mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-08 18:40:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
25,486 Commits 170 Branches 263 Tags
Commit Graph

11221 Commits

Author SHA1 Message Date
Przemek Stekiel
0b11ee0888 Fix compilation errors(unused variables, guards) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-16 13:26:06 +02:00
Przemek Stekiel
690ff698f7 mbedtls_x509_crt_free: release authorityCertIssuer sequence 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-16 11:08:30 +02:00
Paul Elliott
926bcb04fe
Merge pull request #7532 from AndrzejKurek/remove-leading-zeroes-ip-parsing 
Disallow leading zeroes when parsing IPv4 addresses
 2023-05-15 13:59:10 +01:00
Paul Elliott
aba165b58c
Merge pull request #7586 from gilles-peskine-arm/gitignore-objects-at-root 
Ignore *.o everywhere
 2023-05-15 13:57:24 +01:00
Gabor Mezei
a274041190
Fix comment 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-15 14:50:17 +02:00
Valerio Setti
f70b3e08b1 pk: fix: explicilty set const in casted value in mbedtls_pk_ec_ro 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 12:57:40 +02:00
Valerio Setti
3f00b84dd1 pk: fix build issues 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 12:57:06 +02:00
Valerio Setti
77a75685ed pk: align library and tests code to the new internal functions 
Note = programs are not aligned to this change because:
- the original mbedtls_pk_ec is not ufficially deprecated
- that function is used in tests when ECP_C is defined, so
  the legacy version of that function is available in that
  case

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 11:18:46 +02:00
Valerio Setti
229bf1031f pk: make mbedtls_pk_ec internal when !ECP_C 
mbedtls_pk_ec() is not an ideal function because:
- it provides direct access to the ecp_keypair structure wrapped
  by the pk_context and
- this bypasses the PK module's control
However, since for backward compatibility, it cannot be deprecated
immediately, 2 alternative internal functions are proposed.
As a consequence:
- when ECP_C is defined, then the legacy mbedtls_pk_ec is available
- when only ECP_LIGHT is defined, but ECP_C is not, then only the
  new internal functions will be available

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 11:13:55 +02:00
Gilles Peskine
8075f76708 Ignore *.o everywhere 
We don't commit *.o files anywhere, not even as test data. So ignore them
everywhere.

This resolves *.o files not being ignored under 3rdparty/p256-m.

Also remove a redundant ignore of *.exe in a subdirectory.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-12 13:58:05 +02:00
Tom Cosgrove
6d62faca8e Only include psa_pake_setup() and friends if some PAKE algorithms are required 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-05-12 12:36:24 +01:00
Gabor Mezei
b6653f3e27
Update comments 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-12 12:34:12 +02:00
Gabor Mezei
dcaf99ebb8
Add another round in the Koblitz reduction 
The addition can result in an overflow so another round is needed
in the reduction.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-12 12:34:05 +02:00
Yanray Wang
d896fcb0d5 nist_kw.c: remove non-128-bit data if aes_128bit_only enabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 18:09:42 +08:00
Przemek Stekiel
c80e7506a0 Handle simple copy import/export before driver dispatch 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-11 12:06:00 +02:00
Przemek Stekiel
a59255f04f Adapt guards in ffdh driver 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-11 12:06:00 +02:00
Yanray Wang
93533b51a8 gcm.c: do not set length for some arrays in selftest 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:57:17 +08:00
Yanray Wang
d329c69fba gcm selftest: remove non-128-bit data if aes_128bit_only enabled 
This commit sets a loop_limit to omit AES-GCM-192 and AES-GCM-256
if MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enabled.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:57:17 +08:00
Yanray Wang
dd56add42d cmac selftest: add macro for non-128-bit data/test 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:57:17 +08:00
Yanray Wang
59c2dfa48c aes selftest: determine selftest loop limit in runtime 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 17:56:21 +08:00
Yanray Wang
62c9991a5b aes selftest: remove non-128-bit data if aes_128bit_only enabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-11 11:11:17 +08:00
Paul Elliott
481a6a8edb
Merge pull request #7482 from gabor-mezei-arm/6029_use_core_api_in_ecp_mod_koblitz 
[Bignum] Use core API in ecp_mod_koblitz()
 2023-05-10 17:24:46 +01:00
Andrzej Kurek
199eab97e7 Add partial support for URI SubjectAltNames 
Only exact matching without normalization is supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-10 09:57:19 -04:00
Manuel Pégourié-Gonnard
1d046fa0dd
Merge pull request #6010 from mprse/ffdh_import_export 
FFDH 1, 2A, 2B: FFDH add support for import/export key, key agreement, key generation + tests
 2023-05-10 11:40:54 +02:00
Pol Henarejos
2d8076978a
Fix coding style. 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-05-09 11:44:57 +02:00
Gilles Peskine
97edeb4fb8
Merge pull request #6866 from mprse/extract-key-ids 
Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2
 2023-05-08 20:38:29 +02:00
Kusumit Ghoderao
3fc4ca7272 Limit max input cost to 32bit 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-08 15:57:41 +05:30
Kusumit Ghoderao
d0422f30c5 Enable empty salt as input for pbkdf2 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-08 15:56:19 +05:30
Kusumit Ghoderao
6731a2580c Remove redundant code in key_derivation_abort() 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-08 15:54:54 +05:30
Przemek Stekiel
61aed064c5 Code optimization 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-08 11:15:59 +02:00
Przemek Stekiel
ed9fb78739 Fix parsing of KeyIdentifier (tag length error case) + test 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-08 11:15:54 +02:00
Yanray Wang
e2bc158b38 aesce.c: add macro of MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-08 10:29:28 +08:00
Gabor Mezei
908f40014c
Determine special cases in-place in the common Koblitz function 
Remove parameter used by the special cases and check for special cases in-place.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2023-05-05 16:31:19 +02:00
Pol Henarejos
d06c6fc45b
Merge branch 'development' into sha3 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2023-05-05 16:01:18 +02:00
Tom Cosgrove
501fb3abf3
Merge pull request #5894 from Xeenych/patch-1 
Reduce RAM - move some variables to .rodata
 2023-05-05 14:54:32 +01:00
Przemek Stekiel
837d2d1c5e mbedtls_psa_export_ffdh_public_key: return fixed key size 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-05 12:33:46 +02:00
Valerio Setti
fc90decb74 pkwrite: removing unused/duplicated variables 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 12:30:40 +02:00
Valerio Setti
4f387ef277 pk: use better naming for the new key ID field 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 10:59:32 +02:00
Valerio Setti
048cd44f77 pk: fix library code for using the new opaque key solution 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 10:59:32 +02:00
Valerio Setti
e00954d0ed pk: store opaque key ID directly in the pk_context structure 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 10:57:26 +02:00
Przemek Stekiel
134cc2e7a8 Fix code style 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-05 10:13:47 +02:00
Manuel Pégourié-Gonnard
71f88ecc52
Merge pull request #6838 from jethrogb/jb/pkix-curdle 
Read and write RFC8410 keys
 2023-05-05 10:02:21 +02:00
Przemek Stekiel
e1621a460a mbedtls_psa_ffdh_generate_key: optimize code and return fixed key size 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-05-05 09:53:37 +02:00
Arto Kinnunen
0f06618db0 AES: skip 192bit and 256bit key in selftest if 128bit_only enabled 
This includes:
 - aes.c
 - cmac.c
 - gcm.c
 - nist_kw.c

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-05 11:20:59 +08:00
Arto Kinnunen
732ca3221d AES: add macro of MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH 
Add configuration option to support 128-bit key length only
in AES calculation.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-05 11:20:38 +08:00
Minos Galanakis
b89440394f bignum_core: Removed input checking for mbedtls_mpi_core_shift_l 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-04 14:40:40 +01:00
Dave Rodgman
6dc62e682a
Merge pull request #7544 from tom-cosgrove-arm/use-mbedtls_ct_uint_if-rather-than-mbedtls_ct_cond_select_sign 
Use mbedtls_ct_uint_if() rather than mbedtls_ct_cond_select_sign()
 2023-05-04 12:23:30 +01:00
Jethro Beekman
cb706ea308 Silence bad "maybe unitialized" warning for ec_grp_id 
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
 2023-05-04 13:01:47 +02:00
Jethro Beekman
cf4545e396 Fix unsued variable in mbedtls_pk_write_pubkey_der in certain configurations 
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
 2023-05-04 13:01:47 +02:00
Jethro Beekman
13d415c4ed Only use mbedtls_ecc_group_of_psa if defined(MBEDTLS_ECP_LIGHT) 
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
 2023-05-04 13:01:47 +02:00