mbedtls

Author	SHA1	Message	Date
Dave Rodgman	5e5aa4a4e6	Merge pull request #7218 from tom-cosgrove-arm/fix-typos-230307 Fix typos in development prior to release	2023-03-08 17:19:59 +00:00
Dave Rodgman	51b62ef23d	Merge pull request #7228 from tom-cosgrove-arm/fix-alignment.h-on-32-bit-systems Fix mbedtls_bswap64() on 32-bit systems	2023-03-08 17:19:29 +00:00
Manuel Pégourié-Gonnard	913d9bb921	Merge pull request #7162 from valeriosetti/issue7055 Legacy MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C dependencies in test_suite_psa_crypto	2023-03-08 17:07:19 +01:00
Valerio Setti	75fba32cb3	ssl: use new macros for ECDSA capabilities Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-08 16:47:28 +01:00
Manuel Pégourié-Gonnard	289e5baa83	Merge pull request #7082 from valeriosetti/issue6861 driver-only ECDSA: add ssl-opt.sh testing with testing parity	2023-03-08 16:45:38 +01:00
Gabor Mezei	d1f16b937e	Add documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-08 15:26:32 +01:00
Tom Cosgrove	6ef9bb3d74	Implement and use MBEDTLS_STATIC_ASSERT() Fixes #3693 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-08 14:19:51 +00:00
Tom Cosgrove	bbe166e721	Fix mbedtls_bswap64() on 32-bit systems Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-08 13:23:24 +00:00
Gabor Mezei	716447ff32	Fix limb size calculation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-08 14:09:51 +01:00
Gabor Mezei	ed1acf642c	Apply naming conventions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-08 14:09:50 +01:00
Gabor Mezei	5221c04b92	Change the p256_raw fuction to be testable Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-08 14:09:50 +01:00
Gabor Mezei	ab6ac91a0a	Extract Secp256r1 from the prototype Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-08 14:09:50 +01:00
Tom Cosgrove	c15a2b949d	Update the text about gcc5 support for Armv8 CE Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-08 12:55:48 +00:00
Przemek Stekiel	07c5ea348c	Add check for buffer overflow and fix style. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-08 13:31:19 +01:00
Valerio Setti	733de595e3	psa_crypto_rsa: remove PK_WRITE_C in psa_rsa_export_key Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-08 11:03:09 +01:00
Valerio Setti	73a218513b	psa_crypto_rsa: add comment/explanation for residual PK_WRITE_C guard Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-08 11:03:09 +01:00
Przemek Stekiel	691e91adac	Further pake code optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-08 09:54:00 +01:00
Gilles Peskine	a2fc399f57	Merge pull request #6829 from AndrzejKurek/unify-psa-errors Unify PSA to Mbed TLS error translation	2023-03-07 19:55:44 +01:00
Gilles Peskine	12e3c8e019	Merge pull request #7168 from mpg/use-md Use MD (not low-level hash interface) in X.509 and TLS	2023-03-07 19:55:12 +01:00
Valerio Setti	2f1d967643	ssl: fix included pk header file Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-07 18:14:34 +01:00
Tom Cosgrove	503d71769c	Enable explicit_bzero() on OpenBSD Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-07 12:51:11 +00:00
Tom Cosgrove	5c8505f061	Fix typos Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-07 11:39:52 +00:00
Janos Follath	fe780a3c4b	Merge pull request #7184 from gabor-mezei-arm/6349_Secp224r1_fast_reduction Extract Secp224r1 fast reduction from the prototype	2023-03-07 10:57:58 +00:00
Przemek Stekiel	57580f2539	Use proper enum types for pake state/sequence/step Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-07 10:50:09 +01:00
Przemek Stekiel	4aa99403f4	Fix configuration for accelerated jpake Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-07 10:50:09 +01:00
Przemek Stekiel	4dc83d40af	Add check for pake operation buffer overflow Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-07 10:50:00 +01:00
Pengyu Lv	7b6299b49b	ssl_cache: Add an interface to remove cache entry by session id Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-07 15:00:22 +08:00
Przemek Stekiel	e3ef3a15cd	Further pake code optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-06 17:24:32 +01:00
Gabor Mezei	97803abd2a	Update comment Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-06 16:32:16 +01:00
Manuel Pégourié-Gonnard	947cee18a1	Fix memory leak. The function reset_checksum() can be called more than once with the same handshake context (this happens with DTLS clients, and perhaps in other cases as well). When that happens, we need to free the old MD contexts before setting them up again. Note: the PSA path was already doing the right thing by calling abort, we just needed to do the same on the MD path. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-06 11:59:59 +01:00
Manuel Pégourié-Gonnard	228a30d16c	Merge pull request #7120 from mpg/md-light Define "MD light" subset of MD	2023-03-06 11:02:19 +01:00
Dave Rodgman	4693fd9e9e	Merge pull request #7173 from daverodgman/zeroize-platform Use platform-provided secure zeroization	2023-03-06 09:16:12 +00:00
Dave Rodgman	b0d96a23a9	Remove not-needed EABI exclusion Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-03 17:06:09 +00:00
Dave Rodgman	45cef61fa4	Merge branch 'development' into md-light Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-03 14:28:13 +00:00
Przemek Stekiel	57207711d8	Add MBEDTLS_ASN1_CHK_CLEANUP_ADD macro to be able to release memory on failure Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-03 12:58:29 +01:00
Przemek Stekiel	5a49d3cce3	Replace mbedtls_x509_san_node with mbedtls_x509_subject_alternative_name Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-03 12:58:11 +01:00
Przemek Stekiel	f40de93b1a	Remove redundant variable Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-03 12:58:10 +01:00
Andrzej Kurek	270b3f9790	Rename error_pair_t to mbedtls_error_pair_t Required by our coding standards. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:54:13 -05:00
Andrzej Kurek	daf5b56b02	Translate to MD errors in ssl-tls.c With the introduction of #7047, ssl_tls.c uses mbedtls_md_error_from_psa. This complicates the dependencies for compiling in psa_to_md_errors, since now these should be ifdeffed also by MBEDTLS_USE_PSA_CRYPTO followed by a series of or'ed MBEDTLS_HAS_ALG_SHA_XXX_VIA_MD_OR_PSA_BASED_ON_USE_PSA. Since this mechanism will be removed soon, we can simplify it to just MBEDTLS_USE_PSA_CRYPTO. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:52:28 -05:00
Andrzej Kurek	747ab4ea5e	Introduce error_pair_t to psa utils This way error handling can be written in a cleaner way. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:23:45 -05:00
Andrzej Kurek	138b30ac62	Add missing const qualifiers Also improve documentation Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:23:45 -05:00
Andrzej Kurek	ba24138e0f	Duplicate error logic in pk_wrap deprecated functions GCC 4.6+ complains if a deprecated function calls another. Working around this universally would require a lot of preprocessing, this seems to be an easier solution. Copy mbedtls_pk_error_from_psa code without duplicates instead of calling the function. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:23:45 -05:00
Andrzej Kurek	8a045ce5e6	Unify PSA to Mbed TLS error translation Move all error translation utilities to psa_util.c. Introduce macros and functions to avoid having a local copy of the error translating function in each place. Identify overlapping errors and introduce a generic function. Provide a single macro for all error translations (unless one file needs a couple of different ones). Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:23:44 -05:00
Gilles Peskine	6def41b146	Merge pull request #6932 from yuhaoth/pr/fix-arm64-host-build-and-illegal_instrucion-fail Replace CPU modifier check with file scope target cpu modifiers	2023-03-02 15:36:41 +01:00
Dave Rodgman	528bfa640c	Whitespace fix Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-02 13:54:43 +00:00
Gabor Mezei	aeadc2d731	Apply naming convention Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-01 16:53:03 +01:00
Dave Rodgman	6d6a720603	Protect against possible macro redefinition warning Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-01 15:09:40 +00:00
Paul Elliott	d1cddff71a	Merge pull request #7189 from daverodgman/armcc-fix Fix macro redefinition warning from armclang	2023-03-01 11:59:26 +00:00
Gilles Peskine	802ff1b116	Merge pull request #7147 from paul-elliott-arm/interruptible_sign_hash_codestyle_drivers Remove driver entry points for psa_{get\|set}_max_ops()	2023-03-01 10:46:09 +01:00
Dave Rodgman	914c632646	Whitespace Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-01 09:30:14 +00:00
Gabor Mezei	620f0dc850	Fix for 32-bit Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-28 18:42:33 +01:00
Gabor Mezei	08a94953e1	Apply naming convention for p224 Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-28 18:40:57 +01:00
Dave Rodgman	e47899df20	Fix macro redefinition warning from armcc Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-28 17:39:03 +00:00
Gilles Peskine	7e677fa2c5	Merge pull request #6389 from gilles-peskine-arm/ecdsa-use-psa-without-pkwrite Remove pkwrite dependency in pk using PSA for ECDSA	2023-02-28 18:17:16 +01:00
Gilles Peskine	b52b788e55	Merge pull request #6895 from yuhaoth/pr/add-aes-with-armv8-crypto-extension Add AES with armv8 crypto extension	2023-02-28 18:16:37 +01:00
Paul Elliott	6a459f5de5	Merge pull request #7143 from paul-elliott-arm/interruptible_sign_hash_codestyle_wipeout Update psa_wipe_output_buffer() and change name to psa_wipe_tag_output_buffer()	2023-02-28 15:34:06 +00:00
Jerry Yu	608e1093de	Improve comment about conflicts between aesce and sha512-crypto Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-28 12:50:00 +08:00
Paul Elliott	15d7d43904	Pacify Clang 15 Changes for interruptible {sign\|verify} hash were not merged at the time of the previous clang 15 /retval fixes, thus this fixes code added at that time. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-27 17:25:57 +00:00
Gabor Mezei	5afb80e00a	Fix coding style issues Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-27 17:00:34 +01:00
Gabor Mezei	804cfd32ea	Follow the naming convention Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-27 16:50:09 +01:00
Gabor Mezei	bf506361c4	Revert the illustration and remove unnecessary code This reverts commit `73e8553273`. Removes the second round of carry reduction from p224. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-27 16:37:32 +01:00
Gabor Mezei	73e8553273	Add comments to illustrate the second round of carry reduction is unnecessary The first round of carry reduction can not generate a carry thus the secound round is not needed. The comments illustrating when the carry is 1. The reduction is simmetric so the case when the carry is -1 is similar. The illustration is trying to calculate the input value starting with setting the carry to 1 before the second round of the carry reduction. It calculates backwords and tries to determine the value range of each word. It ends up with a contradiction that A10 must have the value of 0 and UINT32_MAX. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-27 16:32:42 +01:00
Gabor Mezei	a835d20cde	Add documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-27 15:58:30 +01:00
Paul Elliott	ac2251dad1	Merge pull request #7076 from mprse/parse_RFC822_name Add parsing of x509 RFC822 name + test	2023-02-27 14:16:13 +00:00
Jerry Yu	fc2e128fc9	Fix grammar issues and remove useless code Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-27 11:16:56 +08:00
Paul Elliott	7118d17df1	Pacify code style checker Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-26 16:57:05 +00:00
Dave Rodgman	096e72959b	Fix case of include header for mingw Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 17:17:35 +00:00
Dave Rodgman	f5e531a87b	Fix code style Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 17:17:15 +00:00
Dave Rodgman	703f805f09	Improve explicit_bzero detection Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 15:19:52 +00:00
Dave Rodgman	fe57a2e008	Remove newlib detection Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 14:16:34 +00:00
Dave Rodgman	82f3de55b2	tidy up brackets Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 14:08:22 +00:00
Dave Rodgman	828ec905db	Improve explicit_bzero detection Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 13:32:26 +00:00
Dave Rodgman	f0a0e43053	explicit_bzero is not available on arm-none-eabi Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 19:01:48 +00:00
Dave Rodgman	a6fda16a41	Fix re-definition of __STDC_WANT_LIB_EXT1__ Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 19:00:38 +00:00
Dave Rodgman	8a7d26f12c	Typo fix Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 18:19:24 +00:00
Paul Elliott	dc42ca8a7e	Use psa_wipe_tag_buffer() for MAC and aead code. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-24 18:11:59 +00:00
Dave Rodgman	8b6eded03d	Tidy-up comment Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 18:07:05 +00:00
Paul Elliott	7bc24cc512	Fix typos in documentation. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-24 18:04:16 +00:00
Dave Rodgman	4daca63734	Documentation Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 17:43:00 +00:00
Dave Rodgman	f55182d2bf	Use platform-provided secure zeroization call Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 17:42:43 +00:00
Dave Rodgman	f68402565a	Add corresponding fix for mbedtls_ssl_write Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 15:57:30 +00:00
ashesman	937d6d5eab	Update library/ssl_msg.c Co-authored-by: Gilles Peskine <gilles.peskine@arm.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 15:57:14 +00:00
Ashley Duncan	358f94a71c	Fixed undefined behavior in ssl_read if buf parameter is NULL. Signed-off-by: Ashley Duncan <ashes.man@gmail.com>	2023-02-24 15:53:07 +00:00
Paul Elliott	a16ce9f601	Remove driver entry points for {get\|set}_max_ops(). Move the global variable to the PSA layer, and just set that when calling PSA level functions. Move the internal ecp set to before each ecp call. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-24 14:44:18 +00:00
Manuel Pégourié-Gonnard	02d55d5825	Rename some local variables The name sha512 might have made sense when it was an mbedtls_sha512_context, but now it's weird to see things like mbedtls_md_setup(&sha512, ...MBEDTLS_MD_SHA384...); Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-24 13:31:33 +01:00
Manuel Pégourié-Gonnard	f057ecfedf	Use MD not low-level sha256/512 in TLS Same reasoning as in previous commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-24 13:30:55 +01:00
Manuel Pégourié-Gonnard	2cd751465c	Use MD, not low-level SHA1, in X.509 X.509 already depends on MD_C \|\| USE_PSA_CRYPTO, and this is for the !USE_PSA_CRYPTO branch, so we're free to use MD. This change supports our ability to use MBEDTLS_MD_CAN_xxx macros everywhere in the future, once they have been introduced. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-24 12:37:07 +01:00
Manuel Pégourié-Gonnard	0ac71c0d92	Make debug statement more portable There's little reason for accessing the hash implementation's internal state, its output contains most of the same information. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-24 12:13:55 +01:00
Paul Elliott	a3b625b0a1	Merge pull request #7098 from gilles-peskine-arm/retval-non-empty Pacify Clang 15 about empty \retval	2023-02-24 09:10:53 +00:00
Przemek Stekiel	d93de32267	Move to computation stage only on successfull setup Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-24 08:39:49 +01:00
Jerry Yu	ba1e78f1c2	fix code style and comment issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-24 11:18:16 +08:00
Manuel Pégourié-Gonnard	1e57abd3ec	Group MD_LIGHT and MD_C parts of md.c Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-23 20:45:26 +01:00
Przemek Stekiel	083745e097	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-23 17:28:23 +01:00
Manuel Pégourié-Gonnard	0d4152186d	Make MBEDTLS_MD_LIGHT private for now. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-23 13:02:13 +01:00
Manuel Pégourié-Gonnard	f78a10052c	Merge pull request #7047 from mpg/tls-hash-errors Handle errors from hash functions in TLS code	2023-02-23 08:49:55 +01:00
Valerio Setti	1ad9ef2132	ssl: use new macros for ECDSA capabilities Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-23 08:15:09 +01:00
Jerry Yu	947bf969e0	Improve readability of expansion size Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-23 11:07:57 +08:00
Jerry Yu	fac5a54f8a	fix code style issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-23 10:13:40 +08:00
Paul Elliott	59200a22aa	Improve psa_wipe_output_buffer Change name and document to ensure suitability only for "tags" is explicit. Add support for output size of zero in PSA_SUCCESS case. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-22 14:15:31 +00:00
Janos Follath	406b9172ad	Merge pull request #7044 from minosgalanakis/bignum/6342_add_named_moduli_setup Bignum: Add named moduli setup	2023-02-22 12:14:33 +00:00

1 2 3 4 5 ...

10636 commits