yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
25489 commits 1 branch 0 tags 94 MiB
Commit graph

11224 commits

Author SHA1 Message Date
Przemek Stekiel
28111dbf06 Adapt guards for psa_is_dh_key_size_valid 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-31 09:30:58 +02:00
Przemek Stekiel
33c91eb5d3 Add driver support for DH import key and export public key 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-30 15:19:14 +02:00
Przemek Stekiel
055ffed563 Revert "Handle simple copy import/export before driver dispatch" 
This reverts commit c80e7506a0.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-30 15:19:02 +02:00
Dave Rodgman
3964fe0f5e Improve ISA detection 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-25 18:53:57 +01:00
Paul Elliott
981d8b6fc7
Merge pull request #7566 from paul-elliott-arm/core_ecp_mod_p448 
[Bignum] Convert ecp_mod_p448 over to using core functions
 2023-05-25 17:11:57 +01:00
Dave Rodgman
12b14b2c97 Simplify ifdefs 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-25 13:02:13 +01:00
Dave Rodgman
b047bf64e2 Restrict use of r7 in Thumb 1 code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-25 12:54:56 +01:00
Dave Rodgman
cee166e3f5 Don't use r7 in generic codepath 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-25 11:00:05 +01:00
Dave Rodgman
7d6ec95517 Revert to detecting __GNUCC__ instead of armclang 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-25 09:41:42 +01:00
Valerio Setti
449803abff pkwrite: remove unnecessary code duplication 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-25 09:37:05 +02:00
Dave Rodgman
92e8a88390 Improve comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-25 08:10:33 +01:00
Dave Rodgman
5c5a6dece6 Give options clearer names 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-24 23:24:16 +01:00
Dave Rodgman
6adaca6062 Minor tidy-up 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-24 19:53:21 +01:00
Gilles Peskine
835be986e0
Merge pull request #7631 from tom-daubney-arm/remove_surplus_loop_condition_issue_7529 
Remove extraneous check in for loop condition
 2023-05-24 20:24:28 +02:00
Dave Rodgman
ffbb7c5edc Tidy-up macros and fix guards around option B 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-24 18:28:46 +01:00
Dave Rodgman
1416cba81f Gate all arm asm on Armv6 or better architecture 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-24 18:07:48 +01:00
Kusumit Ghoderao
91f99f52c4 Change output length parameter in pbkdf2_hmac_set_password 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-24 22:21:48 +05:30
Kusumit Ghoderao
d7a3f8065f Restructure set salt function 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-24 22:19:47 +05:30
Paul Elliott
7050662a48 Correct comment header block 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-05-24 17:31:57 +01:00
Dave Rodgman
0ffc6f48fa First draft at fixing the choice of asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-24 17:19:10 +01:00
Minos Galanakis
e72bf2da3d ecp_curves: Adjusted the expected limb size for ecp_mod_p255(). 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-24 15:13:42 +01:00
Valerio Setti
a541e0108b pkparse: avoid creating extra copy of the private key 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-24 16:02:36 +02:00
Valerio Setti
d0405093d9 tls: use pk_get_group_id() instead of directly accessing PK's structure 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-24 16:02:32 +02:00
Valerio Setti
1194ffa82f pk: minor code fixes/enhancements 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-24 14:00:26 +02:00
Valerio Setti
51aa52eba4 pk: fix key properties when importing private key 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-24 14:00:09 +02:00
Dave Rodgman
4489c8dcef Disable bignum assembly for certain Arm M-class CPUs 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-24 12:06:48 +01:00
Kusumit Ghoderao
aac9a581f8 Fix code style and initialize status 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-24 14:19:17 +05:30
Dave Rodgman
2b22834357
Merge pull request #7644 from tom-daubney-arm/alignment_h_refactoring 
Refactor reading of multi-byte values using functions in alignment.h
 2023-05-24 08:32:52 +01:00
Kusumit Ghoderao
bd6cefb3da Add HMAC specific function for setting password 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-24 12:36:34 +05:30
Kusumit Ghoderao
b538bb7a02 Restructure pbkdf2_set_salt function 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-24 12:32:14 +05:30
Kusumit Ghoderao
e66a8ad8d6 Define PSA_VENDOR_PBKDF2_MAX_ITERATIONS 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-24 12:30:43 +05:30
Kusumit Ghoderao
52fe517a77 Change pbkdf2 password to array 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-24 12:28:46 +05:30
Thomas Daubney
f9f0ba8211 Use functions in alignment.h to get value 
Refactor code using get functions from alignment.h to
read values.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-05-24 06:24:16 +01:00
Paul Elliott
3b6bf105d1 Fix missed renames from N to X 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-05-23 17:51:52 +01:00
Minos Galanakis
ec00b500b5 ecp_curves: Adjusted input checking for ecp_mod_p255. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-23 17:31:01 +01:00
Valerio Setti
9efa8c4d14 pk: fix eckey_check_pair_psa 
The problem was that the private key ID was destroyed even when
MBEDTLS_PK_USE_PSA_EC_DATA was enabled and of course this was
not correct.
At the same time the code has been slighlty reorganized to make
it more readable.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-23 15:12:07 +02:00
Valerio Setti
972077820b tls/x509: minor enhancement for using the new private key format 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-23 15:12:07 +02:00
Valerio Setti
ae8c628edb pk: improve sign, check_pair and wrap_as_opaque functions with new format 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-23 15:12:07 +02:00
Valerio Setti
00e8dd15d2 pk: manage parse and write for the new format 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-23 15:12:07 +02:00
Valerio Setti
b536126183 pk: manage allocate and free space when working with PSA private key 
Allocation does not need to perform any action since the priv_id field
is already present on the pk_context.
Free should destroy the key. Of course this is true only if the key
is not opaque (because in that case it's the user responsibility
to do so).

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-23 15:12:07 +02:00
Valerio Setti
e0e6311b64 pk: change location of Montgomery helpers 
This is to have them available only where they are really required.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-23 15:12:07 +02:00
Valerio Setti
8a6225062a pk: move PSA error translation macros to internal header 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-23 15:12:07 +02:00
Manuel Pégourié-Gonnard
9dc9204b77
Merge pull request #7554 from valeriosetti/issue7073-reshape 
Avoid parse/unparse public ECC keys in PK with USE_PSA when !ECP_C
 2023-05-23 15:08:45 +02:00
Minos Galanakis
d6beda7af9 ecp_curves: Extended documentation for CURVE25519. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-23 09:57:09 +01:00
Minos Galanakis
47249fd9ec ecp_curves: Added documentation for mbedtls_ecp_mod_p255_raw 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-23 09:57:09 +01:00
Minos Galanakis
31f0b452c7 ecp_curves: Reintroduced input checking for 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-23 09:57:09 +01:00
Minos Galanakis
65c386ee3d ecp_curves: Switched to dynamic memory for 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-23 09:57:09 +01:00
Minos Galanakis
2daa374ea8 ecp_curves: Minor refactoring of mbedtls_ecp_mod_p255_raw() 
* Fixed whitespace issues.
* Renamed variables to align with bignum conventions.
* Updated alignment on test input data.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-23 09:57:09 +01:00
Dave Rodgman
7613b3d6b8 Fix xor fail for large block size 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-23 08:16:01 +01:00
Dave Rodgman
262d8ced79 Fix AES-CBC for in-place operation 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-22 23:13:45 +01:00
Minos Galanakis
d0292c2aca ecp_curves: Refactored mbedtls_ecp_mod_p255. 
This patch introduces following methods, as implemented in the
design prototype, and updates them to utilise the _core methods
available for multiplication and addition.
* `mbedtls_ecp_mod_p255()`
* `mbedtls_ecp_mod_p255_raw()`

An entry has been exposed in the `ecp_invasive.h` header
to facilitate testing.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-22 22:22:32 +01:00
YxC
da609130f3 fix: correct calling to time function in tls13 client&server 
Call `mbedtls_time` to handle the case when MBEDTLS_PLATFORM_TIME_MACRO is defined

Signed-off-by: Yuxiang Cao <yuxiang.cao@fortanix.com>
 2023-05-22 13:22:00 -07:00
Dave Rodgman
797c4ff365 Make AES-CBC more efficient 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-22 19:42:22 +01:00
Dave Rodgman
6f40f8bf01 Add NEON to mbedtls_xor 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-22 18:22:07 +01:00
Valerio Setti
016264b6cb pk: fix a return value and a typo in comment 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-22 18:40:35 +02:00
Valerio Setti
a7cb845705 pk: add checks for the returned ECC family 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-22 18:39:43 +02:00
Paul Elliott
26070670d6
Merge pull request #7565 from gabor-mezei-arm/7263_split_out_Koblitz_raw_functions 
[Bignum] Split out _raw Koblitz reduction functions
 2023-05-22 16:03:17 +01:00
Thomas Daubney
850a0797ca Remove extraneous check in for loop condition 
Issue 7529 uncovered an unrequired check in a for loop
condition in ssl_tls.c. This commit removes said check.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-05-22 12:05:03 +01:00
Valerio Setti
f57007dd1e pk: fixing and improving comments 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-19 13:54:39 +02:00
Dave Rodgman
0805ad10b2 XOR perf improvements 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-19 11:48:10 +01:00
Dave Rodgman
68ef1d6ee6 Remove DIY SIZE_MAX definitions 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-18 20:49:03 +01:00
Paul Elliott
9a11f8a122
Merge pull request #7573 from tom-cosgrove-arm/add-psa_want_alg_some_pake 
Only include psa_pake_setup() and friends if some PAKE algorithms are required
 2023-05-18 09:59:52 +01:00
Paul Elliott
aa266f29e6
Merge pull request #7602 from mprse/AuthorityKeyId_leak_fix 
Fix for memory leak while parsing AuthorityKeyId ext
 2023-05-18 09:57:56 +01:00
Andrzej Kurek
63a6a267a4 Check for overflows when writing x509 SANs 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
908716f097 Add missing RFC822_NAME case to SAN setting 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
e488c454ea Remove unnecessary zeroization 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
dc22090671 Return an error on an unsupported SubjectAltName 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
c6215b0ce1 Add braces to a switch case 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
1bc7df2540 Add documentation and a changelog entry 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Dave Rodgman
e4cbab6945
Merge pull request #7607 from daverodgman/pr6511 2023-05-17 19:11:56 +01:00
Paul Elliott
8203f2d89f
Merge pull request #7535 from minosgalanakis/ecp/7264_enable_core_shift_l 
[Bignum] Adjust mbedtls_mpi_core_shift_l to use the core function
 2023-05-17 18:45:44 +01:00
Valerio Setti
c1541cb3c7 pk: minor fixes (guards and a wrong assignment) 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-17 19:23:02 +02:00
Gabor Mezei
d56e6e008b
Add input parameter length check for the Koblitz reduction 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-17 17:51:19 +02:00
Andrzej Kurek
67fdb3307d Add a possibility to write subject alt names in a certificate 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 11:45:36 -04:00
Gabor Mezei
fa3f74145b
Add documentation 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-17 17:35:47 +02:00
Valerio Setti
483738ed67 tests: fixes for using the new public key raw format 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-17 15:38:39 +02:00
Valerio Setti
d7ca39511f tls12: use the the raw format for the public key when USE_PSA is enabled 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-17 15:36:18 +02:00
Valerio Setti
7ca7b90bc7 debug: add support for printing the new EC raw format 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-17 15:35:46 +02:00
Valerio Setti
a1b8af6869 pkwrap: update ECDSA verify and EC pair check to use the new public key 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-17 15:34:57 +02:00
Valerio Setti
4064dbbdb2 pk: update pkparse and pkwrite to use the new public key storing solution 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-17 15:33:07 +02:00
Valerio Setti
722f8f7472 pk: adding a new field to store the public key in raw format 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-17 15:31:21 +02:00
Paul Elliott
c05f51ded9 Convert comments over to X rather than N 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-05-17 14:29:44 +01:00
Valerio Setti
4ac9d44d83 pk: fix typos in description of mbedtls_pk_ec_[ro/rw] 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-17 12:32:13 +02:00
Manuel Pégourié-Gonnard
b1c0afe484
Merge pull request #7595 from valeriosetti/deprecate_pk_ec 
Set mbedtls_pk_ec() as internal function when ECP_C is not defined
 2023-05-17 12:27:03 +02:00
Paul Elliott
6b1f7f101f Use const where appropriate 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-05-16 17:51:48 +01:00
Paul Elliott
235c1947fb Group memory allocations earlier 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-05-16 17:51:48 +01:00
Paul Elliott
34b08e5005 Convert over to using X, X_limbs 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-05-16 17:51:48 +01:00
Paul Elliott
4fa8334bae Convert curve 448 to use ecp core functions 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-05-16 17:51:48 +01:00
Minos Galanakis
0144b35f7d bignum: Updated mbedtls_mpi_shift_l to use the core method. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-16 17:16:26 +01:00
Paul Elliott
f0806bee66
Merge pull request #7489 from minosgalanakis/ecp/7246_xtrack_core_shift_l 
[Bignum]: Introduce left shift from prototype
 2023-05-16 17:13:19 +01:00
Dave Rodgman
8508e50d3d Make use of MBEDTLS_STATIC_ASSERT 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-16 16:43:48 +01:00
Dave Rodgman
ed59ea76a6 Document minimum size for DEBUG_BUF_SIZE 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-16 16:42:40 +01:00
valord577
5bfcd1c63b simplify code 
Signed-off-by: valord577 <valord577@gmail.com>
 2023-05-16 16:42:40 +01:00
valord577
176e92711c code style 
Signed-off-by: valord577 <valord577@gmail.com>
 2023-05-16 16:42:40 +01:00
valord577
536893c22f make code readable and change var name 
Signed-off-by: valord577 <valord577@gmail.com>
 2023-05-16 16:42:40 +01:00
valord577
24da0cd0f9 send debug msg if contains '\n' 
Signed-off-by: valord577 <valord577@gmail.com>
 2023-05-16 16:42:40 +01:00
Dave Rodgman
9ecf5f96df Update library/debug.c 
Fix trailing white-space

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-16 16:42:40 +01:00
valord577
25418ac734 Fix: no newline when debug msg over DEBUG_BUF_SIZE 
Signed-off-by: valord577 <valord577@gmail.com>
 2023-05-16 16:42:40 +01:00
Gabor Mezei
caac83c517
Fix comment 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-16 17:41:26 +02:00
Gabor Mezei
03558b847e
Add _raw function to P256K1 
Modified the testing to use the generic fast reduction test function.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-16 17:30:03 +02:00
Gabor Mezei
e42bb6294e
Add _raw function to P224K1 
Modified the testing to use the generic fast reduction test function.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-16 17:30:03 +02:00
Gabor Mezei
dacfe56370
Add _raw function to P192K1 
Modified the testing to use the generic fast reduction test function.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-16 17:29:57 +02:00
Paul Elliott
55a701afec
Merge pull request #7564 from gabor-mezei-arm/7262_fix_ouput_width_in_ecc_mod_koblitz 
[Bignum] Fix output width in ecp_mod_koblitz()
 2023-05-16 15:24:31 +01:00
Przemek Stekiel
0b11ee0888 Fix compilation errors(unused variables, guards) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-16 13:26:06 +02:00
Przemek Stekiel
690ff698f7 mbedtls_x509_crt_free: release authorityCertIssuer sequence 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-16 11:08:30 +02:00
Paul Elliott
926bcb04fe
Merge pull request #7532 from AndrzejKurek/remove-leading-zeroes-ip-parsing 
Disallow leading zeroes when parsing IPv4 addresses
 2023-05-15 13:59:10 +01:00
Paul Elliott
aba165b58c
Merge pull request #7586 from gilles-peskine-arm/gitignore-objects-at-root 
Ignore *.o everywhere
 2023-05-15 13:57:24 +01:00
Gabor Mezei
a274041190
Fix comment 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-15 14:50:17 +02:00
Valerio Setti
f70b3e08b1 pk: fix: explicilty set const in casted value in mbedtls_pk_ec_ro 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 12:57:40 +02:00
Valerio Setti
3f00b84dd1 pk: fix build issues 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 12:57:06 +02:00
Valerio Setti
77a75685ed pk: align library and tests code to the new internal functions 
Note = programs are not aligned to this change because:
- the original mbedtls_pk_ec is not ufficially deprecated
- that function is used in tests when ECP_C is defined, so
  the legacy version of that function is available in that
  case

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 11:18:46 +02:00
Valerio Setti
229bf1031f pk: make mbedtls_pk_ec internal when !ECP_C 
mbedtls_pk_ec() is not an ideal function because:
- it provides direct access to the ecp_keypair structure wrapped
  by the pk_context and
- this bypasses the PK module's control
However, since for backward compatibility, it cannot be deprecated
immediately, 2 alternative internal functions are proposed.
As a consequence:
- when ECP_C is defined, then the legacy mbedtls_pk_ec is available
- when only ECP_LIGHT is defined, but ECP_C is not, then only the
  new internal functions will be available

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 11:13:55 +02:00
Gilles Peskine
8075f76708 Ignore *.o everywhere 
We don't commit *.o files anywhere, not even as test data. So ignore them
everywhere.

This resolves *.o files not being ignored under 3rdparty/p256-m.

Also remove a redundant ignore of *.exe in a subdirectory.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-12 13:58:05 +02:00
Tom Cosgrove
6d62faca8e Only include psa_pake_setup() and friends if some PAKE algorithms are required 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-05-12 12:36:24 +01:00
Gabor Mezei
b6653f3e27
Update comments 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-12 12:34:12 +02:00
Gabor Mezei
dcaf99ebb8
Add another round in the Koblitz reduction 
The addition can result in an overflow so another round is needed
in the reduction.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-12 12:34:05 +02:00
Yanray Wang
d896fcb0d5 nist_kw.c: remove non-128-bit data if aes_128bit_only enabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 18:09:42 +08:00
Przemek Stekiel
c80e7506a0 Handle simple copy import/export before driver dispatch 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-11 12:06:00 +02:00
Przemek Stekiel
a59255f04f Adapt guards in ffdh driver 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-11 12:06:00 +02:00
Yanray Wang
93533b51a8 gcm.c: do not set length for some arrays in selftest 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:57:17 +08:00
Yanray Wang
d329c69fba gcm selftest: remove non-128-bit data if aes_128bit_only enabled 
This commit sets a loop_limit to omit AES-GCM-192 and AES-GCM-256
if MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enabled.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:57:17 +08:00
Yanray Wang
dd56add42d cmac selftest: add macro for non-128-bit data/test 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:57:17 +08:00
Yanray Wang
59c2dfa48c aes selftest: determine selftest loop limit in runtime 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:56:21 +08:00
Yanray Wang
62c9991a5b aes selftest: remove non-128-bit data if aes_128bit_only enabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 11:11:17 +08:00
Paul Elliott
481a6a8edb
Merge pull request #7482 from gabor-mezei-arm/6029_use_core_api_in_ecp_mod_koblitz 
[Bignum] Use core API in ecp_mod_koblitz()
 2023-05-10 17:24:46 +01:00
Andrzej Kurek
199eab97e7 Add partial support for URI SubjectAltNames 
Only exact matching without normalization is supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-10 09:57:19 -04:00
Manuel Pégourié-Gonnard
1d046fa0dd
Merge pull request #6010 from mprse/ffdh_import_export 
FFDH 1, 2A, 2B: FFDH add support for import/export key, key agreement, key generation + tests
 2023-05-10 11:40:54 +02:00
Pol Henarejos
2d8076978a
Fix coding style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-05-09 11:44:57 +02:00
Gilles Peskine
97edeb4fb8
Merge pull request #6866 from mprse/extract-key-ids 
Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2
 2023-05-08 20:38:29 +02:00
Kusumit Ghoderao
3fc4ca7272 Limit max input cost to 32bit 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-08 15:57:41 +05:30
Kusumit Ghoderao
d0422f30c5 Enable empty salt as input for pbkdf2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-08 15:56:19 +05:30
Kusumit Ghoderao
6731a2580c Remove redundant code in key_derivation_abort() 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-08 15:54:54 +05:30
Przemek Stekiel
61aed064c5 Code optimization 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-08 11:15:59 +02:00
Przemek Stekiel
ed9fb78739 Fix parsing of KeyIdentifier (tag length error case) + test 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-08 11:15:54 +02:00
Yanray Wang
e2bc158b38 aesce.c: add macro of MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-08 10:29:28 +08:00
Gabor Mezei
908f40014c
Determine special cases in-place in the common Koblitz function 
Remove parameter used by the special cases and check for special cases in-place.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-05 16:31:19 +02:00
Pol Henarejos
d06c6fc45b
Merge branch 'development' into sha3 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-05-05 16:01:18 +02:00
Tom Cosgrove
501fb3abf3
Merge pull request #5894 from Xeenych/patch-1 
Reduce RAM - move some variables to .rodata
 2023-05-05 14:54:32 +01:00
Przemek Stekiel
837d2d1c5e mbedtls_psa_export_ffdh_public_key: return fixed key size 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-05 12:33:46 +02:00
Valerio Setti
fc90decb74 pkwrite: removing unused/duplicated variables 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 12:30:40 +02:00
Valerio Setti
4f387ef277 pk: use better naming for the new key ID field 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 10:59:32 +02:00
Valerio Setti
048cd44f77 pk: fix library code for using the new opaque key solution 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 10:59:32 +02:00
Valerio Setti
e00954d0ed pk: store opaque key ID directly in the pk_context structure 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 10:57:26 +02:00
Przemek Stekiel
134cc2e7a8 Fix code style 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-05 10:13:47 +02:00
Manuel Pégourié-Gonnard
71f88ecc52
Merge pull request #6838 from jethrogb/jb/pkix-curdle 
Read and write RFC8410 keys
 2023-05-05 10:02:21 +02:00
Przemek Stekiel
e1621a460a mbedtls_psa_ffdh_generate_key: optimize code and return fixed key size 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-05 09:53:37 +02:00
Arto Kinnunen
0f06618db0 AES: skip 192bit and 256bit key in selftest if 128bit_only enabled 
This includes:
 - aes.c
 - cmac.c
 - gcm.c
 - nist_kw.c

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-05 11:20:59 +08:00
Arto Kinnunen
732ca3221d AES: add macro of MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 
Add configuration option to support 128-bit key length only
in AES calculation.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-05 11:20:38 +08:00
Minos Galanakis
b89440394f bignum_core: Removed input checking for mbedtls_mpi_core_shift_l 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-04 14:40:40 +01:00
Dave Rodgman
6dc62e682a
Merge pull request #7544 from tom-cosgrove-arm/use-mbedtls_ct_uint_if-rather-than-mbedtls_ct_cond_select_sign 
Use mbedtls_ct_uint_if() rather than mbedtls_ct_cond_select_sign()
 2023-05-04 12:23:30 +01:00