Commit graph

12561 commits

Author SHA1 Message Date
Matthias Schulz
ca8981c1ee Added proposed fixes
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-13 10:04:19 +01:00
Matthias Schulz
be1e9c5951 Pop only when pushed.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-13 09:33:33 +01:00
Tom Cosgrove
08ea9bfa1f
Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data
TLS 1.3: Rename early_data and max_early_data_size configuration function
2023-11-10 19:35:46 +00:00
Manuel Pégourié-Gonnard
76fa16cab3 block_cipher: add encrypt()
Test data copied from existing test suites.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 12:14:53 +01:00
Manuel Pégourié-Gonnard
3e0884fc53 block_cipher: add setkey()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 11:52:10 +01:00
Yanray Wang
0287b9d260 padlock.c: guard mbedtls_padlock_xcryptcbc by CIPHER_MODE_CBC
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-10 18:21:22 +08:00
Manuel Pégourié-Gonnard
21718769d1 Start adding internal module block_cipher.c
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 11:21:17 +01:00
Yanray Wang
cd25d22526 cipher.c: remove checks for CBC,XTS,KW,KWP in cipher_setkey
We have checks for CBC, XTS and KW modes in check_config.h. This
means we should never get a successful build with above three modes.
Therefore, the checks in cipher_setkey is not necessary as other
error will be emitted if asking for those modes in the cipher.
Additionally, removing the checks can save extra code size.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-10 15:40:58 +08:00
Valerio Setti
01c4fa3e88 ssl: move MBEDTLS_SSL_HAVE internal symbols to ssl.h
This is useful to properly define MBEDTLS_PSK_MAX_LEN when
it is not defined explicitly in mbedtls_config.h

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
Yanray Wang
111159b89c BLOCK_CIPHER_NO_DECRYPT: call encrypt direction unconditionally
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-10 15:03:23 +08:00
Matthias Schulz
5ffc42442d Fix preprocessor syntax error.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-09 15:44:24 +01:00
Matthias Schulz
2e068cef09 fixes invalid default choice of thumb assembler syntax.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-09 15:25:52 +01:00
Matthias Schulz
ee10b8470a Fix compiler error on gcc 4.5.2.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-09 15:19:28 +01:00
Matthias Schulz
9916b06ce7 Fix uninitialized variable warnings.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-09 14:25:01 +01:00
Manuel Pégourié-Gonnard
7d7ce0e66a
Merge pull request #8495 from lpy4105/issue/6322/driver-only-cipher_aead-tls
[G3] Driver-only cipher+aead: TLS: main test suite
2023-11-09 11:10:34 +00:00
Yanray Wang
f03b49122c aes.c: guard RSb and RTx properly
If we enabled AES_DECRYPT_ALT and either AES_SETKEY_DEC_ALT or
AES_USE_HARDWARE_ONLY, this means RSb and RTx are not needed.
This commit extends how we guard RSb and RTx for the combinations of
these configurations.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-09 11:43:21 +08:00
Gilles Peskine
4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377
Fixes "CSR parsing with critical fields fails"
2023-11-08 18:07:04 +00:00
Dave Rodgman
0d22539de0
Merge pull request #8468 from daverodgman/mbedtls-3.5.1-pr
Mbed TLS 3.5.1
2023-11-08 18:01:32 +00:00
Ryan Everett
5567e3a34b Make empty key slots explicit
Add new status field to key slots, and use it.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-11-08 13:28:20 +00:00
Dave Rodgman
28d40930ae Restore bump version
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:08 +00:00
Yanray Wang
004a60c087 aes.c: remove non-functional code
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-08 19:05:31 +08:00
Pengyu Lv
2bd56de3f4 ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros
MBEDTLS_SSL_HAVE_<block_cipher>_CBC equals
MBEDTLS_SSL_HAVE_<block_cipher> and MBEDTLS_SSL_HAVE_CBC.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 14:21:19 +08:00
Pengyu Lv
65458fa969 ssl: MBEDTLS_SSL_HAVE_* in ssl_misc.h
Done by commands:

```
sed -i "300,$ s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 12:16:29 +08:00
Pengyu Lv
829dd2048a ssl: use MBEDTLS_SSL_HAVE_* in ssl_ciphersuites.c
Mainly done by the commands, with some manual adjust.

```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 12:01:26 +08:00
Pengyu Lv
f1b86b088f ssl: add macro to indicate CBC mode is available
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 11:28:42 +08:00
Pengyu Lv
e870cc8c86 ssl: add macro for available key types
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 11:28:36 +08:00
Tom Cosgrove
53199b1c0a
Merge pull request #6720 from yuhaoth/pr/tls13-early-data-receive-0_rtt-and-eoed
TLS 1.3: EarlyData SRV: Write early data extension  in EncryptedExtension
2023-11-07 13:59:13 +00:00
Yanray Wang
4995e0c31b cipher.c: return error for ECB-decrypt under BLOCK_CIPHER_NO_DECRYPT
- fix remaining dependency in test_suite_psa_crypto.data

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 17:51:32 +08:00
Tom Cosgrove
4122c16abd
Merge pull request #6945 from lpy4105/issue/6935/ticket_flags-kex-mode-determination
TLS 1.3: SRV: Check ticket_flags on kex mode determination when resumption
2023-11-07 09:26:21 +00:00
Jerry Yu
7cca7f6820 move ext print to the end of write client hello
pre_shared_key extension is done at the end. The
information should be print after that

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 15:19:13 +08:00
Jerry Yu
1ccd6108e8 Revert "fix miss sent extensions mask"
This reverts commit 06b364fdfd.

It has been set in write_binders

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 14:57:44 +08:00
Jerry Yu
7ef9fd8989 fix various issues
- Debug message
- Improve comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 14:31:37 +08:00
Jerry Yu
2bea94ce2e check the ticket version unconditional
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 14:18:17 +08:00
Yanray Wang
0751761b49 max_early_data_size: rename configuration function
Rename mbedtls_ssl_tls13_conf_max_early_data_size as
mbedtls_ssl_conf_max_early_data_size since in the future
this may not be specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 11:49:34 +08:00
Yanray Wang
d5ed36ff24 early data: rename configuration function
Rename mbedtls_ssl_tls13_conf_early_data as
mbedtls_ssl_conf_early_data since in the future this may not be
specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 11:49:24 +08:00
Pengyu Lv
44670c6eda Revert "TLS 1.3: SRV: Don't select ephemeral mode on resumption"
This reverts commit dadeb20383.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-07 09:58:53 +08:00
Dave Rodgman
4b67ac8adf
Merge pull request #8444 from Mbed-TLS/cvv-code-size
code size for mbedtls_cipher_validate_values
2023-11-06 12:50:37 +00:00
Yanray Wang
0d76b6ef76 Return an error if asking for decrypt under BLOCK_CIPHER_NO_DECRYPT
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is enabled, but decryption is
still requested in some incompatible modes, we return an error of
FEATURE_UNAVAILABLE as additional indication.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Yanray Wang
de0e2599ad cipher_wrap.c: remove unnecessary NO_DECRYPT guard for DES
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Gilles Peskine
8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407
[G2] Make TLS work without Cipher
2023-11-04 15:05:00 +00:00
Dave Rodgman
4eb44e4780 Standardise some more headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:15:12 +00:00
Dave Rodgman
ce38adb731 Fix header in ssl_tls13_keys.c
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 10:29:25 +00:00
Dave Rodgman
f8be5f6ade Fix overlooked files
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 20:43:00 +00:00
Dave Rodgman
16799db69a update headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Dave Rodgman
e91d7c5d68 Update comment to mention IAR
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 10:36:38 +00:00
Dave Rodgman
b351d60e99 Merge remote-tracking branch 'origin/development' into msft-aarch64 2023-11-01 13:20:53 +00:00
Jerry Yu
960b7ebbcf move psk check to EE message on client side
early_data extension is sent in EE. So it should
not be checked in SH message.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-01 10:32:18 +08:00
Jerry Yu
82fd6c11bd Add selected key and ciphersuite check
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-01 10:32:17 +08:00
Jerry Yu
ce3b95e2c9 move ticket version check
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-01 10:32:17 +08:00
Jerry Yu
454dda3e25 fix various issues
- improve output message
- Remove unnecessary checks
- Simplify test command

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-01 10:28:43 +08:00
Dave Rodgman
9ba640d318 Simplify use of __has_builtin
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 23:34:02 +00:00
Dave Rodgman
90c8ac2205 Add case for MSVC
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 23:27:24 +00:00
Dave Rodgman
64bdeb89b9 Use non-empty definition for fallback
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 23:27:04 +00:00
Dave Rodgman
52e7052b6c tidy up comments
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 23:26:44 +00:00
Dave Rodgman
3e5cc175e0 Reduce code size in mbedtls_cipher_validate_values
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 18:00:01 +00:00
Dave Rodgman
6d2c1b3748 Restructure mbedtls_cipher_validate_values
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 18:00:01 +00:00
Dave Rodgman
fb24a8425a Introduce MBEDTLS_ASSUME
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 17:59:56 +00:00
Yanray Wang
b67b47425e Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-31 17:22:06 +08:00
Pengyu Lv
dbd1e0d986 tls13: add helpers to check if psk[_ephemeral] allowed by ticket
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-31 10:17:17 +08:00
Pengyu Lv
29daf4a36b tls13: server: fully check ticket_flags with available kex mode.
We need to fully check if the provided session ticket could be
used in the handshake, so that we wouldn't cause handshake
failure in some cases. Here we bring f8e50a9 back.

Example scenario:
A client proposes to a server, that supports only the psk_ephemeral
key exchange mode, two tickets, the first one is allowed only for
pure PSK key exchange mode and the second one is psk_ephemeral only.
We need to select the second tickets instead of the first one whose
ticket_flags forbid psk_ephemeral and thus cause a handshake
failure.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-31 09:34:14 +08:00
Dave Rodgman
b06d701f56
Merge pull request #8406 from beni-sandu/aesni
AES-NI: use target attributes for x86 32-bit intrinsics
2023-10-30 17:01:06 +00:00
Tom Cosgrove
3857bad9a2
Merge pull request #8427 from tom-cosgrove-arm/fix-linux-builds-in-conda-forge
Fix builds in conda-forge, which doesn't have CLOCK_BOOTTIME
2023-10-30 15:29:26 +00:00
Valerio Setti
467271dede ssl_misc: ignore ALG_CBC_PKCS7 for MBEDTLS_SSL_HAVE_xxx_CBC
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:40:32 +01:00
Valerio Setti
1ebb6cd68d ssl_misc: add internal MBEDTLS_SSL_HAVE_[AES/ARIA/CAMELLIA]_CBC symbols
These are used in tests to determine whether there is support for
one of those keys for CBC mode.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:36:32 +01:00
Jerry Yu
06b364fdfd fix miss sent extensions mask
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-30 17:18:42 +08:00
Pengyu Lv
cfb23b8090 tls13: server: parse pre_shared_key only when some psk is selectable
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-30 15:26:26 +08:00
Beniamin Sandu
800f2b7c02 AES-NI: use target attributes for x86 32-bit intrinsics
This way we build with 32-bit gcc/clang out of the box.
We also fallback to assembly for 64-bit clang-cl if needed cpu
flags are not provided, instead of throwing an error.

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
2023-10-27 17:02:22 +01:00
Valerio Setti
36fe8b9f4b psa_crypto_cipher: add guard for unused variable
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
1e21f26d88 psa_crypto_cipher: add helper to validate PSA cipher values
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
4a249828a8 psa_crypto_cipher: add mbedtls_cipher_values_from_psa()
This commit splits mbedtls_cipher_info_from_psa() in 2 parts:

- mbedtls_cipher_values_from_psa() that performs parameters' validation and
  return cipher's values

- mbedtls_cipher_info_from_psa() which then use those values to return
  the proper cipher_info pointer. Of course this depends on CIPHER_C.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Valerio Setti
2c2adedd82 psa_crypto_aead: add guard for CIPHER_C dependency
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Jerry Yu
71c14f1db6 write early data indication in EE msg
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-27 10:52:49 +08:00
Jerry Yu
985c967a14 tls13: add more checks for server early data
- check if it is enabled
- check if it is psk mode
- check if it is resumption
- check if it is tls13 version

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-27 10:52:27 +08:00
Bence Szépkúti
51328162e6
Merge pull request #8374 from sergio-nsk/sergio-nsk/8372/2
Fix compiling AESNI in Mbed-TLS with clang on Windows
2023-10-26 21:21:01 +00:00
Dave Rodgman
2db1e354e3
Merge pull request #8408 from daverodgman/iar-fix-aes
Fix MBEDTLS_MAYBE_UNUSED for IAR
2023-10-26 15:53:11 +00:00
Gilles Peskine
b3d0ed2e6e
Merge pull request #8303 from valeriosetti/issue6316
Add test component with all ciphers and AEADs accelerated only
2023-10-26 15:53:10 +00:00
Tom Cosgrove
257f6dd57d Fix builds in conda-forge, which doesn't have CLOCK_BOOTTIME
Fixes #8422

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-10-26 14:04:34 +01:00
Ronald Cron
95b735530c
Merge pull request #6719 from yuhaoth/pr/tls13-early-data-add-early-data-of-client-hello
TLS 1.3: EarlyData SRV: Add early data extension parser.
2023-10-26 08:31:53 +00:00
Valerio Setti
bbc46b4cc2 cipher: improve code readibility in mbedtls_cipher_setup()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-26 09:00:21 +02:00
Dave Rodgman
6e51abf11d Merge remote-tracking branch 'origin/development' into msft-aarch64
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 15:17:11 +01:00
Dave Rodgman
d1c4fb07ee Support older IAR versions
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 15:07:35 +01:00
Valerio Setti
79a02de79f cipher: check that ctx_alloc_func is not NULL before calling it
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:03:36 +02:00
Valerio Setti
a6c0761c43 cipher_wrap: fix guards for GCM/CCM AES
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:03:36 +02:00
Valerio Setti
e86677d0c3 pkparse: fix missing guards for pkcs5/12 functions
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:03:36 +02:00
Dave Rodgman
5e41937eba Remove dependency on asm/hwcap.h
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
9fd1b526c3 Use MBEDTLS_ARCH_IS_ARMV8_A not MBEDTLS_ARCH_IS_ARMV8
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
cb5c9fb0c2 Add volatile to prevent asm being optimised out
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
b34fe8b88b Fix #error typo
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
90291dfe33 Share some definitions that are common for clang and GCC 5
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
46267f6a2d Tidy-up: move GCM code into one place
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
f4ee5d4c94 Code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
2c25bdb7cf Don't use #ifdef on vreinterpretq_xxx
Co-authored-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
f60e44d063 Add link to ACLE docs in comment
Co-authored-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
48b965d941 Update clang version requirements
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
472a1906d5 fix tabs
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
4b8e8dc043 Improve compiler version checking + docs + testing for armclang
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
ece803b0ae Fix behaviour for Armv8 targets without Neon
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
851cf5a325 Fix runtime detection on A32/T32
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
27e3c87fc1 Suppport AESCE on A32 and T32
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:22 +01:00
Dave Rodgman
d69d3cda34
Merge pull request #8298 from daverodgman/sha-armce-thumb2
Support SHA256 acceleration on Armv8 thumb2 and arm
2023-10-24 21:23:15 +00:00
Dave Rodgman
f842868dd9 Fix MBEDTLS_MAYBE_UNUSED for IAR
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-24 14:18:38 +01:00
Pengyu Lv
7b711710b2 Add check_ticket_flags helper function
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-24 17:07:14 +08:00
Dave Rodgman
514590210b Merge remote-tracking branch 'origin/development' into sha-armce-thumb2
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-23 15:35:07 +01:00
Dave Rodgman
66d5512571 Remove dependency on asm/hwcap.h
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-23 15:12:32 +01:00
Dave Rodgman
bcb810252c
Merge pull request #8363 from daverodgman/iar-fixes-2
Stop IAR warning about goto skipping variable definition
2023-10-23 14:59:15 +01:00
Tom Cosgrove
235e361b6c
Merge pull request #8339 from lpy4105/issue/support-cpuid-for-win32
Support cpuid for win32
2023-10-23 10:43:39 +00:00
Manuel Pégourié-Gonnard
2bf0870e25
Merge pull request #7861 from mpg/cleanup-pk-parse
cleanup PK parse - part 1
2023-10-23 08:49:16 +00:00
Matthias Schulz
edc32eaf1a Uncrustified
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-19 16:09:08 +02:00
Sergey Markelov
3898f10fed Fix #8372 - Error compiling AESNI in Mbed-TLS with clang on Windows
It can successfully compile w/ the clang options -maes -mpclmul.

Signed-off-by: Sergey Markelov <sergey@solidstatenetworks.com>
2023-10-18 20:24:39 -07:00
Gilles Peskine
6407f8fc54
Merge pull request #8322 from valeriosetti/issue8257
Improve location of MD_CAN macros
2023-10-18 14:31:28 +00:00
Paul Elliott
4fb1955b31 Remove NULL-ing of passed in SSL context in ssl_populate_transform()
Remove a piece of code that was meant to ensure non-usage of the ssl
context under conditions where it should not be used, as this now makes
less sense and also triggers coverity.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-10-18 15:16:45 +01:00
Matthias Schulz
ab4082290e Added parameters to add callback function to handle unsupported extensions. Similar to how the callback functions work when parsing certificates. Also added new test cases.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-18 13:20:59 +02:00
Gilles Peskine
f6f4695824
Merge pull request #8320 from valeriosetti/issue8263
Fix dependencies of mbedtls_pk_ec_ro and mbedtls_pk_ec_rw
2023-10-18 10:03:46 +00:00
Pengyu Lv
ed5e4e86a5 Merge branch 'development' into issue/6935/ticket_flags-kex-mode-determination 2023-10-18 18:03:07 +08:00
Jerry Yu
b47b2990d6 fix various issues
- fix wrong typo
- remove redundant check
- remove psk mode tests

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-18 15:50:35 +08:00
Manuel Pégourié-Gonnard
c6d633ffbc
Merge pull request #8297 from valeriosetti/issue8064
Change accel_aead component to full config
2023-10-18 07:15:59 +00:00
Matthias Schulz
873a202d18 Now handling critical extensions similarly to how its done in x509_get_crt_ext just without the callback function to handle unknown extensions.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-17 16:02:20 +02:00
Matthias Schulz
cc923f307e Added missing like between variables and function body.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-17 12:36:56 +02:00
Matthias Schulz
adb3cc4d43 Fixes #8377.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-17 11:57:10 +02:00
Valerio Setti
2f00b7a5da cipher: reset MBEDTLS_CIPHER_HAVE_AEAD to MBEDTLS_CIPHER_MODE_AEAD
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-17 11:43:34 +02:00
Manuel Pégourié-Gonnard
745ec5d75e Fix static initializer warning
In a hypothetical build with no curves, or in the future when we add a
new curve type and possibly forget updating this function with a new
block for the new type, we write to `ret` at the beginning or the
function then immediately overwrite it with MPI_CHK(check_privkey),
which static analyzers understandably find questionable.

Use `ret` here and check the key only if it was actually set.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-17 10:13:45 +02:00
Yanray Wang
4b6595aa83 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-10-17 11:13:00 +08:00
Dave Rodgman
2fde39a22c
Merge pull request #8283 from daverodgman/more-aes-checks
More AES guards testing and some fixes
2023-10-16 18:22:51 +00:00
Valerio Setti
9fc1f24331 md: restore md.h includes in source files directly using its elements
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 14:39:38 +02:00
Valerio Setti
74cb404b0d ssl: improve ssl_check_key_curve()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 13:40:50 +02:00
Yanray Wang
aa01ee303a Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-10-16 17:38:32 +08:00
Valerio Setti
dcee98730b cipher_wrap: add VIA_LEGACY_OR_USE_PSA to new internal symbols
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 11:35:57 +02:00
Valerio Setti
596ef6c0b1 cipher: reset MBEDTLS_CIPHER_HAVE_AEAD_LEGACY to previous naming
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 11:26:08 +02:00
Valerio Setti
0521633559 cipher: fix guards in mbedtls_cipher_auth_[encrypt/decrypt]_ext()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 11:22:21 +02:00
Manuel Pégourié-Gonnard
52e9548c22 Fix check for format supported by PSA
For non-Weierstrass curves there's only one format and it's supported.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
f1b7633443 Use clearer function name
I went for "may be" as I was thinking just checking the tag technically
does not guarantee that what follows is correct, but I was wrong:
according to ASN.1, when there are variants, the tag does distinguish
unambiguously between variants, so we can be more positive here.
(Whether the thing inside that variant is correct is a different
question.)

As a welcome side effect, this makes the name more standard hence more
readable.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
842ffc5085 Make code more robust
Using return here is only correct if we know that group_load() is atomic
(either succeeds, or allocates no ressources). I'm not sure it is, and
even if it were, goto exit is more obviously correct, so let's use that.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
94cf1f82ad Fix a typo in a comment
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
564bc1bb96 Fix limitation in checking supported alg in pk_sign
The recent changes in pkparse made it so ECDSA (deterministic or not) is
set as the secondary alg and ECDH the first one. This broke the wrapper
in pk_wrap as it was only checking the first alg when deciding whether
to use deterministic or not. The wrapper should not have unnecessary
requirements on how algs are set up, so make the check more flexible.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
53d3e40a21 Fix unused warnings in dummy definition
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
12ea63a5f7 Abstract away MBEDTLS_PK_PARSE_EC_EXTENDED
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
fac9819edc Fix and document return of pk_ecc_set_pubkey()
One of the calling site needs to distinguish between "the format is
potentially valid but not supported" vs "other errors", and it uses
MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE for that.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
ff72ea9d51 Rework pk_ecc_set_pubkey()
- Fix the logic around format: we were just assuming that if the format
was not compressed, it was uncompressed, but it could also have been
just invalid.
- Remove redundant length check: the fallback does its own checks.
- Remove set_algorithm() that's not needed and introduced a depencency
on ECDSA.
- Some style / naming / scope reduction.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
e4c883bc8c New signature for pk_ecc_set_pubkey()
Also new name, for consistency, and documentation.

The signature **p, *end is mostly for parsing functions that may not
consume everything, and need to update the "current" pointer to reflect
what has been consumed. This is not the case here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
681e30b727 Rework pk_ecc_set_pubkey_psa_ecp_fallback()
- new semantic: sets the pubkey directly in the PK context
- new name to reflect that semantic and obey the naming scheme
- trivial case first
- documentation and better parameter names

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
0b8e45650f Tune body of pk_ecc_set_pubkey_from_prv()
- avoid useless use of ret in PSA code, keep only status
- improve variable names
- keep declarations closer to use
- a few internal comments

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
de25194a20 Rename and document pk_ecc_set_pubkey_from_prv()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
d1aa642394 Document pk_ecc_set_group() and pk_ecc_set_key()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
5470898e37 Move code around again
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
997a95e592 Merge two consecutive #ifs
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
212517b87d Start re-ordering functions in pkparse
The general order is low-level first, top-level last, for the sake of
static function and avoiding forward declarations.

The obvious exception was functions that parse files that were at the
beginning; move them to the end.

Also start defining sections in the file; this is incomplete as I don't
have a clear view of the beginning of the file yet. Will continue in
further commits.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
df151bbc37 Minor improvements to pk_ecc_read_compressed()
- new name starting with pk_ecc for consistency
- re-order params to match the PSA convention: buf, len, &size
- add comment about input consumption

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
e82fcd9c9e Avoid nested #ifs in body of pk_get_ecpubkey()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
116175c5d7 Use helper macro for (deterministic) ECDSA
- centralizes decision making about which version to use when
- avoids nested #ifs in pk_ecc_set_key()

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Dave Rodgman
0a48717b83 Simplify Windows-on-Arm macros
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
c5cc727dd0 Use new MBEDTLS_ARCH_IS_xxx macros
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
a0f10da9d2 Use MBEDTLS_HAVE_NEON_INTRINSICS instead of __ARM_NEON
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
4ffd7c7614 Introduce MBEDTLS_HAVE_NEON_INTRINSICS and simplify NEON header inclusion
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
be09286666 Enable 8-byte fastpath in mbedtls_xor on ARM64 and ARM64EC
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
ad71b6a834 Support ARM64EC in the same way as ARM64 in sha256 and sha512
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
78fc0bd1db Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS on Windows-on-Arm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Manuel Pégourié-Gonnard
dcd98fffab Factor similar code into pk_ecc_set_key()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
6db11d5068 Group two versions of the same code
Just moving code around. The two blocks do morally the same thing: load
the key, and grouping them makes the #if #else structure clearer.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
d5b4372012 Slightly simplify pk_derive_public_key()
- add a comment explain potentially surprising parameters
- avoid nesting #if guards: I find the linear structure #if #elif #else
makes the three cases clearer.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
2585852231 Factor common code into a function
There were two places that were calling either pk_update_ecparams() or
mbedtls_ecp_group_load() depending on the same guard. Factor this into a
single function, that works in both configs, so that callers don't have
to worry about guards.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
5fcbe4c1f8 Further rationalize includes
- only include psa_util when we use PSA Crypto
- re-order includes

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
da88c380bd Minimize key-type-related includes
- we don't use any ECDSA function here
- we only need to include ecp.h when supporting ECC keys

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
4b0e8f0e2c Remove redundant include
It's also included later, guarded by support for ECC keys, and actually
that's the only case where we need it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Valerio Setti
5f5573fa90 cipher: reintroduce symbol for legacy AEAD support
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-13 17:29:27 +02:00
Dave Rodgman
515af1d80d Stop IAR warning about goto skipping variable definition
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-13 16:03:25 +01:00
Bence Szépkúti
195411bb17
Merge pull request #8062 from yanrayw/save_stack_usage_pkwrite
pkwrite: use heap to save stack usage for writing keys in PEM string
2023-10-13 14:27:13 +00:00
Dave Rodgman
2457bcd26c Tidy up logic for MBEDTLS_MAYBE_UNUSED
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-13 12:31:45 +01:00
Gilles Peskine
97a6231b5c
Revert "Fix a few IAR warnings" 2023-10-13 11:39:53 +02:00
Dave Rodgman
2d67e3a07b
Merge pull request #8352 from daverodgman/iar-fixes
Fix a few IAR warnings
2023-10-13 09:20:28 +01:00
Tom Cosgrove
71f2e398bd
Merge pull request #8345 from mcagriaksoy/branch_issue_8344
Add missing casting size_t to int on ssl_tls13_keys.c
2023-10-12 18:39:33 +00:00
Dave Rodgman
584c8108b3 Use a block to save 12b
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-12 16:55:23 +01:00
Dave Rodgman
351a81c65d Keep initialisation of p in its original location
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-12 16:36:05 +01:00
Dave Rodgman
bcb1818e19 Fix IAR 'transfer of control bypasses initialization' warnings
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-12 16:23:11 +01:00
Dave Rodgman
4b779bef9e
Merge branch 'development' into more-aes-checks
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-12 16:17:10 +01:00
Dave Rodgman
54bb76e106
Merge pull request #8348 from kasjer/kasjer/aes-rcon-rename
Rename local variable in aes.c
2023-10-12 12:30:35 +00:00
Valerio Setti
db1ca8fc33 cipher: keep MBEDTLS_CIPHER_HAVE symbols private
This commit also improve the usage of these new symbols in
cipher_wrap code

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-12 10:39:54 +02:00
Valerio Setti
e570704f1f ssl: use MBEDTLS_SSL_HAVE_[CCM/GCM/CHACHAPOLY/AEAD] macros for ssl code
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-12 10:39:37 +02:00
Dave Rodgman
4fd868e4b1
Refer to Armv8-A (not Armv8) in comments
Co-authored-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-12 09:09:42 +01:00
Jerry Yu
ab0da370a4 Add early data status update
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-12 15:02:01 +08:00
Jerry Yu
1eb0bd557d Add not-received status
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-12 15:02:01 +08:00
Jerry Yu
33bf240e53 Add max_early_data_size into copy list
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-12 15:00:26 +08:00
Jerry Yu
02e3a074a3 Add max_early_data_size into ticket
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-12 15:00:26 +08:00
Jerzy Kasenberg
ee62fceade Rename local variable in aes.c
This changes local variable name RCON to round_constants.

RCON being definition in xc32 compiler headers for some PIC32 register.
Without this change, mynewt project for PIC32 platform fails to build due to
macro redefinition.

This does not changes behavior of library in any way.

Signed-off-by: Jerzy Kasenberg <jerzy.kasenberg@codecoup.pl>
2023-10-11 16:36:24 +02:00
Mehmet Cagri Aksoy
56e9011bde Add casting size_t to int
Signed-off-by: Mehmet Cagri Aksoy <mcagriaksoy@yandex.com>
2023-10-11 15:28:06 +02:00
Mehmet Cagri Aksoy
66f9b3f810 Add casting size_t to int
Signed-off-by: Mehmet Cagri Aksoy <mcagriaksoy@yandex.com>
2023-10-11 15:26:23 +02:00
Dave Rodgman
b0d9830373
Merge branch 'development' into sha-armce-thumb2
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-11 13:53:41 +01:00
Valerio Setti
02a634decd md: remove unnecessary inclusions of mbedtls/md.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:15:58 +02:00
Valerio Setti
4d0e84628c ssl: reorganize guards surrounding ssl_get_ecdh_params_from_cert()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:15:29 +02:00
Valerio Setti
d4a10cebe4 cipher/tls: use new symbols for guarding AEAD code
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:10:34 +02:00
Dave Rodgman
be7915aa6c Revert renaming of SHA512 options
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-11 10:59:05 +01:00
Ronald Cron
a89d2ba132
Merge pull request #8327 from ronald-cron-arm/adapt-psa-crypto-repo-name
Adapt to new PSA Crypto repo name
2023-10-11 06:45:30 +00:00
Pengyu Lv
0ecb635ca5 aesni: select __cpuid impl based on compiler type
MinGW provides both kinds of implementations of `__cpuid`,
but since `cpuid.h` is provided by GNUC, so we should choose
the implementation by the compiler type instead of OS type.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-11 11:09:58 +08:00
Dave Rodgman
5b89c55bb8 Rename MBEDTLS_SHAxxx_USE_ARMV8_yyy to MBEDTLS_SHAxxx_USE_ARMV8_A_yyy
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 15:14:57 +01:00
Dave Rodgman
fe9fda81aa Rename MBEDTLS_ARCH_IS_ARMV8 to MBEDTLS_ARCH_IS_ARMV8_A
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 15:14:56 +01:00
Dave Rodgman
5d4ef83e01 Fix hwcap detection on 32-bit Arm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 13:04:07 +01:00
Dave Rodgman
94a634db96 Rename A64 config options
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 12:59:29 +01:00
Pengyu Lv
e8c4bf180b aesni: declare cpuinfo as int
Change the type of array that stores the cpuinfo
data to int[4] to match the signature of `__cpuinfo`
in `intrin.h` header file.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-10 18:12:43 +08:00
Pengyu Lv
308cb232bf aesni: support cpuid on WIN32
`__cpuid` has two kinds of signatures in different
headers depending on the target OS. We make it
consistent between the usages ang the included header.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-10 17:56:12 +08:00
Dave Rodgman
78d78462ac Make asm without side-effects not optimisable-out
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 09:53:44 +01:00
Ronald Cron
7871cb14a7 Include psa/build_info.h instead of mbedtls/build_info.h
In PSA headers include psa/build_info.h instead
of mbedtls/build_info.h. In Mbed TLS, both are
equivalent but not in TF-PSA-Crypto where
psa/build_info.h is the correct one.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-10-10 09:35:22 +02:00
Dave Rodgman
e7ebec6723
Merge pull request #8281 from daverodgman/fix-hwonly-warnings
Improve AES hardware-only check
2023-10-09 11:25:50 +00:00
Dave Rodgman
8ba9f42acd Fix arch detection for auto setting of clang flags
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-08 10:46:25 +01:00
Dave Rodgman
866b3a1886
Merge pull request #8323 from tom-daubney-arm/fix_mbedtls_styling_docs
Correct styling of Mbed TLS in documentation
2023-10-06 19:10:10 +00:00
Thomas Daubney
540324cd21 Correct styling of Mbed TLS in documentation
Several bits of documentation were incorrectly styling Mbed TLS
as MbedTLS.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-06 17:07:24 +01:00
Paul Elliott
3677352631
Merge pull request #8308 from valeriosetti/issue8052
PKCS12: use one-shot API
2023-10-06 15:39:31 +00:00
Dave Rodgman
8e00fe0cd8
Merge pull request #8309 from daverodgman/iar-warnings2
Fix IAR warnings
2023-10-06 13:24:12 +00:00
Valerio Setti
e7cefae5f4 ssl: fix getting group id in ssl_check_key_curve()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-06 13:19:48 +02:00
Valerio Setti
d3925d25ec pk_internal: change guards for mbedtls_pk_ec_[ro/rw]
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-06 13:13:19 +02:00
Valerio Setti
f484884fba pkcs12: use mbedtls_cipher_crypt() instead of explicitly defining all steps
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-06 11:25:08 +02:00
Dave Rodgman
2eab462a8c Fix IAR warnings
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 13:30:37 +01:00
Dave Rodgman
9a36f4cb97 Fix cast errors on IAR
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 11:25:52 +01:00
Dave Rodgman
790370b392 code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 11:02:23 +01:00
Dave Rodgman
3ba9ce3c1d Warn if using runtime detection and no Neon
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 09:58:33 +01:00
Dave Rodgman
7ed619d3fa Enable run-time detection for Thumb and Arm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 09:39:56 +01:00
Dave Rodgman
9bf752c45d Support MSVS with clang
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 08:20:44 +01:00
Minos Galanakis
4855fdf887 Revert "Auto-generated files for v3.5.0"
This reverts commit 591416f32b.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-05 00:17:21 +01:00
Dave Rodgman
749f2227c6 Get MBEDTLS_MAYBE_UNUSED to cover more compilers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 22:12:33 +01:00
Dave Rodgman
04d0d06e83 Code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 18:05:08 +01:00
Dave Rodgman
ebe4292a9c Improve behaviour on gcc targetting arm or thumb
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 17:36:44 +01:00
Dave Rodgman
793e264fbb Fix indentation
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 17:36:20 +01:00
Minos Galanakis
e35e387ad7 Bump library so-crypto, so-x509, so-tls versions.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-04 16:17:46 +01:00
Minos Galanakis
8f4c19a680 Merge pull request #8273 from davidhorstmann-arm:target-prefix-3rdparty
Add MBEDTLS_TARGET_PREFIX to 3rdparty CMake
2023-10-04 16:03:22 +01:00
Dave Rodgman
feadcaf4a6 Support MBEDTLS_MAYBE_UNUSED in MSVC and IAR
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 15:27:33 +01:00
Dave Rodgman
18ddf61a75 Use MBEDTLS_MAYBE_UNUSED to simplify aes.c and let compiler remove unused variables
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 14:03:12 +01:00
Dave Rodgman
1ec1a0f0cc Introduce MBEDTLS_MAYBE_UNUSED
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 13:50:54 +01:00
Minos Galanakis
591416f32b Auto-generated files for v3.5.0
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-04 00:55:02 +01:00
Minos Galanakis
31ca313efa Bump version to 3.5.0
```
./scripts/bump_version.sh --version 3.5.0
```

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 22:02:18 +01:00
Minos Galanakis
1a3ad265cc Merge branch 'development-restricted' into mbedtls-3.5.0rc0-pr
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 21:57:51 +01:00
Dave Rodgman
cc5bf4946f Make SHA256 depend on Armv8, not aarch64
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-03 18:02:56 +01:00
Gilles Peskine
3713bee34c Remove leftover local debug line
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 18:43:18 +02:00
Gilles Peskine
7910cdd47f Avoid compiler warning about size comparison
GCC warns about comparing uint8_t to a size that may be >255.

Strangely, casting the uint8_t to a size_t in the comparison expression
doesn't avoid the warning. So change the type of the variable.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 16:11:05 +02:00
Gilles Peskine
530c423ad2 Improve some debug messages and error codes
On a parsing error in TLS, return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE, not a
crypto error code.

On error paths, emit a level-1 debug message. Report the offending sizes.

Downgrade an informational message's level to 3.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:42:11 +02:00
Gilles Peskine
c29df535ee Improve robustness of ECDH public key length validation
In client-side code with MBEDTLS_USE_PSA_CRYPTO, use the buffer size to
validate what is written in handshake->xxdh_psa_peerkey. The previous code
was correct, but a little fragile to misconfiguration or maintenance.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:39 +02:00
Gilles Peskine
c8df898204 Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing
Fix a buffer overflow in TLS 1.2 ClientKeyExchange parsing. When
MBEDTLS_USE_PSA_CRYPTO is enabled, the length of the public key in an ECDH
or ECDHE key exchange was not validated. This could result in an overflow of
handshake->xxdh_psa_peerkey, overwriting further data in the handshake
structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:33 +02:00
Gilles Peskine
12c5aaae57 Fix buffer overflow in TLS 1.3 ECDH public key parsing
Fix a buffer overflow in TLS 1.3 ServerHello and ClientHello parsing. The
length of the public key in an ECDH- or FFDH-based key exchange was not
validated. This could result in an overflow of handshake->xxdh_psa_peerkey,
overwriting further data in the handshake structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:10 +02:00
Dave Rodgman
a06d45ec4a Code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-29 18:59:34 +01:00
Dave Rodgman
450c1ff353 Fix some more incorrect guards in aes.c
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-29 16:23:37 +01:00
Gilles Peskine
16e9256fe8
Merge pull request #8272 from daverodgman/iar-warnings
Fix IAR warnings
2023-09-29 13:11:03 +00:00
Dave Rodgman
e81a632257 Restore missing #if
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-29 13:54:27 +01:00
Dave Rodgman
782df03553 Improve AES hardware-only check
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-29 13:04:36 +01:00
David Horstmann
de527fbfe0 Add MBEDTLS_TARGET_PREFIX to 3rdparty CMake
MBEDTLS_TARGET_PREFIX is prepended to the CMake targets for Mbed TLS
except for targets in 3rdparty. Change this so that 3rdparty targets use
the prefix as well.

This allows multiple copies of Mbed TLS to be used in the same CMake
tree when using code in the 3rdparty directory.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-09-28 18:39:33 +01:00
Dave Rodgman
90330a4a2d Fix IAR control bypasses initialisation warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 18:13:46 +01:00
Dave Rodgman
02a53d7bef Fix IAR pointless integer comparison
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 17:19:50 +01:00
Dave Rodgman
7e9af05409 Fix IAR control bypasses initialisation warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 17:08:49 +01:00
Dave Rodgman
73d8591f7f Fix IAR change of sign warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-28 17:00:50 +01:00
Gilles Peskine
42f8d5f0c9
Merge pull request #8261 from Mbed-TLS/fix-cmake-header-include
Add CMake include path for generated header
2023-09-28 15:16:15 +00:00
Manuel Pégourié-Gonnard
f07ce3b8ff Don't extend support for deprecated functions
Restore guards from the previous release, instead of the new, more
permissive guards.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 08:51:51 +02:00
Dave Rodgman
0fc86b2ddf
Merge pull request #8075 from valeriosetti/issue8016
driver-only ECC: curve acceleration macros
2023-09-27 14:39:02 +00:00
David Horstmann
b7b4f23c38 Add CMake include path for generated header
Now that we are generating psa_crypto_driver_wrappers.h, we need to pass
build/library as an include directory.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-09-27 14:05:32 +01:00
Xiaokang Qian
e9dc63e069 No need to include the 3rd party entry point head file
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-09-26 09:09:20 +00:00