mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-03 20:54:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #9271 from tom-daubney-arm/remove_asymmetric_crypto_alt_interface

Browse Source 
Remove asymmetric crypto alt interfaces
This commit is contained in:
Ronald Cron 2024-07-05 16:30:46 +00:00 committed by GitHub
commit 1d256267b0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
25 changed files with 20 additions and 708 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
include/mbedtls/check_config.h
View File

@ -189,9 +189,7 @@
defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) || \
defined(MBEDTLS_ECDSA_SIGN_ALT) || \
defined(MBEDTLS_ECDSA_VERIFY_ALT) || \
defined(MBEDTLS_ECDSA_GENKEY_ALT) || \
defined(MBEDTLS_ECP_INTERNAL_ALT) || \
defined(MBEDTLS_ECP_ALT) )
defined(MBEDTLS_ECDSA_GENKEY_ALT) )
#error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative ECP implementation"
#endif
@ -269,42 +267,6 @@
#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
#error "MBEDTLS_ECP_RANDOMIZE_JAC_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_ADD_MIXED_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
#error "MBEDTLS_ECP_ADD_MIXED_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
#error "MBEDTLS_ECP_DOUBLE_JAC_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
#error "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
#error "MBEDTLS_ECP_NORMALIZE_JAC_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
#error "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
#error "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
#error "MBEDTLS_ECP_NORMALIZE_MXZ_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_NO_FALLBACK) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
#error "MBEDTLS_ECP_NO_FALLBACK defined, but no alternative implementation enabled"
#endif
#if defined(MBEDTLS_HKDF_C) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_HKDF_C defined, but not all prerequisites"
#endif

81
include/mbedtls/mbedtls_config.h
View File

@ -383,29 +383,15 @@
//#define MBEDTLS_CHACHAPOLY_ALT
//#define MBEDTLS_CMAC_ALT
//#define MBEDTLS_DES_ALT
//#define MBEDTLS_DHM_ALT
//#define MBEDTLS_ECJPAKE_ALT
//#define MBEDTLS_GCM_ALT
//#define MBEDTLS_NIST_KW_ALT
//#define MBEDTLS_MD5_ALT
//#define MBEDTLS_POLY1305_ALT
//#define MBEDTLS_RIPEMD160_ALT
//#define MBEDTLS_RSA_ALT
//#define MBEDTLS_SHA1_ALT
//#define MBEDTLS_SHA256_ALT
//#define MBEDTLS_SHA512_ALT
/*
* When replacing the elliptic curve module, please consider, that it is
* implemented with two .c files:
* - ecp.c
* - ecp_curves.c
* You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
* macros as described above. The only difference is that you have to make sure
* that you provide functionality for both .c files.
*/
//#define MBEDTLS_ECP_ALT
/**
* \def MBEDTLS_SHA256_PROCESS_ALT
*
@ -461,71 +447,6 @@
//#define MBEDTLS_ECDSA_SIGN_ALT
//#define MBEDTLS_ECDSA_GENKEY_ALT
/**
* \def MBEDTLS_ECP_INTERNAL_ALT
*
* Expose a part of the internal interface of the Elliptic Curve Point module.
*
* MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use your
* alternative core implementation of elliptic curve arithmetic. Keep in mind
* that function prototypes should remain the same.
*
* This partially replaces one function. The header file from Mbed TLS is still
* used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
* is still present and it is used for group structures not supported by the
* alternative.
*
* The original implementation can in addition be removed by setting the
* MBEDTLS_ECP_NO_FALLBACK option, in which case any function for which the
* corresponding MBEDTLS_ECP__FUNCTION_NAME__ALT macro is defined will not be
* able to fallback to curves not supported by the alternative implementation.
*
* Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
* and implementing the following functions:
* unsigned char mbedtls_internal_ecp_grp_capable(
* const mbedtls_ecp_group *grp )
* int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
* void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp )
* The mbedtls_internal_ecp_grp_capable function should return 1 if the
* replacement functions implement arithmetic for the given group and 0
* otherwise.
* The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are
* called before and after each point operation and provide an opportunity to
* implement optimized set up and tear down instructions.
*
* Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and
* MBEDTLS_ECP_DOUBLE_JAC_ALT, Mbed TLS will still provide the ecp_double_jac()
* function, but will use your mbedtls_internal_ecp_double_jac() if the group
* for the operation is supported by your implementation (i.e. your
* mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the
* group is not supported by your implementation, then the original Mbed TLS
* implementation of ecp_double_jac() is used instead, unless this fallback
* behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case
* ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE).
*
* The function prototypes and the definition of mbedtls_ecp_group and
* mbedtls_ecp_point will not change based on MBEDTLS_ECP_INTERNAL_ALT, so your
* implementation of mbedtls_internal_ecp__function_name__ must be compatible
* with their definitions.
*
* Uncomment a macro to enable alternate implementation of the corresponding
* function.
*/
/* Required for all the functions in this section */
//#define MBEDTLS_ECP_INTERNAL_ALT
/* Turn off software fallback for curves not supported in hardware */
//#define MBEDTLS_ECP_NO_FALLBACK
/* Support for Weierstrass curves with Jacobi representation */
//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
//#define MBEDTLS_ECP_ADD_MIXED_ALT
//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
/* Support for curves with Montgomery arithmetic */
//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
/**
* \def MBEDTLS_ENTROPY_HARDWARE_ALT
*
@ -828,7 +749,7 @@
*
* \note This option only works with the default software implementation of
* elliptic curve functionality. It is incompatible with
* MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT.
* MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT.
*
* Requires: MBEDTLS_ECP_C
*

8
library/constant_time.c
View File

@ -146,7 +146,7 @@ int mbedtls_ct_memcmp_partial(const void *a,
#endif
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C)
void mbedtls_ct_memmove_left(void *start, size_t total, size_t offset)
{
@ -165,7 +165,7 @@ void mbedtls_ct_memmove_left(void *start, size_t total, size_t offset)
}
}
#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C */
void mbedtls_ct_memcpy_if(mbedtls_ct_condition_t condition,
unsigned char *dest,
@ -227,7 +227,7 @@ void mbedtls_ct_memcpy_offset(unsigned char *dest,
}
}
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C)
void mbedtls_ct_zeroize_if(mbedtls_ct_condition_t condition, void *buf, size_t len)
{
@ -245,4 +245,4 @@ void mbedtls_ct_zeroize_if(mbedtls_ct_condition_t condition, void *buf, size_t l
}
}
#endif /* defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) */
#endif /* defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) */

4
library/constant_time_internal.h
View File

@ -433,7 +433,7 @@ static inline int mbedtls_ct_error_if_else_0(mbedtls_ct_condition_t condition, i
* Block memory operations
*/
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C)
/** Conditionally set a block of memory to zero.
*
@ -466,7 +466,7 @@ void mbedtls_ct_memmove_left(void *start,
size_t total,
size_t offset);
#endif /* defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) */
#endif /* defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) */
/** Conditional memcpy.
*

3
library/dhm.c
View File

@ -33,8 +33,6 @@
#include "mbedtls/platform.h"
#if !defined(MBEDTLS_DHM_ALT)
/*
* helper to validate the mbedtls_mpi size and import it
*/
@ -642,7 +640,6 @@ int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path)
}
#endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_ASN1_PARSE_C */
#endif /* MBEDTLS_DHM_ALT */
#if defined(MBEDTLS_SELF_TEST)

10
library/ecjpake.c
View File

@ -20,8 +20,6 @@
#include <string.h>
#if !defined(MBEDTLS_ECJPAKE_ALT)
/*
* Convert a mbedtls_ecjpake_role to identifier string
*/
@ -820,8 +818,6 @@ cleanup:
#undef ID_MINE
#undef ID_PEER
#endif /* ! MBEDTLS_ECJPAKE_ALT */
#if defined(MBEDTLS_SELF_TEST)
#include "mbedtls/platform.h"
@ -840,8 +836,6 @@ static const unsigned char ecjpake_test_password[] = {
0x65, 0x73, 0x74
};
#if !defined(MBEDTLS_ECJPAKE_ALT)
static const unsigned char ecjpake_test_x1[] = {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
@ -1016,8 +1010,6 @@ cleanup:
return ret;
}
#endif /* ! MBEDTLS_ECJPAKE_ALT */
/* For tests we don't need a secure RNG;
* use the LGC from Numerical Recipes for simplicity */
static int ecjpake_lgc(void *p, unsigned char *out, size_t len)
@ -1116,7 +1108,6 @@ int mbedtls_ecjpake_self_test(int verbose)
mbedtls_printf("passed\n");
}
#if !defined(MBEDTLS_ECJPAKE_ALT)
/* 'reference handshake' tests can only be run against implementations
* for which we have 100% control over how the random ephemeral keys
* are generated. This is only the case for the internal Mbed TLS
@ -1186,7 +1177,6 @@ int mbedtls_ecjpake_self_test(int verbose)
if (verbose != 0) {
mbedtls_printf("passed\n");
}
#endif /* ! MBEDTLS_ECJPAKE_ALT */
cleanup:
mbedtls_ecjpake_free(&cli);

145
library/ecp.c
View File

@ -31,35 +31,6 @@
#include "common.h"
/**
* \brief Function level alternative implementation.
*
* The MBEDTLS_ECP_INTERNAL_ALT macro enables alternative implementations to
* replace certain functions in this module. The alternative implementations are
* typically hardware accelerators and need to activate the hardware before the
* computation starts and deactivate it after it finishes. The
* mbedtls_internal_ecp_init() and mbedtls_internal_ecp_free() functions serve
* this purpose.
*
* To preserve the correct functionality the following conditions must hold:
*
* - The alternative implementation must be activated by
* mbedtls_internal_ecp_init() before any of the replaceable functions is
* called.
* - mbedtls_internal_ecp_free() must \b only be called when the alternative
* implementation is activated.
* - mbedtls_internal_ecp_init() must \b not be called when the alternative
* implementation is activated.
* - Public functions must not return while the alternative implementation is
* activated.
* - Replaceable functions are guarded by \c MBEDTLS_ECP_XXX_ALT macros and
* before calling them an \code if( mbedtls_internal_ecp_grp_capable( grp ) )
* \endcode ensures that the alternative implementation supports the current
* group.
*/
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
#endif
#if defined(MBEDTLS_ECP_LIGHT)
#include "mbedtls/ecp.h"
@ -72,12 +43,8 @@
#include <string.h>
#if !defined(MBEDTLS_ECP_ALT)
#include "mbedtls/platform.h"
#include "ecp_internal_alt.h"
#if defined(MBEDTLS_SELF_TEST)
/*
* Counts of point addition and doubling, and field multiplications.
@ -1317,15 +1284,6 @@ static int ecp_normalize_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt
return 0;
}
#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
if (mbedtls_internal_ecp_grp_capable(grp)) {
return mbedtls_internal_ecp_normalize_jac(grp, pt);
}
#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */
#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
#else
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_mpi T;
mbedtls_mpi_init(&T);
@ -1343,7 +1301,6 @@ cleanup:
mbedtls_mpi_free(&T);
return ret;
#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) */
}
/*
@ -1364,15 +1321,6 @@ static int ecp_normalize_jac_many(const mbedtls_ecp_group *grp,
return ecp_normalize_jac(grp, *T);
}
#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
if (mbedtls_internal_ecp_grp_capable(grp)) {
return mbedtls_internal_ecp_normalize_jac_many(grp, T, T_size);
}
#endif
#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
#else
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t i;
mbedtls_mpi *c, t;
@ -1447,7 +1395,6 @@ cleanup:
mbedtls_free(c);
return ret;
#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) */
}
/*
@ -1491,15 +1438,6 @@ static int ecp_double_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
dbl_count++;
#endif
#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
if (mbedtls_internal_ecp_grp_capable(grp)) {
return mbedtls_internal_ecp_double_jac(grp, R, P);
}
#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */
#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
#else
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* Special case for A = -3 */
@ -1557,7 +1495,6 @@ static int ecp_double_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
cleanup:
return ret;
#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) */
}
/*
@ -1588,15 +1525,6 @@ static int ecp_add_mixed(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
add_count++;
#endif
#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
if (mbedtls_internal_ecp_grp_capable(grp)) {
return mbedtls_internal_ecp_add_mixed(grp, R, P, Q);
}
#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */
#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_ADD_MIXED_ALT)
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
#else
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* NOTE: Aliasing between input and output is allowed, so one has to make
@ -1668,7 +1596,6 @@ static int ecp_add_mixed(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
cleanup:
return ret;
#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_ADD_MIXED_ALT) */
}
/*
@ -1681,15 +1608,6 @@ cleanup:
static int ecp_randomize_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
{
#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
if (mbedtls_internal_ecp_grp_capable(grp)) {
return mbedtls_internal_ecp_randomize_jac(grp, pt, f_rng, p_rng);
}
#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
#else
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_mpi l;
@ -1718,7 +1636,6 @@ cleanup:
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
}
return ret;
#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) */
}
/*
@ -2422,15 +2339,6 @@ cleanup:
*/
static int ecp_normalize_mxz(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P)
{
#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
if (mbedtls_internal_ecp_grp_capable(grp)) {
return mbedtls_internal_ecp_normalize_mxz(grp, P);
}
#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
#else
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
MPI_ECP_INV(&P->Z, &P->Z);
MPI_ECP_MUL(&P->X, &P->X, &P->Z);
@ -2438,7 +2346,6 @@ static int ecp_normalize_mxz(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P)
cleanup:
return ret;
#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) */
}
/*
@ -2452,15 +2359,6 @@ cleanup:
static int ecp_randomize_mxz(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
{
#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
if (mbedtls_internal_ecp_grp_capable(grp)) {
return mbedtls_internal_ecp_randomize_mxz(grp, P, f_rng, p_rng);
}
#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
#else
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_mpi l;
mbedtls_mpi_init(&l);
@ -2478,7 +2376,6 @@ cleanup:
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
}
return ret;
#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) */
}
/*
@ -2502,15 +2399,6 @@ static int ecp_double_add_mxz(const mbedtls_ecp_group *grp,
const mbedtls_mpi *d,
mbedtls_mpi T[4])
{
#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
if (mbedtls_internal_ecp_grp_capable(grp)) {
return mbedtls_internal_ecp_double_add_mxz(grp, R, S, P, Q, d);
}
#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */
#if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
#else
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
MPI_ECP_ADD(&T[0], &P->X, &P->Z); /* Pp := PX + PZ */
@ -2535,7 +2423,6 @@ static int ecp_double_add_mxz(const mbedtls_ecp_group *grp,
cleanup:
return ret;
#endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) */
}
/*
@ -2629,9 +2516,6 @@ static int ecp_mul_restartable_internal(mbedtls_ecp_group *grp, mbedtls_ecp_poin
mbedtls_ecp_restart_ctx *rs_ctx)
{
int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
char is_grp_capable = 0;
#endif
#if defined(MBEDTLS_ECP_RESTARTABLE)
/* reset ops count for this call if top-level */
@ -2642,12 +2526,6 @@ static int ecp_mul_restartable_internal(mbedtls_ecp_group *grp, mbedtls_ecp_poin
(void) rs_ctx;
#endif
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
if ((is_grp_capable = mbedtls_internal_ecp_grp_capable(grp))) {
MBEDTLS_MPI_CHK(mbedtls_internal_ecp_init(grp));
}
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
int restarting = 0;
#if defined(MBEDTLS_ECP_RESTARTABLE)
restarting = (rs_ctx != NULL && rs_ctx->rsm != NULL);
@ -2676,12 +2554,6 @@ static int ecp_mul_restartable_internal(mbedtls_ecp_group *grp, mbedtls_ecp_poin
cleanup:
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
if (is_grp_capable) {
mbedtls_internal_ecp_free(grp);
}
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
#if defined(MBEDTLS_ECP_RESTARTABLE)
if (rs_ctx != NULL) {
rs_ctx->depth--;
@ -2808,9 +2680,6 @@ int mbedtls_ecp_muladd_restartable(
mbedtls_ecp_point *pmP = &mP;
mbedtls_ecp_point *pR = R;
mbedtls_mpi tmp[4];
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
char is_grp_capable = 0;
#endif
if (mbedtls_ecp_get_type(grp) != MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) {
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
}
@ -2849,12 +2718,6 @@ mul2:
#endif
MBEDTLS_MPI_CHK(mbedtls_ecp_mul_shortcuts(grp, pR, n, Q, rs_ctx));
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
if ((is_grp_capable = mbedtls_internal_ecp_grp_capable(grp))) {
MBEDTLS_MPI_CHK(mbedtls_internal_ecp_init(grp));
}
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
#if defined(MBEDTLS_ECP_RESTARTABLE)
if (rs_ctx != NULL && rs_ctx->ma != NULL) {
rs_ctx->ma->state = ecp_rsma_add;
@ -2884,12 +2747,6 @@ cleanup:
mpi_free_many(tmp, sizeof(tmp) / sizeof(mbedtls_mpi));
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
if (is_grp_capable) {
mbedtls_internal_ecp_free(grp);
}
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
mbedtls_ecp_point_free(&mP);
ECP_RS_LEAVE(ma);
@ -3698,6 +3555,4 @@ cleanup:
#endif /* MBEDTLS_SELF_TEST */
#endif /* !MBEDTLS_ECP_ALT */
#endif /* MBEDTLS_ECP_LIGHT */

4
library/ecp_curves.c
View File

@ -21,8 +21,6 @@
#include <string.h>
#if !defined(MBEDTLS_ECP_ALT)
#define ECP_MPI_INIT(_p, _n) { .p = (mbedtls_mpi_uint *) (_p), .s = 1, .n = (_n) }
#define ECP_MPI_INIT_ARRAY(x) \
@ -5454,7 +5452,5 @@ mbedtls_ecp_variant mbedtls_ecp_get_variant(void)
#endif /* MBEDTLS_TEST_HOOKS */
#endif /* !MBEDTLS_ECP_ALT */
#endif /* MBEDTLS_ECP_LIGHT */
#endif /* MBEDTLS_ECP_WITH_MPI_UINT */

3
library/ecp_curves_new.c
View File

@ -26,8 +26,6 @@
#include <string.h>
#if !defined(MBEDTLS_ECP_ALT)
#define ECP_MPI_INIT(_p, _n) { .p = (mbedtls_mpi_uint *) (_p), .s = 1, .n = (_n) }
#define ECP_MPI_INIT_ARRAY(x) \
@ -6031,6 +6029,5 @@ mbedtls_ecp_variant mbedtls_ecp_get_variant(void)
#endif /* MBEDTLS_TEST_HOOKS */
#endif /* !MBEDTLS_ECP_ALT */
#endif /* MBEDTLS_ECP_LIGHT */
#endif /* MBEDTLS_ECP_WITH_MPI_UINT */

287
library/ecp_internal_alt.h
View File

@ -1,287 +0,0 @@
/**
* \file ecp_internal_alt.h
*
* \brief Function declarations for alternative implementation of elliptic curve
* point arithmetic.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
/*
* References:
*
* [1] BERNSTEIN, Daniel J. Curve25519: new Diffie-Hellman speed records.
* <http://cr.yp.to/ecdh/curve25519-20060209.pdf>
*
* [2] CORON, Jean-S'ebastien. Resistance against differential power analysis
* for elliptic curve cryptosystems. In : Cryptographic Hardware and
* Embedded Systems. Springer Berlin Heidelberg, 1999. p. 292-302.
* <http://link.springer.com/chapter/10.1007/3-540-48059-5_25>
*
* [3] HEDABOU, Mustapha, PINEL, Pierre, et B'EN'ETEAU, Lucien. A comb method to
* render ECC resistant against Side Channel Attacks. IACR Cryptology
* ePrint Archive, 2004, vol. 2004, p. 342.
* <http://eprint.iacr.org/2004/342.pdf>
*
* [4] Certicom Research. SEC 2: Recommended Elliptic Curve Domain Parameters.
* <http://www.secg.org/sec2-v2.pdf>
*
* [5] HANKERSON, Darrel, MENEZES, Alfred J., VANSTONE, Scott. Guide to Elliptic
* Curve Cryptography.
*
* [6] Digital Signature Standard (DSS), FIPS 186-4.
* <http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf>
*
* [7] Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer
* Security (TLS), RFC 4492.
* <https://tools.ietf.org/search/rfc4492>
*
* [8] <http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html>
*
* [9] COHEN, Henri. A Course in Computational Algebraic Number Theory.
* Springer Science & Business Media, 1 Aug 2000
*/
#ifndef MBEDTLS_ECP_INTERNAL_H
#define MBEDTLS_ECP_INTERNAL_H
#include "mbedtls/build_info.h"
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
/**
* \brief Indicate if the Elliptic Curve Point module extension can
* handle the group.
*
* \param grp The pointer to the elliptic curve group that will be the
* basis of the cryptographic computations.
*
* \return Non-zero if successful.
*/
unsigned char mbedtls_internal_ecp_grp_capable(const mbedtls_ecp_group *grp);
/**
* \brief Initialise the Elliptic Curve Point module extension.
*
* If mbedtls_internal_ecp_grp_capable returns true for a
* group, this function has to be able to initialise the
* module for it.
*
* This module can be a driver to a crypto hardware
* accelerator, for which this could be an initialise function.
*
* \param grp The pointer to the group the module needs to be
* initialised for.
*
* \return 0 if successful.
*/
int mbedtls_internal_ecp_init(const mbedtls_ecp_group *grp);
/**
* \brief Frees and deallocates the Elliptic Curve Point module
* extension.
*
* \param grp The pointer to the group the module was initialised for.
*/
void mbedtls_internal_ecp_free(const mbedtls_ecp_group *grp);
#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
/**
* \brief Randomize jacobian coordinates:
* (X, Y, Z) -> (l^2 X, l^3 Y, l Z) for random l.
*
* \param grp Pointer to the group representing the curve.
*
* \param pt The point on the curve to be randomised, given with Jacobian
* coordinates.
*
* \param f_rng A function pointer to the random number generator.
*
* \param p_rng A pointer to the random number generator state.
*
* \return 0 if successful.
*/
int mbedtls_internal_ecp_randomize_jac(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *pt, int (*f_rng)(void *,
unsigned char *,
size_t),
void *p_rng);
#endif
#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
/**
* \brief Addition: R = P + Q, mixed affine-Jacobian coordinates.
*
* The coordinates of Q must be normalized (= affine),
* but those of P don't need to. R is not normalized.
*
* This function is used only as a subrutine of
* ecp_mul_comb().
*
* Special cases: (1) P or Q is zero, (2) R is zero,
* (3) P == Q.
* None of these cases can happen as intermediate step in
* ecp_mul_comb():
* - at each step, P, Q and R are multiples of the base
* point, the factor being less than its order, so none of
* them is zero;
* - Q is an odd multiple of the base point, P an even
* multiple, due to the choice of precomputed points in the
* modified comb method.
* So branches for these cases do not leak secret information.
*
* We accept Q->Z being unset (saving memory in tables) as
* meaning 1.
*
* Cost in field operations if done by [5] 3.22:
* 1A := 8M + 3S
*
* \param grp Pointer to the group representing the curve.
*
* \param R Pointer to a point structure to hold the result.
*
* \param P Pointer to the first summand, given with Jacobian
* coordinates
*
* \param Q Pointer to the second summand, given with affine
* coordinates.
*
* \return 0 if successful.
*/
int mbedtls_internal_ecp_add_mixed(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *R, const mbedtls_ecp_point *P,
const mbedtls_ecp_point *Q);
#endif
/**
* \brief Point doubling R = 2 P, Jacobian coordinates.
*
* Cost: 1D := 3M + 4S (A == 0)
* 4M + 4S (A == -3)
* 3M + 6S + 1a otherwise
* when the implementation is based on the "dbl-1998-cmo-2"
* doubling formulas in [8] and standard optimizations are
* applied when curve parameter A is one of { 0, -3 }.
*
* \param grp Pointer to the group representing the curve.
*
* \param R Pointer to a point structure to hold the result.
*
* \param P Pointer to the point that has to be doubled, given with
* Jacobian coordinates.
*
* \return 0 if successful.
*/
#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
int mbedtls_internal_ecp_double_jac(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *R, const mbedtls_ecp_point *P);
#endif
/**
* \brief Normalize jacobian coordinates of an array of (pointers to)
* points.
*
* Using Montgomery's trick to perform only one inversion mod P
* the cost is:
* 1N(t) := 1I + (6t - 3)M + 1S
* (See for example Algorithm 10.3.4. in [9])
*
* This function is used only as a subrutine of
* ecp_mul_comb().
*
* Warning: fails (returning an error) if one of the points is
* zero!
* This should never happen, see choice of w in ecp_mul_comb().
*
* \param grp Pointer to the group representing the curve.
*
* \param T Array of pointers to the points to normalise.
*
* \param t_len Number of elements in the array.
*
* \return 0 if successful,
* an error if one of the points is zero.
*/
#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
int mbedtls_internal_ecp_normalize_jac_many(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *T[], size_t t_len);
#endif
/**
* \brief Normalize jacobian coordinates so that Z == 0 || Z == 1.
*
* Cost in field operations if done by [5] 3.2.1:
* 1N := 1I + 3M + 1S
*
* \param grp Pointer to the group representing the curve.
*
* \param pt pointer to the point to be normalised. This is an
* input/output parameter.
*
* \return 0 if successful.
*/
#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
int mbedtls_internal_ecp_normalize_jac(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *pt);
#endif
#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
int mbedtls_internal_ecp_double_add_mxz(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *R,
mbedtls_ecp_point *S,
const mbedtls_ecp_point *P,
const mbedtls_ecp_point *Q,
const mbedtls_mpi *d);
#endif
/**
* \brief Randomize projective x/z coordinates:
* (X, Z) -> (l X, l Z) for random l
*
* \param grp pointer to the group representing the curve
*
* \param P the point on the curve to be randomised given with
* projective coordinates. This is an input/output parameter.
*
* \param f_rng a function pointer to the random number generator
*
* \param p_rng a pointer to the random number generator state
*
* \return 0 if successful
*/
#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
int mbedtls_internal_ecp_randomize_mxz(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *P, int (*f_rng)(void *,
unsigned char *,
size_t),
void *p_rng);
#endif
/**
* \brief Normalize Montgomery x/z coordinates: X = X/Z, Z = 1.
*
* \param grp pointer to the group representing the curve
*
* \param P pointer to the point to be normalised. This is an
* input/output parameter.
*
* \return 0 if successful
*/
#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
int mbedtls_internal_ecp_normalize_mxz(const mbedtls_ecp_group *grp,
mbedtls_ecp_point *P);
#endif
#endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
#endif /* MBEDTLS_ECP_INTERNAL_ALT */
#endif /* ecp_internal_alt.h */

6
library/pk_wrap.c
View File

@ -470,11 +470,6 @@ static void rsa_free_wrap(void *ctx)
static void rsa_debug(mbedtls_pk_context *pk, mbedtls_pk_debug_item *items)
{
#if defined(MBEDTLS_RSA_ALT)
/* Not supported */
(void) pk;
(void) items;
#else
mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx;
items->type = MBEDTLS_PK_DEBUG_MPI;
@ -486,7 +481,6 @@ static void rsa_debug(mbedtls_pk_context *pk, mbedtls_pk_debug_item *items)
items->type = MBEDTLS_PK_DEBUG_MPI;
items->name = "rsa.E";
items->value = &(rsa->E);
#endif
}
const mbedtls_pk_info_t mbedtls_rsa_info = {

10
library/rsa.c
View File

@ -155,7 +155,7 @@ int mbedtls_rsa_parse_key(mbedtls_rsa_context *rsa, const unsigned char *key, si
goto cleanup;
}
#if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT)
#if !defined(MBEDTLS_RSA_NO_CRT)
/*
* The RSA CRT parameters DP, DQ and QP are nominally redundant, in
* that they can be easily recomputed from D, P and Q. However by
@ -411,7 +411,7 @@ end_of_export:
return (int) len;
}
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C)
/** This function performs the unpadding part of a PKCS#1 v1.5 decryption
* operation (EME-PKCS1-v1_5 decoding).
@ -564,9 +564,7 @@ static int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input,
return ret;
}
#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
#if !defined(MBEDTLS_RSA_ALT)
#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C */
int mbedtls_rsa_import(mbedtls_rsa_context *ctx,
const mbedtls_mpi *N,
@ -2841,8 +2839,6 @@ void mbedtls_rsa_free(mbedtls_rsa_context *ctx)
#endif
}
#endif /* !MBEDTLS_RSA_ALT */
#if defined(MBEDTLS_SELF_TEST)

6
library/rsa_alt_helpers.h
View File

@ -3,6 +3,12 @@
*
* \brief Context-independent RSA helper functions
*
* Please note: The below explanation is historical and is no longer relevant
* due to there being no compelling reason to keep these functions separate
* since the RSA alt interface was removed. A future refactoring will address
* this which is tracked by the following issue:
* https://github.com/Mbed-TLS/TF-PSA-Crypto/issues/105.
*
* This module declares some RSA-related helper functions useful when
* implementing the RSA interface. These functions are provided in a separate
* compilation unit in order to make it easy for designers of alternative RSA

1
scripts/config.py
View File

@ -185,7 +185,6 @@ EXCLUDE_FROM_FULL = frozenset([
'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options
'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options
'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # influences the use of ECDH in TLS
'MBEDTLS_ECP_NO_FALLBACK', # removes internal ECP implementation
'MBEDTLS_ECP_WITH_MPI_UINT', # disables the default ECP and is experimental
'MBEDTLS_ENTROPY_FORCE_SHA256', # interacts with CTR_DRBG_128_BIT_KEY
'MBEDTLS_HAVE_SSE2', # hardware dependency

16
tests/include/alt-dummy/dhm_alt.h
View File

@ -1,16 +0,0 @@
/* dhm_alt.h with dummy types for MBEDTLS_DHM_ALT */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef DHM_ALT_H
#define DHM_ALT_H
typedef struct mbedtls_dhm_context {
int dummy;
}
mbedtls_dhm_context;
#endif /* dhm_alt.h */

15
tests/include/alt-dummy/ecjpake_alt.h
View File

@ -1,15 +0,0 @@
/* ecjpake_alt.h with dummy types for MBEDTLS_ECJPAKE_ALT */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef ECJPAKE_ALT_H
#define ECJPAKE_ALT_H
typedef struct mbedtls_ecjpake_context {
int dummy;
} mbedtls_ecjpake_context;
#endif /* ecjpake_alt.h */

22
tests/include/alt-dummy/ecp_alt.h
View File

@ -1,22 +0,0 @@
/* ecp_alt.h with dummy types for MBEDTLS_ECP_ALT */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef ECP_ALT_H
#define ECP_ALT_H
typedef struct mbedtls_ecp_group {
const mbedtls_ecp_group_id id;
const mbedtls_mpi P;
const mbedtls_mpi A;
const mbedtls_mpi B;
const mbedtls_ecp_point G;
const mbedtls_mpi N;
const size_t pbits;
const size_t nbits;
}
mbedtls_ecp_group;
#endif /* ecp_alt.h */

16
tests/include/alt-dummy/rsa_alt.h
View File

@ -1,16 +0,0 @@
/* rsa_alt.h with dummy types for MBEDTLS_RSA_ALT */
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef RSA_ALT_H
#define RSA_ALT_H
typedef struct mbedtls_rsa_context {
int dummy;
}
mbedtls_rsa_context;
#endif /* rsa_alt.h */

12
tests/scripts/all.sh
View File

@ -2451,24 +2451,12 @@ component_build_module_alt () {
# Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable
# MBEDTLS_XXX_YYY_ALT which are for single functions.
scripts/config.py set-all 'MBEDTLS_([A-Z0-9]*|NIST_KW)_ALT'
scripts/config.py unset MBEDTLS_DHM_ALT #incompatible with MBEDTLS_DEBUG_C
# We can only compile, not link, since we don't have any implementations
# suitable for testing with the dummy alt headers.
make CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib
}
component_build_dhm_alt () {
msg "build: MBEDTLS_DHM_ALT" # ~30s
scripts/config.py full
scripts/config.py set MBEDTLS_DHM_ALT
# debug.c currently references mbedtls_dhm_context fields directly.
scripts/config.py unset MBEDTLS_DEBUG_C
# We can only compile, not link, since we don't have any implementations
# suitable for testing with the dummy alt headers.
make CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib
}
component_test_no_psa_crypto_full_cmake_asan() {
# full minus MBEDTLS_PSA_CRYPTO_C: run the same set of tests as basic-build-test.sh
msg "build: cmake, full config minus PSA crypto, ASan"

4
tests/suites/test_suite_constant_time.function
View File

@ -171,7 +171,7 @@ void mbedtls_ct_if(char *c_str, char *t_str, char *f_str)
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:!MBEDTLS_RSA_ALT */
/* BEGIN_CASE depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
void mbedtls_ct_zeroize_if(char *c_str, int len)
{
uint8_t *buf = NULL;
@ -431,7 +431,7 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:!MBEDTLS_RSA_ALT */
/* BEGIN_CASE depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
void mbedtls_ct_memmove_left(int len, int offset)
{
size_t l = (size_t) len;

3
tests/suites/test_suite_pkcs1_v15.function
View File

@ -235,7 +235,6 @@ void pkcs1_v15_decode(data_t *input,
size_t i;
size_t count = 0;
#if !defined(MBEDTLS_RSA_ALT)
/* Check that the output in invalid cases is what the default
* implementation currently does. Alternative implementations
* may produce different output, so we only perform these precise
@ -244,7 +243,7 @@ void pkcs1_v15_decode(data_t *input,
for (i = 0; i < max_payload_length; i++) {
TEST_ASSERT(final[i] == 0);
}
#endif
/* Even in alternative implementations, the outputs must have
* changed, otherwise it indicates at least a timing vulnerability
* because no write to the outputs is performed in the bad case. */

6
tf-psa-crypto/drivers/builtin/include/mbedtls/dhm.h
View File

@ -93,8 +93,6 @@ typedef enum {
extern "C" {
#endif
#if !defined(MBEDTLS_DHM_ALT)
/**
* \brief The DHM context structure.
*/
@ -112,10 +110,6 @@ typedef struct mbedtls_dhm_context {
}
mbedtls_dhm_context;
#else /* MBEDTLS_DHM_ALT */
#include "dhm_alt.h"
#endif /* MBEDTLS_DHM_ALT */
/**
* \brief This function initializes the DHM context.
*

5
tf-psa-crypto/drivers/builtin/include/mbedtls/ecjpake.h
View File

@ -45,7 +45,6 @@ typedef enum {
MBEDTLS_ECJPAKE_NONE, /**< Undefined */
} mbedtls_ecjpake_role;
#if !defined(MBEDTLS_ECJPAKE_ALT)
/**
* EC J-PAKE context structure.
*
@ -75,10 +74,6 @@ typedef struct mbedtls_ecjpake_context {
mbedtls_mpi MBEDTLS_PRIVATE(s); /**< Pre-shared secret (passphrase) */
} mbedtls_ecjpake_context;
#else /* MBEDTLS_ECJPAKE_ALT */
#include "ecjpake_alt.h"
#endif /* MBEDTLS_ECJPAKE_ALT */
/**
* \brief Initialize an ECJPAKE context.
*

13
tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h
View File

@ -162,15 +162,6 @@ typedef struct mbedtls_ecp_point {
}
mbedtls_ecp_point;
#if !defined(MBEDTLS_ECP_ALT)
/*
* default Mbed TLS elliptic curve arithmetic implementation
*
* (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an
* alternative implementation for the whole module and it will replace this
* one.)
*/
/**
* \brief The ECP group structure.
*
@ -309,10 +300,6 @@ mbedtls_ecp_group;
/** \} name SECTION: Module settings */
#else /* MBEDTLS_ECP_ALT */
#include "ecp_alt.h"
#endif /* MBEDTLS_ECP_ALT */
/**
* The maximum size of the groups, that is, of \c N and \c P.
*/

8
tf-psa-crypto/drivers/builtin/include/mbedtls/rsa.h
View File

@ -69,10 +69,6 @@
extern "C" {
#endif
#if !defined(MBEDTLS_RSA_ALT)
// Regular implementation
//
#if !defined(MBEDTLS_RSA_GEN_KEY_MIN_BITS)
#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024
#elif MBEDTLS_RSA_GEN_KEY_MIN_BITS < 128
@ -122,10 +118,6 @@ typedef struct mbedtls_rsa_context {
}
mbedtls_rsa_context;
#else /* MBEDTLS_RSA_ALT */
#include "rsa_alt.h"
#endif /* MBEDTLS_RSA_ALT */
/**
* \brief This function initializes an RSA context.
*