mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 09:40:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
29,215 Commits 170 Branches 263 Tags
Commit Graph

402 Commits

Author SHA1 Message Date
Dave Rodgman
13f2f4e7f1 Merge remote-tracking branch 'restricted/development' into mbedtls-3.5.2rc 2024-01-24 09:49:15 +00:00
Janos Follath
b4b8f3df3b RSA: improve readability 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
47ee770812 RSA: remove unneeded temporaries 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
e6750b2a0b RSA: document Montgomery trick in unblind 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
a62a554071 Fix style 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
100dcddfca Make local function static 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
6bcbc925bf Extend blinding to RSA result check 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath
d6b096532c Make RSA unblinding constant flow 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Tomi Fontanilles
573dc23141 rsa: introduce rsa_internal_rsassa_pss_sign_no_mode_check() 
And use it in the non-PSA version of mbedtls_pk_sign_ext()
to bypass checks that didn't succeed when used by TLS 1.3.

That is because in the failing scenarios the padding of
the RSA context is not set to PKCS_V21.

See the discussion on PR #7930 for more details.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Dave Rodgman
e4a6f5a7ec Use size_t cast for pointer subtractions 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-21 17:09:46 +00:00
Dave Rodgman
e3c05853d6 Header updates 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:21:36 +00:00
Dave Rodgman
16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
Valerio Setti
02a634decd md: remove unnecessary inclusions of mbedtls/md.h 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-11 13:15:58 +02:00
Dave Rodgman
d03f483dbe Use mbedtls_ct_error_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-22 10:01:47 +01:00
Dave Rodgman
7ad37e40a6 Remove use of mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 21:53:31 +01:00
Dave Rodgman
61f1beaccf Update library to use mbedtls_ct_int_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 19:23:17 +01:00
Dave Rodgman
1a404e8f34 Use mbedtls_ct_error for CT error selection 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-21 13:12:28 +01:00
Dave Rodgman
c62f7fcce9 Use more meaningful variable name in mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Dave Rodgman
e94cd0b99b Correct use of mbedtls_ct_mpi_uint_if_else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-20 19:09:51 +01:00
Dave Rodgman
b4e6b41aa0 Use const-time interface throughout mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 18:34:06 +01:00
Dave Rodgman
66d6ac92e6 Use mbedtls_ct_memcmp in mbedtls_rsa_rsaes_oaep_decrypt 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-09-19 09:10:59 +01:00
Dave Rodgman
98ddc01a7c Rename ...if0 to ...else_0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 12:11:31 +01:00
Dave Rodgman
b7825ceb3e Rename uint->bool operators to reflect input types 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-10 11:58:18 +01:00
Dave Rodgman
c98f8d996a
Merge branch 'development' into safer-ct5 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-08-07 11:47:35 +01:00
Dave Rodgman
6f80ac4979
Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size 
Enforce minimum key size when generating RSA key size
 2023-08-03 12:57:52 +00:00
Dave Rodgman
1d4d944e19
Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free 
Provide and use internal function mbedtls_zeroize_and_free()
 2023-08-03 12:56:21 +00:00
Waleed Elmelegy
d7bdbbeb0a Improve naming of mimimum RSA key size generation configurations 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-27 14:50:09 +00:00
Waleed Elmelegy
76336c3e4d Enforce minimum key size when generating RSA key size 
Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-07-27 10:58:25 +00:00
Tom Cosgrove
ca8c61b815 Provide and use internal function mbedtls_zeroize_and_free() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-07-17 15:17:40 +01:00
Agathiyan Bragadeesh
01ed84a1f3 Add type casts in rsa.c 
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
 2023-07-17 15:14:42 +01:00
Dave Rodgman
c216d94560 Merge remote-tracking branch 'origin/development' into safer-ct5 2023-06-13 10:36:37 +01:00
Manuel Pégourié-Gonnard
28f504e892 Use PSA-neutral function for availability check 
We just want to check if this hash is available, and the check is
present in builds both with PSA and without it. The function we were
using is only present in builds with PSA, so it wasn't appropriate.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
6076f4124a Remove hash_info.[ch] 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
2d6d993662 Use MD<->PSA functions from MD light 
As usual, just a search-and-replace plus:

1. Removing things from hash_info.[ch]
2. Adding new auto-enable MD_LIGHT in build-info.h
3. Including md_psa.h where needed

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
8857984b2f Replace hash_info macro with MD macro 
Now the MD macro also accounts for PSA-only hashes.

Just a search-and-replace, plus manually removing the definition in
hash_info.h.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
9b41eb8533 Replace hash_info_get_type with MD function 
Mostly a search and replace with just two manual changes:

1. Now PK and TLS need MD light, so auto-enable it.
2. Remove the old function in hash_info.[ch]

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-06 10:33:54 +02:00
Dave Rodgman
2b4486a014 Rename mbedtls_ct_uint_if_new to mbedtls_ct_uint_if 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-26 12:42:48 +01:00
Dave Rodgman
9f9c3b8c33 Use new CT interface in rsa.c 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-26 12:42:48 +01:00
Dave Rodgman
19e8cd06fe Move mbedtls_ct_rsaes_pkcs1_v15_unpadding into rsa.c 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-05-26 12:42:48 +01:00
Manuel Pégourié-Gonnard
c1f10441e0 RSA: use MD_CAN macros 
sed -i -f md.sed library/rsa.c tests/suites/test_suite_rsa* include/mbedtls/rsa.h tests/suites/test_suite_pkcs1_v*

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard
fb8d90a2db RSA: always use MD light 
Note: already auto-enabled in build_info.h

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-21 16:28:00 +01:00
Dave Rodgman
3543806026
Merge pull request #7190 from yanrayw/6197_rsa_get_padding_hashID 
RSA: provide interface to retrieve padding mode and hash_id
 2023-03-20 18:34:53 +00:00
Yanray Wang
d41684e8bc rsa.c: rename getter function of hash_id 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-03-17 18:57:42 +08:00
Manuel Pégourié-Gonnard
b33ef74d44 Use MD_LIGHT, not sha1.h, in RSA selftest 
Same note as previous commit regarding guards.

Note that we could auto-enable MD_LIGHT only when SELF_TEST is defined,
and even only when SHA1_C is defined too, but somewhere down the line
we'll want to auto-enable it for the sake of other RSA function (not in
selftest and could use any hash), so there's little point in optimizing
the temporary condition, let's use the simple one upfront.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-17 09:43:28 +01:00
Yanray Wang
644b901a4c rsa.c: remove MBEDTLS_PRIVATE 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-03-15 16:50:37 +08:00
Yanray Wang
83548b5c10 fix inappropriate description for function in RSA 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-03-15 16:49:52 +08:00
Yanray Wang
12cb39661c rsa.c: provide interface to get hash_id of RSA context 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-03-15 16:42:48 +08:00
Yanray Wang
a730df6f86 rsa.c: provide interface to get padding mode of RSA context 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-03-15 16:42:26 +08:00
Andrzej Kurek
8a045ce5e6 Unify PSA to Mbed TLS error translation 
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-03 05:23:44 -05:00
Gilles Peskine
449bd8303e Switch to the new code style 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-01-11 14:50:10 +01:00