ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-21 16:05:46 +08:00
Code Issues Releases Wiki Activity
31,774 Commits 172 Branches 268 Tags
Commit Graph

31774 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
ab89fcf7f8 Update invalid key id in a test case 
PSA_KEY_ID_VOLATILE_MIN-1 is now in the persistent key ID range, so it's no
longer an invalid key ID for registration.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 12:39:05 +02:00
Gilles Peskine
1e65e64565 Fix overlap between volatile keys and built-in keys 
Fix interference between PSA volatile keys and built-in keys
when MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled and
MBEDTLS_PSA_KEY_SLOT_COUNT is more than 4096. This overlap used to make it
possible that a volatile key would receive the identifier of a built-in key,
and is now caught by a static assertion.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 12:39:05 +02:00
Gilles Peskine
7a0adffd16 Assert that the key ID range for volatile keys is large enough 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 12:39:05 +02:00
Gilles Peskine
3710e72d78 Assert that key ID ranges don't overlap 
Ensure that a key ID can't be in range for more than one of volatile keys,
persistent (i.e. user-chosen) keys or built-in keys.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 12:39:05 +02:00
Gilles Peskine
2ff81bf03b Add a test for the built-in key range 
Restricting the built-in key range would be an API break since applications
can hard-code a built-in key value and expect that it won't clash with
anything else. Make it harder to accidentally break the API.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 12:39:05 +02:00
Gilles Peskine
b0b1b32914 Prevent mbedtls_psa_register_se_key with volatile keys 
mbedtls_psa_register_se_key() is not usable with volatile keys, since there
is no way to return the implementation-chosen key identifier which would be
needed to use the key. Document this limitation. Reject an attempt to create
such an unusable key. Fixes #9253.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 12:39:05 +02:00
Gilles Peskine
0e3704f0a0 Reorder blocks to avoid double negations 
Convert `#if !... A #else B #endif` to `#if ... B #else A`. No semantic change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 12:39:05 +02:00
Gilles Peskine
bdd16d4cb1 Make it possible to enable CTR_DRBG/PSA without a PSA AES driver 
Make it possible, but not officially supported, to switch the CTR_DRBG
module to PSA mode even if MBEDTLS_AES_C is defined. This is not really
useful in practice, but is convenient to test the PSA mode without setting
up drivers.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 12:39:05 +02:00
Gilles Peskine
dc10825ab9 MBEDTLS_STATIC_ASSERT: make it work outside of a function 
At the top level, the macro would have had to be used without a following
semicolon (except with permissive compilers that accept spurious semicolons
outside of a function), which is confusing to humans and indenters. Fix
that.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 12:39:05 +02:00
Elena Uziunaite
51c85a0296 Replace MBEDTLS_SSL_HAVE_ARIA with PSA_WANT_KEY_TYPE_ARIA 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-08-07 11:33:14 +01:00
Manuel Pégourié-Gonnard
821b908456
Merge pull request #9364 from eleuzi01/replace-ccm 
Replace MBEDTLS_SSL_HAVE_CCM with PSA_WANT_ALG_CCM
 2024-08-07 08:18:52 +00:00
Tom Cosgrove
2d5b17be03
Merge pull request #8609 from tom-daubney-arm/standardise_proj_detection 
Standardise Project Detection in Shell Scripts
 2024-08-07 07:18:36 +00:00
Gilles Peskine
bac7c9699d
Merge pull request #9446 from gilles-peskine-arm/psa_generate_key_custom-development-forward_then_remove 
psa_generate_key_custom
 2024-08-06 16:41:42 +00:00
Thomas Daubney
b55679736b Move some proj detection code inside pre_check_environment 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 17:35:38 +01:00
Thomas Daubney
15129195a6 Fix code stlye 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
eb97f2a50f Make missed SHA internal functions static 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
38e64fbce0 Merge if blocks in SHA256/512 code 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
7070d26fa0 Make mbedtls_internal_sha512_process static 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
bfe1b67ec5 Make mbedtls_internal_sha256_process static 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
d4c886e57b Revert to original guarding for mbedtls_internal_aes_encrypt/decrypt 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
8ac215e482 Correct code style 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
ae5f8cc253 Restore SHA256 & SHA512 prototypes 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
3e0273f41a Internalise functions flagged as internal 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
2f1bebd551 Add newline to ChangeLog entry 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
c65eefa9ab Remove superfluous guard 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
b59c0ba81b Alter guarding in aes.c 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:07 +01:00
Thomas Daubney
2dd830d3c2 Remove superflous comment 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:06 +01:00
Thomas Daubney
5db9027d3f Add ChangeLog entry 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:06 +01:00
Thomas Daubney
ebcd49b961 Remove outdated documentation 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:06 +01:00
Thomas Daubney
28647d8669 Remove MBEDTLS_ECDSA_GENKEY_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:06 +01:00
Thomas Daubney
4864424fea Remove MBEDTLS_ECDSA_SIGN_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:06 +01:00
Thomas Daubney
e3013da240 Remove MBEDTLS_ECDSA_VERIFY_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:06 +01:00
Thomas Daubney
ce5ed8555c Remove MBEDTLS_ECDH_COMPUTE_SHARED_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:06 +01:00
Thomas Daubney
51b90fb6b1 Remove MBEDTLS_ECDH_GEN_PUBLIC_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:06 +01:00
Thomas Daubney
7c0b4adfa2 Remove MBEDTLS_AES_DECRYPT_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:03 +01:00
Thomas Daubney
6cf05f9322 Remove MBEDTLS_AES_ENCRYPT_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:15:51 +01:00
Thomas Daubney
955ce58142 Remove MBEDTLS_AES_SETKEY_DEC_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:15:08 +01:00
Thomas Daubney
742a2e3619 Remove MBEDTLS_AES_SETKEY_ENC_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:09:16 +01:00
Valerio Setti
2016d66741 psasim: small fixes to all.sh and test bash scripts 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-08-06 11:52:00 +02:00
Thomas Daubney
2bcf805284 Remove MBEDTLS_DES3_CRYPT_ECB_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-05 15:56:09 +01:00
Thomas Daubney
29561ec658 Remove MBEDTLS_DES_CRYPT_ECB_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-05 15:56:09 +01:00
Thomas Daubney
43874e0a84 Remove MBEDTLS_DES_SETKEY_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-05 15:56:09 +01:00
Thomas Daubney
3ab1b2d00b Remove MBEDTLS_SHA512_PROCESS_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-05 15:56:09 +01:00
Thomas Daubney
297b026d0a Remove MBEDTLS_SHA256_PROCESS_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-05 15:56:09 +01:00
Thomas Daubney
2106f79c49 Remove MBEDTLS_SHA1_PROCESS_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-05 15:56:09 +01:00
Thomas Daubney
64988680c5 Remove MBEDTLS_RIPEMD160_PROCESS_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-05 15:56:09 +01:00
Thomas Daubney
72a88e7255 Remove MBEDTLS_MD5_PROCESS_ALT 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-05 15:56:09 +01:00
Elena Uziunaite
3e81411122 Remove test_valgrind_constant_flow_psa_no_asm 
+ typo fix

Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-08-05 15:55:44 +01:00
Elena Uziunaite
94dba720e5 Tiny fix in library/constant_time_impl.h 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-08-05 15:55:03 +01:00
Elena Uziunaite
65d102673c Remove the hack in library/constant_time_impl.h 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-08-05 15:54:58 +01:00