lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity
18,910 Commits 174 Branches 272 Tags
a4e15cc0d56e01dbf6dff9b4bb47c54e82a32bec
Commit Graph

616 Commits

Author SHA1 Message Date
Przemek Stekiel
a4e15cc0d5 Fix comment: add fields size 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-16 11:32:42 +01:00
Przemek Stekiel
855938e17d Move mbedtls_ecdh_setup() to no-psa path 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-16 11:29:29 +01:00
Przemek Stekiel
338b61d6e4 Fix code style 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-16 11:24:09 +01:00
Przemek Stekiel
ce1d792315 Remove duplicated code 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-14 16:16:25 +01:00
Przemek Stekiel
fc91a1f030 Use PSA for private key generation and public key export only for ECDHE keys 
This should be cleaned when server-side static ECDH (1.2) support is added (#5320).

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-14 12:05:27 +01:00
Przemek Stekiel
a21af3da00 Use mbedtls_psa_parse_tls_ecc_group() instead PSA_KEY_TYPE_ECC_KEY_PAIR( mbedtls_ecc_group_to_psa() ) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-14 10:09:13 +01:00
Przemek Stekiel
0a60c129de Add intermediate variables to increase code readability 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-14 09:54:51 +01:00
Przemek Stekiel
e9f00445bc Destroy ecdh_psa_privkey on failure 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-14 09:42:32 +01:00
Przemek Stekiel
130c4b5567 Use PSA version of key agreement only for ECDHE keys 
This should be cleaned when server-side static ECDH (1.2) support is added (#5320).

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-14 09:18:24 +01:00
Przemek Stekiel
fd32e9609b ssl_parse_client_key_exchange(): read the curve identifier and the peer's public key and compute the shared secret using PSA 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-09 16:01:59 +01:00
Przemek Stekiel
b6ce0b6cd8 ssl_prepare_server_key_exchange(): generate a private/public key and write out the curve identifier and public key using PSA 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-09 16:01:50 +01:00
Jerry Yu
e754193e87 Remove guard inside ssl_srv.c 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Jerry Yu
fb4b6478ee tls13_only: improve guards of files. 
To improve readability of the preprocess guards.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Jerry Yu
c5aef88be6 tls13_only: guard ssl_{cli,srv}.c with TLS1_2 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Jerry Yu
c3091b1c8c tls13_only: compile pass 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Przemyslaw Stekiel
8c010eb467 Fix comments, code style, remove debug code 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-03 14:55:24 +01:00
Przemyslaw Stekiel
2c87a200a3 ssl_write_encrypt_then_mac_ext(): adapt to psa crypto 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-01-31 15:39:24 +01:00
Jerry Yu
971988528d fix coding style issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
eb821c6916 remove check_sig_hash 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
24811fb2e0 replace check_sig_hash with is_offered 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
1bab301c0d Add signature algorithm supported check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
713013fa80 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
6106fdc085 fix build fail without TLS13 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
1abd1bc22f Change write_sig_alg_ext of tls12 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
0e5bcb6bf5 Replace directly access for sig_hashes 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:16 +08:00
Jerry Yu
18cd43909b Align signature_algorithms extension name 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:16 +08:00
Jerry Yu
d491ea4f18 fix comment issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-13 16:15:25 +08:00
Jerry Yu
b925f21806 fix comment issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-12 11:17:02 +08:00
Jerry Yu
ffef9c52d4 fix alignment issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-24 22:31:08 +08:00
Jerry Yu
b47d0f893e Replace SUPPORTED_ELLIPTIC_CURVES with SUPPORTED_GROUPS 
According to RFC7919 and RFC8442 , they are same.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-20 17:38:50 +08:00
Ronald Cron
69a63426af psa: Fix the size of hash buffers 
Fix the size of hash buffers for PSA hash
operations.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-03 18:55:33 +01:00
Gabor Mezei
be7b21da22 Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module 2021-11-24 10:44:13 +01:00
Brett Warren
01f3dae3f3 Refactor elliptic curve extension for NamedGroups 
The refactoring is needed for the group api to work
properly. Code is modified to use mbedtls_get_supported_groups
instead of direct access so that both deprecated and new api
are useable.

Signed-off-by: Brett Warren <brett.warren@arm.com>
 2021-10-29 14:07:46 +01:00
Gabor Mezei
22c9a6fccc Rename internal header constant_time.h to constant_time_internal.h 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-20 12:15:20 +02:00
Gabor Mezei
90437e3762 Rename constant-time functions to have mbedtls_ct prefix 
Rename functions to better suite with the module name.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-20 11:59:27 +02:00
Gabor Mezei
765862c4f3 Move mbedtls_cf_memcmp to a new public header 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2021-10-19 12:22:25 +02:00
Jerry Yu
d96a5c2d86 Fix wrong usage of counter len macro 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-29 17:46:51 +08:00
gabor-mezei-arm
9cb55698aa Propagate usage of mask generation functions 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:42:19 +02:00
gabor-mezei-arm
4602564d7a Unify memcmp functions 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:33:47 +02:00
gabor-mezei-arm
db9a38c672 Move contatnt-time memcmp functions to the contant-time module 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-09-28 16:16:14 +02:00
Jerry Yu
d9a94fe3d0 Add counter length macro 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-28 20:10:26 +08:00
Jerry Yu
957f0fa1f7 Add length macro for in_ctr 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-09-27 16:34:58 +08:00
Joe Subbiani
94180e708f Minor coding style improvement 
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-08-20 16:20:44 +01:00
Joe Subbiani
e4603eece9 Compress byte reading macros in if statements 
exchange MBEDTLS_BYTE_x in if statements with MBEDTLS_GET_UINT16_BE

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-08-20 13:05:30 +01:00
Joe Subbiani
1f6c3aeb63 Tidy up ssl_*.c grouped MBEDTLS_BYTE_x macros 
exchange groups of the byte reading macros with MBEDTLS_PUT_UINTxyz
and then shift the pointer afterwards. Easier to read as you can
see how big the data is that you are putting in, and in the case of
UINT32 AND UINT64 it saves some vertical space.

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-08-20 12:19:57 +01:00
Joe Subbiani
6dd7364553 Replace instances of byte reading macros with PUT 
Instances of a group of byte reading macros which are equivilant to
MBEDTLS_PUT_UINTx_yz

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-08-19 09:57:41 +01:00
Joe Subbiani
fbeb692dd0 Use byte reading macros in places not using a byte mask 
byte shifting opertations throughout library/ were only replaced with
the byte reading macros when an 0xff mask was being used.
The byte reading macros are now more widley used, however they have not
been used in all cases of a byte shift operation, as it detracted from
the immediate readability or otherwise did not seem appropriate.

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-08-19 09:56:47 +01:00
Joe Subbiani
2194dc477a Replace MBEDTLS_CHAR_x with MBEDTLS_BYTE_x 
The CHAR macros casted to an unsigned char which in this project
is garunteed to be 8 bits - the same as uint8_t (which BYTE casts
to) therefore, instances of CHAR have been swapped with BYTE and
the number of macros have been cut down

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-08-19 09:56:47 +01:00
Joe Subbiani
cd84d76e9b Add Character byte reading macros 
These cast to an unsigned char rather than a uint8_t
like with MBEDTLS_BYTE_x
These save alot of space and will improve maintence by
replacing the appropriate code with MBEDTLS_CHAR_x

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
 2021-08-19 09:55:41 +01:00
Hanno Becker
41934dd20a Share preparatory code between client and server handshake steps 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-07 19:13:43 +01:00