yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
28620 commits 1 branch 0 tags 94 MiB
Commit graph

28620 commits

This branch
This branch
All branches
Author SHA1 Message Date
Valerio Setti
0a903db804 test_suite_psa_crypto_slot_management: some fix for available key slots 
When AES_C is not defined, CTR_DRBG relies on PSA to get AES-ECB. This means
that PSA holds an open AES key since psa_crypto_init() is called, which
- reduces the maximum number of available key slots
- shifts the 1st available index

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti
dc32ac20fd test_suite_[ctr_drbg/random]: initialize/close PSA in tests 
This commit also adds AES_PSA_[INIT/DONE] in "psa_crypto_helpers.h". Its
scope is to call PSA_[INIT/DONE] only when AES_C is not defined (which is
when PSA is effectively required for CTR_DRBG).

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti
402cfba4dc psa: free RNG implementation before checking for remaining open key slots 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti
5f4b28defc ctr_drbg: add alternative PSA implementation when AES_C is not defined 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti
fbefe04bf3 check_config: fix requirements for CTR_DRBG 
The module now depends on either:
- AES_C, which is the default and the preferred solution for
  backward compatibility
- CRYPTO_C + KEY_TYPE_AES + ALG_ECB_NO_PADDINTG, which is the
  new solution when AES_C is not defined

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti
40a93dff32 all.sh: keep CTR_DRBG enabled in test_psa_crypto_config_accel_cipher_aead() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Manuel Pégourié-Gonnard
3d12d65946
Merge pull request #8590 from valeriosetti/fix-pkcs5-pkcs12 
pkcs[5/12]: use cipher enums for encrypt and decrypt
 2023-12-04 10:03:02 +00:00
Dave Rodgman
9afc0200c7
Merge pull request #8563 from Oldes/issues-8562 
Fixed compilation for Haiku OS
 2023-12-04 09:53:08 +00:00
Dave Rodgman
7a2dae6442
Merge pull request #8589 from daverodgman/ct-unused 
Remove unused/non-compiling code
 2023-12-04 09:41:39 +00:00
Jerry Yu
7bb40a3650 send unexpected alert when not received eoed or app during reading early data 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-04 10:04:15 +08:00
Jerry Yu
fbf039932a Send decode error alert when EOED parsing fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-04 10:00:37 +08:00
Jerry Yu
3be850782c fix various issues 
- improve comments
- rename function and macros name
- remove unnecessary comments
- remove extra empty lines
- remove unnecessary condition

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-04 09:58:54 +08:00
Thomas Daubney
10769bca9e Fix bad whitespace in keyword argument assignment 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 23:47:59 +00:00
Thomas Daubney
3a0690647e Use guess_mbedtls_root in Mbed-TLS-only script 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 18:27:25 +00:00
Thomas Daubney
04c446cc21 Modify crypto_core_directory to also return a relative path 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 17:18:38 +00:00
Valerio Setti
4577bda6d5 pkcs[5|12]: use cipher enums for encrypt and decrypt 
Instead of re-defining MBEDTLS_PKCS5_[EN/DE]CRYPT and
MBEDTLS_PKCS12_PBE_[EN/DE]CRYPT from scratch, since these values
are to be used with the mbedtls_cipher_setkey() function, ensure
that their value matches with enums in cipher.h.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-01 16:51:24 +01:00
Yanray Wang
744577a429 tls13: early_data: cli: check a PSK has been selected in EE 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 23:03:37 +08:00
Dave Rodgman
f1be1f6740 Remove unused code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-01 13:53:45 +00:00
Oldes Huhuman
304fa091cf Shortening a comment line 
Related to: https://github.com/Mbed-TLS/mbedtls/issues/8562

Signed-off-by: Oldes Huhuman <oldes.huhuman@gmail.com>
 2023-12-01 12:23:26 +01:00
Thomas Daubney
99030e2a50 Remove trailing whitespace 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 09:52:35 +00:00
Yanray Wang
9ae6534c20 tls13: early_data: cli: improve comment 
This commit improves comment of why we assign the identifier of the
ciphersuite in handshake to `ssl->session_negotiate`.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 17:46:08 +08:00
Yanray Wang
03a00768c0 tls13: early_data: cli: improve comment 
This commit improves comment of the check for handshake parameters
in Encrypted Extension.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 17:40:21 +08:00
Jerry Yu
0af63dc263 improve comments and output message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 17:18:04 +08:00
Jerry Yu
ee4d729555 print received early application data 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:53:50 +08:00
Jerry Yu
e96551276a switch inbound transform to handshake 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:53:50 +08:00
Jerry Yu
75c9ab76b5 implement parser of eoed 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:53:50 +08:00
Jerry Yu
b4ed4602f2 implement coordinate of eoed 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:34:00 +08:00
Jerry Yu
d5c3496ce2 Add dummy framework of eoed state 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:32:31 +08:00
Jerry Yu
59d420f17b empty process_end_of_early_data 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:30:34 +08:00
Ronald Cron
857d29f29a
Merge pull request #8528 from yanrayw/issue/6933/parse-max_early_data_size 
TLS1.3 EarlyData: client: parse max_early_data_size
 2023-12-01 08:27:26 +00:00
Jerry Yu
9b72e39701 re-introduce process_wait_flight2 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:27:08 +08:00
Jerry Yu
e32fac3d23 remove wait_flight2 state 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:25:16 +08:00
Dave Rodgman
422951b9ed
Merge pull request #8044 from daverodgman/msft-aarch64 
Better support for MSVC aarch64 aka ARM64 and ARM64EC
 2023-12-01 07:48:26 +00:00
Yanray Wang
e72dfff1d6 tls13: early_data: cli: improve comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 12:05:16 +08:00
Yanray Wang
2bef7fbc8d tls13: early_data: cli: remove guard to fix failure 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 12:02:56 +08:00
Thomas Daubney
db80b2301c Introduce guess_tf_psa_crypto_root 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 17:33:54 +00:00
Thomas Daubney
d1f2934e78 Introduce guess_mbedtls_root 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 17:27:42 +00:00
Thomas Daubney
56bee0344e Rename variable for better clarity 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 14:33:35 +00:00
Thomas Daubney
46588de8fc Improve documentation of crypto_core_directory 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 13:59:30 +00:00
Thomas Daubney
08c6dc4942 Rename project_crypto_name 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 13:56:09 +00:00
Dave Rodgman
059f66ce7c Remove redundant check 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 11:02:03 +00:00
Dave Rodgman
6eee57bc07 Merge remote-tracking branch 'origin/development' into msft-aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 11:01:50 +00:00
Dave Rodgman
12d1c3ad4f Use MBEDTLS_HAVE_NEON_INTRINSICS in aesce 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 09:38:38 +00:00
Dave Rodgman
d879b47b52 tidy up macros in mbedtls_xor 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 09:35:14 +00:00
Dave Rodgman
59059ec503 Merge remote-tracking branch 'origin/development' into msft-aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 09:34:41 +00:00
Yanray Wang
b3e207d762 tls13: early_data: cli: rename early_data parser in nst 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 16:49:51 +08:00
Yanray Wang
0790041dc6 Revert "tls13: early_data: cli: remove nst_ prefix" 
This reverts commit 3781ab40fb.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 16:44:44 +08:00
Dave Rodgman
10dfe76425
Merge pull request #8573 from daverodgman/iar-aesce2 
Disable hw AES on Arm for IAR
 2023-11-30 08:22:09 +00:00
Yanray Wang
f4bad42670 itls13: early_data: cli: improve comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 15:58:07 +08:00
Yanray Wang
a29db7da2e tls13: early_data: cli: assign ciphersuite properly 
When early_data extension is enabled and sent in ClientHello,
the client does not know if the server will accept early data
and select the first proposed pre-shared key with a ciphersuite
that is different from the ciphersuite associated to the selected
pre-shared key. To address aforementioned case, we do associated
verification when parsing early_data ext in EncryptedExtensions.
Therefore we have to assign the ciphersuite in current handshake
to session_negotiate later than the associated verification.
This won't impact decryption of EncryptedExtensions since we
compute handshake keys by the ciphersuite in handshake not via
the one in session_negotiate.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-30 14:27:38 +08:00