mbedtls

mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00

Author	SHA1	Message	Date
Dave Rodgman	2894d007d3	Strengthen fall-back for mbedtls_ct_compiler_opaque Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-08 18:07:39 +01:00
Dave Rodgman	6d4933e54d	Replace use of MBEDTLS_SHA3_C with MBEDTLS_MD_CAN_SHA3_xxx Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-08 16:03:54 +01:00
Kusumit Ghoderao	d9ec1afd13	Fix failing Ci Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-06-08 20:19:51 +05:30
Gilles Peskine	e5e8ba654e	Merge pull request #7666 from mprse/ip_info OPC UA: parsing IP's in SubjectAltNames & printing info	2023-06-08 15:23:21 +02:00
Gilles Peskine	95b43a04a9	Merge pull request #7651 from daverodgman/fix-armclang-compile-fail Fix armclang compile fail	2023-06-08 14:36:18 +02:00
Kusumit Ghoderao	109ee3de36	Use size of buffer for mac_size Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-06-08 16:36:45 +05:30
Kusumit Ghoderao	b821a5fd67	Use multipart mac operation for adding salt and counter Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-06-08 16:35:55 +05:30
Manuel Pégourié-Gonnard	001cbc98bc	Make MD<->PSA translation static inline Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-08 12:10:03 +02:00
Manuel Pégourié-Gonnard	44176b00ad	Remove guarantee about converting NONE Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-08 12:10:02 +02:00
Manuel Pégourié-Gonnard	1f6d2e352d	Simplify implementation of MD<->PSA translation Also, add tests and comments due from previous commits. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-08 12:09:20 +02:00
Xiaokang Qian	fcdd0477b3	Replace loop zeroise with memset Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-06-08 10:03:53 +00:00
Manuel Pégourié-Gonnard	47bb380f6d	Fix missing call to mbedtls_ssl_md_alg_from_hash() I looked around and think this one the only place where a conversion was missing. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-08 11:50:49 +02:00
Janos Follath	035e5fc885	Add comments to 448 optimised reduction Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-06-08 09:44:30 +00:00
Dave Rodgman	ff45d44c02	Replace MBEDTLS_MD_CAN_SHA3 with MBEDTLS_MD_CAN_SHA3_xxx Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-08 10:11:34 +01:00
Manuel Pégourié-Gonnard	eb5920421c	Fix error status for PSA RSA-OAEP unknown hash Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-08 10:53:55 +02:00
Manuel Pégourié-Gonnard	70aa2a110e	Change contract of MD<->PSA conversion This is preparation work for simplifying the implementation of those functions. Done first in order to get the CI's opinion on it. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-08 10:53:54 +02:00
Dave Rodgman	2c91f4b8b2	Fix for big-endian architectures Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 19:59:05 +01:00
Dave Rodgman	2f0f998ec4	Unify ABSORB and ABSORB8 to fix compile error Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 19:12:04 +01:00
Dave Rodgman	b61cd1042a	Correct minor merge mistakes Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 18:14:45 +01:00
Dave Rodgman	05d71ffe5b	Merge remote-tracking branch 'origin/development' into sha3-updated	2023-06-07 18:02:04 +01:00
Dave Rodgman	f213d0a7b0	Tidy-up Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 17:09:47 +01:00
Dave Rodgman	1b42763516	Remove NULL checks Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 17:09:02 +01:00
Dave Rodgman	cf4d2bdc09	Spell as SHA-3 not SHA3 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 17:08:09 +01:00
Dave Rodgman	9d7fa93e6c	move mbedtls_sha3_family_functions out of public interface Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 16:50:15 +01:00
Dave Rodgman	1789d84282	remove not-needed fields from SHA-3 context Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 16:50:15 +01:00
Dave Rodgman	bcfd79c699	Consume input in 8-byte chunks Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 16:50:15 +01:00
Dave Rodgman	2070c2074e	Avoid possible NEON alignment issue Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 16:38:26 +01:00
Dave Rodgman	9d1635e742	Revert not-useful changes to AES-CBC decrypt Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-07 16:38:26 +01:00
Dave Rodgman	f1e396c427	improve cbc encrypt perf Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-07 16:38:26 +01:00
Dave Rodgman	3f47b3f7a3	Extend NEON use to 32-bit Arm Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 16:38:26 +01:00
Andrzej Kurek	c40a1b552c	Remove references to x509_invasive.h Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-07 08:54:34 -04:00
Andrzej Kurek	cd17ecfe85	Use better IP parsing in x509 programs Remove unnecessary duplicated code. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-07 08:50:05 -04:00
Gilles Peskine	13230a4ad3	Merge pull request #7349 from mpg/rm-hash-info Remove `hash_info` module	2023-06-06 21:05:13 +02:00
Gilles Peskine	d598eaf212	Merge pull request #7106 from davidhorstmann-arm/parse-oid-from-string Parse an OID from a string	2023-06-06 20:57:17 +02:00
Przemek Stekiel	ff9fcbcace	ssl_client2, ssl_server2: code optimization + guards adaptation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:53:40 +02:00
Przemek Stekiel	a4700fa69d	mbedtls_psa_ffdh_export_public_key: allow bigger output buffer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	da4fba64b8	Further code optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	152bb4632b	Adapt function names Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	29c219c285	Combine mbedtls_ssl_tls13_generate_and_write_ecdh/ffdh_key_exchange functions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	316c19ef93	Adapt guards, dependencies + optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com> Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	e7db09bede	Move FFDH helper functions and macros to more suitable locations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Przemek Stekiel	63706628d0	Adapt guards for FFDH Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Przemek Stekiel	947ff56c45	Replace deprecated functions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Przemek Stekiel	24e50d3dbd	Compile out length check to silent the compiler warning Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Przemek Stekiel	c89f3ea9f2	Add support for FFDH in TLS 1.3 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Przemek Stekiel	cceb933e30	Add FFDH definitions and translation functions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com> Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:07 +02:00
Przemek Stekiel	060012c5fd	ssl_write_supported_groups_ext(): add support for ffdh keys Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:07 +02:00
Przemek Stekiel	383f471bf4	Add the DHE groups to the default list of supported groups Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:07 +02:00
Przemek Stekiel	4d3fc216fc	Use safe snprintf Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 11:44:25 +02:00
Przemek Stekiel	01cb6eb251	Fix parsing of SAN IP (use mbedtls_snprintf, validate buffer length) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 11:44:25 +02:00
Przemek Stekiel	093c97d492	Add separate case for ip address Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 11:44:25 +02:00
Przemek Stekiel	0ab5b93922	Add support for parsing SAN IP address Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 11:44:25 +02:00
Kusumit Ghoderao	f6a0d57e4d	Add pbkdf2 function to key_derivation_output_bytes Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-06-06 15:05:41 +05:30
Kusumit Ghoderao	a4346cdc50	Add pbkdf2_generate_block function Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-06-06 15:05:39 +05:30
Manuel Pégourié-Gonnard	cf61a74209	Add static check for macros that should be in sync Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	28f504e892	Use PSA-neutral function for availability check We just want to check if this hash is available, and the check is present in builds both with PSA and without it. The function we were using is only present in builds with PSA, so it wasn't appropriate. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	725d2e24aa	Fix guard for PSA->MD error conversion Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	b3b54abf8a	Fix duplicated definition of a function Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	3761e9e8fd	Use function instead of macro for error conversion tests/scripts/all.sh build_arm_none_eabi_gcc_m0plus \| grep TOTALS Before: 323003 After: 322883 Saved: 120 bytes Not huge, but still nice to have. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	02b10d8266	Add missing include Fix build failures with config full Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	ddbf61a938	Use general framework for PSA status conversion Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	1f2a587cdf	Use actual function instead of static inline Large static inline functions used from several translation units in the library are bad for code size as we end up with multiple copies. Use the actual function instead. There's already a comment that says so. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	6076f4124a	Remove hash_info.[ch] Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	2d6d993662	Use MD<->PSA functions from MD light As usual, just a search-and-replace plus: 1. Removing things from hash_info.[ch] 2. Adding new auto-enable MD_LIGHT in build-info.h 3. Including md_psa.h where needed Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	36fb12e7dd	Add MD <-> PSA translation functions to MD light Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	1b180bec40	Remove unused function Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	8857984b2f	Replace hash_info macro with MD macro Now the MD macro also accounts for PSA-only hashes. Just a search-and-replace, plus manually removing the definition in hash_info.h. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	9b41eb8533	Replace hash_info_get_type with MD function Mostly a search and replace with just two manual changes: 1. Now PK and TLS need MD light, so auto-enable it. 2. Remove the old function in hash_info.[ch] Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Gilles Peskine	5c3d6e277c	Merge pull request #7575 from AndrzejKurek/URI-SAN-verification Add partial support for URI SubjectAltNames verification	2023-06-05 16:46:47 +02:00
Gilles Peskine	b21f32eba6	Merge pull request #6257 from Laserdance100/development Change macros in mps_common.h	2023-06-05 15:51:59 +02:00
Gilles Peskine	b47fb4cdd8	Merge pull request #7676 from valeriosetti/issue7485 PK: add support for check_pair() with "opaque" EC keys	2023-06-05 15:51:03 +02:00
Gilles Peskine	763c19afcb	Merge pull request #7639 from Taowyoo/yx/fix-time-tls13-client-server Fix: correct calling to time function in tls13 client&server	2023-06-05 15:50:32 +02:00
Gilles Peskine	975d9c0faf	Merge pull request #7530 from AndrzejKurek/misc-subjectaltname-fixes Miscellaneous fixes for SubjectAltName code / docs	2023-06-05 15:38:53 +02:00
Gilles Peskine	84b547b5ee	Merge pull request #7400 from AndrzejKurek/cert-write-sans Add a possibility to generate certificates with a Subject Alternative Name	2023-06-05 15:38:38 +02:00
Valerio Setti	ede0c4676e	pk_internal: minor rearrangement in mbedtls_pk_get_group_id() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-05 11:08:28 +02:00
valerio	8cbef4d55e	pk: allow key pair checking for opaque keys Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-05 11:05:40 +02:00
valerio	eab9a85f4c	pk_wrap: add support for key pair check for EC opaque keys Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-05 11:05:40 +02:00
Manuel Pégourié-Gonnard	f37b94b5bf	Merge pull request #7533 from valeriosetti/issue7484 PK: add support for private key writing with "opaque" EC keys	2023-06-05 10:53:53 +02:00
Dave Rodgman	9a676a7f98	Comment tidy-up Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-04 20:43:05 -04:00
Dave Rodgman	b6e06549f5	Rename MULADDC_PRESERVE_R1 etc to MULADDC_PRESERVE_SCRATCH etc Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-04 20:42:17 -04:00
Dave Rodgman	f89e3c5fbd	Improve docs & check for non-gcc compilers Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-04 20:41:52 -04:00
Dave Rodgman	e0bd2c2375	Merge branch 'development' into development Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-04 14:57:19 -04:00
Dave Rodgman	6df1e54c1d	Do not use assembly on Thumb 1 / clang Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-02 13:51:31 -04:00
David Horstmann	62e7fae109	Fix bug in calculation of maximum possible bytes Each DER-encoded OID byte can only store 7 bits of actual data, so take account of that. Calculate the number of bytes required as: number_of_bytes = ceil(subidentifier_size * 8 / 7) Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-02 15:51:28 +01:00
David Horstmann	02127ab022	Allow subidentifiers of size UINT_MAX Make overflow check more accurate and add testcases Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-02 15:51:17 +01:00
Andrzej Kurek	e773978e68	Remove unnecessary addition to buffer size estimation Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-02 09:42:44 -04:00
Tom Cosgrove	9dc219ff9b	Merge pull request #7668 from tom-daubney-arm/code_size_md_light Remove certain null pointer checks when only MD_LIGHT enabled	2023-06-02 13:09:00 +01:00
Andrzej Kurek	7c86974d6d	Fix overflow checks in x509write_crt Previous ones could still overflow. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-02 05:02:41 -04:00
Andrzej Kurek	154a605ae8	Change the name of the temporary san variable Explain why it is used. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-01 18:20:26 +01:00
Paul Elliott	805a0a2d06	Merge pull request #7591 from minosgalanakis/ecp/6028_xtract_fast_reduction_curve25519 [Bignum] Implement fast reduction curve25519	2023-06-01 17:43:35 +01:00
David Horstmann	45d5e2dc1a	Rename minimum_mem to resized_mem This new name is clearer about its purpose. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:10:33 +01:00
David Horstmann	5d074168f3	Rearrange declarations for readability Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:09:27 +01:00
David Horstmann	017139751a	Change behaviour away from NUL-terminated strings Instead, require the length of the string to be passed. This is more useful for our use-case, as it is likely we will parse OIDs from the middle of strings. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:04:20 +01:00
Thomas Daubney	73cfde8f85	Remove certain null pointer checks when only MD_LIGHT enabled When MD_LIGHT is enabled but MD_C is not then certain null pointer checks can be removed on functions that take an mbedtls_md_context_t * as a parameter, since MD_LIGHT does not support these null pointers. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2023-06-01 13:05:28 +01:00
Paul Elliott	ee86100963	Add docs for mbedtls_ecp_mod_p448() Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-06-01 10:53:20 +01:00
valerio	f9139e55ce	pk: minor code fixes - removing duplicated code - uninitialized variable usage Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	c6e6fb320f	pk: fix guard position Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	e279e50a76	pk: optimized/reshape code for writing private key PEM Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	c0bac57ac9	pk: optimized/reshape code for writing private key DER Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	52b675ffc3	pk: extend pk_write_ec_private to support opaque keys Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	ba1fd32eda	pk: optimize/reshape public key writing Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:41 +02:00
valerio	9ea26173d6	pk: uniformmize public key writing functions Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:40 +02:00
valerio	b727314133	pk: add internal helpers for opaque keys Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:40 +02:00
valerio	a87601dc11	pk_internal: add support for opaque keys for getting EC curve ID Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:40 +02:00
Manuel Pégourié-Gonnard	0b68784053	Merge pull request #7577 from mprse/ffdh_drivers FFDH 3b: add driver testing (no TLS 1.3)	2023-06-01 10:26:08 +02:00
Manuel Pégourié-Gonnard	7b1136836c	Merge pull request #7438 from valeriosetti/issue7074 Avoid parse/unparse private ECC keys in PK with USE_PSA when !ECP_C	2023-06-01 10:06:45 +02:00
Gilles Peskine	a1b416670e	Merge pull request #7547 from silabs-Kusumit/PBKDF2_input_validation PBKDF2: Input Validation	2023-06-01 10:05:34 +02:00
David Horstmann	6883358c16	Hoist variable declarations to before goto This should appease IAR, which does not like declarations in the middle of goto sequences. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-05-31 17:27:28 +01:00
David Horstmann	25d65e8527	Refactor while loop for simplicity Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-05-31 14:53:07 +01:00
David Horstmann	ada7d72447	Improve line spacing after variable declarations Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-05-31 14:49:56 +01:00
Przemek Stekiel	28111dbf06	Adapt guards for psa_is_dh_key_size_valid Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-31 09:30:58 +02:00
Przemek Stekiel	33c91eb5d3	Add driver support for DH import key and export public key Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-30 15:19:14 +02:00
Przemek Stekiel	055ffed563	Revert "Handle simple copy import/export before driver dispatch" This reverts commit `c80e7506a0`. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-30 15:19:02 +02:00
Dave Rodgman	0fec4395ac	Move base64 test interfaces into base64_internal.h Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	1947088f91	Remove references to rsa.h and ssl_misc.h from constant_time.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	3b25c40f52	Fix RSA perf regression Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	3108645d67	Document and test that memcpy_if may have src == dest Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	2c76484005	Fix non-opaque use of mbedtls_ct_condition_t Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	585f7f776d	Whitespace etc Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	fe76af20aa	Improve use of compiler_opaque Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	8f5e5c18d8	Make memmove_left more efficient Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	2b4486a014	Rename mbedtls_ct_uint_if_new to mbedtls_ct_uint_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	2243137715	Remove old interface Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	199a2c5d39	Use new CT interface in mbedtls_ct_memcpy_offset Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	cf06acac32	Use new CT interface in mbedtls_mpi_safe_cond_swap Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	fd492ab1be	Use new CT interface in mbedtls_mpi_core_random Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	b59b73e2bc	Use new CT interface in mbedtls_mpi_core_add_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	8ac9a1df24	Use new CT interface in mbedtls_mpi_core_lt_ct Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	231a516682	Remove not-needed mbedtls_ct_mpi_uint_cond_assign Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	fd7fab4073	Update mbedtls_mpi_core_uint_le_mpi to new CT interface Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	ee54faf1cd	Update mpi_select to use new CT interface Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	1a7a5626ec	Update mbedtls_mpi_lt_mpi_ct to new interface Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	589ccb8aaa	Update mbedtls_mpi_safe_cond_(assign\|swap) part 2 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	cd2e38b906	Update mbedtls_mpi_safe_cond_(assign\|swap) to use new CT interface Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	a81373f80e	Use new CT interface in ssl_msg.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	7fe6e6fb2b	Add impl of mbedtls_ct_memcpy_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	293eedd3ad	Use new CT interface in ssl_tls12_server.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	9f9c3b8c33	Use new CT interface in rsa.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	15c142b58d	Use new interface in mbedtls_ct_memmove_left Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	6cee26db16	Remove old interface for mem_move_to_left Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	debf8679e0	Add impl of mbedtls_ct_zeroize_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	1c4eaa121f	Remove not-needed compiler_opaque in ct_if Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	74e18ebf77	Improve const-timeness of mbedtls_ct_bool_lt Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	40a41d0461	Introduce new CT interface (retain old interface) Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	7d4f019810	Move some bignum functions out of constant_time module Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	19e8cd06fe	Move mbedtls_ct_rsaes_pkcs1_v15_unpadding into rsa.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	0afe001871	Expose mbedtls_ct_size_gt and mbedtls_ct_mem_move_to_left in ct interface Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	2801f7fa8d	Move mbedtls_ct_hmac into ssl_msg.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	8c94e219f9	Evolve mbedtls_ct_uchar_in_range_if interface Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:48 +01:00
Dave Rodgman	0ee9683987	Move mbedtls_ct_base64_(enc\|dec)_char into base64.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-26 12:42:40 +01:00
Dave Rodgman	3964fe0f5e	Improve ISA detection Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 18:53:57 +01:00
Paul Elliott	edc97680d5	Fix output width of mbedtls_ecp_mod_p448() to 448 bits Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-05-25 17:37:58 +01:00
Paul Elliott	981d8b6fc7	Merge pull request #7566 from paul-elliott-arm/core_ecp_mod_p448 [Bignum] Convert ecp_mod_p448 over to using core functions	2023-05-25 17:11:57 +01:00
Dave Rodgman	12b14b2c97	Simplify ifdefs Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 13:02:13 +01:00
Dave Rodgman	b047bf64e2	Restrict use of r7 in Thumb 1 code Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 12:54:56 +01:00
Dave Rodgman	cee166e3f5	Don't use r7 in generic codepath Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 11:00:05 +01:00
Dave Rodgman	7d6ec95517	Revert to detecting __GNUCC__ instead of armclang Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 09:41:42 +01:00
Valerio Setti	449803abff	pkwrite: remove unnecessary code duplication Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-25 09:37:05 +02:00
Dave Rodgman	92e8a88390	Improve comments Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 08:10:33 +01:00
Dave Rodgman	5c5a6dece6	Give options clearer names Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 23:24:16 +01:00
Dave Rodgman	6adaca6062	Minor tidy-up Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 19:53:21 +01:00
Gilles Peskine	835be986e0	Merge pull request #7631 from tom-daubney-arm/remove_surplus_loop_condition_issue_7529 Remove extraneous check in for loop condition	2023-05-24 20:24:28 +02:00
Dave Rodgman	ffbb7c5edc	Tidy-up macros and fix guards around option B Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 18:28:46 +01:00
Dave Rodgman	1416cba81f	Gate all arm asm on Armv6 or better architecture Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 18:07:48 +01:00
Kusumit Ghoderao	91f99f52c4	Change output length parameter in pbkdf2_hmac_set_password Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 22:21:48 +05:30
Kusumit Ghoderao	d7a3f8065f	Restructure set salt function Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 22:19:47 +05:30
Paul Elliott	7050662a48	Correct comment header block Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-05-24 17:31:57 +01:00
Dave Rodgman	0ffc6f48fa	First draft at fixing the choice of asm Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 17:19:10 +01:00
Minos Galanakis	e72bf2da3d	ecp_curves: Adjusted the expected limb size for `ecp_mod_p255()`. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-24 15:13:42 +01:00
Valerio Setti	a541e0108b	pkparse: avoid creating extra copy of the private key Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-24 16:02:36 +02:00
Valerio Setti	d0405093d9	tls: use pk_get_group_id() instead of directly accessing PK's structure Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-24 16:02:32 +02:00
Valerio Setti	1194ffa82f	pk: minor code fixes/enhancements Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-24 14:00:26 +02:00
Valerio Setti	51aa52eba4	pk: fix key properties when importing private key Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-24 14:00:09 +02:00
Dave Rodgman	4489c8dcef	Disable bignum assembly for certain Arm M-class CPUs Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 12:06:48 +01:00
Kusumit Ghoderao	aac9a581f8	Fix code style and initialize status Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 14:19:17 +05:30
Dave Rodgman	2b22834357	Merge pull request #7644 from tom-daubney-arm/alignment_h_refactoring Refactor reading of multi-byte values using functions in alignment.h	2023-05-24 08:32:52 +01:00
Kusumit Ghoderao	bd6cefb3da	Add HMAC specific function for setting password Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 12:36:34 +05:30
Kusumit Ghoderao	b538bb7a02	Restructure pbkdf2_set_salt function Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 12:32:14 +05:30
Kusumit Ghoderao	e66a8ad8d6	Define PSA_VENDOR_PBKDF2_MAX_ITERATIONS Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 12:30:43 +05:30
Kusumit Ghoderao	52fe517a77	Change pbkdf2 password to array Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 12:28:46 +05:30
Thomas Daubney	f9f0ba8211	Use functions in alignment.h to get value Refactor code using get functions from alignment.h to read values. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2023-05-24 06:24:16 +01:00
Paul Elliott	3b6bf105d1	Fix missed renames from N to X Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-05-23 17:51:52 +01:00
Minos Galanakis	ec00b500b5	ecp_curves: Adjusted input checking for `ecp_mod_p255`. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 17:31:01 +01:00
Valerio Setti	9efa8c4d14	pk: fix eckey_check_pair_psa The problem was that the private key ID was destroyed even when MBEDTLS_PK_USE_PSA_EC_DATA was enabled and of course this was not correct. At the same time the code has been slighlty reorganized to make it more readable. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	972077820b	tls/x509: minor enhancement for using the new private key format Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	ae8c628edb	pk: improve sign, check_pair and wrap_as_opaque functions with new format Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	00e8dd15d2	pk: manage parse and write for the new format Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	b536126183	pk: manage allocate and free space when working with PSA private key Allocation does not need to perform any action since the priv_id field is already present on the pk_context. Free should destroy the key. Of course this is true only if the key is not opaque (because in that case it's the user responsibility to do so). Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	e0e6311b64	pk: change location of Montgomery helpers This is to have them available only where they are really required. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Valerio Setti	8a6225062a	pk: move PSA error translation macros to internal header Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Manuel Pégourié-Gonnard	9dc9204b77	Merge pull request #7554 from valeriosetti/issue7073-reshape Avoid parse/unparse public ECC keys in PK with USE_PSA when !ECP_C	2023-05-23 15:08:45 +02:00
Minos Galanakis	d6beda7af9	ecp_curves: Extended documentation for CURVE25519. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 09:57:09 +01:00
Minos Galanakis	47249fd9ec	ecp_curves: Added documentation for mbedtls_ecp_mod_p255_raw Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 09:57:09 +01:00
Minos Galanakis	31f0b452c7	ecp_curves: Reintroduced input checking for Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 09:57:09 +01:00
Minos Galanakis	65c386ee3d	ecp_curves: Switched to dynamic memory for Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 09:57:09 +01:00
Minos Galanakis	2daa374ea8	ecp_curves: Minor refactoring of `mbedtls_ecp_mod_p255_raw()` * Fixed whitespace issues. * Renamed variables to align with bignum conventions. * Updated alignment on test input data. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-23 09:57:09 +01:00
Dave Rodgman	7613b3d6b8	Fix xor fail for large block size Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-23 08:16:01 +01:00
Dave Rodgman	262d8ced79	Fix AES-CBC for in-place operation Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-22 23:13:45 +01:00
Minos Galanakis	d0292c2aca	ecp_curves: Refactored `mbedtls_ecp_mod_p255`. This patch introduces following methods, as implemented in the design prototype, and updates them to utilise the _core methods available for multiplication and addition. * `mbedtls_ecp_mod_p255()` * `mbedtls_ecp_mod_p255_raw()` An entry has been exposed in the `ecp_invasive.h` header to facilitate testing. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-22 22:22:32 +01:00
YxC	da609130f3	fix: correct calling to time function in tls13 client&server Call `mbedtls_time` to handle the case when MBEDTLS_PLATFORM_TIME_MACRO is defined Signed-off-by: Yuxiang Cao <yuxiang.cao@fortanix.com>	2023-05-22 13:22:00 -07:00
Dave Rodgman	797c4ff365	Make AES-CBC more efficient Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-22 19:42:22 +01:00
Dave Rodgman	6f40f8bf01	Add NEON to mbedtls_xor Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-22 18:22:07 +01:00
Valerio Setti	016264b6cb	pk: fix a return value and a typo in comment Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-22 18:40:35 +02:00
Valerio Setti	a7cb845705	pk: add checks for the returned ECC family Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-22 18:39:43 +02:00
Paul Elliott	26070670d6	Merge pull request #7565 from gabor-mezei-arm/7263_split_out_Koblitz_raw_functions [Bignum] Split out _raw Koblitz reduction functions	2023-05-22 16:03:17 +01:00
Thomas Daubney	850a0797ca	Remove extraneous check in for loop condition Issue 7529 uncovered an unrequired check in a for loop condition in ssl_tls.c. This commit removes said check. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2023-05-22 12:05:03 +01:00
Dave Rodgman	6365a681c8	Prefer intrinsics over asm for AES-NI Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-22 11:14:36 +01:00
SlugFiller	5ca3f0ba00	Support compilation using CLang on Windows The Microsoft-only equivalent to GCC's `cpuid.h` is `intrin.h`. CLang contains both, but neither is directly included in Win32 builds, causing `__cpuid` to not be defined. This explicitly includes `intrin.h` when `cpuid.h` is not used. Signed-off-by: SlugFiller <5435495+SlugFiller@users.noreply.github.com>	2023-05-22 06:31:45 +03:00
Valerio Setti	f57007dd1e	pk: fixing and improving comments Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-19 13:54:39 +02:00
Dave Rodgman	0805ad10b2	XOR perf improvements Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-19 11:48:10 +01:00
Dave Rodgman	68ef1d6ee6	Remove DIY SIZE_MAX definitions Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-18 20:49:03 +01:00
Paul Elliott	9a11f8a122	Merge pull request #7573 from tom-cosgrove-arm/add-psa_want_alg_some_pake Only include psa_pake_setup() and friends if some PAKE algorithms are required	2023-05-18 09:59:52 +01:00
Paul Elliott	aa266f29e6	Merge pull request #7602 from mprse/AuthorityKeyId_leak_fix Fix for memory leak while parsing AuthorityKeyId ext	2023-05-18 09:57:56 +01:00
Andrzej Kurek	63a6a267a4	Check for overflows when writing x509 SANs Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	908716f097	Add missing RFC822_NAME case to SAN setting Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	e488c454ea	Remove unnecessary zeroization Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	dc22090671	Return an error on an unsupported SubjectAltName Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	c6215b0ce1	Add braces to a switch case Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	1bc7df2540	Add documentation and a changelog entry Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Dave Rodgman	e4cbab6945	Merge pull request #7607 from daverodgman/pr6511	2023-05-17 19:11:56 +01:00
Paul Elliott	8203f2d89f	Merge pull request #7535 from minosgalanakis/ecp/7264_enable_core_shift_l [Bignum] Adjust mbedtls_mpi_core_shift_l to use the core function	2023-05-17 18:45:44 +01:00
Valerio Setti	c1541cb3c7	pk: minor fixes (guards and a wrong assignment) Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 19:23:02 +02:00
Gabor Mezei	d56e6e008b	Add input parameter length check for the Koblitz reduction Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-05-17 17:51:19 +02:00
Andrzej Kurek	67fdb3307d	Add a possibility to write subject alt names in a certificate Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 11:45:36 -04:00
Gabor Mezei	fa3f74145b	Add documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-05-17 17:35:47 +02:00
Valerio Setti	483738ed67	tests: fixes for using the new public key raw format Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 15:38:39 +02:00
Valerio Setti	d7ca39511f	tls12: use the the raw format for the public key when USE_PSA is enabled Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 15:36:18 +02:00
Valerio Setti	7ca7b90bc7	debug: add support for printing the new EC raw format Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 15:35:46 +02:00
Valerio Setti	a1b8af6869	pkwrap: update ECDSA verify and EC pair check to use the new public key Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 15:34:57 +02:00
Valerio Setti	4064dbbdb2	pk: update pkparse and pkwrite to use the new public key storing solution Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 15:33:07 +02:00
Valerio Setti	722f8f7472	pk: adding a new field to store the public key in raw format Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 15:31:21 +02:00
Paul Elliott	c05f51ded9	Convert comments over to X rather than N Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-05-17 14:29:44 +01:00
Valerio Setti	4ac9d44d83	pk: fix typos in description of mbedtls_pk_ec_[ro/rw] Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 12:32:13 +02:00
Manuel Pégourié-Gonnard	b1c0afe484	Merge pull request #7595 from valeriosetti/deprecate_pk_ec Set mbedtls_pk_ec() as internal function when ECP_C is not defined	2023-05-17 12:27:03 +02:00
Paul Elliott	6b1f7f101f	Use const where appropriate Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-05-16 17:51:48 +01:00
Paul Elliott	235c1947fb	Group memory allocations earlier Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-05-16 17:51:48 +01:00
Paul Elliott	34b08e5005	Convert over to using X, X_limbs Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-05-16 17:51:48 +01:00
Paul Elliott	4fa8334bae	Convert curve 448 to use ecp core functions Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-05-16 17:51:48 +01:00
Minos Galanakis	0144b35f7d	bignum: Updated `mbedtls_mpi_shift_l` to use the core method. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-16 17:16:26 +01:00
Paul Elliott	f0806bee66	Merge pull request #7489 from minosgalanakis/ecp/7246_xtrack_core_shift_l [Bignum]: Introduce left shift from prototype	2023-05-16 17:13:19 +01:00
Dave Rodgman	8508e50d3d	Make use of MBEDTLS_STATIC_ASSERT Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-16 16:43:48 +01:00
Dave Rodgman	ed59ea76a6	Document minimum size for DEBUG_BUF_SIZE Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-16 16:42:40 +01:00
valord577	5bfcd1c63b	simplify code Signed-off-by: valord577 <valord577@gmail.com>	2023-05-16 16:42:40 +01:00
valord577	176e92711c	code style Signed-off-by: valord577 <valord577@gmail.com>	2023-05-16 16:42:40 +01:00
valord577	536893c22f	make code readable and change var name Signed-off-by: valord577 <valord577@gmail.com>	2023-05-16 16:42:40 +01:00
valord577	24da0cd0f9	send debug msg if contains '\n' Signed-off-by: valord577 <valord577@gmail.com>	2023-05-16 16:42:40 +01:00
Dave Rodgman	9ecf5f96df	Update library/debug.c Fix trailing white-space Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-16 16:42:40 +01:00
valord577	25418ac734	Fix: no newline when debug msg over DEBUG_BUF_SIZE Signed-off-by: valord577 <valord577@gmail.com>	2023-05-16 16:42:40 +01:00
Gabor Mezei	caac83c517	Fix comment Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-05-16 17:41:26 +02:00
Gabor Mezei	03558b847e	Add `_raw` function to P256K1 Modified the testing to use the generic fast reduction test function. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-05-16 17:30:03 +02:00
Gabor Mezei	e42bb6294e	Add `_raw` function to P224K1 Modified the testing to use the generic fast reduction test function. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-05-16 17:30:03 +02:00
Gabor Mezei	dacfe56370	Add `_raw` function to P192K1 Modified the testing to use the generic fast reduction test function. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-05-16 17:29:57 +02:00
Paul Elliott	55a701afec	Merge pull request #7564 from gabor-mezei-arm/7262_fix_ouput_width_in_ecc_mod_koblitz [Bignum] Fix output width in ecp_mod_koblitz()	2023-05-16 15:24:31 +01:00
Przemek Stekiel	0b11ee0888	Fix compilation errors(unused variables, guards) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-16 13:26:06 +02:00
Przemek Stekiel	690ff698f7	mbedtls_x509_crt_free: release authorityCertIssuer sequence Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-16 11:08:30 +02:00
Paul Elliott	926bcb04fe	Merge pull request #7532 from AndrzejKurek/remove-leading-zeroes-ip-parsing Disallow leading zeroes when parsing IPv4 addresses	2023-05-15 13:59:10 +01:00
Paul Elliott	aba165b58c	Merge pull request #7586 from gilles-peskine-arm/gitignore-objects-at-root Ignore *.o everywhere	2023-05-15 13:57:24 +01:00
Gabor Mezei	a274041190	Fix comment Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-05-15 14:50:17 +02:00
Valerio Setti	f70b3e08b1	pk: fix: explicilty set const in casted value in mbedtls_pk_ec_ro Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-15 12:57:40 +02:00
Valerio Setti	3f00b84dd1	pk: fix build issues Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-15 12:57:06 +02:00
Valerio Setti	77a75685ed	pk: align library and tests code to the new internal functions Note = programs are not aligned to this change because: - the original mbedtls_pk_ec is not ufficially deprecated - that function is used in tests when ECP_C is defined, so the legacy version of that function is available in that case Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-15 11:18:46 +02:00
Valerio Setti	229bf1031f	pk: make mbedtls_pk_ec internal when !ECP_C mbedtls_pk_ec() is not an ideal function because: - it provides direct access to the ecp_keypair structure wrapped by the pk_context and - this bypasses the PK module's control However, since for backward compatibility, it cannot be deprecated immediately, 2 alternative internal functions are proposed. As a consequence: - when ECP_C is defined, then the legacy mbedtls_pk_ec is available - when only ECP_LIGHT is defined, but ECP_C is not, then only the new internal functions will be available Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-15 11:13:55 +02:00
Gilles Peskine	8075f76708	Ignore .o everywhere We don't commit .o files anywhere, not even as test data. So ignore them everywhere. This resolves .o files not being ignored under 3rdparty/p256-m. Also remove a redundant ignore of .exe in a subdirectory. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-12 13:58:05 +02:00
Tom Cosgrove	6d62faca8e	Only include psa_pake_setup() and friends if some PAKE algorithms are required Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-05-12 12:36:24 +01:00
Gabor Mezei	b6653f3e27	Update comments Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-05-12 12:34:12 +02:00
Gabor Mezei	dcaf99ebb8	Add another round in the Koblitz reduction The addition can result in an overflow so another round is needed in the reduction. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-05-12 12:34:05 +02:00
Yanray Wang	d896fcb0d5	nist_kw.c: remove non-128-bit data if aes_128bit_only enabled Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-11 18:09:42 +08:00
Przemek Stekiel	c80e7506a0	Handle simple copy import/export before driver dispatch Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-11 12:06:00 +02:00
Przemek Stekiel	a59255f04f	Adapt guards in ffdh driver Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-11 12:06:00 +02:00
Yanray Wang	93533b51a8	gcm.c: do not set length for some arrays in selftest Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-11 17:57:17 +08:00
Yanray Wang	d329c69fba	gcm selftest: remove non-128-bit data if aes_128bit_only enabled This commit sets a loop_limit to omit AES-GCM-192 and AES-GCM-256 if MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enabled. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-11 17:57:17 +08:00
Yanray Wang	dd56add42d	cmac selftest: add macro for non-128-bit data/test Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-11 17:57:17 +08:00
Yanray Wang	59c2dfa48c	aes selftest: determine selftest loop limit in runtime Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-11 17:56:21 +08:00
Yanray Wang	62c9991a5b	aes selftest: remove non-128-bit data if aes_128bit_only enabled Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-11 11:11:17 +08:00
Paul Elliott	481a6a8edb	Merge pull request #7482 from gabor-mezei-arm/6029_use_core_api_in_ecp_mod_koblitz [Bignum] Use core API in ecp_mod_koblitz()	2023-05-10 17:24:46 +01:00
Andrzej Kurek	199eab97e7	Add partial support for URI SubjectAltNames Only exact matching without normalization is supported. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-10 09:57:19 -04:00
Manuel Pégourié-Gonnard	1d046fa0dd	Merge pull request #6010 from mprse/ffdh_import_export FFDH 1, 2A, 2B: FFDH add support for import/export key, key agreement, key generation + tests	2023-05-10 11:40:54 +02:00
Pol Henarejos	2d8076978a	Fix coding style. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-09 11:44:57 +02:00
Gilles Peskine	97edeb4fb8	Merge pull request #6866 from mprse/extract-key-ids Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2	2023-05-08 20:38:29 +02:00
Kusumit Ghoderao	3fc4ca7272	Limit max input cost to 32bit Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-08 15:57:41 +05:30
Kusumit Ghoderao	d0422f30c5	Enable empty salt as input for pbkdf2 Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-08 15:56:19 +05:30
Kusumit Ghoderao	6731a2580c	Remove redundant code in key_derivation_abort() Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-08 15:54:54 +05:30
Przemek Stekiel	61aed064c5	Code optimization Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-08 11:15:59 +02:00
Przemek Stekiel	ed9fb78739	Fix parsing of KeyIdentifier (tag length error case) + test Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-08 11:15:54 +02:00
Yanray Wang	e2bc158b38	aesce.c: add macro of MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-08 10:29:28 +08:00
Gabor Mezei	908f40014c	Determine special cases in-place in the common Koblitz function Remove parameter used by the special cases and check for special cases in-place. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-05-05 16:31:19 +02:00
Pol Henarejos	d06c6fc45b	Merge branch 'development' into sha3 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-05 16:01:18 +02:00
Tom Cosgrove	501fb3abf3	Merge pull request #5894 from Xeenych/patch-1 Reduce RAM - move some variables to .rodata	2023-05-05 14:54:32 +01:00
Przemek Stekiel	837d2d1c5e	mbedtls_psa_export_ffdh_public_key: return fixed key size Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-05 12:33:46 +02:00
Valerio Setti	fc90decb74	pkwrite: removing unused/duplicated variables Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-05 12:30:40 +02:00
Valerio Setti	4f387ef277	pk: use better naming for the new key ID field Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-05 10:59:32 +02:00
Valerio Setti	048cd44f77	pk: fix library code for using the new opaque key solution Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-05 10:59:32 +02:00
Valerio Setti	e00954d0ed	pk: store opaque key ID directly in the pk_context structure Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-05 10:57:26 +02:00
Przemek Stekiel	134cc2e7a8	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-05 10:13:47 +02:00
Manuel Pégourié-Gonnard	71f88ecc52	Merge pull request #6838 from jethrogb/jb/pkix-curdle Read and write RFC8410 keys	2023-05-05 10:02:21 +02:00
Przemek Stekiel	e1621a460a	mbedtls_psa_ffdh_generate_key: optimize code and return fixed key size Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-05 09:53:37 +02:00
Arto Kinnunen	0f06618db0	AES: skip 192bit and 256bit key in selftest if 128bit_only enabled This includes: - aes.c - cmac.c - gcm.c - nist_kw.c Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-05 11:20:59 +08:00
Arto Kinnunen	732ca3221d	AES: add macro of MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH Add configuration option to support 128-bit key length only in AES calculation. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-05 11:20:38 +08:00
Minos Galanakis	b89440394f	bignum_core: Removed input checking for `mbedtls_mpi_core_shift_l` Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-04 14:40:40 +01:00
Dave Rodgman	6dc62e682a	Merge pull request #7544 from tom-cosgrove-arm/use-mbedtls_ct_uint_if-rather-than-mbedtls_ct_cond_select_sign Use mbedtls_ct_uint_if() rather than mbedtls_ct_cond_select_sign()	2023-05-04 12:23:30 +01:00
Jethro Beekman	cb706ea308	Silence bad "maybe unitialized" warning for ec_grp_id Signed-off-by: Jethro Beekman <jethro@fortanix.com>	2023-05-04 13:01:47 +02:00
Jethro Beekman	cf4545e396	Fix unsued variable in mbedtls_pk_write_pubkey_der in certain configurations Signed-off-by: Jethro Beekman <jethro@fortanix.com>	2023-05-04 13:01:47 +02:00
Jethro Beekman	13d415c4ed	Only use mbedtls_ecc_group_of_psa if defined(MBEDTLS_ECP_LIGHT) Signed-off-by: Jethro Beekman <jethro@fortanix.com>	2023-05-04 13:01:47 +02:00
Jethro Beekman	33a3ccd899	Fix bug in mbedtls_pk_wrap_as_opaque Signed-off-by: Jethro Beekman <jethro@fortanix.com>	2023-05-04 13:01:47 +02:00
Jethro Beekman	8e59ebb2e4	Refactor EC SPKI serialization Signed-off-by: Jethro Beekman <jethro@fortanix.com>	2023-05-04 13:01:47 +02:00
Jethro Beekman	2e662c6f97	Add comment about version 1 PKCS8 keys not containing a public key Signed-off-by: Jethro Beekman <jethro@fortanix.com>	2023-05-04 13:01:47 +02:00
Jethro Beekman	0167244be4	Read and write X25519 and X448 private keys Signed-off-by: Jethro Beekman <jethro@fortanix.com> Co-authored-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com> Signed-off-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>	2023-05-04 13:01:47 +02:00
Manuel Pégourié-Gonnard	e4072c00c8	Merge pull request #7548 from jethrogb/jb/mbedtls_pem_write_buffer mbedtls_pem_write_buffer: Correctly report needed buffer size for all possible line lengths and counts	2023-05-04 12:54:56 +02:00
Paul Elliott	b6432832d0	Merge pull request #7490 from paul-elliott-arm/test_ecp_mod_p448 [Bignum] Add unit tests for ecp_mod_p448	2023-05-04 11:39:44 +01:00
Kusumit Ghoderao	b9410e89b4	Fix failing CI Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-04 13:17:51 +05:30
Przemek Stekiel	8194285cf1	Fix parsing of authorityCertSerialNumber (use valid tags) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-03 16:19:16 +02:00
Jethro Beekman	746df88e90	mbedtls_pem_write_buffer: Correctly report needed buffer size for all possible line lengths and counts Signed-off-by: Jethro Beekman <jethro@fortanix.com>	2023-05-03 15:30:49 +02:00
Kusumit Ghoderao	056f0c5047	Make output_byte return not_supported for pbkdf2 As output functionality is not added yet return PSA_SUCCESS for now if inputs are passed correctly. If input validation fails operation is aborted and output_bytes will return PSA_ERROR_BAD_STATE Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 17:33:27 +05:30
Manuel Pégourié-Gonnard	f57273c817	Merge pull request #7496 from valeriosetti/issue7480 Fix test gap in PK write: private (opaque) -> public	2023-05-03 12:39:49 +02:00
Andrzej Kurek	9c9880a63f	Explicitly exit IPv4 parsing on a fatal error This makes the function flow more readable. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-03 05:06:47 -04:00
Kusumit Ghoderao	f5fedf1e0d	Add pbkdf2 to psa_key_derivation_abort Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:37 +05:30
Kusumit Ghoderao	3128c5d9ce	Enable can_output_key with PSA_KEY_DERIVATION_INPUT_PASSWORD Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:37 +05:30
Kusumit Ghoderao	24b3895dee	Add pbkdf2 input functions to psa_key_derivation_input_internal Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:36 +05:30
Kusumit Ghoderao	f4fe3ee9e4	Add input password function for pbkdf2 Also adds PSA_KEY_DERIVATION_INPUT_PASSWORD case handling to psa_key_derivation_check_input_type function Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:36 +05:30
Kusumit Ghoderao	547a6c6fd1	add input salt function for pbkdf2 Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:36 +05:30
Kusumit Ghoderao	944bba1e30	Add input cost function for pbkdf2 Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:36 +05:30
Kusumit Ghoderao	d132cacb38	Add pbkdf2_hmac to is_kdf_alg_supported() Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:35 +05:30
Kusumit Ghoderao	af0b534256	Add pbkdf2 to ATLEAST_ONE_BUILTIN_KDF definition Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:35 +05:30
Tom Cosgrove	e22413c8df	Use mbedtls_ct_uint_if() rather than mbedtls_ct_cond_select_sign() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-05-03 09:44:01 +01:00
Gilles Peskine	d3ca5e5897	Merge pull request #7328 from mprse/ec-jpake-fix1 Fix the JPAKE driver interface for user+peer	2023-05-02 20:42:25 +02:00
Gilles Peskine	c70d9eab8a	Merge pull request #7412 from silabs-Kusumit/PBKDF2_implementation PBKDF2: Implement input_integer	2023-05-02 20:41:23 +02:00
Valerio Setti	2d81499026	pk: fix position for mbedtls_platform_zeroize Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-02 15:45:39 +02:00
Valerio Setti	2c50526476	pk: fix: clear buffer holding raw EC private key on exit Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-02 15:45:39 +02:00
Andrzej Kurek	6f400a376e	Disallow leading zeroes when parsing IPv4 addresses Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-01 06:23:42 -04:00
Gilles Peskine	672a771227	Fix a build error when MBEDTLS_PSA_INJECT_ENTROPY is enabled Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-04-28 21:00:28 +02:00
Aditya Deshpande	7b9934dcdd	Add support for building p256-m alongside Mbed TLS with CMake. Also check if p256-m is enabled in the config before including the contents of p256-m.c Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2023-04-28 17:54:55 +01:00
Aditya Deshpande	e41f7e457f	Integrate p256-m as an example driver alongside Mbed TLS and write documentation for the example. (Reapplying changes as one commit on top of development post codestyle change instead of rewriting old branch) Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2023-04-28 17:54:09 +01:00
Przemek Stekiel	75095cce74	mbedtls_psa_ffdh_set_prime_generator: use switch instead if-else Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-28 14:20:27 +02:00
Przemek Stekiel	534105044c	Add guards for psa_is_dh_key_size_valid Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-28 13:18:43 +02:00
Gilles Peskine	7351101704	Merge pull request #7502 from daverodgman/inline-clz Fix VS2022 build error	2023-04-28 13:06:47 +02:00
Gilles Peskine	d2e1dd098c	Merge pull request #7499 from JonathanWitthoeft/development Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT	2023-04-28 12:45:32 +02:00
Przemek Stekiel	6d85afa0cc	Fix naming: FFDH key -> DH key and fix guard in psa_validate_key_type_and_size_for_key_generation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-28 11:42:17 +02:00
Dave Rodgman	914347bfa3	Don't explicitly inline mbedtls_mpi_core_clz Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-27 14:20:30 +01:00
Kusumit Ghoderao	a5376954ce	Remove unrelated comment Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-04-27 16:57:24 +05:30
Przemek Stekiel	d1cf1bae5d	Add function to validate dh key size Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-27 12:04:21 +02:00
Przemek Stekiel	cf0156f3f3	mbedtls_psa_ffdh_generate_key: Fix random number generation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-27 11:12:39 +02:00
Przemek Stekiel	6fd72b687f	Optimize code (if-else format, action on error) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-27 11:04:12 +02:00
Przemek Stekiel	9275d5d685	mbedtls_psa_ffdh_set_prime_generator: check if key size is equal and use sizeof Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-27 11:03:51 +02:00
Paul Elliott	47a3c82118	Enable curve 448 to be tested Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-04-26 22:23:13 +01:00
JonathanWitthoeft	9b265180cc	Make mbedtls_ecdsa_can_do definition unconditional Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>	2023-04-26 16:09:28 -05:00
JonathanWitthoeft	405ec94ea2	Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT When ECDSA_SIGN_ALT but not ECDSA_VERIFY_ALT, mbedtls_ecdsa_can_do was not being defined causing mbedtls_ecdsa_verify_restartable to always fail Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>	2023-04-26 16:09:28 -05:00
Dave Rodgman	3b29364d61	Fix VS2022 build error Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-26 21:53:30 +01:00
Dave Rodgman	98062a7c5d	Merge pull request #7316 from yuhaoth/pr/Add-msvc-support-for-aesce-module Add msvc support for AESCE	2023-04-26 21:27:08 +01:00
Tom Cosgrove	09d23786f6	Merge pull request #7429 from xkqian/bignumber_update_comments Update links to references in bignum	2023-04-26 16:21:56 +01:00
Gabor Mezei	19c6f47dbc	Allocate the right amount of memory Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-26 15:22:11 +02:00
Gabor Mezei	fead53311b	Remove unused macro Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-26 15:20:01 +02:00
Gabor Mezei	03367fe42d	Ignore carry since it can not be generated Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-26 14:08:45 +02:00
Gabor Mezei	d2c0ba172c	Fix value in comment Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-26 14:08:44 +02:00
Gabor Mezei	7097447b84	Ensure input parameter size for Koblitz reduction Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-26 14:08:35 +02:00
Gabor Mezei	8183c5dcc3	Use core API in `ecp_mod_koblitz()` Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-26 14:03:29 +02:00
David Horstmann	9643575d92	Limit OIDs to 128 components The longest OID known by oid-info.com is 34 components[1], so 128 should be plenty and will limit the potential for attacks. [1] http://oid-info.com/get/1.3.6.1.4.1.1248.1.1.2.1.3.21.69.112.115.111.110.32.83.116.121.108.117.115.32.80.114.111.32.52.57.48.48 Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-04-26 11:50:14 +01:00
Jerry Yu	db368dea88	fix clang test fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-26 16:55:37 +08:00
Janos Follath	91a618375a	Merge pull request #7427 from minosgalanakis/ecp/7258_ecp_mod_p256K1_add_test_cases ECP: Add Unit Tests for secp256k1	2023-04-26 08:52:24 +01:00
Przemek Stekiel	654bef0be0	Fix typos, comments, style, optimize macros Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	c829816fb6	psa_export_public_key_internal: add missing check for FFDH key type Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	a9ca13136c	Move check of the key type to mbedtls_psa_key_agreement_ffdh Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	0dd746d998	Add psa_crypto_ffdh to build Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	359f4625a3	Move FFDH layer to separate file Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	fedd134300	Add key generation for FFDH keys Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:04:32 +02:00
Przemek Stekiel	fb3dd54b24	Add key agreement for FFDH keys Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:04:32 +02:00
Przemek Stekiel	472b3f33b9	Add import/export of FFDH keys Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:04:32 +02:00
Przemek Stekiel	f5b8f78ad7	authorityCertIssuer and authorityCertSerialNumber MUST both be present or absent Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 08:57:32 +02:00
Tom Cosgrove	10f40916eb	Merge pull request #7462 from daverodgman/clz_size_opt clz size/perf optimisation	2023-04-26 07:06:30 +01:00
Jerry Yu	61c4cfa2a7	Add compiler version checks. When `MBEDTLS_AESCE_C` enabled and the compiler is not expected, we should raise error to user. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-26 13:06:01 +08:00
Dave Rodgman	2e863ecde9	Remove unnecessary if to save 16 bytes Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-25 17:40:49 +01:00
Paul Elliott	d3fbbe55f7	Merge pull request #7448 from gabor-mezei-arm/7261_roll_loop_in_ecp_mod_koblitz Roll up the loop in ecp_mod_koblitz()	2023-04-25 15:27:21 +01:00
Minos Galanakis	9c2c81f996	ecp_curves: Renamed `ecp_mod_p256k1` -> `mbedtls_ecp_mod_p256k1` Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-25 13:30:59 +01:00
Minos Galanakis	d6751dcd8b	ecp_curves: Added unit-tests for `secp256k1` This patch introduces basic unit-testing for the `ecp_mod_p256k1()`. The method is exposed through the ecp_invasive interface, and the standard testing data is being provided by the python framework. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-25 13:30:59 +01:00
Przemek Stekiel	aede2ad554	Optimize code (pake role type, freeing buffers) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-25 14:30:34 +02:00
Minos Galanakis	ec09e25251	bignum_core: Aligned `xxx_core_shift_l` to `xxx_core_shift_r` This patch modifies the left-shift implementation to closely align in interface and behaviour to the existing right-shift method. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-25 12:23:34 +01:00
Minos Galanakis	ad808dd5f1	bignum_core: Extracted mbedtls_mpi_shift_l from prototype Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-25 12:23:33 +01:00
Przemek Stekiel	6e628a4e7b	Add undfined role for ec j-pake Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-25 13:11:36 +02:00
Jerry Yu	f015a93f98	Add msvc version document Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-25 10:38:03 +08:00
Jerry Yu	8f0e3d4c22	fix wrong compiler checks - Add msc version check - remove HAVE_ASM due to conflict with check_config Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-25 10:24:53 +08:00
Gilles Peskine	ad450d5a92	Merge pull request #7463 from valeriosetti/issue7460-part2 Pass pk_context pointer to PK wrappers instead of void pointer	2023-04-24 17:41:39 +02:00
Janos Follath	53c6553deb	Merge pull request #7450 from xkqian/bignumber_ecp_update Update gen_prvkey_mx paras to align with comments and c code	2023-04-24 13:44:39 +01:00
Dave Rodgman	0f16d560aa	Fix documentation Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-24 12:53:45 +01:00
Przemek Stekiel	f4194944e8	Use do-while(0) format in macros Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-24 09:52:17 +02:00
Gilles Peskine	935a987b2b	Merge pull request #7436 from AndrzejKurek/x509-verify-san-ip x509 SAN IP parsing	2023-04-21 22:00:58 +02:00
Gabor Mezei	f921f4d228	Use loop for two passes in the reduction Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-21 14:09:06 +02:00
Dave Rodgman	bbf881053d	Document undefined case. Clarify test code. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-21 12:54:40 +01:00
Dave Rodgman	880a6b34c2	Further size optimisation Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-20 11:52:55 +01:00
valerio	38992cb833	pk: pass pk_context pointer to wrappers intead of void one Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-04-20 12:02:34 +02:00
Jerry Yu	5cc39a6a9d	Change clock source to boottime on linux. CLOCK_MONOTONIC does not account for time when suspend. And CLOCK_BOOTTIME does it. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-20 17:21:04 +08:00
Jerry Yu	8b6df3fd76	fix msvc fail on embed assembly code Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-20 10:32:37 +08:00
Jerry Yu	9db4b1f455	fix msvc type cast fail. GCC needs the `cast` due to incompatible type error Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-20 10:32:36 +08:00
Jerry Yu	07d28d8598	Add msvc build for aesce module Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-20 10:32:36 +08:00
David Horstmann	861e5d2742	Change to using an alloc-realloc strategy Allocate enough memory to guarantee we can store the OID, encode into the buffer, then realloc and copy into a buffer of exactly the right size. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-04-19 18:37:45 +01:00
Dave Rodgman	fe8a8cd100	Size/perf optimisation for mbedtls_mpi_core_clz Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-19 17:59:12 +01:00
Kusumit Ghoderao	a14ae5a0c9	Fix input_integer testing Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-04-19 14:16:26 +05:30
Xiaokang Qian	b92a2f6e7a	Remove trailing whitespace from ecdsa.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-19 02:59:15 +00:00
Andrzej Kurek	90117db5dc	Split a complex condition into separate ones Make it more readable Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-18 10:43:35 -04:00
Minos Galanakis	9d80879f90	ecp_curves: Introduced `mbedtls_ecp_mod_p224k1()` This patch introduces a `MBEDTLS_STATIC_TESTABLE` helper method which exposes `ecp_mod_p256k1()` to the test-framework Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-18 14:13:20 +01:00
Minos Galanakis	e5dab975c6	ecp_curves: Added unit-tests for `secp224k1` This patch introduces basic unit-testing for the `ecp_mod_p224k1()`. The method is exposed through the ecp_invasive interface, and the standard testing data is being provided by the python framework. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-18 14:13:20 +01:00
Andrzej Kurek	8bc2cc92b5	Refactor IPv6 parsing Make it more readable Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-18 07:26:27 -04:00
Janos Follath	3c3b94a31b	Merge pull request #7424 from gabor-mezei-arm/7256_unit_tests_for_p192k1 Add unit tests for ecp_mod_p192k1()	2023-04-18 12:19:40 +01:00
Andrzej Kurek	ea3e71fa37	Further refactor IPv4 parsing Make it more readable Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-18 05:54:50 -04:00
Xiaokang Qian	a089614cdf	Update gen_prvkey_mx paras to align with comments and c code Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-18 06:49:55 +00:00
Paul Elliott	4359badbb2	Merge pull request #7331 from mprse/ec-jpake-fix2 PSA PAKE: Check input_length against PSA_PAKE_INPUT_SIZE() in psa_pake_input	2023-04-17 16:31:09 +01:00
Przemek Stekiel	9a7a725ee7	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-17 16:06:57 +02:00
Przemek Stekiel	7921a03425	Add claryfication for PSA_PAKE_INPUT/OUTPUT_MAX_SIZE macros Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-17 12:32:06 +02:00
Andrzej Kurek	6cbca6dd42	Rename a variable in ipv4 and ipv6 parsing Character was too elaborate. p is used in other x509 code to step through data. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:25:00 -04:00
Andrzej Kurek	0d57896f7e	Refactor ipv6 parsing Introduce new variables to make it more readable. Clarify the calculations a bit. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:20:31 -04:00
Andrzej Kurek	7f5a1a4525	Rename ipv6 parsing variables, introduce one new one This way the names are more descriptive. j was reused later on for calculation, num_zero_groups is used instead. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:20:23 -04:00
Andrzej Kurek	06969fc3a0	Introduce a test for a sw implementation of inet_pton Create a bypass define to simulate platforms without AF_INET6. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:20:15 -04:00
Andrzej Kurek	13b8b780fe	Improve x509_inet_pton_ipv4 readability Introduce descriptive variable names. Drop the table of tens. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:19:50 -04:00
Gabor Mezei	0a11ee6da8	Fix function declaration Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-13 12:48:06 +02:00
Gabor Mezei	1237a349ed	Use macro guard for function declaration Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-13 12:48:06 +02:00
Gabor Mezei	83669d910e	Add a testable function for ecp_mod_p192k1 Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-13 12:44:37 +02:00
Xiaokang Qian	50fe36317a	Update links in ecp.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-12 06:08:45 +00:00
Xiaokang Qian	637a2fe62c	Update SEC1 link in ecdsa.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-12 06:07:51 +00:00
Xiaokang Qian	4704147717	Update SEC1 link in ecdh.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-12 06:07:23 +00:00
Glenn Strauss	b255e21e48	Handle endianness in x509_inet_pton_ipv6() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:43 -04:00
Glenn Strauss	6f545acfaf	Add mbedtls_x509_crt_parse_cn_inet_pton() tests Extended from https://github.com/Mbed-TLS/mbedtls/pull/2906 contributed by Eugene K <eugene.kobyakov@netfoundry.io> Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:42 -04:00
Glenn Strauss	416c295078	x509 crt verify local implementation to parse IP x509 crt verify local implementation to parse IP if inet_pton() is not portably available Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:42 -04:00
Glenn Strauss	c26bd76020	x509 crt verify SAN iPAddress Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:42 -04:00
Valerio Setti	0c477d32e2	test: include also test_suite_ecp for the coverage analysis Only some test cases are skipped for which ECP_C is mandatory, but the other ones are included. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	6c496a1553	solve disparities for ECP_LIGHT between ref/accel Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	5278986d2d	psa: fix ECP guards for key derivation Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	3f8d23eaef	pk_wrap: fix guards in eckey_check_pair to only include 1 option at build time Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	d4a5d461de	library: add remaining changes for the new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	0d2980f117	pk: adapt to new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	fd122f4e95	ecp: introduce new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Dave Rodgman	22d9ff6d3c	Merge pull request #7353 from xkqian/tls13_fix_code_style Improve code styles for tls13 related files	2023-04-11 09:18:22 +01:00
Gilles Peskine	5634f87d68	Merge pull request #7418 from xkqian/big_number_ecc_update_comment Update SEC1 link in ecp.c	2023-04-11 09:34:07 +02:00
Gilles Peskine	c9e8a65d06	Merge pull request #7298 from lpy4105/issue/6840/add-cache-entry-removal-api ssl_cache: misc improvements	2023-04-11 09:30:40 +02:00
Manuel Pégourié-Gonnard	b16a50eeab	Merge pull request #7392 from valeriosetti/issue7388 PK: use PSA to complete public key when USE_PSA is enabled	2023-04-11 09:09:06 +02:00
Xiaokang Qian	49f39c1e91	Fix the wrong debug _message function to _ret Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	09c3cccf97	Update the todo comment of record size limits Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	8bce0e6f5e	Update group ext debug message in ssl_tls13_server.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	91bb3f0665	Wrap lines in library/ssl_tls13_client.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	9f1747bb1f	Wrap lines which exceed 80 chars in ssl_tls13_server.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:14 +00:00
Xiaokang Qian	958b6ffe98	Wrap lines which exceed 80 chars in ssl_tls13_client.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:27:52 +00:00
Xiaokang Qian	7343738695	Wrap lines which exceed 80 chars in ssl_tls13_generic.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:27:51 +00:00
Xiaokang Qian	123cde824c	Improve code styles(line numbers) for tls13_key.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:27:51 +00:00
Xiaokang Qian	669c7c35f0	Update SEC1 link in ecp.c Old link doesn't work any more, update it to one new link to refer version 2 Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 07:36:35 +00:00
Pengyu Lv	e3746d7ce6	ssl_cache: Error renaming and document improvement Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-04-10 14:40:03 +08:00
Kusumit Ghoderao	3a18dee1e8	Fix unused variable warning Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-04-07 16:16:27 +05:30
Valerio Setti	520c0384e7	pkparse: fix return value Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 11:38:09 +02:00
Valerio Setti	1df94f841b	pk: fix return codes' precedence and code style Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 11:04:32 +02:00
Manuel Pégourié-Gonnard	f740767c00	Merge pull request #7391 from valeriosetti/issue7387 PK: don't use mbedtls_ecp_check_pub_priv() when USE_PSA is enabled	2023-04-07 10:17:18 +02:00
Valerio Setti	9d65f0ef12	pk_wrap: simplify prototype of eckey_check_pair_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 08:53:17 +02:00
Valerio Setti	aad6306212	pkparse: fix guards position Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 08:45:34 +02:00
Valerio Setti	4bf73ad83f	pkparse: use proper sizing for buffer Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 08:45:34 +02:00
Valerio Setti	34f6755b34	pkparse: add new function for deriving public key from private using PSA Instead of using the legacy mbedtls_ecp_mul() function which makes use of ECP's math, this commit adds a new function named pk_derive_public_key() which implements the same behavior using PSA functions. The flow is simple: - import the private key into PSA - export its public part Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 08:45:34 +02:00
Valerio Setti	f286664069	pk_wrap: minor code optimizations Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 08:37:46 +02:00
Dave Rodgman	0b3de6fcec	Merge pull request #7288 from ronald-cron-arm/tls13-server-version-negotiation TLS: TLS 1.2 / 1.3 version negotiation on server side	2023-04-06 16:26:19 +01:00
Janos Follath	3615be65f8	Merge pull request #7342 from gabor-mezei-arm/6679_prevent_mpi_mod_write_from_corrupting_the_input Prevent mpi_mod_write from corrupting the input	2023-04-06 15:56:28 +01:00
Janos Follath	44c6694be7	Merge pull request #7351 from gabor-mezei-arm/7109_ecp_fast_reduction_testing Test unlikely cases of ECC modular reduction	2023-04-06 15:55:19 +01:00
Kusumit Ghoderao	50e0e11213	Add key_derivation_input_integer function Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-04-06 17:47:25 +05:30
Ronald Cron	dad02b2bec	tls13: srv: Fix comment Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:32:05 +02:00
Ronald Cron	fe01ec2d57	tls12: srv: Use sizeof() instead of constant Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:32:05 +02:00
Ronald Cron	c564938180	Add downgrade protection mechanism Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:32:05 +02:00
Ronald Cron	e45afd760d	Use specific pointer to loop over proposed cipher suites Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:32:01 +02:00
Ronald Cron	eff5673e09	Improve and align variable names for supported versions data Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	3bd2b02486	Check for TLS 1.3 version first Check for TLS 1.3 version first when parsing the supported versions extension as it is the most likely version. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	b828c7d3de	Fix, improve and add comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	097ba146e7	tls: srv: Set hybrid TLS 1.2/1.3 as default configuration Set hybrid TLS 1.2/1.3 as default server configuration if both TLS 1.2 and TLS 1.3 are enabled at build time. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	3b35455a69	tls: srv: Allow server hybrid TLS 1.2 and 1.3 configuration Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	6291b23080	tls: Add logic in handshake step to enable server version negotiation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	8a12aeec93	tls: Initialize SSL context tls_version in mbedtls_ssl_setup() Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	5af4c7f0e2	tls13: srv: Add detection to negotiate TLS 1.2 Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	8c527d0be8	tls13: srv: Parse supported versions extension early Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	2f16b4ec66	tls13: srv: Postpone cipher suite selection Postpone TLS 1.3 cipher suite selection when we are sure we negotiate the version 1.3 of the protocol. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	cada410365	tls13: srv: Postpone legacy session id copy To avoid doing it twice in case we eventually negotiate the version 1.2 of the protocol, postpone the copy of the legacy session id. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	d540d995b2	tls13: srv: Postpone client random copy To avoid doing it twice in case we eventually negotiate the version 1.2 of the protocol, postpone the copy of the client random bytes. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	6458239b36	tls13: srv: Move TLS version setting When parsing the ClientHello message, move the setting of the TLS version to TLS 1.3 after the computation of the end of the list of cipher suites. At that point we are able to compute the address and end address of the list of extensions and thus able to search and parse the supported_versions extension to select which version of the TLS protocol we are going to negotiate. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	47dce630f4	tls13: Add function to search for a supported_versions extension Move in a dedicated function the search for the supported_versions extension in a list of extensions, to be able to use it on server side as well. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:17 +02:00
Minos Galanakis	00bd8925a7	bignum: Removed merge scaffolding. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-05 16:13:11 +01:00
Przemek Stekiel	725688b143	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 22:49:44 +02:00
Przemek Stekiel	294ec1274d	Remove redundant memory relase for authorityCertIssuer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	21903ec860	Fix after rebase Handle manually functions that have been moved to different locations. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	4f3e7b934e	Fix parsing of authorityCertIssuer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	75653b1df0	Add indication of extension error while parsing authority/subject key id Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	6ec839a1f9	x509_get_authority_key_id: add length check + test Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	3520fe6fda	Use MBEDTLS_ERROR_ADD() and tag macros Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	8a13866f65	Remove parsing of rfc822Name Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	a2939e8728	Remove duplicated function Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	9a511c5bdf	Rename back mbedtls_x509_parse_general_name->mbedtls_x509_parse_subject_alt_name Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	db323aa241	Fix Subject Key Identifier, Authority Key Identifier entries in oid_x509_ext Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	62d8f84be2	Adapt mbedtls_x509_crt_free after rebase Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
toth92g	9232e0ad84	Adding some comments for easier understand Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:28 +02:00
toth92g	8d435a0c8b	Renaming x509_get_subject_alt_name to x509_get_general_names and mbedtls_x509_parse_subject_alt_name to mbedtls_x509_parse_general_name so they can be used not only to collect subject alt name, but the V3 authority cert issuer that is also GeneralName type. Also updated the x509_get_general_names function to be able to parse rfc822Names Test are also updated according these changes. Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:28 +02:00
toth92g	d96027acd2	Correcting documentation issues: - Changelog entry is Feature instead of API Change - Correcting whitespaces around braces - Also adding defensive mechanism to x509_get_subject_key_id to avoid malfunction in case of trailing garbage Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:27 +02:00
toth92g	a41954d0cf	Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions. Updating mbedtls_x509_crt_free function to also free the new dynamic elements (issuer field of AuthorityKeyId). A few tests are also added which test the feature with a correct certificate and multiple ones with erroneous ASN1 tags. Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:27 +02:00
Janos Follath	13c73de6de	Merge pull request #6233 from tom-cosgrove-arm/issue-6226-core-mul Bignum: extract core_mul from the prototype	2023-04-04 13:36:22 +01:00
Ronald Cron	219f978097	Merge pull request #7059 from ronald-cron-arm/psa-crypto-misc PSA cryptography miscellaneous	2023-04-04 10:54:03 +02:00
Valerio Setti	98680fc2ed	ecp: revert changes to ECP module and test suite Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-04 10:22:59 +02:00
Valerio Setti	8eb552647f	pk_wrap: fix sizing for private key buffer Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-04 10:20:53 +02:00
Gabor Mezei	d62605126d	Fix documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-03 17:32:55 +02:00
Valerio Setti	0fe1ee27e5	pk: add an alternative function for checking private/public key pairs Instead of using the legacy mbedtls_ecp_check_pub_priv() function which was based on ECP math, we add a new option named eckey_check_pair_psa() which takes advantage of PSA. Of course, this is available when MBEDTLS_USE_PSA_CRYPTO in enabled. Tests were also fixed accordingly. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-03 15:00:21 +02:00
Gabor Mezei	6f182c33a8	Fix documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-31 16:17:06 +02:00
Tom Cosgrove	6af26f3838	Tidy up, remove MPI_CORE(), apply the naming convention, and use the new mbedtls_mpi_core_mul() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-31 16:16:00 +02:00
Hanno Becker	4ae890bbd0	Extract MPI_CORE(mul) from the prototype Signed-off-by: Hanno Becker <hanno.becker@arm.com> Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-31 16:10:34 +02:00
Dave Rodgman	b8f5ba826b	Merge pull request #6891 from yuhaoth/pr/add-milliseconds-platform-function Add milliseconds platform time function	2023-03-31 11:47:37 +01:00
Ronald Cron	afbc7eda65	psa: Introduce PSA crypto core common symbols When compiling some PSA core files of the PSA cryptography repository, both the Mbed TLS library and the PSA cryptography core common.h are included and if they define the same inline functions (same name), the compilation fails. Thus, inline functions prefixed by psa_crypto_ instead of mbedtls_ are defined in the PSA cryptography core common.h header. To ease the maintenance of the PSA cryptography repository, introduce those symbols in Mbed TLS as well and use them in PSA crypto core code files instead of their Mbed TLS equivalent. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:07:57 +02:00
Ronald Cron	e6e6b75ad3	psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option The support for the PSA crypto driver interface is not optional anymore as the implementation of the PSA cryptography interface has been restructured around the PSA crypto driver interface (see psa-crypto-implementation-structure.md). There is thus no purpose for the configuration options MBEDTLS_PSA_CRYPTO_DRIVERS anymore. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:07:54 +02:00
Ronald Cron	fe8e135816	psa: Remove unnecessary headers Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:01:45 +02:00
Paul Elliott	03d557db35	Merge pull request #6900 from AndrzejKurek/san-dirname Add support for directoryName subjectAltName	2023-03-30 18:37:26 +01:00
Janos Follath	54118a1720	Merge pull request #7352 from gabor-mezei-arm/6349_fix_merge Remove obsolete ecp_fix_negative function	2023-03-30 14:48:13 +01:00
Andrzej Kurek	5f0c6e82fb	Add missing deallocation of subject alt name Since mbedtls_x509_get_name allocates memory when parsing a directoryName, deallocation has to be performed if anything fails in the meantime. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:40:38 -04:00
Andrzej Kurek	bf8ccd8109	Adjust error reporting in x509 SAN parsing Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:03:01 -04:00
Andrzej Kurek	d40c2b65a6	Introduce proper memory management for SANs DirectoryName parsing performs allocation that has to be handled. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:03:01 -04:00
Andrzej Kurek	e12b01d31b	Add support for directoryName subjectAltName Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:03:01 -04:00
Gabor Mezei	df9c029dd5	Remove obsolete ecp_fix_negative function Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-28 18:43:07 +02:00
Valerio Setti	46423164c1	tls12_client: remove unnecessary parentheses Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:48 +02:00
Valerio Setti	77a904c761	ssl: remove useless guard Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:48 +02:00
Valerio Setti	9affb73e44	psa_crypto: fix guard for mbedtls_ecc_group_of_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:47 +02:00
Valerio Setti	1fa5c56863	ssl_tls: fix guard symbols for EC accelerated tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:47 +02:00
Gabor Mezei	514806bbe9	Add a second round of carry reduction for P192 fast reduction The first round of carry reduction can generate a carry so a second round is needed. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-28 15:09:34 +02:00
Paul Elliott	f04848cc3b	Revert "Add generated files" This reverts commit `df2b5da57f`. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-27 21:20:52 +01:00
Paul Elliott	d01a3bca05	Merge tag 'v3.4.0' into mbedtls-3.4.0_mergeback Mbed TLS 3.4.0	2023-03-27 18:09:49 +01:00
Janos Follath	445c3bfcac	Merge pull request #7222 from minosgalanakis/bignum/6851_extract_Secp384r1_fast_reduction Bignum: Extract secp384r1 fast reduction from the prototype	2023-03-27 16:56:30 +01:00
Valerio Setti	ab9dc667ff	psa_util: fix for correctly computing elements in array Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-27 11:25:10 -04:00
Gabor Mezei	2f73edbbc4	Prevent mpi_mod_write from corrupting the input Allocate a working buffer to store the converted value needed for the mpi_mod_write function. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-27 15:53:14 +02:00
Manuel Pégourié-Gonnard	93302422fd	Fix instances of old feature macros being used sed -i -f md.sed include/mbedtls/ssl.h library/hmac_drbg.c programs/pkey/.c programs/x509/.c tests/scripts/generate_pkcs7_tests.py tests/suites/test_suite_random.data Then manually revert programs/pkey/ecdsa.c as it's using a low-level hash API. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	4011eb49dc	Fix entropy-related feature macros Was causing testing disparities picked by analyze_outcomes.py Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	5cd4b6403b	Use MD-light in entropy.c Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Przemek Stekiel	256c75df90	Fix signed/unsigned comparison (windows compilation failure) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-23 14:09:34 +01:00
Przemek Stekiel	b175b146a2	Remove driver_pake_get_role function Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-23 13:37:18 +01:00
Przemek Stekiel	e80ec0a9af	Adapt J-PAKE built-in impl to use user/peer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-23 13:37:12 +01:00
Minos Galanakis	f9fca53cb4	ecp_curves: Updated ecp_mod_p384_raw documentation Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-03-23 12:17:17 +00:00
Paul Elliott	df2b5da57f	Add generated files Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-23 10:58:43 +00:00
Paul Elliott	db67e99bbf	Bump library, libcrypto and libx509 versions Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-23 10:57:39 +00:00
Valerio Setti	226f9b903f	ssl_tls: fix guard in ssl_misc.h Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-23 09:28:51 +01:00
Pengyu Lv	5038a38695	ssl_cache: Return standard mbedtls error code Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-23 15:53:43 +08:00
Przemek Stekiel	656b2595fb	psa_pake_input: validate buffer size using PSA_PAKE_INPUT_SIZE Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-23 08:05:52 +01:00
Minos Galanakis	68d64a10b6	ecp_curves: Re-introduced `mbedtls_ecp_fix_negative()` This patch re-introduces `mbedtls_ecp_fix_negative` and appropriately adjusts its' define guards. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-03-22 11:28:15 +00:00
Valerio Setti	080a22ba75	ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	0c8ec3983e	ssl_tls: fix proper guards for accelerated ECDH Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	90df310d89	ssl_tls13: fix guards for accel ECDH These changes fix all failures found in test_suite_ssl Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Przemek Stekiel	1f778bcfd8	EC-JPAKE: remove limitation for user/peer (alow any value) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-22 09:52:08 +01:00
Minos Galanakis	37f4cb6d0e	ecp_curves: Minor rework for p384 This patch adjusts formatting, documentation and testing. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-03-21 15:46:50 +00:00
Minos Galanakis	6fb105fb2e	ecp_curves: Ported prototypes Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-03-21 15:41:26 +00:00
Paul Elliott	f1eb5e2a04	Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-21 15:35:17 +00:00
Manuel Pégourié-Gonnard	7224086ebc	Remove legacy_or_psa.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Manuel Pégourié-Gonnard	bef824d394	SSL: use MD_CAN macros Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Manuel Pégourié-Gonnard	a946489efd	X.509: use MD_CAN macros Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	ebef58d301	OID + misc crypto: use MD_CAN and fix failures After this, only PK, X.509 and TLS remain to be done. Deterministic uses HMAC-DRBG which uses MD, so it needs crypto_init() when using a driver-only hash. Also, remove a special-purpose macro that's no longer needed. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	a5f04621bd	PKCS5: use MD_CAN macros sed -i -f md.sed library/pkcs5.c tests/suites/test_suite_pkcs5* include/mbedtls/pkcs5.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	49e67f814f	PKCS5: always use MD As a consequence, MD_C is now enabled in component accel_hash_use_psa. Fix guards in X.509 info function to avoid this causing a failure now. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	c1f10441e0	RSA: use MD_CAN macros sed -i -f md.sed library/rsa.c tests/suites/test_suite_rsa* include/mbedtls/rsa.h tests/suites/test_suite_pkcs1_v* Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	fb8d90a2db	RSA: always use MD light Note: already auto-enabled in build_info.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	52d02a85d3	PEM: use MD_CAN macros sed -i -f md.sed library/pem.c tests/suites/test_suite_pem* include/mbedtls/pem.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	1c2008fa37	PEM: always use MD light Note: PEM_PARSE already auto-enables MD_LIGHT in build_info.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	be97afe5d4	PKCS12: always use MD light Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	b2eb1f7456	ECJPAKE: use MD_CAN macros sed -i -f md.sed \ library/ecjpake.c \ include/medtls/ecjpake.h \ tests/suites/test_suite_ecjpake.* With md.sed as follows: s/\bMBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_MD5_C\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_RIPEMD160_C\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_SHA1_C\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_SHA224_C\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_SHA256_C\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_SHA384_C\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_SHA512_C\b/MBEDTLS_MD_CAN_SHA512/g Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	41bc8b6b1e	ECJPAKE: always use MD light This enables access to all available hashes, instead of the previous situation where you had to choose by including MD_C or not. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	e0e161b54a	Merge pull request #7296 from valeriosetti/issue7253-part1 driver-only ECDH: enable ECDH-based TLS 1.2 key exchanges -- part 1	2023-03-21 16:09:02 +01:00
Dave Rodgman	3543806026	Merge pull request #7190 from yanrayw/6197_rsa_get_padding_hashID RSA: provide interface to retrieve padding mode and hash_id	2023-03-20 18:34:53 +00:00
Dave Rodgman	d3b6e92967	Merge pull request #997 from gilles-peskine-arm/aesni-intrinsics Implement AESNI with intrinsics	2023-03-20 18:20:51 +00:00
Dave Rodgman	c5807a6fa8	Merge pull request #6918 from yuhaoth/pr/add-gcm-with-armv8-crypto-extension Add GCM with armv8 crypto extension	2023-03-20 14:45:14 +00:00
Valerio Setti	5d1f29e700	ssl_tls: fix guards for accelerated ECDH Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-20 14:02:07 +01:00
Manuel Pégourié-Gonnard	c9ef476431	Merge pull request #7192 from joerchan/psa-update-mbedtls psa_crypto: Fix psa_key_derivation_output_key ECC without builtin keys	2023-03-20 09:47:07 +01:00
Manuel Pégourié-Gonnard	14c194aae9	Merge pull request #7271 from mpg/use-md-light Use md light	2023-03-20 09:01:16 +01:00
Dave Rodgman	f918d42332	Tidy up ARMCE terminology Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-17 17:52:23 +00:00
Gilles Peskine	36b9e47eed	Fix preprocessor conditional This was intended as an if-else-if chain. Make it so. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-17 17:31:18 +01:00
Gilles Peskine	30e9f2a293	Finish sentence in comment Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-17 17:29:58 +01:00
Manuel Pégourié-Gonnard	3831637e85	Handle dependency on ECP_C in ECC KDF Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-17 15:21:26 +01:00
Joakim Andersson	bb576febb2	psa_crypto: Fix psa_key_derivation_output_key ECC without builtin keys Fix psa_key_derivation_output_key not being able to derive ECC keys without MBEDTLS_BUILTIN ECC key types enabled. The PSA crypto drivers can generate these keys without requiring the builtin key types. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>	2023-03-17 15:21:26 +01:00
Yanray Wang	d41684e8bc	rsa.c: rename getter function of hash_id Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-03-17 18:57:42 +08:00
Dave Rodgman	0e2b06a1ce	Merge pull request #7083 from KloolK/record-size-limit/parsing Add parsing for Record Size Limit extension in TLS 1.3	2023-03-17 10:18:34 +00:00
Paul Elliott	9f02a4177b	Merge pull request #7009 from mprse/csr_write_san Added ability to include the SubjectAltName extension to a CSR - v.2	2023-03-17 10:07:27 +00:00
Manuel Pégourié-Gonnard	b33ef74d44	Use MD_LIGHT, not sha1.h, in RSA selftest Same note as previous commit regarding guards. Note that we could auto-enable MD_LIGHT only when SELF_TEST is defined, and even only when SHA1_C is defined too, but somewhere down the line we'll want to auto-enable it for the sake of other RSA function (not in selftest and could use any hash), so there's little point in optimizing the temporary condition, let's use the simple one upfront. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-17 09:43:28 +01:00
Manuel Pégourié-Gonnard	8316209c02	Use MD_LIGHT rather than md5.h in pem.c But, for now, still guard things with MBEDTLS_MD5_C, as md.c can only compute MD5 hashes when MBEDTLS_MD5_C is defined. We'll change the guards once that has changed. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-17 09:43:27 +01:00
Manuel Pégourié-Gonnard	ec000c1a00	Merge pull request #7242 from mpg/md-dispatch-psa Implement MD dispatch to PSA	2023-03-17 09:42:40 +01:00
Janos Follath	c18cd0c8e6	Merge pull request #7230 from gabor-mezei-arm/6850_Secp256r1_fast_reduction Extract Secp256r1 fast reduction from the prototype	2023-03-16 19:43:25 +00:00
Gilles Peskine	9c682e724a	AESNI: Overhaul implementation selection Have clearly separated code to: * determine whether the assembly-based implementation is available; * determine whether the intrinsics-based implementation is available; * select one of the available implementations if any. Now MBEDTLS_AESNI_HAVE_CODE can be the single interface for aes.c and aesni.c to determine which AESNI is built. Change the implementation selection: now, if both implementations are available, always prefer assembly. Before, the intrinsics were used if available. This preference is to minimize disruption, and will likely be revised in a later minor release. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 17:21:33 +01:00
Gilles Peskine	0de8f853f0	Clean up AES context alignment code Use a single auxiliary function to determine rk_offset, covering both setkey_enc and setkey_dec, covering both AESNI and PADLOCK. For AESNI, only build this when using the intrinsics-based implementation, since the assembly implementation supports unaligned access. Simplify "do we need to realign?" to "is the desired offset now equal to the current offset?". Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 17:14:59 +01:00
Dave Rodgman	3ac99fdf07	Merge pull request #7301 from gilles-peskine-arm/msan-explicit_bzero Fix Msan failure with explicit_bzero	2023-03-16 14:55:18 +00:00
Gilles Peskine	0f454e4642	Use consistent guards for padlock code The padlock feature is enabled if ``` defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) ``` with the second macro coming from `padlock.h`. The availability of the macro `MBEDTLS_PADLOCK_ALIGN16` is coincidentally equivalent to `MBEDTLS_HAVE_X86` but this is not meaningful. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 14:58:46 +01:00
Dave Rodgman	680dbd46ae	Merge pull request #7270 from DemiMarie/oid-fix Fix segfault in mbedtls_oid_get_numeric_string	2023-03-16 12:21:36 +00:00
Gilles Peskine	148cad134a	Fix unaligned access if the context is moved during operation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 13:08:42 +01:00
Gilles Peskine	d0185f78c0	Fix typo in comment Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 13:08:18 +01:00
Gilles Peskine	0cd9ab7107	Fix code style Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 13:06:14 +01:00
Gilles Peskine	a8d2ff3fdf	Fix Msan failure with explicit_bzero On some platforms, including modern Linux, Clang with Msan does not recognize that explicit_bzero() writes well-defined content to its output buffer. For us, this causes CMAC operations to fail in Msan builds when mbedtls_platform_zeroize() is implemented over explicit_bzero(). Fix this. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 10:53:46 +01:00
Manuel Pégourié-Gonnard	f48b1f810e	Rename internal function to something clearer Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:48:20 +01:00
Manuel Pégourié-Gonnard	39a376a417	Finish removing HMAC from MD-light Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard	9b14639342	Dispatch according to init status. We shouldn't dispatch to PSA when drivers have not been initialized yet. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard	7abdf7eee5	Add utility function to check for drivers init This will be used in the next commit. While at it, move driver initialization before RNG init - this will be handy when the entropy module wants to use drivers for hashes. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard	d8ea37f1a3	Add engine field to context structure For multi-part operations, we want to make the decision to use PSA or not only once, during setup(), and remember it afterwards. This supports the introduction, in the next few commits, of a dynamic component to that decision: has the PSA driver sub-system been initialized yet? Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:50 +01:00
Gilles Peskine	12612e5ab4	Implement md over PSA When MBEDTLS_MD_xxx_VIA_PSA is enabled (by mbdetls/md.h), route calls to xxx over PSA rather than through the built-in implementation. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com> Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:50 +01:00
Gilles Peskine	83d9e09b15	Switch metadata functions to the PSA-aware availability symbols Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com> Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:50 +01:00
Pengyu Lv	b1895899f1	ssl_cache: Improve some comments Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-16 14:33:28 +08:00
Demi Marie Obenour	889534a4d2	Fix segfault in mbedtls_oid_get_numeric_string When passed an empty OID, mbedtls_oid_get_numeric_string would read one byte from the zero-sized buffer and return an error code that depends on its value. This is demonstrated by the test suite changes, which check that an OID with length zero and an invalid buffer pointer does not cause Mbed TLS to segfault. Also check that second and subsequent subidentifiers are terminated, and add a test case for that. Furthermore, stop relying on integer division by 40, use the same loop for both the first and subsequent subidentifiers, and add additional tests. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-03-16 01:06:41 -04:00
Jerry Yu	f52078f5a1	fix win32 ms time fail `GetSystemTimeAsFileTime` returns 100 nano seconds elapsed time, not 100 micro seconds. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-16 11:23:19 +08:00
Gilles Peskine	dde3c6532e	Fix MSVC portability MSVC doesn't have _mm_storeu_si64. Fortunately it isn't really needed here. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 23:16:27 +01:00
Gilles Peskine	dafeee4814	Improve variable names To some extent anyway. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 21:47:40 +01:00
Tom Cosgrove	02edb7546f	Get aesni.c compiling with Visual Studio Clang is nice enough to support bitwise operators on __m128i, but MSVC isn't. Also, __cpuid() in MSVC comes from <intrin.h> (which is included via <emmintrin.h>), not <cpuid.h>. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-15 21:47:40 +01:00
Gilles Peskine	d671917d0d	AESNI: add implementation with intrinsics As of this commit, to use the intrinsics for MBEDTLS_AESNI_C: * With MSVC, this should be the default. * With Clang, build with `clang -maes -mpclmul` or equivalent. * With GCC, build with `gcc -mpclmul -msse2` or equivalent. In particular, for now, with a GCC-like compiler, when building specifically for a target that supports both the AES and GCM instructions, the old implementation using assembly is selected. This method for platform selection will likely be improved in the future. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 20:47:59 +01:00
Gilles Peskine	7e67bd516d	AES, GCM selftest: indicate which implementation is used Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 20:47:59 +01:00
Gilles Peskine	9af58cd7f8	New preprocessor symbol indicating that AESNI support is present The configuration symbol MBEDTLS_AESNI_C requests AESNI support, but it is ignored if the platform doesn't have AESNI. This allows keeping MBEDTLS_AESNI_C enabled (as it is in the default build) when building for platforms other than x86_64, or when MBEDTLS_HAVE_ASM is disabled. To facilitate maintenance, always use the symbol MBEDTLS_AESNI_HAVE_CODE to answer the question "can I call mbedtls_aesni_xxx functions?", rather than repeating the check `defined(MBEDTLS_AESNI_C) && ...`. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 19:38:37 +01:00
Gilles Peskine	4e20144882	Improve the presentation of assembly blocks Uncrustify indents ``` asm("foo" HELLO "bar" "wibble"); ``` but we would like ``` asm("foo" HELLO "bar" "wibble"); ``` Make "bar" an argument of the macro HELLO, which makes the indentation from uncrustify match the semantics (everything should be aligned to the same column). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 19:36:03 +01:00
Gilles Peskine	2a44ac245f	Merge pull request #7217 from lpy4105/issue/6840/add-cache-entry-removal-api ssl_cache: Add cache entry removal api	2023-03-15 15:38:06 +01:00
Jan Bruckner	1a38e54436	Changes from 2nd review Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-15 14:15:11 +01:00

... 10 11 12 13 14 ...

11826 commits