Commit graph

24282 commits

Author SHA1 Message Date
Demi Marie Obenour
889534a4d2 Fix segfault in mbedtls_oid_get_numeric_string
When passed an empty OID, mbedtls_oid_get_numeric_string would read one
byte from the zero-sized buffer and return an error code that depends on
its value.  This is demonstrated by the test suite changes, which
check that an OID with length zero and an invalid buffer pointer does
not cause Mbed TLS to segfault.

Also check that second and subsequent subidentifiers are terminated, and
add a test case for that.  Furthermore, stop relying on integer division
by 40, use the same loop for both the first and subsequent
subidentifiers, and add additional tests.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2023-03-16 01:06:41 -04:00
Gilles Peskine
215517667f Travis: run selftest on Windows
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-15 23:20:26 +01:00
Gilles Peskine
dde3c6532e Fix MSVC portability
MSVC doesn't have _mm_storeu_si64. Fortunately it isn't really needed here.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-15 23:16:27 +01:00
Gilles Peskine
dafeee4814 Improve variable names
To some extent anyway.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-15 21:47:40 +01:00
Tom Cosgrove
02edb7546f Get aesni.c compiling with Visual Studio
Clang is nice enough to support bitwise operators on __m128i, but MSVC
isn't.

Also, __cpuid() in MSVC comes from <intrin.h> (which is included via
<emmintrin.h>), not <cpuid.h>.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-03-15 21:47:40 +01:00
Gilles Peskine
d671917d0d AESNI: add implementation with intrinsics
As of this commit, to use the intrinsics for MBEDTLS_AESNI_C:

* With MSVC, this should be the default.
* With Clang, build with `clang -maes -mpclmul` or equivalent.
* With GCC, build with `gcc -mpclmul -msse2` or equivalent.

In particular, for now, with a GCC-like compiler, when building specifically
for a target that supports both the AES and GCM instructions, the old
implementation using assembly is selected.

This method for platform selection will likely be improved in the future.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-15 20:47:59 +01:00
Gilles Peskine
7e67bd516d AES, GCM selftest: indicate which implementation is used
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-15 20:47:59 +01:00
Gilles Peskine
9af58cd7f8 New preprocessor symbol indicating that AESNI support is present
The configuration symbol MBEDTLS_AESNI_C requests AESNI support, but it is
ignored if the platform doesn't have AESNI. This allows keeping
MBEDTLS_AESNI_C enabled (as it is in the default build) when building for
platforms other than x86_64, or when MBEDTLS_HAVE_ASM is disabled.

To facilitate maintenance, always use the symbol MBEDTLS_AESNI_HAVE_CODE to
answer the question "can I call mbedtls_aesni_xxx functions?", rather than
repeating the check `defined(MBEDTLS_AESNI_C) && ...`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-15 19:38:37 +01:00
Gilles Peskine
4e20144882 Improve the presentation of assembly blocks
Uncrustify indents
```
    asm("foo"
        HELLO "bar"
              "wibble");
```
but we would like
```
    asm("foo"
        HELLO "bar"
        "wibble");
```
Make "bar" an argument of the macro HELLO, which makes the indentation from
uncrustify match the semantics (everything should be aligned to the same
column).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-15 19:36:03 +01:00
Valerio Setti
d8c2800f58 ecjpake: add ssl-opt tests for driver coverage analysis
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-15 19:09:35 +01:00
Gilles Peskine
2a44ac245f
Merge pull request #7217 from lpy4105/issue/6840/add-cache-entry-removal-api
ssl_cache: Add cache entry removal api
2023-03-15 15:38:06 +01:00
Janos Follath
0086f8626a Add changelog entry
PR7083 silently fixed a security vulnerability in public, this commit
adds a changelog entry for it.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-15 13:31:48 +00:00
Jan Bruckner
1a38e54436 Changes from 2nd review
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-03-15 14:15:11 +01:00
Jan Bruckner
a0589e75a0 Changes from review
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-03-15 11:04:45 +01:00
Gilles Peskine
8d60574b7b
Merge pull request #6500 from yanrayw/split-TLS-connection-func-into-ssl_helpers
Move TLS connection helper code from test_suite_ssl.function to ssl_helpers.c
2023-03-15 10:50:03 +01:00
Dave Rodgman
a94c90d30d
Merge pull request #7282 from gilles-peskine-arm/changelog-6567-psa_key_derivation_abort-no-other_secret
Add changelog entry for a bug in non-PAKE code fixed during PAKE work
2023-03-15 09:27:33 +00:00
Dave Rodgman
b599562033
Merge pull request #7240 from tom-cosgrove-arm/fix-issue-7234
Don't insist on MBEDTLS_HAVE_ASM for MBEDTLS_AESCE_C on non-Arm64 systems
2023-03-15 09:04:44 +00:00
Yanray Wang
ac36115355 test_suite_rsa.function: remove redundant test cases
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-15 16:55:36 +08:00
Yanray Wang
644b901a4c rsa.c: remove MBEDTLS_PRIVATE
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-15 16:50:37 +08:00
Yanray Wang
83548b5c10 fix inappropriate description for function in RSA
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-15 16:49:52 +08:00
Yanray Wang
097147540d test_suite_rsa.function: add tests
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-15 16:42:58 +08:00
Yanray Wang
12cb39661c rsa.c: provide interface to get hash_id of RSA context
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-15 16:42:48 +08:00
Yanray Wang
a730df6f86 rsa.c: provide interface to get padding mode of RSA context
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-15 16:42:26 +08:00
Manuel Pégourié-Gonnard
18336dace2
Merge pull request #7196 from mprse/ecjpake-driver-dispatch-peer-user
EC J-PAKE: partial fix for role vs user+peer
2023-03-15 09:37:30 +01:00
Pengyu Lv
db47f2fbd4 Add changelog entry for new API
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-03-15 15:01:36 +08:00
Jerry Yu
be4fdef513 fix comment issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-15 14:50:42 +08:00
Pengyu Lv
0b9c012f21 ssl_cache: return the error code for mutex failure
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-03-15 14:37:32 +08:00
Pengyu Lv
744b507866 ssl_cache: use auxiliary function to zeroize cache entry
This commit introduce a auxiliary function to zeroize
the cache entry, especially the session structure. The
function is called wherever we need to free the entry.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-03-15 12:17:14 +08:00
Jerry Yu
8f81060517 Replace median with `middle
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-15 09:58:34 +08:00
Jerry Yu
f0526a9ad0 fix grammar issue in comment
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-15 09:58:34 +08:00
Jerry Yu
49b4367eee fix comment issue
The algorithm is not karatsuba multiplication.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-15 09:58:33 +08:00
Jerry Yu
1ac7f6b09d Improve readability
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-15 09:58:33 +08:00
Jerry Yu
132d0cb74d Add miss intrinsic by gcc-5.x
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-15 09:58:29 +08:00
Jerry Yu
2c26651938 Improve comments for key expansion
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-15 09:57:37 +08:00
Jerry Yu
df87a12c81 Add GCM support
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-15 09:57:32 +08:00
Pengyu Lv
f30488f5cd Move the usage string of cache_remove to USAGE_CACHE
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-03-15 09:53:45 +08:00
Gilles Peskine
51b2868f3c Add changelog entry for a bug in non-PAKE code fixed during PAKE work
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-14 21:41:54 +01:00
Dave Rodgman
e59c46e161
Merge pull request #7278 from daverodgman/aesce-macro-name-tidyup 2023-03-14 20:33:31 +00:00
Valerio Setti
d8fb0af7dd crypto_config_test_driver_extension: small reshape of guard symbols
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-14 19:38:32 +01:00
Dave Rodgman
4a1d3beaee
Merge pull request #7229 from tom-cosgrove-arm/static-assert 2023-03-14 16:57:38 +00:00
Dave Rodgman
db6ab247fc Improve macro naming
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-14 16:03:57 +00:00
Dave Rodgman
023c8853ac
Merge pull request #7203 from yuhaoth/pr/add-cpu-modifier-for-aesce
Add CPU modifier for AESCE
2023-03-14 15:58:57 +00:00
Janos Follath
9118bf5791 Threat Model: adjust modality
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-14 15:43:24 +00:00
Janos Follath
ba75955cd8 Threat Model: remove references
Remove references to scientific papers as they are too specific and
might be misleading.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-14 14:54:44 +00:00
Janos Follath
4317a9ef1f Threat Model: clarify stance on timing attacks
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-14 14:53:03 +00:00
Janos Follath
c51a413c47 Threat Model: improve wording and grammar
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-03-14 12:47:27 +00:00
Tom Cosgrove
57f04b81a0 Have MBEDTLS_STATIC_ASSERT() match current development more closely
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-03-14 12:03:47 +00:00
Przemek Stekiel
c0e6250ff9 Fix documentation and tests
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-14 11:49:36 +01:00
Manuel Pégourié-Gonnard
2a13cfd2b0
Merge pull request #7243 from valeriosetti/issue7148
driver-only ECDH: enable ssl-opt.sh with parity
2023-03-14 11:07:56 +01:00
Yanray Wang
af727a28c9 ssl_helpers.c: improve code readability
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-03-14 17:43:37 +08:00