1fd7f98546
Re-introduce ENUM validation in camellia.c
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com >
2022-08-31 10:14:57 +01:00
6291b131ca
Remove NULL pointer validation in camellia.c
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com >
2022-08-31 10:14:57 +01:00
a8ef1565bb
Re-introduce ENUM validation in aes.c
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com >
2022-08-31 10:14:57 +01:00
cac11d7797
Remove NULL pointer validation in aes.c
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com >
2022-08-31 10:14:57 +01:00
bf22a2500b
Merge pull request #6208 from AndrzejKurek/tls-tests-no-md-structured
...
Remove the dependency on MD from TLS 1.2 tests
2022-08-30 12:34:37 +02:00
0edfa9dd26
Merge pull request #6207 from daverodgman/ticket_time
...
Fix type used for capturing TLS ticket generation time
2022-08-30 10:03:06 +01:00
fac3ea5656
Merge pull request #6184 from leorosen/ssl_tls_curve_group_id_null_protect
...
mbedtls_ssl_check_curve prevent potential NULL pointer dereferencing
2022-08-24 15:16:45 +01:00
bcc13c943f
Add further missing whitespaces inside parentheses
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com >
2022-08-24 15:08:16 +01:00
20c1137350
Fix coding style
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com >
2022-08-24 15:06:13 +01:00
5a28142410
Merge pull request #6189 from Kxuan/fix-ctr_drbg-uninit
...
ctr_drbg: fix free uninitialized aes context
2022-08-24 14:58:44 +01:00
299b1d6c93
Remove unnecessary psa/crypto.h include
...
This is now included in `legacy_or_psa.h`.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-08-23 05:42:33 -04:00
cccb044804
Style & formatting fixes
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-08-23 05:26:02 -04:00
645ff5b8ff
Merge pull request #6095 from gabor-mezei-arm/6016_add_new_modulus_and_residue_structures
...
Add the new modulus and the residue structures with low level I/O operations
2022-08-23 09:02:43 +01:00
7e16ce3a72
Clarify TLS 1.2 dependencies with and without PSA crypto
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-08-22 17:46:50 -04:00
8c95ac4500
Add missing dependencies / alternatives
...
A number of places lacked the necessary dependencies on one of
the used features: MD, key exchange with certificate,
entropy, or ETM.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-08-22 17:46:50 -04:00
25f271557b
Update SHA and MD5 dependencies in the SSL module
...
The same elements are now also used when MBEDTLS_USE_PSA_CRYPTO
is defined and respective SHA / MD5 defines are missing.
A new set of macros added in #6065 is used to reflect these dependencies.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-08-22 17:46:50 -04:00
0ce592169e
Use hash_info_get_size in ssl_tls12_client
...
This way the code does not rely on the MBEDTLS_MD_C define
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-08-22 17:46:50 -04:00
a242e83b21
Rename the sha384 checksum context to reflect its purpose
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-08-22 17:02:04 -04:00
e5018c97f9
Merge pull request #6195 from superna9999/6149-driver-only-hashes-ec-j-pake
...
Driver-only hashes: EC J-PAKE
2022-08-22 17:28:15 +02:00
20ebaac85e
Merge pull request #6211 from tom-cosgrove-arm/explicit-warning-re-ct-conditions-not-0-or-1
...
Be explicit about constant time bignum functions that must take a 0 or 1 condition value
2022-08-22 17:24:04 +02:00
03f1c39ac7
Merge pull request #6171 from mprse/md_x509_test
...
Driver-only hashes: X.509
2022-08-22 17:18:47 +02:00
2e328c8591
Remove confusing const qualifier
...
Since a is not a pointer, it is passed by value and declaring it const
doesn’t make any sense and on the first read can make me miss the fact
that a is not a pointer.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2022-08-22 11:19:10 +01:00
c459641ad1
Bignum: add missing limb qualifiers
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2022-08-22 10:04:52 +01:00
af3f39c01c
Fix typos
...
Co-authored-by: Tom Cosgrove <81633263+tom-cosgrove-arm@users.noreply.github.com >
Co-authored-by: Werner Lewis <Werner.Lewis@arm.com >
Signed-off-by: Janos Follath <janos.follath@arm.com >
2022-08-22 09:08:04 +01:00
beb4fc0723
Merge pull request #6185 from leorosen/tls12_server_null_on_missing_key
...
ssl_tls12_server: fix potential NULL-dereferencing if local certifica…
2022-08-19 20:22:59 +01:00
19e5973566
mbedtls_ssl_check_curve prevent potential NULL pointer dereferencing
...
Avoid the shorthand practice of the form 'x = func(foo)->bar' which
exposes the code to NULL pointer de-referencing when the 'func()'
returns a NULL pointer.
The first chunk is for when the curve group code is not recognized by
the library, and is cleanly rejected if offered.
The second chunk addresses the unlikely case of an internal error:
if 'mbedtls_pk_can_do()' returns TRUE, it should rule out
'mbedtls_pk_ec()' returning a NULL, unless there is a regression.
Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com >
2022-08-19 11:49:22 -07:00
a95f204cd3
Improve documentation
...
Co-authored-by: Tom Cosgrove <81633263+tom-cosgrove-arm@users.noreply.github.com >
Co-authored-by: Werner Lewis <werner.wmlewis@gmail.com >
Co-authored-by: Minos Galanakis <minos.galanakis@arm.com >
Signed-off-by: Janos Follath <janos.follath@arm.com >
2022-08-19 13:11:22 +01:00
ca5688e10c
Improve coding style
...
Co-authored-by: Tom Cosgrove <81633263+tom-cosgrove-arm@users.noreply.github.com >
Co-authored-by: Werner Lewis <werner.wmlewis@gmail.com >
Signed-off-by: Janos Follath <janos.follath@arm.com >
2022-08-19 13:11:22 +01:00
b7a88eca42
Bignum: Apply naming conventions
...
Numbers:
- A, B for mbedtls_mpi_uint* operands
- a, b for mbedtls_mpi_uint operands
- X or x for result
- HAC references where applicable
Lengths:
- Reserve size or length for length/size in bytes or byte buffers.
- For length of mbedtls_mpi_uint* buffers use limbs
- Length parameters are qualified if possible (eg. input_length or
a_limbs)
Setup functions:
- The parameters match the corresponding structure member's name
- The structure to set up is a standard lower case name even if in other
functions different naming conventions would apply
Scope of changes/conventions:
- bignum_core
- bignum_mod
- bignum_mod_raw
Signed-off-by: Janos Follath <janos.follath@arm.com >
2022-08-19 13:11:22 +01:00
6b8a4ad0d8
Bignum: update const qualifiers
...
While at it, mark parameters based on their role.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2022-08-19 13:11:22 +01:00
ecaba1c9b2
Make use of PSA crypto hash if MBEDTLS_MD_C isn't defined
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com >
2022-08-19 11:49:22 +02:00
0d76341eac
Remove md_info by md_type in ecjpake context, use mbedtls_hash_info_get_size() to get hash length
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com >
2022-08-19 11:49:22 +02:00
bc3906c58f
pem_pbkdf1(): optimize psa version
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:36:57 +02:00
bf01c64e9d
oid.c: unify dependencies (VIA_MD_OR_PSA->VIA_LOWLEVEL_OR_PSA)
...
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing reference -> drivers ***
x509parse: total 723; skipped 89 -> 89
x509write: total 41; skipped 3 -> 3
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
4146525ce9
Fix compilation guard (comment)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
0cd6f08e6f
pem.c: fix style issues (redundant spaces)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
d23a4efe2c
pem.c: remove redundant compilation guard
...
If MBEDTLS_MD5_C is not defined MBEDTLS_USE_PSA_CRYPTO must be defined due to PEM_RFC1421.
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing reference -> drivers ***
x509parse: total 723; skipped 89 -> 89
x509write: total 41; skipped 3 -> 3
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
c410ccc528
Include psa/crypto.h in legacy_or_psa.h
...
It is needed for PSA_WANT_ALG_xxxx symbols
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing reference -> drivers ***
x509parse: total 723; skipped 89 -> 89
x509write: total 41; skipped 3 -> 3
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
4092ff9ba9
pem.c: add internal macro to increase code readability
...
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing reference -> drivers ***
x509parse: total 723; skipped 89 -> 89
x509write: total 41; skipped 3 -> 3
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
829e97d029
Fix include order
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
76b753bbb7
Change the dependencies in pem.c to xxx_BASED_ON_USE_PSA and related files
...
This is done to be able to bild test_psa_crypto_config_accel_hash component where MD5 is only available accelerated (PSA_WANT_ALG_MD5 is enabled and MBEDTLS_MD5_C is disabled) but MBEDTLS_USE_PSA_CRYPTO is disabled.
So the build should not attempt to enable pem_pbkdf1.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
81799fd9d8
pem.c, test_suite_pem: fix dependency MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA->MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
...
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing reference -> drivers ***
x509parse: total 723; skipped 89 -> 89
x509write: total 41; skipped 3 -> 3
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
be92bee58a
pem.c: Fix conditional compilation flags
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
a68d08f7d1
pem.c: adjust for bulid without md
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
de81028f00
Adjust dependencies in library/oid.c
...
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
fd18366965
Adjust declared dependencies in library/x509*
...
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-08-19 10:15:56 +02:00
f3f6b0a5c3
Merge pull request #6123 from yuhaoth/pr/finialize-tls13-serialize_session_save_load
...
TLS 1.3:finalize tls13 serialize session save and load
2022-08-19 08:16:05 +02:00
70dfd4c8ac
ssl_tls12_server: fix potential NULL-dereferencing if local certificate was not set.
...
Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com >
2022-08-18 14:39:37 -07:00
583816caaf
Be explicit about constant time bignum functions that must take a 0 or 1 condition value
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2022-08-18 14:09:18 +01:00
92cd8642fa
Merge pull request #6090 from hanno-arm/fix_bnmul_arm_v7a
...
Remove encoding width suffix from Arm bignum assembly
2022-08-18 08:48:03 +01:00
