mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-10 15:40:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
25,910 Commits 170 Branches 263 Tags
Commit Graph

11443 Commits

Author SHA1 Message Date
Minos Galanakis
c6e68ed85d bignum_mod: Added mbedtls_mpi_opt_red_struct structure. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
0f718c9ed0 bignum_mod: Fixed code-style 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
f055ad61dc bignum_mod: Added static standard_modulus_setup(). 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
88e16dfa2a bignum_mod: Refactored mbedtls_mpi_mod_modulus_setup() 
This patch removes the `int_rep` input parameter for modular
setup, aiming to align it with the optred variant.

Test and test-suite helper functions have been updated
accordingly.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
bbe9db4b29 binum_mod: Added mbedtls_mpi_mod_optred_modulus_setup(). 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Paul Elliott
680233dc3f
Merge pull request #7680 from paul-elliott-arm/raw_ecp_mod_p448 
[Bignum] Split out raw ECP mod p448
 2023-06-16 13:46:25 +01:00
Dave Rodgman
e07c670e47 Allow all.sh to override intrinsics vs asm selection 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-16 13:21:28 +01:00
Valerio Setti
b46217d5c1 tls: never destroy a priavte key that is not owned/created by TLS module 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-16 13:18:52 +02:00
Valerio Setti
01cc88a46b config_psa: replace USE symbols with BASIC one for all KEY_PAIRs 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-16 12:27:02 +02:00
Valerio Setti
b0d9aaee1c psa: move PSA_WANT checks to check_crypto_config 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-16 12:26:26 +02:00
Valerio Setti
8bb5763a85 library: replace deprecated symbols with temporary _LEGACY ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-16 12:23:55 +02:00
Valerio Setti
0813b6f28d tls: optimize code in ssl_get_ecdh_params_from_cert() 
When MBEDTLS_PK_USE_PSA_EC_DATA is defined, opaque and non-opaque keys
are basically stored in the same way (only a diffferent ownership for
the key itself), so they should be treated similarly in the code.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-16 12:18:53 +02:00
Janos Follath
a426dc31cc
Merge pull request #7782 from gilles-peskine-arm/mbedtls_ecp_modulus_type-move 
Move mbedtls_ecp_modulus_type out of the public headers
 2023-06-16 11:12:57 +01:00
Dave Rodgman
9bb7e6f4ce Rename MBEDTLS_OPTIMIZE_ALWAYS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-16 09:41:21 +01:00
Dave Rodgman
48fd2ab5d5 Improve readability of unrolled AESCE code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-16 09:36:50 +01:00
Gilles Peskine
f45a5a0ddd
Merge pull request #7700 from silabs-Kusumit/PBKDF2_output_bytes 
PBKDF2: Output bytes
 2023-06-16 10:08:02 +02:00
Dave Rodgman
2dd15b3ab5 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 20:27:53 +01:00
Dave Rodgman
660cd378e1 Use MBEDTLS_OPTIMIZE_ALWAYS for gcm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:53:35 +01:00
Dave Rodgman
9149c32192 Use MBEDTLS_OPTIMIZE_ALWAYS for ccm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:50:21 +01:00
Dave Rodgman
f88a68cf51 Use MBEDTLS_OPTIMIZE_ALWAYS in aesce 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:46:41 +01:00
Dave Rodgman
6cfd9b54ae use MBEDTLS_OPTIMIZE_ALWAYS in AES-XTS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:46:23 +01:00
Dave Rodgman
a0b166e11e Use mbedtls_xor_no_simd from cmac and cbc 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:44:16 +01:00
Dave Rodgman
03bb526c24 Add a non-NEON variant of mbedtls_xor 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:43:24 +01:00
Dave Rodgman
b055f75c3d Introduce MBEDTLS_OPTIMIZE_ALWAYS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:42:59 +01:00
Dave Rodgman
7fdfd70b19 Introduce MBEDTLS_COMPILER_IS_GCC 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:42:25 +01:00
Gilles Peskine
637c049349 Move mbedtls_ecp_modulus_type out of the public headers 
This is an internal detail of the ECC arithmetic implementation, only
exposed for the sake of the unit tests

Mbed TLS 3.4.0 was released with the type mbedtls_ecp_modulus_type defined
in a public header, but without Doxygen documentation, and without any
public function or data structure using it. So removing it is not an API
break.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-15 19:07:41 +02:00
Kusumit Ghoderao
246e51fd0b Add cleanup for intermediate buffer 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-06-15 22:15:43 +05:30
Paul Elliott
a2e48f751b Split out mbedtls_ecp_mod_p448_raw() 
Switch testing over to using the generic raw functions.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-06-15 17:16:38 +01:00
Paul Elliott
b4df176610
Merge pull request #7637 from paul-elliott-arm/fixed_ecp_mod_p448 
[Bignum] Fixed width for ecp mod p448
 2023-06-15 17:12:02 +01:00
Dave Rodgman
1c4451d089 Unroll aesce_decrypt_block 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 16:28:00 +01:00
Dave Rodgman
96fdfb8e62 Unroll aesce_encrypt_block 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 16:26:20 +01:00
Przemek Stekiel
a05e9c1ec8 Fix selection of default FFDH group 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-15 17:07:16 +02:00
Przemek Stekiel
8c0a95374f Adapt remaining guards to FFDH 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-15 17:07:10 +02:00
Dave Rodgman
2e7d57270e
Merge pull request #7624 from daverodgman/aes-perf 
AES perf improvements
 2023-06-15 12:10:06 +01:00
Tom Cosgrove
6edf8b8c7b
Merge pull request #7451 from yanrayw/7376_aes_128bit_only 
Introduce config option of 128-bit key only in AES calculation
 2023-06-15 10:35:32 +01:00
Kusumit Ghoderao
d07761c19c add return statement 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-06-15 12:11:15 +05:30
Dave Rodgman
28a97acb3c code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-14 20:15:15 +01:00
Paul Elliott
bed9ac7b2d Optimise final 2 rounds 
Final two rounds logic could be significantly simplified.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-06-14 19:20:33 +01:00
Dave Rodgman
d05e7f1ab3 Do not use NEON for AES-CBC on aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-14 18:58:48 +01:00
Dave Rodgman
906c63cf35 Revert "improve cbc encrypt perf" 
This reverts commit f1e396c42724896b9d31ac727043da45a35d5e26.

Performance is slightly better with this reverted, especially
for AES-CBC 192.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-14 17:55:41 +01:00
Paul Elliott
b8f7305b02 Replace sizeof(mbedtls_mpi_uint) with ciL define 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-06-14 17:52:42 +01:00
Andrzej Kurek
15ddda9ff8 Remove PSA_TO_MD_ERR from ssl_tls.c 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-14 07:37:46 -04:00
Kusumit Ghoderao
257ea00199 Use output block as U_accumulator 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-06-14 15:55:11 +05:30
Paul Elliott
3646dc78bc Fix coding style issue 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-06-14 08:51:08 +01:00
Paul Elliott
436f2ad37c Three round solution 
Attempt to fix failing test by dealing with overflow with three rounds,
instead of previous subtract modulus solution. Also optimise out shifts
by using memcpy / memmove instead. Remove final sub to return canonical
result, as this is not required here.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-06-13 17:39:44 +01:00
Przemek Stekiel
7d42c0d0e5 Code cleanup #2 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-13 12:30:40 +02:00
Andrzej Kurek
a6033ac431 Add missing guards in tls 1.3 
Error translation is only used with these
defines on.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-13 05:46:47 -04:00
Andrzej Kurek
1e4a030b00 Fix wrong array size calculation in error translation code 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-13 05:46:47 -04:00
Andrzej Kurek
b22b9778c7 Move the ARRAY_LENGTH definition to common.h 
Reuse it in the library and tests.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-13 05:46:47 -04:00
Andrzej Kurek
1c7a99856f Add missing ifdefs 
Make sure that the error translating functions
are only defined when they're used.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-13 05:46:47 -04:00