Chien Wong
153ae464db
Improve doc on special use of A in ecp group structure
...
Signed-off-by: Chien Wong <m@xv97.com>
2023-08-07 23:02:31 +08:00
Dave Rodgman
c98f8d996a
Merge branch 'development' into safer-ct5
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-07 11:47:35 +01:00
Jerry Yu
5fcdd6a28a
remove unnecessary definition
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-07 15:32:58 +08:00
Tom Cosgrove
ce37c5e1ce
Update links to Rijndael paper and NIST SP 800-90 DRBGs
...
The link to the DRBG paper points to the March 2007 version, the same as the
original link (rather than the latest version).
The amended Rijndael paper has a two-page "Note on naming" prefix.
Fixes #7193
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-08-04 13:55:03 +01:00
Jerry Yu
9c0b7d13bf
Remove unnecessary name check tag
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-04 17:25:59 +08:00
Jerry Yu
fce351def8
improve platform relative check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-04 17:13:36 +08:00
Jerry Yu
b241db3e26
remove padlock only mode
...
padlock depends on pure c implementation
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-04 16:56:04 +08:00
Jerry Yu
29c91ba42d
fix unreachable code warnings
...
It is detected by clang with bellow patch
```
diff --git a/library/Makefile b/library/Makefile
index fdab4f4ba0..967f9e2e65 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -306,8 +306,8 @@ libmbedcrypto.dll: $(OBJS_CRYPTO)
.c.o:
echo " CC $<"
- $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
-
+ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $(@:%.o=%.i) -E $<
+ $(CC) $(LOCAL_CFLAGS) -Wunreachable-code -Werror -Wno-unused-command-line-argument $(CFLAGS) -o $@ -c $(@:%.o=%.i)
.PHONY: generated_files
GENERATED_FILES = \
error.c version_features.c \
```
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-04 16:29:06 +08:00
Janos Follath
73568397a5
Merge pull request #8020 from yanesca/de-duplicate_ecp
...
De duplicate the ECP module
2023-08-04 08:27:09 +00:00
Dave Rodgman
003a5e1ca7
Merge pull request #1046 from Mbed-TLS/merge_3.4.1
...
Merge 3.4.1
2023-08-03 18:23:37 +01:00
Dave Rodgman
a0fc9987da
Merge branch 'development' into merge_3.4.1
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-03 15:56:59 +01:00
Dave Rodgman
6f80ac4979
Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size
...
Enforce minimum key size when generating RSA key size
2023-08-03 12:57:52 +00:00
Dave Rodgman
1d4d944e19
Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free
...
Provide and use internal function mbedtls_zeroize_and_free()
2023-08-03 12:56:21 +00:00
Gilles Peskine
ce64156f6d
Merge pull request #8021 from daverodgman/master-update
...
Sync development with accidental merge directly onto master
2023-08-02 13:30:35 +00:00
Janos Follath
d8cb3d7fa4
De-duplicate ecp.c
...
We duplicated ecp.c in the anticipation of heavy refactoring there. This
work has been suspended and the duplication is not useful anymore but
imposes an overhead.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-08-02 12:33:01 +01:00
Gilles Peskine
550d147078
Bump version to 3.4.1
...
```
./scripts/bump_version.sh --version 3.4.1
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-02 12:50:23 +02:00
Gilles Peskine
267bee9be8
Merge pull request #7903 from valeriosetti/issue7773
...
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/DH
2023-08-02 10:16:44 +00:00
Dave Rodgman
7f17bd09cc
Merge remote-tracking branch 'origin/master' into master-update
2023-08-02 10:57:07 +01:00
Jerry Yu
6943681820
Improve error message and documents
...
- fix grammar error
- Add more information for AES_USE_HARDWARE_ONLY
- Improve error message
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:44:03 +08:00
Jerry Yu
02b1519ab6
move accelerator checks to aes.c
...
Origin position is always validate due to conflict
between the guards in `aes.c` and module undef check
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:44:02 +08:00
Jerry Yu
d76ded046c
fix various issues
...
- unnecessary command
- extra blank and empty line
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:44:01 +08:00
Jerry Yu
3660623e59
Rename plain c option and update comments
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:44:01 +08:00
Jerry Yu
8840a8c574
fix wrong checks
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:44:00 +08:00
Jerry Yu
3fcf2b5053
Rename HAS_NO_PLAIN_C to DONT_USE_SOFTWARE_CRYPTO
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:44:00 +08:00
Jerry Yu
4d030f3acd
Add check for no aes implementation provided
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:43:59 +08:00
Jerry Yu
315fd30201
Rename plain c disable option
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:43:59 +08:00
Jerry Yu
2f26a59910
Add std output information for AESCE in gcm
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:43:58 +08:00
Jerry Yu
0d4f4e5b01
Add option to disable built-in aes implementation.
...
For time being, there are only two aes implementations for known
architectures. I define runtime detection function as const when
built-in was disabled. In this case, compiler will remove dead
built-in code.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:43:54 +08:00
Janos Follath
b388ed737d
Fix missing check in mbedtls_ecp_read_key
...
In ecp_new.c mbedtls_ecp_read_key did only check Weierstrass keys. The
behaviour in ecp.c was correct.
This bug has no immediate security impact. (The code with the missing
check wasn't released and we are checking keys at later point.)
After this change ecp.c and ecp_new.c will have a single remaining
difference and unifying them will be more straightforward.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-08-02 10:32:27 +01:00
Janos Follath
c25567af23
Move variant test to ecp_curves
...
We would like to de-duplicate ecp.c, but ecp_curves.c remains duplicated
and we still want to test for the active variant.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-08-02 10:32:21 +01:00
Bence Szépkúti
9661f8ab0d
Merge pull request #7968 from gowthamsk-arm/use_earliest_latest_compilers
...
Use earliest latest compilers
2023-08-02 05:58:02 +00:00
Chien Wong
e2caf4161b
Fix a few unchecked value issue
...
Signed-off-by: Chien Wong <m@xv97.com>
2023-08-01 22:41:17 +08:00
Dave Rodgman
205295c576
Tidy-up: move GCC warning fix to constant_time_impl.h
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-01 14:10:56 +01:00
Gilles Peskine
d55e451b3e
Merge pull request #7997 from yanesca/fix_new_bignum_tests
...
Fix new bignum tests
2023-08-01 12:09:39 +00:00
Dave Rodgman
1f39f037bf
Improve variable name in mbedtls_mpi_lt_mpi_ct
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-01 09:19:16 +01:00
Tom Cosgrove
52f7e18042
Use mbedtls_zeroize_and_free() in psa_remove_key_data_from_memory()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-08-01 09:08:48 +01:00
Manuel Pégourié-Gonnard
de8f56e936
Merge pull request #7884 from valeriosetti/issue7612
...
TLS: Clean up (EC)DH dependencies
2023-08-01 07:13:36 +00:00
Dave Rodgman
3d574da6fc
Revert to not enabling asm under Memsan
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 17:22:58 +01:00
Dave Rodgman
378280e57f
Revert "Move constant_flow.h into the main library"
...
This reverts commit fd78c34e23
.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 17:22:55 +01:00
Dave Rodgman
3d1bb9be06
Revert "Fix doxygen error"
...
This reverts commit d175d52433
.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 17:22:49 +01:00
Dave Rodgman
d175d52433
Fix doxygen error
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 14:03:08 +01:00
Dave Rodgman
fd78c34e23
Move constant_flow.h into the main library
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:48:33 +01:00
Dave Rodgman
1714a9b0eb
Revert to old design for mbedtls_ct_memmove_left
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:48:33 +01:00
Dave Rodgman
9ee0e1f6fe
Remove GCC redundant-decls workaround for mbedtls_ct_memcmp
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:43:23 +01:00
Dave Rodgman
0172de8b3d
Fix docs grammar
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:43:23 +01:00
Dave Rodgman
741d423ef8
Clarify docs for mbedtls_ct_memcpy_if
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:43:23 +01:00
Dave Rodgman
93cec45af3
Improve docs for mbedtls_ct_compiler_opaque
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:43:23 +01:00
Dave Rodgman
32d726033b
Improve comments in mbedtls_mpi_lt_mpi_ct
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:43:23 +01:00
Dave Rodgman
07f853713d
Clarify comments in mbedtls_ct_memcpy_if
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:27:49 +01:00
Dave Rodgman
fb1b851797
Improve docs for mbedtls_mpi_core_cond_assign
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:27:05 +01:00
Janos Follath
2f04582d37
Move MBEDTLS_ECP_WITH_MPI_UINT to mbedtls_config.h
...
There is a precedent for having bigger and less mature options in
mbedtls_config.h (MBEDTLS_USE_PSA_CRYPTO) for an extended period.
Having this option in mbedtls_config.h is simpler and more robust.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-07-31 10:57:16 +01:00
Janos Follath
82823b2fe8
Fix new bignum tests
...
These tests weren't working, because they use CMake and can't pass
options with CFLAGS directly. This could be mitigated by adding a CMake
option, but using config.py is less invasive and it is what we normally
use for setting build options anyway.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-07-31 10:01:47 +01:00
Xiaokang Qian
59159abcce
Fix fast quasi-reduction modulo value of p192K1 in comments
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-31 06:46:28 +00:00
Xiaokang Qian
796500e751
Fix the type cast(size_t to unsigned short) warning
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-31 06:46:28 +00:00
Xiaokang Qian
b903f4ecb6
Free P and N of the group cause they are dynamic allocated
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-31 06:46:28 +00:00
Xiaokang Qian
02a3e0318f
Declare mbedtls_ecp_fix_negative() always static to fix check_name failures
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-31 06:46:28 +00:00
Xiaokang Qian
a8d30ac7e5
Use new ECP_LIGHT symbol in ecp_curves.c
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-31 06:46:28 +00:00
Xiaokang Qian
be4d6b62ab
Fix use of sizeof without brackets in ecp_curves.c
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-31 06:46:28 +00:00
Xiaokang Qian
748a362fd0
Revert ecp_curves.c to commit 449bd83
to save code size
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-31 06:46:28 +00:00
Dave Rodgman
2d28c46055
Fix asm Memsan workaround
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-28 18:24:22 +01:00
Dave Rodgman
983448ea62
fix check for no-longer-used macro
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-28 17:30:52 +01:00
Dave Rodgman
d684d7342b
code style
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-28 16:39:38 +01:00
Dave Rodgman
08691679b5
Enable testing of asm under Memsan
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-28 16:39:38 +01:00
Dave Rodgman
fa5a4bbb02
Improve mbedtls_ct_memmove_left w.r.t. const-flow tests
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-28 16:13:52 +01:00
Valerio Setti
c1319f4a26
debug: improve debug_print_psa_ec() as not to depend on bignum
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-28 13:44:51 +02:00
Valerio Setti
797e396fd9
debug: use proper guard for PK_DEBUG_MPI items
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-28 13:44:26 +02:00
Manuel Pégourié-Gonnard
43cef57e51
Merge pull request #7811 from mpg/md-info
...
Optimize strings in MD
2023-07-28 08:34:09 +00:00
Kusumit Ghoderao
f3e696dc1b
Add ifdef for hmac and cmac set password
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-28 13:30:50 +05:30
Kusumit Ghoderao
5f3345ae44
Add issue link instead of issue number
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-27 21:21:38 +05:30
Kusumit Ghoderao
0bca4c5fc4
Add ifdef for hmac and cmac specific functions
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-27 21:20:14 +05:30
Kusumit Ghoderao
a12e2d53bd
Replace AES_CMAC_128_PRF_OUTPUT_SIZE with PSA_MAC_LENGTH()
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-27 21:18:30 +05:30
Kusumit Ghoderao
9ab03c3d72
Define PSA_ALG_IS_PBKDF2
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-27 21:14:05 +05:30
Kusumit Ghoderao
2addf35855
Replace MBEDTLS_PSA_BUILTIN_PBKDF2_XXX with PSA_HAVE_SOFT_PBKDF2
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-27 21:11:09 +05:30
Waleed Elmelegy
d7bdbbeb0a
Improve naming of mimimum RSA key size generation configurations
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 14:50:09 +00:00
Waleed Elmelegy
ab5707185a
Add a minimum rsa key size config to psa config
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 11:00:03 +00:00
Waleed Elmelegy
76336c3e4d
Enforce minimum key size when generating RSA key size
...
Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 10:58:25 +00:00
Sarvesh Bodakhe
430a4f3968
rsa_signature: Use heap memory to allocate DER encoded RSA private key
...
'mbedtls_pk_psa_rsa_sign_ext' function allocates a buffer of maximum
size 5679 bytes (MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES) on the stack to store
DER encoded private key. This increased stack usage significantly for
RSA signature operations when MBEDTLS_PSA_CRYPTO_C is defined.
This issue was discovered when adding support for EAP-TLS 1.3 (rfc9190).
Signed-off-by: Sarvesh Bodakhe <sarvesh.bodakhe@espressif.com>
2023-07-27 14:51:25 +05:30
Valerio Setti
a55f042636
psa: replace DH_KEY_PAIR_LEGACY with new symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-27 09:15:34 +02:00
Gowtham Suresh Kumar
186731b22a
Fix warnings from clang-16
...
Running clang-16 on mbedtls reports warnings of type "-Wstrict-prototypes".
This patch fixes these warnings by adding void to functions with no
arguments. The generate_test_code.py is modified to insert void into test
functions with no arguments in *.function files.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
2023-07-26 17:11:51 +01:00
Janos Follath
b52f9cf5eb
Merge pull request #7758 from xkqian/bignum_clone_ecp_curves
...
[Bignum] Bignum clone ecp curves
2023-07-26 13:33:56 +01:00
Gilles Peskine
bb07377458
Merge pull request #7935 from AgathiyanB/add-enum-casts
...
Add type casts for integer and enum types
2023-07-26 11:27:27 +02:00
Paul Elliott
f1c032adba
Merge pull request #7902 from valeriosetti/issue7772
...
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/RSA
2023-07-25 17:13:43 +01:00
Tom Cosgrove
bc345e8685
Protect macro parameter expansion with parentheses
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-25 15:17:39 +01:00
Tom Cosgrove
350226f636
Use a macro for mbedtls_mpi_zeroize_and_free()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-25 15:10:14 +01:00
Valerio Setti
fe478909f0
psa_crypto_rsa: fix guards for importing the key
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 12:27:19 +02:00
Valerio Setti
46520ea52d
tls12: check buffer size before memcpy-ing data into it
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 11:41:28 +02:00
Valerio Setti
c9ae862225
tls: use TLS 1.3 guards in ssl_tls13 modules
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 11:23:50 +02:00
Valerio Setti
ea59c43499
tls: fix a comment a rename a variable/symbol
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 11:14:03 +02:00
Valerio Setti
d0371b0a08
debug: keep ECDH_C guard for debug printf accessing ecdh_context's items
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 10:57:01 +02:00
Valerio Setti
60d3b91eba
tls: use TLS 1.2 macros in ssl_tls12_server.c
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 10:43:53 +02:00
Tom Cosgrove
17526a0d16
Merge pull request #7906 from yanrayw/add-pake_guards_psa_crypto
...
PSA: add guards for PAKE getter functions
2023-07-24 15:59:28 +01:00
Waleed Elmelegy
f3fafc3645
Fix CI errors related pkcs5_pbe changes
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-24 11:45:46 +01:00
Gilles Peskine
5647d06be8
Merge pull request #7518 from gilles-peskine-arm/psa_inject_entropy-file-stability
...
Fix and test MBEDTLS_PSA_INJECT_ENTROPY
2023-07-21 17:37:15 +02:00
Gilles Peskine
2387bdab0f
Merge pull request #1038 from Mbed-TLS/development
...
Merge development into development-restricted
2023-07-21 15:40:36 +02:00
Xiaokang Qian
c495845e7a
Align ECP_MPI_INIT with mbedtls_mpi struct order in ecp_new.c
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-21 08:22:13 +00:00
Xiaokang Qian
73d98405b8
Rework the clone of ecp_curves.c
...
Change macro guard
rebase ecp_curves_new.c to the latest ecp_curves.c
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-21 08:22:12 +00:00
Xiaokang Qian
4d71051145
Enable build of ecp_curves_new.c
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-21 08:22:12 +00:00
Xiaokang Qian
dc2ea2705b
Clone the ecp_curve.c file as ecp_curve_new.c
...
Use macro guard MBEDTLS_ECP_WITH_MPI_UINT/STRUCT to enable
either c file
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-07-21 08:22:11 +00:00
Manuel Pégourié-Gonnard
c844c1a771
Merge pull request #7546 from mpg/align-psa-md-identifiers
...
Align psa md identifiers
2023-07-20 11:34:28 +02:00
Dave Rodgman
7fa27a1a18
Merge pull request #7960 from daverodgman/expect-fix
2023-07-19 19:48:15 +01:00
Dave Rodgman
e9fcffd089
Robustness fix to MBEDTLS_LIKELY
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-19 15:43:07 +01:00
Dave Rodgman
8e8e6b9be3
Merge pull request #7934 from AgathiyanB/move-declarations-to-top
...
Move declarations to top of functions
2023-07-19 15:25:27 +01:00
Dave Rodgman
6dd40642e8
Merge pull request #7932 from AgathiyanB/add-mpi-uint-size-macro
...
Use compile-time determination of which __builtin_clz() to use, with new MBEDTLS_MPI_UINT_SIZE macro
2023-07-19 14:57:39 +01:00
Waleed Elmelegy
708d78f80b
Improve & test legacy mbedtls_pkcs5_pbe2
...
* Prevent pkcs5_pbe2 encryption when PKCS7 padding has been
disabled since this not part of the specs.
* Allow decryption when PKCS7 padding is disabled for legacy
reasons, However, invalid padding is not checked.
* Add tests to check these scenarios. Test data has been
reused but with changing padding data in last block to
check for valid/invalid padding.
* Document new behaviour, known limitations and possible
security concerns.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-19 14:01:35 +01:00
Dave Rodgman
9e8104cdd9
Merge pull request #7949 from AgathiyanB/IAR-asm-keyword
...
Use correct asm keyword for IAR compilers
2023-07-19 10:03:30 +01:00
Dave Rodgman
131a22ef27
Merge pull request #7950 from AgathiyanB/fix-IAR-using-memset-s
...
Fix IAR trying to use memset_s in platform_util
2023-07-19 10:01:58 +01:00
Dave Rodgman
5f65acb02b
Merge pull request #7859 from gilles-peskine-arm/mbedtls_mpi-smaller
...
Reduce the size of mbedtls_mpi
2023-07-18 16:48:37 +01:00
Tom Cosgrove
46259f670f
Internal function mbedtls_mpi_zeroize() can be mbedtls_mpi_zeroize_and_free()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-18 16:44:14 +01:00
Tom Cosgrove
3a11bb8213
Better wording around passing NULL to mbedtls_zeroize_and_free()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-18 16:26:29 +01:00
Agathiyan Bragadeesh
789e50e5a0
Use correct asm keyword for IAR compilers
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-18 16:12:24 +01:00
Dave Rodgman
b8f18850c6
Align ECP_MPI_INIT parameter order with mbedtls_mpi struct order
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-18 13:53:07 +02:00
Manuel Pégourié-Gonnard
828b3acd6b
Merge pull request #7848 from valeriosetti/issue7749
...
driver-only ECC: EPCf.TLS testing
2023-07-18 10:33:21 +02:00
Agathiyan Bragadeesh
74852038ee
Fix IAR trying to use memset_s in platform_util
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 18:35:30 +01:00
Agathiyan Bragadeesh
387bfa5b84
Add cast in psa_crypto
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 17:01:33 +01:00
Agathiyan Bragadeesh
4d47cea8f9
Move declarations in psa_crypto to top
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 16:58:44 +01:00
Tom Cosgrove
08b04b11ff
Merge pull request #7923 from gabor-mezei-arm/7598_fix_clone_of_ecp_module
...
[Bignum] Fixes for the ecp module cloning
2023-07-17 15:28:18 +01:00
Agathiyan Bragadeesh
5058a5b5ad
Remove trailing whitespace bignum_core
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 15:23:52 +01:00
Tom Cosgrove
ca8c61b815
Provide and use internal function mbedtls_zeroize_and_free()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-17 15:17:40 +01:00
Agathiyan Bragadeesh
10b6775aeb
Add enum type casts in lmots.c and lms.c
...
The IAR compiler throws an error when trying to assign an int to an enum
so these casts have been added.
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 15:14:42 +01:00
Agathiyan Bragadeesh
01ed84a1f3
Add type casts in rsa.c
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 15:14:42 +01:00
Agathiyan Bragadeesh
8b52b88b6d
Add type casts in ssl library
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 15:14:42 +01:00
Agathiyan Bragadeesh
e55a1e1cf4
Refactor preprocessing for arm none
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 15:00:19 +01:00
Agathiyan Bragadeesh
ec4c91ecc1
Move declaration in ecp_mod_koblitz to top
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 12:21:06 +01:00
Agathiyan Bragadeesh
c99840ae1f
Move declarations in mbedtls_mpi_add_abs to top
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 12:21:06 +01:00
Agathiyan Bragadeesh
271a95331e
Remove tautology in mbedtls_mpi_core_clz
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-14 14:07:18 +01:00
Dave Rodgman
fba559822f
Ensure constant values not known to compiler
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-14 13:44:22 +01:00
Dave Rodgman
a02b36886c
Fix gcc warnings when -Wredundant-decls set
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-14 13:43:39 +01:00
Gabor Mezei
66bbecb7ff
Fix comment
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-07-14 14:43:27 +02:00
Dave Rodgman
8f6094ce47
Merge pull request #7792 from robUx4/win32_winnt
2023-07-13 19:34:24 +01:00
Dave Rodgman
63a21f4cda
Merge pull request #7920 from daverodgman/gcm-size
2023-07-13 19:32:07 +01:00
Dave Rodgman
5ff02450ee
Reduce size of static data in gcm
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-13 15:57:20 +01:00
Steve Lhomme
551b3bf4bb
Don't force the _WIN32_WINT version
...
If the user has set a value in the build environment, it will be used.
Otherwise, if SDK has a default value, it will be picked.
If either of these values are lower than 0x0501 (XP) we should not force
some calls that will not work on the minimum target OS. We should use
dynamic loading of these API's to support them in higher versions of the
OS.
winsock2.h needs to be included before windows.h and will pick the
default _WIN32_WINNT from the SDK or use the one from the user, by
setting _WIN32_WINNT in the CFLAGS.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
2023-07-13 16:11:34 +02:00
Steve Lhomme
4000b6ec0e
Don't force the default windows version down
...
The _WIN32_WINNT value will pick the default value for the SDK when
including windows.h. Depending on its value some calls will be possible or not.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
2023-07-13 16:11:34 +02:00
Steve Lhomme
369d7c7148
Don't use FindFirstFileW() before Windows XP
...
On runtime it will attempt to get FindFirstFileW() from kernel32.dll
but it's not there and the DLL/program containing mbedtls will not load.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
2023-07-13 16:11:34 +02:00
Jerry Yu
893be8d10f
Replace cpu modifier flags
...
`crypto` should be replace with `aes`.
See https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 17:32:11 +08:00
Jerry Yu
b1d06bb29e
Add error message for old armclang
...
when armclang<6.10, cpu modifiers MUST be
specified on command line.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:29 +08:00
Jerry Yu
8e96e78dbe
update document and error message
...
Chang the spell of armclang
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:28 +08:00
Jerry Yu
6b00f5a135
Add guards for arm_neon.h
...
See: https://arm-software.github.io/acle/main/acle.html#arm_neonh
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:28 +08:00
Jerry Yu
22a4d3e2b4
fix armclang build fail for sha512.
...
`sha3` support is start from armclang6.10
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:28 +08:00
Jerry Yu
580e06fb07
fix armclang compile fail
...
`__ARM_FEATURE_AES` is not defined with `armclang < 6.10`.
And it raise error on `target("crypto,aes")
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:27 +08:00
Jerry Yu
08933d3dbb
fix compile fail for armclang
...
when target flags are not set at command line, armclang
will reports required feature not set error.
This is found and verified at 6.20.1. And it does not work
for 6.6
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:08 +08:00
Paul Elliott
3c22366695
Merge pull request #7863 from valeriosetti/issue7790
...
PK: parse: fix disparity with private Montgomery keys
2023-07-11 18:02:12 +01:00
Dave Rodgman
a824e40749
Merge pull request #7500 from tom-cosgrove-arm/fix-armclang-bswap32
...
Fix MBEDTLS_BSWAP32 on armcc 5
2023-07-11 16:48:42 +01:00
Dave Rodgman
84eaefa43e
Use designated initializers for mbedtls_mpi
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-11 16:02:46 +01:00
Valerio Setti
7e6aaa1ea5
psa: fix missed LEGACY symbols caused by the rebase
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 16:59:21 +02:00
Paul Elliott
88f34e3348
Merge pull request #7703 from gabor-mezei-arm/7598_clone_the_eco_module
...
[Bignum] Clone the ECP module
2023-07-11 15:00:01 +01:00
Tom Cosgrove
f2b5a13d02
Fix MBEDTLS_BSWAP32 on armcc 5
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-11 14:06:37 +01:00
Valerio Setti
76df8c1900
psa: remove redundant GENPRIME when RSA_KEY_PAIR_GENERATE is defined
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 14:11:28 +02:00
Valerio Setti
b2bcedbf9a
library: replace MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_LEGACY
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 14:06:00 +02:00
Valerio Setti
f6d4dfb745
library: replace PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY symbols with proper ones
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 14:06:00 +02:00