Dave Rodgman 
							
						 
					 
					
						
						
							
						
						7d4f019810 
					 
					
						
						
							
							Move some bignum functions out of constant_time module  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-05-26 12:42:48 +01:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						19e8cd06fe 
					 
					
						
						
							
							Move mbedtls_ct_rsaes_pkcs1_v15_unpadding into rsa.c  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-05-26 12:42:48 +01:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						0afe001871 
					 
					
						
						
							
							Expose mbedtls_ct_size_gt and mbedtls_ct_mem_move_to_left in ct interface  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-05-26 12:42:48 +01:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						2801f7fa8d 
					 
					
						
						
							
							Move mbedtls_ct_hmac into ssl_msg.c  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-05-26 12:42:48 +01:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						0ee9683987 
					 
					
						
						
							
							Move mbedtls_ct_base64_(enc|dec)_char into base64.c  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-05-26 12:42:40 +01:00 
						 
				 
			
				
					
						
							
							
								Tom Cosgrove 
							
						 
					 
					
						
						
							
						
						e22413c8df 
					 
					
						
						
							
							Use mbedtls_ct_uint_if() rather than mbedtls_ct_cond_select_sign()  
						
						... 
						
						
						
						Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com > 
						
						
					 
					
						2023-05-03 09:44:01 +01:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
							
						
						8a045ce5e6 
					 
					
						
						
							
							Unify PSA to Mbed TLS error translation  
						
						... 
						
						
						
						Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com > 
						
						
					 
					
						2023-03-03 05:23:44 -05:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						4610d4b7a6 
					 
					
						
						
							
							Inhibit compiler from optimising out const-time asm  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-01-30 09:26:48 +00:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						7658b63390 
					 
					
						
						
							
							Remove volatile from diff; add explanatory comment  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-01-20 14:04:48 +00:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						b9cd19bc8c 
					 
					
						
						
							
							Prevent perf regressions in mbedtls_xor  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-01-20 14:04:48 +00:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						051225d07a 
					 
					
						
						
							
							Address potential perf regression  
						
						... 
						
						
						
						Ensure platforms that don't have an assembly implementation for
mbedtls_get_unaligned_volatile_uint32() don't experience a performance
regression.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-01-20 14:04:48 +00:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						36dfc5a237 
					 
					
						
						
							
							Improve efficiency of some constant time functions  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-01-20 14:04:48 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						449bd8303e 
					 
					
						
						
							
							Switch to the new code style  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2023-01-11 14:50:10 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						db2996357c 
					 
					
						
						
							
							Merge pull request  #6289  from gabor-mezei-arm/6237_Add_conditional_assign_and_swap_for_bignum  
						
						... 
						
						
						
						Bignum: Add safe conditional assign and swap for the new MPI types 
						
						
					 
					
						2022-10-19 15:51:19 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						d7edb1d225 
					 
					
						
						
							
							Initialize variable  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-10-10 14:32:09 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						3eff425b1a 
					 
					
						
						
							
							Use only one limb parameter for assign  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-09-30 13:36:40 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						cfc0eb8d22 
					 
					
						
						
							
							Remove unused parameter  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-09-30 13:36:39 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						87638a9ead 
					 
					
						
						
							
							Add missing include  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-09-30 13:36:39 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						24d183aa00 
					 
					
						
						
							
							Use the new swap and assign function in the old interface  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-09-30 13:36:39 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						89ad62352d 
					 
					
						
						
							
							Fix guards for mbedtls_ct_size_mask() and mbedtls_ct_memcpy_if_eq()  
						
						... 
						
						
						
						Both functions are used when MBEDTLS_SSL_SOME_SUITES_USE_MAC is defined not MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-09-27 15:04:14 +02:00 
						 
				 
			
				
					
						
							
							
								Janos Follath 
							
						 
					 
					
						
						
							
						
						645ff5b8ff 
					 
					
						
						
							
							Merge pull request  #6095  from gabor-mezei-arm/6016_add_new_modulus_and_residue_structures  
						
						... 
						
						
						
						Add the new modulus and the residue structures with low level I/O operations 
						
						
					 
					
						2022-08-23 09:02:43 +01:00 
						 
				 
			
				
					
						
							
							
								Janos Follath 
							
						 
					 
					
						
						
							
						
						b7a88eca42 
					 
					
						
						
							
							Bignum: Apply naming conventions  
						
						... 
						
						
						
						Numbers:
- A, B for mbedtls_mpi_uint* operands
- a, b for mbedtls_mpi_uint operands
- X or x for result
- HAC references where applicable
Lengths:
- Reserve size or length for length/size in bytes or byte buffers.
- For length of mbedtls_mpi_uint* buffers use limbs
- Length parameters are qualified if possible (eg. input_length or
  a_limbs)
Setup functions:
- The parameters match the corresponding structure member's name
- The structure to set up is a standard lower case name even if in other
  functions different naming conventions would apply
Scope of changes/conventions:
- bignum_core
- bignum_mod
- bignum_mod_raw
Signed-off-by: Janos Follath <janos.follath@arm.com > 
						
						
					 
					
						2022-08-19 13:11:22 +01:00 
						 
				 
			
				
					
						
							
							
								Tom Cosgrove 
							
						 
					 
					
						
						
							
						
						583816caaf 
					 
					
						
						
							
							Be explicit about constant time bignum functions that must take a 0 or 1 condition value  
						
						... 
						
						
						
						Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com > 
						
						
					 
					
						2022-08-18 14:09:18 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						5a5c0c5f0a 
					 
					
						
						
							
							Move the declaration of variables to their scope of usage  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-08-12 15:40:09 +02:00 
						 
				 
			
				
					
						
							
							
								Janos Follath 
							
						 
					 
					
						
						
							
						
						6318468183 
					 
					
						
						
							
							Improve bignum documentation  
						
						... 
						
						
						
						Signed-off-by: Janos Follath <janos.follath@arm.com > 
						
						
					 
					
						2022-08-11 17:42:59 +01:00 
						 
				 
			
				
					
						
							
							
								Janos Follath 
							
						 
					 
					
						
						
							
						
						23bdeca64d 
					 
					
						
						
							
							Add core constant time comparison  
						
						... 
						
						
						
						Unfortunately reusing the new function from the signed constant time
comparison is not trivial.
One option would be to do temporary conditional swaps which would prevent
qualifying input to const. Another way would be to add an additional
flag for the sign and make it an integral part of the computation, which
would defeat the purpose of having an unsigned core comparison.
Going with two separate function for now and the signed version can be
retired/compiled out with the legacy API eventually.
The new function in theory could be placed into either
`library/constant_time.c` or `library/bignum_new.c`. Going with the
first as the other functions in the second are not constant time yet and
this distinction seems more valuable for new (as opposed to belonging to
the `_core` functions.
Signed-off-by: Janos Follath <janos.follath@arm.com > 
						
						
					 
					
						2022-08-05 17:08:52 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						8399cccd2e 
					 
					
						
						
							
							Merge pull request  #5829  from paul-elliott-arm/fix_ct_uninit_memory_access  
						
						... 
						
						
						
						Fix uninitialised memory access in constant time functions 
						
						
					 
					
						2022-06-01 11:42:51 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Elliott 
							
						 
					 
					
						
						
							
						
						5260ce27ed 
					 
					
						
						
							
							Fix uninitialised memory access in constant time functions  
						
						... 
						
						
						
						Fix an issue reported by Coverity whereby some constant time functions
called from the ssl decrypt code could potentially access uninitialised
memory.
Signed-off-by: Paul Elliott <paul.elliott@arm.com > 
						
						
					 
					
						2022-05-19 18:23:24 +01:00 
						 
				 
			
				
					
						
							
							
								Shaun Case 
							
						 
					 
					
						
						
							
						
						8b0ecbccf4 
					 
					
						
						
							
							Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.  
						
						... 
						
						
						
						Signed-off-by: Shaun Case <warmsocks@gmail.com >
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2022-05-11 21:25:51 +01:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						9ebb9ff60c 
					 
					
						
						
							
							Reduce HMAC buffer usage in PSA version of mbedtls_ct_hmac()  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-03-18 11:09:58 +01:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						72c2f76c43 
					 
					
						
						
							
							Assume MAC key length is always exactly the output size in PSA version of mbedtls_ct_hmac()  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-03-18 11:09:36 +01:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						36cc13b340 
					 
					
						
						
							
							Use PSA defines for buffers in PSA version of mbedtls_ct_hmac()  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-03-18 11:09:20 +01:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						ae57cfd3e7 
					 
					
						
						
							
							Use psa_ssl_status_to_mbedtls in PSA version of mbedtls_ct_hmac()  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-03-18 10:00:10 +01:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						28d9c631b8 
					 
					
						
						
							
							Fix comments in PSA version of mbedtls_ct_hmac()  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-03-18 10:00:10 +01:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						6958bd0206 
					 
					
						
						
							
							Clean aux_out in PSA version of mbedtls_ct_hmac()  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-03-02 15:37:11 +01:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						2968d306e4 
					 
					
						
						
							
							Implement mbedtls_ct_hmac() using PSA hash API  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-02-25 15:16:50 +01:00 
						 
				 
			
				
					
						
							
							
								Tautvydas Žilys 
							
						 
					 
					
						
						
							
						
						40fc7da101 
					 
					
						
						
							
							Cap the workaround for mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to MSVC versions prior to 17.1.  
						
						... 
						
						
						
						Signed-off-by: Tautvydas Žilys <tautvydas.zilys@gmail.com > 
						
						
					 
					
						2022-01-31 13:34:01 -08:00 
						 
				 
			
				
					
						
							
							
								Tautvydas Žilys 
							
						 
					 
					
						
						
							
						
						60165d7708 
					 
					
						
						
							
							Don't inline mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to avoid a compiler bug.  
						
						... 
						
						
						
						Signed-off-by: Tautvydas Žilys <tautvydas.zilys@gmail.com > 
						
						
					 
					
						2022-01-26 15:44:10 -08:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						a09697527b 
					 
					
						
						
							
							Add documentation for the functions  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-11-26 17:25:14 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						14d5fac11d 
					 
					
						
						
							
							Unify function parameters  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-11-26 17:23:26 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						c0d8dda60d 
					 
					
						
						
							
							Make mbedtls_ct_uchar_mask_of_range function static  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-11-26 17:20:36 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						358829abc9 
					 
					
						
						
							
							Move mbedtls_ct_base64_dec_value function to the constant-time module  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-11-26 17:14:52 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						9a4074aa1e 
					 
					
						
						
							
							Move mbedtls_ct_base64_enc_char function to the constant-time module  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-11-26 17:14:21 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						28d611559e 
					 
					
						
						
							
							Move mbedtls_ct_uchar_mask_of_range function to the constant-time module  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-11-26 17:09:38 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						642eeb2879 
					 
					
						
						
							
							Fix documentation and comments  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-11-03 16:13:32 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						22c9a6fccc 
					 
					
						
						
							
							Rename internal header constant_time.h to constant_time_internal.h  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-10-20 12:15:20 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						90437e3762 
					 
					
						
						
							
							Rename constant-time functions to have mbedtls_ct prefix  
						
						... 
						
						
						
						Rename functions to better suite with the module name.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-10-20 11:59:27 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						6a426c9f9f 
					 
					
						
						
							
							Bind functions' availability for config options  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-10-20 11:17:43 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						765862c4f3 
					 
					
						
						
							
							Move mbedtls_cf_memcmp to a new public header  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-10-19 12:22:25 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						e212379810 
					 
					
						
						
							
							Bind functions' availability for config options  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-10-18 19:38:02 +02:00