lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-22 14:40:58 +03:00
Code Activity
31,433 Commits 172 Branches 268 Tags
5fbb0e882942b965995a70cd30c38a39cb6475dd
Commit Graph

419 Commits

Author SHA1 Message Date
Janos Follath
5f316972b2 Add header for mbedtls_mpi_exp_mod_unsafe() 
To silence no previous prototype warnings. And this is the proper way to
do it anyway.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-08-22 15:00:09 +01:00
Janos Follath
82976f3548 Make mbedtls_mpi_exp_mod_unsafe internal 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-08-22 13:00:12 +01:00
Janos Follath
9d72df8e6d Optimise public RSA operations 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-08-15 16:06:19 +01:00
Valerio Setti
e700d8086e rsa: rsa_rsassa_pss_sign() to check MD alg both in parameters and RSA context 
This helps fixing a disparity between the legacy and the USE_PSA
case for rsa_sign_wrap() in pk_wrap.c.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-11 11:34:58 +01:00
Manuel Pégourié-Gonnard
a7f651cf16 Merge pull request #8804 from valeriosetti/issue8799 
mbedtls_rsa_parse_key and mbedtls_rsa_parse_pubkey accept trailing garbage
 2024-02-20 11:58:52 +00:00
Valerio Setti
7e1596d24c rsa: remove leftovers from mbedtls_rsa_parse_[pub]key() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-20 10:23:49 +01:00
Gilles Peskine
19f1adfc69 New function mbedtls_rsa_get_bitlen() 
Document, implement and test mbedtls_rsa_get_bitlen().

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-12 11:23:05 +01:00
Valerio Setti
9de84bd677 rsa: reject buffers with data outside main SEQUENCE when parsing keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-09 06:42:18 +01:00
Manuel Pégourié-Gonnard
7bf1e98f44 Merge pull request #8740 from valeriosetti/issue8647 
Move RSA basic key parsing/writing to rsa.c
 2024-02-08 08:35:42 +00:00
Valerio Setti
447bbce8b4 rsa: remove unnecessary check in priv/pub key parsing 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-07 08:02:03 +01:00
Valerio Setti
fe329cea3f rsa: handle buffer length similarly in private and public key parsing 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-06 08:00:18 +01:00
Valerio Setti
201e643509 rsa: simplify mbedtls_rsa_parse_pubkey() input parameters 
In this way mbedtls_rsa_parse_pubkey() and mbedtls_rsa_parse_key()
input parameter list is the same.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-01 17:19:37 +01:00
Valerio Setti
135ebde273 rsa: rename parse/write functions in order to follow the standard format 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-01 17:00:29 +01:00
Valerio Setti
44ff9506dd rsa: set parse/write functions out of !RSA_ALT guard 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-01 16:58:36 +01:00
Valerio Setti
a5f36fcaae rsa: write documentation of new functions for parse/writing RSA priv/pub keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 12:36:37 +01:00
Valerio Setti
dccfd3612d rsa: update return values of priv/pub parse/write functions 
The goal is to remove usage of PK return values in order to
completely eliminate that dependency.
This commit also updates pkparse and test_suite_x509parse to
align with this change in return values.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 12:36:34 +01:00
Dave Rodgman
13f2f4e7f1 Merge remote-tracking branch 'restricted/development' into mbedtls-3.5.2rc 2024-01-24 09:49:15 +00:00
Valerio Setti
b328c44932 pk/rsa: move RSA parse/write private/public key functions to rsa module 
These functions are meant to be used internally, so their prototype
declaration is kept into rsa_internal.h.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-23 15:18:57 +01:00
Janos Follath
b4b8f3df3b RSA: improve readability 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
47ee770812 RSA: remove unneeded temporaries 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
e6750b2a0b RSA: document Montgomery trick in unblind 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
a62a554071 Fix style 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
100dcddfca Make local function static 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
6bcbc925bf Extend blinding to RSA result check 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
d6b096532c Make RSA unblinding constant flow 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Tomi Fontanilles
573dc23141 rsa: introduce rsa_internal_rsassa_pss_sign_no_mode_check() 
And use it in the non-PSA version of mbedtls_pk_sign_ext()
to bypass checks that didn't succeed when used by TLS 1.3.

That is because in the failing scenarios the padding of
the RSA context is not set to PKCS_V21.

See the discussion on PR #7930 for more details.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Dave Rodgman
e4a6f5a7ec Use size_t cast for pointer subtractions 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman
e3c05853d6 Header updates 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:21:36 +00:00
Dave Rodgman
16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
Valerio Setti
02a634decd md: remove unnecessary inclusions of mbedtls/md.h 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-11 13:15:58 +02:00
Dave Rodgman
d03f483dbe Use mbedtls_ct_error_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 10:01:47 +01:00
Dave Rodgman
7ad37e40a6 Remove use of mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 21:53:31 +01:00
Dave Rodgman
61f1beaccf Update library to use mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 19:23:17 +01:00
Dave Rodgman
1a404e8f34 Use mbedtls_ct_error for CT error selection 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 13:12:28 +01:00
Dave Rodgman
c62f7fcce9 Use more meaningful variable name in mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Dave Rodgman
e94cd0b99b Correct use of mbedtls_ct_mpi_uint_if_else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Dave Rodgman
b4e6b41aa0 Use const-time interface throughout mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:34:06 +01:00
Dave Rodgman
66d6ac92e6 Use mbedtls_ct_memcmp in mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 09:10:59 +01:00
Dave Rodgman
98ddc01a7c Rename ...if0 to ...else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:11:31 +01:00
Dave Rodgman
b7825ceb3e Rename uint->bool operators to reflect input types 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 11:58:18 +01:00
Dave Rodgman
c98f8d996a Merge branch 'development' into safer-ct5 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-07 11:47:35 +01:00
Dave Rodgman
6f80ac4979 Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size 
Enforce minimum key size when generating RSA key size
 2023-08-03 12:57:52 +00:00
Dave Rodgman
1d4d944e19 Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free 
Provide and use internal function mbedtls_zeroize_and_free()
 2023-08-03 12:56:21 +00:00
Waleed Elmelegy
d7bdbbeb0a Improve naming of mimimum RSA key size generation configurations 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-27 14:50:09 +00:00
Waleed Elmelegy
76336c3e4d Enforce minimum key size when generating RSA key size 
Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-27 10:58:25 +00:00
Tom Cosgrove
ca8c61b815 Provide and use internal function mbedtls_zeroize_and_free() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-07-17 15:17:40 +01:00
Agathiyan Bragadeesh
01ed84a1f3 Add type casts in rsa.c 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 15:14:42 +01:00
Dave Rodgman
c216d94560 Merge remote-tracking branch 'origin/development' into safer-ct5 2023-06-13 10:36:37 +01:00
Manuel Pégourié-Gonnard
28f504e892 Use PSA-neutral function for availability check 
We just want to check if this hash is available, and the check is
present in builds both with PSA and without it. The function we were
using is only present in builds with PSA, so it wasn't appropriate.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
6076f4124a Remove hash_info.[ch] 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-06 10:33:54 +02:00