Commit graph

12244 commits

Author SHA1 Message Date
Dave Rodgman
c0633bc777 Add comment
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-22 10:54:43 +01:00
Dave Rodgman
38c3228f3e fix cast warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-22 10:51:37 +01:00
Gilles Peskine
193f94276e
Merge pull request #1071 from gilles-peskine-arm/ssl_decrypt_stream_short_buffer
Fix buffer overread in mbedtls_ssl_decrypt_buf with stream cipher
2023-09-22 11:43:03 +02:00
Dave Rodgman
d03f483dbe Use mbedtls_ct_error_if
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-22 10:01:47 +01:00
Dave Rodgman
fbe74a9e51 Add mbedtls_ct_error_if, with tests
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-22 09:58:25 +01:00
Tom Cosgrove
41434d043c
Merge pull request #8237 from tom-cosgrove-arm/mbedtls_pk_write_key_der-unused-len-and-unreachable-ret
Remove unused variable and unreachable return from mbedtls_pk_write_key_der()
2023-09-22 08:45:48 +00:00
Dave Rodgman
a9d70125a3 Remove mbedtls_ct_int_if
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 21:53:54 +01:00
Dave Rodgman
7ad37e40a6 Remove use of mbedtls_ct_int_if
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 21:53:31 +01:00
Dave Rodgman
530c3da698 Improve implementation of mbedtls_ct_int_if
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 21:06:48 +01:00
Dave Rodgman
61f1beaccf Update library to use mbedtls_ct_int_if
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 19:23:17 +01:00
Dave Rodgman
f81b2a14f2 Generalise mbedtls_ct_error_if to mbedtls_ct_int_if
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 19:22:43 +01:00
Dave Rodgman
aaebc9be51
Merge pull request #8235 from daverodgman/misc-size 2023-09-21 18:42:37 +01:00
Tom Cosgrove
8d276fbc23 Remove unused variable and unreachable return from mbedtls_pk_write_key_der()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-09-21 17:19:36 +01:00
correy
a15b4851d4 Fix MSVC error C4703 about possibly uninitialized variable in pkwrite.c
Signed-off-by: correy <112426112@qq.com>
2023-09-21 20:18:52 +08:00
Dave Rodgman
1a404e8f34 Use mbedtls_ct_error for CT error selection
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 13:12:28 +01:00
Dave Rodgman
e50b537266 Add mbedtls_ct_error_if
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 11:29:58 +01:00
Dave Rodgman
ef6795d2a9 Reduce size of mbedtls_asn1_get_len
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 10:35:33 +01:00
Dave Rodgman
584a08f91d Add cast for MSVC
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-20 20:15:52 +01:00
Gilles Peskine
efaee9a299 Give a production-sounding name to the p256m option
Now that p256-m is officially a production feature and not just an example,
give it a more suitable name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-20 20:49:47 +02:00
Waleed Elmelegy
1db5cdaf57 Add tests to test pkcs8 parsing of encrypted keys
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-20 19:29:02 +01:00
Waleed Elmelegy
5e48cad7f0 Fix codestyle issues in pkcs12.h & pkparse.c
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-20 19:29:02 +01:00
Waleed Elmelegy
d527896b7e Switch pkparse to use new mbedtls_pkcs12_pbe_ext function
Switch pkparse to use new mbedtls_pkcs12_pbe_ext function
and deprecate mbedtls_pkcs12_pbe function.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-20 19:29:02 +01:00
Waleed Elmelegy
c9f4040f7f Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function
Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function
and deprecate mbedtls_pkcs5_pbes2 function.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-20 19:28:28 +01:00
Dave Rodgman
1cf181fd46 Reinstate more robust return value handling
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-20 19:10:17 +01:00
Dave Rodgman
c43a0a4adb rename dont_ignore to in_padding
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-20 19:09:51 +01:00
Dave Rodgman
e834d6c9f2 Move declaration for robustness against future edits
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-20 19:09:51 +01:00
Dave Rodgman
c62f7fcce9 Use more meaningful variable name in mbedtls_rsa_rsaes_oaep_decrypt
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-20 19:09:51 +01:00
Dave Rodgman
e94cd0b99b Correct use of mbedtls_ct_mpi_uint_if_else_0
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-20 19:09:51 +01:00
Gilles Peskine
eda1b1f744
Merge pull request #7921 from valeriosetti/issue7613
TLS: Clean up ECDSA dependencies
2023-09-20 12:47:55 +00:00
Dave Rodgman
ee5464fab9 Simplify unnecessarily complex error code handling
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-20 09:13:12 +01:00
Dave Rodgman
fd96579ecd Use properly typed versions of mbedtls_ct_xxx_if
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 21:52:13 +01:00
Dave Rodgman
143f5f7c68 Add mbedtls_ct_bool_if and mbedtls_ct_bool_if_else_0
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 21:52:13 +01:00
Dave Rodgman
437500c5b1 Fix MSVC type complaint
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 21:52:13 +01:00
Dave Rodgman
814d096420 Fix error in handling of return value from mbedtls_nist_kw_unwrap
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 20:48:51 +01:00
Dave Rodgman
6be4bcff16 code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 19:47:51 +01:00
Dave Rodgman
4fc14cc4ae Fix error in handling of return value from mbedtls_nist_kw_unwrap
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 19:45:54 +01:00
Dave Rodgman
f8182d91a7 Simplify add_zeros_padding
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 18:39:33 +01:00
Dave Rodgman
d8c68a948a Use CT interface in get_zeros_padding
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 18:39:33 +01:00
Dave Rodgman
1cfc43c77b Rename mbedtls_ct_bool_xor to mbedtls_ct_bool_ne
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 18:39:33 +01:00
Dave Rodgman
89a9bd5887 Use CT interface in get_one_and_zeros_padding
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 18:39:33 +01:00
Dave Rodgman
6cec41c3bb use CT interface in add_zeros_and_len_padding()
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 18:34:06 +01:00
Dave Rodgman
6b7e2a5809 Use CT interface in get_pkcs_padding
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 18:34:06 +01:00
Dave Rodgman
b4e6b41aa0 Use const-time interface throughout mbedtls_rsa_rsaes_oaep_decrypt
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 18:34:06 +01:00
Dave Rodgman
51c15309f2 Make padlen check const-time
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 17:22:18 +01:00
Dave Rodgman
c2630fac52 Simplify mbedtls_ct_memcmp_partial
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 17:21:50 +01:00
Dave Rodgman
66d6ac92e6 Use mbedtls_ct_memcmp in mbedtls_rsa_rsaes_oaep_decrypt
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 09:10:59 +01:00
Dave Rodgman
d337bd9bfe Improve const-timeness of mbedtls_nist_kw_unwrap
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 09:10:59 +01:00
Dave Rodgman
9c14007ac3 Add mbedtls_ct_memcmp_partial
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 09:10:59 +01:00
Dave Rodgman
d26a3d6da7 Eliminate duplicate ct memcmp
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-18 19:09:45 +01:00
Gilles Peskine
faf0b8604a mbedtls_ssl_decrypt_buf(): fix buffer overread with stream cipher
With stream ciphers, add a check that there's enough room to read a MAC in
the record. Without this check, subtracting the MAC length from the data
length resulted in an integer underflow, causing the MAC calculation to try
reading (SIZE_MAX + 1 - maclen) bytes of input, which is a buffer overread.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-18 19:07:50 +02:00
Gilles Peskine
bd50d5baec
Merge pull request #8177 from gilles-peskine-arm/generated-files-off-in-release
Generated files off in release
2023-09-18 14:11:58 +00:00
Dave Rodgman
25c271a035
Merge pull request #8182 from daverodgman/asn1write-size
Reduce code size in mbedtls_asn1_write_len
2023-09-18 10:27:23 +00:00
Manuel Pégourié-Gonnard
275afe187f Fix preset shared between 1.2 and 1.3
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-18 11:19:20 +02:00
Gilles Peskine
67c86e626b
Merge pull request #7961 from gilles-peskine-arm/psa_crypto_config-in-full
Enable MBEDTLS_PSA_CRYPTO_CONFIG in the full config
2023-09-18 08:13:12 +00:00
Dave Rodgman
0c9516ea89 code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-15 18:30:09 +01:00
Dave Rodgman
127f35d5e5 Merge remote-tracking branch 'origin/development' into asn1write-size
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-15 18:02:59 +01:00
Dave Rodgman
ecdfc1c94f Fix poorly named function
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-15 18:00:37 +01:00
Gilles Peskine
8a7fb2d799
Merge pull request #1055 from waleed-elmelegy-arm/add-new-pkcs12-pbe2-ext-fun
Add new pkcs12 pbe2 ext fun
2023-09-15 18:43:03 +02:00
Gilles Peskine
170be457bd
Merge pull request #8207 from mcagriaksoy/branch_old_try
Fixes log level for got supported group message
2023-09-15 05:53:00 +00:00
Dave Rodgman
a11eac4292 code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-14 16:16:04 +01:00
Dave Rodgman
e99b24dd9f Fix some clang-18 warnings
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-14 15:52:02 +01:00
Yanray Wang
7732ced037 cipher_wrap: remove 192- and 256-bit for AES_ONLY_128_BIT_KEY_LENGTH
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-14 14:35:44 +08:00
mcagriaksoy
d9f22804ea Fixes log level for got supported group message
Signed-off-by: mcagriaksoy <mcagriaksoy@yandex.com>
2023-09-13 22:43:38 +02:00
Gilles Peskine
0ddffb6de2
Merge pull request #7210 from sergio-nsk/patch-2
Fix llvm error: variable 'default_iv_length' and other may be used uninitialized
2023-09-13 16:38:55 +02:00
Gilles Peskine
9b5d7d7801
Merge pull request #8195 from daverodgman/improve_sslmsg
Improve use of ct interface in mbedtls_ssl_decrypt_buf
2023-09-13 12:32:12 +00:00
Gilles Peskine
3cea3efc25
Merge pull request #8025 from AgathiyanB/accept-numericoid-hexstring-x509
Accept numericoid hexstring x509
2023-09-13 08:54:33 +00:00
Gilles Peskine
f22999e99f
Merge pull request #8093 from yuhaoth/pr/add-target-architecture-macros
Add architecture detection macros
2023-09-13 08:53:47 +00:00
Dave Rodgman
da0bb9fae8
Merge pull request #8034 from gilles-peskine-arm/bump_version-doc_mainpage
Update capitalization of "Mbed" and fix bump_version.sh
2023-09-13 08:41:20 +00:00
Dave Rodgman
7d52f2a0d9 Improve use of ct interface in mbedtls_ssl_decrypt_buf
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-13 09:30:03 +01:00
Gilles Peskine
e820c0abc8 Update spelling "mbed TLS" to "Mbed TLS"
The official spelling of the trade mark changed from all-lowercase "mbed"
to normal proper noun capitalization "Mbed" a few years ago. We've been
using the new spelling in new text but still have the old spelling in a
lot of text. This commit updates most occurrences of "mbed TLS":

```
sed -i -e 's/mbed TLS/Mbed TLS/g' $(git ls-files ':!ChangeLog' ':!tests/data_files/**' ':!tests/suites/*.data' ':!programs/x509/*' ':!configs/tfm*')
```

Justification for the omissions:

* `ChangeLog`: historical text.
* `test/data_files/**`, `tests/suites/*.data`, `programs/x509/*`: many
  occurrences are significant names in certificates and such. Changing
  the spelling would invalidate many signatures and tests.
* `configs/tfm*`: this is an imported file. We'll follow the upstream
  updates.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-12 19:18:17 +02:00
Agathiyan Bragadeesh
a72ea814d8 Remove double blank line in x509_create.c
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-09-12 17:57:09 +01:00
Agathiyan Bragadeesh
c7959b22c6 Remove magic number in x509.c
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-09-12 17:56:58 +01:00
Tom Cosgrove
9d8a7d62f5 Use the correct variable when tracking padding length
Fixes an error introduced in a81373f80

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-09-12 16:01:52 +01:00
Waleed Elmelegy
57d09b72ef Return back to modifying input parameters in pkcs12_parse_pbe_params
Return back to modifying input parameters in pkcs12_parse_pbe_params
to avoid change in behaviour.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-12 14:05:10 +01:00
Waleed Elmelegy
a7d206fce6 Check set_padding has been called in mbedtls_cipher_finish
Check set_padding has been called in mbedtls_cipher_finish
in modes that require padding.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-12 13:39:36 +01:00
Dave Rodgman
bd58944252 Avoid implementation defined behaviour
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-12 12:38:53 +01:00
Dave Rodgman
2b0d53a2a8
Merge pull request #7590 from daverodgman/ct-x86-asm
Constant time asm for x86 and x86-64
2023-09-12 09:58:44 +00:00
Dave Rodgman
50b0a35494 Test INT_MAX rather than UINT_MAX
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-12 09:30:44 +01:00
Dave Rodgman
98926d5fb1 Update comment, and replace bit-twiddling with #error
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-12 09:29:33 +01:00
Ronald Cron
ad2f351c6b
Merge pull request #8171 from ronald-cron-arm/misc-minor-fixes
One minor fix
2023-09-12 06:00:48 +00:00
Dave Rodgman
4f26770291 Ensure mbedtls_ct_memcpy behaves correctly with 16-bit int
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-11 19:10:09 +01:00
Dave Rodgman
dc669a1944 Fix type error
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-11 18:39:57 +01:00
Dave Rodgman
5265c318a0 Fix type-conversion error
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-11 18:04:13 +01:00
Dave Rodgman
49352832c9 Eliminate duplicate of mbedtls_asn1_find_named_data
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-11 17:10:43 +01:00
Dave Rodgman
33287ae134 Tidy up mbedtls_asn1_write_len
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-11 17:10:43 +01:00
Dave Rodgman
cf5f746a8c Refactor out some common code
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-11 16:27:34 +01:00
Dave Rodgman
7fda906a68
Merge pull request #8161 from gilles-peskine-arm/config-boolean-options-wrong-section-202309
Fix module configuration options in mbedtls_config.h
2023-09-11 15:08:56 +00:00
Dave Rodgman
3bbedf6ba0 code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-11 16:06:28 +01:00
Dave Rodgman
9f366b07ea Reduce code size in mbedtls_asn1_write_len
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-11 16:00:03 +01:00
Dave Rodgman
82fe0828b2
Merge pull request #8180 from daverodgman/sha2-zeroize
Ensure all md_<hash>_finish functions perform zeroization
2023-09-11 15:13:27 +01:00
Dave Rodgman
aafd1e0924 Ensure all md_<hash>_finish functions perform zeroization
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-11 12:59:36 +01:00
Tom Cosgrove
876346e451 Remove always-false null pointer check in sha3.c that Coverity complains about
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-09-11 09:03:01 +01:00
Dave Rodgman
3f8e483eed Mark y as modified in x86 asm for mbedtls_ct_uint_lt
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-08 17:57:40 +01:00
Dave Rodgman
4a97e73661 Eliminate a redundant not from x86 asm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-08 17:26:18 +01:00
Dave Rodgman
b6b8f6c68d Make variable name consistent in x86_64 asm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-08 17:19:32 +01:00
Dave Rodgman
5f249852a5 Better register allocation for x86_64 asm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-08 17:18:29 +01:00
Dave Rodgman
99f0cdc0e0 Remove not-needed mov in x86_64 asm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-08 17:18:04 +01:00
Waleed Elmelegy
e1cb35b719 Add new mbedtls_pkcs12_pbe_ext function to replace old function
Add new mbedtls_pkcs12_pbe_ext function to replace
old mbedtls_pkcs12_pbe function that have security
issues.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-08 16:51:26 +01:00
Gilles Peskine
0b62b7a21f Allow turning off re-generation of files with make
In make builds, when GEN_FILES is false (empty), don't try to re-generate
configuration-independent source files, regardless of whether they seem
out of date. This is useful, for example, if you have a source tree where
`make generated_files` has already run and file timestamps reflect the
time the files were copied or extracted, and you are now in an environment
that lacks some of the necessary tools to re-generate the files.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-08 16:19:13 +02:00
Gilles Peskine
31d49cd57f
Merge pull request #1053 from waleed-elmelegy-arm/Improve-and-test-mbedtls_pkcs12_pbe
Improve & test legacy mbedtls_pkcs12_pbe
2023-09-08 13:08:05 +02:00
Agathiyan Bragadeesh
706a1c3c3f Fix code style
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-09-08 12:04:41 +01:00
Agathiyan Bragadeesh
c34804dea2 Fix bug with checking max dn length with hexpairs
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-09-08 11:32:19 +01:00
Ronald Cron
b9c7953442 pkwrite: Fix defined but not used warning
Fix defined but not used warning when
MBEDTLS_USE_PSA_CRYPTO, MBEDTLS_PK_HAVE_RFC8410_CURVES
and MBEDTLS_PK_HAVE_ECC_KEYS are defined but not
MBEDTLS_PEM_WRITE_C.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-09-07 14:20:49 +02:00
Gilles Peskine
58590983c5
Merge pull request #8160 from daverodgman/warn-unreachable
Fix clang warnings about unreachable code
2023-09-06 09:47:03 +00:00
Dave Rodgman
85061b97b5 Improve sanity checking of MBEDTLS_HAVE_INTxx
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-06 08:41:05 +01:00
Dave Rodgman
b7b8c09c81
Update bignum_core.c
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-05 20:35:19 +01:00
Gilles Peskine
ff2558a470 Fix unused variable in some TLS 1.3 builds
Fix unused variable when MBEDTLS_SSL_PROTO_TLS1_3 and
MBEDTLS_SSL_SESSION_TICKETS are enabled but not MBEDTLS_DEBUG_C.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 21:10:39 +02:00
Dave Rodgman
7e1e7be8fc Simplify fixes for unreachable code
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-05 18:15:31 +01:00
Dave Rodgman
cfa722324c Fix warnings about unreachable code
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-05 16:53:33 +01:00
Dave Rodgman
0364c8a773 Introduce MBEDTLS_IGNORE_UNREACHABLE_BEGIN
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-05 16:20:19 +01:00
Waleed Elmelegy
255db80910 Improve & test legacy mbedtls_pkcs12_pbe
* Prevent pkcs12_pbe encryption when PKCS7 padding has been
  disabled since this not part of the specs.
* Allow decryption when PKCS7 padding is disabled for legacy
  reasons, However, invalid padding is not checked.
* Document new behaviour, known limitations and possible
  security concerns.
* Add tests to check these scenarios. Test data has been
  generated by the below code using OpenSSL as a reference:

#include <openssl/pkcs12.h>
#include <openssl/evp.h>
#include <openssl/des.h>
#include <openssl/asn1.h>
#include "crypto/asn1.h"
#include <string.h>

int main()
{
    char pass[] = "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB";
    unsigned char salt[] = "\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC";
    unsigned char plaintext[] = "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA";
    unsigned char *ciphertext = NULL;
    int iter = 10;
    X509_ALGOR *alg =  X509_ALGOR_new();
    int ciphertext_len = 0;
    int alg_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
    alg->parameter = ASN1_TYPE_new();
    struct asn1_object_st * aobj;
    PKCS5_pbe_set0_algor(alg, alg_nid, iter,
                         salt, sizeof(salt)-1);

    aobj = alg->algorithm;
    printf("\"30%.2X", 2 + aobj->length + alg->parameter->value.asn1_string->length);
    printf("06%.2X", aobj->length);
    for (int i = 0; i < aobj->length; i++) {
        printf("%.2X", aobj->data[i]);
    }

    for (int i = 0; i < alg->parameter->value.asn1_string->length; i++) {
        printf("%.2X", alg->parameter->value.asn1_string->data[i]);
    }
    printf("\":\"");

    for (int i = 0; i < sizeof(pass)-1; i++) {
        printf("%.2X", pass[i] & 0xFF);
    }
    printf("\":\"");
    for (int i = 0; i < sizeof(plaintext)-1; i++) {
        printf("%.2X", plaintext[i]);
    }
    printf("\":");
    printf("0");
    printf(":\"");

    unsigned char * res = PKCS12_pbe_crypt(alg, pass, sizeof(pass)-1, plaintext, sizeof(plaintext)-1, &ciphertext, &ciphertext_len, 1);

    if (res == NULL)
        printf("Encryption failed!\n");
    for (int i = 0; i < ciphertext_len; i++) {
        printf("%.2X", res[i]);
    }
    printf("\"\n");

    return 0;
}

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
#
2023-09-05 15:45:55 +01:00
Paul Elliott
945d674c8d
Merge pull request #8157 from actonlang/fix-include-psa-utils-internals
Use quotes include of psa_util_internal.h
2023-09-05 12:52:19 +00:00
Tom Cosgrove
8bd8a462d2
Merge pull request #8141 from tom-cosgrove-arm/define-psa-macros-to-1
Define all PSA_xxx macros to 1 rather than have them empty, for consistency
2023-09-04 21:27:01 +00:00
Agathiyan Bragadeesh
fca0861e8e Add asn1 get tag and len to x509 create config
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-09-04 15:45:37 +01:00
Agathiyan Bragadeesh
86dc08599b Add asn1 write tag and len to x509 use c config
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-09-04 15:40:41 +01:00
Gilles Peskine
1a7d387072
Merge pull request #1041 from waleed-elmelegy-arm/add-new-pkcs5-pbe2-ext-fun
Add new pkcs5 pbe2 ext fun
2023-09-04 15:33:42 +02:00
Kristian Larsson
a1aeff4124 Use quotes include of psa_util_internal.h
psa_utils_internal.h was broken out of mbedtls/psa_utils.h, which in
some places were included as <mbedtls/psa_utils.h>. But since
psa_utils_internals.h should be internal, we should not rely on the
system include paths. I suspect a regexp replace gone slightly wrong.

Signed-off-by: Kristian Larsson <kristian@spritelink.net>
2023-09-04 10:36:37 +02:00
Dave Rodgman
4f69668558
Merge pull request #8082 from daverodgman/misc-code-size
Misc code size improvements
2023-09-02 11:44:31 +00:00
Dave Rodgman
662c497395
Merge pull request #8144 from daverodgman/zeroize-stronger
Add more protection to mbedtls_platform_zeroize
2023-09-02 10:59:12 +01:00
Dave Rodgman
1dab445804 Update guard for ecp
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-02 10:56:44 +01:00
Dave Rodgman
16a76721b6
Merge pull request #8068 from paul-elliott-arm/fix_tls_zeroization
Fix TLS pad buffer zeroization
2023-09-01 23:35:23 +00:00
Waleed-Ziad Maamoun-Elmelegy
c5fef82c52 Fix typo in pkcs5.c
Co-authored-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-01 11:45:39 +01:00
Dave Rodgman
fe55320b5c Avoid error from old gcc version
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-01 11:15:28 +01:00
Dave Rodgman
5f6060a1f3 Code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-01 11:00:58 +01:00
Dave Rodgman
ba67451562 Fix gcc compile warnings
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-01 10:14:46 +01:00
Dave Rodgman
ac3cf7c20b Add more protection to mbedtls_platform_zeroize
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-01 10:09:31 +01:00
Paul Elliott
6ebe7d2e3a
Merge pull request #8095 from davidhorstmann-arm/initialize-struct-get-other-name
Coverity fix: Set `type_id` in `x509_get_other_name()`
2023-08-31 16:26:00 +00:00
Tom Cosgrove
c43c3aaf02 Define all PSA_xxx macros to 1 rather than have them empty, for consistency
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-08-31 17:06:58 +01:00
Dave Rodgman
4f47f3dac8 Covert PSA guards to MBEDTLS
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-31 12:10:00 +01:00
Dave Rodgman
a9a53a05f0 Merge remote-tracking branch 'origin/development' into misc-code-size 2023-08-31 11:53:46 +01:00
Dave Rodgman
dea266f3f5 Use MBEDTLS_MD_LIGHT instead of MBEDTLS_MD_C
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-31 11:52:43 +01:00
Dave Rodgman
8d706f6b59 Simplify camellia error conversion macros
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-31 11:48:44 +01:00
Dave Rodgman
09a9e589c1 Add missing error conversion case
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-31 11:05:22 +01:00
Dave Rodgman
68efcf56ed Remove not-needed #include
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-31 10:09:05 +01:00
Dave Rodgman
984309c2c3 Call mbedtls_platform_zeroize via mbedtls_sha3_free
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-30 19:22:28 +01:00
Dave Rodgman
dbddb00158 Ensure mbedtls_sha3_finish zeroizes the context
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-30 18:43:23 +01:00
Gilles Peskine
03e9dea30b Merge remote-tracking branch 'development' into psa_crypto_config-in-full
Conflicts:
* `include/psa/crypto_sizes.h`: the addition of the `u` suffix in this branch
  conflicts with the rework of the calculation of `PSA_HASH_MAX_SIZE` and
  `PSA_HMAC_MAX_HASH_BLOCK_SIZE` in `development`. Use the new definitions
  from `development`, and add the `u` suffix to the relevant constants.
2023-08-30 18:32:57 +02:00
Agathiyan Bragadeesh
a2423debcc Fix code style
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-30 16:24:31 +01:00
Agathiyan Bragadeesh
de02ee268e Refactor parse_attribute_value_string
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-30 16:12:57 +01:00
Agathiyan Bragadeesh
1aece47e8c Make hexpair_to_int take a char pointer
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-30 16:05:24 +01:00
Agathiyan Bragadeesh
e9d1c8e1eb Reword and reformat comments
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-30 15:55:31 +01:00
Agathiyan Bragadeesh
ef6abd4062 Add blank lines after variable declarations
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-30 15:55:12 +01:00
Dave Rodgman
730bbee226 Merge remote-tracking branch 'origin/development' into update-restricted-2023-08-30 2023-08-30 11:22:00 +01:00
Dave Rodgman
29bf911058
Merge pull request #7839 from daverodgman/psa-sha3
SHA-3 via PSA
2023-08-30 08:51:36 +00:00
Waleed Elmelegy
79b6e26b1b Improve mbedtls_pkcs5_pbes2_ext function test data
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-08-29 14:55:03 +01:00
Dave Rodgman
787011542b Fully replace mbedtls_psa_safer_memcmp
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-29 14:20:18 +01:00
Dave Rodgman
e97de40e7b Typo fix
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-29 09:47:35 +01:00
Dave Rodgman
6d5261e38f Fix typo in doxygen for mbedtls_ct_memcpy_offset
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-29 09:42:14 +01:00
Dave Rodgman
b69239c604 Improve docs in mbedtls_mpi_lt_mpi_ct
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-29 09:42:14 +01:00
Dave Rodgman
d44dd96132 Improve docs re duplicate declarations
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-29 09:42:14 +01:00
Dave Rodgman
0cf9dd1056 Whitespace - tidy up asm and make it more consistent
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-29 09:42:14 +01:00
Dave Rodgman
81673bba77 Add x86 const-time assembly
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-29 09:42:14 +01:00
Dave Rodgman
664fea481c Add x86-64 const-time assembly
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-29 09:42:14 +01:00
Dave Rodgman
d395590597
Merge pull request #7579 from daverodgman/safer-ct-asm
Arm assembly implementation of constant time primitives
2023-08-28 08:26:29 +00:00
Jerry Yu
f65f71eef3 improve various issues
- duplicate definition
- wrong comments
- redundant include statement

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-28 10:58:24 +08:00
Yanray Wang
044eb16379 pkwrite: zeroize buf containing info of private key
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-08-28 10:35:41 +08:00
Gilles Peskine
2a296729d0
Merge pull request #8084 from AgathiyanB/remove-type-qualifier-in-assignment-casts
Remove type qualifier in assignment casts
2023-08-24 18:02:11 +00:00
Agathiyan Bragadeesh
457ac84f01 Refactor previous fix
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-23 11:35:26 +01:00
Agathiyan Bragadeesh
4c7d7bf583 Add guard for empty AttributeValue
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-23 11:28:30 +01:00
Jerry Yu
782b966666 replace target arch macros in padlock
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-23 17:15:35 +08:00
Jerry Yu
d6e312dde4 replace aesni target detection macros
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-23 17:15:34 +08:00
Jerry Yu
72fd0bdc71 replace arm64 macro and aesce enable flag
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-23 17:15:34 +08:00
Agathiyan Bragadeesh
15df01240d Fix code style
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 17:50:00 +01:00
Agathiyan Bragadeesh
4606bf3f38 Refactor reading AttributeValue in dn gets
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 17:29:18 +01:00
Agathiyan Bragadeesh
022f86f108 Prevent output of escaped null characters dn gets
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 16:56:04 +01:00
Agathiyan Bragadeesh
d9d79bb74b Rename parse_attribute_value_ber_encoded
Now renamed to parse_attribute_value_der_encoded to be consistent with
names elsewhere

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 16:43:58 +01:00
Agathiyan Bragadeesh
8aa74ab6a9 Add return for buffer too small when reading OIDs
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 16:42:27 +01:00
Agathiyan Bragadeesh
f3b9724dcd Remove questionable use of macro.
MBEDTLS_X509_SAFE_SNPRINTF was used after mbedtls_oid_get_numeric_string
so instead we have expanded the macro and kept the relevant code.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 16:37:11 +01:00
Agathiyan Bragadeesh
07f472a88b Add corruption detected return when writing asn1
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 16:29:39 +01:00
Tom Cosgrove
3d2d599d3e
Merge pull request #7996 from gilles-peskine-arm/small_primes-gaps
Reduce the size of the small primes table used by primality testing
2023-08-22 12:48:56 +00:00
Agathiyan Bragadeesh
ba386ec23e Remove magic number for null tag
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
12b9d7040e Remove x509_oid_from_numericoid
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
fb94702762 Add catch for alloc error x509_oid_from_numericoid
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
4294ccc608 Use mbedtls_calloc instead of calloc
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
55d93192b1 Fix oid memory leak
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
f826d1113e Reject null bytes in DER encoded values in DNs
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
eb55867520 Fix code style
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
9caaa6d967 Reject escaped null hexpairs in DNs
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
957ca0595d Accept short name/ber encoded data in DNs
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
17984874af Change error from unknown oid to invalid name
Since the implementation no longer needs to know the oid, it makes more
sense for the error message to be an invalid name.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
f88bd5ac86 Accept any valid oid in string_to_names
Instead of using x509_attrs, use generic oid conversion.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
af70c7dce7 Write numeric oid directly to buffer
mbedtls_oid_get_numeric_string now points to output buffer in dn_gets

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
a7f9630925 Remove duplicate '+' in comparison string
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
5adffb2488 Refactor dn_gets use library function to write tag
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
2bf09a61a3 Fix style on left shift operations
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
e18a1789fd Use MBEDTLS_X509_MAX_DN_NAME_SIZE for buffer size
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
ee642d93a8 Format preprocessor conditionals
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
ed88eefe8e Rename in_tag to in_attr_type
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
97178f231f Fix code style in mbedtls_x509_string_to_names
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
7f639fc7ab Fix Windows x64 build errors with type conversions
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
39ba121d3a Fix memory leak in alternative code route
If no oid is found, and x509_attr_descr_from_numericoid returns NULL,
previously the memory allocated for the oid wasn't freed.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
f818e01edb FIx memory leak in x509_attr_descr_from_numericoid;
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
a1f5c2d06f Move declaration of variables in dn_gets to top
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
0a4b6d88d0 Alter conditions on hexstring output dn_gets
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
4987c8fcb0 Fix code style on x509.c and x509_create.c
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
c9d74f3109 Refactor AttributeType in mbedtls_x509_dn_gets
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
0eb6673a80 Add preprocessor config guards
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
6cbfae591a Parse DER tag mbedtls_x509_string_to_names
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
ddc720d209 Add mbedtls_x509_dn_gets hexstring output
If the data is a bitstring or an octet string, instead use the hexstring
of the BER encoding (RFC 4514 Section 2.4)

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
b73778d8f9 Implement parse_attribute_value_ber_encoded
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
e119f3c0ea Refactor mbedtls_x509_string_to_names
This refactor is to accomodate future support of numericoid/hexstring
attributetype value pairs.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
f0e1ac59d8 Rewrite nibble_to_hex_digit for readability
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
9d2507c81d Rename x509_int_to_hexdigit to nibble_to_hex_digit
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
ef2decbe4a Escape hexpairs characters RFC 4514
Converts none ascii to escaped hexpairs in mbedtls_x509_dn_gets and
interprets hexpairs in mbedtls_x509_string_to_names.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:38:16 +01:00
Agathiyan Bragadeesh
48513b8639 Escape special characters RFC 4514
This escapes special characters according to RFC 4514 in
mbedtls_x509_dn_gets and de-escapes in mbedtls_x509_string_to_names.
This commit does not handle hexpairs.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:38:16 +01:00
Gilles Peskine
30b0378008 Fix off-by-one error
The value of p after adding the last entry in the gap table is not used.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-22 11:06:47 +02:00
Dave Rodgman
e20d688463
Fix missing operand modifier
Co-authored-by: Yanray Wang <yanray.wang@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-22 08:46:18 +01:00
Dave Rodgman
0c99a9083e Avoid signed right shift UB
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-21 17:06:24 +01:00
Tom Cosgrove
31b2d7414d
Merge pull request #8053 from gilles-peskine-arm/mpi_exp_mod-remove_initial_copy
mbedtls_mpi_exp_mod: remove spurious copy of the output variable
2023-08-21 15:50:28 +00:00
Gilles Peskine
0addbe6dc7
Merge pull request #8069 from paul-elliott-arm/fix_ecjpake_deadcode
Fix logical dead code found by Coverity
2023-08-21 14:44:36 +00:00
Dave Rodgman
65204f8fc8
Merge pull request #8035 from daverodgman/aesce-support-perf
Make mbedtls_aesce_has_support more efficient
2023-08-21 14:39:08 +00:00
Tom Cosgrove
d29648026b
Merge pull request #8017 from ivq/unchecked_return
Fix a few unchecked return values
2023-08-21 13:02:53 +00:00
Janos Follath
e220d258fd
Merge pull request #8086 from yanesca/remove-new-bignum
Remove new bignum when not needed
2023-08-21 10:59:41 +00:00
Yanray Wang
08d5f46c83 pkwrite.c: call calloc and free properly
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-08-21 15:15:24 +08:00
Dave Rodgman
0ce0fbc32a Simplify aarch64 asm for mbedtls_ct_uint_lt
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-21 07:58:50 +01:00
Dave Rodgman
3ab114e3da Move non-function-specific macro outside of function definition
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-21 07:54:11 +01:00
Gilles Peskine
ead1766b5f Fix PBKDF2 with empty salt segment on platforms where malloc(0)=NULL
"Fix PBKDF2 with empty salt on platforms where malloc(0)=NULL" took care of
making an empty salt work. But it didn't fix the case of an empty salt
segment followed by a non-empty salt segment, which still invoked memcpy
with a potentially null pointer as the source. This commit fixes that case,
and also simplifies the logic in the function a little.

Test data obtained with:
```
pip3 install cryptodome
python3 -c 'import sys; from Crypto.Hash import SHA256; from Crypto.Protocol.KDF import PBKDF2; cost = int(sys.argv[1], 0); salt = bytes.fromhex(sys.argv[2]); password = bytes.fromhex(sys.argv[3]); n = int(sys.argv[4], 0); print(PBKDF2(password=password, salt=salt, dkLen=n, count=cost, hmac_hash_module=SHA256).hex())' 1 "" "706173737764" 64
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-20 22:05:16 +02:00
Dave Rodgman
f2249ec905 Rename mbedtls_aesce_has_support macro to satisfy case rules
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-20 20:20:12 +01:00
Dave Rodgman
b30adce7fd Use -1 as uninitialised marker
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-20 20:20:12 +01:00
Dave Rodgman
4566132163 Make mbedtls_aesce_has_support more efficient
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-20 20:20:12 +01:00
Dave Rodgman
1fdc884ed8
Merge pull request #7384 from yuhaoth/pr/add-aes-accelerator-only-mode
AES: Add accelerator only mode
2023-08-18 20:55:44 +00:00
David Horstmann
cfae6a1ae9 Fix incorrect detection of HardwareModuleName
The hardware module name otherName SAN contains 2 OIDs:

 OtherName ::= SEQUENCE {
      type-id    OBJECT IDENTIFIER,
      value      [0] EXPLICIT ANY DEFINED BY type-id }

 HardwareModuleName ::= SEQUENCE {
                           hwType OBJECT IDENTIFIER,
                           hwSerialNum OCTET STRING }

The first, type-id, is the one that identifies the otherName as a
HardwareModuleName. The second, hwType, identifies the type of hardware.

This change fixes 2 issues:

1. We were erroneously trying to identify HardwareModuleNames by looking
at hwType, not type-id.
2. We accidentally inverted the check so that we were checking that
hwType did NOT match HardwareModuleName.

This fix ensures that type-id is correctly checked to make sure that it
matches the OID for HardwareModuleName.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-08-18 19:31:39 +01:00
David Horstmann
2ea44d28de Fix: Set type_id in x509_get_other_name()
When parsing a subject alternative name of type otherName, retain the
type-id field of the otherName. Previously this was not copied to the
mbedtls_x509_san_other_name struct when it should have been.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-08-18 18:36:02 +01:00
Jerry Yu
0a6272d6c9 revert padlock from aesni module
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-18 17:35:59 +08:00
Jerry Yu
61fc5ed5f3 improve readability of error message
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-18 17:28:48 +08:00
Jerry Yu
372f7a04d0 Add missing check
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-18 17:26:25 +08:00
Gilles Peskine
eeaad50cd6
Merge pull request #8079 from adeaarm/port_IAR_build_fix
Small fixes for IAR support
2023-08-17 19:10:51 +00:00
Gilles Peskine
73936868b8 Merge remote-tracking branch 'development' into psa_crypto_config-in-full
Conflicts:
* tests/scripts/all.sh: component_test_crypto_full_no_cipher was removed
  in the development branch.
2023-08-17 19:46:34 +02:00
Antonio de Angelis
8e9d6b927e Remove the workaround for psa_key_agreement_internal
Remove the workaround for psa_key_agreement_internal to
have a shared_secret array always non-zero. The spec is
recently updated so that PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
is always non-zero

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2023-08-17 15:27:56 +01:00
Janos Follath
f2334b7b39 Remove new bignum when not needed
New bignum modules are only needed when the new ecp_curves module is
present. Remove them when they are not needed to save code size.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-08-17 14:36:59 +01:00
Waleed Elmelegy
5d3f315478 Add new mbedtls_pkcs5_pbe2_ext function
Add new mbedtls_pkcs5_pbe2_ext function to replace old
function with possible security issues.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-08-17 14:20:58 +01:00
Gilles Peskine
294be94922
Merge pull request #7818 from silabs-Kusumit/PBKDF2_cmac_implementation
PBKDF2 CMAC implementation
2023-08-17 11:15:16 +00:00
Jerry Yu
9608447545 replace padlock_c with padlock_have_code
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 18:10:45 +08:00
Jerry Yu
3a0f044bde improve readability
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 17:06:21 +08:00
Agathiyan Bragadeesh
9ebfa7f64c Fix style
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-17 10:00:45 +01:00
Yanray Wang
7226df0757 pkwrite.c: add a cleanup label to save code size
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-08-17 15:05:16 +08:00
Jerry Yu
e9c6b53e74 remove return-type when runtime detection enabled without plain c
This case does not exist

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 13:53:38 +08:00
Jerry Yu
1b4c7eda80 add hardware only check for padlock
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 11:25:17 +08:00
Jerry Yu
9e628621b4 Add via padlock detection macro
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 11:20:09 +08:00
Jerry Yu
2319af0d64 Change the order of runtime detection
If aesni is available, we will use it.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 10:38:57 +08:00
Jerry Yu
35b59d7805 exclude arm64ec mode for aesni
AESNI does not work correctly for msvc arm64ec

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 10:34:15 +08:00
Dave Rodgman
f4efd19dd0 Reduce code size in ccm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 22:37:32 +01:00
Dave Rodgman
509b567911 add ifdefs to reduce size of mbedtls_to_psa_error
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 22:37:29 +01:00
Dave Rodgman
6f6820345a add #ifdefs to reduce switch size
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 18:44:32 +01:00
Dave Rodgman
864f594acc Adjust layout of some stucts
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 18:04:44 +01:00
Dave Rodgman
164614af3d Reduce code-size to access key slots init flag
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 17:56:28 +01:00
Dave Rodgman
58c8b942d2 Eliminate redundant version of mbedtls_ct_memcmp
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 17:51:04 +01:00
Dave Rodgman
6a9fb932fb Use MBEDTLS_GET_UINT16_BE in mbedtls_ecp_tls_read_group_id
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 17:50:36 +01:00
Agathiyan Bragadeesh
285f85f962 Remove unnecessary const type qualifiers in casts
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-16 17:15:48 +01:00
Antonio de Angelis
f1adc2a7a1 Use asm instead of __asm in constant_time.c
The original IAR fix submitted to TF-M directly changed asm to __asm.
But mbed TLS now has a workaround for such cases hence just remove the
original change modification.

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2023-08-16 12:48:48 +01:00