ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-07-27 05:28:45 +08:00
Code Issues Releases Wiki Activity
32,851 Commits 174 Branches 272 Tags
Commit Graph

32851 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Rodgman
a0f10da9d2 Use MBEDTLS_HAVE_NEON_INTRINSICS instead of __ARM_NEON 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Dave Rodgman
4ffd7c7614 Introduce MBEDTLS_HAVE_NEON_INTRINSICS and simplify NEON header inclusion 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Dave Rodgman
be09286666 Enable 8-byte fastpath in mbedtls_xor on ARM64 and ARM64EC 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Dave Rodgman
ad71b6a834 Support ARM64EC in the same way as ARM64 in sha256 and sha512 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Dave Rodgman
78fc0bd1db Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS on Windows-on-Arm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-16 09:25:59 +01:00
Manuel Pégourié-Gonnard
dcd98fffab Factor similar code into pk_ecc_set_key() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
6db11d5068 Group two versions of the same code 
Just moving code around. The two blocks do morally the same thing: load
the key, and grouping them makes the #if #else structure clearer.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
d5b4372012 Slightly simplify pk_derive_public_key() 
- add a comment explain potentially surprising parameters
- avoid nesting #if guards: I find the linear structure #if #elif #else
makes the three cases clearer.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
2585852231 Factor common code into a function 
There were two places that were calling either pk_update_ecparams() or
mbedtls_ecp_group_load() depending on the same guard. Factor this into a
single function, that works in both configs, so that callers don't have
to worry about guards.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
5fcbe4c1f8 Further rationalize includes 
- only include psa_util when we use PSA Crypto
- re-order includes

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
da88c380bd Minimize key-type-related includes 
- we don't use any ECDSA function here
- we only need to include ecp.h when supporting ECC keys

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Manuel Pégourié-Gonnard
4b0e8f0e2c Remove redundant include 
It's also included later, guarded by support for ECC keys, and actually
that's the only case where we need it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-16 10:25:44 +02:00
Pengyu Lv
132261345d all.sh: revert changes in test_m32* 
AESNI for x86 (32-bit) have been tested in
a seperate component, we don't need to test
twice.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-10-16 14:03:29 +08:00
Gilles Peskine
1f2802c403 Suggest validating copy by memory poisoning 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 21:49:17 +02:00
Gilles Peskine
6998721c69 Add a section skeleton for copy bypass 
It's something we're likely to want to do at some point.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 20:05:32 +02:00
Gilles Peskine
7bc1bb65e9 Short explanations of what is expected in the design sections 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 20:05:25 +02:00
Gilles Peskine
35de1f7a7d Distinguish whole-message signature from other asymmetric cryptography 
Whole-message signature may process the message multiple times (EdDSA
signature does it).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 20:04:16 +02:00
Gilles Peskine
9cad3b3a70 Design change for cipher/AEAD 
There are many reasons why a driver might violate the security requirements
for plaintext or ciphertext buffers, so mandate copying.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 20:03:18 +02:00
Gilles Peskine
2859267a27 Clarify terminology: built-in driver 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 20:02:00 +02:00
Gilles Peskine
db00543b3a Add a section on write-read feedback 
It's a security violation, although it's not clear whether it really needs
to influence the design.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 19:57:53 +02:00
Gilles Peskine
352095ca86 Simplify the relaxed output-output rule 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 19:56:22 +02:00
Gilles Peskine
60c453ee72 Expand explanations of the vulnerabilities 
Add a few more examples.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 19:07:56 +02:00
Gilles Peskine
8daedaeac9 Fix typos and copypasta 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 18:47:29 +02:00
Valerio Setti
5f5573fa90 cipher: reintroduce symbol for legacy AEAD support 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-13 17:29:27 +02:00
Gilles Peskine
28b56335bb
Merge pull request #7942 from tom-daubney-arm/psa_crypto_example_hash 
Add example program for PSA hash
 2023-10-13 15:22:58 +00:00
Dave Rodgman
37801d714b Invert no_hwcap variable 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-13 16:06:55 +01:00
Dave Rodgman
515af1d80d Stop IAR warning about goto skipping variable definition 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-13 16:03:25 +01:00
Bence Szépkúti
195411bb17
Merge pull request #8062 from yanrayw/save_stack_usage_pkwrite 
pkwrite: use heap to save stack usage for writing keys in PEM string
 2023-10-13 14:27:13 +00:00
Gilles Peskine
73cb6f85a5
Merge pull request #8360 from Mbed-TLS/revert-8352-iar-fixes 
Revert "Fix a few IAR warnings" which breaks the CI
 2023-10-13 13:11:40 +00:00
Dave Rodgman
2457bcd26c Tidy up logic for MBEDTLS_MAYBE_UNUSED 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-13 12:31:45 +01:00
Dave Rodgman
cc88ccdda1 Include existing Makefile 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-13 12:25:23 +01:00
Gilles Peskine
9a32632577 Fix 3rdparty/Makefile.inc when included recursively 
3rdparty/Makefile.inc could only be used when included from the primary
makefile passed to make. It could not be used directly, or included from a
makefile that is itself included. This was due to counting from the left of
$(MAKEFILE_LIST) instead of using the last element.

Since each include directive appends to $(MAKEFILE_LIST), when using it to
determine $(THIRDPARTY_DIR), we need to use a simply-expanded variable.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-10-13 12:25:18 +01:00
Gilles Peskine
97a6231b5c
Revert "Fix a few IAR warnings" 2023-10-13 11:39:53 +02:00
Waleed Elmelegy
0badeb4560 Fix changelog code style issue 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-13 10:27:13 +01:00
Waleed Elmelegy
107c60c765 Fix changelog style issue 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-13 10:25:58 +01:00
Dave Rodgman
768bc143ad Fix hwcap test for CI 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-13 10:15:55 +01:00
Waleed Elmelegy
5867465e90 Fix code style issue in cert_write program 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-13 10:03:12 +01:00
Waleed Elmelegy
eade3fedb2 Fix code style issue in cert_req program 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-13 09:59:19 +01:00
Dave Rodgman
7821df3e8b Adjust use of deprecated in Doxygen 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-13 09:39:11 +01:00
Dave Rodgman
ab0cff5b4e Require asm/hwcap.h for testing 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-13 09:32:04 +01:00
Dave Rodgman
d85277c62e Doxygen fixes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-13 09:22:54 +01:00
Dave Rodgman
2d67e3a07b
Merge pull request #8352 from daverodgman/iar-fixes 
Fix a few IAR warnings
 2023-10-13 09:20:28 +01:00
Valerio Setti
193e383686 check_config: fix typo causing build issues with only CCM enabled 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-13 09:37:24 +02:00
Tom Cosgrove
71f2e398bd
Merge pull request #8345 from mcagriaksoy/branch_issue_8344 
Add missing casting size_t to int on ssl_tls13_keys.c
 2023-10-12 18:39:33 +00:00
Dave Rodgman
584c8108b3 Use a block to save 12b 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:55:23 +01:00
Dave Rodgman
351a81c65d Keep initialisation of p in its original location 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:36:05 +01:00
Dave Rodgman
bcb1818e19 Fix IAR 'transfer of control bypasses initialization' warnings 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:23:11 +01:00
Dave Rodgman
4b779bef9e
Merge branch 'development' into more-aes-checks 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:17:10 +01:00
Dave Rodgman
7cb635a563 Adjust the full config 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-12 16:14:51 +01:00
Waleed Elmelegy
737cfe184b Add changelog entry for x509 cert_req null dereference fix 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-12 15:51:13 +01:00