From 1e6f7708f23b0106bfdc5f9ef72a88a262b3cfc5 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 27 Jun 2023 18:16:13 +0100 Subject: [PATCH 01/20] Fix unused function when MBEDTLS_AES_SETKEY_ENC_ALT set Signed-off-by: Dave Rodgman --- library/aes.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/aes.c b/library/aes.c index f08a21f595..e4e4279e4a 100644 --- a/library/aes.c +++ b/library/aes.c @@ -351,6 +351,7 @@ static uint32_t RT2[256]; static uint32_t RT3[256]; #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* * Round constants */ @@ -441,6 +442,8 @@ static void aes_gen_tables(void) } } +#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ + #undef ROTL8 #endif /* MBEDTLS_AES_ROM_TABLES */ From 9b20aeaa17acb02ad0a411ad3b11e99b93b8da3d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 27 Jun 2023 18:22:34 +0100 Subject: [PATCH 02/20] Fix unused fn when MBEDTLS_AES_SETKEY_DEC_ALT and MBEDTLS_AES_SETKEY_ENC_ALT set Signed-off-by: Dave Rodgman --- library/aes.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/aes.c b/library/aes.c index e4e4279e4a..062ac8fa3d 100644 --- a/library/aes.c +++ b/library/aes.c @@ -524,6 +524,8 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx) (defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2) #define MAY_NEED_TO_ALIGN #endif + +#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static unsigned mbedtls_aes_rk_offset(uint32_t *buf) { #if defined(MAY_NEED_TO_ALIGN) @@ -560,6 +562,7 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf) return 0; } +#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ /* * AES key schedule (encryption) From dbae184ceb96fdfeec3bdd10365f76c8c05f70b2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 27 Jun 2023 18:27:31 +0100 Subject: [PATCH 03/20] Fix unused variable if MBEDTLS_AES_SETKEY_ENC_ALT and MBEDTLS_AES_DECRYPT_ALT set Signed-off-by: Dave Rodgman --- library/aes.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/aes.c b/library/aes.c index 062ac8fa3d..5e0304d77a 100644 --- a/library/aes.c +++ b/library/aes.c @@ -186,6 +186,7 @@ static const uint32_t FT3[256] = { FT }; #undef FT +#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) /* * Reverse S-box */ @@ -224,6 +225,7 @@ static const unsigned char RSb[256] = 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D }; +#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */ /* * Reverse tables @@ -343,7 +345,9 @@ static uint32_t FT3[256]; /* * Reverse S-box & tables */ +#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) static unsigned char RSb[256]; +#endif static uint32_t RT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) static uint32_t RT1[256]; From 36c8e581d6935ac280667e439458fd32e5aff876 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 27 Jun 2023 18:31:24 +0100 Subject: [PATCH 04/20] Fix unused variable Fix when MBEDTLS_AES_SETKEY_ENC_ALT, MBEDTLS_AES_DECRYPT_ALT and MBEDTLS_AES_ROM_TABLE set. Signed-off-by: Dave Rodgman --- library/aes.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/aes.c b/library/aes.c index 5e0304d77a..8e35d48b5d 100644 --- a/library/aes.c +++ b/library/aes.c @@ -319,6 +319,7 @@ static const uint32_t RT3[256] = { RT }; #undef RT +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* * Round constants */ @@ -328,6 +329,7 @@ static const uint32_t RCON[10] = 0x00000010, 0x00000020, 0x00000040, 0x00000080, 0x0000001B, 0x00000036 }; +#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ #else /* MBEDTLS_AES_ROM_TABLES */ From 5c047d967260e9055523363a155c2b775aab8238 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 27 Jun 2023 19:20:27 +0100 Subject: [PATCH 05/20] More dependency fixes Signed-off-by: Dave Rodgman --- library/aes.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/library/aes.c b/library/aes.c index 8e35d48b5d..9869be6aae 100644 --- a/library/aes.c +++ b/library/aes.c @@ -58,6 +58,7 @@ static int aes_padlock_ace = -1; /* * Forward S-box */ +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static const unsigned char FSb[256] = { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, @@ -93,6 +94,7 @@ static const unsigned char FSb[256] = 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }; +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ /* * Forward tables @@ -164,6 +166,7 @@ static const unsigned char FSb[256] = V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \ V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C) +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) #define V(a, b, c, d) 0x##a##b##c##d static const uint32_t FT0[256] = { FT }; #undef V @@ -182,11 +185,13 @@ static const uint32_t FT2[256] = { FT }; static const uint32_t FT3[256] = { FT }; #undef V +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */ + #endif /* !MBEDTLS_AES_FEWER_TABLES */ #undef FT -#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) /* * Reverse S-box */ @@ -297,6 +302,8 @@ static const unsigned char RSb[256] = V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \ V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) + #define V(a, b, c, d) 0x##a##b##c##d static const uint32_t RT0[256] = { RT }; #undef V @@ -315,6 +322,8 @@ static const uint32_t RT2[256] = { RT }; static const uint32_t RT3[256] = { RT }; #undef V +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC) */ + #endif /* !MBEDTLS_AES_FEWER_TABLES */ #undef RT @@ -336,13 +345,17 @@ static const uint32_t RCON[10] = /* * Forward S-box & tables */ +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static unsigned char FSb[256]; +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static uint32_t FT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) static uint32_t FT1[256]; static uint32_t FT2[256]; static uint32_t FT3[256]; #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ /* * Reverse S-box & tables @@ -350,11 +363,14 @@ static uint32_t FT3[256]; #if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) static unsigned char RSb[256]; #endif + +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static uint32_t RT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) static uint32_t RT1[256]; static uint32_t RT2[256]; static uint32_t RT3[256]; +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ #endif /* !MBEDTLS_AES_FEWER_TABLES */ #if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) @@ -435,6 +451,7 @@ static void aes_gen_tables(void) x = RSb[i]; +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) RT0[i] = ((uint32_t) MUL(0x0E, x)) ^ ((uint32_t) MUL(0x09, x) << 8) ^ ((uint32_t) MUL(0x0D, x) << 16) ^ @@ -445,6 +462,7 @@ static void aes_gen_tables(void) RT2[i] = ROTL8(RT1[i]); RT3[i] = ROTL8(RT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ } } From 9d3b63396be9fb57f0a882462e87a749bf8d592a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 27 Jun 2023 20:41:51 +0100 Subject: [PATCH 06/20] Fix comment Signed-off-by: Dave Rodgman --- library/aes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aes.c b/library/aes.c index 9869be6aae..cf63303df0 100644 --- a/library/aes.c +++ b/library/aes.c @@ -322,7 +322,7 @@ static const uint32_t RT2[256] = { RT }; static const uint32_t RT3[256] = { RT }; #undef V -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC) */ +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ #endif /* !MBEDTLS_AES_FEWER_TABLES */ From 584b62f89eb9677c2bc950a84725eacd304f0882 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 27 Jun 2023 21:03:31 +0100 Subject: [PATCH 07/20] code style Signed-off-by: Dave Rodgman --- library/aes.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/library/aes.c b/library/aes.c index cf63303df0..7c4048b23e 100644 --- a/library/aes.c +++ b/library/aes.c @@ -58,7 +58,8 @@ static int aes_padlock_ace = -1; /* * Forward S-box */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static const unsigned char FSb[256] = { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, @@ -94,7 +95,8 @@ static const unsigned char FSb[256] = 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }; -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif \ + /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ /* * Forward tables @@ -345,9 +347,11 @@ static const uint32_t RCON[10] = /* * Forward S-box & tables */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static unsigned char FSb[256]; -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif \ + /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ #if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static uint32_t FT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) @@ -549,7 +553,8 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx) #define MAY_NEED_TO_ALIGN #endif -#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) +#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static unsigned mbedtls_aes_rk_offset(uint32_t *buf) { #if defined(MAY_NEED_TO_ALIGN) @@ -586,7 +591,8 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf) return 0; } -#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ +#endif \ + /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ /* * AES key schedule (encryption) From aac022dab4b1b153f51baef195a7f252d7c08824 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 28 Jun 2023 10:00:23 +0100 Subject: [PATCH 08/20] Changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/fix-tfm-build.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/fix-tfm-build.txt diff --git a/ChangeLog.d/fix-tfm-build.txt b/ChangeLog.d/fix-tfm-build.txt new file mode 100644 index 0000000000..1401768ace --- /dev/null +++ b/ChangeLog.d/fix-tfm-build.txt @@ -0,0 +1,5 @@ +Bugfix + * Fix compilation warnings in aes.c, which prevented the + example TF-M configuration in configs/ from building cleanly: + tfm_mbedcrypto_config_profile_medium.h with + crypto_config_profile_medium.h. From c34bea20d64525c1b599d756ba76f787ec11ca2b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 28 Jun 2023 11:29:27 +0100 Subject: [PATCH 09/20] fix trailing whitespace Signed-off-by: Dave Rodgman --- ChangeLog.d/fix-tfm-build.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-tfm-build.txt b/ChangeLog.d/fix-tfm-build.txt index 1401768ace..64cb837ae1 100644 --- a/ChangeLog.d/fix-tfm-build.txt +++ b/ChangeLog.d/fix-tfm-build.txt @@ -1,5 +1,5 @@ Bugfix * Fix compilation warnings in aes.c, which prevented the example TF-M configuration in configs/ from building cleanly: - tfm_mbedcrypto_config_profile_medium.h with + tfm_mbedcrypto_config_profile_medium.h with crypto_config_profile_medium.h. From c62e5c4885235e4b9af9cf39201dbf61abe62d18 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 28 Jun 2023 11:33:07 +0100 Subject: [PATCH 10/20] Update changelog for 2.28 Signed-off-by: Dave Rodgman --- ChangeLog.d/fix-tfm-build.txt | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/ChangeLog.d/fix-tfm-build.txt b/ChangeLog.d/fix-tfm-build.txt index 64cb837ae1..a63bc2fa4d 100644 --- a/ChangeLog.d/fix-tfm-build.txt +++ b/ChangeLog.d/fix-tfm-build.txt @@ -1,5 +1,3 @@ Bugfix - * Fix compilation warnings in aes.c, which prevented the - example TF-M configuration in configs/ from building cleanly: - tfm_mbedcrypto_config_profile_medium.h with - crypto_config_profile_medium.h. + * Fix compilation warnings in aes.c for certain combinations + of configuration options. From f488c2ca79102db56a2d67782341d91eb7456e7b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 28 Jun 2023 11:35:25 +0100 Subject: [PATCH 11/20] Add missing include for INT_MAX definition Signed-off-by: Dave Rodgman --- library/ctr_drbg.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 652c5cbc28..45d925437e 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -30,6 +30,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include #include #if defined(MBEDTLS_FS_IO) From 1262315a1a1c7a7ab2d4b72f85acbab882ef266c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 28 Jun 2023 11:54:25 +0100 Subject: [PATCH 12/20] Fix warnings re: unused variables in pkparse and pkwrite Signed-off-by: Dave Rodgman --- library/pkparse.c | 2 +- library/pkwrite.c | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index deaff0b310..4335f2c5bd 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1229,7 +1229,6 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, const unsigned char *pwd, size_t pwdlen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const mbedtls_pk_info_t *pk_info; #if defined(MBEDTLS_PEM_PARSE_C) size_t len; mbedtls_pem_context pem; @@ -1256,6 +1255,7 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, } if (ret == 0) { + const mbedtls_pk_info_t *pk_info; pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA); if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 || (ret = pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), diff --git a/library/pkwrite.c b/library/pkwrite.c index 0107f20b1d..f229949ce8 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -175,9 +175,12 @@ exit: int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, const mbedtls_pk_context *key) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; + (void) p; + (void) start; + (void) key; + PK_VALIDATE_RET(p != NULL); PK_VALIDATE_RET(*p != NULL); PK_VALIDATE_RET(start != NULL); @@ -313,6 +316,10 @@ int mbedtls_pk_write_key_der(mbedtls_pk_context *key, unsigned char *buf, size_t unsigned char *c; size_t len = 0; + (void) ret; + (void) c; + (void) key; + PK_VALIDATE_RET(key != NULL); if (size == 0) { return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; From bae79fa16e45961fee76176257838296de5a0c40 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 28 Jun 2023 11:54:53 +0100 Subject: [PATCH 13/20] Add missing sha header includes to entropy.c Signed-off-by: Dave Rodgman --- library/entropy.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/entropy.c b/library/entropy.c index af78acc1bf..e9a7ae63d3 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -31,6 +31,8 @@ #include "mbedtls/entropy_poll.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "mbedtls/sha256.h" +#include "mbedtls/sha512.h" #include From 94210b13eb8f799a3a5f5e024dde4810cea96fda Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 28 Jun 2023 14:08:07 +0100 Subject: [PATCH 14/20] Compile fixes Signed-off-by: Dave Rodgman --- library/pkparse.c | 4 +++- library/pkwrite.c | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index 4335f2c5bd..76fe0c81e4 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1229,11 +1229,14 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, const unsigned char *pwd, size_t pwdlen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + const mbedtls_pk_info_t *pk_info; #if defined(MBEDTLS_PEM_PARSE_C) size_t len; mbedtls_pem_context pem; #endif + (void) pk_info; + PK_VALIDATE_RET(pk != NULL); if (keylen == 0) { return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; @@ -1255,7 +1258,6 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, } if (ret == 0) { - const mbedtls_pk_info_t *pk_info; pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA); if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 || (ret = pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), diff --git a/library/pkwrite.c b/library/pkwrite.c index f229949ce8..88e685503b 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -175,11 +175,13 @@ exit: int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, const mbedtls_pk_context *key) { + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; (void) p; (void) start; (void) key; + (void) ret; PK_VALIDATE_RET(p != NULL); PK_VALIDATE_RET(*p != NULL); From a4a337360d6b0b6aee64f9a23f6a073d62d81767 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 29 Jun 2023 11:58:04 +0100 Subject: [PATCH 15/20] Correct comments on #endif's Signed-off-by: Dave Rodgman --- library/aes.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/aes.c b/library/aes.c index 7c4048b23e..a5fe6ded0d 100644 --- a/library/aes.c +++ b/library/aes.c @@ -232,7 +232,7 @@ static const unsigned char RSb[256] = 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D }; -#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */ +#endif /* defined(MBEDTLS_AES_DECRYPT_ALT)) */ /* * Reverse tables @@ -374,8 +374,8 @@ static uint32_t RT0[256]; static uint32_t RT1[256]; static uint32_t RT2[256]; static uint32_t RT3[256]; -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ #if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* From 1ce92e4887f88b194f791cd53c002d84148deb3f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 29 Jun 2023 12:01:24 +0100 Subject: [PATCH 16/20] Correct #endif comments Signed-off-by: Dave Rodgman --- library/aes.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/aes.c b/library/aes.c index a5fe6ded0d..b750e7e524 100644 --- a/library/aes.c +++ b/library/aes.c @@ -187,10 +187,10 @@ static const uint32_t FT2[256] = { FT }; static const uint32_t FT3[256] = { FT }; #undef V -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */ - #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */ + #undef FT #if !defined(MBEDTLS_AES_DECRYPT_ALT) From 1d0033e1ac553b54b74f2f2ea54f902f3985e4a2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 29 Jun 2023 12:07:11 +0100 Subject: [PATCH 17/20] Improve #endif comments Signed-off-by: Dave Rodgman --- library/aes.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/aes.c b/library/aes.c index b750e7e524..a64b2a5ded 100644 --- a/library/aes.c +++ b/library/aes.c @@ -95,8 +95,8 @@ static const unsigned char FSb[256] = 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }; -#endif \ - /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ /* * Forward tables @@ -350,8 +350,8 @@ static const uint32_t RCON[10] = #if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static unsigned char FSb[256]; -#endif \ - /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ #if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static uint32_t FT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) @@ -366,7 +366,7 @@ static uint32_t FT3[256]; */ #if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) static unsigned char RSb[256]; -#endif +#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */ #if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static uint32_t RT0[256]; @@ -591,8 +591,8 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf) return 0; } -#endif \ - /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ +#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ /* * AES key schedule (encryption) From 173227d41e926cf23a3057c5c2d18f92b2c1efab Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 29 Jun 2023 09:29:00 +0100 Subject: [PATCH 18/20] Test combinations of macros for aes.o Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index dae54c7e38..72d64cfbee 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2496,6 +2496,42 @@ component_test_check_params_silent () { make CC=gcc CFLAGS='-Werror -O1' all test } +component_build_aes_variations() { # ~45s + msg "build: aes.o for all combinations of relevant config options" + for a in set unset; do + for b in set unset; do + for c in set unset; do + for d in set unset; do + for e in set unset; do + for f in set unset; do + for g in set unset; do + echo ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT + echo ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT + echo ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES + echo ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT + echo ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT + echo ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES + echo ./scripts/config.py $g MBEDTLS_PADLOCK_C + + ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT + ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT + ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES + ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT + ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT + ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES + ./scripts/config.py $g MBEDTLS_PADLOCK_C + + rm -f library/aes.o + make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" + done + done + done + done + done + done + done +} + component_test_no_platform () { # Full configuration build, without platform support, file IO and net sockets. # This should catch missing mbedtls_printf definitions, and by disabling file From bf99828d7b43ef9a2f717705c9eb0595a6029994 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 29 Jun 2023 12:10:45 +0100 Subject: [PATCH 19/20] Nicer formatting Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 72d64cfbee..75e5e6ba59 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2498,6 +2498,7 @@ component_test_check_params_silent () { component_build_aes_variations() { # ~45s msg "build: aes.o for all combinations of relevant config options" + for a in set unset; do for b in set unset; do for c in set unset; do @@ -2505,24 +2506,24 @@ component_build_aes_variations() { # ~45s for e in set unset; do for f in set unset; do for g in set unset; do - echo ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT - echo ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT - echo ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES - echo ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT - echo ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT - echo ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES - echo ./scripts/config.py $g MBEDTLS_PADLOCK_C + echo ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT + echo ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT + echo ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES + echo ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT + echo ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT + echo ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES + echo ./scripts/config.py $g MBEDTLS_PADLOCK_C - ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT - ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT - ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES - ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT - ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT - ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES - ./scripts/config.py $g MBEDTLS_PADLOCK_C + ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT + ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT + ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES + ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT + ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT + ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES + ./scripts/config.py $g MBEDTLS_PADLOCK_C - rm -f library/aes.o - make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" + rm -f library/aes.o + make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" done done done From f72b8375d09b03c5eba8725b278d9c1f234de0de Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 29 Jun 2023 16:33:03 +0100 Subject: [PATCH 20/20] Fix order of endif comments Signed-off-by: Dave Rodgman --- library/aes.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/aes.c b/library/aes.c index a64b2a5ded..c506709500 100644 --- a/library/aes.c +++ b/library/aes.c @@ -324,10 +324,10 @@ static const uint32_t RT2[256] = { RT }; static const uint32_t RT3[256] = { RT }; #undef V -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ - #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ + #undef RT #if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)