lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-14 20:01:00 +03:00
Code Activity
26,723 Commits 173 Branches 272 Tags
ddc720d2090b8dc4a0ad5a2f778dbde1c9ada8f5
Commit Graph

11797 Commits

Author SHA1 Message Date
Agathiyan Bragadeesh
ddc720d209 Add mbedtls_x509_dn_gets hexstring output 
If the data is a bitstring or an octet string, instead use the hexstring
of the BER encoding (RFC 4514 Section 2.4)

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
b73778d8f9 Implement parse_attribute_value_ber_encoded 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
e119f3c0ea Refactor mbedtls_x509_string_to_names 
This refactor is to accomodate future support of numericoid/hexstring
attributetype value pairs.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
f0e1ac59d8 Rewrite nibble_to_hex_digit for readability 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
9d2507c81d Rename x509_int_to_hexdigit to nibble_to_hex_digit 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
ef2decbe4a Escape hexpairs characters RFC 4514 
Converts none ascii to escaped hexpairs in mbedtls_x509_dn_gets and
interprets hexpairs in mbedtls_x509_string_to_names.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:38:16 +01:00
Agathiyan Bragadeesh
48513b8639 Escape special characters RFC 4514 
This escapes special characters according to RFC 4514 in
mbedtls_x509_dn_gets and de-escapes in mbedtls_x509_string_to_names.
This commit does not handle hexpairs.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-08-22 10:38:16 +01:00
Tom Cosgrove
31b2d7414d Merge pull request #8053 from gilles-peskine-arm/mpi_exp_mod-remove_initial_copy 
mbedtls_mpi_exp_mod: remove spurious copy of the output variable
 2023-08-21 15:50:28 +00:00
Gilles Peskine
0addbe6dc7 Merge pull request #8069 from paul-elliott-arm/fix_ecjpake_deadcode 
Fix logical dead code found by Coverity
 2023-08-21 14:44:36 +00:00
Dave Rodgman
65204f8fc8 Merge pull request #8035 from daverodgman/aesce-support-perf 
Make mbedtls_aesce_has_support more efficient
 2023-08-21 14:39:08 +00:00
Tom Cosgrove
d29648026b Merge pull request #8017 from ivq/unchecked_return 
Fix a few unchecked return values
 2023-08-21 13:02:53 +00:00
Janos Follath
e220d258fd Merge pull request #8086 from yanesca/remove-new-bignum 
Remove new bignum when not needed
 2023-08-21 10:59:41 +00:00
Dave Rodgman
f2249ec905 Rename mbedtls_aesce_has_support macro to satisfy case rules 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-20 20:20:12 +01:00
Dave Rodgman
b30adce7fd Use -1 as uninitialised marker 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-20 20:20:12 +01:00
Dave Rodgman
4566132163 Make mbedtls_aesce_has_support more efficient 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-20 20:20:12 +01:00
Dave Rodgman
1fdc884ed8 Merge pull request #7384 from yuhaoth/pr/add-aes-accelerator-only-mode 
AES: Add accelerator only mode
 2023-08-18 20:55:44 +00:00
Jerry Yu
0a6272d6c9 revert padlock from aesni module 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-18 17:35:59 +08:00
Jerry Yu
61fc5ed5f3 improve readability of error message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-18 17:28:48 +08:00
Jerry Yu
372f7a04d0 Add missing check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-18 17:26:25 +08:00
Gilles Peskine
eeaad50cd6 Merge pull request #8079 from adeaarm/port_IAR_build_fix 
Small fixes for IAR support
 2023-08-17 19:10:51 +00:00
Antonio de Angelis
8e9d6b927e Remove the workaround for psa_key_agreement_internal 
Remove the workaround for psa_key_agreement_internal to
have a shared_secret array always non-zero. The spec is
recently updated so that PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
is always non-zero

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-17 15:27:56 +01:00
Janos Follath
f2334b7b39 Remove new bignum when not needed 
New bignum modules are only needed when the new ecp_curves module is
present. Remove them when they are not needed to save code size.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-17 14:36:59 +01:00
Gilles Peskine
294be94922 Merge pull request #7818 from silabs-Kusumit/PBKDF2_cmac_implementation 
PBKDF2 CMAC implementation
 2023-08-17 11:15:16 +00:00
Jerry Yu
9608447545 replace padlock_c with padlock_have_code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 18:10:45 +08:00
Jerry Yu
3a0f044bde improve readability 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 17:06:21 +08:00
Jerry Yu
e9c6b53e74 remove return-type when runtime detection enabled without plain c 
This case does not exist

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 13:53:38 +08:00
Jerry Yu
1b4c7eda80 add hardware only check for padlock 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 11:25:17 +08:00
Jerry Yu
9e628621b4 Add via padlock detection macro 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 11:20:09 +08:00
Jerry Yu
2319af0d64 Change the order of runtime detection 
If aesni is available, we will use it.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 10:38:57 +08:00
Jerry Yu
35b59d7805 exclude arm64ec mode for aesni 
AESNI does not work correctly for msvc arm64ec

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-17 10:34:15 +08:00
Antonio de Angelis
f1adc2a7a1 Use asm instead of __asm in constant_time.c 
The original IAR fix submitted to TF-M directly changed asm to __asm.
But mbed TLS now has a workaround for such cases hence just remove the
original change modification.

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-16 12:48:48 +01:00
Antonio de Angelis
1ee4d1228c Fix error strings without quotes 
Some of the error strings that should be printed with the
error preprocessor directive are missing quotes

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-16 12:48:33 +01:00
TTornblom
e4f6d79bbe BUILD: Update For IAR support 
Applied the same change as in mbed-crypto for using this as a sub
project with the IAR toolchain. Use __asm generic ,and avoid empty
enum. Avoid declaration of array with null size. This is a porting
of the original patch contributed to trusted-firmware-m.

Signed-off-by: TTornblom <thomas.tornblom@iar.com>
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
 2023-08-16 12:36:21 +01:00
Jerry Yu
516cf27d45 fix msvc build fail on i386 target 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 17:33:32 +08:00
Gilles Peskine
a4c01dd6e9 Merge pull request #7991 from sarveshb14/fix/psa_rsa_signature_using_large_stack 
rsa_signature: Use heap memory to allocate DER encoded RSA private key
 2023-08-16 09:23:29 +00:00
Jerry Yu
3ce0398d1d Add compiler cflags error message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 17:22:18 +08:00
Gilles Peskine
d370f93898 Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn 
OPC UA - add support for RFC822 and DirectoryName SubjectAltNames when generating CSR's
 2023-08-16 09:19:46 +00:00
Jerry Yu
c628486cd9 enable runtime detection when padlock enabled and plain c disabled 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 16:14:02 +08:00
Jerry Yu
cc068ae631 fix -Werror=return-type when runtime detection enabled and plain c disabled 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 16:14:01 +08:00
Jerry Yu
e62ff09569 Restore aesni for i386 
intrinsic code can be work on i386 also

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-16 14:33:16 +08:00
David Horstmann
ba44e918b8 Remove unnecessary include from constant_time.c 
This was added in order to use TEST_CF_XYZ macros which have since been
removed.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-08-15 15:17:22 +01:00
Dave Rodgman
e3330f86d2 Make naming more consistent 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-14 15:26:28 +01:00
Dave Rodgman
0b7bf876e4 Fix compile fail for empty enum in cipher_wrap 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-14 14:25:29 +01:00
Dave Rodgman
2f4e6e748c Merge pull request #8066 from paul-elliott-arm/aes_memcpy_iv_fix 
Fix potential corruption of IV for AES CBC with zero length
 2023-08-14 09:32:45 +01:00
Paul Elliott
2a12fc20f2 Fix logical dead code found by Coverity 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-08-11 17:45:20 +01:00
Paul Elliott
2ad93674dc Fix potential corruption of IV for AES CBC 
If passed a zero length, AES CBC could potentially corrupt the passed
in IV by memcpying it over itself. Although this might be ok with
more recent compilers, its not for every compiler we support. Found
by coverity.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-08-11 17:04:06 +01:00
Chien Wong
2e3858f5eb Undo a change 
Signed-off-by: Chien Wong <m@xv97.com>
 2023-08-11 18:16:06 +08:00
Valerio Setti
711f853b48 ssl_tls13: fix guard for FFDH function 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-11 06:33:52 +02:00
Jerry Yu
240bb11171 Add gnu check for aseni assembly code 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-08-11 10:45:35 +08:00
Manuel Pégourié-Gonnard
54da1a69a2 Merge pull request #7578 from daverodgman/safer-ct5 
Improve constant-time interface
 2023-08-10 16:57:39 +00:00