mbedtls

Author	SHA1	Message	Date
Valerio Setti	178b5bdddf	pk: move MBEDTLS_PK_CAN_ECDSA_SOME macro to pk.h and fix tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-13 11:15:06 +01:00
Dave Rodgman	ab1f3c153a	Merge pull request #7081 from tom-cosgrove-arm/dont-use-lstrlenW	2023-02-10 20:50:07 +00:00
Dave Rodgman	4a5c9ee7f2	Remove redundant SIZE_MAX guards Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 16:03:44 +00:00
Gilles Peskine	b8531c4b0b	Merge pull request #6882 from AndrzejKurek/x509_san_parsing_testing-dev X.509: Fix bug in SAN parsing and enhance negative testing	2023-02-10 15:05:32 +01:00
Dave Rodgman	f691268ee9	Add missing initialisers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	35598adb78	pkcs7: Check that hash algs are in digestAlgorithms Since only a single hash algorithm is currenlty supported, this avoids having to perform hashing more than once. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	6cfc469296	pkcs7: reject signatures with internal data A CMS signature can have internal data, but mbedTLS does not support verifying such signatures. Reject them during parsing. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	e373a254c4	pkcs7: do not store content type OIDs They will always be constant. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	55d9df25ef	Simple cleanup No change in behavior. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	4ec8355795	Check for junk after SignedData There must not be any. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	aaf3c0028d	pkcs7: do not store content type OID Since only one content type (signed data) is supported, storing the content type just wastes memory. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	512818b1d2	pkcs7: check that content lengths fill whole buffer Otherwise invalid data could be accepted. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 12:56:10 +00:00
Dave Rodgman	a22749e749	Merge pull request #6816 from nick-child-ibm/pkcs7_coverage Pkcs7 coverage	2023-02-10 12:55:29 +00:00
Tom Cosgrove	b96c309395	Don't use lstrlenW() on Windows The lstrlenW() function isn't available to UWP apps, and isn't necessary, since when given -1, WideCharToMultiByte() will process the terminating null character itself (and the length returned by the function includes this character). Resolves #2994 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-02-10 12:52:13 +00:00
Ronald Cron	834e65d47f	Merge pull request #6499 from xkqian/tls13_write_end_of_early_data Tls13 write end of early data	2023-02-10 11:08:22 +01:00
Dave Rodgman	78c6f40736	Fix code-style Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-09 09:21:14 +00:00
Nick Child	14f255f332	pkcs7: Remove unnecessary dependencies stdio, stdlib and string header files are not used. Remove them. Signed-off-by: Nick Child <nick.child@ibm.com>	2023-02-08 15:38:48 +00:00
Valerio Setti	ce0caa3384	oid: fix comment in #endif Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:52:31 +01:00
Valerio Setti	f972ce8d69	oid: replace ECDSA_C with new macros for ECDSA capabilities Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:52:31 +01:00
Xiaokang Qian	0de0d863b6	Rebase code to restore reco-delay and fix some style issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 07:41:42 +00:00
Xiaokang Qian	8dc4ce76c7	Fix various coding style and comment issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	6b980011e5	Replace session_negotiate->ciphersuite with handshake->ciphersuite_info->id Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	53c4c27d35	Update the comment of ciphersuite check for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	64bc9bc33d	Add comments to describe the early data behavior-encrypt/rejected... Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	e04afdc44f	Refine the condition of whether re-generate early keys Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	eb31cbc791	Share the hash check code between ticket and external psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	4ef8ba2938	Assign the ciphersuite in finalize_hrr{server_hello} Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	bb883244aa	Remove useless comments of outbound switch Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	02f5e14073	Combine the alert check of selected_id and ciphercuite Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	934ce6f6a9	Rename the finalize_client{server}_hello() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	ac4c625dea	Add hash check of ciphersuite for ticket psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	6be8290aba	Change to CCS after client hello only if we offer early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	7179f810f1	Restore the empty lines Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	b58462157e	Refine the ciphersuite and select id check for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	44051f6376	Refine the state change after write client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	7892b6caad	Refine the comment about generating early secrects in post server hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	bd0ab06d50	Skip CCS once we proposed early data even it is rejected Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	f6d8fd3d6b	Improve the coding style of new lines Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	79f77528f5	Move state change to finalize client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	3f616c2493	Move selected_identity zero check to post_server_hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	1d8e86ce00	Get hash_alg by mbedtls_psa_translate_md Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	ea28a78384	Revert new field and check ciphersuite match when resume by exist info_id Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	4224244883	Improve coding styles and add comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	33ff868dca	Fix various errors Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	43a83f247c	Move the place where call set_outbound_transform to switch handshake key Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	907461319a	Fix compile error and warnings Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	f10f474981	Check server selected cipher suite indicating a Hash associated with the PSK Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	592021aceb	Add CCS after client hello in case of early data and comp mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	303f82c5b9	Skip generating early secrets in some cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	b46275c7ec	Add TLS1_3 guard to finalize_write_client_hello() to fix compile issue Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:43 +00:00
Xiaokang Qian	2a674937dd	Pend a illeagal allert when selected_identity isn't 0 Handshake should abort will illeagal parameter allert when receiving early data extentions but the selected_identity parsed from pre-share key isn't equal to 0. Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:46:48 +00:00
Xiaokang Qian	126929f825	Move early keys generation into mbedtls_ssl_tls13_finalize_write_client_hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:46:45 +00:00
Xiaokang Qian	19d4416a45	Refine code to remove finalize_write_end_of_early_data() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	7094f66879	Remove useless duplicted mbedtls_ssl_tls13_ticket_get_psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	854db28bb7	Set hs_psk,ciphercuit_info and kex mode when writing pre-share key Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	57a138d5c3	Update message log for end of early data test cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	742578ca2c	Remove end_of_early_data_coordinate() to align with exist style Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	bc75bc0c3a	Switch to MBEDTLS_SSL_END_OF_EARLY_DATA as needed Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	c81a15a019	Change the comment format of end_of_early_data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	7ed30e59af	Fix the issue that gnutls server doesn't support packet Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	8804e6d0ac	Put kex_exchange_mode in the guard of TLS13 Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	da8402dde6	Switch outbound back to handshake key after end_of_early_data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	bf09376bda	Remove useless prepare_write_end_of_early_data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	df6f52e2b2	Generate early key and switch outbound key to it after write client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	d05ac5dfce	Add extern apis mbedtls_ticket_get_psk. Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	32af4fbbdb	Set ciphersuite info and kex mode in set_session in re-connection Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	34aab55aa7	Add prepare function to switch transform to early keys Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:58 +00:00
Xiaokang Qian	125afcb060	Add end-of-early-data write Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:58 +00:00
Nick Child	3dafc6c3b3	pkcs7: Drop support for signature in contentInfo of signed data The contentInfo field of PKCS7 Signed Data structures can optionally contain the content of the signature. Per RFC 2315 it can also contain any of the PKCS7 data types. Add test and comments making it clear that the current implementation only supports the DATA content type and the data must be empty. Return codes should be clear whether content was invalid or unsupported. Identification and fix provided by: - Demi Marie Obenour <demiobenour@gmail.com> - Dave Rodgman <dave.rodgman@arm.com> Signed-off-by: Nick Child <nick.child@ibm.com>	2023-02-07 20:04:52 +00:00
Valerio Setti	5b16e9eabc	pk_wrap: keep ECDSA_C for ECP_RESTARTABLE contexts Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 16:21:36 +01:00
Hanno Becker	dae916b05f	X.509: Add length consistency checks to x509_get_other_name() Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-07 05:24:32 -05:00
Hanno Becker	2a15a0c868	X.509: Remove red'n bounds checks and zeroiz'n in OtherName parsing - ASN.1 parsing functions check that length don't exceed buffer bounds, so checks `p + len > end` are redundant. - If `p + len == end`, this is erroneous because we expect further fields, which is automatically caught by the next ASN.1 parsing call. Hence, the two branches handling `p + len >= end` in x509_get_other_name() can be removed. Further, zeroization of the `other_name` structure isn't necessary because it's not confidential (and it's also not performed on other error conditions in this function). Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-07 05:15:27 -05:00
Hanno Becker	ae8f8c435c	Fix X.509 SAN parsing Fixes #2838. See the issue description for more information. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-07 05:10:27 -05:00
Valerio Setti	1cdddacc62	pk_wrap: use proper macros for sign and verify Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Valerio Setti	5c593af271	pk_wrap: fix comment on closing #endif Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Valerio Setti	24138d9f83	pk_wrap: re-use identical functions for eckey and ecdsa when possible Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Valerio Setti	7ca1318256	pk: add new symbol for generic ECDSA capability Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Valerio Setti	9e30dd882d	removing a leftover printf from debug Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Valerio Setti	ab363d9fe1	pk/pk_wrap: replace ECDSA_C with generic ECDSA capabilities' defines Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Gabor Mezei	63aae68b8f	Fix documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-06 16:24:08 +01:00
Gilles Peskine	0cfb08ddf1	Merge pull request #6922 from mprse/csr_v3 Parsing v3 extensions from a CSR - v.2	2023-02-03 16:41:11 +01:00
Gilles Peskine	80c552556a	Merge pull request #6791 from yanrayw/6675-change-some-key-generation-funcs-to-static TLS 1.3: Key Generation: change some key generation functions to static	2023-02-03 11:56:35 +01:00
Yanray Wang	f206c1493b	Remove duplicate mbedtls_platform_zeroize for tls13_early_secrets Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-02-03 13:55:47 +08:00
Dave Rodgman	6dd757a8ba	Fix use of sizeof without brackets Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-02 12:40:50 +00:00
Nick Child	282d50493a	pkcs7: Remove duplicate oid condition MBEDTLS_OID_PKCS7_ENCRYPTED_DATA was listed twice in the oid conditional. Remove one of them. Signed-off-by: Nick Child <nick.child@ibm.com>	2023-02-01 18:32:55 +00:00
Gilles Peskine	24c6f49530	Merge pull request #7005 from tom-cosgrove-arm/fix-doxygen-typos-in-new-bignum Fix typos in doxygen commands in new bignum modules	2023-02-01 19:05:04 +01:00
Gilles Peskine	a193986aab	Merge pull request #6942 from ucko/2023a-bignum mbedtls_mpi_sub_abs: Skip memcpy when redundant (#6701).	2023-02-01 11:36:25 +01:00
Tom Cosgrove	8a1f784ece	Fix typos in doxygen commands in new bignum modules Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-02-01 08:43:54 +00:00
Yanray Wang	a12cecbe47	Modify some comments in ssl_tls13_keys.c Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-02-01 14:29:51 +08:00
Nick Child	3bd17f2f58	pkcs7: Use end_issuer_and_sn where appropriate There were some areas where `end_signer` were being used when it makes more sense to use `end_issuer_and_sn`, as pointed out by demiobenour@gmail.com. Signed-off-by: Nick Child <nick.child@ibm.com>	2023-01-31 20:42:26 +00:00
Gabor Mezei	2038ce976e	Rename function to follow naming convention Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-31 14:40:05 +01:00
Gabor Mezei	9b290b33e4	Add documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-31 14:40:05 +01:00
Gabor Mezei	deece2bb65	Change the ecp_mod_p192_raw to be testable Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-31 14:40:05 +01:00
Gabor Mezei	b5bba497fe	Extract Secp192r1 from the prototype Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-31 14:40:05 +01:00
Gilles Peskine	f6b9823422	Merge pull request #6979 from daverodgman/const-time-asm-vol Inhibit compiler from optimising out const-time asm	2023-01-31 11:28:45 +01:00
Gilles Peskine	470f10cfc5	Merge pull request #6941 from gabor-mezei-arm/6375_quasi-reduction_function Add function to fix quasi-reduction	2023-01-31 11:25:25 +01:00
Nick Child	ec81709516	pkcs7: Ensure all data in asn1 structure is accounted for Several PKCS7 invalid ASN1 Tests were failing due to extra data bytes or incorrect content lengths going unnoticed. Make the parser aware of possible malformed ASN1 data. Signed-off-by: Nick Child <nick.child@ibm.com>	2023-01-30 16:44:58 +00:00
Gabor Mezei	db1607fa69	Remove unneeded include Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-30 16:27:48 +01:00
Manuel Pégourié-Gonnard	aae61257d1	Merge pull request #6883 from valeriosetti/issue6843 Improve X.509 cert writing serial number management	2023-01-30 13:08:57 +01:00
Dave Rodgman	4610d4b7a6	Inhibit compiler from optimising out const-time asm Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-30 09:26:48 +00:00
Manuel Pégourié-Gonnard	169d9e6eb4	Merge pull request #6802 from gilles-peskine-arm/test_suite_psa_crypto_metadata-20221215 Add metadata tests for CCM* and TLS1.2-ECJPAKE-to-PMS	2023-01-27 10:05:00 +01:00
Przemek Stekiel	36ad5e7ab5	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-26 22:30:45 +01:00
Valerio Setti	af4815c6a4	x509: replace/fix name of new function for setting serial Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-01-26 17:43:09 +01:00
Janos Follath	803638c023	Merge pull request #6939 from minosgalanakis/bignum/6027_hardcode_montgomery_moduli Bignum: hardcode montgomery moduli	2023-01-25 16:51:11 +00:00
Przemek Stekiel	32e20919ac	Remove redundant check and add comment to inform about processing of empty extensions Netscape Certificate Management System Administrator's Guide: Extension-Specific Policy Modules, Chapter 18: Extension-Specific Policy Modules, Netscape Certificate Type Extension Policy: > The extension has no default value. A bitstring with no flags set is still technically valid, as it will mean that the certificate has no designated purpose at the time of creation. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-25 16:20:25 +01:00
Gabor Mezei	9a66ab180c	Fix missing declarration Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-25 13:23:38 +01:00
Przemek Stekiel	94e21e153f	Skip unsupported extensions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-25 11:08:32 +01:00
Gilles Peskine	8296eabed6	Merge pull request #6957 from tom-cosgrove-arm/fix-spelling-of-doxygen-return Fix doxygen return parameter spelling	2023-01-24 21:56:45 +01:00
Gilles Peskine	3b8623fe2c	Merge pull request #6903 from Mihir-Raj-Singh/Bignum_rename_mtoN Rename modulus input argument from m to N	2023-01-24 21:48:54 +01:00
Gabor Mezei	627e5b1f91	Only enable fix_quasi_reduction when testing Avoid compiler error due to the fix_quasi_reduction function is static and has not been used. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-24 18:13:24 +01:00
Przemek Stekiel	a468768000	Dealocate memory for subject alt names Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 15:19:47 +01:00
Przemek Stekiel	86d1946164	Fix error codes returned on failures Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 11:20:10 +01:00
Przemek Stekiel	cf6ff0fb43	Move common functions for crt/csr parsing to x509.c Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 10:57:19 +01:00
Przemek Stekiel	db128f518c	Allow empty ns_cert_type, key_usage while parsing certificates Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 10:57:19 +01:00
Przemek Stekiel	21c37288e5	Adapt function names Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 10:57:19 +01:00
Przemek Stekiel	cbaf3167dd	mbedtls_x509_csr_info: Add parsing code for v3 csr extensions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 10:57:19 +01:00
Jens Alfke	2d9e359275	Parsing v3 extensions from a CSR A parsed CSR struct (`mbedtls_x509_csr`) now includes some of the X.509v3 extensions included in the CSR -- the key usage, Netscape cert-type, and Subject Alternative Names. Author: Jens Alfke <jens@couchbase.com> Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 10:56:55 +01:00
Gabor Mezei	a24fd06451	Update documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-23 19:10:26 +01:00
Gabor Mezei	9073f7dd3b	Remove unneeded check The fix_quasi_reduction function changed to static so checking the invalid arguments are not needed anymore. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-23 19:05:37 +01:00
Gabor Mezei	e81a2b85c9	Change the fix_quasi_reduction function to static Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-23 18:58:20 +01:00
Gabor Mezei	aaa1d2a276	Move the quasi reduction fixing function to bignum_mod_raw Rename the function to 'fix_quasi_reduction' to better suite its functionality. Also changed the name prefix to suite for the new module. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-23 18:55:57 +01:00
Tom Cosgrove	37dabd540b	Fix doxygen return parameter spelling Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-01-23 16:57:26 +00:00
Minos Galanakis	8692ec8bc0	pkarse: Added `pk_group_id_from_specified()` documentation. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-01-23 10:33:06 +00:00
Dave Rodgman	7658b63390	Remove volatile from diff; add explanatory comment Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-20 14:04:48 +00:00
Dave Rodgman	fa96026a0e	Move definition of asm out of public header Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-20 14:04:48 +00:00
Dave Rodgman	7f376fa6fc	Improve documentation Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-20 14:04:48 +00:00
Dave Rodgman	b9cd19bc8c	Prevent perf regressions in mbedtls_xor Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-20 14:04:48 +00:00
Dave Rodgman	051225d07a	Address potential perf regression Ensure platforms that don't have an assembly implementation for mbedtls_get_unaligned_volatile_uint32() don't experience a performance regression. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-20 14:04:48 +00:00
Dave Rodgman	36dfc5a237	Improve efficiency of some constant time functions Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-20 14:04:48 +00:00
Dave Rodgman	cb0f2c4491	Tidy-up - move asm #define into build_info.h Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-20 14:04:48 +00:00
Minos Galanakis	c8e381ab1c	pkarse: Update `pk_group_id_from_specified()` clean-up. This path updates the clean-up logic of to individually free each of the the group's structure members rather than invoke `mbedtls_ecp_group_free()`. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-01-19 16:15:11 +00:00
Minos Galanakis	e9fa7a74cd	ecp_curves: Update pre-processor define guards for `ecp_mpi_load()`. This patch adjusts the logic, so that the method is included, when the following components are enabled: * MBEDTLS_ECP_DP_CURVE448_ENABLED * MBEDTLS_ECP_DP_CURVE25519_ENABLED * ECP_LOAD_GROUP Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-01-19 16:12:07 +00:00
Minos Galanakis	d61dbd4df7	ecp_curves: Update `mbedtls_ecp_group_free()`. This patch updates the method to not free the `grp->P` and `grp->N` structure members. The contents of `P` and `N` are stored in static memory at `curve448_p/n` and `curve25519p/n` and no longer dynamically allocated. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-01-19 16:11:55 +00:00
Minos Galanakis	146fed9849	ecp_curves: Hardcode Montgomery const for curve448. This patch adds two embedded constants used by `ecp_use_curve448()`. The method has been updated to read that into an mpi instead of calculating it on the fly. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-01-19 16:11:50 +00:00
Minos Galanakis	bececeb0b9	ecp_curves: Hardcod Montgomery const for curve25519 This patch adds two embedded constants used by `ecp_use_curve25519()`. The method has been updated to read that into an mpi instead of calculating it on the fly. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-01-19 11:38:19 +00:00
Gilles Peskine	bb3814c7a8	Reject key agreement chained with PSA_ALG_TLS12_ECJPAKE_TO_PMS The key derivation algorithm PSA_ALG_TLS12_ECJPAKE_TO_PMS cannot be used on a shared secret from a key agreement since its input must be an ECC public key. Reject this properly. This is tested by test_suite_psa_crypto_op_fail.generated. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-01-19 12:11:23 +01:00
Aaron M. Ucko	af67d2c1cf	mbedtls_mpi_sub_abs: Skip memcpy when redundant (#6701 ). In some contexts, the output pointer may equal the first input pointer, in which case copying is not only superfluous but results in "Source and destination overlap in memcpy" errors from Valgrind (as I observed in the context of ecp_double_jac) and a diagnostic message from TrustInSoft Analyzer (as Pascal Cuoq reported in the context of other ECP functions called by cert-app with a suitable certificate). Signed-off-by: Aaron M. Ucko <ucko@ncbi.nlm.nih.gov>	2023-01-17 11:52:22 -05:00
Gabor Mezei	c83f792c18	Add documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-17 13:28:06 +01:00
Gabor Mezei	9684d4dc58	Add quasi-reduction function for ecp Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-17 13:16:46 +01:00
Mihir Raj Singh	432cacf5c2	bignum_mod_raw: Renamed `m` -> N in mbedtls_mpi_mod_raw_neg() Signed-off-by: Mihir Raj Singh <mihirrajsingh123@gmail.com>	2023-01-17 11:25:26 +05:30
Mihir Raj Singh	b0354c5b71	bignum_mod_raw: Renamed `m` -> N in mbedtls_mpi_mod_raw_from_mont_rep() Signed-off-by: Mihir Raj Singh <mihirrajsingh123@gmail.com>	2023-01-16 23:11:18 +05:30
Mihir Raj Singh	37ece7292a	bignum_mod_raw: Renamed `m` -> N in mbedtls_mpi_mod_raw_to_mont_rep() Signed-off-by: Mihir Raj Singh <mihirrajsingh123@gmail.com>	2023-01-16 23:10:40 +05:30
Mihir Raj Singh	01e861ff9e	bignum_mod_raw: Renamed `m` -> N in mbedtls_mpi_mod_raw_write() Signed-off-by: Mihir Raj Singh <mihirrajsingh123@gmail.com>	2023-01-16 23:10:00 +05:30
Mihir Raj Singh	cd17ff0354	bignum_mod_raw: Renamed `m` -> N in mbedtls_mpi_mod_raw_read() Signed-off-by: Mihir Raj Singh <mihirrajsingh123@gmail.com>	2023-01-16 23:09:12 +05:30
Mihir Raj Singh	a43290d556	bignum_mod: Renamed `m` -> N in mbedtls_mpi_mod_write() Signed-off-by: Mihir Raj Singh <mihirrajsingh123@gmail.com>	2023-01-16 23:08:17 +05:30
Mihir Raj Singh	fdc314b6fe	bignum_mod: Renamed `m` -> N in mbedtls_mpi_mod_read() Signed-off-by: Mihir Raj Singh <mihirrajsingh123@gmail.com>	2023-01-16 23:06:16 +05:30
Mihir Raj Singh	928a07ba49	bignum_mod: Renamed `m` -> N in mbedtls_mpi_mod_modulus_free Signed-off-by: Mihir Raj Singh <mihirrajsingh123@gmail.com>	2023-01-16 23:04:37 +05:30
Mihir Raj Singh	f438ad1ab9	bignum_mod: Renamed `m` -> N in mbedtls_mpi_mod_modulus_setup() Signed-off-by: Mihir Raj Singh <mihirrajsingh123@gmail.com>	2023-01-16 23:03:06 +05:30
Mihir Raj Singh	b6fa940fc4	bignum_mod: Renamed `m` -> N in mbedtls_mpi_mod_modulus_init() Signed-off-by: Mihir Raj Singh <mihirrajsingh123@gmail.com>	2023-01-16 23:02:04 +05:30
Mihir Raj Singh	b13a58938a	bignum_mod: Renamed `m` -> N in mbedtls_mpi_mod_residue_setup() Signed-off-by: Mihir Raj Singh <mihirrajsingh123@gmail.com>	2023-01-16 23:01:25 +05:30

1 2 3 4 5 ...

10426 commits