yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2026-03-17 10:44:56 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
23685 commits 89 branches 205 tags 114 MiB
Commit graph

5694 commits

Author SHA1 Message Date
Pengyu Lv e3746d7ce6 ssl_cache: Error renaming and document improvement 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-04-10 14:40:03 +08:00
Pengyu Lv 4e70724396 ssl_cache: Add descriptions of returns of cache accessors 
Add descriptions of the return values of mbedtls_ssl_cache_get
and mbedtls_ssl_cache_set.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-27 11:29:49 +08:00
Pengyu Lv 5038a38695 ssl_cache: Return standard mbedtls error code 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-23 15:53:43 +08:00
Pengyu Lv cdf06f69dd Improve function return value description 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-23 11:15:24 +08:00
Pengyu Lv b1895899f1 ssl_cache: Improve some comments 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-16 14:33:28 +08:00
Pengyu Lv 0b9c012f21 ssl_cache: return the error code for mutex failure 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-15 14:37:32 +08:00
Pengyu Lv 7b6299b49b ssl_cache: Add an interface to remove cache entry by session id 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-03-07 15:00:22 +08:00
Dave Rodgman 05b80a4eee
Merge pull request #6201 from gilles-peskine-arm/tls13_only-renegotiation 
Disable MBEDTLS_SSL_RENEGOTIATION in TLS-1.3-only builds
 2023-03-03 09:56:51 +00:00
Gilles Peskine 6def41b146
Merge pull request #6932 from yuhaoth/pr/fix-arm64-host-build-and-illegal_instrucion-fail 
Replace CPU modifier check with file scope target cpu modifiers
 2023-03-02 15:36:41 +01:00
Gilles Peskine 7d3186d18a Disable MBEDTLS_SSL_RENEGOTIATION in tls13-only configuration 
There's no renegotiation in TLS 1.3, so this option should have no effect.
Insist on having it disabled, to avoid the risk of accidentally having
different behavior in TLS 1.3 if the option is enabled (as happened in
https://github.com/Mbed-TLS/mbedtls/issues/6200).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-03-01 19:47:23 +01:00
Gilles Peskine 802ff1b116
Merge pull request #7147 from paul-elliott-arm/interruptible_sign_hash_codestyle_drivers 
Remove driver entry points for psa_{get|set}_max_ops()
 2023-03-01 10:46:09 +01:00
Gilles Peskine 7e677fa2c5
Merge pull request #6389 from gilles-peskine-arm/ecdsa-use-psa-without-pkwrite 
Remove pkwrite dependency in pk using PSA for ECDSA
 2023-02-28 18:17:16 +01:00
Gilles Peskine b52b788e55
Merge pull request #6895 from yuhaoth/pr/add-aes-with-armv8-crypto-extension 
Add AES with armv8 crypto extension
 2023-02-28 18:16:37 +01:00
Paul Elliott 148903ca7d
Merge pull request #7185 from paul-elliott-arm/interruptible_sign_hash_pacify_clang 
Interruptible {sign|verify} hash - Pacify Clang 15
 2023-02-28 15:31:15 +00:00
Jerry Yu 608e1093de Improve comment about conflicts between aesce and sha512-crypto 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-02-28 12:50:00 +08:00
Paul Elliott 15d7d43904 Pacify Clang 15 
Changes for interruptible {sign|verify} hash were not merged at the time of the
previous clang 15 /retval fixes, thus this fixes code added at that time.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-27 17:25:57 +00:00
Dave Rodgman dd4427cc5b
Merge pull request #7169 from AndrzejKurek/mpi-window-size 
Reduce the default MBEDTLS_ECP_WINDOW_SIZE value from 6 to 2
 2023-02-27 17:12:38 +00:00
Paul Elliott ac2251dad1
Merge pull request #7076 from mprse/parse_RFC822_name 
Add parsing of x509 RFC822 name + test
 2023-02-27 14:16:13 +00:00
Paul Elliott a16ce9f601 Remove driver entry points for {get|set}_max_ops(). 
Move the global variable to the PSA layer, and just set that when calling PSA
level functions.

Move the internal ecp set to before each ecp call.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-24 14:44:18 +00:00
Andrzej Kurek 86f30ff626 Reduce the default MBEDTLS_ECP_WINDOW_SIZE value to 2 
As tested in https://github.com/Mbed-TLS/mbedtls/issues/6790,
after introducing side-channel counter-measures to bignum,
the performance of RSA decryption in correlation to the
MBEDTLS_ECP_WINDOW_SIZE has changed.
The default value of 2 has been chosen as it provides best
or close-to-best results for tests on Cortex-M4 and Intel i7.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-24 07:51:21 -05:00
Paul Elliott a3b625b0a1
Merge pull request #7098 from gilles-peskine-arm/retval-non-empty 
Pacify Clang 15 about empty \retval
 2023-02-24 09:10:53 +00:00
Jerry Yu c66deda4c5 Add explanation for aesce limitation 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-02-24 11:42:07 +08:00
Janos Follath 406b9172ad
Merge pull request #7044 from minosgalanakis/bignum/6342_add_named_moduli_setup 
Bignum: Add named moduli setup
 2023-02-22 12:14:33 +00:00
Gilles Peskine 250a5ac4cb
Merge pull request #7095 from paul-elliott-arm/interruptible_sign_hash_codestyle 
Implement PSA interruptible sign/verify hash
 2023-02-21 15:13:34 +01:00
Dave Rodgman e42cedf256
Merge pull request #7077 from daverodgman/pkcs7-fixes-dm-rebased 
Pkcs7 fixes
 2023-02-21 11:53:30 +00:00
Jerry Yu 330e6ae111 Add document about runtime detection of AESCE 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-02-21 15:16:20 +08:00
Jerry Yu c8bcdc8b91 fix various issues 
- Improve some function names
- Improve comments
- improve readability

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-02-21 15:16:20 +08:00
Przemek Stekiel ecee12f04f Add parsing of SAN: rfc822Name 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-20 15:09:50 +01:00
Minos Galanakis a30afe2216 ecp_curves: Minor refactoring. 
This patch introduces the following changes:
* Documentation for `mbedtls_ecp_modulus_setup()`
  moved to `ecp_invasive.h`.
* Added invalid modulus selector `MBEDTLS_ECP_MOD_NONE`.
* Adjusted negative tests to use invalid selectors.
* Reworded documentation.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-02-20 13:53:06 +00:00
Minos Galanakis d2ca802329 ecp_curves: Added mbedtls_ecp_modulus_setup(). 
This patch introduces a new static method, responsible
for automatically initialising an modulus structure,
based on the curve id and a modulus type selector.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-02-20 13:49:46 +00:00
Manuel Pégourié-Gonnard 718eb4f190
Merge pull request #7025 from AndrzejKurek/uri_san 
Add the uniformResourceIdentifier subtype for the subjectAltName
 2023-02-20 11:29:59 +01:00
Paul Elliott 5686533ba2 Add warning to mbedtls_ecp_set_max_ops() 
Using PSA interruptible interfaces will cause previously set values to be
overwritten.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-16 12:15:39 +00:00
Paul Elliott 21c3951139 Add reference to mbedtls_ecp_set_max_ops() to docs 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-16 12:15:39 +00:00
Paul Elliott 93d9ca83ea Move num_ops ECP abstraction fully into internal implementation 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-16 12:15:39 +00:00
Andrzej Kurek 81b0b89a34 Clarify comments on subjectAltName types 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-02-16 06:55:10 -05:00
Jerry Yu f7dccb303b Remove limitation for sha256/512 arm64 accelerator 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-02-16 17:56:33 +08:00
Jerry Yu 751e76bb04 Replace crypto engine with crypto extension 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-02-16 10:48:15 +08:00
Paul Elliott fe9e77ff7a Better formatting of include guard comments 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 84329464d5 Replace allocated hash buffer with array 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott c9774411d4 Ensure that operation is put into error state if error occurs 
If an error occurs, calling any function on the same operation should return
PSA_ERROR_BAD_STATE, and we were not honouring that for all errors. Add extra
failure tests to try and ratify this.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott f9c91a7fb5 Store the hash, rather than the pointer 
For sign and verify, the pointer passed in to the hash is not guaranteed to
remain valid inbetween calls, thus we need to store the hash in the
operation. Added a test to ensure this is the case.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 1bc59df92c Rename curve_bytes to coordinate_bytes 
Also remove unneeded instance from verify operation struct.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott ab7c5c8550 Change incorrect define for MAX_OPS_UNLIMITED 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 4ca521fcdb Remove obsolete comments 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 4684525ae9 Remove unrequired mpis from sign operation struct 
These are only used at the output stage.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott a3a8abadff Fix operation initialisers if no algorithms defined 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 1b49ef5384 Fix abort documentation. 
Make it clear that these functions reset the number of ops, and remove
statements that say they have no effect.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 90a91f041c Ensure structs are not empty even if ECDSA not supported 
Also make previous changes apply to both interruptible sign hash operation
structures rather than just the one as it was.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 749dec54ef Clean up structure include guards 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00
Paul Elliott 3225f19803 Fix ecdsa.h documentation error 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-02-15 23:34:29 +00:00