Commit graph

10593 commits

Author SHA1 Message Date
Dave Rodgman
e59c46e161
Merge pull request #7278 from daverodgman/aesce-macro-name-tidyup 2023-03-14 20:33:31 +00:00
Dave Rodgman
4a1d3beaee
Merge pull request #7229 from tom-cosgrove-arm/static-assert 2023-03-14 16:57:38 +00:00
Dave Rodgman
db6ab247fc Improve macro naming
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-14 16:03:57 +00:00
Dave Rodgman
023c8853ac
Merge pull request #7203 from yuhaoth/pr/add-cpu-modifier-for-aesce
Add CPU modifier for AESCE
2023-03-14 15:58:57 +00:00
Tom Cosgrove
57f04b81a0 Have MBEDTLS_STATIC_ASSERT() match current development more closely
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-03-14 12:03:47 +00:00
Gilles Peskine
215ecd0439
Merge pull request #7252 from daverodgman/enable_pkcs7
Enable PKCS 7
2023-03-14 10:39:50 +01:00
Jerry Yu
ec9be84ae6 skip pragma when cpu modifier has been set
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-14 10:42:47 +08:00
Jerry Yu
b28d55b242 fix wrong typo and indent issue
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-14 10:36:47 +08:00
Dave Rodgman
efbc5f7322 Update wording in comments
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-13 12:15:49 +00:00
Dave Rodgman
756b028511
Merge pull request #7171 from daverodgman/pr5527
Fix undefined behavior in ssl_read if buf parameter is NULL
2023-03-13 10:46:29 +00:00
Jerry Yu
6f86c19d62 Improve readability for compiler version check
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-13 11:03:40 +08:00
Jerry Yu
02487a2123 Rename target option flag macro
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-13 10:19:35 +08:00
Jerry Yu
77a010e3b3 Remove the max version limitation for clang workaround
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-13 10:19:35 +08:00
Jerry Yu
490bf08dd9 fix comment issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-13 10:19:34 +08:00
Jerry Yu
7b4d9da08c fix wrong clang version check.
Both inline assembly and intrinsic need pragma

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-13 10:19:34 +08:00
Jerry Yu
ae129c3a20 Add new feature test macros
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-13 10:19:34 +08:00
Jerry Yu
48b999cd6e Add cpu modifiers for aesce.c
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-03-13 10:19:31 +08:00
Gilles Peskine
4da92832b0
Merge pull request #7117 from valeriosetti/issue6862
driver-only ECDSA: enable ECDSA-based TLS 1.2 key exchanges
2023-03-09 20:49:44 +01:00
Dave Rodgman
bf4016e5d5
Merge pull request #6567 from mprse/ecjpake-driver-dispatch 2023-03-09 19:23:05 +00:00
Dave Rodgman
5e5aa4a4e6
Merge pull request #7218 from tom-cosgrove-arm/fix-typos-230307
Fix typos in development prior to release
2023-03-08 17:19:59 +00:00
Dave Rodgman
51b62ef23d
Merge pull request #7228 from tom-cosgrove-arm/fix-alignment.h-on-32-bit-systems
Fix mbedtls_bswap64() on 32-bit systems
2023-03-08 17:19:29 +00:00
Manuel Pégourié-Gonnard
913d9bb921
Merge pull request #7162 from valeriosetti/issue7055
Legacy MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C dependencies in test_suite_psa_crypto
2023-03-08 17:07:19 +01:00
Valerio Setti
75fba32cb3 ssl: use new macros for ECDSA capabilities
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 16:47:28 +01:00
Manuel Pégourié-Gonnard
289e5baa83
Merge pull request #7082 from valeriosetti/issue6861
driver-only ECDSA: add ssl-opt.sh testing with testing parity
2023-03-08 16:45:38 +01:00
Tom Cosgrove
6ef9bb3d74 Implement and use MBEDTLS_STATIC_ASSERT()
Fixes #3693

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-03-08 14:19:51 +00:00
Tom Cosgrove
bbe166e721 Fix mbedtls_bswap64() on 32-bit systems
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-03-08 13:23:24 +00:00
Tom Cosgrove
c15a2b949d Update the text about gcc5 support for Armv8 CE
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-03-08 12:55:48 +00:00
Valerio Setti
733de595e3 psa_crypto_rsa: remove PK_WRITE_C in psa_rsa_export_key
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 11:03:09 +01:00
Valerio Setti
73a218513b psa_crypto_rsa: add comment/explanation for residual PK_WRITE_C guard
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 11:03:09 +01:00
Przemek Stekiel
691e91adac Further pake code optimizations
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-08 09:54:00 +01:00
Gilles Peskine
a2fc399f57
Merge pull request #6829 from AndrzejKurek/unify-psa-errors
Unify PSA to Mbed TLS error translation
2023-03-07 19:55:44 +01:00
Gilles Peskine
12e3c8e019
Merge pull request #7168 from mpg/use-md
Use MD (not low-level hash interface) in X.509 and TLS
2023-03-07 19:55:12 +01:00
Valerio Setti
2f1d967643 ssl: fix included pk header file
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-07 18:14:34 +01:00
Tom Cosgrove
503d71769c Enable explicit_bzero() on OpenBSD
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-03-07 12:51:11 +00:00
Tom Cosgrove
5c8505f061 Fix typos
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-03-07 11:39:52 +00:00
Janos Follath
fe780a3c4b
Merge pull request #7184 from gabor-mezei-arm/6349_Secp224r1_fast_reduction
Extract Secp224r1 fast reduction from the prototype
2023-03-07 10:57:58 +00:00
Przemek Stekiel
57580f2539 Use proper enum types for pake state/sequence/step
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-07 10:50:09 +01:00
Przemek Stekiel
4aa99403f4 Fix configuration for accelerated jpake
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-07 10:50:09 +01:00
Przemek Stekiel
4dc83d40af Add check for pake operation buffer overflow
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-07 10:50:00 +01:00
Przemek Stekiel
e3ef3a15cd Further pake code optimizations
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-06 17:24:32 +01:00
Gabor Mezei
97803abd2a
Update comment
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-06 16:32:16 +01:00
Manuel Pégourié-Gonnard
947cee18a1 Fix memory leak.
The function reset_checksum() can be called more than once with the same
handshake context (this happens with DTLS clients, and perhaps in other
cases as well). When that happens, we need to free the old MD contexts
before setting them up again.

Note: the PSA path was already doing the right thing by calling abort,
we just needed to do the same on the MD path.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-06 11:59:59 +01:00
Manuel Pégourié-Gonnard
228a30d16c
Merge pull request #7120 from mpg/md-light
Define "MD light" subset of MD
2023-03-06 11:02:19 +01:00
Dave Rodgman
4693fd9e9e
Merge pull request #7173 from daverodgman/zeroize-platform
Use platform-provided secure zeroization
2023-03-06 09:16:12 +00:00
Dave Rodgman
b0d96a23a9 Remove not-needed EABI exclusion
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-03 17:06:09 +00:00
Dave Rodgman
45cef61fa4
Merge branch 'development' into md-light
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-03 14:28:13 +00:00
Andrzej Kurek
270b3f9790 Rename error_pair_t to mbedtls_error_pair_t
Required by our coding standards.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:54:13 -05:00
Andrzej Kurek
daf5b56b02 Translate to MD errors in ssl-tls.c
With the introduction of #7047, ssl_tls.c uses 
mbedtls_md_error_from_psa. This complicates
the dependencies for compiling in psa_to_md_errors,
since now these should be ifdeffed also by
MBEDTLS_USE_PSA_CRYPTO followed by a series of or'ed
MBEDTLS_HAS_ALG_SHA_XXX_VIA_MD_OR_PSA_BASED_ON_USE_PSA.
Since this mechanism will be removed soon, we can simplify it to
just MBEDTLS_USE_PSA_CRYPTO.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:52:28 -05:00
Andrzej Kurek
747ab4ea5e Introduce error_pair_t to psa utils
This way error handling can be written in a cleaner way.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:23:45 -05:00
Andrzej Kurek
138b30ac62 Add missing const qualifiers
Also improve documentation
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:23:45 -05:00