ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-07-05 13:39:54 +08:00
Code Issues Releases Wiki Activity
33,400 Commits 173 Branches 272 Tags
Commit Graph

13652 Commits

Author SHA1 Message Date
Ryan Everett
975d411d92 Only set slot to OCCUPIED on successful key loading 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-16 13:37:51 +00:00
Valerio Setti
9b7a8b2a0c ccm/gcm: reaplace CIPHER_C functions with BLOCK_CIPHER_C ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-16 11:48:00 +01:00
Yanray Wang
19e4dc8df7 tls: fix unused parameter in mbedtls_ssl_cipher_to_psa 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-16 18:05:51 +08:00
Yanray Wang
1a369d68aa ssl_tls: add missing guard for mbedtls_ssl_cipher_to_psa 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-16 15:17:33 +08:00
David Horstmann
c5cc1c3a92 Remove redundant NULL check 
A NULL buffer with a non-zero length is an internal error, so just
check the length.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-15 18:11:26 +00:00
David Horstmann
777e74130f Skip call to memcpy if buffer length is zero 
This allows the copy functions to work when passed a (NULL, 0) buffer.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-15 17:38:46 +00:00
David Horstmann
1b7279a849 Make copy functions static-testable 
This allows greater compiler optimisation.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-15 17:26:18 +00:00
Ryan Everett
ac5b32b894 Fix error handling for secure element keys in psa_start_key_creation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-15 16:26:01 +00:00
David Horstmann
c335a4e186 Fix unintentional direct use of memcpy() 
Change psa_crypto_output_copy_free() to use psa_crypto_copy_output()
rather than calling memcpy directly as was erroneously done previously.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-15 16:00:28 +00:00
Manuel Pégourié-Gonnard
dc848955d6
Merge pull request #8519 from mpg/block-cipher 
[G2] Add internal module block_cipher
 2023-11-15 11:53:22 +00:00
Valerio Setti
5e378d70e6 ssl_misc: remove DES from the list of key types supporting CBC 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:18:14 +01:00
Dave Rodgman
cba4091581
Merge pull request #8516 from mschulz-at-hilscher/fixes/divided-assembler-syntax-error-gcc493 
Fixes invalid default choice of thumb assembler syntax.
 2023-11-14 17:57:37 +00:00
Matthias Schulz
90c8c3235b
Update library/constant_time_impl.h 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com>
 2023-11-14 16:35:50 +01:00
Matthias Schulz
3f80ffb9ff
Update library/constant_time_impl.h 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com>
 2023-11-14 16:35:45 +01:00
Manuel Pégourié-Gonnard
752dd39a69
Merge pull request #8508 from valeriosetti/issue6323 
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
 2023-11-14 11:39:06 +00:00
Yanray Wang
c43479103a aesce: fix unused parameter 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-14 11:09:56 +08:00
Matthias Schulz
e94525bd17 Updated comments. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-13 14:01:02 +01:00
Matthias Schulz
35842f52f2 Simplified check. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-13 13:57:05 +01:00
Ryan Everett
34d6a5c3df Move enum definition to satisfy check_names.py 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-13 09:52:12 +00:00
Matthias Schulz
ca8981c1ee Added proposed fixes 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-13 10:04:19 +01:00
Matthias Schulz
be1e9c5951 Pop only when pushed. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-13 09:33:33 +01:00
Tom Cosgrove
08ea9bfa1f
Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data 
TLS 1.3: Rename early_data and max_early_data_size configuration function
 2023-11-10 19:35:46 +00:00
Manuel Pégourié-Gonnard
76fa16cab3 block_cipher: add encrypt() 
Test data copied from existing test suites.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 12:14:53 +01:00
Manuel Pégourié-Gonnard
3e0884fc53 block_cipher: add setkey() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 11:52:10 +01:00
Yanray Wang
0287b9d260 padlock.c: guard mbedtls_padlock_xcryptcbc by CIPHER_MODE_CBC 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-10 18:21:22 +08:00
Manuel Pégourié-Gonnard
21718769d1 Start adding internal module block_cipher.c 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 11:21:17 +01:00
Yanray Wang
cd25d22526 cipher.c: remove checks for CBC,XTS,KW,KWP in cipher_setkey 
We have checks for CBC, XTS and KW modes in check_config.h. This
means we should never get a successful build with above three modes.
Therefore, the checks in cipher_setkey is not necessary as other
error will be emitted if asking for those modes in the cipher.
Additionally, removing the checks can save extra code size.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-10 15:40:58 +08:00
Valerio Setti
01c4fa3e88 ssl: move MBEDTLS_SSL_HAVE internal symbols to ssl.h 
This is useful to properly define MBEDTLS_PSK_MAX_LEN when
it is not defined explicitly in mbedtls_config.h

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-10 08:12:07 +01:00
Yanray Wang
111159b89c BLOCK_CIPHER_NO_DECRYPT: call encrypt direction unconditionally 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-10 15:03:23 +08:00
Matthias Schulz
5ffc42442d Fix preprocessor syntax error. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-09 15:44:24 +01:00
Matthias Schulz
2e068cef09 fixes invalid default choice of thumb assembler syntax. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-09 15:25:52 +01:00
Matthias Schulz
ee10b8470a Fix compiler error on gcc 4.5.2. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-09 15:19:28 +01:00
Matthias Schulz
9916b06ce7 Fix uninitialized variable warnings. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-09 14:25:01 +01:00
Manuel Pégourié-Gonnard
7d7ce0e66a
Merge pull request #8495 from lpy4105/issue/6322/driver-only-cipher_aead-tls 
[G3] Driver-only cipher+aead: TLS: main test suite
 2023-11-09 11:10:34 +00:00
Yanray Wang
f03b49122c aes.c: guard RSb and RTx properly 
If we enabled AES_DECRYPT_ALT and either AES_SETKEY_DEC_ALT or
AES_USE_HARDWARE_ONLY, this means RSb and RTx are not needed.
This commit extends how we guard RSb and RTx for the combinations of
these configurations.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-09 11:43:21 +08:00
David Horstmann
9467ea343b Add psa_crypto_output_copy_free() implementation 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:13:23 +00:00
David Horstmann
ba3c7d649c Add implementation of psa_crypto_output_alloc() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:13:23 +00:00
David Horstmann
dfa14cbbcd Add function prototypes for psa_crypto_output fns 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:13:23 +00:00
David Horstmann
e6042ffc49 Add implementation of psa_crypto_input_copy_free() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 18:13:23 +00:00
Gilles Peskine
4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377 
Fixes "CSR parsing with critical fields fails"
 2023-11-08 18:07:04 +00:00
Dave Rodgman
0d22539de0
Merge pull request #8468 from daverodgman/mbedtls-3.5.1-pr 
Mbed TLS 3.5.1
 2023-11-08 18:01:32 +00:00
David Horstmann
4ac788573b Add psa_crypto_input_copy_alloc() implementation 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-08 15:22:27 +00:00
Ryan Everett
5567e3a34b Make empty key slots explicit 
Add new status field to key slots, and use it.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-11-08 13:28:20 +00:00
Dave Rodgman
28d40930ae Restore bump version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:40:08 +00:00
Yanray Wang
004a60c087 aes.c: remove non-functional code 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 19:05:31 +08:00
Pengyu Lv
2bd56de3f4 ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros 
MBEDTLS_SSL_HAVE_<block_cipher>_CBC equals
MBEDTLS_SSL_HAVE_<block_cipher> and MBEDTLS_SSL_HAVE_CBC.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 14:21:19 +08:00
Pengyu Lv
65458fa969 ssl: MBEDTLS_SSL_HAVE_* in ssl_misc.h 
Done by commands:

```
sed -i "300,$ s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
sed -i "300,$ s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 12:16:29 +08:00
Pengyu Lv
829dd2048a ssl: use MBEDTLS_SSL_HAVE_* in ssl_ciphersuites.c 
Mainly done by the commands, with some manual adjust.

```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 12:01:26 +08:00
Pengyu Lv
f1b86b088f ssl: add macro to indicate CBC mode is available 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 11:28:42 +08:00
Pengyu Lv
e870cc8c86 ssl: add macro for available key types 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 11:28:36 +08:00