mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-01 23:54:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
26,296 Commits 170 Branches 263 Tags
Commit Graph

11612 Commits

Author SHA1 Message Date
Przemek Stekiel
f595c5b69a Use valid guard for filling group list with EC groups 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-16 15:45:37 +02:00
Dave Rodgman
bd1add94c0 Respect -Os for everything except XTS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-16 13:50:14 +01:00
Minos Galanakis
de87461c23 ecp_curves: Updated the optimised reduction function pointer. 
This patch modifies the `mbedtls_mpi_opt_red_struct` to use an
mpi_uint * pointer and size_t limps arguments.

The methods interacting with this pointer have been updated
accordingly:

- mbedtls_mpi_mod_optred_modulus_setup
- mbedtls_ecp_modulus_setup

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
5c238d80cd bignum_mod: Updated documentation. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
65210952ec ecp_curves: Updated mbedtls_ecp_modulus_setup to use optimised reduction. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
1d3e332986 ecp_curves: Updated input argument for mbedtls_ecp_modulus_setup. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
be1bf15f76 bignum_mod: Updated optred_modulus_setup to use function input. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
c6e68ed85d bignum_mod: Added mbedtls_mpi_opt_red_struct structure. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
0f718c9ed0 bignum_mod: Fixed code-style 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
f055ad61dc bignum_mod: Added static standard_modulus_setup(). 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
88e16dfa2a bignum_mod: Refactored mbedtls_mpi_mod_modulus_setup() 
This patch removes the `int_rep` input parameter for modular
setup, aiming to align it with the optred variant.

Test and test-suite helper functions have been updated
accordingly.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Minos Galanakis
bbe9db4b29 binum_mod: Added mbedtls_mpi_mod_optred_modulus_setup(). 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-06-16 13:48:47 +01:00
Paul Elliott
680233dc3f
Merge pull request #7680 from paul-elliott-arm/raw_ecp_mod_p448 
[Bignum] Split out raw ECP mod p448
 2023-06-16 13:46:25 +01:00
Steve Lhomme
eb0f18acbc Don't use inet_pton() before Windows Vista 
On runtime it will attempt to get inet_pton() from ws2_32.dll
but it's not there and the DLL/program containing mbedtls will not load.

Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
 2023-06-16 14:34:11 +02:00
Steve Lhomme
d50a8cc77c Don't force the default windows version down 
The _WIN32_WINNT value will pick the default value for the SDK when
including windows.h.

Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
 2023-06-16 14:34:11 +02:00
Steve Lhomme
954553f5b1 Don't call wincrypt on builds older than Windows XP 
On runtime it will attempt to get CryptAcquireContext() from advapi32.dll
but it's not there and the DLL/program containing mbedtls will not load.

Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
 2023-06-16 14:34:11 +02:00
Dave Rodgman
e07c670e47 Allow all.sh to override intrinsics vs asm selection 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-16 13:21:28 +01:00
Valerio Setti
b46217d5c1 tls: never destroy a priavte key that is not owned/created by TLS module 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-16 13:18:52 +02:00
Valerio Setti
01cc88a46b config_psa: replace USE symbols with BASIC one for all KEY_PAIRs 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-16 12:27:02 +02:00
Valerio Setti
b0d9aaee1c psa: move PSA_WANT checks to check_crypto_config 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-16 12:26:26 +02:00
Valerio Setti
8bb5763a85 library: replace deprecated symbols with temporary _LEGACY ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-16 12:23:55 +02:00
Valerio Setti
0813b6f28d tls: optimize code in ssl_get_ecdh_params_from_cert() 
When MBEDTLS_PK_USE_PSA_EC_DATA is defined, opaque and non-opaque keys
are basically stored in the same way (only a diffferent ownership for
the key itself), so they should be treated similarly in the code.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-16 12:18:53 +02:00
Janos Follath
a426dc31cc
Merge pull request #7782 from gilles-peskine-arm/mbedtls_ecp_modulus_type-move 
Move mbedtls_ecp_modulus_type out of the public headers
 2023-06-16 11:12:57 +01:00
Dave Rodgman
9bb7e6f4ce Rename MBEDTLS_OPTIMIZE_ALWAYS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-16 09:41:21 +01:00
Dave Rodgman
48fd2ab5d5 Improve readability of unrolled AESCE code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-16 09:36:50 +01:00
Gilles Peskine
f45a5a0ddd
Merge pull request #7700 from silabs-Kusumit/PBKDF2_output_bytes 
PBKDF2: Output bytes
 2023-06-16 10:08:02 +02:00
Dave Rodgman
2dd15b3ab5 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 20:27:53 +01:00
Dave Rodgman
660cd378e1 Use MBEDTLS_OPTIMIZE_ALWAYS for gcm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:53:35 +01:00
Dave Rodgman
9149c32192 Use MBEDTLS_OPTIMIZE_ALWAYS for ccm 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:50:21 +01:00
Dave Rodgman
f88a68cf51 Use MBEDTLS_OPTIMIZE_ALWAYS in aesce 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:46:41 +01:00
Dave Rodgman
6cfd9b54ae use MBEDTLS_OPTIMIZE_ALWAYS in AES-XTS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:46:23 +01:00
Dave Rodgman
a0b166e11e Use mbedtls_xor_no_simd from cmac and cbc 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:44:16 +01:00
Dave Rodgman
03bb526c24 Add a non-NEON variant of mbedtls_xor 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:43:24 +01:00
Dave Rodgman
b055f75c3d Introduce MBEDTLS_OPTIMIZE_ALWAYS 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:42:59 +01:00
Dave Rodgman
7fdfd70b19 Introduce MBEDTLS_COMPILER_IS_GCC 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 18:42:25 +01:00
Gilles Peskine
637c049349 Move mbedtls_ecp_modulus_type out of the public headers 
This is an internal detail of the ECC arithmetic implementation, only
exposed for the sake of the unit tests

Mbed TLS 3.4.0 was released with the type mbedtls_ecp_modulus_type defined
in a public header, but without Doxygen documentation, and without any
public function or data structure using it. So removing it is not an API
break.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-15 19:07:41 +02:00
Kusumit Ghoderao
246e51fd0b Add cleanup for intermediate buffer 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-06-15 22:15:43 +05:30
Paul Elliott
a2e48f751b Split out mbedtls_ecp_mod_p448_raw() 
Switch testing over to using the generic raw functions.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-06-15 17:16:38 +01:00
Paul Elliott
b4df176610
Merge pull request #7637 from paul-elliott-arm/fixed_ecp_mod_p448 
[Bignum] Fixed width for ecp mod p448
 2023-06-15 17:12:02 +01:00
Dave Rodgman
1c4451d089 Unroll aesce_decrypt_block 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 16:28:00 +01:00
Dave Rodgman
96fdfb8e62 Unroll aesce_encrypt_block 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-15 16:26:20 +01:00
Przemek Stekiel
a05e9c1ec8 Fix selection of default FFDH group 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-15 17:07:16 +02:00
Przemek Stekiel
8c0a95374f Adapt remaining guards to FFDH 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-15 17:07:10 +02:00
Dave Rodgman
2e7d57270e
Merge pull request #7624 from daverodgman/aes-perf 
AES perf improvements
 2023-06-15 12:10:06 +01:00
Tom Cosgrove
6edf8b8c7b
Merge pull request #7451 from yanrayw/7376_aes_128bit_only 
Introduce config option of 128-bit key only in AES calculation
 2023-06-15 10:35:32 +01:00
Kusumit Ghoderao
d07761c19c add return statement 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-06-15 12:11:15 +05:30
Dave Rodgman
28a97acb3c code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-14 20:15:15 +01:00
Paul Elliott
bed9ac7b2d Optimise final 2 rounds 
Final two rounds logic could be significantly simplified.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-06-14 19:20:33 +01:00
Dave Rodgman
d05e7f1ab3 Do not use NEON for AES-CBC on aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-14 18:58:48 +01:00
Dave Rodgman
906c63cf35 Revert "improve cbc encrypt perf" 
This reverts commit f1e396c42724896b9d31ac727043da45a35d5e26.

Performance is slightly better with this reverted, especially
for AES-CBC 192.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-14 17:55:41 +01:00