Gilles Peskine
7b7ecf5e0d
Fix condition to include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
...
Don't try to include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE when
MBEDTLS_PSA_CRYPTO_CONFIG is disabled. This didn't make sense and was an
editorial mistake when adding it: it's meant as an addition to
MBEDTLS_PSA_CRYPTO_CONFIG_FILE, so it should be included under the same
conditions.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-21 16:09:14 +02:00
Gilles Peskine
a458d48e7f
Move the inclusion of the PSA config file(s) into build_info.h
...
They belong here, next to the inclusion of the mbedtls config file. We only
put them in config_psa.h in Mbed TLS 2.x because there was no build_info.h
we could use.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-21 16:06:12 +02:00
Gilles Peskine
8cd1da4b73
Remove spurious extern "C"
...
This header only contains preprocessor definitions. They are not affected by
extern "C".
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-21 16:03:41 +02:00
Tom Cosgrove
d29648026b
Merge pull request #8017 from ivq/unchecked_return
...
Fix a few unchecked return values
2023-08-21 13:02:53 +00:00
Janos Follath
e220d258fd
Merge pull request #8086 from yanesca/remove-new-bignum
...
Remove new bignum when not needed
2023-08-21 10:59:41 +00:00
Dave Rodgman
0ce0fbc32a
Simplify aarch64 asm for mbedtls_ct_uint_lt
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-21 07:58:50 +01:00
Dave Rodgman
3ab114e3da
Move non-function-specific macro outside of function definition
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-21 07:54:11 +01:00
Dave Rodgman
f2249ec905
Rename mbedtls_aesce_has_support macro to satisfy case rules
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-20 20:20:12 +01:00
Dave Rodgman
b30adce7fd
Use -1 as uninitialised marker
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-20 20:20:12 +01:00
Dave Rodgman
4566132163
Make mbedtls_aesce_has_support more efficient
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-20 20:20:12 +01:00
Dave Rodgman
1fdc884ed8
Merge pull request #7384 from yuhaoth/pr/add-aes-accelerator-only-mode
...
AES: Add accelerator only mode
2023-08-18 20:55:44 +00:00
David Horstmann
1923c91e15
Add ChangeLog entry for otherName SAN fixes
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-08-18 19:36:42 +01:00
David Horstmann
cfae6a1ae9
Fix incorrect detection of HardwareModuleName
...
The hardware module name otherName SAN contains 2 OIDs:
OtherName ::= SEQUENCE {
type-id OBJECT IDENTIFIER,
value [0] EXPLICIT ANY DEFINED BY type-id }
HardwareModuleName ::= SEQUENCE {
hwType OBJECT IDENTIFIER,
hwSerialNum OCTET STRING }
The first, type-id, is the one that identifies the otherName as a
HardwareModuleName. The second, hwType, identifies the type of hardware.
This change fixes 2 issues:
1. We were erroneously trying to identify HardwareModuleNames by looking
at hwType, not type-id.
2. We accidentally inverted the check so that we were checking that
hwType did NOT match HardwareModuleName.
This fix ensures that type-id is correctly checked to make sure that it
matches the OID for HardwareModuleName.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-08-18 19:31:39 +01:00
David Horstmann
2ea44d28de
Fix: Set type_id in x509_get_other_name()
...
When parsing a subject alternative name of type otherName, retain the
type-id field of the otherName. Previously this was not copied to the
mbedtls_x509_san_other_name struct when it should have been.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-08-18 18:36:02 +01:00
Jerry Yu
0a6272d6c9
revert padlock from aesni module
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-18 17:35:59 +08:00
Jerry Yu
61fc5ed5f3
improve readability of error message
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-18 17:28:48 +08:00
Jerry Yu
372f7a04d0
Add missing check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-18 17:26:25 +08:00
Kusumit Ghoderao
5cad47df8a
Modify test description
...
The test data was generated using the python script.
PBKDF2_AES_CMAC_PRF_128 test vectors are generated using PyCryptodome library:
https://github.com/Legrandin/pycryptodome
Steps to generate test vectors:
1. pip install pycryptodome
2. Use the python script below to generate Derived key (see description for details):
Example usage:
pbkdf2_cmac.py <password> <salt> <number_of_iterations> <derived_key_len>
derive_output.py 4a30314e4d45 54687265616437333563383762344f70656e54687265616444656d6f 16384 16
password : 4a30314e4d45
salt : 54687265616437333563383762344f70656e54687265616444656d6f
input cost : 16384
derived key len : 16
output : 8b27beed7e7a4dd6c53138c879a8e33c
"""
from Crypto.Protocol.KDF import PBKDF2
from Crypto.Hash import CMAC
from Crypto.Cipher import AES
import sys
def main():
#check args
if len(sys.argv) != 5:
print("Invalid number of arguments. Expected: <password> <salt> <input_cost> <derived_key_len>")
return
password = bytes.fromhex(sys.argv[1])
salt = bytes.fromhex(sys.argv[2])
iterations = int(sys.argv[3])
dklen = int(sys.argv[4])
# If password is not 16 bytes then we need to use CMAC to derive the password
if len(password) != 16:
zeros = bytes.fromhex("00000000000000000000000000000000")
cobj_pass = CMAC.new(zeros, msg=password, ciphermod=AES, mac_len=16)
passwd = bytes.fromhex(cobj_pass.hexdigest())
else:
passwd = password
cmac_prf = lambda p,s: CMAC.new(p, s, ciphermod=AES, mac_len=16).digest()
actual_output = PBKDF2(passwd, salt=salt, dkLen=dklen, count=iterations, prf=cmac_prf)
print('password : ' + password.hex())
print('salt : ' + salt.hex())
print('input cost : ' + str(iterations))
print('derived key len : ' + str(dklen))
print('output : ' + actual_output.hex())
if __name__ == "__main__":
main()
"""
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-08-18 12:49:07 +05:30
Bence Szépkúti
505dffd5e3
Merge pull request #7937 from yanrayw/code_size_compare_improvement
...
code_size_compare.py: preparation work to show code size changes in PR comment
2023-08-17 20:59:11 +00:00
Gilles Peskine
eeaad50cd6
Merge pull request #8079 from adeaarm/port_IAR_build_fix
...
Small fixes for IAR support
2023-08-17 19:10:51 +00:00
Kusumit Ghoderao
e4d634cd87
Add tests with higher input costs for pbkdf2
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-08-17 21:16:14 +05:30
Gilles Peskine
dbd13c3689
Merge pull request #7662 from lpy4105/issue/renew_cert_2027-01-01
...
Updating crt/crl files due to expiry before 2027-01-01
2023-08-17 15:38:35 +00:00
Antonio de Angelis
8e9d6b927e
Remove the workaround for psa_key_agreement_internal
...
Remove the workaround for psa_key_agreement_internal to
have a shared_secret array always non-zero. The spec is
recently updated so that PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
is always non-zero
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2023-08-17 15:27:56 +01:00
Janos Follath
f2334b7b39
Remove new bignum when not needed
...
New bignum modules are only needed when the new ecp_curves module is
present. Remove them when they are not needed to save code size.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-08-17 14:36:59 +01:00
Agathiyan Bragadeesh
48eae138a5
Fix formatting in changelog
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-17 14:08:47 +01:00
Agathiyan Bragadeesh
2c018744e5
Add newline at end of changelog
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-17 14:00:10 +01:00
Gilles Peskine
294be94922
Merge pull request #7818 from silabs-Kusumit/PBKDF2_cmac_implementation
...
PBKDF2 CMAC implementation
2023-08-17 11:15:16 +00:00
Jerry Yu
9608447545
replace padlock_c with padlock_have_code
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 18:10:45 +08:00
Jerry Yu
3a0f044bde
improve readability
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 17:06:21 +08:00
Agathiyan Bragadeesh
9ebfa7f64c
Fix style
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-17 10:00:45 +01:00
Jerry Yu
6c6b9f602c
Change document to match real status
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 16:53:01 +08:00
Agathiyan Bragadeesh
da8c587531
Add ChangeLog entry
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-17 09:37:46 +01:00
Jerry Yu
e9c6b53e74
remove return-type when runtime detection enabled without plain c
...
This case does not exist
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 13:53:38 +08:00
Jerry Yu
f258d17acd
remove aesni + padlock - plain c tests
...
This test is not valid for padlock depends
on plain c
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 12:39:00 +08:00
Jerry Yu
1b4c7eda80
add hardware only check for padlock
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 11:25:17 +08:00
Jerry Yu
9e628621b4
Add via padlock detection macro
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 11:20:09 +08:00
Jerry Yu
2319af0d64
Change the order of runtime detection
...
If aesni is available, we will use it.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 10:38:57 +08:00
Jerry Yu
35b59d7805
exclude arm64ec mode for aesni
...
AESNI does not work correctly for msvc arm64ec
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 10:34:15 +08:00
Dave Rodgman
f4efd19dd0
Reduce code size in ccm
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 22:37:32 +01:00
Dave Rodgman
2aaf888e0b
Adjust struct layout for small size win
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 22:37:31 +01:00
Dave Rodgman
509b567911
add ifdefs to reduce size of mbedtls_to_psa_error
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 22:37:29 +01:00
Dave Rodgman
6f6820345a
add #ifdefs to reduce switch size
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 18:44:32 +01:00
Dave Rodgman
864f594acc
Adjust layout of some stucts
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 18:04:44 +01:00
Dave Rodgman
164614af3d
Reduce code-size to access key slots init flag
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 17:56:28 +01:00
Dave Rodgman
58c8b942d2
Eliminate redundant version of mbedtls_ct_memcmp
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 17:51:04 +01:00
Dave Rodgman
6a9fb932fb
Use MBEDTLS_GET_UINT16_BE in mbedtls_ecp_tls_read_group_id
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 17:50:36 +01:00
Agathiyan Bragadeesh
285f85f962
Remove unnecessary const type qualifiers in casts
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-16 17:15:48 +01:00
Antonio de Angelis
f1adc2a7a1
Use asm instead of __asm in constant_time.c
...
The original IAR fix submitted to TF-M directly changed asm to __asm.
But mbed TLS now has a workaround for such cases hence just remove the
original change modification.
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2023-08-16 12:48:48 +01:00
Antonio de Angelis
1ee4d1228c
Fix error strings without quotes
...
Some of the error strings that should be printed with the
error preprocessor directive are missing quotes
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2023-08-16 12:48:33 +01:00
TTornblom
e4f6d79bbe
BUILD: Update For IAR support
...
Applied the same change as in mbed-crypto for using this as a sub
project with the IAR toolchain. Use __asm generic ,and avoid empty
enum. Avoid declaration of array with null size. This is a porting
of the original patch contributed to trusted-firmware-m.
Signed-off-by: TTornblom <thomas.tornblom@iar.com>
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2023-08-16 12:36:21 +01:00