lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity
20,713 Commits 174 Branches 272 Tags
8b718b5a6663609b1ae29e2d2ec661cac38a8cad
Commit Graph

9147 Commits

Author SHA1 Message Date
Janos Follath
8b718b5a66 Add bounds check to residue input 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-05 17:08:52 +01:00
Janos Follath
23bdeca64d Add core constant time comparison 
Unfortunately reusing the new function from the signed constant time
comparison is not trivial.

One option would be to do temporary conditional swaps which would prevent
qualifying input to const. Another way would be to add an additional
flag for the sign and make it an integral part of the computation, which
would defeat the purpose of having an unsigned core comparison.

Going with two separate function for now and the signed version can be
retired/compiled out with the legacy API eventually.

The new function in theory could be placed into either
`library/constant_time.c` or `library/bignum_new.c`. Going with the
first as the other functions in the second are not constant time yet and
this distinction seems more valuable for new (as opposed to belonging to
the `_core` functions.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-05 17:08:52 +01:00
Janos Follath
5f016650d7 Reuse Bignum core I/O functions 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-05 17:08:52 +01:00
Janos Follath
91dc67d31c Allow (NULL, 0) as a representation of 0 
- We don't check for NULL pointers this deep in the library
- Accessing a NULL pointer when the limb number is 0 as a mistake is the
  very similar to any other out of bounds access
- We could potentially mandate at least 1 limb representation for 0 but
  we either would need to enforce it or the implementation would be less
  robust.
- Allowing zero limb representation - (NULL, 0) in particular - for zero
  is present in the legacy interface, if we disallow it, the
  compatibility code will need to deal with this (more code size and
  opportunities for mistakes)

In summary, interpreting (NULL, 0) as the number zero in the core
interface is the least of the two evils.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-05 17:08:52 +01:00
Janos Follath
4670f88991 Reuse Bignum helper functions 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-05 17:08:52 +01:00
Janos Follath
4614b9ad1b Move Bignum macros to common header 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-05 17:08:52 +01:00
Janos Follath
f1d617deb8 Add tests for big endian core I/O 
The test case where there were extra limbs in the MPI failed and this
commit contains the corresponding fix as well. (We used to use the
minimum required limbs instead of the actual limbs present.)

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-05 17:06:31 +01:00
Janos Follath
ba5c139e4c Add more validation to modulus life cycle 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-05 17:03:56 +01:00
Janos Follath
281ccda8a5 Clean up mpi_mod_init/free 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-05 17:03:56 +01:00
Janos Follath
5005edb36c Fix typos 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-05 17:03:56 +01:00
Gabor Mezei
c5328cf9a6 Add a set of I/O functions for the modulus structure 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-05 17:03:56 +01:00
Gabor Mezei
b903070cec Add a set of I/O functions 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-05 17:03:56 +01:00
Gabor Mezei
0c655572dc Build the new bignum_new.c file 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-05 17:03:56 +01:00
Gabor Mezei
f049dbfe94 Add the new modulus and the residue structures 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-05 17:03:56 +01:00
Gilles Peskine
b3edc1576c Merge pull request #2602 from edsiper/crt-symlink 
x509_crt: handle properly broken links when looking for certificates
 2022-08-03 13:05:29 +02:00
Gilles Peskine
07e7fe516b Merge pull request #6088 from tuvshinzayaArm/validation_remove_change_curve 
Validation remove and change in files related to curve in library
 2022-08-03 13:05:16 +02:00
Gilles Peskine
7e1ee0f04b Merge pull request #6114 from mman/development 
Use double quotes to include private header file psa_crypto_cipher.h
 2022-08-03 13:04:57 +02:00
Martin Man
4741e0b56c Use double quotes to include private header file psa_crypto_cipher.h 
Signed-off-by: Martin Man <mman@martinman.net>
Co-authored-by: Tom Cosgrove <81633263+tom-cosgrove-arm@users.noreply.github.com>
 2022-08-02 12:44:35 +02:00
Dave Rodgman
919ff15ecf Merge pull request #4686 from Kazuyuki-Kimura/patch_#2020 
Fixed a bug that the little-endian Microblaze does not work when MBEDTLS_HAVE_ASM is defined
 2022-07-29 17:08:11 +01:00
Dave Rodgman
27036c9e28 Merge pull request #6142 from tom-cosgrove-arm/fix-comments-in-docs-and-comments 
Fix a/an typos in doxygen and other comments
 2022-07-29 12:59:05 +01:00
Tuvshinzaya Erdenekhuu
86669de348 Broke 2 long lines 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-07-28 10:31:16 +01:00
Dave Rodgman
aba26d0099 Merge pull request #5963 from tom-daubney-arm/remove_ssl_compression_new 
Remove use of SSL session compression
 2022-07-28 10:28:23 +01:00
Manuel Pégourié-Gonnard
f6b8c3297a Merge pull request #6065 from mpg/explore2 
Driver-only hashes: RSA 1.5 and PK + strategy doc
 2022-07-28 10:43:38 +02:00
Tom Cosgrove
ce7f18c00b Fix a/an typos in doxygen and other comments 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-07-28 05:50:56 +01:00
Manuel Pégourié-Gonnard
68429fc44d Fix a few more typos 
Update link while at it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-27 20:44:02 +02:00
Tuvshinzaya Erdenekhuu
22f3654324 Remove NULL pointer validation in ecp.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-07-27 15:21:48 +01:00
Tuvshinzaya Erdenekhuu
a891f83803 Re-introduce ENUM validation in ecjpake.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-07-27 15:20:08 +01:00
Tuvshinzaya Erdenekhuu
2b1ecdaf4e Remove NULL pointer validation in ecjpake.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-07-27 15:20:08 +01:00
Tuvshinzaya Erdenekhuu
f69cac784a Reintroduce enum validation ecdh.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-07-27 14:43:38 +01:00
Tuvshinzaya Erdenekhuu
7857caadcd Remove NULL pointer validation in ecdh.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-07-27 14:40:47 +01:00
Tuvshinzaya Erdenekhuu
375950f119 Remove NULL pointer validations in ecdsa.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-07-27 14:28:20 +01:00
Thomas Daubney
31e03a8e15 Replace hard-coded zeroes for constant 
Replace two occurances of hard-coded zero for
MBEDTLS_SSL_COMPRESS_NULL in TLS 1.3 code.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-07-26 16:13:23 +01:00
Thomas Daubney
54e38ea9cd Remove remaining references to compression in docs 
Some references to compression exist in the docs.
This commit removes those instances.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-07-26 16:13:23 +01:00
Thomas Daubney
20f89a9605 Remove uses of SSL compression 
Remove or modify current uses of session compression.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-07-26 16:13:03 +01:00
Manuel Pégourié-Gonnard
de9ffe37ab Fix typos in hash_info.[ch] 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-26 10:20:52 +02:00
Ronald Cron
e579ece305 Merge pull request #6087 from yuhaoth/pr/add-tls13-serialize_session_save_load 
TLS 1.3: Add serialize session save load
I can see that https://github.com/Mbed-TLS/mbedtls/pull/6087#discussion_r927935696 and https://github.com/Mbed-TLS/mbedtls/pull/6087#discussion_r924252403 are addressed in  #6123. Thus I am ok to merge it as it is.
 2022-07-23 08:57:11 +02:00
Ronald Cron
340c559cb3 Merge pull request #6079 from yuhaoth/pr/add-tls13-parse-pre_shared_key_offered_psks 
TLS 1.3: PSK: Add parser/writer of pre_shared_key extension on server side.
 2022-07-23 08:50:45 +02:00
Jerry Yu
13ab81d5ac Add handshake failure in pre_shared_key withou psk_kex_modes 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 23:17:11 +08:00
Jerry Yu
bc7c1a4260 fix typo/format/name issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 23:09:40 +08:00
Jerry Yu
438ddd835b Add tls13 session save/load 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 23:08:43 +08:00
Jerry Yu
a66fecebe7 Add endpoint/ticket_flag field for session 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 23:08:43 +08:00
Jerry Yu
6f1db3fc92 fix format and potential non-PSK fail issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 23:05:59 +08:00
Jerry Yu
ce6ed7076a Change the order of key_exchange determine 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 21:49:53 +08:00
Jerry Yu
ba9b6e9e53 fix unkown identity case 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 21:45:05 +08:00
Jerry Yu
568ec2502a fix format/name issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 21:27:34 +08:00
Jerry Yu
2f0abc94d8 fix typo/type/format issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-22 19:34:48 +08:00
Ronald Cron
4beb870fa8 Merge pull request #6064 from xkqian/tls13_add_psk 
Add psk code to tls13 client side
 2022-07-22 11:35:05 +02:00
Dave Rodgman
a948f0588c Merge pull request #1986 from jacmet/bn_mul-fix-x86-pic-compilation-for-gcc-4 
bn_mul.h: fix x86 PIC inline ASM compilation with GCC < 5
 2022-07-21 17:34:48 +01:00
Jerry Yu
77f0148e11 Add psk/psk_ephemeral key exchange check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-21 23:27:22 +08:00
Ronald Cron
32578b3bd0 Merge pull request #6069 from yuhaoth/pr/add-tls13-write-new-session-ticket 
TLS 1.3:add tls13 write new session ticket
Validated by the internal CI and Travis.
 2022-07-21 16:17:35 +02:00