The following code:
#ifndef asm
#define asm __asm
#endif
causes Uncrustify to stop correcting the rest of the file. This may be
due to parsing the "asm" keyword in the definition.
Work around this by wrapping the idiom in an *INDENT-OFF* comment
wherever it appears.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Some source files had code to set mbedtls_xxx aliases when
MBEDTLS_PLATFORM_C is not defined. These aliases are defined unconditionally
by mbedtls/platform.h, so these macro definitions were redundant. Remove
them.
This commit used the following code:
```
perl -i -0777 -pe 's~#if !defined\(MBEDTLS_PLATFORM_C\)\n(#define (mbedtls|MBEDTLS)_.*\n|#include <(stdarg|stddef|stdio|stdlib|string|time)\.h>\n)*#endif.*\n~~mg' $(git grep -l -F '#if !defined(MBEDTLS_PLATFORM_C)')
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The QueryPerformanceCounter implementation previously was within
defined(_MSC_VER), but it works just as well on other Windows
toolchains, like mingw.
For most common mingw x86 build configurations, one of the earlier
inline assembly implementations would end up used, but for non-x86
(arm, aarch64), it would end up falling back on the gettimeofday
implementation.
This implementation did build successfully (as mingw toolchains do
provide gettimeofday, contrary to MSVC), but the header providing
gettimeofday, <sys/time.h>, wasn't ever included when building
targeting Windows - thus the function was called without a proper
declaration.
Clang 15 changes such implicit function declarations into a hard
error by default, when building in C99 mode (or newer) [1].
(While Clang 15 still is under development, this may still change
before it's released, but it's a valid issue in any case.)
[1] 7d644e1215
Signed-off-by: Martin Storsjö <martin@martin.st>
At the end of the benchmark program, heap stats are printed, and these
stats will be wrong if we reset counters in the middle.
Also remove the function to reset counters, in order to encourage other
programs to behave correctly as well.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This no longer makes sense since pre-computed multiples of the base
point are now static. The function was not doing anything since `grp.T`
was set to `NULL` when exiting `ecp_mul_comb()` anyway.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The "proper" fix would be to define the function only when it's needed,
but the condition for that would be tedious to write (enumeration of all
symmetric crypto modules) and since this is a utility program, not the
core library, I think it's OK to keep unused functions.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Declare all AES and DES functions that return int as needing to have
their result checked, and do check the result in our code.
A DES or AES block operation can fail in alternative implementations of
mbedtls_internal_aes_encrypt() (under MBEDTLS_AES_ENCRYPT_ALT),
mbedtls_internal_aes_decrypt() (under MBEDTLS_AES_DECRYPT_ALT),
mbedtls_des_crypt_ecb() (under MBEDTLS_DES_CRYPT_ECB_ALT),
mbedtls_des3_crypt_ecb() (under MBEDTLS_DES3_CRYPT_ECB_ALT).
A failure can happen if the accelerator peripheral is in a bad state.
Several block modes were not catching the error.
This commit does the following code changes, grouped together to avoid
having an intermediate commit where the build fails:
* Add MBEDTLS_CHECK_RETURN to all functions returning int in aes.h and des.h.
* Fix all places where this causes a GCC warning, indicating that our code
was not properly checking the result of an AES operation:
* In library code: on failure, goto exit and return ret.
* In pkey programs: goto exit.
* In the benchmark program: exit (not ideal since there's no error
message, but it's what the code currently does for failures).
* In test code: TEST_ASSERT.
* Changelog entry.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Also remove preprocessor logic for MBEDTLS_CONFIG_FILE, since
build_info.h alreadyy handles it.
This commit was generated using the following script:
# ========================
#!/bin/sh
git ls-files | grep -v '^include/mbedtls/build_info\.h$' | xargs sed -b -E -i '
/^#if !?defined\(MBEDTLS_CONFIG_FILE\)/i#include "mbedtls/build_info.h"
//,/^#endif/d
'
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
The functions mbedtls_pk_sign(), mbedtls_pk_sign_restartable(),
mbedtls_ecdsa_write_signature() and mbedtls_ecdsa_write_signature_restartable()
now take an extra parameter indicating the size of the output buffer for the
signature.
No change to RSA because for RSA, the output size is trivial to calculate.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add two functions mbedtls_dhm_get_len() and mbedtls_dhm_get_bitlen() to
query the length of the modulus in bytes or bits.
Remove the len field: the cost of calling mbedtls_dhm_get_len() each time
it's needed is negligible, and this improves the abstraction of the DHM
module.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Conflicts:
include/mbedtls/ssl.h
include/psa/crypto_struct.h
Conflicts fixed by using the code from development branch
and manually re-applying the MBEDTLS_PRIVATE wrapping.
Remove padding parameters as mbedtls_rsa_init()
cannot return an error code when padding
parameters are invalid.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>