Commit graph

22961 commits

Author SHA1 Message Date
Valerio Setti
898e7a3afe test: sha: test SHA384 and SHA512 separately
This is meant to adapt to the new library design in which
SHA384 and SHA512 can be built independently from each other.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-14 10:50:54 +01:00
Werner Lewis
ca906e9dd7 Remove B + A tests
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-12-14 09:44:05 +00:00
Werner Lewis
79341a4e7e Reallocate X_raw to enforce no overflow
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-12-14 09:44:05 +00:00
Werner Lewis
eed01aabd3 Clarify wording in documentation
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-12-14 09:44:00 +00:00
Werner Lewis
25690a98f0 Rename oret to expected_ret
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-12-14 09:36:48 +00:00
Manuel Pégourié-Gonnard
ebf322ddf6
Merge pull request #6629 from concatime/cmake-config-dir
Install CMake files in MbedTLS dir
2022-12-14 10:30:52 +01:00
Valerio Setti
43363f5962 sha: make SHA-384 independent from SHA-512
Using proper configuration options (i.e. MBEDTLS_SHA384_C and
MBEDTLS_SHA512_C) it is now possible to build SHA384 and SHA512
independently from each other.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-14 08:53:23 +01:00
Dave Rodgman
70f8157ec5
Merge pull request #980 from Mbed-TLS/mbedtls-3.3.0rc1-pr
Mbedtls 3.3.0rc1 pr - Correct PKCS 7 memory leak fix
2022-12-13 19:25:58 +00:00
Valerio Setti
d75c5c4405 test: pake: fail in case the opaque key is destroyed unexpectedly
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-13 11:51:32 +01:00
Manuel Pégourié-Gonnard
2b70a3f831
Merge pull request #6558 from lpy4105/6416-psa_macros_name_typo
check_names: extend typo check to PSA macro/enum names
2022-12-13 09:56:27 +01:00
Manuel Pégourié-Gonnard
48232ed2c1
Merge pull request #6743 from minosgalanakis/bignum/implement_modular_negation
Bignum: Implement fixed width modular negation
2022-12-13 09:54:38 +01:00
Bence Szépkúti
f7641544ea Correct the fix for the PKCS 7 memory leak
This corrects an issue in the origina fix in
4f01121f6e.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2022-12-12 21:59:03 +01:00
Demi Marie Obenour
1362c5ab16 Test for both PKCS 7 bugs found by OSS-Fuzz
Previously the same test was repeated twice.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2022-12-12 21:59:02 +01:00
Werner Lewis
91a2aabb86 Refactor mpi_core_sub tests to use arch_split
Tests are refactored to generate separate cases for 32-bit and 64-bit
limbs using arch_split. Duplicate arguments and branching in the test
function is removed.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-12-12 17:18:43 +00:00
Dave Rodgman
8a05c069a5
Merge pull request #6751 from ZachFleck42/development
Fix typo in `library/entropy.c`
2022-12-12 16:30:54 +00:00
Dave Rodgman
2b52a2e412 Improve Changelog wording
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-12 15:25:05 +00:00
Dave Rodgman
c039f8a300
Merge pull request #979 from Mbed-TLS/mbedtls-3.3.0rc0-pr
Mbedtls 3.3.0rc0 pr - DO NOT MERGE
2022-12-12 15:17:21 +00:00
Werner Lewis
5e9d2e9019 Add conventions for bignum mod and mod_raw
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-12-12 14:00:25 +00:00
Manuel Pégourié-Gonnard
a9ac61203b
Merge pull request #6666 from daverodgman/fast_unaligned
Fast unaligned memory access macros
2022-12-12 12:18:17 +01:00
Minos Galanakis
f3abea6641 bignum_mod_raw.py: Changed the symbol for modular negation to "-".
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-12-12 11:13:56 +00:00
Minos Galanakis
9a60b2373b bignum_mod_raw testsuite: Refactored mpi_mod_raw_neg().
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-12-12 11:13:56 +00:00
Minos Galanakis
5e8443e6ef mbedtls_mpi_mod_raw_neg: Updated documentation.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-12-12 11:13:56 +00:00
Minos Galanakis
78665eba8f bignum_mod_raw.py: Added BignumModRawModNegate.
This patch adds autogenerated inputs for the
`mpi_mod_raw_neg()` test in the bignum_mod_raw suite.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-12-12 11:13:56 +00:00
Minos Galanakis
6118a3e5aa test_suite_bignumg_mod_raw: Added test for mpi_mod_raw_neg
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-12-12 11:13:56 +00:00
Minos Galanakis
21fe8bdeac bignum_mod_raw: Added modular negation.
This patch adds the `mpi_mod_raw_neg()` method.

Co-authored-by: Hanno Becker <hanno.becker@arm.com>
Co-authored-by: Minos Galanakis <minos.galanakis@arm.com>

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2022-12-12 11:13:56 +00:00
Manuel Pégourié-Gonnard
5e06857123
Merge pull request #6301 from paul-elliott-arm/fix_changelog
Fix missing file name in changelog
2022-12-12 12:08:50 +01:00
Valerio Setti
785116a5be test: pake: modify opaque key verification before destruction
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-12 11:59:25 +01:00
Manuel Pégourié-Gonnard
cd98805bd7
Merge pull request #6683 from mpg/optimize-with-asan
Optimize with asan
2022-12-12 11:58:23 +01:00
Manuel Pégourié-Gonnard
cd98b939b6
Merge pull request #6750 from tom-cosgrove-arm/issue-6023-mod_inv_prime
Bignum: Implement mbedtls_mpi_mod_raw_inv_prime()
2022-12-12 09:52:21 +01:00
Dave Rodgman
852191e0b5 Improve Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-09 14:24:33 +00:00
Valerio Setti
31e99bb0c7 test: pake: fix: destroy key only in opaque case
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-09 14:35:10 +01:00
Valerio Setti
016f682796 tls: pake: small code refactoring for password setting functions
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-09 14:17:50 +01:00
Zachary Fleckenstein
f4d96b8c4f
Merge branch 'Mbed-TLS:development' into development 2022-12-09 08:12:58 -05:00
Tom Cosgrove
9d8afd1ccf Have BignumModRawInvPrime() do Montgomery conversion in arg_a()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-09 10:58:46 +00:00
Tom Cosgrove
5f09930017 Clarify use of temporary in mbedtls_mpi_mod_raw_inv_prime()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-09 10:58:15 +00:00
Valerio Setti
9d313dfeeb test: pake: minor enhancement for opaque keys
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-09 11:38:59 +01:00
Dave Rodgman
cd060e290b Update BRANCHES.md
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-09 09:46:23 +00:00
Dave Rodgman
c18d932705 Add generated files
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-09 09:44:10 +00:00
Manuel Pégourié-Gonnard
67bad73e87 Add a ChangeLog entry for the ECDSA deterministic change
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:34 +01:00
Manuel Pégourié-Gonnard
df0c73c308 Readability improvement in pk_wrap.c
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:34 +01:00
Manuel Pégourié-Gonnard
b2812cc274 Clarify documentation of ECP_RESTARTABLE
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:34 +01:00
Manuel Pégourié-Gonnard
182a23b1da Adjust all.sh now that restartable is in full
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:34 +01:00
Manuel Pégourié-Gonnard
ad45c4d386 Document that ECP_RESTARTABLE depends on ECP_C
This is not new, it had always been the case, just not documented.

Pointed out by depends.py pkalgs (again, now that restartable is part of
full).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:33 +01:00
Manuel Pégourié-Gonnard
578664601e Fix missing dependency declaration in test
muladd() (restartable or not) is only available when at least one short
weirstrass curve is enabled.

Found by depends.py curves (now that restartable is part of full).

Also, document that restartable only work for short weierstrass curves
(actually unrelated, but this made me think of that).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:33 +01:00
Manuel Pégourié-Gonnard
a6e3d3ec10 Disable restartable in build_module_alt
Previously we did not need that as restartable was excluded from full.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:33 +01:00
Manuel Pégourié-Gonnard
a37398427b Remove check for tests disabled with USE_PSA
The previous commit declared that some tests cases in ssl-opt.sh depend
on USE_PSA being disabled, which is the right thing to do.

We had a check that forbade that - it was mainly meant to prevent
accidental re-introduction of such dependencies after we cleaned up a
number of cases where it was not warranted, but already at the time that
was controversial [1]. Now it's preventing us from doing the right
thing, so let's just remove it.

[1]: https://github.com/Mbed-TLS/mbedtls/pull/5742#discussion_r855112412

See also https://github.com/Mbed-TLS/mbedtls/pull/5907/ which also
removes this for a similar reason.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:33 +01:00
Manuel Pégourié-Gonnard
55a188b420 Clarify the "restart vs use PSA" situation in TLS
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:33 +01:00
Manuel Pégourié-Gonnard
cc6e0a650f Fix missing initialisation of PSA Crypto
This fixes the two failures in test_suite_x509parse when both
ECP_RESTARTABLE and USE_PSA_CRYPTO are enabled.

The failure happened because the operation is dispatched to PSA when
restart is disabled (max_ops == 0).

Previously it was correct for this test function not to initialize PSA,
because it depends on ECP_RESTARTABLE which used to conflict with
USE_PSA_CRYPTO, but that's no longer the case.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:32 +01:00
Manuel Pégourié-Gonnard
79ae7eb4d1 Use deterministic ECDSA in PSA when we do in legacy
This fixes the two failing cases in test_suite_pk when ECP_RESTARTABLE
and USE_PSA_CRYPTO are both enabled. The two failing cases where

    ECDSA restartable sign/verify: ECDSA, max_ops=0 (disabled)
    ECDSA restartable sign/verify: ECKEY, max_ops=0 (disabled)

associated with test function pk_sign_verify_restart(). The failure was
caused by the interaction of several things that are each reasonable on
their own:

1. The test function relies on ECDSA restartable, which is reasonable as it
allows making sure that the generated signature is correct with a simple
memcmp().
2. The implementation of pk_sign_restartable() has a shortcut to
dispatch to the sign function (as opposed to sign_restartable) when
restart is disabled (max_ops == 0).
3. When USE_PSA is enabled, the sign function dispatches to PSA, which
so far always used ECDSA (non-deterministic) even when the non-PSA
version would use deterministic ECDSA.

This could be fixed by changing any of those. I chose (3) because I
think it makes sense that when PK dispatches to PSA instead of legacy
this should not change which version of ECDSA is selected.

OTOH, I think it makes sense to keep (2), because that means more
opportunities to dispatch to PSA.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:07:19 +01:00
Manuel Pégourié-Gonnard
1a100b69a4
Merge pull request #6705 from davidhorstmann-arm/code-style-script-non-corrected
Add code style correction script
2022-12-09 09:41:14 +01:00