lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity
25,743 Commits 176 Branches 276 Tags
08691679b51c3e8e985c3b29056bb85ebdf1e031
Commit Graph

11366 Commits

Author SHA1 Message Date
Valerio Setti
f70b3e08b1 pk: fix: explicilty set const in casted value in mbedtls_pk_ec_ro 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 12:57:40 +02:00
Valerio Setti
3f00b84dd1 pk: fix build issues 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 12:57:06 +02:00
Valerio Setti
77a75685ed pk: align library and tests code to the new internal functions 
Note = programs are not aligned to this change because:
- the original mbedtls_pk_ec is not ufficially deprecated
- that function is used in tests when ECP_C is defined, so
  the legacy version of that function is available in that
  case

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 11:18:46 +02:00
Valerio Setti
229bf1031f pk: make mbedtls_pk_ec internal when !ECP_C 
mbedtls_pk_ec() is not an ideal function because:
- it provides direct access to the ecp_keypair structure wrapped
  by the pk_context and
- this bypasses the PK module's control
However, since for backward compatibility, it cannot be deprecated
immediately, 2 alternative internal functions are proposed.
As a consequence:
- when ECP_C is defined, then the legacy mbedtls_pk_ec is available
- when only ECP_LIGHT is defined, but ECP_C is not, then only the
  new internal functions will be available

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 11:13:55 +02:00
Gilles Peskine
8075f76708 Ignore *.o everywhere 
We don't commit *.o files anywhere, not even as test data. So ignore them
everywhere.

This resolves *.o files not being ignored under 3rdparty/p256-m.

Also remove a redundant ignore of *.exe in a subdirectory.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-12 13:58:05 +02:00
Tom Cosgrove
6d62faca8e Only include psa_pake_setup() and friends if some PAKE algorithms are required 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-05-12 12:36:24 +01:00
Gabor Mezei
b6653f3e27 Update comments 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-12 12:34:12 +02:00
Gabor Mezei
dcaf99ebb8 Add another round in the Koblitz reduction 
The addition can result in an overflow so another round is needed
in the reduction.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-12 12:34:05 +02:00
Yanray Wang
d896fcb0d5 nist_kw.c: remove non-128-bit data if aes_128bit_only enabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 18:09:42 +08:00
Przemek Stekiel
c80e7506a0 Handle simple copy import/export before driver dispatch 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-11 12:06:00 +02:00
Przemek Stekiel
a59255f04f Adapt guards in ffdh driver 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-11 12:06:00 +02:00
Yanray Wang
93533b51a8 gcm.c: do not set length for some arrays in selftest 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:57:17 +08:00
Yanray Wang
d329c69fba gcm selftest: remove non-128-bit data if aes_128bit_only enabled 
This commit sets a loop_limit to omit AES-GCM-192 and AES-GCM-256
if MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enabled.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:57:17 +08:00
Yanray Wang
dd56add42d cmac selftest: add macro for non-128-bit data/test 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:57:17 +08:00
Yanray Wang
59c2dfa48c aes selftest: determine selftest loop limit in runtime 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:56:21 +08:00
Yanray Wang
62c9991a5b aes selftest: remove non-128-bit data if aes_128bit_only enabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 11:11:17 +08:00
Paul Elliott
481a6a8edb Merge pull request #7482 from gabor-mezei-arm/6029_use_core_api_in_ecp_mod_koblitz 
[Bignum] Use core API in ecp_mod_koblitz()
 2023-05-10 17:24:46 +01:00
Andrzej Kurek
199eab97e7 Add partial support for URI SubjectAltNames 
Only exact matching without normalization is supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-10 09:57:19 -04:00
Manuel Pégourié-Gonnard
1d046fa0dd Merge pull request #6010 from mprse/ffdh_import_export 
FFDH 1, 2A, 2B: FFDH add support for import/export key, key agreement, key generation + tests
 2023-05-10 11:40:54 +02:00
Pol Henarejos
2d8076978a Fix coding style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-05-09 11:44:57 +02:00
Gilles Peskine
97edeb4fb8 Merge pull request #6866 from mprse/extract-key-ids 
Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2
 2023-05-08 20:38:29 +02:00
Kusumit Ghoderao
3fc4ca7272 Limit max input cost to 32bit 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-08 15:57:41 +05:30
Kusumit Ghoderao
d0422f30c5 Enable empty salt as input for pbkdf2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-08 15:56:19 +05:30
Kusumit Ghoderao
6731a2580c Remove redundant code in key_derivation_abort() 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-08 15:54:54 +05:30
Przemek Stekiel
61aed064c5 Code optimization 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-08 11:15:59 +02:00
Przemek Stekiel
ed9fb78739 Fix parsing of KeyIdentifier (tag length error case) + test 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-08 11:15:54 +02:00
Yanray Wang
e2bc158b38 aesce.c: add macro of MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-08 10:29:28 +08:00
Gabor Mezei
908f40014c Determine special cases in-place in the common Koblitz function 
Remove parameter used by the special cases and check for special cases in-place.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-05 16:31:19 +02:00
Pol Henarejos
d06c6fc45b Merge branch 'development' into sha3 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-05-05 16:01:18 +02:00
Tom Cosgrove
501fb3abf3 Merge pull request #5894 from Xeenych/patch-1 
Reduce RAM - move some variables to .rodata
 2023-05-05 14:54:32 +01:00
Przemek Stekiel
837d2d1c5e mbedtls_psa_export_ffdh_public_key: return fixed key size 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-05 12:33:46 +02:00
Valerio Setti
fc90decb74 pkwrite: removing unused/duplicated variables 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 12:30:40 +02:00
Valerio Setti
4f387ef277 pk: use better naming for the new key ID field 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 10:59:32 +02:00
Valerio Setti
048cd44f77 pk: fix library code for using the new opaque key solution 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 10:59:32 +02:00
Valerio Setti
e00954d0ed pk: store opaque key ID directly in the pk_context structure 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 10:57:26 +02:00
Przemek Stekiel
134cc2e7a8 Fix code style 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-05 10:13:47 +02:00
Manuel Pégourié-Gonnard
71f88ecc52 Merge pull request #6838 from jethrogb/jb/pkix-curdle 
Read and write RFC8410 keys
 2023-05-05 10:02:21 +02:00
Przemek Stekiel
e1621a460a mbedtls_psa_ffdh_generate_key: optimize code and return fixed key size 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-05 09:53:37 +02:00
Arto Kinnunen
0f06618db0 AES: skip 192bit and 256bit key in selftest if 128bit_only enabled 
This includes:
 - aes.c
 - cmac.c
 - gcm.c
 - nist_kw.c

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-05 11:20:59 +08:00
Arto Kinnunen
732ca3221d AES: add macro of MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 
Add configuration option to support 128-bit key length only
in AES calculation.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-05 11:20:38 +08:00
Minos Galanakis
b89440394f bignum_core: Removed input checking for mbedtls_mpi_core_shift_l 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-04 14:40:40 +01:00
Dave Rodgman
6dc62e682a Merge pull request #7544 from tom-cosgrove-arm/use-mbedtls_ct_uint_if-rather-than-mbedtls_ct_cond_select_sign 
Use mbedtls_ct_uint_if() rather than mbedtls_ct_cond_select_sign()
 2023-05-04 12:23:30 +01:00
Jethro Beekman
cb706ea308 Silence bad "maybe unitialized" warning for ec_grp_id 
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
 2023-05-04 13:01:47 +02:00
Jethro Beekman
cf4545e396 Fix unsued variable in mbedtls_pk_write_pubkey_der in certain configurations 
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
 2023-05-04 13:01:47 +02:00
Jethro Beekman
13d415c4ed Only use mbedtls_ecc_group_of_psa if defined(MBEDTLS_ECP_LIGHT) 
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
 2023-05-04 13:01:47 +02:00
Jethro Beekman
33a3ccd899 Fix bug in mbedtls_pk_wrap_as_opaque 
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
 2023-05-04 13:01:47 +02:00
Jethro Beekman
8e59ebb2e4 Refactor EC SPKI serialization 
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
 2023-05-04 13:01:47 +02:00
Jethro Beekman
2e662c6f97 Add comment about version 1 PKCS8 keys not containing a public key 
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
 2023-05-04 13:01:47 +02:00
Jethro Beekman
0167244be4 Read and write X25519 and X448 private keys 
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
Co-authored-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
Signed-off-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
 2023-05-04 13:01:47 +02:00
Manuel Pégourié-Gonnard
e4072c00c8 Merge pull request #7548 from jethrogb/jb/mbedtls_pem_write_buffer 
mbedtls_pem_write_buffer: Correctly report needed buffer size for all possible line lengths and counts
 2023-05-04 12:54:56 +02:00