yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
28537 commits 89 branches 205 tags 114 MiB
Commit graph

12501 commits

Author SHA1 Message Date
Xiaokang Qian e9c39c42fd Enable build of non-static psa wrapper functions 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian e518eeada9 Move function psa_driver_wrapper_export_public_key out of auto-generated 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 5db65c72ec Remove static inline functions declare and make it only in c file 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:06 +00:00
Xiaokang Qian 077ffc0991 Ensure build of P256 pass 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:06 +00:00
Xiaokang Qian b862031afa Remove useless declaration 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:06 +00:00
Thomas Daubney 7046468a02 Define the psa wrapper functions as static inline 
This is a commit from Thomas Daubney.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:06 +00:00
Gilles Peskine 391dd7fe87 Fix propagation of return value from parse_attribute_value_hex_der_encoded 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-25 19:59:31 +02:00
Gilles Peskine 7f420faf03 parse_attribute_value_hex_der_encoded: clean up length validation 
Separate the fits-in-buffer check (*data_length <= data_size) from the
we-think-it's-a-sensible-size check (*data_length <=
MBEDTLS_X509_MAX_DN_NAME_SIZE).

This requires using an intermediate buffer for the DER data, since its
maximum sensible size has to be larger than the maximum sensible size for
the payload, due to the overhead of the ASN.1 tag+length.

Remove test cases focusing on the DER length since the implementation no
longer has a threshold for it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-25 19:59:31 +02:00
Gilles Peskine 7077781af5 Fix integer overflow with an input buffer larger than INT_MAX 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-25 19:59:31 +02:00
Gilles Peskine 25665781f6 Rewrite parse_attribute_value_hex_der_encoded() 
Rename the function from parse_attribute_value_der_encoded: the hex aspect
seems important.

There was a buffer overflow due to not validating that the intermediate data
fit in the stack buffer. The rewrite doesn't use this buffer, and takes care
not to overflow the buffer that it does use.

Document all that's going on.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-25 19:59:31 +02:00
Dave Rodgman 6da7872aa2
Merge pull request #1083 from gilles-peskine-arm/development-restricted-merge-20230925 
Merge development into development-restricted
 2023-09-25 18:16:01 +01:00
Valerio Setti c437faeaa1 psa_crypto: fix guards in mbedtls_ecc_group_to_psa() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:41 +02:00
Valerio Setti db6b4db7a0 Renaming all MBEDTLS_HAVE for curves to MBEDTLS_ECP_HAVE 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:41 +02:00
Valerio Setti cf29c5d9d5 ssl: don't require MBEDTLS_ECP_DP with TLS1.3 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:41 +02:00
Valerio Setti 6d809cc969 lib/test: use new internal helpers in library's code and tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:41 +02:00
Valerio Setti f250ada3ab tls/oid: add PSA_WANT_ECC_xxx guards together with existing MBEDTLS_ECP_DP_xxx 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-25 17:39:40 +02:00
Gilles Peskine ffe590d197
Merge pull request #1058 from waleed-elmelegy-arm/check-set_padding-is-called 
Check set_padding has been called in mbedtls_cipher_finish
 2023-09-25 17:12:36 +02:00
Minos Galanakis 21087754a5 x509_crt: Removed unused intsafe.h 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 15:17:38 +01:00
Gilles Peskine ca1e605b9c Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925 
Conflicts:
* `include/mbedtls/build_info.h`: a new fragment to auto-enable
  `MBEDTLS_CIPHER_PADDING_PKCS7` was added in
  c9f4040f7f in `development-restricted`.
  In `development`, this section of the file has moved to
  `include/mbedtls/config_adjust_legacy_crypto.h`.
* `library/bignum.c`: function name change in `development-restricted` vs
  comment change in development. The comment change in `development` is not
  really relevant, so just take the line from `development-restricted`.
 2023-09-25 16:16:26 +02:00
Minos Galanakis a9bb34cd73 x509_crt: Removed length_as_int intermediate variable 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:42:41 +01:00
Minos Galanakis 59108d3f4d x509_crt: Adjusted the len of lpMultiByteStr arg in WideCharToMultiByte 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:23 +01:00
Minos Galanakis 08a67ccefd x509_crt: Set WideCharToMultiByte to use -1 for length. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>

WideCharToMultiByte
 2023-09-25 14:12:23 +01:00
Minos Galanakis 40995e1390 x509_crt: Removed checks for windows versions < WINXP 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis fac45fbafe entropy_poll: Removed checks for windows versions < WINXP 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis e8a5d1afbd entropy_poll: Updated documentation for entropy_poll loop. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis 2c6e561ff8 entropy_poll.c: Added looping logic to mbedtls_platform_entropy_poll(). 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis 4952f705ee Removed unsupported Visual Studio related code in entropy_poll.c and x509_crt.c. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:22 +01:00
Minos Galanakis 12b493f4dc entropy_poll/x509_crt: Added MBEDTLS_POP_TARGET_PRAGMA define guards. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:21 +01:00
Minos Galanakis 24a1c16fac library Makefile: Moved -lbcrypt to LOCAL_LDFLAGS 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:21 +01:00
Minos Galanakis a277b210ff Code style fixes 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-09-25 14:12:21 +01:00
Simon Butcher de573f56e5 Fix coding style of length_as_int var in x509_crt.c 
Variable had the very Windows name of lengthAsInt, which is fine for C# but
doesn't match the Mbed TLS coding standards.

Signed-off-by: Simon Butcher <simon.butcher@arm.com>
 2023-09-25 14:12:21 +01:00
Simon Butcher 35e5dad865 Add clarifying comment on use of MultiByteToWideChar() and CP_ACP 
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
 2023-09-25 14:12:21 +01:00
Simon Butcher def90f4966 Fix formatting and detail of comments in PR #730 
Signed-off-by: Simon Butcher <simon.butcher@arm.com>
 2023-09-25 14:12:20 +01:00
Simon Butcher e068aa7ad5 Fix the build for mingw and CMake + VStudio 
Changes to the build to add the new Win32 Crypto API's inadvertently broke
the build for mingw and Visual Studio builds when generated by CMake.

Signed-off-by: Simon Butcher <simon.butcher@arm.com>
 2023-09-25 14:12:20 +01:00
Kevin Kane 0ec1e68548 Replace Windows APIs that are banned in Windows Store apps 
CryptGenRandom and lstrlenW are not permitted in Windows Store apps,
meaning apps that use mbedTLS can't ship in the Windows Store.
Instead, use BCryptGenRandom and wcslen, respectively, which are
permitted.

Also make sure conversions between size_t, ULONG, and int are
always done safely; on a 64-bit platform, these types are different
sizes.

Also suppress macro redefinition warning for intsafe.h:

Visual Studio 2010 and earlier generates C4005 when including both
<intsafe.h> and <stdint.h> because a number of <TYPE>_MAX constants
are redefined. This is fixed in later versions of Visual Studio.
The constants are guaranteed to be the same between both files,
however, so we can safely suppress the warning when including
intsafe.h.

Signed-off-by: Kevin Kane <kkane@microsoft.com>
 2023-09-25 14:12:20 +01:00
Dave Rodgman 025bed9eb7
Merge pull request #1076 from daverodgman/more-ct 
Use CT module more consistently
 2023-09-25 11:50:10 +01:00
Dave Rodgman 5a3add2c67
Merge pull request #8234 from kouzhudong/development 
Fix MSVC error C4703 about possibly uninitialized variable in pkwrite.c
 2023-09-25 10:51:46 +01:00
Gilles Peskine 6809f231a6
Merge pull request #8210 from yanrayw/aes_128bit_improvement 
AES 128bit only: add guards in cipher_wrap.c
 2023-09-22 18:15:03 +00:00
Gilles Peskine 18e1d11cfe
Merge pull request #1049 from waleed-elmelegy-arm/Switch-pkparse-to-mbedtls_pkcs5_pbe2_ext 
Switch pkparse to use new pkcs5/12 pbe functions
 2023-09-22 18:06:50 +02:00
Dave Rodgman 4f53520f54
Merge pull request #8241 from daverodgman/cast_warning 
fix cast warning
 2023-09-22 14:23:05 +00:00
Dave Rodgman c0633bc777 Add comment 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 10:54:43 +01:00
Dave Rodgman 38c3228f3e fix cast warning 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 10:51:37 +01:00
Gilles Peskine 193f94276e
Merge pull request #1071 from gilles-peskine-arm/ssl_decrypt_stream_short_buffer 
Fix buffer overread in mbedtls_ssl_decrypt_buf with stream cipher
 2023-09-22 11:43:03 +02:00
Dave Rodgman d03f483dbe Use mbedtls_ct_error_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 10:01:47 +01:00
Dave Rodgman fbe74a9e51 Add mbedtls_ct_error_if, with tests 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 09:58:25 +01:00
Tom Cosgrove 41434d043c
Merge pull request #8237 from tom-cosgrove-arm/mbedtls_pk_write_key_der-unused-len-and-unreachable-ret 
Remove unused variable and unreachable return from mbedtls_pk_write_key_der()
 2023-09-22 08:45:48 +00:00
Dave Rodgman a9d70125a3 Remove mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 21:53:54 +01:00
Dave Rodgman 7ad37e40a6 Remove use of mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 21:53:31 +01:00
Dave Rodgman 530c3da698 Improve implementation of mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 21:06:48 +01:00
Dave Rodgman 61f1beaccf Update library to use mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 19:23:17 +01:00
Dave Rodgman f81b2a14f2 Generalise mbedtls_ct_error_if to mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 19:22:43 +01:00
Dave Rodgman aaebc9be51
Merge pull request #8235 from daverodgman/misc-size 2023-09-21 18:42:37 +01:00
Tom Cosgrove 8d276fbc23 Remove unused variable and unreachable return from mbedtls_pk_write_key_der() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-09-21 17:19:36 +01:00
correy a15b4851d4 Fix MSVC error C4703 about possibly uninitialized variable in pkwrite.c 
Signed-off-by: correy <112426112@qq.com>
 2023-09-21 20:18:52 +08:00
Dave Rodgman 1a404e8f34 Use mbedtls_ct_error for CT error selection 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 13:12:28 +01:00
Dave Rodgman e50b537266 Add mbedtls_ct_error_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 11:29:58 +01:00
Dave Rodgman ef6795d2a9 Reduce size of mbedtls_asn1_get_len 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 10:35:33 +01:00
Pengyu Lv 6f0259e6da AESNI: improve comments on some guards in aesni.h 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-09-21 10:34:32 +08:00
Dave Rodgman 584a08f91d Add cast for MSVC 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 20:15:52 +01:00
Gilles Peskine efaee9a299 Give a production-sounding name to the p256m option 
Now that p256-m is officially a production feature and not just an example,
give it a more suitable name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-20 20:49:47 +02:00
Waleed Elmelegy 1db5cdaf57 Add tests to test pkcs8 parsing of encrypted keys 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-20 19:29:02 +01:00
Waleed Elmelegy 5e48cad7f0 Fix codestyle issues in pkcs12.h & pkparse.c 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-20 19:29:02 +01:00
Waleed Elmelegy d527896b7e Switch pkparse to use new mbedtls_pkcs12_pbe_ext function 
Switch pkparse to use new mbedtls_pkcs12_pbe_ext function
and deprecate mbedtls_pkcs12_pbe function.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-20 19:29:02 +01:00
Waleed Elmelegy c9f4040f7f Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function 
Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function
and deprecate mbedtls_pkcs5_pbes2 function.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-20 19:28:28 +01:00
Dave Rodgman 1cf181fd46 Reinstate more robust return value handling 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:10:17 +01:00
Dave Rodgman c43a0a4adb rename dont_ignore to in_padding 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Dave Rodgman e834d6c9f2 Move declaration for robustness against future edits 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Dave Rodgman c62f7fcce9 Use more meaningful variable name in mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Dave Rodgman e94cd0b99b Correct use of mbedtls_ct_mpi_uint_if_else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Gilles Peskine eda1b1f744
Merge pull request #7921 from valeriosetti/issue7613 
TLS: Clean up ECDSA dependencies
 2023-09-20 12:47:55 +00:00
Dave Rodgman ee5464fab9 Simplify unnecessarily complex error code handling 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 09:13:12 +01:00
Dave Rodgman fd96579ecd Use properly typed versions of mbedtls_ct_xxx_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 21:52:13 +01:00
Dave Rodgman 143f5f7c68 Add mbedtls_ct_bool_if and mbedtls_ct_bool_if_else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 21:52:13 +01:00
Dave Rodgman 437500c5b1 Fix MSVC type complaint 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 21:52:13 +01:00
Dave Rodgman 814d096420 Fix error in handling of return value from mbedtls_nist_kw_unwrap 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 20:48:51 +01:00
Dave Rodgman 6be4bcff16 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 19:47:51 +01:00
Dave Rodgman 4fc14cc4ae Fix error in handling of return value from mbedtls_nist_kw_unwrap 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 19:45:54 +01:00
Dave Rodgman f8182d91a7 Simplify add_zeros_padding 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:39:33 +01:00
Dave Rodgman d8c68a948a Use CT interface in get_zeros_padding 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:39:33 +01:00
Dave Rodgman 1cfc43c77b Rename mbedtls_ct_bool_xor to mbedtls_ct_bool_ne 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:39:33 +01:00
Dave Rodgman 89a9bd5887 Use CT interface in get_one_and_zeros_padding 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:39:33 +01:00
Dave Rodgman 6cec41c3bb use CT interface in add_zeros_and_len_padding() 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:34:06 +01:00
Dave Rodgman 6b7e2a5809 Use CT interface in get_pkcs_padding 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:34:06 +01:00
Dave Rodgman b4e6b41aa0 Use const-time interface throughout mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:34:06 +01:00
Dave Rodgman 51c15309f2 Make padlen check const-time 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 17:22:18 +01:00
Dave Rodgman c2630fac52 Simplify mbedtls_ct_memcmp_partial 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 17:21:50 +01:00
Dave Rodgman 66d6ac92e6 Use mbedtls_ct_memcmp in mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 09:10:59 +01:00
Dave Rodgman d337bd9bfe Improve const-timeness of mbedtls_nist_kw_unwrap 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 09:10:59 +01:00
Dave Rodgman 9c14007ac3 Add mbedtls_ct_memcmp_partial 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 09:10:59 +01:00
Dave Rodgman d26a3d6da7 Eliminate duplicate ct memcmp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-18 19:09:45 +01:00
Gilles Peskine faf0b8604a mbedtls_ssl_decrypt_buf(): fix buffer overread with stream cipher 
With stream ciphers, add a check that there's enough room to read a MAC in
the record. Without this check, subtracting the MAC length from the data
length resulted in an integer underflow, causing the MAC calculation to try
reading (SIZE_MAX + 1 - maclen) bytes of input, which is a buffer overread.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-18 19:07:50 +02:00
Gilles Peskine bd50d5baec
Merge pull request #8177 from gilles-peskine-arm/generated-files-off-in-release 
Generated files off in release
 2023-09-18 14:11:58 +00:00
Dave Rodgman 25c271a035
Merge pull request #8182 from daverodgman/asn1write-size 
Reduce code size in mbedtls_asn1_write_len
 2023-09-18 10:27:23 +00:00
Manuel Pégourié-Gonnard 275afe187f Fix preset shared between 1.2 and 1.3 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-18 11:19:20 +02:00
Gilles Peskine 67c86e626b
Merge pull request #7961 from gilles-peskine-arm/psa_crypto_config-in-full 
Enable MBEDTLS_PSA_CRYPTO_CONFIG in the full config
 2023-09-18 08:13:12 +00:00
Dave Rodgman 0c9516ea89 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-15 18:30:09 +01:00
Dave Rodgman 127f35d5e5 Merge remote-tracking branch 'origin/development' into asn1write-size 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-15 18:02:59 +01:00
Dave Rodgman ecdfc1c94f Fix poorly named function 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-15 18:00:37 +01:00
Gilles Peskine 8a7fb2d799
Merge pull request #1055 from waleed-elmelegy-arm/add-new-pkcs12-pbe2-ext-fun 
Add new pkcs12 pbe2 ext fun
 2023-09-15 18:43:03 +02:00
Gilles Peskine 170be457bd
Merge pull request #8207 from mcagriaksoy/branch_old_try 
Fixes log level for got supported group message
 2023-09-15 05:53:00 +00:00
Dave Rodgman a11eac4292 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-14 16:16:04 +01:00
Dave Rodgman e99b24dd9f Fix some clang-18 warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-14 15:52:02 +01:00
Yanray Wang 7732ced037 cipher_wrap: remove 192- and 256-bit for AES_ONLY_128_BIT_KEY_LENGTH 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-14 14:35:44 +08:00
mcagriaksoy d9f22804ea Fixes log level for got supported group message 
Signed-off-by: mcagriaksoy <mcagriaksoy@yandex.com>
 2023-09-13 22:43:38 +02:00
Gilles Peskine 0ddffb6de2
Merge pull request #7210 from sergio-nsk/patch-2 
Fix llvm error: variable 'default_iv_length' and other may be used uninitialized
 2023-09-13 16:38:55 +02:00
Gilles Peskine 9b5d7d7801
Merge pull request #8195 from daverodgman/improve_sslmsg 
Improve use of ct interface in mbedtls_ssl_decrypt_buf
 2023-09-13 12:32:12 +00:00
Gilles Peskine 3cea3efc25
Merge pull request #8025 from AgathiyanB/accept-numericoid-hexstring-x509 
Accept numericoid hexstring x509
 2023-09-13 08:54:33 +00:00
Gilles Peskine f22999e99f
Merge pull request #8093 from yuhaoth/pr/add-target-architecture-macros 
Add architecture detection macros
 2023-09-13 08:53:47 +00:00
Dave Rodgman da0bb9fae8
Merge pull request #8034 from gilles-peskine-arm/bump_version-doc_mainpage 
Update capitalization of "Mbed" and fix bump_version.sh
 2023-09-13 08:41:20 +00:00
Dave Rodgman 7d52f2a0d9 Improve use of ct interface in mbedtls_ssl_decrypt_buf 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-13 09:30:03 +01:00
Gilles Peskine e820c0abc8 Update spelling "mbed TLS" to "Mbed TLS" 
The official spelling of the trade mark changed from all-lowercase "mbed"
to normal proper noun capitalization "Mbed" a few years ago. We've been
using the new spelling in new text but still have the old spelling in a
lot of text. This commit updates most occurrences of "mbed TLS":

```
sed -i -e 's/mbed TLS/Mbed TLS/g' $(git ls-files ':!ChangeLog' ':!tests/data_files/**' ':!tests/suites/*.data' ':!programs/x509/*' ':!configs/tfm*')
```

Justification for the omissions:

* `ChangeLog`: historical text.
* `test/data_files/**`, `tests/suites/*.data`, `programs/x509/*`: many
  occurrences are significant names in certificates and such. Changing
  the spelling would invalidate many signatures and tests.
* `configs/tfm*`: this is an imported file. We'll follow the upstream
  updates.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-12 19:18:17 +02:00
Agathiyan Bragadeesh a72ea814d8 Remove double blank line in x509_create.c 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-12 17:57:09 +01:00
Agathiyan Bragadeesh c7959b22c6 Remove magic number in x509.c 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-12 17:56:58 +01:00
Tom Cosgrove 9d8a7d62f5 Use the correct variable when tracking padding length 
Fixes an error introduced in a81373f80

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-09-12 16:01:52 +01:00
Waleed Elmelegy 57d09b72ef Return back to modifying input parameters in pkcs12_parse_pbe_params 
Return back to modifying input parameters in pkcs12_parse_pbe_params
to avoid change in behaviour.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-12 14:05:10 +01:00
Waleed Elmelegy a7d206fce6 Check set_padding has been called in mbedtls_cipher_finish 
Check set_padding has been called in mbedtls_cipher_finish
in modes that require padding.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-12 13:39:36 +01:00
Dave Rodgman bd58944252 Avoid implementation defined behaviour 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-12 12:38:53 +01:00
Dave Rodgman 2b0d53a2a8
Merge pull request #7590 from daverodgman/ct-x86-asm 
Constant time asm for x86 and x86-64
 2023-09-12 09:58:44 +00:00
Dave Rodgman 50b0a35494 Test INT_MAX rather than UINT_MAX 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-12 09:30:44 +01:00
Dave Rodgman 98926d5fb1 Update comment, and replace bit-twiddling with #error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-12 09:29:33 +01:00
Ronald Cron ad2f351c6b
Merge pull request #8171 from ronald-cron-arm/misc-minor-fixes 
One minor fix
 2023-09-12 06:00:48 +00:00
Dave Rodgman 4f26770291 Ensure mbedtls_ct_memcpy behaves correctly with 16-bit int 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 19:10:09 +01:00
Dave Rodgman dc669a1944 Fix type error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 18:39:57 +01:00
Dave Rodgman 5265c318a0 Fix type-conversion error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 18:04:13 +01:00
Dave Rodgman 49352832c9 Eliminate duplicate of mbedtls_asn1_find_named_data 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 17:10:43 +01:00
Dave Rodgman 33287ae134 Tidy up mbedtls_asn1_write_len 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 17:10:43 +01:00
Dave Rodgman cf5f746a8c Refactor out some common code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 16:27:34 +01:00
Dave Rodgman 7fda906a68
Merge pull request #8161 from gilles-peskine-arm/config-boolean-options-wrong-section-202309 
Fix module configuration options in mbedtls_config.h
 2023-09-11 15:08:56 +00:00
Dave Rodgman 3bbedf6ba0 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 16:06:28 +01:00
Dave Rodgman 9f366b07ea Reduce code size in mbedtls_asn1_write_len 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 16:00:03 +01:00
Dave Rodgman 82fe0828b2
Merge pull request #8180 from daverodgman/sha2-zeroize 
Ensure all md_<hash>_finish functions perform zeroization
 2023-09-11 15:13:27 +01:00
Dave Rodgman aafd1e0924 Ensure all md_<hash>_finish functions perform zeroization 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-11 12:59:36 +01:00
Tom Cosgrove 876346e451 Remove always-false null pointer check in sha3.c that Coverity complains about 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-09-11 09:03:01 +01:00
Dave Rodgman 3f8e483eed Mark y as modified in x86 asm for mbedtls_ct_uint_lt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:57:40 +01:00
Dave Rodgman 4a97e73661 Eliminate a redundant not from x86 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:26:18 +01:00
Dave Rodgman b6b8f6c68d Make variable name consistent in x86_64 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:19:32 +01:00
Dave Rodgman 5f249852a5 Better register allocation for x86_64 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:18:29 +01:00
Dave Rodgman 99f0cdc0e0 Remove not-needed mov in x86_64 asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-08 17:18:04 +01:00
Waleed Elmelegy e1cb35b719 Add new mbedtls_pkcs12_pbe_ext function to replace old function 
Add new mbedtls_pkcs12_pbe_ext function to replace
old mbedtls_pkcs12_pbe function that have security
issues.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-08 16:51:26 +01:00
Gilles Peskine 0b62b7a21f Allow turning off re-generation of files with make 
In make builds, when GEN_FILES is false (empty), don't try to re-generate
configuration-independent source files, regardless of whether they seem
out of date. This is useful, for example, if you have a source tree where
`make generated_files` has already run and file timestamps reflect the
time the files were copied or extracted, and you are now in an environment
that lacks some of the necessary tools to re-generate the files.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-08 16:19:13 +02:00
Gilles Peskine 31d49cd57f
Merge pull request #1053 from waleed-elmelegy-arm/Improve-and-test-mbedtls_pkcs12_pbe 
Improve & test legacy mbedtls_pkcs12_pbe
 2023-09-08 13:08:05 +02:00
Agathiyan Bragadeesh 706a1c3c3f Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-08 12:04:41 +01:00
Agathiyan Bragadeesh c34804dea2 Fix bug with checking max dn length with hexpairs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-08 11:32:19 +01:00
Ronald Cron b9c7953442 pkwrite: Fix defined but not used warning 
Fix defined but not used warning when
MBEDTLS_USE_PSA_CRYPTO, MBEDTLS_PK_HAVE_RFC8410_CURVES
and MBEDTLS_PK_HAVE_ECC_KEYS are defined but not
MBEDTLS_PEM_WRITE_C.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-09-07 14:20:49 +02:00
Yanray Wang 56e27b9938 des: don't consider DES for CIPHER_ENCRYPT_ONLY 
We only support ECB and CBC modes for DES. Those two modes require
both encrypt and decrypt directions, so we don't consider DES with
CIPHER_ENCRYPT_ONLY.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-07 18:00:35 +08:00
Yanray Wang 9b811658a8 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-09-07 16:18:00 +08:00
Gilles Peskine 58590983c5
Merge pull request #8160 from daverodgman/warn-unreachable 
Fix clang warnings about unreachable code
 2023-09-06 09:47:03 +00:00
Dave Rodgman 85061b97b5 Improve sanity checking of MBEDTLS_HAVE_INTxx 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-06 08:41:05 +01:00
Dave Rodgman b7b8c09c81
Update bignum_core.c 
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 20:35:19 +01:00
Gilles Peskine ff2558a470 Fix unused variable in some TLS 1.3 builds 
Fix unused variable when MBEDTLS_SSL_PROTO_TLS1_3 and
MBEDTLS_SSL_SESSION_TICKETS are enabled but not MBEDTLS_DEBUG_C.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-05 21:10:39 +02:00
Dave Rodgman 7e1e7be8fc Simplify fixes for unreachable code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 18:15:31 +01:00
Dave Rodgman cfa722324c Fix warnings about unreachable code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 16:53:33 +01:00
Dave Rodgman 0364c8a773 Introduce MBEDTLS_IGNORE_UNREACHABLE_BEGIN 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-05 16:20:19 +01:00
Waleed Elmelegy 255db80910 Improve & test legacy mbedtls_pkcs12_pbe 
* Prevent pkcs12_pbe encryption when PKCS7 padding has been
  disabled since this not part of the specs.
* Allow decryption when PKCS7 padding is disabled for legacy
  reasons, However, invalid padding is not checked.
* Document new behaviour, known limitations and possible
  security concerns.
* Add tests to check these scenarios. Test data has been
  generated by the below code using OpenSSL as a reference:

#include <openssl/pkcs12.h>
#include <openssl/evp.h>
#include <openssl/des.h>
#include <openssl/asn1.h>
#include "crypto/asn1.h"
#include <string.h>

int main()
{
    char pass[] = "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB";
    unsigned char salt[] = "\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC";
    unsigned char plaintext[] = "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA";
    unsigned char *ciphertext = NULL;
    int iter = 10;
    X509_ALGOR *alg =  X509_ALGOR_new();
    int ciphertext_len = 0;
    int alg_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
    alg->parameter = ASN1_TYPE_new();
    struct asn1_object_st * aobj;
    PKCS5_pbe_set0_algor(alg, alg_nid, iter,
                         salt, sizeof(salt)-1);

    aobj = alg->algorithm;
    printf("\"30%.2X", 2 + aobj->length + alg->parameter->value.asn1_string->length);
    printf("06%.2X", aobj->length);
    for (int i = 0; i < aobj->length; i++) {
        printf("%.2X", aobj->data[i]);
    }

    for (int i = 0; i < alg->parameter->value.asn1_string->length; i++) {
        printf("%.2X", alg->parameter->value.asn1_string->data[i]);
    }
    printf("\":\"");

    for (int i = 0; i < sizeof(pass)-1; i++) {
        printf("%.2X", pass[i] & 0xFF);
    }
    printf("\":\"");
    for (int i = 0; i < sizeof(plaintext)-1; i++) {
        printf("%.2X", plaintext[i]);
    }
    printf("\":");
    printf("0");
    printf(":\"");

    unsigned char * res = PKCS12_pbe_crypt(alg, pass, sizeof(pass)-1, plaintext, sizeof(plaintext)-1, &ciphertext, &ciphertext_len, 1);

    if (res == NULL)
        printf("Encryption failed!\n");
    for (int i = 0; i < ciphertext_len; i++) {
        printf("%.2X", res[i]);
    }
    printf("\"\n");

    return 0;
}

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
#
 2023-09-05 15:45:55 +01:00
Paul Elliott 945d674c8d
Merge pull request #8157 from actonlang/fix-include-psa-utils-internals 
Use quotes include of psa_util_internal.h
 2023-09-05 12:52:19 +00:00
Tom Cosgrove 8bd8a462d2
Merge pull request #8141 from tom-cosgrove-arm/define-psa-macros-to-1 
Define all PSA_xxx macros to 1 rather than have them empty, for consistency
 2023-09-04 21:27:01 +00:00
Agathiyan Bragadeesh fca0861e8e Add asn1 get tag and len to x509 create config 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-04 15:45:37 +01:00
Agathiyan Bragadeesh 86dc08599b Add asn1 write tag and len to x509 use c config 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-09-04 15:40:41 +01:00
Gilles Peskine 1a7d387072
Merge pull request #1041 from waleed-elmelegy-arm/add-new-pkcs5-pbe2-ext-fun 
Add new pkcs5 pbe2 ext fun
 2023-09-04 15:33:42 +02:00
Kristian Larsson a1aeff4124 Use quotes include of psa_util_internal.h 
psa_utils_internal.h was broken out of mbedtls/psa_utils.h, which in
some places were included as <mbedtls/psa_utils.h>. But since
psa_utils_internals.h should be internal, we should not rely on the
system include paths. I suspect a regexp replace gone slightly wrong.

Signed-off-by: Kristian Larsson <kristian@spritelink.net>
 2023-09-04 10:36:37 +02:00
Dave Rodgman 4f69668558
Merge pull request #8082 from daverodgman/misc-code-size 
Misc code size improvements
 2023-09-02 11:44:31 +00:00
Dave Rodgman 662c497395
Merge pull request #8144 from daverodgman/zeroize-stronger 
Add more protection to mbedtls_platform_zeroize
 2023-09-02 10:59:12 +01:00
Dave Rodgman 1dab445804 Update guard for ecp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-02 10:56:44 +01:00
Dave Rodgman 16a76721b6
Merge pull request #8068 from paul-elliott-arm/fix_tls_zeroization 
Fix TLS pad buffer zeroization
 2023-09-01 23:35:23 +00:00
Waleed-Ziad Maamoun-Elmelegy c5fef82c52 Fix typo in pkcs5.c 
Co-authored-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-09-01 11:45:39 +01:00
Dave Rodgman fe55320b5c Avoid error from old gcc version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 11:15:28 +01:00
Dave Rodgman 5f6060a1f3 Code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 11:00:58 +01:00
Yanray Wang dbcc0c6172 aes: define internal macro to simplify #if Directive 
No semantic changes, only yo simplify #if Directive
with introduction of MBEDTLS_AES_NEED_FORWARD_S_BOXES and
MBEDTLS_AES_NEED_REVERSE_TABLES.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 17:35:58 +08:00
Yanray Wang db9b3095fb cipher_wrap: remove *setkey_dec_func in CIPHER_ENCRYPT_ONLY 
There is no need to set decrypt key under CIPHER_ENCRYPT_ONLY,
so we can remove *setkey_dec_func from ctx to save extra code size.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 17:35:31 +08:00
Dave Rodgman ba67451562 Fix gcc compile warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 10:14:46 +01:00
Dave Rodgman ac3cf7c20b Add more protection to mbedtls_platform_zeroize 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-01 10:09:31 +01:00
Yanray Wang 9141ad1223 aria/camellia/des: guard setkey_dec by CIPHER_ENCRYPT_ONLY 
This is a pre-step to remove *setkey_dec_func in cipher_wrap ctx
when CIPHER_ENCRYPT_ONLY is enabled.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 17:06:38 +08:00
Yanray Wang 380be5af3a AESNI: add macro guard of CIPHER_ENCRYPT_ONLY 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 16:40:11 +08:00
Yanray Wang 590c9b7abe AESCE: add macro guard of CIPHER_ENCRYPT_ONLY 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 16:39:28 +08:00
Yanray Wang 78ee0c9e4f aes.c: add config option to support cipher_encrypt_only 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-09-01 16:35:33 +08:00
Paul Elliott 6ebe7d2e3a
Merge pull request #8095 from davidhorstmann-arm/initialize-struct-get-other-name 
Coverity fix: Set `type_id` in `x509_get_other_name()`
 2023-08-31 16:26:00 +00:00
Tom Cosgrove c43c3aaf02 Define all PSA_xxx macros to 1 rather than have them empty, for consistency 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-08-31 17:06:58 +01:00
Dave Rodgman 4f47f3dac8 Covert PSA guards to MBEDTLS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 12:10:00 +01:00
Dave Rodgman a9a53a05f0 Merge remote-tracking branch 'origin/development' into misc-code-size 2023-08-31 11:53:46 +01:00
Dave Rodgman dea266f3f5 Use MBEDTLS_MD_LIGHT instead of MBEDTLS_MD_C 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 11:52:43 +01:00
Dave Rodgman 8d706f6b59 Simplify camellia error conversion macros 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 11:48:44 +01:00
Dave Rodgman 09a9e589c1 Add missing error conversion case 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 11:05:22 +01:00
Dave Rodgman 68efcf56ed Remove not-needed #include 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-31 10:09:05 +01:00
Dave Rodgman 984309c2c3 Call mbedtls_platform_zeroize via mbedtls_sha3_free 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-30 19:22:28 +01:00
Dave Rodgman dbddb00158 Ensure mbedtls_sha3_finish zeroizes the context 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-30 18:43:23 +01:00
Gilles Peskine 03e9dea30b Merge remote-tracking branch 'development' into psa_crypto_config-in-full 
Conflicts:
* `include/psa/crypto_sizes.h`: the addition of the `u` suffix in this branch
  conflicts with the rework of the calculation of `PSA_HASH_MAX_SIZE` and
  `PSA_HMAC_MAX_HASH_BLOCK_SIZE` in `development`. Use the new definitions
  from `development`, and add the `u` suffix to the relevant constants.
 2023-08-30 18:32:57 +02:00
Agathiyan Bragadeesh a2423debcc Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 16:24:31 +01:00
Agathiyan Bragadeesh de02ee268e Refactor parse_attribute_value_string 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 16:12:57 +01:00
Agathiyan Bragadeesh 1aece47e8c Make hexpair_to_int take a char pointer 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 16:05:24 +01:00
Agathiyan Bragadeesh e9d1c8e1eb Reword and reformat comments 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 15:55:31 +01:00
Agathiyan Bragadeesh ef6abd4062 Add blank lines after variable declarations 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-30 15:55:12 +01:00
Dave Rodgman 730bbee226 Merge remote-tracking branch 'origin/development' into update-restricted-2023-08-30 2023-08-30 11:22:00 +01:00
Dave Rodgman 29bf911058
Merge pull request #7839 from daverodgman/psa-sha3 
SHA-3 via PSA
 2023-08-30 08:51:36 +00:00
Waleed Elmelegy 79b6e26b1b Improve mbedtls_pkcs5_pbes2_ext function test data 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-29 14:55:03 +01:00
Dave Rodgman 787011542b Fully replace mbedtls_psa_safer_memcmp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 14:20:18 +01:00
Dave Rodgman e97de40e7b Typo fix 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:47:35 +01:00
Dave Rodgman 6d5261e38f Fix typo in doxygen for mbedtls_ct_memcpy_offset 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman b69239c604 Improve docs in mbedtls_mpi_lt_mpi_ct 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman d44dd96132 Improve docs re duplicate declarations 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman 0cf9dd1056 Whitespace - tidy up asm and make it more consistent 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman 81673bba77 Add x86 const-time assembly 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman 664fea481c Add x86-64 const-time assembly 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-29 09:42:14 +01:00
Dave Rodgman d395590597
Merge pull request #7579 from daverodgman/safer-ct-asm 
Arm assembly implementation of constant time primitives
 2023-08-28 08:26:29 +00:00
Jerry Yu f65f71eef3 improve various issues 
- duplicate definition
- wrong comments
- redundant include statement

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-28 10:58:24 +08:00
Yanray Wang 044eb16379 pkwrite: zeroize buf containing info of private key 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-28 10:35:41 +08:00
Gilles Peskine 2a296729d0
Merge pull request #8084 from AgathiyanB/remove-type-qualifier-in-assignment-casts 
Remove type qualifier in assignment casts
 2023-08-24 18:02:11 +00:00
Yanray Wang 427424768a aes.c: provide finer guard for RSb 
Variable RSb is only used for either computing reverse tables
in aes_gen_tables or AES-decryption function. This commit provides
more guards for when RSb is defined and used.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-24 11:12:22 +08:00
Yanray Wang 422a77f716 aes.c: clean up and fix wrong comment in #endif 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-24 11:11:46 +08:00
Agathiyan Bragadeesh 457ac84f01 Refactor previous fix 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 11:35:26 +01:00
Agathiyan Bragadeesh 4c7d7bf583 Add guard for empty AttributeValue 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-23 11:28:30 +01:00
Jerry Yu 782b966666 replace target arch macros in padlock 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-23 17:15:35 +08:00
Jerry Yu d6e312dde4 replace aesni target detection macros 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-23 17:15:34 +08:00
Jerry Yu 72fd0bdc71 replace arm64 macro and aesce enable flag 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-23 17:15:34 +08:00
Agathiyan Bragadeesh 15df01240d Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 17:50:00 +01:00
Agathiyan Bragadeesh 4606bf3f38 Refactor reading AttributeValue in dn gets 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 17:29:18 +01:00
Agathiyan Bragadeesh 022f86f108 Prevent output of escaped null characters dn gets 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:56:04 +01:00
Agathiyan Bragadeesh d9d79bb74b Rename parse_attribute_value_ber_encoded 
Now renamed to parse_attribute_value_der_encoded to be consistent with
names elsewhere

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:43:58 +01:00
Agathiyan Bragadeesh 8aa74ab6a9 Add return for buffer too small when reading OIDs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:42:27 +01:00
Agathiyan Bragadeesh f3b9724dcd Remove questionable use of macro. 
MBEDTLS_X509_SAFE_SNPRINTF was used after mbedtls_oid_get_numeric_string
so instead we have expanded the macro and kept the relevant code.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:37:11 +01:00
Agathiyan Bragadeesh 07f472a88b Add corruption detected return when writing asn1 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 16:29:39 +01:00
Tom Cosgrove 3d2d599d3e
Merge pull request #7996 from gilles-peskine-arm/small_primes-gaps 
Reduce the size of the small primes table used by primality testing
 2023-08-22 12:48:56 +00:00
Agathiyan Bragadeesh ba386ec23e Remove magic number for null tag 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 12b9d7040e Remove x509_oid_from_numericoid 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh fb94702762 Add catch for alloc error x509_oid_from_numericoid 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 4294ccc608 Use mbedtls_calloc instead of calloc 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 55d93192b1 Fix oid memory leak 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh f826d1113e Reject null bytes in DER encoded values in DNs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh eb55867520 Fix code style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 9caaa6d967 Reject escaped null hexpairs in DNs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 957ca0595d Accept short name/ber encoded data in DNs 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 17984874af Change error from unknown oid to invalid name 
Since the implementation no longer needs to know the oid, it makes more
sense for the error message to be an invalid name.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh f88bd5ac86 Accept any valid oid in string_to_names 
Instead of using x509_attrs, use generic oid conversion.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh af70c7dce7 Write numeric oid directly to buffer 
mbedtls_oid_get_numeric_string now points to output buffer in dn_gets

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh a7f9630925 Remove duplicate '+' in comparison string 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 5adffb2488 Refactor dn_gets use library function to write tag 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 2bf09a61a3 Fix style on left shift operations 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh e18a1789fd Use MBEDTLS_X509_MAX_DN_NAME_SIZE for buffer size 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh ee642d93a8 Format preprocessor conditionals 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh ed88eefe8e Rename in_tag to in_attr_type 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 97178f231f Fix code style in mbedtls_x509_string_to_names 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 7f639fc7ab Fix Windows x64 build errors with type conversions 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 39ba121d3a Fix memory leak in alternative code route 
If no oid is found, and x509_attr_descr_from_numericoid returns NULL,
previously the memory allocated for the oid wasn't freed.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh f818e01edb FIx memory leak in x509_attr_descr_from_numericoid; 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh a1f5c2d06f Move declaration of variables in dn_gets to top 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 0a4b6d88d0 Alter conditions on hexstring output dn_gets 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 4987c8fcb0 Fix code style on x509.c and x509_create.c 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh c9d74f3109 Refactor AttributeType in mbedtls_x509_dn_gets 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 0eb6673a80 Add preprocessor config guards 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 6cbfae591a Parse DER tag mbedtls_x509_string_to_names 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh ddc720d209 Add mbedtls_x509_dn_gets hexstring output 
If the data is a bitstring or an octet string, instead use the hexstring
of the BER encoding (RFC 4514 Section 2.4)

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh b73778d8f9 Implement parse_attribute_value_ber_encoded 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh e119f3c0ea Refactor mbedtls_x509_string_to_names 
This refactor is to accomodate future support of numericoid/hexstring
attributetype value pairs.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh f0e1ac59d8 Rewrite nibble_to_hex_digit for readability 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh 9d2507c81d Rename x509_int_to_hexdigit to nibble_to_hex_digit 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh ef2decbe4a Escape hexpairs characters RFC 4514 
Converts none ascii to escaped hexpairs in mbedtls_x509_dn_gets and
interprets hexpairs in mbedtls_x509_string_to_names.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:38:16 +01:00
Agathiyan Bragadeesh 48513b8639 Escape special characters RFC 4514 
This escapes special characters according to RFC 4514 in
mbedtls_x509_dn_gets and de-escapes in mbedtls_x509_string_to_names.
This commit does not handle hexpairs.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:38:16 +01:00
Gilles Peskine 30b0378008 Fix off-by-one error 
The value of p after adding the last entry in the gap table is not used.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-22 11:06:47 +02:00
Dave Rodgman e20d688463
Fix missing operand modifier 
Co-authored-by: Yanray Wang <yanray.wang@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-22 08:46:18 +01:00
Dave Rodgman 0c99a9083e Avoid signed right shift UB 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-21 17:06:24 +01:00
Tom Cosgrove 31b2d7414d
Merge pull request #8053 from gilles-peskine-arm/mpi_exp_mod-remove_initial_copy 
mbedtls_mpi_exp_mod: remove spurious copy of the output variable
 2023-08-21 15:50:28 +00:00
Gilles Peskine 0addbe6dc7
Merge pull request #8069 from paul-elliott-arm/fix_ecjpake_deadcode 
Fix logical dead code found by Coverity
 2023-08-21 14:44:36 +00:00
Dave Rodgman 65204f8fc8
Merge pull request #8035 from daverodgman/aesce-support-perf 
Make mbedtls_aesce_has_support more efficient
 2023-08-21 14:39:08 +00:00
Tom Cosgrove d29648026b
Merge pull request #8017 from ivq/unchecked_return 
Fix a few unchecked return values
 2023-08-21 13:02:53 +00:00
Janos Follath e220d258fd
Merge pull request #8086 from yanesca/remove-new-bignum 
Remove new bignum when not needed
 2023-08-21 10:59:41 +00:00
Yanray Wang 08d5f46c83 pkwrite.c: call calloc and free properly 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-21 15:15:24 +08:00
Dave Rodgman 0ce0fbc32a Simplify aarch64 asm for mbedtls_ct_uint_lt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-21 07:58:50 +01:00
Dave Rodgman 3ab114e3da Move non-function-specific macro outside of function definition 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-21 07:54:11 +01:00
Gilles Peskine ead1766b5f Fix PBKDF2 with empty salt segment on platforms where malloc(0)=NULL 
"Fix PBKDF2 with empty salt on platforms where malloc(0)=NULL" took care of
making an empty salt work. But it didn't fix the case of an empty salt
segment followed by a non-empty salt segment, which still invoked memcpy
with a potentially null pointer as the source. This commit fixes that case,
and also simplifies the logic in the function a little.

Test data obtained with:
```
pip3 install cryptodome
python3 -c 'import sys; from Crypto.Hash import SHA256; from Crypto.Protocol.KDF import PBKDF2; cost = int(sys.argv[1], 0); salt = bytes.fromhex(sys.argv[2]); password = bytes.fromhex(sys.argv[3]); n = int(sys.argv[4], 0); print(PBKDF2(password=password, salt=salt, dkLen=n, count=cost, hmac_hash_module=SHA256).hex())' 1 "" "706173737764" 64
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-20 22:05:16 +02:00
Dave Rodgman f2249ec905 Rename mbedtls_aesce_has_support macro to satisfy case rules 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-20 20:20:12 +01:00
Dave Rodgman b30adce7fd Use -1 as uninitialised marker 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-20 20:20:12 +01:00
Dave Rodgman 4566132163 Make mbedtls_aesce_has_support more efficient 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-20 20:20:12 +01:00
Dave Rodgman 1fdc884ed8
Merge pull request #7384 from yuhaoth/pr/add-aes-accelerator-only-mode 
AES: Add accelerator only mode
 2023-08-18 20:55:44 +00:00
David Horstmann cfae6a1ae9 Fix incorrect detection of HardwareModuleName 
The hardware module name otherName SAN contains 2 OIDs:

 OtherName ::= SEQUENCE {
      type-id    OBJECT IDENTIFIER,
      value      [0] EXPLICIT ANY DEFINED BY type-id }

 HardwareModuleName ::= SEQUENCE {
                           hwType OBJECT IDENTIFIER,
                           hwSerialNum OCTET STRING }

The first, type-id, is the one that identifies the otherName as a
HardwareModuleName. The second, hwType, identifies the type of hardware.

This change fixes 2 issues:

1. We were erroneously trying to identify HardwareModuleNames by looking
at hwType, not type-id.
2. We accidentally inverted the check so that we were checking that
hwType did NOT match HardwareModuleName.

This fix ensures that type-id is correctly checked to make sure that it
matches the OID for HardwareModuleName.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-18 19:31:39 +01:00
David Horstmann 2ea44d28de Fix: Set type_id in x509_get_other_name() 
When parsing a subject alternative name of type otherName, retain the
type-id field of the otherName. Previously this was not copied to the
mbedtls_x509_san_other_name struct when it should have been.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-18 18:36:02 +01:00
Jerry Yu 0a6272d6c9 revert padlock from aesni module 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-18 17:35:59 +08:00
Jerry Yu 61fc5ed5f3 improve readability of error message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-18 17:28:48 +08:00
Jerry Yu 372f7a04d0 Add missing check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-18 17:26:25 +08:00
Gilles Peskine eeaad50cd6
Merge pull request #8079 from adeaarm/port_IAR_build_fix 
Small fixes for IAR support
 2023-08-17 19:10:51 +00:00
Gilles Peskine 73936868b8 Merge remote-tracking branch 'development' into psa_crypto_config-in-full 
Conflicts:
* tests/scripts/all.sh: component_test_crypto_full_no_cipher was removed
  in the development branch.
 2023-08-17 19:46:34 +02:00
Antonio de Angelis 8e9d6b927e Remove the workaround for psa_key_agreement_internal 
Remove the workaround for psa_key_agreement_internal to
have a shared_secret array always non-zero. The spec is
recently updated so that PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
is always non-zero

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-17 15:27:56 +01:00
Janos Follath f2334b7b39 Remove new bignum when not needed 
New bignum modules are only needed when the new ecp_curves module is
present. Remove them when they are not needed to save code size.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-17 14:36:59 +01:00
Waleed Elmelegy 5d3f315478 Add new mbedtls_pkcs5_pbe2_ext function 
Add new mbedtls_pkcs5_pbe2_ext function to replace old
function with possible security issues.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-08-17 14:20:58 +01:00
Gilles Peskine 294be94922
Merge pull request #7818 from silabs-Kusumit/PBKDF2_cmac_implementation 
PBKDF2 CMAC implementation
 2023-08-17 11:15:16 +00:00
Jerry Yu 9608447545 replace padlock_c with padlock_have_code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 18:10:45 +08:00
Jerry Yu 3a0f044bde improve readability 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 17:06:21 +08:00
Agathiyan Bragadeesh 9ebfa7f64c Fix style 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-17 10:00:45 +01:00
Yanray Wang 7226df0757 pkwrite.c: add a cleanup label to save code size 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-17 15:05:16 +08:00
Jerry Yu e9c6b53e74 remove return-type when runtime detection enabled without plain c 
This case does not exist

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 13:53:38 +08:00
Jerry Yu 1b4c7eda80 add hardware only check for padlock 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 11:25:17 +08:00
Jerry Yu 9e628621b4 Add via padlock detection macro 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 11:20:09 +08:00
Jerry Yu 2319af0d64 Change the order of runtime detection 
If aesni is available, we will use it.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 10:38:57 +08:00
Jerry Yu 35b59d7805 exclude arm64ec mode for aesni 
AESNI does not work correctly for msvc arm64ec

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 10:34:15 +08:00
Dave Rodgman f4efd19dd0 Reduce code size in ccm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 22:37:32 +01:00
Dave Rodgman 509b567911 add ifdefs to reduce size of mbedtls_to_psa_error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 22:37:29 +01:00
Dave Rodgman 6f6820345a add #ifdefs to reduce switch size 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 18:44:32 +01:00
Dave Rodgman 864f594acc Adjust layout of some stucts 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 18:04:44 +01:00
Dave Rodgman 164614af3d Reduce code-size to access key slots init flag 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 17:56:28 +01:00
Dave Rodgman 58c8b942d2 Eliminate redundant version of mbedtls_ct_memcmp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 17:51:04 +01:00
Dave Rodgman 6a9fb932fb Use MBEDTLS_GET_UINT16_BE in mbedtls_ecp_tls_read_group_id 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-16 17:50:36 +01:00
Agathiyan Bragadeesh 285f85f962 Remove unnecessary const type qualifiers in casts 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-16 17:15:48 +01:00
Antonio de Angelis f1adc2a7a1 Use asm instead of __asm in constant_time.c 
The original IAR fix submitted to TF-M directly changed asm to __asm.
But mbed TLS now has a workaround for such cases hence just remove the
original change modification.

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-16 12:48:48 +01:00
Antonio de Angelis 1ee4d1228c Fix error strings without quotes 
Some of the error strings that should be printed with the
error preprocessor directive are missing quotes

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-16 12:48:33 +01:00
TTornblom e4f6d79bbe BUILD: Update For IAR support 
Applied the same change as in mbed-crypto for using this as a sub
project with the IAR toolchain. Use __asm generic ,and avoid empty
enum. Avoid declaration of array with null size. This is a porting
of the original patch contributed to trusted-firmware-m.

Signed-off-by: TTornblom <thomas.tornblom@iar.com>
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-16 12:36:21 +01:00
Jerry Yu 516cf27d45 fix msvc build fail on i386 target 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 17:33:32 +08:00
Gilles Peskine a4c01dd6e9
Merge pull request #7991 from sarveshb14/fix/psa_rsa_signature_using_large_stack 
rsa_signature: Use heap memory to allocate DER encoded RSA private key
 2023-08-16 09:23:29 +00:00
Jerry Yu 3ce0398d1d Add compiler cflags error message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 17:22:18 +08:00
Gilles Peskine d370f93898
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn 
OPC UA - add support for RFC822 and DirectoryName SubjectAltNames when generating CSR's
 2023-08-16 09:19:46 +00:00
Jerry Yu c628486cd9 enable runtime detection when padlock enabled and plain c disabled 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 16:14:02 +08:00
Jerry Yu cc068ae631 fix -Werror=return-type when runtime detection enabled and plain c disabled 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 16:14:01 +08:00
Jerry Yu e62ff09569 Restore aesni for i386 
intrinsic code can be work on i386 also

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 14:33:16 +08:00
David Horstmann ba44e918b8 Remove unnecessary include from constant_time.c 
This was added in order to use TEST_CF_XYZ macros which have since been
removed.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-15 15:17:22 +01:00
Dave Rodgman e3330f86d2 Make naming more consistent 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-14 15:26:28 +01:00
Dave Rodgman 0b7bf876e4 Fix compile fail for empty enum in cipher_wrap 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-14 14:25:29 +01:00
Dave Rodgman 2f4e6e748c
Merge pull request #8066 from paul-elliott-arm/aes_memcpy_iv_fix 
Fix potential corruption of IV for AES CBC with zero length
 2023-08-14 09:32:45 +01:00
Paul Elliott 2a12fc20f2 Fix logical dead code found by Coverity 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-08-11 17:45:20 +01:00
Paul Elliott 2ad93674dc Fix potential corruption of IV for AES CBC 
If passed a zero length, AES CBC could potentially corrupt the passed
in IV by memcpying it over itself. Although this might be ok with
more recent compilers, its not for every compiler we support. Found
by coverity.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-08-11 17:04:06 +01:00
Paul Elliott ecb95bea1d Fix incorrect size used for zeroization of buffer 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-08-11 16:41:04 +01:00
Chien Wong 2e3858f5eb
Undo a change 
Signed-off-by: Chien Wong <m@xv97.com>
 2023-08-11 18:16:06 +08:00
Yanray Wang c84086e55c pkwrite.c: save stack usage for pk_write_key_pem 
mbedtls_pk_write_key_pem would allocate 5679 bytes in writing a DER
encoded RSA private key. To save stack usage significantly, we use
heap memory instead.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-11 16:30:37 +08:00
Yanray Wang 45ad306fbf pkwrite.c: save stack usage for pk_write_pubkey_pem 
mbedtls_pk_write_pubkey_pem would allocate 2086 bytes in writing a DER
encoded RSA public key. To save stack usage significantly, we use
heap memory instead.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-08-11 16:30:29 +08:00
Dave Rodgman 42391b4378 Perf improvement in memcpy_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-11 08:47:38 +01:00
Dave Rodgman 246210e3c4 Test CT asm under valgrind 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-11 08:47:38 +01:00
Dave Rodgman 822c9c7d4e Fix unified asm syntax issue 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-11 08:47:38 +01:00
Dave Rodgman ef2527901e Add aarch32 const-time asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-11 08:47:38 +01:00
Dave Rodgman c9ed5dee69 Add aarch64 const-time asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-11 08:47:38 +01:00
Valerio Setti 711f853b48 ssl_tls13: fix guard for FFDH function 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-11 06:33:52 +02:00
Jerry Yu 240bb11171 Add gnu check for aseni assembly code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-11 10:45:35 +08:00
Manuel Pégourié-Gonnard 54da1a69a2
Merge pull request #7578 from daverodgman/safer-ct5 
Improve constant-time interface
 2023-08-10 16:57:39 +00:00
Gilles Peskine e6cb45e68e mbedtls_mpi_exp_mod: remove spurious copy of the output variable 
Clear some confusion between `X` as the output variable and "X" as a name
given to the accumulator. Previous iterations of the code used the variable
`X` as the accumulator, but now that the accumulator is `W[x_index]`, some
of the comments didn't make sense.

Remove the copy of the initial value of `X` into `W[x_index]`, which was
meaningless: the initial value of an output variable should not, and did
not, matter. `W[x_index]` is later overridden unconditionally to take the
value `RR`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-10 15:59:28 +02:00
Dave Rodgman 48fb8a3448 Fix some renames that were missed 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 14:01:51 +01:00
Dave Rodgman b364a22adf
Fix mbedtls_ct_size_if_else_0 docs 
Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:25:25 +01:00
Dave Rodgman 38b227c16b Improve docs 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:18:27 +01:00
Dave Rodgman ac69b45486 Document and test mbedtls_ct_size_if_else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:18:13 +01:00
Dave Rodgman 065f912465 Fix comment typo 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:11:58 +01:00
Dave Rodgman 98ddc01a7c Rename ...if0 to ...else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:11:31 +01:00
Dave Rodgman b7825ceb3e Rename uint->bool operators to reflect input types 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 11:58:18 +01:00
Gilles Peskine b2bc1712a5 Reduce the size of the small primes table used by primality testing 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-10 12:16:02 +02:00
Manuel Pégourié-Gonnard 6beec7ca5e
Merge pull request #7989 from valeriosetti/issue7754 
driver-only ECC: BN.PK testing
 2023-08-10 09:43:56 +00:00
Manuel Pégourié-Gonnard d170419eab
Merge pull request #7999 from valeriosetti/issue7759 
Driver-only ECC: TLS: rm uses of mbedtls_debug_print_mpi
 2023-08-10 08:34:57 +00:00
Manuel Pégourié-Gonnard 91c8372c01
Merge pull request #6999 from ivq/ecp_doc 
Doc: Add note on special use of A in ecp group structure
 2023-08-10 08:24:05 +00:00
Dave Rodgman e5fbd93eaf
Merge pull request #8049 from daverodgman/bignum_codesize_misc 
Bignum codesize misc
 2023-08-10 10:58:13 +01:00
Jerry Yu 8189f32945 improve aesni check for x86_64 
`MBEDTLS_AESNI_C` does not depends on `MBEDTLS_HAVE_ASM`
when intrinsic is available.

And compiler relative checks only work on x86_64, it should
be only checked on x86_64.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-10 15:17:45 +08:00
Valerio Setti e1d7c9dabd pkwrite: fix internal buffer size in pk_write_ec_pubkey() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 07:40:18 +02:00
Jerry Yu 13696bb07b improve check config option for i386 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-10 13:36:32 +08:00
Jerry Yu ba42b076f9 Remove asm check for aarch64 aesce 
we implement it with aesce intrinsic. No asm needed.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-10 12:53:26 +08:00
Valerio Setti a7c9e09dd0 pkwrite: add new internal symbol to properly size DER buffer 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 06:43:23 +02:00
Valerio Setti 97b28f81d8 pkparse: remove unnecessary header 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 06:43:23 +02:00
Manuel Pégourié-Gonnard 7dccb66d49 test: disable RSA support on the test ecc_no_bignum component 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 06:43:23 +02:00
Valerio Setti ca4c15dd25 debug: remove redundant variable assignments 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 06:41:31 +02:00
Dave Rodgman 960eca997d code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-09 20:43:18 +01:00
Dave Rodgman 4883f109a0 Reduce code size for exp_mod_get_window_size 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-09 20:42:54 +01:00
Dave Rodgman ebcd78561c Remove redundant code in mbedtls_mpi_cmp_abs 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-09 18:57:22 +01:00
Dave Rodgman fa703e38a2 Use __builtin_ctz to count trailing zeros 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-09 18:56:07 +01:00
Dave Rodgman f3df105b37 Generate smaller code for picking a sign value 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-09 18:55:41 +01:00
Paul Elliott 2f12a29cdd
Merge pull request #7896 from AgathiyanB/gitignore-generated-files-toggle 
Add script to toggle ignoring generated files
 2023-08-09 14:54:32 +00:00
Janos Follath 115784bd3f
Merge pull request #1040 from waleed-elmelegy-arm/development-restricted 
Improve & test legacy mbedtls_pkcs5_pbe2
 2023-08-09 09:43:23 +01:00
Jerry Yu c4508c07f6 improve error message and config check for padlock 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-08 12:57:06 +08:00
Gilles Peskine 444d1e7608
Merge pull request #8036 from tom-cosgrove-arm/fix-rijndael-and-drbg-pdf-links 
Update links to Rijndael paper and NIST SP 800-90 DRBGs
 2023-08-07 19:15:58 +00:00
Gilles Peskine a79256472c
Merge pull request #7788 from marekjansta/fix-x509-ec-algorithm-identifier 
Fixed x509 certificate generation to conform to RFCs when using ECC key
 2023-08-07 19:14:54 +00:00
Chien Wong 153ae464db
Improve doc on special use of A in ecp group structure 
Signed-off-by: Chien Wong <m@xv97.com>
 2023-08-07 23:02:31 +08:00
Dave Rodgman c98f8d996a
Merge branch 'development' into safer-ct5 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-07 11:47:35 +01:00
Jerry Yu 5fcdd6a28a remove unnecessary definition 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-07 15:32:58 +08:00
Tom Cosgrove ce37c5e1ce Update links to Rijndael paper and NIST SP 800-90 DRBGs 
The link to the DRBG paper points to the March 2007 version, the same as the
original link (rather than the latest version).

The amended Rijndael paper has a two-page "Note on naming" prefix.

Fixes #7193

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-08-04 13:55:03 +01:00
Jerry Yu 9c0b7d13bf Remove unnecessary name check tag 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-04 17:25:59 +08:00
Jerry Yu fce351def8 improve platform relative check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-04 17:13:36 +08:00
Jerry Yu b241db3e26 remove padlock only mode 
padlock depends on pure c implementation

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-04 16:56:04 +08:00
Jerry Yu 29c91ba42d fix unreachable code warnings 
It is detected by clang with bellow patch
```
diff --git a/library/Makefile b/library/Makefile
index fdab4f4ba0..967f9e2e65 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -306,8 +306,8 @@ libmbedcrypto.dll: $(OBJS_CRYPTO)

 .c.o:
        echo "  CC    $<"
-       $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
-
+       $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $(@:%.o=%.i) -E $<
+       $(CC) $(LOCAL_CFLAGS) -Wunreachable-code -Werror -Wno-unused-command-line-argument $(CFLAGS) -o $@ -c $(@:%.o=%.i)
 .PHONY: generated_files
 GENERATED_FILES = \
        error.c version_features.c \
```

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-04 16:29:06 +08:00
Janos Follath 73568397a5
Merge pull request #8020 from yanesca/de-duplicate_ecp 
De duplicate the ECP module
 2023-08-04 08:27:09 +00:00
Dave Rodgman 003a5e1ca7
Merge pull request #1046 from Mbed-TLS/merge_3.4.1 
Merge 3.4.1
 2023-08-03 18:23:37 +01:00
Dave Rodgman a0fc9987da Merge branch 'development' into merge_3.4.1 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-03 15:56:59 +01:00
Dave Rodgman 6f80ac4979
Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size 
Enforce minimum key size when generating RSA key size
 2023-08-03 12:57:52 +00:00
Dave Rodgman 1d4d944e19
Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free 
Provide and use internal function mbedtls_zeroize_and_free()
 2023-08-03 12:56:21 +00:00
Valerio Setti e9646ecd08 tls: fix guards for ECDSA support 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-03 09:15:28 +02:00
Gilles Peskine ce64156f6d
Merge pull request #8021 from daverodgman/master-update 
Sync development with accidental merge directly onto master
 2023-08-02 13:30:35 +00:00
Janos Follath d8cb3d7fa4 De-duplicate ecp.c 
We duplicated ecp.c in the anticipation of heavy refactoring there. This
work has been suspended and the duplication is not useful anymore but
imposes an overhead.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-02 12:33:01 +01:00
Gilles Peskine 550d147078 Bump version to 3.4.1 
```
./scripts/bump_version.sh --version 3.4.1
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-02 12:50:23 +02:00
Gilles Peskine 267bee9be8
Merge pull request #7903 from valeriosetti/issue7773 
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/DH
 2023-08-02 10:16:44 +00:00
Dave Rodgman 7f17bd09cc Merge remote-tracking branch 'origin/master' into master-update 2023-08-02 10:57:07 +01:00
Jerry Yu 6943681820 Improve error message and documents 
- fix grammar error
- Add more information for AES_USE_HARDWARE_ONLY
- Improve error message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:03 +08:00
Jerry Yu 02b1519ab6 move accelerator checks to aes.c 
Origin position is always validate due to conflict
between the guards in `aes.c` and module undef check

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:02 +08:00
Jerry Yu d76ded046c fix various issues 
- unnecessary command
- extra blank and empty line

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:01 +08:00
Jerry Yu 3660623e59 Rename plain c option and update comments 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:01 +08:00
Jerry Yu 8840a8c574 fix wrong checks 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:00 +08:00
Jerry Yu 3fcf2b5053 Rename HAS_NO_PLAIN_C to DONT_USE_SOFTWARE_CRYPTO 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:44:00 +08:00
Jerry Yu 4d030f3acd Add check for no aes implementation provided 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:43:59 +08:00
Jerry Yu 315fd30201 Rename plain c disable option 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:43:59 +08:00
Jerry Yu 2f26a59910 Add std output information for AESCE in gcm 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:43:58 +08:00
Jerry Yu 0d4f4e5b01 Add option to disable built-in aes implementation. 
For time being, there are only two aes implementations for known
architectures. I define runtime detection function as const when
built-in was disabled. In this case, compiler will remove dead
built-in code.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-02 17:43:54 +08:00
Janos Follath b388ed737d Fix missing check in mbedtls_ecp_read_key 
In ecp_new.c mbedtls_ecp_read_key did only check Weierstrass keys. The
behaviour in ecp.c was correct.

This bug has no immediate security impact. (The code with the missing
check wasn't released and we are checking keys at later point.)

After this change ecp.c and ecp_new.c will have a single remaining
difference and unifying them will be more straightforward.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-02 10:32:27 +01:00
Janos Follath c25567af23 Move variant test to ecp_curves 
We would like to de-duplicate ecp.c, but ecp_curves.c remains duplicated
and we still want to test for the active variant.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-02 10:32:21 +01:00
Bence Szépkúti 9661f8ab0d
Merge pull request #7968 from gowthamsk-arm/use_earliest_latest_compilers 
Use earliest latest compilers
 2023-08-02 05:58:02 +00:00
Valerio Setti 45d56f3d25 tls: replace ECDSA_C and PK_CAN_ECDSA_SOME with key exchange related ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-01 19:02:38 +02:00
Chien Wong e2caf4161b
Fix a few unchecked value issue 
Signed-off-by: Chien Wong <m@xv97.com>
 2023-08-01 22:41:17 +08:00
Dave Rodgman 205295c576 Tidy-up: move GCC warning fix to constant_time_impl.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-01 14:10:56 +01:00
Gilles Peskine d55e451b3e
Merge pull request #7997 from yanesca/fix_new_bignum_tests 
Fix new bignum tests
 2023-08-01 12:09:39 +00:00
Dave Rodgman 1f39f037bf Improve variable name in mbedtls_mpi_lt_mpi_ct 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-01 09:19:16 +01:00
Tom Cosgrove 52f7e18042 Use mbedtls_zeroize_and_free() in psa_remove_key_data_from_memory() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-08-01 09:08:48 +01:00
Manuel Pégourié-Gonnard de8f56e936
Merge pull request #7884 from valeriosetti/issue7612 
TLS: Clean up (EC)DH dependencies
 2023-08-01 07:13:36 +00:00
Dave Rodgman 3d574da6fc Revert to not enabling asm under Memsan 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 17:22:58 +01:00
Dave Rodgman 378280e57f Revert "Move constant_flow.h into the main library" 
This reverts commit fd78c34e23.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 17:22:55 +01:00
Dave Rodgman 3d1bb9be06 Revert "Fix doxygen error" 
This reverts commit d175d52433.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 17:22:49 +01:00
Dave Rodgman d175d52433 Fix doxygen error 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 14:03:08 +01:00
Dave Rodgman fd78c34e23 Move constant_flow.h into the main library 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:48:33 +01:00
Dave Rodgman 1714a9b0eb Revert to old design for mbedtls_ct_memmove_left 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:48:33 +01:00
Dave Rodgman 9ee0e1f6fe Remove GCC redundant-decls workaround for mbedtls_ct_memcmp 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:43:23 +01:00
Dave Rodgman 0172de8b3d Fix docs grammar 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:43:23 +01:00
Dave Rodgman 741d423ef8 Clarify docs for mbedtls_ct_memcpy_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:43:23 +01:00
Dave Rodgman 93cec45af3 Improve docs for mbedtls_ct_compiler_opaque 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:43:23 +01:00
Dave Rodgman 32d726033b Improve comments in mbedtls_mpi_lt_mpi_ct 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:43:23 +01:00
Dave Rodgman 07f853713d Clarify comments in mbedtls_ct_memcpy_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:27:49 +01:00
Dave Rodgman fb1b851797 Improve docs for mbedtls_mpi_core_cond_assign 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-31 12:27:05 +01:00
Janos Follath 2f04582d37 Move MBEDTLS_ECP_WITH_MPI_UINT to mbedtls_config.h 
There is a precedent for having bigger and less mature options in
mbedtls_config.h (MBEDTLS_USE_PSA_CRYPTO) for an extended period.
Having this option in mbedtls_config.h is simpler and more robust.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-07-31 10:57:16 +01:00
Janos Follath 82823b2fe8 Fix new bignum tests 
These tests weren't working, because they use CMake and can't pass
options with CFLAGS directly. This could be mitigated by adding a CMake
option, but using config.py is less invasive and it is what we normally
use for setting build options anyway.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-07-31 10:01:47 +01:00
Xiaokang Qian 59159abcce Fix fast quasi-reduction modulo value of p192K1 in comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian 796500e751 Fix the type cast(size_t to unsigned short) warning 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian b903f4ecb6 Free P and N of the group cause they are dynamic allocated 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian 02a3e0318f Declare mbedtls_ecp_fix_negative() always static to fix check_name failures 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian a8d30ac7e5 Use new ECP_LIGHT symbol in ecp_curves.c 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian be4d6b62ab Fix use of sizeof without brackets in ecp_curves.c 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Xiaokang Qian 748a362fd0 Revert ecp_curves.c to commit 449bd83 to save code size 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-07-31 06:46:28 +00:00
Dave Rodgman 2d28c46055 Fix asm Memsan workaround 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-28 18:24:22 +01:00
Dave Rodgman 983448ea62 fix check for no-longer-used macro 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-28 17:30:52 +01:00
Dave Rodgman d684d7342b code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-28 16:39:38 +01:00
Dave Rodgman 08691679b5 Enable testing of asm under Memsan 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-28 16:39:38 +01:00
Dave Rodgman fa5a4bbb02 Improve mbedtls_ct_memmove_left w.r.t. const-flow tests 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-28 16:13:52 +01:00
Valerio Setti c1319f4a26 debug: improve debug_print_psa_ec() as not to depend on bignum 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-28 13:44:51 +02:00
Valerio Setti 797e396fd9 debug: use proper guard for PK_DEBUG_MPI items 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-28 13:44:26 +02:00
Manuel Pégourié-Gonnard 43cef57e51
Merge pull request #7811 from mpg/md-info 
Optimize strings in MD
 2023-07-28 08:34:09 +00:00
Kusumit Ghoderao f3e696dc1b Add ifdef for hmac and cmac set password 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-28 13:30:50 +05:30
Kusumit Ghoderao 5f3345ae44 Add issue link instead of issue number 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-27 21:21:38 +05:30
Kusumit Ghoderao 0bca4c5fc4 Add ifdef for hmac and cmac specific functions 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-27 21:20:14 +05:30
Kusumit Ghoderao a12e2d53bd Replace AES_CMAC_128_PRF_OUTPUT_SIZE with PSA_MAC_LENGTH() 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-27 21:18:30 +05:30
Kusumit Ghoderao 9ab03c3d72 Define PSA_ALG_IS_PBKDF2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-27 21:14:05 +05:30
Kusumit Ghoderao 2addf35855 Replace MBEDTLS_PSA_BUILTIN_PBKDF2_XXX with PSA_HAVE_SOFT_PBKDF2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-27 21:11:09 +05:30
Waleed Elmelegy d7bdbbeb0a Improve naming of mimimum RSA key size generation configurations 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-27 14:50:09 +00:00
Dave Rodgman f2e3eb8bd9 Add OID for HMAC-RIPEMD160 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-27 15:46:05 +01:00
Dave Rodgman 5cc67a3ee2 Add OIDs for HMAC-SHA3 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-27 14:44:35 +01:00
Dave Rodgman a2cdc840de Fix pre-existing missing closing #endif comment 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-27 14:44:13 +01:00
Waleed Elmelegy ab5707185a Add a minimum rsa key size config to psa config 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-27 11:00:03 +00:00
Waleed Elmelegy 76336c3e4d Enforce minimum key size when generating RSA key size 
Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-27 10:58:25 +00:00
Sarvesh Bodakhe 430a4f3968 rsa_signature: Use heap memory to allocate DER encoded RSA private key 
'mbedtls_pk_psa_rsa_sign_ext' function allocates a buffer of maximum
size 5679 bytes (MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES) on the stack to store
DER encoded private key. This increased stack usage significantly for
RSA signature operations when MBEDTLS_PSA_CRYPTO_C is defined.

This issue was discovered when adding support for EAP-TLS 1.3 (rfc9190).

Signed-off-by: Sarvesh Bodakhe <sarvesh.bodakhe@espressif.com>
 2023-07-27 14:51:25 +05:30
Valerio Setti a55f042636 psa: replace DH_KEY_PAIR_LEGACY with new symbols 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-27 09:15:34 +02:00
Gowtham Suresh Kumar 186731b22a Fix warnings from clang-16 
Running clang-16 on mbedtls reports warnings of type "-Wstrict-prototypes".
This patch fixes these warnings by adding void to functions with no
arguments. The generate_test_code.py is modified to insert void into test
functions with no arguments in *.function files.

Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
 2023-07-26 17:11:51 +01:00
Janos Follath b52f9cf5eb
Merge pull request #7758 from xkqian/bignum_clone_ecp_curves 
[Bignum] Bignum clone ecp curves
 2023-07-26 13:33:56 +01:00
Gilles Peskine bb07377458
Merge pull request #7935 from AgathiyanB/add-enum-casts 
Add type casts for integer and enum types
 2023-07-26 11:27:27 +02:00
Paul Elliott f1c032adba
Merge pull request #7902 from valeriosetti/issue7772 
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/RSA
 2023-07-25 17:13:43 +01:00
Tom Cosgrove bc345e8685 Protect macro parameter expansion with parentheses 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-07-25 15:17:39 +01:00
Tom Cosgrove 350226f636 Use a macro for mbedtls_mpi_zeroize_and_free() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-07-25 15:10:14 +01:00
Valerio Setti fe478909f0 psa_crypto_rsa: fix guards for importing the key 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-25 12:27:19 +02:00
Valerio Setti 46520ea52d tls12: check buffer size before memcpy-ing data into it 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-25 11:41:28 +02:00