Commit graph

229 commits

Author SHA1 Message Date
Przemek Stekiel
2e73649f9c Add pake psa crypto driver wrappers implementation
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:25:30 +01:00
Neil Armstrong
7da8c56b84 Add PSA PAKE wrappers
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2023-02-22 11:25:30 +01:00
Paul Elliott
93d9ca83ea Move num_ops ECP abstraction fully into internal implementation
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-16 12:15:39 +00:00
Paul Elliott
c08112160a Add comment to explain lack of driver dispatch
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
de1114c883 Fix {sign|verify}_get_num_ops
Move the obfuscation of the internal library only returning a delta of ops done
into the driver wrapper, thus meaning driver wrapper and API call both return
absolute values of work done. Document the differences at the internal
implementation level.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
296ede99c9 Fix issues with get_{sign/verify}_num_ops
Move to accumulate ops in context rather than attempting to read straight out
of structures due to structure ops getting reset per operation, and also
issues with _abort clearing internal data. Fix usage of size_t in structures

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
588f8ed498 Add internal implementation
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
2d247923e5 Initial empty driver wrapper implementation
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 12:13:17 +00:00
Gilles Peskine
ed73355d2e Make \retval commands non-empty
Pacify Clang >=15 which complained:
```
include/psa/crypto.h:91:23: error: empty paragraph passed to '\retval' command [-Werror,-Wdocumentation]
 * \retval #PSA_SUCCESS
   ~~~~~~~~~~~~~~~~~~~^
```

This commit performs the following systematic replacement:
```
perl -i -0777 -p -e 's/([\\@])(retval +\S+)\n(?! *\*? *([^\n \\*\/]|\\[cp]\b))/$1$2 ${1}emptydescription\n/g' $(git ls-files '*.[hc]' '*.function' '*.jinja')
```
i.e. add an `\emptydescription` argument to `\retval` commands (or
`@retval`, which we don't normally used) that are followed by a single word,
unless the next line looks like it contains text which would be the
description.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-02-14 19:21:09 +01:00
Sergey
c36c14c7af
Update psa_crypto_driver_wrappers.c.jinja
Signed-off-by: Sergey <sergio_nsk@yahoo.de>
2023-02-10 14:14:00 -07:00
Dave Rodgman
7a75d22274 Update solution template to require VS2013
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-11 18:56:11 +00:00
Dave Rodgman
378ecdd859 Rename VS2010 directory to VS2013 and update Makefiles etc
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-11 18:56:11 +00:00
Gilles Peskine
449bd8303e Switch to the new code style
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-11 14:50:10 +01:00
Manuel Pégourié-Gonnard
2b70a3f831
Merge pull request #6558 from lpy4105/6416-psa_macros_name_typo
check_names: extend typo check to PSA macro/enum names
2022-12-13 09:56:27 +01:00
Aditya Deshpande
1ac41dec09 Add test function for opaque driver (simply returns PSA_ERROR_NOT_SUPPORTED), and address other review comments.
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2022-11-28 14:46:30 +00:00
Pengyu Lv
c1ecb25d8a fix PSA_XXX typos detected by check_names.py
Fix the PSA_XXX typos detected by check_names.py.
PSA_WANT is actually not typo, but would cause a false negative
result. So PSA_WANT is reworded to PSA_WANT_xxx.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2022-11-08 18:22:53 +08:00
Aditya Deshpande
d1b72a7b83 Merge branch 'development' into driver-wrapper-key-agreement 2022-11-07 17:36:23 +00:00
Gilles Peskine
34c09469f3
Merge pull request #5396 from SiliconLabs/codegen_1.1
Driver dispatch Codegen 1.1
2022-11-07 15:27:41 +01:00
Aditya Deshpande
40c05cc8e4 Newlines at end of file + trim trailing whitespace
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2022-10-14 16:46:51 +01:00
Aditya Deshpande
17845b8f71 Add driver wrapper function for raw key agreement, along with test call for transparent drivers.
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2022-10-14 16:46:00 +01:00
Manuel Pégourié-Gonnard
b3c30907d6
Merge pull request #6383 from mprse/aead_driver_test
Enable testing of AEAD drivers with libtestdriver1
2022-10-14 11:11:01 +02:00
Przemek Stekiel
8a05a646f4 Remove psa_driver_get_tag_len() and use PSA_ALG_AEAD_GET_TAG_LENGTH macro instead
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-06 17:01:58 +02:00
asfand-silabs
b549776a23
Merge branch 'Mbed-TLS:development' into codegen_1.1 2022-09-17 19:54:01 +02:00
Archana
a2cac3224d Update and document mbedtls extensions
Signed-off-by: Archana <archana.madhavan@silabs.com>
Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>
2022-09-16 11:01:01 +02:00
Archana
22c7827876 Schema and script improvements
Signed-off-by: Archana <archana.madhavan@silabs.com>
Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>
2022-09-16 11:01:01 +02:00
Archana
fdbbcba3eb JSONschema and python improvements
* JSON Schema manually updated to be more semantically valid.
* Python script improved to be more verbose with exceptions
* Templating file improved by adding an additional macro.

Signed-off-by: Archana <archana.madhavan@silabs.com>
Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>
2022-09-16 11:01:01 +02:00
Archana
04cfe34639 JSON Validation added
(1) JSON file structure altered a bit.
(2) JSON validated against schema.
(3) Corresponding changes in the python script.

Signed-off-by: Archana <archana.madhavan@silabs.com>
Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>
2022-09-16 11:01:01 +02:00
Archana
05efa17549 JSON upgrade to give function names
Function names can be provided against entry points.
This helps to ensure easy migration for misnamed functions.

Signed-off-by: Archana <archana.madhavan@silabs.com>
Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>
2022-09-16 11:01:01 +02:00
Archana
e829cd6953 Driver Wrapper CodeGen Rev 1.1
(1) Add in driver jsons.
(2) Improve Python scripts to take JSON file directory and template
directory paths as arguments.
(3) Add in file augment template files to template common functionality
(4) render tempplates for Header files, ID generation and key
management.
(5) Changed driver ID nomenclature to be in synch with function names.

Signed-off-by: Archana <archana.madhavan@silabs.com>
Signed-off-by: Asfandyar Orakzai <asfandyar.orakzai@silabs.com>
2022-09-16 11:01:01 +02:00
Gilles Peskine
945b23c46f Include platform.h unconditionally: automatic part
We used to include platform.h only when MBEDTLS_PLATFORM_C was enabled, and
to define ad hoc replacements for mbedtls_xxx functions on a case-by-case
basis when MBEDTLS_PLATFORM_C was disabled. The only reason for this
complication was to allow building individual source modules without copying
platform.h. This is not something we support or recommend anymore, so get
rid of the complication: include platform.h unconditionally.

There should be no change in behavior since just including the header should
not change the behavior of a program.

This commit replaces most occurrences of conditional inclusion of
platform.h, using the following code:

```
perl -i -0777 -pe 's!#if.*\n#include "mbedtls/platform.h"\n(#else.*\n(#define (mbedtls|MBEDTLS)_.*\n|#include <(stdarg|stddef|stdio|stdlib|string|time)\.h>\n)*)?#endif.*!#include "mbedtls/platform.h"!mg' $(git grep -l '#include "mbedtls/platform.h"')
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-15 20:33:07 +02:00
Dave Rodgman
27036c9e28
Merge pull request #6142 from tom-cosgrove-arm/fix-comments-in-docs-and-comments
Fix a/an typos in doxygen and other comments
2022-07-29 12:59:05 +01:00
Tom Cosgrove
ce7f18c00b Fix a/an typos in doxygen and other comments
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-07-28 05:50:56 +01:00
Tom Cosgrove
b839c54e1d Correctly include psa/crypto.h in query_config.fmt
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-07-26 11:54:08 +01:00
Tom Cosgrove
ff3c6c1a1a Add parsing of psa/crypto_config.h for PSA_WANT_xxx to query_compile_time_config
Fixes #6131

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-07-25 12:19:35 +01:00
Dave Rodgman
2cecd8aaad
Merge pull request #3624 from daxtens/timeless
RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test
2022-03-15 16:43:19 +00:00
Gilles Peskine
afb482897b
Merge pull request #5292 from mprse/asym_encrypt
Driver dispatch for PSA asymmetric encryption + RSA tests
2022-03-10 20:07:38 +01:00
Daniel Axtens
f071024bf8 Do not include time.h without MBEDTLS_HAVE_TIME
MBEDTLS_HAVE_TIME is documented as: "System has time.h and time()."

If that is not defined, do not attempt to include time.h.

A particular problem is platform-time.h, which should only be included if
MBEDTLS_HAVE_TIME is defined, which makes everything messier. Maybe it
should be refactored to have the check inside the header.

Signed-off-by: Daniel Axtens <dja@axtens.net>
2022-03-04 05:07:45 -05:00
Przemyslaw Stekiel
4576b91148 Compact the argument lists
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-02 11:10:46 +01:00
Andrzej Kurek
f881601c91 Detect invalid tag lengths in psa_aead_setup
Read tag lengths from the driver and validate against preset values.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-20 07:40:12 -05:00
Przemyslaw Stekiel
71284eabdb psa_asymmetric_decrypt: add test driver impl
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-10 12:55:06 +01:00
Przemyslaw Stekiel
b6a6650a64 psa_asymmetric_encrypt: add test driver impl
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-10 12:55:05 +01:00
Archana
c08248d650
Rename the template file from .conf to .jinja
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-12-19 10:35:15 +05:30
Archana
a8939b6da3
Restructure scripts' folder alignment
Moved python script generate_driver_wrappers.py under scripts and
corresponding template file under script/data_files.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-12-18 12:57:15 +05:30
Jerry Yu
b54b53142a fix msvc build faile
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 21:38:12 +08:00
Jerry Yu
2e8b00172b Beauty source code
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 20:29:02 +08:00
Jerry Yu
84e63a73cd Add list_config generation
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 16:30:57 +08:00
Bence Szépkúti
bb0cfeb2d4 Rename config.h to mbedtls_config.h
This commit was generated using the following script:

# ========================
#!/bin/sh
git ls-files | grep -v '^ChangeLog' | xargs sed -b -E -i '
s/((check|crypto|full|mbedtls|query)_config)\.h/\1\nh/g
s/config\.h/mbedtls_config.h/g
y/\n/./
'
mv include/mbedtls/config.h include/mbedtls/mbedtls_config.h
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:33 +01:00
Bence Szépkúti
c662b36af2 Replace all inclusions of config.h
Also remove preprocessor logic for MBEDTLS_CONFIG_FILE, since
build_info.h alreadyy handles it.

This commit was generated using the following script:

# ========================
#!/bin/sh
git ls-files | grep -v '^include/mbedtls/build_info\.h$' | xargs sed -b -E -i '
/^#if !?defined\(MBEDTLS_CONFIG_FILE\)/i#include "mbedtls/build_info.h"
//,/^#endif/d
'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:24:07 +01:00
TRodziewicz
10e8cf5fef Remove MD2, MD4, RC4, Blowfish and XTEA
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-06-16 10:34:25 +02:00
Gilles Peskine
e67665ca20
Merge pull request #4006 from chris-jones-arm/development
Add macro to check error code additions/combinations
2021-04-28 16:47:29 +02:00
Mateusz Starzyk
f9c7b3eb11 Remove PKCS#11 library wrapper.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-04-21 11:05:00 +02:00
Chris Jones
ef01852d65 Add missing guard to mbedtls_test_hook_error_add
Add a missing guard for the definition and declaration of
mbedtls_test_hook_error_add.

Also make the declaration always visible when MBEDTLS_TEST_HOOKS is
enabled. This fixes an issue when MBEDTLS_ERROR_C is not defined but
MBEDTLS_TEST_HOOKS is.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-04-13 15:27:04 +01:00
Chris Jones
b7d02e0f15 Fix misc issues with unused parameters and check-names.sh
Fix unused parameter warnings when MBEDTLS_TEST_HOOKS is not enabled.

A few issues were caught by check-names.sh namely:

- mbedtls_error_add was not capitalised.
- mbedtls_test_hook_error_add was being defined multiple times as the
  definition was in a header.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-04-13 15:26:59 +01:00
Chris Jones
7439209bcc Rewrite error addition interface
The previous implementation of the error addition interface did not comply
with the invasive testing architecture guidelines. This commit fixes that
by:

- Renaming functions/macros/variables to follow the mbedtls_error_xxx or
  mbedtls_test_hook_xxx convention.

- Making mbedtls_test_hook_error_add a global variable that can be set
  by the testing code.

- Using a static inline function call, as opposed to macro, to keep
  discrepancies between debug and production version to a minimum.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-04-13 15:24:25 +01:00
Chris Jones
b179b84335 Change set_err_add_hook void pointer to actual function pointer signature
Change the signature of the `hook` parameter of `mbedtls_set_err_add_hook`
to use the actual signature of the function as opposed to `void *`. This
fixes a warning when compiling with clang `-pedantic`.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-04-13 15:21:43 +01:00
Chris Jones
ef180af350 Move MBEDTLS_ERR_ADD macro and functions to error.*
`error.c` and  error.h are the more logical place to keep this code and it
prevents issues with building `common.c` and conflicts with other projects
that use mbedtls (such as mbedOS).

`error.c` has been automatically generated by first adding the code to
`error.fmt` and then running `./scripts/generate_errors.pl`.

Also add parenthesis to the addition in `MBEDTLS_ERR_ADD`.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-04-13 15:21:43 +01:00
Manuel Pégourié-Gonnard
4dfb83c0d7
Merge pull request #4164 from chris-jones-arm/move-internal-headers
Unify internal headers in library/
2021-03-29 11:18:54 +02:00
Mateusz Starzyk
a2d16b39bc Remove certs.h includes from test applications.
Tests should no longer consider certs.h as a part of public API.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-03-19 12:49:41 +01:00
Mateusz Starzyk
1aec64642c Remove certs module from mbedtls.
Certs will be used only by tests and programs.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-03-16 15:51:25 +01:00
Chris Jones
ea0a865c69 Move entropy_poll.h to library
`entropy_poll.h` is not supposed to be used by application code and
is therefore being made internal.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-03-10 12:52:37 +00:00
Chris Jones
16dbaeb9eb Move padlock.h to library
`padlock.h` is actually an internal header and is moved accordingly.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-03-10 12:52:37 +00:00
Chris Jones
187782f41e Move aesni.h to library
`aesni.h` is an internal header and is moved accordingly.

Also removes some references to internal headers in scripts with
only public headers.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-03-10 12:52:37 +00:00
Chris Jones
84a773f8e6 Rename ssl_internal.h to ssl_misc.h
Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-03-10 12:52:37 +00:00
Chris Jones
e2191cd789 Update includes to use library/ instead of include/mbedtls/
Simple find and replace using `#include (<|")mbedtls/(.*)_internal.h(>|")`
and `#include $1$2_internal.h$3`.

Also re-generated visualc files by running
`scripts/generate_visualc_files.pl`.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-03-10 12:52:37 +00:00
Mateusz Starzyk
7d48b28218 Remove 1.3 to 2.0 transition helpers files.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-03-03 11:00:34 +01:00
Mateusz Starzyk
0fdcc8eee9 Remove Havege module.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-02-11 14:17:07 +01:00
Gilles Peskine
c772b1822a Move the declaration of query_config() to a dedicated header file
Declaring query_config() belongs with the query_config program, not in
ssl_test_lib.h, so move the declaration to a new header file
query_config.h.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-01-13 14:19:43 +01:00
Gilles Peskine
67aed9ada6 Simplify conditional guards in error.c
Simplify the guards on MBEDTLS_ERROR_C and MBEDTLS_ERROR_STRERROR_DUMMY.

No longer include superfluous headers and definition: platform.h is
only needed for MBEDTLS_ERROR_C; time_t is not needed at all.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-11-16 15:02:16 +01:00
Gilles Peskine
b64e0fe5e3 Fix conditions for including string.h in error.c
<string.h> is actually needed when MBEDTLS_ERROR_C is enabled and not
when only MBEDTLS_ERROR_STRERROR_DUMMY is enabled.

Fix #3866.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-11-09 15:17:07 +01:00
Bence Szépkúti
1e14827beb Update copyright notices to use Linux Foundation guidance
As a result, the copyright of contributors other than Arm is now
acknowledged, and the years of publishing are no longer tracked in the
source files.

Also remove the now-redundant lines declaring that the files are part of
MbedTLS.

This commit was generated using the following script:

# ========================
#!/bin/sh

# Find files
find '(' -path './.git' -o -path './3rdparty' ')' -prune -o -type f -print | xargs sed -bi '

# Replace copyright attribution line
s/Copyright.*Arm.*/Copyright The Mbed TLS Contributors/I

# Remove redundant declaration and the preceding line
$!N
/This file is part of Mbed TLS/Id
P
D
'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2020-08-19 10:35:41 +02:00
Gilles Peskine
db09ef6d22 Include common.h instead of config.h in library source files
In library source files, include "common.h", which takes care of
including "mbedtls/config.h" (or the alternative MBEDTLS_CONFIG_FILE)
and other things that are used throughout the library.

FROM=$'#if !defined(MBEDTLS_CONFIG_FILE)\n#include "mbedtls/config.h"\n#else\n#include MBEDTLS_CONFIG_FILE\n#endif' perl -i -0777 -pe 's~\Q$ENV{FROM}~#include "common.h"~' library/*.c 3rdparty/*/library/*.c scripts/data_files/error.fmt scripts/data_files/version_features.fmt

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 11:26:57 +02:00
irwir
fcdea0ff69 Remove definitions and settings that are never used or duplicate MSVC
defaults. Fixes #3297.

Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-05-21 17:19:56 +03:00
Gilles Peskine
9515d76171
Merge pull request #3219 from aggarg/err_optimization
Remove error_description variable from strerr functions
2020-05-04 09:37:13 +02:00
Manuel Pégourié-Gonnard
0c103a8f40
Merge pull request #2853 from irwir/fix_vcxproj
Finalize fixing bugs in .vcxproj files
2020-04-28 13:03:13 +02:00
Gaurav Aggarwal
cabde25289 Align with coding style
return statements use parentheses to contain their value.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-22 08:13:25 -07:00
Kenneth Soerensen
518d435e7b Fix GCC format-signedness warnings
Signed-off-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
2020-04-22 16:01:48 +02:00
Gaurav Aggarwal
8663c7415a Remove error_description variable from strerr functions
This was suggested on this PR: https://github.com/ARMmbed/mbedtls/pull/3176

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-21 14:04:19 -07:00
Gilles Peskine
dc9c47da6c
Merge pull request #3176 from aggarg/development
Add support for const error description strings
2020-04-21 13:57:11 +02:00
Gaurav Aggarwal
6ea4fc7b53 Address review comments
1. The functions mbedtls_high_level_strerr and mbedtls_low_level_strerr
   accept any error code and extract the high-level and low-level parts
   respectively.
2. Documentation updates.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-20 16:03:46 -07:00
irwir
febf8802d7 Merge remote-tracking branch 'upstream/development' into fix_vcxproj
Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-04-20 13:20:06 +03:00
irwir
49d46a7473 Finalize fixing the issue #1430.
The previous PRs had correct template project, but somehow it was not merged.

Signed-off-by: irwir <irwir@users.noreply.github.com>
2020-04-19 16:25:54 +03:00
Gaurav Aggarwal
3d02db23e8 Add auto-generated code markers
The presence of these markers in the original code was helpful to me in
figuring out that this portion of the code is auto-generated.
Therefore, I think those are useful and should be present.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-11 17:14:03 -07:00
Gaurav Aggarwal
a4a2aa5169 Address review comments
- Use switch case instead of loop to generate faster code
- Add #if defined to address compiler error

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-09 11:58:24 -07:00
Gaurav Aggarwal
a9f64006ea Add support for const error description strings
Problem
-------
mbedtls_strerror is a utility function which converts an mbedTLS error code
into a human readable string. It requires the caller to allocate a buffer every
time an error code needs to be converted to a string. It is an overkill and a
waste of RAM for resource constrained microcontrollers - where the most common
use case is to use these strings for logging.

Solution
--------
The proposed commit adds two functions:

* const char * mbedtls_high_level_strerr( int error_code );
* const char * mbedtls_low_level_strerr( int error_code );

The above two functions convert the high level and low level parts of an mbedTLS
error code to human readable strings. They return a const pointer to an
unmodifiable string which is not supposed to be modified by the caller and only
to be used for logging purposes. The caller no longer needs to allocate a
buffer.

Backward Compatibility
----------------------
The proposed change is completely backward compatible as it does not change
the existing mbedtls_strerror function and ensures that it continues to behave
the same way.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-09 01:44:52 -07:00
Gilles Peskine
2ae678d238 Systematically use Windows line endings in Windows files
Don't mix Windows and Unix line endings, it's the worst of both worlds.

Update the Visual Studio templates and regenerate the generated files.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-01 13:42:24 +02:00
Gilles Peskine
0f3f9c3c73 Fix a stray CR inside a line
Use CRLF consistently instead of cobbling a \r here and a \n there.

The generated files don't change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-01 13:42:12 +02:00
Gilles Peskine
eccd888717 Rename identifiers containing double-underscore
Rename identifiers containing double-underscore (`__`) to avoid `__`.
The reason to avoid double-underscore is that all identifiers
containing double-underscore are reserved in C++. Rename all such
identifiers that appear in any public header, including ssl_internal.h
which is in principle private but in practice is installed with the
public headers.

This commit makes check-names.sh pass.

```
perl -i -pe 's/\bMBEDTLS_SSL__ECP_RESTARTABLE\b/MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED/g; s/\bMBEDTLS_KEY_EXCHANGE_(_\w+)_(_\w+)\b/MBEDTLS_KEY_EXCHANGE${1}${2}/g' include/mbedtls/*.h library/*.c programs/*/*.c scripts/data_files/rename-1.3-2.0.txt tests/suites/*.function
```
2020-03-23 17:55:32 +01:00
Gilles Peskine
458b8f2a59 Revert "Remove unused TLS, NET, and X.509 files"
This reverts commit a4308b29a4.
2020-03-19 13:36:33 +01:00
Gilles Peskine
40f17dc803 Revert "Remove certs.h"
This reverts commit b8e4ae18cf.
2020-03-04 15:39:14 +01:00
Gilles Peskine
7156d8cda9 Don't hard-code include paths in templates
generate_visualc_files.pl has a list of directories that it pulls
headers from, so it knows what directories to put on the include path.
Make it inject the include path into the output files, rather than
hard-coding the include paths in template files.

A similar change (but with different code) was made in Mbed TLS in
commit b78cf2b261
"Adjust visual studio file generation to always use the crypto submodule".

No semantic change: this commit does not change the generated files.
2020-02-26 14:37:07 +01:00
Gilles Peskine
2579675935 Merge remote-tracking branch 'upstream-public/development' into development
Files deleted by us: keep them deleted.

```
git rm $(git status -s | sed -n 's/^DU //p')
```

Individual files with conflicts:

* `README.md`: keep the crypto version.
* `doxygen/input/doc_mainpage.h`: keep the crypto version (with an obsolete Mbed Crypto version number).
* `include/mbedtls/error.h`:
    * `ERROR`: similar additions made through parallel commits, with only whitespace differences. Align with the tls version.
* `library/CMakeLists.txt`: keep the crypto version.
* `library/Makefile`: keep the crypto version.
* `scripts/generate_errors.pl`: keep the crypto version (the relevant changes were made through parallel commits).
* `tests/scripts/check-test-cases.py`:
    * `Results`: keep the crypto version, which has both the new argument to the constructor (added in crypto only) and the class docstring (added through parallel commits).
* `tests/suites/helpers.function`:
    * `ARRAY_LENGTH`, `ASSERT_ALLOC`: additions in the same location. Keep both, in indifferent order.
* `tests/suites/target_test.function`:
    * `receive_uint32`: keep the crypto version which has an additional bug fix. The tls changes made in tls are irrelevant after this bug fix.
* `visualc/VS2010/mbedTLS.vcxproj`: run `scripts/generate_visualc_files.pl`.

Review of non-conflicting changes:

* `all.sh`: 1 change.
    * zlib test components: don't add them.
* `include/CMakeLists.txt`: 1 change.
    * `target_include_directories`: doesn't work as is (different target name). Don't take the change.
* All other non-conflicting changes: take them.
2020-02-03 18:52:36 +01:00
Janos Follath
df587ee6d6 Remove duplicate include statement
Now that the Error module has error codes as well and is processed by
the generate_errors script like any other module, we don't need to
include the header manually.
2019-12-19 10:27:57 +00:00
Christoph M. Wintersteiger
48d26c21c6 ECDH: Add Everest Curve25519 to VS project files
This being the first 3rdparty-contribution, we may want to consider the
structure of the project file generation scripts. Perhaps add small,
constribution-specific scripts to each directory in 3rdparty instead of adding
all constraints to generate_visualc_files.pl?
2019-08-19 13:36:44 +01:00
Jaeden Amero
8dd1690993 Merge remote-tracking branch 'tls/development' into development
Resolve conflicts by performing the following operations:
- Reject changes related to building a crypto submodule, since Mbed
  Crypto is the crypto submodule.
- Reject X.509, NET, and SSL changes.
- Reject changes to README, as Mbed Crypto is a different project from
  Mbed TLS, with a different README.
- Avoid adding mention of ssl-opt.sh in a comment near some modified
  code in include/CMakeLists.txt (around where ENABLE_TESTING as added).
- Align config.pl in Mbed TLS with config.pl in Mbed Crypto where PSA
  options are concerned, to make future merging easier. There is no
  reason for the two to be different in this regard, now that Mbed TLS
  always depends on Mbed Crypto. Remaining differences are only the
  PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER option and the absence of X.509,
  NET, and SSL related options in Mbed Crypto's config.pl.
- Align config.h in Mbed Crypto with Mbed TLS's copy, with a few notable
  exceptions:
  - Leave CMAC on by default.
  - Leave storage on by default (including ITS emulation).
  - Avoid documenting the PSA Crypto API as is in beta stage in
    documentation for MBEDTLS_PSA_CRYPTO_C.
  The only remaining differences are a lack of X.509, NET, and SSL
  options in Mbed Crypto's config.h, as well as an additional
  Mbed-Crypto-specific PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER option.
  Documentation for the check params feature and related macros is also
  updated to match Mbed TLS's description.
- Reject tests/data_files/Makefile changes to generate DER versions of
  CRTs and keys, as none of those are used by Mbed Crypto tests.
- Add the "no PEM and no filesystem" test to all.sh, without ssl-opt.sh
  run, as Mbed Crypto doesn't have ssl-opt.sh. Also remove use of PSA
  Crypto storage and ITS emulation, since those depend on filesystem
  support.
- Reject addition of test when no ciphersuites have MAC to all.sh, as
  the option being tested, MBEDTLS_SSL_SOME_MODES_USE_MAC, is not
  present in Mbed Crypto.
- Use baremetal config in all.sh, as Mbed Crypto's baremetal
  configuration does exclude the net module (as it doesn't exist in Mbed
  Crypto)
- Reject cmake_subproject_build changes, continuing to link only
  libmbedcrypto.
- Reject changes to visualc and associated templates. Mbed Crypto
  doesn't need additional logic to handle submodule-sourced headers.
- Avoid adding fuzzers from Mbed TLS. The only relevant fuzzers are the
  privkey and pubkey fuzzers, but non-trivial work would be required to
  integrate those into Mbed Crypto (more than is comfortable in a merge
  commit).
- Reject addition of Docker wrappers for compat.sh and ssl-opt.sh, as
  those are not present in Mbed Crypto.
- Remove calls to SSL-related scripts from basic-in-docker.sh

Fix test errors by performing the following:
- Avoid using a link that Doxygen can't seem to resolve in Mbed Crypto,
  but can resolve in Mbed TLS. In documentation for
  MBEDTLS_CHECK_PARAMS, don't attempt to link to MBEDTLS_PARAM_FAILED.

* origin/development: (339 commits)
  Do not build fuzz on windows
  No booleans and import config
  Removing space before opening parenthesis
  Style corrections
  Syntax fix
  Fixes warnings from MSVC
  Add a linker flag to enable gcov in basic-build-test.sh
  Update crypto submodule to a revision with the HAVEGE header changes
  Test with MBEDTLS_ECP_RESTARTABLE
  Allow TODO in code
  Use the docstring in the command line help
  Split _abi_compliance_command into smaller functions
  Record the commits that were compared
  Document how to build the typical argument for -s
  Allow running /somewhere/else/path/to/abi_check.py
  tests: Limit each log to 10 GiB
  Warn if VLAs are used
  Remove redundant compiler flag
  Consistently spell -Wextra
  Fix parsing issue when int parameter is in base 16
  ...
2019-07-31 10:37:53 +01:00
Jaeden Amero
b8e4ae18cf Remove certs.h
certs.h is not needed in Mbed Crypto. No programs or other library code
use it.
2019-07-15 15:52:25 +01:00
Jaeden Amero
66b7edb108 Merge remote-tracking branch 'origin/pr/2711' into development
* origin/pr/2711:
  programs: Make `make clean` clean all programs always
  ssl_tls: Enable Suite B with subset of ECP curves
  windows: Fix Release x64 configuration
  platform: Include stdarg.h where needed
  timing: Remove redundant include file
  net_sockets: Fix typo in net_would_block()
2019-06-21 14:09:10 +01:00
Jaeden Amero
4f4af6e2ef windows: Fix Release x64 configuration
Inherit PlatformToolset from the project configuration. This allow the
project to configure PlatformToolset, and aligns the Release x64 build
with other build types.

Fixes #1430
2019-06-20 10:58:50 +01:00
Máté Varga
c5de4623e8 Making version features easily ROM-able when using Arm C compiler. 2019-06-12 12:26:37 +02:00
Andrzej Kurek
b78cf2b261 Adjust visual studio file generation to always use the crypto submodule
Add crypto include to include paths
2019-05-23 03:01:35 -04:00
Jaeden Amero
a4308b29a4 Remove unused TLS, NET, and X.509 files
We've removed all software that depends on or uses the TLS, NET, and
X.509 modules. This means TLS, NET, and X.509 are unused and can be
removed. Remove TLS, NET, and X.509.
2019-04-25 11:46:21 +01:00