Some preprocessor macro definitions must have a specific expansion so that
the same macro name can be defined in different products. The definition of
having the same expansion (per the C language specification) means the same
sequence of tokens, and also the same absence/presence of spacing between
tokens.
Two macros are also defined in headers in the PSA Compliance test suite, so
the test suite would fail to build if we changed the definitions. Preserve
those definitions. Technically this is a bug in the test suite, since having
extra spaces (or even a completely different constant expression with the
same value) would still be compliant. Bug reported as
https://github.com/ARM-software/psa-arch-tests/issues/337
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Some preprocessor macro definitions must have a specific expansion so that
the same macro name can be defined in different products. The definition of
having the same expansion (per the C language specification) means the same
sequence of tokens, and also the same absence/presence of spacing between
tokens.
For PSA error code definitions, the specific expansion is mandated by the
PSA Status code specification and the PSA Crypto API specification. In
particular, there must not be a space between (psa_status_t) and the
numerical value (whereas K&R would put a space).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Move the *INDENT-ON* annotation to the end of the file so that
uncrustify does not restyle the later sections (since it introduces a
risk of future problems).
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The inline assembly defined in bn_mul.h confuses code style parsing,
causing code style correction to fail. Disable code style correction for
the whole section gated by "#if defined(MBEDTLS_HAVE_ASM)" to prevent
this.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The following code:
#ifndef asm
#define asm __asm
#endif
causes Uncrustify to stop correcting the rest of the file. This may be
due to parsing the "asm" keyword in the definition.
Work around this by wrapping the idiom in an *INDENT-OFF* comment
wherever it appears.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Refactor the MBEDTLS_DEPRECATED macro to be in front of the function
name rather than on its own line after the function arguments.
If it is placed on its own line, Uncrustify moves it to the start of
the line which causes check_names.py to think it is an identifier.
As a result check_names.py doesn't treat it as a macro name and it
gets detected as a typo.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This is not new, it had always been the case, just not documented.
Pointed out by depends.py pkalgs (again, now that restartable is part of
full).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
It might not be obvious that this option goes beyond adding new
functions, but also automagically modifies the behaviour of TLS
in some circumstances. Moreover, the exact modifications and
circumstances were not documented anywhere outside the ChangeLog.
Fix that.
While at it, adjust the test that checks no restartable behaviour with
other key exchanges, to use a key exchange that allows cert-based client
authentication so that we can check that this is not restartable either.
We don't have any automated test checking that the server is never
affected. That would require adding an ec_max_ops command-line option to
ssl_server2 that never has any effect, just to check that it indeed
doesn't. I'm not sure that's worth it. I tested manually and could
confirm that the server never has restartable behaviour, even for the
parts that are shared between client and server such as cert chain
verification.
Note (from re-reading the code): all restartable behaviour is controlled
by the flag ssl->handshake->ecrs_enabled which is only client-side with
the ECDHE-ECDSA key exchange (TLS 1.2).
Note: this commit is backported from development, which has more
dependency declarations in tests/ssl-opt.sh. While at it, add them to
the existing tests.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Since they're part of the public API (even if only through a few functions),
they should be documented.
I deliberately skipped documenting how to configure the size of the type.
Right now, MBEDTLS_HAVE_INT32 and MBEDTLS_HAVE_INT64 have no Doxygen
documentation, so it's ambiguous whether they're part of the public API.
Resolving this ambiguity is out of scope of my current work.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The PSA code needs pk_parse as well as pk_write for RSA keys. Fix#6409.
This is independent of PKCS#1v1.5 support. Fix#6408.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
mbedtls_vsnprintf replacement works like mbedtls_snprintf replacement, so
copy the requirements for MBEDTLS_PLATFORM_VSNPRINTF_ALT.
(MBEDTLS_PLATFORM_xxx_MACRO shouldn't require MBEDTLS_PLATFORM_C, but that's
a separate preexisting problem which I do not try address at this time.)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Fixed a bug that the little-endian Microblaze does not work when MBEDTLS_HAVE_ASM is defined.
Signed-off-by: Kazuyuki Kimura <kim@wing.ocn.ne.jp>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Fixes#1910
With ebx added to the MULADDC_STOP clobber list to fix#1550, the inline
assembly fails to build with GCC < 5 in PIC mode with the following error:
include/mbedtls/bn_mul.h:46:13: error: PIC register clobbered by ‘ebx’ in ‘asm’
This is because older GCC versions treated the x86 ebx register (which is
used for the GOT) as a fixed reserved register when building as PIC.
This is fixed by an improved register allocator in GCC 5+. From the release
notes:
Register allocation improvements: Reuse of the PIC hard register, instead of
using a fixed register, was implemented on x86/x86-64 targets. This
improves generated PIC code performance as more hard registers can be used.
https://www.gnu.org/software/gcc/gcc-5/changes.html
As a workaround, detect this situation and disable the inline assembly,
similar to the MULADDC_CANNOT_USE_R7 logic.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Certain numerical values are written to the key store. Changing those
numerical values would break the backward compatibility of stored keys. Add
a note to the affected types. Add comments near the definitions of affected
values.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
