 10:16:44 +00:00
Dave Rodgman 7f17bd09cc Merge remote-tracking branch 'origin/master' into master-update 2023-08-02 10:57:07 +01:00
Jerry Yu 6943681820 Improve error message and documents 
- fix grammar error
- Add more information for AES_USE_HARDWARE_ONLY
- Improve error message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:03 +08:00
Jerry Yu 02b1519ab6 move accelerator checks to aes.c 
Origin position is always validate due to conflict
between the guards in `aes.c` and module undef check

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:02 +08:00
Jerry Yu d76ded046c fix various issues 
- unnecessary command
- extra blank and empty line

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:01 +08:00
Jerry Yu 3660623e59 Rename plain c option and update comments 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:01 +08:00
Jerry Yu 8840a8c574 fix wrong checks 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:00 +08:00
Jerry Yu 3fcf2b5053 Rename HAS_NO_PLAIN_C to DONT_USE_SOFTWARE_CRYPTO 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:00 +08:00
Jerry Yu 4d030f3acd Add check for no aes implementation provided 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:43:59 +08:00
Jerry Yu 315fd30201 Rename plain c disable option 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:43:59 +08:00
Jerry Yu 2f26a59910 Add std output information for AESCE in gcm 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:43:58 +08:00
Jerry Yu 0d4f4e5b01 Add option to disable built-in aes implementation. 
For time being, there are only two aes implementations for known
architectures. I define runtime detection function as const when
built-in was disabled. In this case, compiler will remove dead
built-in code.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:43:54 +08:00
Janos Follath b388ed737d Fix missing check in mbedtls_ecp_read_key 
In ecp_new.c mbedtls_ecp_read_key did only check Weierstrass keys. The
behaviour in ecp.c was correct.

This bug has no immediate security impact. (The code with the missing
check wasn't released and we are checking keys at later point.)

After this change ecp.c and ecp_new.c will have a single remaining
difference and unifying them will be more straightforward.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-02 10:32:27 +01:00
Janos Follath c25567af23 Move variant test to ecp_curves 
We would like to de-duplicate ecp.c, but ecp_curves.c remains duplicated
and we still want to test for the active variant.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-02 10:32:21 +01:00
Bence Szépkúti 9661f8ab0d
Merge pull request #7968 from gowthamsk-arm/use_earliest_latest_compilers 
Use earliest latest compilers
 2023-08-02 05:58:02 +00:00
Valerio Setti 45d56f3d25 tls: replace ECDSA_C and PK_CAN_ECDSA_SOME with key exchange related ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-01 19:02:38 +02:00
Chien Wong e2caf4161b
Fix a few unchecked value issue 
Signed-off-by: Chien Wong <m@xv97.com>
 2023-08-01 22:41:17 +08:00
Dave Rodgman 205295c576 Tidy-up: move GCC warning fix to constant_time_impl.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-01 14:10:56 +01:00
Gilles Peskine d55e451b3e
Merge pull request #7997 from yanesca/fix_new_bignum_tests 
Fix new bignum tests
 2023-08-01 12:09:39 +00:00
Dave Rodgman 1f39f037bf Improve variable name in mbedtls_mpi_lt_mpi_ct 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-01 09:19:16 +01:00
Tom Cosgrove 52f7e18042 Use mbedtls_zeroize_and_free() in psa_remove_key_data_from_memory() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-08-01 09:08:48 +01:00
Manuel Pégourié-Gonnard de8f56e936
Merge pull request #7884 from valeriosetti/issue7612 
TLS: Clean up (EC)DH dependencies
 2023-08-01 07:13:36 +00:00
Dave Rodgman 3d574da6fc Revert to not enabling asm under Memsan 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 17:22:58 +01:00
Dave Rodgman 378280e57f Revert "Move constant_flow.h into the main library" 
This reverts commit fd78c34e23.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 17:22:55 +01:00
Dave Rodgman 3d1bb9be06 Revert "Fix doxygen error" 
This reverts commit d175d52433.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 17:22:49 +01:00
Dave Rodgman d175d52433 Fix doxygen error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 14:03:08 +01:00
Dave Rodgman fd78c34e23 Move constant_flow.h into the main library 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:48:33 +01:00
Dave Rodgman 1714a9b0eb Revert to old design for mbedtls_ct_memmove_left 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:48:33 +01:00
Dave Rodgman 9ee0e1f6fe Remove GCC redundant-decls workaround for mbedtls_ct_memcmp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:43:23 +01:00
Dave Rodgman 0172de8b3d Fix docs grammar 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:43:23 +01:00
Dave Rodgman 741d423ef8 Clarify docs for mbedtls_ct_memcpy_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:43:23 +01:00
Dave Rodgman 93cec45af3 Improve docs for mbedtls_ct_compiler_opaque 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:43:23 +01:00
Dave Rodgman 32d726033b Improve comments in mbedtls_mpi_lt_mpi_ct 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:43:23 +01:00
Dave Rodgman 07f853713d Clarify comments in mbedtls_ct_memcpy_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:27:49 +01:00
Dave Rodgman fb1b851797 Improve docs for mbedtls_mpi_core_cond_assign 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:27:05 +01:00
Janos Follath 2f04582d37 Move MBEDTLS_ECP_WITH_MPI_UINT to mbedtls_config.h 
There is a precedent for having bigger and less mature options in
mbedtls_config.h (MBEDTLS_USE_PSA_CRYPTO) for an extended period.
Having this option in mbedtls_config.h is simpler and more robust.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-07-31 10:57:16 +01:00
Janos Follath 82823b2fe8 Fix new bignum tests 
These tests weren't working, because they use CMake and can't pass
options with CFLAGS directly. This could be mitigated by adding a CMake
option, but using config.py is less invasive and it is what we normally
use for setting build options anyway.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-07-31 10:01:47 +01:00
Xiaokang Qian 59159abcce Fix fast quasi-reduction modulo value of p192K1 in comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian 796500e751 Fix the type cast(size_t to unsigned short) warning 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian b903f4ecb6 Free P and N of the group cause they are dynamic allocated 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian 02a3e0318f Declare mbedtls_ecp_fix_negative() always static to fix check_name failures 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian a8d30ac7e5 Use new ECP_LIGHT symbol in ecp_curves.c 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian be4d6b62ab Fix use of sizeof without brackets in ecp_curves.c 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian 748a362fd0 Revert ecp_curves.c to commit 449bd83 to save code size 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Dave Rodgman 2d28c46055 Fix asm Memsan workaround 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-28 18:24:22 +01:00
Dave Rodgman 983448ea62 fix check for no-longer-used macro 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-28 17:30:52 +01:00
Dave Rodgman d684d7342b code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-28 16:39:38 +01:00
Dave Rodgman 08691679b5 Enable testing of asm under Memsan 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-28 16:39:38 +01:00
Dave Rodgman fa5a4bbb02 Improve mbedtls_ct_memmove_left w.r.t. const-flow tests 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-28 16:13:52 +01:00
Valerio Setti c1319f4a26 debug: improve debug_print_psa_ec() as not to depend on bignum 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-28 13:44:51 +02:00
Valerio Setti 797e396fd9 debug: use proper guard for PK_DEBUG_MPI items 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-28 13:44:26 +02:00
Manuel Pégourié-Gonnard 43cef57e51
Merge pull request #7811 from mpg/md-info 
Optimize strings in MD
 2023-07-28 08:34:09 +00:00
Kusumit Ghoderao f3e696dc1b Add ifdef for hmac and cmac set password 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-28 13:30:50 +05:30
Kusumit Ghoderao 5f3345ae44 Add issue link instead of issue number 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-27 21:21:38 +05:30
Kusumit Ghoderao 0bca4c5fc4 Add ifdef for hmac and cmac specific functions 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-27 21:20:14 +05:30
Kusumit Ghoderao a12e2d53bd Replace AES_CMAC_128_PRF_OUTPUT_SIZE with PSA_MAC_LENGTH() 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-27 21:18:30 +05:30
Kusumit Ghoderao 9ab03c3d72 Define PSA_ALG_IS_PBKDF2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-27 21:14:05 +05:30
Kusumit Ghoderao 2addf35855 Replace MBEDTLS_PSA_BUILTIN_PBKDF2_XXX with PSA_HAVE_SOFT_PBKDF2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-27 21:11:09 +05:30
Waleed Elmelegy d7bdbbeb0a Improve naming of mimimum RSA key size generation configurations 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-27 14:50:09 +00:00
Dave Rodgman f2e3eb8bd9 Add OID for HMAC-RIPEMD160 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-27 15:46:05 +01:00
Dave Rodgman 5cc67a3ee2 Add OIDs for HMAC-SHA3 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-27 14:44:35 +01:00
Dave Rodgman a2cdc840de Fix pre-existing missing closing #endif comment 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-27 14:44:13 +01:00
Waleed Elmelegy ab5707185a Add a minimum rsa key size config to psa config 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-27 11:00:03 +00:00
Waleed Elmelegy 76336c3e4d Enforce minimum key size when generating RSA key size 
Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-27 10:58:25 +00:00
Sarvesh Bodakhe 430a4f3968 rsa_signature: Use heap memory to allocate DER encoded RSA private key 
'mbedtls_pk_psa_rsa_sign_ext' function allocates a buffer of maximum
size 5679 bytes (MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES) on the stack to store
DER encoded private key. This increased stack usage significantly for
RSA signature operations when MBEDTLS_PSA_CRYPTO_C is defined.

This issue was discovered when adding support for EAP-TLS 1.3 (rfc9190).

Signed-off-by: Sarvesh Bodakhe <sarvesh.bodakhe@espressif.com>
 2023-07-27 14:51:25 +05:30
Valerio Setti a55f042636 psa: replace DH_KEY_PAIR_LEGACY with new symbols 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-27 09:15:34 +02:00
Gowtham Suresh Kumar 186731b22a Fix warnings from clang-16 
Running clang-16 on mbedtls reports warnings of type "-Wstrict-prototypes".
This patch fixes these warnings by adding void to functions with no
arguments. The generate_test_code.py is modified to insert void into test
functions with no arguments in *.function files.

Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
 2023-07-26 17:11:51 +01:00
Janos Follath b52f9cf5eb
Merge pull request #7758 from xkqian/bignum_clone_ecp_curves 
[Bignum] Bignum clone ecp curves
 2023-07-26 13:33:56 +01:00
Gilles Peskine bb07377458
Merge pull request #7935 from AgathiyanB/add-enum-casts 
Add type casts for integer and enum types
 2023-07-26 11:27:27 +02:00
Paul Elliott f1c032adba
Merge pull request #7902 from valeriosetti/issue7772 
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/RSA
 2023-07-25 17:13:43 +01:00
Tom Cosgrove bc345e8685 Protect macro parameter expansion with parentheses 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-07-25 15:17:39 +01:00
Tom Cosgrove 350226f636 Use a macro for mbedtls_mpi_zeroize_and_free() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-07-25 15:10:14 +01:00
Valerio Setti fe478909f0 psa_crypto_rsa: fix guards for importing the key 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-25 12:27:19 +02:00
Valerio Setti 46520ea52d tls12: check buffer size before memcpy-ing data into it 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-25 11:41:28 +02:00
Valerio Setti c9ae862225 tls: use TLS 1.3 guards in ssl_tls13 modules 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-25 11:23:50 +02:00
Valerio Setti ea59c43499 tls: fix a comment a rename a variable/symbol 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-25 11:14:03 +02:00
Valerio Setti d0371b0a08 debug: keep ECDH_C guard for debug printf accessing ecdh_context's items 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-25 10:57:01 +02:00
Valerio Setti 60d3b91eba tls: use TLS 1.2 macros in ssl_tls12_server.c 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-25 10:43:53 +02:00
Tom Cosgrove 17526a0d16
Merge pull request #7906 from yanrayw/add-pake_guards_psa_crypto 
PSA: add guards for PAKE getter functions
 2023-07-24 15:59:28 +01:00
Dave Rodgman cad28ae77a Merge remote-tracking branch 'origin/development' into psa-sha3 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-24 15:51:13 +01:00
Waleed Elmelegy f3fafc3645 Fix CI errors related pkcs5_pbe changes 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-24 11:45:46 +01:00
Gilles Peskine ca57d78a6e Fix PBKDF2 with empty salt on platforms where malloc(0)=NULL 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-07-21 17:50:49 +02:00
Gilles Peskine 5647d06be8
Merge pull request #7518 from gilles-peskine-arm/psa_inject_entropy-file-stability 
Fix and test MBEDTLS_PSA_INJECT_ENTROPY
 2023-07-21 17:37:15 +02:00
Gilles Peskine 2387bdab0f
Merge pull request #1038 from Mbed-TLS/development 
Merge development into development-restricted
 2023-07-21 15:40:36 +02:00
Xiaokang Qian c495845e7a Align ECP_MPI_INIT with mbedtls_mpi struct order in ecp_new.c 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-21 08:22:13 +00:00
Xiaokang Qian 73d98405b8 Rework the clone of ecp_curves.c 
Change macro guard
rebase ecp_curves_new.c to the latest ecp_curves.c

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-21 08:22:12 +00:00
Xiaokang Qian 4d71051145 Enable build of ecp_curves_new.c 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-21 08:22:12 +00:00
Xiaokang Qian dc2ea2705b Clone the ecp_curve.c file as ecp_curve_new.c 
Use macro guard MBEDTLS_ECP_WITH_MPI_UINT/STRUCT to enable
either c file

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-21 08:22:11 +00:00
Manuel Pégourié-Gonnard c844c1a771
Merge pull request #7546 from mpg/align-psa-md-identifiers 
Align psa md identifiers
 2023-07-20 11:34:28 +02:00
Dave Rodgman 7fa27a1a18
Merge pull request #7960 from daverodgman/expect-fix 2023-07-19 19:48:15 +01:00
Dave Rodgman e9fcffd089 Robustness fix to MBEDTLS_LIKELY 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-19 15:43:07 +01:00
Dave Rodgman 8e8e6b9be3
Merge pull request #7934 from AgathiyanB/move-declarations-to-top 
Move declarations to top of functions
 2023-07-19 15:25:27 +01:00
Dave Rodgman 6dd40642e8
Merge pull request #7932 from AgathiyanB/add-mpi-uint-size-macro 
Use compile-time determination of which __builtin_clz() to use, with new MBEDTLS_MPI_UINT_SIZE macro
 2023-07-19 14:57:39 +01:00
Waleed Elmelegy 708d78f80b Improve & test legacy mbedtls_pkcs5_pbe2 
* Prevent pkcs5_pbe2 encryption when PKCS7 padding has been
  disabled since this not part of the specs.
* Allow decryption when PKCS7 padding is disabled for legacy
  reasons, However, invalid padding is not checked.
* Add tests to check these scenarios. Test data has been
  reused but with changing padding data in last block to
  check for valid/invalid padding.
* Document new behaviour, known limitations and possible
  security concerns.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-19 14:01:35 +01:00
Dave Rodgman 9e8104cdd9
Merge pull request #7949 from AgathiyanB/IAR-asm-keyword 
Use correct asm keyword for IAR compilers
 2023-07-19 10:03:30 +01:00
Dave Rodgman 131a22ef27
Merge pull request #7950 from AgathiyanB/fix-IAR-using-memset-s 
Fix IAR trying to use memset_s in platform_util
 2023-07-19 10:01:58 +01:00
Dave Rodgman 5f65acb02b
Merge pull request #7859 from gilles-peskine-arm/mbedtls_mpi-smaller 
Reduce the size of mbedtls_mpi
 2023-07-18 16:48:37 +01:00
Tom Cosgrove 46259f670f Internal function mbedtls_mpi_zeroize() can be mbedtls_mpi_zeroize_and_free() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-07-18 16:44:14 +01:00
Tom Cosgrove 3a11bb8213 Better wording around passing NULL to mbedtls_zeroize_and_free() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-07-18 16:26:29 +01:00
Agathiyan Bragadeesh 789e50e5a0 Use correct asm keyword for IAR compilers 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-18 16:12:24 +01:00
Dave Rodgman b8f18850c6 Align ECP_MPI_INIT parameter order with mbedtls_mpi struct order 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-18 13:53:07 +02:00
Manuel Pégourié-Gonnard 828b3acd6b
Merge pull request #7848 from valeriosetti/issue7749 
driver-only ECC: EPCf.TLS testing
 2023-07-18 10:33:21 +02:00
Agathiyan Bragadeesh 74852038ee Fix IAR trying to use memset_s in platform_util 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 18:35:30 +01:00
Agathiyan Bragadeesh 387bfa5b84 Add cast in psa_crypto 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 17:01:33 +01:00
Agathiyan Bragadeesh 4d47cea8f9 Move declarations in psa_crypto to top 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 16:58:44 +01:00
Tom Cosgrove 08b04b11ff
Merge pull request #7923 from gabor-mezei-arm/7598_fix_clone_of_ecp_module 
[Bignum] Fixes for the ecp module cloning
 2023-07-17 15:28:18 +01:00
Agathiyan Bragadeesh 5058a5b5ad Remove trailing whitespace bignum_core 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 15:23:52 +01:00
Tom Cosgrove ca8c61b815 Provide and use internal function mbedtls_zeroize_and_free() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-07-17 15:17:40 +01:00
Agathiyan Bragadeesh 10b6775aeb Add enum type casts in lmots.c and lms.c 
The IAR compiler throws an error when trying to assign an int to an enum
so these casts have been added.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 15:14:42 +01:00
Agathiyan Bragadeesh 01ed84a1f3 Add type casts in rsa.c 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 15:14:42 +01:00
Agathiyan Bragadeesh 8b52b88b6d Add type casts in ssl library 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 15:14:42 +01:00
Agathiyan Bragadeesh e55a1e1cf4 Refactor preprocessing for arm none 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 15:00:19 +01:00
Agathiyan Bragadeesh ec4c91ecc1 Move declaration in ecp_mod_koblitz to top 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 12:21:06 +01:00
Agathiyan Bragadeesh c99840ae1f Move declarations in mbedtls_mpi_add_abs to top 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 12:21:06 +01:00
Agathiyan Bragadeesh 271a95331e Remove tautology in mbedtls_mpi_core_clz 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-14 14:07:18 +01:00
Dave Rodgman fba559822f Ensure constant values not known to compiler 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-14 13:44:22 +01:00
Dave Rodgman a02b36886c Fix gcc warnings when -Wredundant-decls set 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-14 13:43:39 +01:00
Gabor Mezei 66bbecb7ff
Fix comment 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-07-14 14:43:27 +02:00
Dave Rodgman 8f6094ce47
Merge pull request #7792 from robUx4/win32_winnt 2023-07-13 19:34:24 +01:00
Dave Rodgman 63a21f4cda
Merge pull request #7920 from daverodgman/gcm-size 2023-07-13 19:32:07 +01:00
Dave Rodgman 5ff02450ee Reduce size of static data in gcm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-13 15:57:20 +01:00
Steve Lhomme 551b3bf4bb Don't force the _WIN32_WINT version 
If the user has set a value in the build environment, it will be used.
Otherwise, if SDK has a default value, it will be picked.

If either of these values are lower than 0x0501 (XP) we should not force
some calls that will not work on the minimum target OS. We should use
dynamic loading of these API's to support them in higher versions of the
OS.

winsock2.h needs to be included before windows.h and will pick the
default _WIN32_WINNT from the SDK or use the one from the user, by
setting _WIN32_WINNT in the CFLAGS.

Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
 2023-07-13 16:11:34 +02:00
Steve Lhomme 4000b6ec0e Don't force the default windows version down 
The _WIN32_WINNT value will pick the default value for the SDK when
including windows.h. Depending on its value some calls will be possible or not.

Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
 2023-07-13 16:11:34 +02:00
Steve Lhomme 369d7c7148 Don't use FindFirstFileW() before Windows XP 
On runtime it will attempt to get FindFirstFileW() from kernel32.dll
but it's not there and the DLL/program containing mbedtls will not load.

Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
 2023-07-13 16:11:34 +02:00
Jerry Yu 893be8d10f Replace cpu modifier flags 
`crypto` should be replace with `aes`.

See https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-07-13 17:32:11 +08:00
Jerry Yu b1d06bb29e Add error message for old armclang 
when armclang<6.10, cpu modifiers MUST be
specified on command line.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-07-13 10:40:29 +08:00
Jerry Yu 8e96e78dbe update document and error message 
Chang the spell of armclang

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-07-13 10:40:28 +08:00
Jerry Yu 6b00f5a135 Add guards for arm_neon.h 
See: https://arm-software.github.io/acle/main/acle.html#arm_neonh



Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-07-13 10:40:28 +08:00
Jerry Yu 22a4d3e2b4 fix armclang build fail for sha512. 
`sha3` support is start from armclang6.10

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-07-13 10:40:28 +08:00
Jerry Yu 580e06fb07 fix armclang compile fail 
`__ARM_FEATURE_AES` is not defined with `armclang < 6.10`.
And it raise error on `target("crypto,aes")

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-07-13 10:40:27 +08:00
Jerry Yu 08933d3dbb fix compile fail for armclang 
when target flags are not set at command line, armclang
will reports required feature not set error.

This is found and verified at 6.20.1. And it does not work
for 6.6

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-07-13 10:40:08 +08:00
Paul Elliott 3c22366695
Merge pull request #7863 from valeriosetti/issue7790 
PK: parse: fix disparity with private Montgomery keys
 2023-07-11 18:02:12 +01:00
Dave Rodgman a824e40749
Merge pull request #7500 from tom-cosgrove-arm/fix-armclang-bswap32 
Fix MBEDTLS_BSWAP32 on armcc 5
 2023-07-11 16:48:42 +01:00
Dave Rodgman 84eaefa43e Use designated initializers for mbedtls_mpi 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-11 16:02:46 +01:00
Valerio Setti 7e6aaa1ea5 psa: fix missed LEGACY symbols caused by the rebase 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 16:59:21 +02:00
Paul Elliott 88f34e3348
Merge pull request #7703 from gabor-mezei-arm/7598_clone_the_eco_module 
[Bignum] Clone the ECP module
 2023-07-11 15:00:01 +01:00
Tom Cosgrove f2b5a13d02 Fix MBEDTLS_BSWAP32 on armcc 5 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-07-11 14:06:37 +01:00
Valerio Setti 76df8c1900 psa: remove redundant GENPRIME when RSA_KEY_PAIR_GENERATE is defined 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 14:11:28 +02:00
Valerio Setti b2bcedbf9a library: replace MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_LEGACY 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 14:06:00 +02:00
Valerio Setti f6d4dfb745 library: replace PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY symbols with proper ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 14:06:00 +02:00
Dave Rodgman 4999f15d98
Merge pull request #7878 from beni-sandu/development 
aesce: use correct target attribute when building with clang
 2023-07-11 10:54:14 +01:00
Yanray Wang ffc3c48e4e Remove getter functions of PAKE if no PAKE algorithms are required 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-07-11 17:33:22 +08:00
Valerio Setti 41b0818bcb ecp: rearrange code in ecp_read_key() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 11:28:22 +02:00
Valerio Setti 21d42417f9 pkparse: always check all private keys on import 
This allows to remove explicit calls to mbedtls_ecp_check_privkey()
in pkparse.c.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 11:28:22 +02:00
Valerio Setti 6b062eeed0 pkparse: parse also Weierstrass private keys using ecp_read_key() 
This is to hanlde more uniformly Weierstrass and Montgomery curves.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 11:28:22 +02:00
Valerio Setti 805e4a0378 pkparse: use ecp_read_key() for parsing private key of Montgomery curves 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-11 11:28:22 +02:00
Gilles Peskine 6aca2c9613
Merge pull request #7716 from mpg/psa-util-internal 
Split psa_util.h between internal and public
 2023-07-10 18:33:23 +02:00
Valerio Setti da403b749e tls: use already existing symbols to size the buffer for XXDḦ peer key 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 16:19:05 +02:00
Manuel Pégourié-Gonnard 5c41ae867b
Merge pull request #7887 from ronald-cron-arm/fix-hrr-in-psk-kem 
tls13: server: Fix spurious HRR
 2023-07-10 09:58:13 +02:00
Valerio Setti 54e23792c8 tls: replace numeric values with proper TLS IANA symbols 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Valerio Setti 6f0441d11e tls: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Valerio Setti acd32c005f programs: add helper functions for supported EC curves 
- get full list, or
- get TLS ID from name

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Valerio Setti 49e6907b5b tls: replace ECP_LIGHT occurrencies with PK_HAVE_ECC_KEYS 
Up to this point "make test" runs successfully. "ssl-opt" has
not been tested yet.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:10:20 +02:00
Valerio Setti 6eb005435c tls: fix guards for legacy ECDH contexts 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 19:02:23 +02:00
Valerio Setti 3d237b5ff1 ssl_misc: fix guards for PSA data used in XXDH key exchanges 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 19:02:16 +02:00
Paul Elliott 2dfe7993af
Merge pull request #6914 from davidhorstmann-arm/cmake-pass-through-config-defines 
Pass `MBEDTLS_CONFIG_FILE` defines through cmake
 2023-07-07 17:01:57 +01:00
Tom Cosgrove c5f41bfeb8
Merge pull request #7212 from sergio-nsk/patch-4 
Fix error: comparison of integers of different signs: 'SOCKET' and 'int'
 2023-07-07 16:45:55 +01:00
Valerio Setti b302efc8d9 debug: replace ECDH_C symbol with key exchange one 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 17:23:53 +02:00
Valerio Setti c2232eadfb tls: replace PK_CAN_ECDH guards with new helpers 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 17:23:53 +02:00
Valerio Setti 7aeec54094 tls: replace ECDH_C guards with new helpers 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 17:23:53 +02:00
Dave Rodgman 602a0919f3
Merge pull request #7464 from yuhaoth/pr/Change-clock-source-to-bootime-for-ms-time 
Replace CLOCK_MONOTONIC with CLOCK_BOOTTIME for `mbedtls_ms_time` on linux
 2023-07-07 15:42:17 +01:00
Manuel Pégourié-Gonnard 461d59b2f8
Merge pull request #7858 from mprse/ffdh_tls13_v2_f 
Make use of FFDH keys in TLS 1.3 - follow-up
 2023-07-07 16:19:35 +02:00
Ronald Cron 8a74f07c2a tls13: server: Fix spurious HRR 
If the server during a TLS 1.3 handshake selects
the PSK key exchange mode, it does not matter
if it did not find in the key share extension
a key share for a group it supports. Such a
key share is used and necessary only in the
case of the ephemeral or PSK ephemeral key
exchange mode. This is a possible scenario in
the case of a server that supports only the PSK
key exchange mode and a client that also
supports a key exchange mode with ephemeral keys.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-07-07 15:53:12 +02:00
Andrzej Kurek c508dc29f6 Unify csr and crt san writing functions 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-07-07 09:05:30 -04:00
Gabor Mezei f05ca737da
Update comment 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-07-07 12:59:22 +02:00
Andrzej Kurek 1c8ecbef64 Add support for x509 SAN RCF822 and DirectoryName for csr generation 
Unify the code with the x509 crt counterpart.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-07-07 05:12:52 -04:00
Manuel Pégourié-Gonnard 9967f11066
Merge pull request #7810 from valeriosetti/issue7771 
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/ECC
 2023-07-07 10:22:47 +02:00
Przemek Stekiel 46b2d2b643 Fix code style 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-07 09:34:17 +02:00
Agathiyan Bragadeesh 77b0d645f5 Add gitignore anchors to denote generated files 
These anchors encapsulate gitignore patterns which typically ignore
files generated, so that scripts can be used to comment and uncomment
these patterns for releases when we need the generated files in the
repository.

Signed-off-by: Agathiyan Bragadeesh <agabra02@e127300.arm.com>
 2023-07-06 17:58:18 +01:00
Manuel Pégourié-Gonnard d55d66f5ec Fix missing includes 
Some files relied on psa_util.h to provide the includes they need.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:47:28 +02:00
Manuel Pégourié-Gonnard abfe640864 Rationalize includes in psa_util 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:47:27 +02:00
Manuel Pégourié-Gonnard b7e8939198 Move error functions to internal header 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:47:26 +02:00
Manuel Pégourié-Gonnard a5a8f29d7e Move ECC and FFDH macros to internal header 
ECC macros used in the following files:

library/pk.c
library/pk_wrap.c
library/pkparse.c
library/pkwrite.c
library/ssl_misc.h
library/ssl_tls12_client.c

FFDH macro use only in library/ssl_misc.h so could possibly be moved
there, but it seems cleaner to keep it close to the ECC macros are they
are very similar in nature.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:45:54 +02:00
Manuel Pégourié-Gonnard 5c731b0afb Use consistent guards for deprecated feature 
Fixes an "unused static function" warning in builds with
DEPRECATED_REMOVED.

While at it, remove an include that's now useless.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:42:33 +02:00
Manuel Pégourié-Gonnard 57fa72fdf8 Remove unused function in cipher.c 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:42:33 +02:00
Manuel Pégourié-Gonnard efcc1f21c8 Make cipher functions static in cipher.c 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:42:33 +02:00
Manuel Pégourié-Gonnard 2be8c63af7 Create psa_util_internal.h 
Most functions in psa_util.h are going to end up there (except those
that can be static in one file), but I wanted to have separate commits
for file creation and moving code around, so for now the new file's
pretty empty but that will change in the next few commits.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:42:33 +02:00
Przemek Stekiel 408569f91a Adapt function name: mbedtls_ssl_tls13_generate_and_write_dh_key_exchange 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-06 12:16:44 +02:00
Przemek Stekiel 615cbcdbdf Provide additional comments for claryfication 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-06 12:16:39 +02:00
Yanray Wang 5adfdbdaed AES: fix mismatch comment in #endif 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-07-06 17:10:44 +08:00
Gabor Mezei c97a407dba
Remove value assignment for enum entries 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-07-06 10:54:41 +02:00
Gabor Mezei 2a7bcaf8af
Use only MBEDTLS_ECP_WITH_MPI_UINT to switch between the ecp variants 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-07-06 10:37:51 +02:00
Tom Cosgrove 836aed7cf8
Merge pull request #6003 from gstrauss/x509_time 
mbedtls_x509_time performance and reduce memory use
 2023-07-06 09:28:14 +01:00
Dave Rodgman 852b6c30b7 Support MBEDTLS_MD_SHA3_xxx_VIA_PSA 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 19:47:08 +01:00
Dave Rodgman 3a498a6ccb Add SHA-3 cases in mbedtls_md_type_from_psa_alg, mbedtls_md_psa_alg_from_type 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 18:58:04 +01:00
Dave Rodgman 527f48f14d Add OID definitions for SHA3 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 18:57:30 +01:00
Dave Rodgman 3d0c8255aa
Merge pull request #7825 from daverodgman/cipher_wrap_size 
Cipher wrap size improvement
 2023-07-05 15:45:48 +01:00
Gabor Mezei 1a729dcece
Fix comment 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-07-05 16:13:46 +02:00
Gabor Mezei d6789f1e2e
Used preferred macro definition check 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-07-05 16:13:45 +02:00
David Horstmann 0f1dd57214 Use emptiness-checks rather than DEFINED checks 
For the MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE variables,
check that they are non-empty and defined. This means they can be
unconditionally created in the cache, simplifying the CMakeLists.txt

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-05 14:12:13 +01:00
David Horstmann ae33ab85a5 Pass config file options to mbedtls_test(_helpers) 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-05 14:11:51 +01:00
David Horstmann 82f11ff6ac Pass MBEDTLS_CONFIG_FILE defines through cmake 
When -DMBEDTLS_CONFIG_FILE or -DMBEDTLS_USER_CONFIG_FILE are passed to
cmake, pass them through as compile definitions. This allows different
mbedtls configs to be passed at configure time without modifying any
cmake files.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-05 14:09:58 +01:00
David Horstmann 3ae1c4c0f7 Fix formatting of explanatory commented code 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-05 11:15:08 +01:00
David Horstmann b1d27bcd69 Improve comment formatting 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-05 10:00:31 +01:00
David Horstmann cdf5283dad Rename variables to more descriptive names 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-07-05 09:58:03 +01:00
Przemek Stekiel e80bbf4dbf Fix function name after rebase 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-05 10:34:40 +02:00
Manuel Pégourié-Gonnard db084d16ea
Merge pull request #7862 from ronald-cron-arm/improve-write-supported-group-ext 
Improve write supported group ext
 2023-07-05 09:55:33 +02:00
Przemek Stekiel 7ac93bea8c Adapt names: dh -> xxdh 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-05 09:26:26 +02:00
Przemek Stekiel d5f79e7297 Adapt functions names for ffdh 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-05 09:26:26 +02:00
Przemek Stekiel 6f199859b6 Adapt handshake fields to ffdh 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-05 09:25:00 +02:00
Przemek Stekiel e03ddbb497 Use valid size of peerkey buffer (EC vs FF) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-05 09:25:00 +02:00
Beniamin Sandu aa4f621901 aesce: use correct target attribute when building with clang 
Seems clang has its own issues when it comes to crypto extensions,
and right now the best way to avoid them is to accurately enable
the needed instructions instead of the broad crypto feature.

E.g.: https://github.com/llvm/llvm-project/issues/61645

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
 2023-07-04 21:15:52 +03:00
Dave Rodgman c8d81ad54d
Merge pull request #7784 from daverodgman/aesce-unroll 2023-07-04 18:41:13 +01:00
Tom Cosgrove e939464eb7
Merge pull request #7829 from mpg/deduplicate-tls-hashing 
De-duplicate TLS hashing functions
 2023-07-04 16:06:00 +01:00
Tom Cosgrove b7af7eac05
Merge pull request #7834 from beni-sandu/development 
aesce: do not specify an arch version when enabling crypto instructions
 2023-07-04 13:32:04 +01:00
Ronald Cron 1ffa450882 tls: client: Improve writing of supported_groups ext 
Align the TLS 1.3 specific and TLS 1.2 specific
tests done before to call
ssl_write_supported_groups_ext() and inside
thsi function.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-07-04 12:16:25 +02:00
Kusumit Ghoderao 3fde8feaa9 FIx name of macro 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:02 +05:30
Kusumit Ghoderao 4536bb6f2b Change mac_size parameter in driver_mac_compute to output length 
See #7801 for reference

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:01 +05:30
Kusumit Ghoderao a2520a5b7e Add pbkdf2 cmac to key derivation output_bytes 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:00 +05:30
Kusumit Ghoderao 3d5edb8eef Add input password function for pbkdf2 cmac 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:00 +05:30
Kusumit Ghoderao 2cd649684a Add pbkdf2_cmac to key derivation setup 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:00 +05:30
Kusumit Ghoderao 3ab146f99e Add builtin pbkdf2 cmac guard for all the pbkdf2 functions 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:16:59 +05:30
Manuel Pégourié-Gonnard aaad2b6bfc Rename some local variables 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-04 11:35:16 +02:00
Manuel Pégourié-Gonnard 443589ac53
Merge pull request #7870 from valeriosetti/fix-tls13-guards 
tls13: fix guards for PSA error translating function
 2023-07-04 11:21:14 +02:00
Tom Cosgrove 9b20c6fcc1
Merge pull request #7840 from yanrayw/7381_aes_gen_table 
AES: use uint8_t for array of pow and log to save RAM usage
 2023-07-04 08:34:12 +01:00
Valerio Setti dbd01cb677 tls13: fix guards for PSA error translating function 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-04 09:18:52 +02:00
Dave Rodgman 9cf17dad9d
Merge pull request #7851 from daverodgman/fix-unused-aes 
Fix AES dependencies - build TF-M config cleanly
 2023-07-03 16:49:00 +01:00
Manuel Pégourié-Gonnard 56b159a12a
Merge pull request #7627 from mprse/ffdh_tls13_v2 
Make use of FFDH keys in TLS 1.3 v.2
 2023-07-03 10:12:33 +02:00
Manuel Pégourié-Gonnard 45e009aa97
Merge pull request #7814 from valeriosetti/issue7746 
PK: refactor wrappers in the USE_PSA case
 2023-07-03 09:32:31 +02:00
Valerio Setti f7cd419ade pk: ignore opaque EC keys in pk_setup when they are not supported 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 18:11:29 +02:00
Valerio Setti 35d1dacd82 pk_wrap: fix: always clear buffer holding private key in eckey_check_pair_psa 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 18:04:16 +02:00
Gabor Mezei f4aab6f666
Add comments and remove unneeded defines 
For `check_names.py` it is enough to appear a macro definition in
a comment to validate it.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-06-30 16:54:55 +02:00
Valerio Setti 38913c16b0 pk_wrap: do not support opaque EC keys when !PK_HAVE_ECC_KEYS 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 16:18:33 +02:00
Tom Cosgrove c4a760c538
Merge pull request #7849 from davidhorstmann-arm/fix-string-to-names-retcode 
Fix false success return code in `mbedtls_x509_string_to_names()`
 2023-06-30 14:28:29 +01:00
Dave Rodgman a2c1a387e4
Merge pull request #7630 from daverodgman/prefer-intrinsics 
Prefer intrinsics over asm for AES-NI
 2023-06-30 11:39:38 +01:00
Gabor Mezei c810707980
Add check for the ecp module variants 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-06-30 11:39:21 +02:00
Gabor Mezei 1df4c6435f
Enable build of the new ecp_new.c file 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-06-30 11:39:20 +02:00
Gabor Mezei a306d20766
Clone the ecp.c file as ecp_new.c 
Add macro guard for each file defaults to enable the ecp.c file content.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-06-30 11:38:55 +02:00
Valerio Setti 27c501a10c lib/test: replace BASIC_IMPORT_EXPORT internal symbol with BASIC,IMPORT,EXPORT 
Also the python script for automatic test generation is fixed accordingly

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:22 +02:00
Valerio Setti 86587abde4 psa: fix guards for EC key derivation 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:22 +02:00
Valerio Setti dd24f29105 psa: fix wrong naming for ECC derive symbols in code 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:22 +02:00
Valerio Setti 4c0174de2e psa: replace remaining ECC_KEY_PAIR_LEGACY symbols with proper ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:22 +02:00
Valerio Setti 5dad7051b4 psa_crypto_ecp: fix wrong comment in #endif 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:22 +02:00
Valerio Setti 2a63460248 psa: fix guards for EC key derivation 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:21 +02:00
Valerio Setti 6a9d0ee373 library/test: replace LEGACY symbol with BASIC_IMPORT_EXPORT 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:21 +02:00
Valerio Setti bfeaf5b4f6 library: replace ECC_KEY_PAIR_LEGACY with GENERATE 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:21 +02:00
Valerio Setti 8ffdb5df7d library: replace ECC_KEY_PAIR_LEGACY with DERIVE 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:12:19 +02:00
Gilles Peskine 053022fe24 Reduce the size of mbedtls_mpi 
Reduce the size of mbedtls_mpi from 3 words to 2 on most architectures.

This also reduces the code size significantly in bignum.o and ecp_curves.o,
with negligible variations in other modules.

This removes the ability to set MBEDTLS_MPI_MAX_LIMBS to a value >=65536,
but we don't support customizing this value anyway (it's always 10000).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-29 19:33:44 +02:00
Valerio Setti 88a3aeed9f pk_wrap: use PK_HAVE_ECC_KEYS as guard for ecdsa_opaque_check_pair_wrap 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 15:01:10 +02:00
Valerio Setti d9d74c285b pk_wrap: guard all ECDSA function with MBEDTLS_PK_HAVE_ECC_KEYS 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 15:00:02 +02:00
Valerio Setti 4d1daf8f8d pk_wrap: minor fixes for guards 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 14:33:27 +02:00
Valerio Setti 97976e3e4c pk_wrap: always fill all the fields of the pk_info structures 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 14:33:27 +02:00
Valerio Setti 76d0f9637c pk: uniform naming of functions and structures in pk/pk_wrap 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 14:33:27 +02:00
Valerio Setti 884c1ec1f5 pk_wrap: share code for selecting the psa_alg in ECDSA sign 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 14:33:27 +02:00
Valerio Setti 574a00b576 pk_wrap: minor reorganization for opaque keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 14:33:26 +02:00
Valerio Setti 5c26b30d9e pk_wrap: add missing labels to #else and #endif 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 14:33:26 +02:00
Valerio Setti bb7603a28f pk_wrap: optimize eckey_check_pair() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 14:33:26 +02:00
Valerio Setti f69514a7d8 pk_wrap: name all the fields of the pk_info structs 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 14:33:26 +02:00
Valerio Setti e77307738d pk_wrap: add support for ECDSA verify for opaque keys 
This commit also add tests to verify the functionality

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 14:33:26 +02:00
Valerio Setti ed7d6af670 pk_wrap: optimize code for ECDSA verify 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 14:33:26 +02:00
Valerio Setti 4657f10bdb pk_wrap: optimize code for ECDSA sign 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-29 14:33:26 +02:00
Dave Rodgman f032c9842d Improve #endif comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:09:27 +01:00
Dave Rodgman afe85db42b Improve #endif comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:07:11 +01:00
Dave Rodgman 1be2463d76 Correct #endif comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:01:24 +01:00
Dave Rodgman 710e3c650f Correct comments on #endif's 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:00:14 +01:00
Dave Rodgman 9fbb0cf08e Merge remote-tracking branch 'origin/development' into safer-ct5 2023-06-28 18:52:02 +01:00
Paul Elliott 92a55bf5ea
Merge pull request #7793 from minosgalanakis/ecp/6025_fast_reduction_dispatch 
[Bignum] Fast reduction dispatch
 2023-06-28 17:38:37 +01:00
Dave Rodgman ffabb7b7da Fix unused function warning in x509.c 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 16:22:50 +01:00
Janos Follath c439c678e3
Merge pull request #7719 from davidhorstmann-arm/second-jpake-state-machine-rework 
Change J-PAKE internal state machine
 2023-06-28 08:59:23 +01:00
Przemek Stekiel 7dda271c1d Fix description of functions 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-28 09:16:08 +02:00
Tom Cosgrove db041cc82f
Merge pull request #7665 from AndrzejKurek/optimize-error-translation-code-size 
Optimize error translation code size
 2023-06-28 08:09:00 +01:00
Dave Rodgman 2fd8c2c708 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-27 21:03:31 +01:00
Dave Rodgman 160088d769 Fix comment 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-27 20:41:51 +01:00
Dave Rodgman ad4e76be57 More dependency fixes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-27 19:23:14 +01:00
Dave Rodgman 34152a48d4 Fix unused variable 
Fix when MBEDTLS_AES_SETKEY_ENC_ALT, MBEDTLS_AES_DECRYPT_ALT and
MBEDTLS_AES_ROM_TABLE set.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-27 19:23:09 +01:00
Dave Rodgman 15cd28a264 Fix unused variable if MBEDTLS_AES_SETKEY_ENC_ALT and MBEDTLS_AES_DECRYPT_ALT set 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-27 19:23:06 +01:00
Dave Rodgman 28a539a549 Fix unused fn when MBEDTLS_AES_SETKEY_DEC_ALT and MBEDTLS_AES_SETKEY_ENC_ALT set 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-27 19:23:01 +01:00
Dave Rodgman 8c753f99cb Fix unused function when MBEDTLS_AES_SETKEY_ENC_ALT set 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-27 19:22:56 +01:00
David Horstmann 8fd98d6e62 Return an error when no name is parsed 
When less than 1 RDN is successfully parsed in
mbedtls_x509_string_to_names(), return an error. Previously this
returned success when a string containing neither '=' or ',' was
supplied.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-27 15:31:40 +01:00
Dave Rodgman 28e2ca51a9 Docs improvement 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-27 15:25:38 +01:00
Dave Rodgman 9f4fd28eff
Merge pull request #7808 from daverodgman/fix-ct-compile-warning 
Fix for arm64_32 (aka ILP32) on Clang
 2023-06-27 15:23:14 +01:00
Minos Galanakis c4e4958326 ecp_curves: Adjusted expected_width inputs to use BITS_TO_LIMBS macro. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-27 14:07:07 +01:00
Yanray Wang fe944ce2d8 aes.c: use uint8_t for local x, y, z in aes_gen_tables to save RAM 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-06-27 18:18:06 +08:00
Yanray Wang 5c86b1775a aes.c: use uint8_t for array of pow and log to save RAM 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-06-27 18:18:06 +08:00