mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00

Author	SHA1	Message	Date
Gilles Peskine	db2996357c	Merge pull request #6289 from gabor-mezei-arm/6237_Add_conditional_assign_and_swap_for_bignum Bignum: Add safe conditional assign and swap for the new MPI types	2022-10-19 15:51:19 +02:00
Gabor Mezei	d7edb1d225	Initialize variable Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-10 14:32:09 +02:00
Gabor Mezei	3eff425b1a	Use only one limb parameter for assign Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:40 +02:00
Gabor Mezei	cfc0eb8d22	Remove unused parameter Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:39 +02:00
Gabor Mezei	87638a9ead	Add missing include Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:39 +02:00
Gabor Mezei	24d183aa00	Use the new swap and assign function in the old interface Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-09-30 13:36:39 +02:00
Przemek Stekiel	89ad62352d	Fix guards for mbedtls_ct_size_mask() and mbedtls_ct_memcpy_if_eq() Both functions are used when MBEDTLS_SSL_SOME_SUITES_USE_MAC is defined not MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:14 +02:00
Janos Follath	645ff5b8ff	Merge pull request #6095 from gabor-mezei-arm/6016_add_new_modulus_and_residue_structures Add the new modulus and the residue structures with low level I/O operations	2022-08-23 09:02:43 +01:00
Janos Follath	b7a88eca42	Bignum: Apply naming conventions Numbers: - A, B for mbedtls_mpi_uint* operands - a, b for mbedtls_mpi_uint operands - X or x for result - HAC references where applicable Lengths: - Reserve size or length for length/size in bytes or byte buffers. - For length of mbedtls_mpi_uint* buffers use limbs - Length parameters are qualified if possible (eg. input_length or a_limbs) Setup functions: - The parameters match the corresponding structure member's name - The structure to set up is a standard lower case name even if in other functions different naming conventions would apply Scope of changes/conventions: - bignum_core - bignum_mod - bignum_mod_raw Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-08-19 13:11:22 +01:00
Tom Cosgrove	583816caaf	Be explicit about constant time bignum functions that must take a 0 or 1 condition value Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-08-18 14:09:18 +01:00
Gabor Mezei	5a5c0c5f0a	Move the declaration of variables to their scope of usage Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-08-12 15:40:09 +02:00
Janos Follath	6318468183	Improve bignum documentation Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-08-11 17:42:59 +01:00
Janos Follath	23bdeca64d	Add core constant time comparison Unfortunately reusing the new function from the signed constant time comparison is not trivial. One option would be to do temporary conditional swaps which would prevent qualifying input to const. Another way would be to add an additional flag for the sign and make it an integral part of the computation, which would defeat the purpose of having an unsigned core comparison. Going with two separate function for now and the signed version can be retired/compiled out with the legacy API eventually. The new function in theory could be placed into either `library/constant_time.c` or `library/bignum_new.c`. Going with the first as the other functions in the second are not constant time yet and this distinction seems more valuable for new (as opposed to belonging to the `_core` functions. Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-08-05 17:08:52 +01:00
Gilles Peskine	8399cccd2e	Merge pull request #5829 from paul-elliott-arm/fix_ct_uninit_memory_access Fix uninitialised memory access in constant time functions	2022-06-01 11:42:51 +02:00
Paul Elliott	5260ce27ed	Fix uninitialised memory access in constant time functions Fix an issue reported by Coverity whereby some constant time functions called from the ssl decrypt code could potentially access uninitialised memory. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-05-19 18:23:24 +01:00
Shaun Case	8b0ecbccf4	Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell. Signed-off-by: Shaun Case <warmsocks@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-11 21:25:51 +01:00
Neil Armstrong	9ebb9ff60c	Reduce HMAC buffer usage in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:09:58 +01:00
Neil Armstrong	72c2f76c43	Assume MAC key length is always exactly the output size in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:09:36 +01:00
Neil Armstrong	36cc13b340	Use PSA defines for buffers in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:09:20 +01:00
Neil Armstrong	ae57cfd3e7	Use psa_ssl_status_to_mbedtls in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 10:00:10 +01:00
Neil Armstrong	28d9c631b8	Fix comments in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 10:00:10 +01:00
Neil Armstrong	6958bd0206	Clean aux_out in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-02 15:37:11 +01:00
Neil Armstrong	2968d306e4	Implement mbedtls_ct_hmac() using PSA hash API Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:50 +01:00
Tautvydas Žilys	40fc7da101	Cap the workaround for mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to MSVC versions prior to 17.1. Signed-off-by: Tautvydas Žilys <tautvydas.zilys@gmail.com>	2022-01-31 13:34:01 -08:00
Tautvydas Žilys	60165d7708	Don't inline mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to avoid a compiler bug. Signed-off-by: Tautvydas Žilys <tautvydas.zilys@gmail.com>	2022-01-26 15:44:10 -08:00
Gabor Mezei	a09697527b	Add documentation for the functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:25:14 +01:00
Gabor Mezei	14d5fac11d	Unify function parameters Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:23:26 +01:00
Gabor Mezei	c0d8dda60d	Make mbedtls_ct_uchar_mask_of_range function static Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:20:36 +01:00
Gabor Mezei	358829abc9	Move mbedtls_ct_base64_dec_value function to the constant-time module Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:14:52 +01:00
Gabor Mezei	9a4074aa1e	Move mbedtls_ct_base64_enc_char function to the constant-time module Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:14:21 +01:00
Gabor Mezei	28d611559e	Move mbedtls_ct_uchar_mask_of_range function to the constant-time module Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:09:38 +01:00
Gabor Mezei	642eeb2879	Fix documentation and comments Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-03 16:13:32 +01:00
Gabor Mezei	22c9a6fccc	Rename internal header constant_time.h to constant_time_internal.h Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-20 12:15:20 +02:00
Gabor Mezei	90437e3762	Rename constant-time functions to have mbedtls_ct prefix Rename functions to better suite with the module name. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-20 11:59:27 +02:00
Gabor Mezei	6a426c9f9f	Bind functions' availability for config options Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-20 11:17:43 +02:00
Gabor Mezei	765862c4f3	Move mbedtls_cf_memcmp to a new public header Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-19 12:22:25 +02:00
Gabor Mezei	e212379810	Bind functions' availability for config options Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 19:38:02 +02:00
Gabor Mezei	949455892f	Remove unused function Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 17:02:29 +02:00
Gabor Mezei	a2d0f90c5a	Make functions static These functions are only used as an auxiliary function for constant-time functions. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:56:50 +02:00
Gabor Mezei	a316fc8eb0	Update documentation and comments Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	63bbba5c13	Rename and reorder function parameters Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	7013f62ee5	Use condition for not sensitive data Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	eab90bcc36	Move implementation specific comment This comment is about how the functions are implemented, not about their public interface, so it doesn't belong in the header file. It applies to everything in constant_time.c so moved there. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	1e64261da5	Make mbedtls_cf_size_mask_lt function static The mbedtls_cf_size_mask_lt is solely used as an auxiliary function for mbedtls_cf_size_mask_ge. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
gabor-mezei-arm	5b3a32d883	Fix missing includes Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-29 10:53:55 +02:00
gabor-mezei-arm	90d96cc741	Add documentation for the functions Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 17:07:51 +02:00
gabor-mezei-arm	b11a56e34c	Unify equality checker functions return value The equality checker functions always return 0 or 1 value, thus the type of return value can be the same dispite of the size of the parameters. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:42:19 +02:00
gabor-mezei-arm	9cb55698aa	Propagate usage of mask generation functions Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:42:19 +02:00
gabor-mezei-arm	396438c57b	Unify mask generation functions Generate all-bits 0 or all bits 1 mask from a value instead of from a bit. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:42:19 +02:00
gabor-mezei-arm	87ac5bef97	Unify function parameters Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:42:16 +02:00

1 2

73 Commits