Commit graph

25976 commits

Author SHA1 Message Date
Dave Rodgman
e59b9d44b1 Fix some compiler type warnings
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 16:53:13 +01:00
Dave Rodgman
a2e2fce60d Fix accidental mis-named field
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 14:44:27 +01:00
Dave Rodgman
77049b8b6c Dependency fixes
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 14:39:47 +01:00
Dave Rodgman
eb65fec023 Fix use of enum in a bitfield
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 14:29:25 +01:00
Dave Rodgman
85a88133aa Use fewer bits for block_size
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 13:37:28 +01:00
Dave Rodgman
3b46b77cf1 code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 13:37:28 +01:00
Dave Rodgman
de3de773e6 Use look-up table for base
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 12:59:31 +01:00
Dave Rodgman
0ffb68ee3f Use fewer bits for iv_size
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 12:59:31 +01:00
Dave Rodgman
bb521fdbc9 Don't directly access iv_size
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 12:59:31 +01:00
Dave Rodgman
6c6c84212e Use fewer bits for key_bitlen
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 11:14:34 +01:00
Dave Rodgman
9282d4f13a Don't directly access key_bitlen
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 11:07:40 +01:00
Dave Rodgman
3319ae9679 Re-order mbedtls_cipher_info_t
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 10:55:04 +01:00
Dave Rodgman
48d13c5143 Use bit-fields
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 10:53:37 +01:00
Manuel Pégourié-Gonnard
de33278e43 Unify ssl_calc_finished_tls_sha{256,384}
Saves about 50-60 bytes on m0+ depending on whether USE_PSA is set.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-24 10:13:41 +02:00
Manuel Pégourié-Gonnard
74970664a9 Unify ssl_calc_verify_sha{256,384}
Saves about 40 bytes of code size on m0plus with baremetal_size.

Note: the debug messages are change to no longer include the hash name.
That's not a problem as we already know which alg is used from previous
output, and we can also know it form the size of the printed buffer.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-24 09:43:26 +02:00
Gilles Peskine
9d7b24fb26 Fix extra character in debug string
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-06-23 21:11:46 +02:00
Dave Rodgman
f9c9c92a40 Change types in mbedtls_cipher_info_t
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-23 17:16:17 +01:00
Dave Rodgman
4e5c63d652
Improve documentation in bn_mul.h
Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-23 15:17:37 +01:00
Gilles Peskine
43838b8a24 Add --since option to check files modified since a given commit
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-06-22 20:31:02 +02:00
Gilles Peskine
22eb82cb8d Clean up subprocess invocation in get_src_files
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-06-22 19:45:01 +02:00
David Horstmann
9a3a1a6ee7 Simplify directory name comparison in tests
Remove custom parsing code in AuthorityKeyIdentifier tests and use
mbedtls_x509_dn_gets() and strcmp() instead.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 17:05:52 +01:00
Minos Galanakis
7b1093240c bignum_mod_raw: Updated documentation for mbedtls_mpi_mod_raw_mul
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-22 16:52:20 +01:00
Minos Galanakis
fee70a5342 test_suite_ecp: Extended ecp_mul_inv tests for optimised reduction.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-22 16:35:30 +01:00
Minos Galanakis
2ed8fb7e4f ecp_mod_raw: Enabled fast reduction.
This patch modifies `mbedtls_mpi_mod_raw_mul`
to utilise fast-reduction when available.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-22 16:35:30 +01:00
Paul Elliott
3048c8c906
Merge pull request #7725 from minosgalanakis/ecp/7268_add_optimised_reduction_setup_3
[Bignum] Add optimised reduction setup
2023-06-22 16:30:39 +01:00
David Horstmann
a5f7de1df2 Refactor injecting errors in the second round
Use a single function rather than 2 similar ones and pass the round that
is desired.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:32:57 +01:00
David Horstmann
57727cd3fc Explain the sequence of mbedtls_psa_pake_ calls
Add a comment showing the order in which the mbedtls_psa_pake_xyz()
functions may be called.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
25c907071f Test extra inputs and outputs at the end of J-PAKE
Add tests for supplying inputs or requesting outputs when a J-PAKE
computation has already completed

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
a62d712cf8 Add testing for extra calls during a round
Test that extra calls to psa_pake_input() and psa_pake_output() during a
round return the correct error.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
88d25f0075 Remove unnecessary checks in psa_jpake_prologue()
These checks are not needed as long as the state is intact.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
e5b374adaf Remove comment explaining the state machine
The explanation of the dispatch layer's state machine should not be in
the file containing the software implementation and a better
understanding can be had by reading the dispatch layer's code.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
74a3d8c99c Simplify logic of driver step conversion
Take advantage of the contiguous nature of XYZ_KEY_SHARE, XYZ_ZK_PUBLIC
and XYZ_ZK_PROOF to simplify the conversion code.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
5d878f6c5f Tweak wording for clarity
"inputs this round" -> "inputs for this round"

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
1b54faed67 Remove unnecessary initialization of state
The psa_jpake_computation_stage_t is already initialized in
psa_pake_setup(), so does not need initializing again in
psa_pake_complete_inputs().

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
16f0151887 Use memset for initialization
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
279d227971 Add "completed" clarification to struct comments
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
096093bac5 Remove redundant structures from previous design
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
024e5c5f2e Rename struct member mode to io_mode
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
00ad6bfabe Rename function_mode to io_mode
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
5da9560178 Properly namespace enum values within PSA_JPAKE_
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
David Horstmann
e7f21e65b6 Change J-PAKE internal state machine
Keep track of the J-PAKE internal state in a more intuitive way.
Specifically, replace the current state with a struct of 5 fields:

* The round of J-PAKE we are currently in, FIRST or SECOND
* The 'mode' we are currently working in, INPUT or OUTPUT
* The number of inputs so far this round
* The number of outputs so far this round
* The PAKE step we are expecting, KEY_SHARE, ZK_PUBLIC or ZK_PROOF

This should improve the readability of the state-transformation code.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-22 15:22:35 +01:00
Manuel Pégourié-Gonnard
e25c43bd66
Merge pull request #7791 from valeriosetti/issue7406
driver-only ECC: TLS: avoid use of mbedtls_ecp_write_key() (with USE_PSA)
2023-06-22 11:13:44 +02:00
Minos Galanakis
2a03fd3b7b bignum_mod: Added a typedef for OPT_RED function pointer.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-06-22 09:14:28 +01:00
Manuel Pégourié-Gonnard
2fb9d00f6d
Merge pull request #7682 from valeriosetti/issue7453
driver-only ECC: ECPf.PK testing
2023-06-22 09:45:57 +02:00
Valerio Setti
6835b4a6ed tls: always zeroize buffer on exit
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-22 09:06:31 +02:00
Valerio Setti
3589a4c644 tls: keep buffer declaration in a single line
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-22 09:02:44 +02:00
Dave Rodgman
e6c9996d04 Work around updating pointers from ILP32
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-21 21:16:23 +01:00
Dave Rodgman
5b5dd011d1 code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-21 16:36:47 +01:00
Dave Rodgman
b5b6939fc2 Remove redundant checks in constant_time.c
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-21 16:36:42 +01:00
Dave Rodgman
0400ae2f9b Fix pointer constraint in bn_mul.h
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-21 16:31:52 +01:00