Commit graph

29521 commits

Author SHA1 Message Date
Dave Rodgman
1e23f938cb
Merge pull request #8817 from daverodgman/iar-pk-fix
Compiler warning fixes
2024-02-13 16:33:24 +00:00
Tom Cosgrove
8fe2e36de5
Merge pull request #8801 from gilles-peskine-arm/sha3-no-table
Inline the SHA3 parameters table into a switch
2024-02-13 14:06:44 +00:00
Dave Rodgman
b4cb8bef42 Fix remaining warnings from -Wshorten-64-to-32
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-13 13:41:16 +00:00
Dave Rodgman
aa74165948 Fix IAR cast warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-13 13:40:26 +00:00
Manuel Pégourié-Gonnard
cd376dbec8
Merge pull request #8802 from mpg/adjust-vs-check
Misc. clean-ups in `check_config.h`
2024-02-13 08:45:18 +00:00
Janos Follath
f741db3d6e
Merge pull request #8764 from Ryan-Everett-arm/threadsafe-key-wiping
Make key destruction thread safe
2024-02-12 09:37:59 +00:00
Manuel Pégourié-Gonnard
c3d17cde46
Merge pull request #8702 from minosgalanakis/update/dhm_context_in_programs_5015
[MBEDTLS_PRIVATE] Update dhm context in programs
2024-02-10 08:47:51 +00:00
Manuel Pégourié-Gonnard
2e2af414d0
Merge pull request #7604 from zvolin/feature/pkcs5-aes
Add AES encrypted keys support for PKCS5 PBES2
2024-02-10 08:46:18 +00:00
Paul Elliott
53ddf420c8
Merge pull request #8689 from paul-elliott-arm/make_tests_thread_safe
Make test data thread safe
2024-02-09 19:43:09 +00:00
Paul Elliott
5d2bcc63cd Fix typo / improve documentation for test step fns
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-02-09 14:41:24 +00:00
Paul Elliott
54ad01efed Merge remote-tracking branch 'upstream/development' into make_tests_thread_safe 2024-02-09 14:33:58 +00:00
Ryan Everett
9dc076b4f4 Fix issue with lock failures returning CORRUPTION_DETECTED
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-09 14:20:09 +00:00
Ryan Everett
7fee4f7318 Fix mutex unlock error handling in psa_destroy_key
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-09 14:11:27 +00:00
Ryan Everett
67f3568895 Reduce analyze_block_cipher_dispatch exceptions
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-09 13:02:23 +00:00
Manuel Pégourié-Gonnard
ac60afc2d2 Remove useless overly strong dependency
ECJPAKE_C only needs MD_LIGHT and it allready auto-enables it in
config_adjust_legacy_crypto.h, so nothing to check here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 23:46:55 +01:00
Ryan Everett
75e65fe24b Reformat AES encryption test data in pkcs5 tests
The added comma is needed so that these tests match the regex exceptions
in analyze_outcomes.py.
Moved the Encryption tests so that they are separate to decryption.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-08 15:44:43 +00:00
Ryan Everett
afb2eee263 Add PKCS5/12 exceptions to analyze_block_cipher_dispatch
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-08 14:31:54 +00:00
Ryan Everett
791fc2e24c Merge remote-tracking branch 'upstream/development' into pkcs5_aes_new
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-08 14:26:29 +00:00
Janos Follath
7a28738205
Merge pull request #8636 from paul-elliott-arm/new_test_thread_interface
New test thread interface
2024-02-08 12:35:40 +00:00
Manuel Pégourié-Gonnard
a6184b2cc8 Remove redundant check
We're already making sure of that in
include/mbedtls/config_adjust_psa_superset_legacy.h - no need to
double-check here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:55:53 +01:00
Manuel Pégourié-Gonnard
1463e49a3c Move config adjustment to config_adjust
After this change, check_config.h does not have any #defined except:
- the standard header double-inclusion guard
- short-lived helpers that are #undef-ed in the same paragraph

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:55:52 +01:00
Manuel Pégourié-Gonnard
e1f3faf5bf Remove temporary macros that are not needed
Those were only used for KEY_EXCHANGE_ECJPAKE, but had a much larger
scope than needed. We actually don't need those macros if we distinguish
between cases when expressing dependencies for this key exchange.

The remaining helper macros are all short lived.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:55:51 +01:00
Manuel Pégourié-Gonnard
61758e606e Fix wrong dependency of ECJPAKE_C
It always uses MD now. (The "fall back" to PSA Crypto was only in the
1st iteration of driver-only hash support, before we changed the
architecture to make everything go through MD.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:44:22 +01:00
Manuel Pégourié-Gonnard
49f64b4cac Fix dependency on low-level hash modules
None of the TLS code is calling low-level hash functions directly. So
the correct dependencies here are MD_CAN.

(I checked and this was the only occurrence.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:44:21 +01:00
Manuel Pégourié-Gonnard
7eb3f9a523 Simplify and fix dependency of MD_C on a hash
Simplify: let's take advantage of the MD_CAN macros instead of doing it
again ourselves.

Fix: SHA-3 was forgotten.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:44:21 +01:00
Manuel Pégourié-Gonnard
68608b2317 Remove redundant helper macros in check_config.h
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:44:19 +01:00
Tom Cosgrove
1dbfc8ad3c
Merge pull request #8790 from paul-elliott-arm/fix_ctr_drbg_comment
Fix confusing comment in ctr drbg thread test
2024-02-08 11:11:50 +00:00
Gilles Peskine
a3172d1e96 Inline the SHA3 parameters table into a switch
This saves a few bytes of code size.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-08 10:47:08 +01:00
Manuel Pégourié-Gonnard
b7307630bb
Merge pull request #8703 from valeriosetti/issue7765-guards-in-asn1
Conversion function between raw and DER ECDSA signatures (guards in ASN1)
2024-02-08 08:45:30 +00:00
Manuel Pégourié-Gonnard
7bf1e98f44
Merge pull request #8740 from valeriosetti/issue8647
Move RSA basic key parsing/writing to rsa.c
2024-02-08 08:35:42 +00:00
Tom Cosgrove
c8de362202
Merge pull request #8665 from ivq/reduce_static_mem
Reduce many unnecessary static memory consumption
2024-02-07 23:26:27 +00:00
Valerio Setti
1910390b4a psa_util: improve leading zeros check in convert_der_to_raw_single_int()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 16:16:58 +01:00
Paul Elliott
bda577bb0b Fix confusing comment in ctr drbg thread test
Make it clearer where the magic number chosen for entropy_len actually
comes from, and why we chose this value.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-02-07 15:13:46 +00:00
Dave Rodgman
9b272ac1c6
Merge pull request #8794 from daverodgman/pr-guidelines
Remind contributors not to force-push
2024-02-07 15:08:42 +00:00
Valerio Setti
ef07fa0fc3 test_suite_psa_crypto_util: add more test for raw->der
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 15:16:45 +01:00
Valerio Setti
affba30833 psa_util: update documentation for mbedtls_ecdsa_raw_to_der()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 15:03:33 +01:00
Manuel Pégourié-Gonnard
b02c0be06a
Merge pull request #8791 from gilles-peskine-arm/psa-legacy-bridges-ecdsa-bits-first
Update ECDSA signature conversion specification
2024-02-07 13:43:29 +00:00
Ryan Everett
a8082c43d5 Add MBEDTLS_CIPHER_C dependencies to new pkparse tests
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-07 13:31:19 +00:00
Paul Elliott
292b1dc1e1
Merge pull request #8789 from paul-elliott-arm/fix_tsan_gcc
Stop platform test failures with GCC and TSAN
2024-02-07 11:32:39 +00:00
Dave Rodgman
2a6593bbb6 Slightly soften force-push suggestion
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-07 11:05:47 +00:00
Dave Rodgman
c1a4d1f09a Remove comments about rebasing vs merging; link to longer RTD document
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-07 11:04:14 +00:00
Dave Rodgman
2840523ae4 Remind contributors not to force-push
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-07 10:42:41 +00:00
Gilles Peskine
3f557ad59c Wording improvement
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-07 11:22:16 +01:00
Manuel Pégourié-Gonnard
1d7bc1ecdf
Merge pull request #8717 from valeriosetti/issue8030
PSA FFDH: feature macros for parameters
2024-02-07 10:06:03 +00:00
Dave Rodgman
57a0957938
Merge pull request #8788 from daverodgman/old-gcc-alignment-bug
Change unaligned access method for old gcc
2024-02-07 09:31:45 +00:00
Valerio Setti
447bbce8b4 rsa: remove unnecessary check in priv/pub key parsing
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 08:02:03 +01:00
Gilles Peskine
30a303f1a8 ECDSA signature conversion: put bits first
Metadata, then inputs, then outputs.
https://github.com/Mbed-TLS/mbedtls/pull/8703#discussion_r1474697136

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-06 19:45:11 +01:00
Paul Elliott
e053cb2f12 Stop platform test failures with GCC and TSAN
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-02-06 18:10:43 +00:00
Gilles Peskine
8bdd8cdc4f
Merge pull request #8729 from adeaarm/crypto_struct_client_view
Add a client view of the multipart contexts
2024-02-06 17:29:55 +00:00
Gilles Peskine
f45589b492
Merge pull request #8198 from silabs-Kusumit/kdf_incorrect_initial_capacity
KDF incorrect initial capacity
2024-02-06 17:29:43 +00:00