Dave Rodgman
0d22539de0
Merge pull request #8468 from daverodgman/mbedtls-3.5.1-pr
...
Mbed TLS 3.5.1
2023-11-08 18:01:32 +00:00
Ryan Everett
5567e3a34b
Make empty key slots explicit
...
Add new status field to key slots, and use it.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-11-08 13:28:20 +00:00
Dave Rodgman
28d40930ae
Restore bump version
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:08 +00:00
Yanray Wang
004a60c087
aes.c: remove non-functional code
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-08 19:05:31 +08:00
Pengyu Lv
2bd56de3f4
ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros
...
MBEDTLS_SSL_HAVE_<block_cipher>_CBC equals
MBEDTLS_SSL_HAVE_<block_cipher> and MBEDTLS_SSL_HAVE_CBC.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 14:21:19 +08:00
Pengyu Lv
65458fa969
ssl: MBEDTLS_SSL_HAVE_* in ssl_misc.h
...
Done by commands:
```
sed -i "300,$ s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
```
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 12:16:29 +08:00
Pengyu Lv
829dd2048a
ssl: use MBEDTLS_SSL_HAVE_* in ssl_ciphersuites.c
...
Mainly done by the commands, with some manual adjust.
```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
```
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 12:01:26 +08:00
Pengyu Lv
f1b86b088f
ssl: add macro to indicate CBC mode is available
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 11:28:42 +08:00
Pengyu Lv
e870cc8c86
ssl: add macro for available key types
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-08 11:28:36 +08:00
Tom Cosgrove
53199b1c0a
Merge pull request #6720 from yuhaoth/pr/tls13-early-data-receive-0_rtt-and-eoed
...
TLS 1.3: EarlyData SRV: Write early data extension in EncryptedExtension
2023-11-07 13:59:13 +00:00
Yanray Wang
4995e0c31b
cipher.c: return error for ECB-decrypt under BLOCK_CIPHER_NO_DECRYPT
...
- fix remaining dependency in test_suite_psa_crypto.data
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 17:51:32 +08:00
Tom Cosgrove
4122c16abd
Merge pull request #6945 from lpy4105/issue/6935/ticket_flags-kex-mode-determination
...
TLS 1.3: SRV: Check ticket_flags on kex mode determination when resumption
2023-11-07 09:26:21 +00:00
Jerry Yu
7cca7f6820
move ext print to the end of write client hello
...
pre_shared_key extension is done at the end. The
information should be print after that
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 15:19:13 +08:00
Jerry Yu
1ccd6108e8
Revert "fix miss sent extensions mask"
...
This reverts commit 06b364fdfd
.
It has been set in write_binders
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 14:57:44 +08:00
Jerry Yu
7ef9fd8989
fix various issues
...
- Debug message
- Improve comments
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 14:31:37 +08:00
Jerry Yu
2bea94ce2e
check the ticket version unconditional
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-07 14:18:17 +08:00
Yanray Wang
0751761b49
max_early_data_size: rename configuration function
...
Rename mbedtls_ssl_tls13_conf_max_early_data_size as
mbedtls_ssl_conf_max_early_data_size since in the future
this may not be specific to TLS 1.3.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 11:49:34 +08:00
Yanray Wang
d5ed36ff24
early data: rename configuration function
...
Rename mbedtls_ssl_tls13_conf_early_data as
mbedtls_ssl_conf_early_data since in the future this may not be
specific to TLS 1.3.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 11:49:24 +08:00
Pengyu Lv
44670c6eda
Revert "TLS 1.3: SRV: Don't select ephemeral mode on resumption"
...
This reverts commit dadeb20383
.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-11-07 09:58:53 +08:00
Dave Rodgman
4b67ac8adf
Merge pull request #8444 from Mbed-TLS/cvv-code-size
...
code size for mbedtls_cipher_validate_values
2023-11-06 12:50:37 +00:00
Yanray Wang
0d76b6ef76
Return an error if asking for decrypt under BLOCK_CIPHER_NO_DECRYPT
...
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is enabled, but decryption is
still requested in some incompatible modes, we return an error of
FEATURE_UNAVAILABLE as additional indication.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Yanray Wang
de0e2599ad
cipher_wrap.c: remove unnecessary NO_DECRYPT guard for DES
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Gilles Peskine
8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407
...
[G2] Make TLS work without Cipher
2023-11-04 15:05:00 +00:00
Dave Rodgman
4eb44e4780
Standardise some more headers
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:15:12 +00:00
Dave Rodgman
ce38adb731
Fix header in ssl_tls13_keys.c
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 10:29:25 +00:00
Dave Rodgman
f8be5f6ade
Fix overlooked files
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 20:43:00 +00:00
Dave Rodgman
16799db69a
update headers
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Dave Rodgman
e91d7c5d68
Update comment to mention IAR
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 10:36:38 +00:00
Dave Rodgman
b351d60e99
Merge remote-tracking branch 'origin/development' into msft-aarch64
2023-11-01 13:20:53 +00:00
Jerry Yu
960b7ebbcf
move psk check to EE message on client side
...
early_data extension is sent in EE. So it should
not be checked in SH message.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-01 10:32:18 +08:00
Jerry Yu
82fd6c11bd
Add selected key and ciphersuite check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-01 10:32:17 +08:00
Jerry Yu
ce3b95e2c9
move ticket version check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-01 10:32:17 +08:00
Jerry Yu
454dda3e25
fix various issues
...
- improve output message
- Remove unnecessary checks
- Simplify test command
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-01 10:28:43 +08:00
Dave Rodgman
9ba640d318
Simplify use of __has_builtin
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 23:34:02 +00:00
Dave Rodgman
90c8ac2205
Add case for MSVC
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 23:27:24 +00:00
Dave Rodgman
64bdeb89b9
Use non-empty definition for fallback
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 23:27:04 +00:00
Dave Rodgman
52e7052b6c
tidy up comments
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 23:26:44 +00:00
Dave Rodgman
3e5cc175e0
Reduce code size in mbedtls_cipher_validate_values
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 18:00:01 +00:00
Dave Rodgman
6d2c1b3748
Restructure mbedtls_cipher_validate_values
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 18:00:01 +00:00
Dave Rodgman
fb24a8425a
Introduce MBEDTLS_ASSUME
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-31 17:59:56 +00:00
Yanray Wang
b67b47425e
Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-31 17:22:06 +08:00
Pengyu Lv
dbd1e0d986
tls13: add helpers to check if psk[_ephemeral] allowed by ticket
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-31 10:17:17 +08:00
Pengyu Lv
29daf4a36b
tls13: server: fully check ticket_flags with available kex mode.
...
We need to fully check if the provided session ticket could be
used in the handshake, so that we wouldn't cause handshake
failure in some cases. Here we bring f8e50a9
back.
Example scenario:
A client proposes to a server, that supports only the psk_ephemeral
key exchange mode, two tickets, the first one is allowed only for
pure PSK key exchange mode and the second one is psk_ephemeral only.
We need to select the second tickets instead of the first one whose
ticket_flags forbid psk_ephemeral and thus cause a handshake
failure.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-31 09:34:14 +08:00
Dave Rodgman
b06d701f56
Merge pull request #8406 from beni-sandu/aesni
...
AES-NI: use target attributes for x86 32-bit intrinsics
2023-10-30 17:01:06 +00:00
Tom Cosgrove
3857bad9a2
Merge pull request #8427 from tom-cosgrove-arm/fix-linux-builds-in-conda-forge
...
Fix builds in conda-forge, which doesn't have CLOCK_BOOTTIME
2023-10-30 15:29:26 +00:00
Valerio Setti
467271dede
ssl_misc: ignore ALG_CBC_PKCS7 for MBEDTLS_SSL_HAVE_xxx_CBC
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:40:32 +01:00
Valerio Setti
1ebb6cd68d
ssl_misc: add internal MBEDTLS_SSL_HAVE_[AES/ARIA/CAMELLIA]_CBC symbols
...
These are used in tests to determine whether there is support for
one of those keys for CBC mode.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:36:32 +01:00
Jerry Yu
06b364fdfd
fix miss sent extensions mask
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-30 17:18:42 +08:00
Pengyu Lv
cfb23b8090
tls13: server: parse pre_shared_key only when some psk is selectable
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-30 15:26:26 +08:00
Beniamin Sandu
800f2b7c02
AES-NI: use target attributes for x86 32-bit intrinsics
...
This way we build with 32-bit gcc/clang out of the box.
We also fallback to assembly for 64-bit clang-cl if needed cpu
flags are not provided, instead of throwing an error.
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
2023-10-27 17:02:22 +01:00
Valerio Setti
36fe8b9f4b
psa_crypto_cipher: add guard for unused variable
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
1e21f26d88
psa_crypto_cipher: add helper to validate PSA cipher values
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:13:33 +02:00
Valerio Setti
4a249828a8
psa_crypto_cipher: add mbedtls_cipher_values_from_psa()
...
This commit splits mbedtls_cipher_info_from_psa() in 2 parts:
- mbedtls_cipher_values_from_psa() that performs parameters' validation and
return cipher's values
- mbedtls_cipher_info_from_psa() which then use those values to return
the proper cipher_info pointer. Of course this depends on CIPHER_C.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Valerio Setti
2c2adedd82
psa_crypto_aead: add guard for CIPHER_C dependency
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Jerry Yu
71c14f1db6
write early data indication in EE msg
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-27 10:52:49 +08:00
Jerry Yu
985c967a14
tls13: add more checks for server early data
...
- check if it is enabled
- check if it is psk mode
- check if it is resumption
- check if it is tls13 version
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-27 10:52:27 +08:00
Bence Szépkúti
51328162e6
Merge pull request #8374 from sergio-nsk/sergio-nsk/8372/2
...
Fix compiling AESNI in Mbed-TLS with clang on Windows
2023-10-26 21:21:01 +00:00
Dave Rodgman
2db1e354e3
Merge pull request #8408 from daverodgman/iar-fix-aes
...
Fix MBEDTLS_MAYBE_UNUSED for IAR
2023-10-26 15:53:11 +00:00
Gilles Peskine
b3d0ed2e6e
Merge pull request #8303 from valeriosetti/issue6316
...
Add test component with all ciphers and AEADs accelerated only
2023-10-26 15:53:10 +00:00
Tom Cosgrove
257f6dd57d
Fix builds in conda-forge, which doesn't have CLOCK_BOOTTIME
...
Fixes #8422
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-10-26 14:04:34 +01:00
Ronald Cron
95b735530c
Merge pull request #6719 from yuhaoth/pr/tls13-early-data-add-early-data-of-client-hello
...
TLS 1.3: EarlyData SRV: Add early data extension parser.
2023-10-26 08:31:53 +00:00
Valerio Setti
bbc46b4cc2
cipher: improve code readibility in mbedtls_cipher_setup()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-26 09:00:21 +02:00
Dave Rodgman
6e51abf11d
Merge remote-tracking branch 'origin/development' into msft-aarch64
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 15:17:11 +01:00
Dave Rodgman
d1c4fb07ee
Support older IAR versions
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 15:07:35 +01:00
Valerio Setti
79a02de79f
cipher: check that ctx_alloc_func is not NULL before calling it
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:03:36 +02:00
Valerio Setti
a6c0761c43
cipher_wrap: fix guards for GCM/CCM AES
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:03:36 +02:00
Valerio Setti
e86677d0c3
pkparse: fix missing guards for pkcs5/12 functions
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-25 12:03:36 +02:00
Dave Rodgman
5e41937eba
Remove dependency on asm/hwcap.h
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
9fd1b526c3
Use MBEDTLS_ARCH_IS_ARMV8_A not MBEDTLS_ARCH_IS_ARMV8
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
cb5c9fb0c2
Add volatile to prevent asm being optimised out
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
b34fe8b88b
Fix #error typo
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
90291dfe33
Share some definitions that are common for clang and GCC 5
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
46267f6a2d
Tidy-up: move GCM code into one place
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
f4ee5d4c94
Code style
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
2c25bdb7cf
Don't use #ifdef on vreinterpretq_xxx
...
Co-authored-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
f60e44d063
Add link to ACLE docs in comment
...
Co-authored-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
48b965d941
Update clang version requirements
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
472a1906d5
fix tabs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
4b8e8dc043
Improve compiler version checking + docs + testing for armclang
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
ece803b0ae
Fix behaviour for Armv8 targets without Neon
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
851cf5a325
Fix runtime detection on A32/T32
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
27e3c87fc1
Suppport AESCE on A32 and T32
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:22 +01:00
Dave Rodgman
d69d3cda34
Merge pull request #8298 from daverodgman/sha-armce-thumb2
...
Support SHA256 acceleration on Armv8 thumb2 and arm
2023-10-24 21:23:15 +00:00
Dave Rodgman
f842868dd9
Fix MBEDTLS_MAYBE_UNUSED for IAR
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-24 14:18:38 +01:00
Pengyu Lv
7b711710b2
Add check_ticket_flags helper function
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-10-24 17:07:14 +08:00
Dave Rodgman
514590210b
Merge remote-tracking branch 'origin/development' into sha-armce-thumb2
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-23 15:35:07 +01:00
Dave Rodgman
66d5512571
Remove dependency on asm/hwcap.h
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-23 15:12:32 +01:00
Dave Rodgman
bcb810252c
Merge pull request #8363 from daverodgman/iar-fixes-2
...
Stop IAR warning about goto skipping variable definition
2023-10-23 14:59:15 +01:00
Tom Cosgrove
235e361b6c
Merge pull request #8339 from lpy4105/issue/support-cpuid-for-win32
...
Support cpuid for win32
2023-10-23 10:43:39 +00:00
Manuel Pégourié-Gonnard
2bf0870e25
Merge pull request #7861 from mpg/cleanup-pk-parse
...
cleanup PK parse - part 1
2023-10-23 08:49:16 +00:00
Matthias Schulz
edc32eaf1a
Uncrustified
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-19 16:09:08 +02:00
Sergey Markelov
3898f10fed
Fix #8372 - Error compiling AESNI in Mbed-TLS with clang on Windows
...
It can successfully compile w/ the clang options -maes -mpclmul.
Signed-off-by: Sergey Markelov <sergey@solidstatenetworks.com>
2023-10-18 20:24:39 -07:00
Gilles Peskine
6407f8fc54
Merge pull request #8322 from valeriosetti/issue8257
...
Improve location of MD_CAN macros
2023-10-18 14:31:28 +00:00
Matthias Schulz
ab4082290e
Added parameters to add callback function to handle unsupported extensions. Similar to how the callback functions work when parsing certificates. Also added new test cases.
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-18 13:20:59 +02:00
Gilles Peskine
f6f4695824
Merge pull request #8320 from valeriosetti/issue8263
...
Fix dependencies of mbedtls_pk_ec_ro and mbedtls_pk_ec_rw
2023-10-18 10:03:46 +00:00
Pengyu Lv
ed5e4e86a5
Merge branch 'development' into issue/6935/ticket_flags-kex-mode-determination
2023-10-18 18:03:07 +08:00
Jerry Yu
b47b2990d6
fix various issues
...
- fix wrong typo
- remove redundant check
- remove psk mode tests
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-18 15:50:35 +08:00
Manuel Pégourié-Gonnard
c6d633ffbc
Merge pull request #8297 from valeriosetti/issue8064
...
Change accel_aead component to full config
2023-10-18 07:15:59 +00:00
Matthias Schulz
873a202d18
Now handling critical extensions similarly to how its done in x509_get_crt_ext just without the callback function to handle unknown extensions.
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-17 16:02:20 +02:00
Matthias Schulz
cc923f307e
Added missing like between variables and function body.
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-17 12:36:56 +02:00
Matthias Schulz
adb3cc4d43
Fixes #8377 .
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-17 11:57:10 +02:00
Valerio Setti
2f00b7a5da
cipher: reset MBEDTLS_CIPHER_HAVE_AEAD to MBEDTLS_CIPHER_MODE_AEAD
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-17 11:43:34 +02:00
Manuel Pégourié-Gonnard
745ec5d75e
Fix static initializer warning
...
In a hypothetical build with no curves, or in the future when we add a
new curve type and possibly forget updating this function with a new
block for the new type, we write to `ret` at the beginning or the
function then immediately overwrite it with MPI_CHK(check_privkey),
which static analyzers understandably find questionable.
Use `ret` here and check the key only if it was actually set.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-17 10:13:45 +02:00
Yanray Wang
4b6595aa83
Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only
2023-10-17 11:13:00 +08:00
Dave Rodgman
2fde39a22c
Merge pull request #8283 from daverodgman/more-aes-checks
...
More AES guards testing and some fixes
2023-10-16 18:22:51 +00:00
Valerio Setti
9fc1f24331
md: restore md.h includes in source files directly using its elements
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 14:39:38 +02:00
Valerio Setti
74cb404b0d
ssl: improve ssl_check_key_curve()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 13:40:50 +02:00
Yanray Wang
aa01ee303a
Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only
2023-10-16 17:38:32 +08:00
Valerio Setti
dcee98730b
cipher_wrap: add VIA_LEGACY_OR_USE_PSA to new internal symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 11:35:57 +02:00
Valerio Setti
596ef6c0b1
cipher: reset MBEDTLS_CIPHER_HAVE_AEAD_LEGACY to previous naming
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 11:26:08 +02:00
Valerio Setti
0521633559
cipher: fix guards in mbedtls_cipher_auth_[encrypt/decrypt]_ext()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 11:22:21 +02:00
Manuel Pégourié-Gonnard
52e9548c22
Fix check for format supported by PSA
...
For non-Weierstrass curves there's only one format and it's supported.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
f1b7633443
Use clearer function name
...
I went for "may be" as I was thinking just checking the tag technically
does not guarantee that what follows is correct, but I was wrong:
according to ASN.1, when there are variants, the tag does distinguish
unambiguously between variants, so we can be more positive here.
(Whether the thing inside that variant is correct is a different
question.)
As a welcome side effect, this makes the name more standard hence more
readable.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
842ffc5085
Make code more robust
...
Using return here is only correct if we know that group_load() is atomic
(either succeeds, or allocates no ressources). I'm not sure it is, and
even if it were, goto exit is more obviously correct, so let's use that.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
94cf1f82ad
Fix a typo in a comment
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
564bc1bb96
Fix limitation in checking supported alg in pk_sign
...
The recent changes in pkparse made it so ECDSA (deterministic or not) is
set as the secondary alg and ECDH the first one. This broke the wrapper
in pk_wrap as it was only checking the first alg when deciding whether
to use deterministic or not. The wrapper should not have unnecessary
requirements on how algs are set up, so make the check more flexible.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
53d3e40a21
Fix unused warnings in dummy definition
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
12ea63a5f7
Abstract away MBEDTLS_PK_PARSE_EC_EXTENDED
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
fac9819edc
Fix and document return of pk_ecc_set_pubkey()
...
One of the calling site needs to distinguish between "the format is
potentially valid but not supported" vs "other errors", and it uses
MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE for that.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
ff72ea9d51
Rework pk_ecc_set_pubkey()
...
- Fix the logic around format: we were just assuming that if the format
was not compressed, it was uncompressed, but it could also have been
just invalid.
- Remove redundant length check: the fallback does its own checks.
- Remove set_algorithm() that's not needed and introduced a depencency
on ECDSA.
- Some style / naming / scope reduction.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
e4c883bc8c
New signature for pk_ecc_set_pubkey()
...
Also new name, for consistency, and documentation.
The signature **p, *end is mostly for parsing functions that may not
consume everything, and need to update the "current" pointer to reflect
what has been consumed. This is not the case here.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
681e30b727
Rework pk_ecc_set_pubkey_psa_ecp_fallback()
...
- new semantic: sets the pubkey directly in the PK context
- new name to reflect that semantic and obey the naming scheme
- trivial case first
- documentation and better parameter names
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
0b8e45650f
Tune body of pk_ecc_set_pubkey_from_prv()
...
- avoid useless use of ret in PSA code, keep only status
- improve variable names
- keep declarations closer to use
- a few internal comments
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
de25194a20
Rename and document pk_ecc_set_pubkey_from_prv()
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
d1aa642394
Document pk_ecc_set_group() and pk_ecc_set_key()
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
5470898e37
Move code around again
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
997a95e592
Merge two consecutive #ifs
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
212517b87d
Start re-ordering functions in pkparse
...
The general order is low-level first, top-level last, for the sake of
static function and avoiding forward declarations.
The obvious exception was functions that parse files that were at the
beginning; move them to the end.
Also start defining sections in the file; this is incomplete as I don't
have a clear view of the beginning of the file yet. Will continue in
further commits.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
df151bbc37
Minor improvements to pk_ecc_read_compressed()
...
- new name starting with pk_ecc for consistency
- re-order params to match the PSA convention: buf, len, &size
- add comment about input consumption
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
e82fcd9c9e
Avoid nested #ifs in body of pk_get_ecpubkey()
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Manuel Pégourié-Gonnard
116175c5d7
Use helper macro for (deterministic) ECDSA
...
- centralizes decision making about which version to use when
- avoids nested #ifs in pk_ecc_set_key()
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:27:22 +02:00
Dave Rodgman
0a48717b83
Simplify Windows-on-Arm macros
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
c5cc727dd0
Use new MBEDTLS_ARCH_IS_xxx macros
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
a0f10da9d2
Use MBEDTLS_HAVE_NEON_INTRINSICS instead of __ARM_NEON
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
4ffd7c7614
Introduce MBEDTLS_HAVE_NEON_INTRINSICS and simplify NEON header inclusion
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
be09286666
Enable 8-byte fastpath in mbedtls_xor on ARM64 and ARM64EC
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
ad71b6a834
Support ARM64EC in the same way as ARM64 in sha256 and sha512
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
78fc0bd1db
Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS on Windows-on-Arm
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Manuel Pégourié-Gonnard
dcd98fffab
Factor similar code into pk_ecc_set_key()
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
6db11d5068
Group two versions of the same code
...
Just moving code around. The two blocks do morally the same thing: load
the key, and grouping them makes the #if #else structure clearer.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
d5b4372012
Slightly simplify pk_derive_public_key()
...
- add a comment explain potentially surprising parameters
- avoid nesting #if guards: I find the linear structure #if #elif #else
makes the three cases clearer.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
2585852231
Factor common code into a function
...
There were two places that were calling either pk_update_ecparams() or
mbedtls_ecp_group_load() depending on the same guard. Factor this into a
single function, that works in both configs, so that callers don't have
to worry about guards.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
5fcbe4c1f8
Further rationalize includes
...
- only include psa_util when we use PSA Crypto
- re-order includes
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
da88c380bd
Minimize key-type-related includes
...
- we don't use any ECDSA function here
- we only need to include ecp.h when supporting ECC keys
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
4b0e8f0e2c
Remove redundant include
...
It's also included later, guarded by support for ECC keys, and actually
that's the only case where we need it.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-16 10:25:44 +02:00
Valerio Setti
5f5573fa90
cipher: reintroduce symbol for legacy AEAD support
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-13 17:29:27 +02:00
Dave Rodgman
515af1d80d
Stop IAR warning about goto skipping variable definition
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-13 16:03:25 +01:00
Bence Szépkúti
195411bb17
Merge pull request #8062 from yanrayw/save_stack_usage_pkwrite
...
pkwrite: use heap to save stack usage for writing keys in PEM string
2023-10-13 14:27:13 +00:00
Dave Rodgman
2457bcd26c
Tidy up logic for MBEDTLS_MAYBE_UNUSED
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-13 12:31:45 +01:00
Gilles Peskine
97a6231b5c
Revert "Fix a few IAR warnings"
2023-10-13 11:39:53 +02:00