lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-26 13:21:03 +03:00
Code Activity
22,161 Commits 174 Branches 272 Tags
351e6885f55fd6354b57b51a5dbaadf3231aa7c8
Commit Graph

9776 Commits

Author SHA1 Message Date
Gilles Peskine
22cdd0ccd3 Update some internal comments 
The refactoring of fill_random had left some obsolete bits in comments.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-02 16:00:01 +01:00
Gilles Peskine
009d195a56 Move mbedtls_mpi_core_fill_random to the proper .c file 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-02 16:00:01 +01:00
Gilles Peskine
5980f2bd36 Implement mbedtls_mpi_core_fill_random 
Turn mpi_fill_random_internal() into mbedtls_mpi_core_fill_random(). It
had basically the right code except for how X is passed to the function.

Write unit tests.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-02 15:59:36 +01:00
Gilles Peskine
909e03c52f Bignum core: fill_random: prototype 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-02 15:59:16 +01:00
Janos Follath
f1ed5815ba Merge pull request #6512 from yanesca/extract_uint_table_lookup_core 
Implement mbedtls_mpi_core_ct_uint_table_lookup()
 2022-11-02 13:58:19 +00:00
Jerry Yu
df0ad658a3 tls13: Add allowed extesions constants. 
- And refactor check_received_extension

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-02 21:35:27 +08:00
Dave Rodgman
90c6836271 Merge pull request #6524 from daverodgman/fix-duplicate-header 
Remove duplicate function prototype
 2022-11-02 13:06:08 +00:00
Dave Rodgman
0877dc8f55 Improve documentation for psa_crypto_cipher.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-02 09:29:50 +00:00
Dave Rodgman
1630447eed Move declaration of mbedtls_cipher_info_from_psa into psa_crypto_cipher.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-02 09:25:38 +00:00
Dave Rodgman
ba864848e7 Remove duplicate function prototype 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 16:41:09 +00:00
Dave Rodgman
29b9b2b699 Fix zeroization at NULL pointer 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-11-01 16:08:14 +00:00
Janos Follath
8904a2db29 mpi_core_ct_uint_table_lookup: style and docs 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-10-31 16:51:56 +00:00
Dave Rodgman
e8734d8a55 Apply suggestions from code review 
Two spelling fixes (changelog & a comment)

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-10-31 14:30:24 +00:00
Dave Rodgman
55fd0b9fc1 Merge pull request #6121 from daverodgman/pr277 
cert_write - add a way to set extended key usages - rebase
 2022-10-31 13:27:49 +00:00
Janos Follath
e50f2f1a8e Add mbedtls_mpi_core_ct_uint_table_lookup 
This will be needed for extracting modular exponentiation from the
prototype. The function signature is kept aligned to the prototype, but
the implementation is new. (The implementation of this function in the
prototype has further optimisations which are out of scope for now.)

The function is not reused in the bignum counterpart as it will become
redundant soon.

This function is meant to be static, but doesn't have the qualifier as
it is not used yet and would cause compiler warnings. The
MBEDTLS_STATIC_TESTABLE macro will be added in a later commit.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-10-31 11:32:55 +00:00
Janos Follath
2dc2757cca Merge pull request #6457 from minosgalanakis/minos/6017_update_modulus_lifecycle 
Bignum: Updated the modulus lifecyle
 2022-10-31 11:28:37 +00:00
Dave Rodgman
1a22bef116 Merge pull request #6190 from daverodgman/invalid-ecdsa-pubkey 
Improve ECDSA verify validation
 2022-10-31 09:37:26 +00:00
Jerry Yu
7a485c1fdf Add ext id and utilities 
- Remove `MBEDTLS_SSL_EXT_*`
- Add macros and functions for translating iana identifer.
- Add internal identity for extension

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
c4bf5d658e fix various issues 
- Signature of
  - mbedtls_tls13_set_hs_sent_ext_mask
  - check_received_extension and issues
- Also fix comment issue.
- improve readablity.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
03112ae022 change input extension_type 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
0c354a211b introduce sent/recv extensions field 
And remove `extensions_present`

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
ffa1582793 move get_extension mask 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
9872eb2d69 change return type for unexpected extension 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
43ff252688 Remove unnecessary checks. 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
d15992d3ce fix wrong setting of unrecognized ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
6ba9f1c959 Add extension check for NewSessionTicket 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
2c5363e58b Add extension check for ServerHello and HRR 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
2eaa76044b Add extension check for Certificate 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
c55a6af9eb Add extensions check for CertificateRequest 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
cbd082f396 Add extension check for EncryptedExtensions 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
e18dc7eb9a Add forbidden extensions check for ClientHello 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
471dee5a12 Add debug helpers to track extensions 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-31 16:41:42 +08:00
Jerry Yu
def7ae4404 Add auth mode check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-30 17:57:06 +08:00
Glenn Strauss
7db3124c00 Skip asn1 zeroize if freeing shallow pointers 
This skips zeroizing additional pointers to data.
(Note: actual sensitive data should still be zeroized when freed.)

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-10-28 12:51:35 -04:00
Glenn Strauss
a4b4041219 Shared code to free x509 structs 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-10-28 12:51:35 -04:00
Ronald Cron
04e2133f45 Merge pull request #6482 from ronald-cron-arm/tls13-misc 
TLS 1.3: Update documentation for the coming release and misc
 2022-10-28 11:09:03 +02:00
Gilles Peskine
75c4eaf1f8 Merge pull request #5841 from aurel32/ecp_mul_mxz-timing-leak 
Fix a timing leak in ecp_mul_mxz()
 2022-10-27 19:46:48 +02:00
Minos Galanakis
4d4c98b1b9 bignum_mod: mbedtls_mpi_mod_modulus_setup() refactoring. 
This patch addresses more review comments, and fixes
a circular depedency in the `mbedtls_mpi_mod_modulus_setup()`.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2022-10-27 17:47:26 +01:00
Minos Galanakis
771c47055f bignum_mod: Style changes 
This patch addresses review comments with regards to style of
`mbedtls_mpi_mod_modulus_setup/free()`.

It also removes a test check which was triggering a use-after-free.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2022-10-27 12:36:24 +01:00
Minos Galanakis
8b33363315 bignum_mod: Updated modulus lifecycle with mm and rr. 
This patch updates the `mbedtls_mpi_mod_modulus_setup/free()`
methods to precalculate mm and rr(Montgomery const squared) during
setup and zeroize it during free.

A static `set_mont_const_square()` is added to manage the memory allocation
and parameter checking before invoking the
`mbedtls_mpi_core_get_mont_r2_unsafe()`

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2022-10-27 11:43:54 +01:00
Minos Galanakis
760f5d6b6b bignum_mod: Updated mbedtls_mpi_mod_modulus_setup/free with new fields 
At the current state, those fields are initialised to 0, NULL.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2022-10-27 11:43:54 +01:00
Hanno Becker
cd860dfe02 bignum_mod: Added Montgomery constants 
This patch adds the Montgomery constants to the `mbedtls_mpi_mont_struct`.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2022-10-27 11:43:54 +01:00
Gilles Peskine
9603daddaa Merge pull request #6230 from tom-cosgrove-arm/issue-6223-core-add 
Bignum: extract core_add from the prototype
 2022-10-27 11:25:27 +02:00
Ronald Cron
77e15e8a2c Merge pull request #6460 from xkqian/tls13_add_early_data_preparatory 
Internal and Open CI merge job ran successfully. Good to go.
 2022-10-27 10:40:56 +02:00
Gilles Peskine
88f5fd9099 Merge pull request #6479 from AndrzejKurek/depends-py-no-psa 
Enable running depends.py in a configuration without MBEDTLS_USE_PSA_CRYPTO and remove perl dependency scripts
 2022-10-26 20:02:57 +02:00
Gilles Peskine
d4d080b41b Merge pull request #6407 from minosgalanakis/minos/6017_add_montgomery_constant_squared 
Bignum: Added pre-calculation of Montgomery constants
 2022-10-26 14:28:16 +02:00
Ronald Cron
4f7feca0dc Merge pull request #6391 from davidhorstmann-arm/fix-x509-get-name-cleanup 
The Open CI ran successfully thus I think we can ignore the internal CI.
 2022-10-26 14:27:54 +02:00
Xiaokang Qian
72dbfef6e4 Improve coding styles 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-26 06:33:57 +00:00
Ronald Cron
eac00ad2a6 tls13: server: Note down client not being authenticated in SSL context 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-10-25 20:02:03 +02:00
Gilles Peskine
744fd37d23 Merge pull request #6467 from davidhorstmann-arm/fix-unusual-macros-0 
Fix unusual macros
 2022-10-25 19:55:29 +02:00