yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
23218 commits 1 branch 0 tags 94 MiB
Commit graph

10244 commits

Author SHA1 Message Date
Gilles Peskine
b4a87b07f8 Don't use pk_write in ecdsa_verify_wrap with USE_PSA_CRYPTO 
Under MBEDTLS_USE_PSA_CRYPTO, ecdsa_verify_wrap() was calling
mbedtls_pk_write_pubkey() to write a public key in the form of a
subjectPublicKey, only to then extract the part that represents the EC
point which psa_import_key() actually wants. Instead, call an ecp
function to directly get the public key in the desired format (just the
point).

This slightly reduces the code size and stack usage, and removes a
dependency on pk_write.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-08 13:39:10 +01:00
Valerio Setti
5b16e9eabc pk_wrap: keep ECDSA_C for ECP_RESTARTABLE contexts 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-07 16:21:36 +01:00
Valerio Setti
1cdddacc62 pk_wrap: use proper macros for sign and verify 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-07 08:02:23 +01:00
Valerio Setti
5c593af271 pk_wrap: fix comment on closing #endif 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-07 08:02:23 +01:00
Valerio Setti
24138d9f83 pk_wrap: re-use identical functions for eckey and ecdsa when possible 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-07 08:02:23 +01:00
Valerio Setti
7ca1318256 pk: add new symbol for generic ECDSA capability 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-07 08:02:23 +01:00
Valerio Setti
9e30dd882d removing a leftover printf from debug 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-07 08:02:23 +01:00
Valerio Setti
ab363d9fe1 pk/pk_wrap: replace ECDSA_C with generic ECDSA capabilities' defines 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-07 08:02:23 +01:00
Gilles Peskine
0cfb08ddf1
Merge pull request #6922 from mprse/csr_v3 
Parsing v3 extensions from a CSR - v.2
 2023-02-03 16:41:11 +01:00
Gilles Peskine
80c552556a
Merge pull request #6791 from yanrayw/6675-change-some-key-generation-funcs-to-static 
TLS 1.3: Key Generation: change some key generation functions to static
 2023-02-03 11:56:35 +01:00
Dave Rodgman
6dd757a8ba Fix use of sizeof without brackets 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-02-02 12:40:50 +00:00
Gilles Peskine
24c6f49530
Merge pull request #7005 from tom-cosgrove-arm/fix-doxygen-typos-in-new-bignum 
Fix typos in doxygen commands in new bignum modules
 2023-02-01 19:05:04 +01:00
Gilles Peskine
a193986aab
Merge pull request #6942 from ucko/2023a-bignum 
mbedtls_mpi_sub_abs: Skip memcpy when redundant (#6701).
 2023-02-01 11:36:25 +01:00
Tom Cosgrove
8a1f784ece Fix typos in doxygen commands in new bignum modules 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-02-01 08:43:54 +00:00
Yanray Wang
a12cecbe47 Modify some comments in ssl_tls13_keys.c 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-02-01 14:29:51 +08:00
Gilles Peskine
f6b9823422
Merge pull request #6979 from daverodgman/const-time-asm-vol 
Inhibit compiler from optimising out const-time asm
 2023-01-31 11:28:45 +01:00
Gilles Peskine
470f10cfc5
Merge pull request #6941 from gabor-mezei-arm/6375_quasi-reduction_function 
Add function to fix quasi-reduction
 2023-01-31 11:25:25 +01:00
Gabor Mezei
db1607fa69
Remove unneeded include 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-01-30 16:27:48 +01:00
Manuel Pégourié-Gonnard
aae61257d1
Merge pull request #6883 from valeriosetti/issue6843 
Improve X.509 cert writing serial number management
 2023-01-30 13:08:57 +01:00
Dave Rodgman
4610d4b7a6 Inhibit compiler from optimising out const-time asm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-30 09:26:48 +00:00
Manuel Pégourié-Gonnard
169d9e6eb4
Merge pull request #6802 from gilles-peskine-arm/test_suite_psa_crypto_metadata-20221215 
Add metadata tests for CCM* and TLS1.2-ECJPAKE-to-PMS
 2023-01-27 10:05:00 +01:00
Przemek Stekiel
36ad5e7ab5 Fix code style 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-26 22:30:45 +01:00
Valerio Setti
af4815c6a4 x509: replace/fix name of new function for setting serial 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-01-26 17:43:09 +01:00
Janos Follath
803638c023
Merge pull request #6939 from minosgalanakis/bignum/6027_hardcode_montgomery_moduli 
Bignum: hardcode montgomery moduli
 2023-01-25 16:51:11 +00:00
Przemek Stekiel
32e20919ac Remove redundant check and add comment to inform about processing of empty extensions 
Netscape Certificate Management System Administrator's Guide: Extension-Specific Policy Modules, Chapter 18: Extension-Specific Policy Modules, Netscape Certificate Type Extension Policy:
> The extension has no default value.

A bitstring with no flags set is still technically valid, as it will mean that the certificate has no designated purpose at the time of creation.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-25 16:20:25 +01:00
Gabor Mezei
9a66ab180c
Fix missing declarration 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-01-25 13:23:38 +01:00
Przemek Stekiel
94e21e153f Skip unsupported extensions 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-25 11:08:32 +01:00
Gilles Peskine
8296eabed6
Merge pull request #6957 from tom-cosgrove-arm/fix-spelling-of-doxygen-return 
Fix doxygen return parameter spelling
 2023-01-24 21:56:45 +01:00
Gilles Peskine
3b8623fe2c
Merge pull request #6903 from Mihir-Raj-Singh/Bignum_rename_mtoN 
Rename modulus input argument from m to N
 2023-01-24 21:48:54 +01:00
Gabor Mezei
627e5b1f91
Only enable fix_quasi_reduction when testing 
Avoid compiler error due to the fix_quasi_reduction function
is static and has not been used.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-01-24 18:13:24 +01:00
Przemek Stekiel
a468768000 Dealocate memory for subject alt names 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-24 15:19:47 +01:00
Przemek Stekiel
86d1946164 Fix error codes returned on failures 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-24 11:20:10 +01:00
Przemek Stekiel
cf6ff0fb43 Move common functions for crt/csr parsing to x509.c 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-24 10:57:19 +01:00
Przemek Stekiel
db128f518c Allow empty ns_cert_type, key_usage while parsing certificates 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-24 10:57:19 +01:00
Przemek Stekiel
21c37288e5 Adapt function names 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-24 10:57:19 +01:00
Przemek Stekiel
cbaf3167dd mbedtls_x509_csr_info: Add parsing code for v3 csr extensions 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-24 10:57:19 +01:00
Jens Alfke
2d9e359275 Parsing v3 extensions from a CSR 
A parsed CSR struct (`mbedtls_x509_csr`) now includes some of the
X.509v3 extensions included in the CSR -- the key usage, Netscape
cert-type, and Subject Alternative Names.

Author: Jens Alfke <jens@couchbase.com>

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-01-24 10:56:55 +01:00
Gabor Mezei
a24fd06451
Update documentation 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-01-23 19:10:26 +01:00
Gabor Mezei
9073f7dd3b
Remove unneeded check 
The fix_quasi_reduction function changed to static so checking the
invalid arguments are not needed anymore.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-01-23 19:05:37 +01:00
Gabor Mezei
e81a2b85c9
Change the fix_quasi_reduction function to static 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-01-23 18:58:20 +01:00
Gabor Mezei
aaa1d2a276
Move the quasi reduction fixing function to bignum_mod_raw 
Rename the function to 'fix_quasi_reduction' to better suite its functionality.
Also changed the name prefix to suite for the new module.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-01-23 18:55:57 +01:00
Tom Cosgrove
37dabd540b Fix doxygen return parameter spelling 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-01-23 16:57:26 +00:00
Minos Galanakis
8692ec8bc0 pkarse: Added pk_group_id_from_specified() documentation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-01-23 10:33:06 +00:00
Dave Rodgman
7658b63390 Remove volatile from diff; add explanatory comment 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-20 14:04:48 +00:00
Dave Rodgman
fa96026a0e Move definition of asm out of public header 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-20 14:04:48 +00:00
Dave Rodgman
7f376fa6fc Improve documentation 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-20 14:04:48 +00:00
Dave Rodgman
b9cd19bc8c Prevent perf regressions in mbedtls_xor 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-20 14:04:48 +00:00
Dave Rodgman
051225d07a Address potential perf regression 
Ensure platforms that don't have an assembly implementation for
mbedtls_get_unaligned_volatile_uint32() don't experience a performance
regression.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-20 14:04:48 +00:00
Dave Rodgman
36dfc5a237 Improve efficiency of some constant time functions 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-20 14:04:48 +00:00
Dave Rodgman
cb0f2c4491 Tidy-up - move asm #define into build_info.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-01-20 14:04:48 +00:00