mbedtls

Author	SHA1	Message	Date
David Horstmann	45d5e2dc1a	Rename minimum_mem to resized_mem This new name is clearer about its purpose. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:10:33 +01:00
David Horstmann	5d074168f3	Rearrange declarations for readability Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:09:27 +01:00
David Horstmann	017139751a	Change behaviour away from NUL-terminated strings Instead, require the length of the string to be passed. This is more useful for our use-case, as it is likely we will parse OIDs from the middle of strings. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:04:20 +01:00
David Horstmann	6883358c16	Hoist variable declarations to before goto This should appease IAR, which does not like declarations in the middle of goto sequences. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-05-31 17:27:28 +01:00
David Horstmann	25d65e8527	Refactor while loop for simplicity Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-05-31 14:53:07 +01:00
David Horstmann	ada7d72447	Improve line spacing after variable declarations Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-05-31 14:49:56 +01:00
David Horstmann	9643575d92	Limit OIDs to 128 components The longest OID known by oid-info.com is 34 components[1], so 128 should be plenty and will limit the potential for attacks. [1] http://oid-info.com/get/1.3.6.1.4.1.1248.1.1.2.1.3.21.69.112.115.111.110.32.83.116.121.108.117.115.32.80.114.111.32.52.57.48.48 Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-04-26 11:50:14 +01:00
David Horstmann	861e5d2742	Change to using an alloc-realloc strategy Allocate enough memory to guarantee we can store the OID, encode into the buffer, then realloc and copy into a buffer of exactly the right size. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-04-19 18:37:45 +01:00
David Horstmann	ce16474d91	Correct INT_MAX overflow check to UINT_MAX Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-23 13:50:48 +00:00
David Horstmann	376e8df9d6	Clarify structure of parsing with comments: 1. Parse through to get the required buffer length. 2. Having allocated a buffer, parse into the buffer. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	89d67bd472	Remove superfluous sizeof(unsigned char) Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	7cdfda12da	Fixup: Correct signedness of val local variable Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	0f4ee418d8	Use return for errors only in oid_parse_number() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	59400ffed5	Improve header docs and rename parameter Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	03329970de	Correct error in processing of second component Root nodes 0 and 1 may have up to 40 children (0 - 39), not 39 children (0 - 38) as previously thought. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	18ec9d7da1	Change some error codes to be more accurate Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	92337c0e62	Add function to parse an OID from a string Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 16:34:26 +00:00
Janos Follath	406b9172ad	Merge pull request #7044 from minosgalanakis/bignum/6342_add_named_moduli_setup Bignum: Add named moduli setup	2023-02-22 12:14:33 +00:00
Gilles Peskine	ffb92b0789	Merge pull request #7105 from davidhorstmann-arm/fix-oid-printing-bug Fix bugs in OID to string conversion	2023-02-21 23:16:44 +01:00
Gilles Peskine	250a5ac4cb	Merge pull request #7095 from paul-elliott-arm/interruptible_sign_hash_codestyle Implement PSA interruptible sign/verify hash	2023-02-21 15:13:34 +01:00
Dave Rodgman	e42cedf256	Merge pull request #7077 from daverodgman/pkcs7-fixes-dm-rebased Pkcs7 fixes	2023-02-21 11:53:30 +00:00
Dave Rodgman	a1b2bfff46	Add clarifying comments Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-20 14:45:09 +00:00
David Horstmann	5b5a0b618c	Change error codes to more appropriate codes The more precise error codes are borrowed from the ASN1 module. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-20 14:24:12 +00:00
Minos Galanakis	a30afe2216	ecp_curves: Minor refactoring. This patch introduces the following changes: * Documentation for `mbedtls_ecp_modulus_setup()` moved to `ecp_invasive.h`. * Added invalid modulus selector `MBEDTLS_ECP_MOD_NONE`. * Adjusted negative tests to use invalid selectors. * Reworded documentation. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-02-20 13:53:06 +00:00
Minos Galanakis	dd556921c9	ecp_curves: Exposed `mbedtls_ecp_modulus_setup()` through `ecp_invasive.h` Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-02-20 13:50:41 +00:00
Minos Galanakis	d2ca802329	ecp_curves: Added `mbedtls_ecp_modulus_setup()`. This patch introduces a new static method, responsible for automatically initialising an modulus structure, based on the curve id and a modulus type selector. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-02-20 13:49:46 +00:00
Janos Follath	ec718afb41	Merge pull request #7051 from gabor-mezei-arm/6376_Secp521r1_fast_reduction Add a raw entry point to Secp521r1 fast reduction	2023-02-20 13:03:12 +00:00
Manuel Pégourié-Gonnard	718eb4f190	Merge pull request #7025 from AndrzejKurek/uri_san Add the uniformResourceIdentifier subtype for the subjectAltName	2023-02-20 11:29:59 +01:00
Paul Elliott	f8e5b56ad8	Fix get_num_ops internal code. Previously calling get_num_ops more than once would have ended up with ops getting double counted, and not calling inbetween completes would have ended up with ops getting missed. Fix this by moving this to where the work is actually done, and add tests for double calls to get_num_ops(). Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-19 18:55:10 +00:00
Gabor Mezei	ac70ad6576	Fix coding style Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-16 19:31:21 +01:00
Dave Rodgman	fc64352253	Adjust position of empty line Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-16 16:23:09 +00:00
Paul Elliott	ba70ad4944	Add safety for keys larger than we currently support. Prevent buffer overflow with keys whos grp.nbits is greater than PSA_VENDOR_ECC_MAX_CURVE_BITS. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-16 12:15:39 +00:00
Paul Elliott	93d9ca83ea	Move num_ops ECP abstraction fully into internal implementation Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-16 12:15:39 +00:00
Andrzej Kurek	81b0b89a34	Clarify comments on subjectAltName types Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-16 06:55:10 -05:00
Paul Elliott	2c9843f2a4	Make mbedtls_sa_ecp_load_public_part return psa_status_t Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	7ef174b285	Correct insufficient memory return documentation. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	a1c9409d88	Move structure init calls as early as possible Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	ebe225cf7b	Move num ops update to only point where work can be done. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	53bb312054	Wipe output buffer even when INCOMPLETE is returned. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	c569fc268f	Switch from nbits to pbits Correct coordinate size is grp.nbits, not grp.pbits. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	6d99f0c265	Fix errors in psa_wipe_output_buffer() doc comment. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	0290a76fc2	Fix buffer overflow with hashes larger than key size. Truncate input hashes to curve private key size as that is all that is required for the internal implementation. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	724bd25f4b	Fix missing mbedtls_mpi_free() on signing. After moving the MPIs used to output from the operation into the complete function, I failed to move the accompanying free as well. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	84329464d5	Replace allocated hash buffer with array Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	e6145dc47f	Add documentation comment to internal abort functions Explain the reasoning behind not clearing some variables. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	de1114c883	Fix {sign\|verify}_get_num_ops Move the obfuscation of the internal library only returning a delta of ops done into the driver wrapper, thus meaning driver wrapper and API call both return absolute values of work done. Document the differences at the internal implementation level. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	939bd9485d	Move output buffer wiping code to seperate function. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	1243f93cca	Fix build fails with non ECDSA / restartable builds Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	eefe47292c	Move loading of public part of ECP into function Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	c9774411d4	Ensure that operation is put into error state if error occurs If an error occurs, calling any function on the same operation should return PSA_ERROR_BAD_STATE, and we were not honouring that for all errors. Add extra failure tests to try and ratify this. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00

1 2 3 4 5 ...

10416 commits