lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity
20,291 Commits 176 Branches 276 Tags
202919c23d11e65ee23d019afaddbe68596bc6a5
Commit Graph

60 Commits

Author SHA1 Message Date
Gilles Peskine
8399cccd2e Merge pull request #5829 from paul-elliott-arm/fix_ct_uninit_memory_access 
Fix uninitialised memory access in constant time functions
 2022-06-01 11:42:51 +02:00
Paul Elliott
5260ce27ed Fix uninitialised memory access in constant time functions 
Fix an issue reported by Coverity whereby some constant time functions
called from the ssl decrypt code could potentially access uninitialised
memory.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-05-19 18:23:24 +01:00
Shaun Case
8b0ecbccf4 Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell. 
Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-05-11 21:25:51 +01:00
Neil Armstrong
9ebb9ff60c Reduce HMAC buffer usage in PSA version of mbedtls_ct_hmac() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 11:09:58 +01:00
Neil Armstrong
72c2f76c43 Assume MAC key length is always exactly the output size in PSA version of mbedtls_ct_hmac() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 11:09:36 +01:00
Neil Armstrong
36cc13b340 Use PSA defines for buffers in PSA version of mbedtls_ct_hmac() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 11:09:20 +01:00
Neil Armstrong
ae57cfd3e7 Use psa_ssl_status_to_mbedtls in PSA version of mbedtls_ct_hmac() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 10:00:10 +01:00
Neil Armstrong
28d9c631b8 Fix comments in PSA version of mbedtls_ct_hmac() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-18 10:00:10 +01:00
Neil Armstrong
6958bd0206 Clean aux_out in PSA version of mbedtls_ct_hmac() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-02 15:37:11 +01:00
Neil Armstrong
2968d306e4 Implement mbedtls_ct_hmac() using PSA hash API 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-25 15:16:50 +01:00
Tautvydas Žilys
40fc7da101 Cap the workaround for mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to MSVC versions prior to 17.1. 
Signed-off-by: Tautvydas Žilys <tautvydas.zilys@gmail.com>
 2022-01-31 13:34:01 -08:00
Tautvydas Žilys
60165d7708 Don't inline mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to avoid a compiler bug. 
Signed-off-by: Tautvydas Žilys <tautvydas.zilys@gmail.com>
 2022-01-26 15:44:10 -08:00
Gabor Mezei
a09697527b Add documentation for the functions 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-11-26 17:25:14 +01:00
Gabor Mezei
14d5fac11d Unify function parameters 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-11-26 17:23:26 +01:00
Gabor Mezei
c0d8dda60d Make mbedtls_ct_uchar_mask_of_range function static 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-11-26 17:20:36 +01:00
Gabor Mezei
358829abc9 Move mbedtls_ct_base64_dec_value function to the constant-time module 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-11-26 17:14:52 +01:00
Gabor Mezei
9a4074aa1e Move mbedtls_ct_base64_enc_char function to the constant-time module 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-11-26 17:14:21 +01:00
Gabor Mezei
28d611559e Move mbedtls_ct_uchar_mask_of_range function to the constant-time module 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-11-26 17:09:38 +01:00
Gabor Mezei
642eeb2879 Fix documentation and comments 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-11-03 16:13:32 +01:00
Gabor Mezei
22c9a6fccc Rename internal header constant_time.h to constant_time_internal.h 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-20 12:15:20 +02:00
Gabor Mezei
90437e3762 Rename constant-time functions to have mbedtls_ct prefix 
Rename functions to better suite with the module name.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-20 11:59:27 +02:00
Gabor Mezei
6a426c9f9f Bind functions' availability for config options 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-20 11:17:43 +02:00
Gabor Mezei
765862c4f3 Move mbedtls_cf_memcmp to a new public header 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-19 12:22:25 +02:00
Gabor Mezei
e212379810 Bind functions' availability for config options 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-18 19:38:02 +02:00
Gabor Mezei
949455892f Remove unused function 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-18 17:02:29 +02:00
Gabor Mezei
a2d0f90c5a Make functions static 
These functions are only used as an auxiliary function for constant-time functions.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-18 16:56:50 +02:00
Gabor Mezei
a316fc8eb0 Update documentation and comments 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-18 16:39:13 +02:00
Gabor Mezei
63bbba5c13 Rename and reorder function parameters 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-18 16:39:13 +02:00
Gabor Mezei
7013f62ee5 Use condition for not sensitive data 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-18 16:39:13 +02:00
Gabor Mezei
eab90bcc36 Move implementation specific comment 
This comment is about how the functions are implemented, not about their
public interface, so it doesn't belong in the header file.
It applies to everything in constant_time.c so moved there.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-18 16:39:13 +02:00
Gabor Mezei
1e64261da5 Make mbedtls_cf_size_mask_lt function static 
The mbedtls_cf_size_mask_lt is solely used as an auxiliary function
for mbedtls_cf_size_mask_ge.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-18 16:39:13 +02:00
gabor-mezei-arm
5b3a32d883 Fix missing includes 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-29 10:53:55 +02:00
gabor-mezei-arm
90d96cc741 Add documentation for the functions 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 17:07:51 +02:00
gabor-mezei-arm
b11a56e34c Unify equality checker functions return value 
The equality checker functions always return 0 or 1 value,
thus the type of return value can be the same dispite of the
size of the parameters.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:42:19 +02:00
gabor-mezei-arm
9cb55698aa Propagate usage of mask generation functions 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:42:19 +02:00
gabor-mezei-arm
396438c57b Unify mask generation functions 
Generate all-bits 0 or all bits 1 mask from a value instead of from a bit.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:42:19 +02:00
gabor-mezei-arm
87ac5bef97 Unify function parameters 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:42:16 +02:00
gabor-mezei-arm
4602564d7a Unify memcmp functions 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:33:47 +02:00
gabor-mezei-arm
2dcd7686ce Typo: Unify indentation of function parameters 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:33:44 +02:00
gabor-mezei-arm
fdb71183f8 Move mbedtls_cf_rsaes_pkcs1_v15_unpadding function to the constant-time module 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:28:45 +02:00
gabor-mezei-arm
65cefdbfcb Create mbedtls_cf_size_if function 
Add a constant-time function with size_t parameter for choosing
between two integer values, like the ?: ternary operator.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:28:44 +02:00
gabor-mezei-arm
c29a3da599 Move mbedtls_mpi_lt_mpi_ct function to the constant-time module 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:28:44 +02:00
gabor-mezei-arm
5c97621215 Move mbedtls_mpi_safe_cond_swap function to the constant-time module 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:28:44 +02:00
gabor-mezei-arm
40a4925128 Move mbedtls_mpi_safe_cond_assign function to the constant-time module 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:28:44 +02:00
gabor-mezei-arm
1349ffde84 Move mbedtls_cf_hmac function to the constant-time module 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:28:44 +02:00
gabor-mezei-arm
0e7f71e1a9 Move mbedtls_cf_memcpy_offset function to the constant-time module 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:28:44 +02:00
gabor-mezei-arm
dee0fd33f1 Move mbedtls_cf_memcpy_if_eq function to the constant-time module 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:28:43 +02:00
gabor-mezei-arm
394aeaaefb Move mbedtls_cf_mem_move_to_left function to the constant-time module 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:28:41 +02:00
gabor-mezei-arm
be8d98b0be Move mbedtls_cf_mpi_uint_cond_assign function to the constant-time module 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:23:57 +02:00
gabor-mezei-arm
d3230d533c Move mbedtls_cf_cond_select_sign function to the constant-time module 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:21:10 +02:00