From 2fcf04f46869cbe3e3bdb601a83659705206b345 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 14 Jun 2019 18:23:03 +0200 Subject: [PATCH 001/191] Run demo scripts and check that they work run_demos.py is the frontend to a framework for smoke-testing the sample programs. It runs scripts called programs/*/*_demo.sh ("demo scripts") and check that they succeed. A typical demo script runs one sample program or a combination of sample programs to demonstrate their usage. Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 41 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100755 tests/scripts/run_demos.py diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py new file mode 100755 index 000000000..3d4b1e0c6 --- /dev/null +++ b/tests/scripts/run_demos.py @@ -0,0 +1,41 @@ +#!/usr/bin/env python3 +"""Run the Mbed TLS demo scripts. +""" +import glob +import subprocess +import sys + +def run_demo(demo): + """Run the specified demo script. Return True if it succeeds.""" + returncode = subprocess.call([demo]) + return returncode == 0 + +def run_demos(demos): + """Run the specified demos and print summary information about failures. + + Return True if all demos passed and False if a demo fails. + """ + failures = [] + for demo in demos: + print('#### {} ####'.format(demo)) + if not run_demo(demo): + failures.append(demo) + print('{}: FAIL'.format(demo)) + print('') + successes = len(demos) - len(failures) + print('{}/{} demos passed'.format(successes, len(demos))) + if failures: + print('Failures:', *failures) + return not failures + +def run_all_demos(): + """Run all the available demos. + + Return True if all demos passed and False if a demo fails. + """ + all_demos = glob.glob('programs/*/*_demo.sh') + return run_demos(all_demos) + +if __name__ == '__main__': + if not run_all_demos(): + sys.exit(1) From d1b5f6f6099f097a4464751c4d38b09ebfdb36cd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 Apr 2020 17:33:36 +0200 Subject: [PATCH 002/191] Move common code of demo scripts into a library The new file programs/demo_common.sh contains initialization code, utility functions and cleanup code meant to be used by all demo scripts written in sh. Initial features: * msg: Display a message. * run, run_bad: Run a command, visibly. * $root_dir, $programs_dir: location of the mbedtls source tree. * $files_to_clean: files that are cleaned up on exit. Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 89 +++++++++++++++++++++++++++++++++ programs/psa/key_ladder_demo.sh | 40 ++++----------- 2 files changed, 98 insertions(+), 31 deletions(-) create mode 100644 programs/demo_common.sh diff --git a/programs/demo_common.sh b/programs/demo_common.sh new file mode 100644 index 000000000..91b33b9e8 --- /dev/null +++ b/programs/demo_common.sh @@ -0,0 +1,89 @@ +## Common shell functions used by demo scripts programs/*/*.sh. + +## How to write a demo script +## ========================== +## +## Include this file near the top of each demo script: +## . "${0%/*}/../demo_common.sh" +## +## As the last thing in the script, call the cleanup function. +## +## You can use the functions and variables described below. + +set -e -u + +## $root_dir is the root directory of the Mbed TLS source tree. +root_dir="${0%/*}" +n=4 # limit the search depth +while ! [ -d "$root_dir/programs" ] || ! [ -d "$root_dir/library" ]; do + if [ $n -eq 0 ]; then + echo >&2 "This doesn't seem to be an Mbed TLS source tree." + exit 125 + fi + n=$((n - 1)) + case $root_dir in + .) root_dir="..";; + ..|?*/..) root_dir="$root_dir/..";; + ?*/*) root_dir="${root_dir%/*}";; + /*) root_dir="/";; + *) root_dir=".";; + esac +done + +## $programs_dir is the directory containing the sample programs. +programs_dir="$root_dir/programs" + +## msg LINE... +## msg Date: Thu, 23 Apr 2020 17:50:26 +0200 Subject: [PATCH 003/191] Demo scripts: create a seedfile if the configuration requires it Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index 91b33b9e8..fcd075285 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -71,6 +71,14 @@ run_bad () { not "$@" } +## config_has SYMBOL... +## Succeeds if the library configuration has all SYMBOLs set. +config_has () { + for x in "$@"; do + "$programs_dir/test/query_compile_time_config" "$x" + done +} + ## Add the names of files to clean up to this whitespace-separated variable. ## The file names must not contain whitespace characters. files_to_clean= @@ -87,3 +95,11 @@ cleanup () { trap 'cleanup; trap - HUP; kill -HUP $$' HUP trap 'cleanup; trap - INT; kill -INT $$' INT trap 'cleanup; trap - TERM; kill -TERM $$' TERM + +if config_has MBEDTLS_ENTROPY_NV_SEED; then + # Create a seedfile that's sufficiently long in all library configurations. + # This is necessary for programs that use randomness. + # Assume that the name of the seedfile is the default name. + files_to_clean="$files_to_clean seedfile" + dd if=/dev/urandom of=seedfile ibs=64 obs=64 count=1 +fi From b2bcdc1c1746e8beb8d2ff23c54f15bffa9fd450 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 Apr 2020 18:50:37 +0200 Subject: [PATCH 004/191] Let demo scripts declare their dependencies Demo scripts should declare their build-time dependencies, to make them more user-friendly. If a dependency is not met, users should see an explicit message rather than an incomprehensible error. Don't rely on the dependencies of individual programs because some demo scripts use multiple programs and because some scripts might have additional requirements. Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index fcd075285..78763b82e 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -6,6 +6,10 @@ ## Include this file near the top of each demo script: ## . "${0%/*}/../demo_common.sh" ## +## Start with a "msg" call that explains the purpose of the script. +## Then call the "depends_on" function to ensure that all config +## dependencies are met. +## ## As the last thing in the script, call the cleanup function. ## ## You can use the functions and variables described below. @@ -79,6 +83,20 @@ config_has () { done } +## depends_on SYMBOL... +## Exit if the library configuration does not have all SYMBOLs set. +depends_on () { + if ! config_has "$@"; then + cat >&2 < Date: Wed, 22 Apr 2020 21:45:49 +0200 Subject: [PATCH 005/191] Declare the dependencies of key_ladder_demo.sh Signed-off-by: Gilles Peskine --- programs/psa/key_ladder_demo.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh index 0186183f9..dbe925b51 100755 --- a/programs/psa/key_ladder_demo.sh +++ b/programs/psa/key_ladder_demo.sh @@ -23,6 +23,8 @@ create a master key, derive a key from it and use that key to wrap the derived key using an AEAD algorithm. EOF +depends_on MBEDTLS_SHA256_C MBEDTLS_MD_C MBEDTLS_AES_C MBEDTLS_CCM_C MBEDTLS_PSA_CRYPTO_C MBEDTLS_FS_IO + program="${0%/*}"/key_ladder_demo if [ -e master.key ]; then From 82b2727e51d919e5ff742661d862aca64ddfeeba Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 14 Jun 2019 18:27:03 +0200 Subject: [PATCH 006/191] Run demo scripts in some builds Run the sample program demo scripts in builds with a configuration that is at least as complete as the default configuration. Do not run sample programs in all configurations since they are expected to fail if a required feature is missing. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index e3db6fdbd..747a2c80b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1003,6 +1003,9 @@ component_test_default_out_of_box () { msg "selftest: make, default config (out-of-box)" # ~10s programs/test/selftest + + msg "program demos: make, default config (out-of-box)" # ~10s + tests/scripts/run_demos.py } component_test_default_cmake_gcc_asan () { @@ -1013,6 +1016,9 @@ component_test_default_cmake_gcc_asan () { msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s make test + msg "program demos (ASan build)" # ~10s + tests/scripts/run_demos.py + msg "test: selftest (ASan build)" # ~ 10s programs/test/selftest @@ -1858,6 +1864,9 @@ component_test_full_cmake_clang () { msg "test: cpp_dummy_build (full config, clang)" # ~ 1s programs/test/cpp_dummy_build + msg "program demos (full config, clang)" # ~10s + tests/scripts/run_demos.py + msg "test: psa_constant_names (full config, clang)" # ~ 1s tests/scripts/test_psa_constant_names.py @@ -2021,6 +2030,9 @@ component_test_full_deprecated_warning () { msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s make test + + msg "program demos: full config + MBEDTLS_TEST_DEPRECATED" # ~10s + tests/scripts/run_demos.py } # Check that the specified libraries exist and are empty. @@ -4606,6 +4618,9 @@ component_test_memsan () { msg "test: main suites (MSan)" # ~ 10s make test + msg "program demos (MSan)" # ~20s + tests/scripts/run_demos.py + msg "test: ssl-opt.sh (MSan)" # ~ 1 min tests/ssl-opt.sh From c142620724ace3c56f8096956482be13f27a83ad Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:29:12 +0200 Subject: [PATCH 007/191] cleanup is part of the external interface Since there's no EXIT trap in plain sh, the main script must call it explicitly when it exits. Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index 78763b82e..ef2acfcc0 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -101,15 +101,18 @@ EOF ## The file names must not contain whitespace characters. files_to_clean= +## Call this function at the end of each script. +## It is called automatically if the script is killed by a signal. +cleanup () { + rm -f -- $files_to_clean +} + ################################################################ ## End of the public interfaces. Code beyond this point is not ## meant to be called directly from a demo script. -cleanup () { - rm -f -- $files_to_clean -} trap 'cleanup; trap - HUP; kill -HUP $$' HUP trap 'cleanup; trap - INT; kill -INT $$' INT trap 'cleanup; trap - TERM; kill -TERM $$' TERM From fc09d27a92a0d8d7205577299bfab91e2c12ff4a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:29:57 +0200 Subject: [PATCH 008/191] Print only missing dependencies Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index ef2acfcc0..ff3f0408c 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -86,11 +86,17 @@ config_has () { ## depends_on SYMBOL... ## Exit if the library configuration does not have all SYMBOLs set. depends_on () { - if ! config_has "$@"; then + m= + for x in "$@"; do + if ! config_has "$x"; then + m="$m $x" + fi + done + if [ -n "$m" ]; then cat >&2 < Date: Sun, 26 Apr 2020 22:31:35 +0200 Subject: [PATCH 009/191] Explain why $root_dir needs a complicated calculation Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index ff3f0408c..d8fcda554 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -18,6 +18,10 @@ set -e -u ## $root_dir is the root directory of the Mbed TLS source tree. root_dir="${0%/*}" +# Find a nice path to the root directory, avoiding unnecessary "../". +# The code supports demo scripts nested up to 4 levels deep. +# The code works no matter where the demo script is relative to the current +# directory, even if it is called with a relative path. n=4 # limit the search depth while ! [ -d "$root_dir/programs" ] || ! [ -d "$root_dir/library" ]; do if [ $n -eq 0 ]; then @@ -35,6 +39,7 @@ while ! [ -d "$root_dir/programs" ] || ! [ -d "$root_dir/library" ]; do done ## $programs_dir is the directory containing the sample programs. +# Assume an in-tree build. programs_dir="$root_dir/programs" ## msg LINE... From 198d87ad527c494d31840c878840097966c5486c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:33:48 +0200 Subject: [PATCH 010/191] Minor readability improvements Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index 3d4b1e0c6..c8e399665 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -18,7 +18,8 @@ def run_demos(demos): failures = [] for demo in demos: print('#### {} ####'.format(demo)) - if not run_demo(demo): + success = run_demo(demo) + if not success: failures.append(demo) print('{}: FAIL'.format(demo)) print('') @@ -36,6 +37,9 @@ def run_all_demos(): all_demos = glob.glob('programs/*/*_demo.sh') return run_demos(all_demos) +def main(): + success = run_all_demos() + sys.exit(0 if success else 1) + if __name__ == '__main__': - if not run_all_demos(): - sys.exit(1) + main() From 086f85f0556f0f9644382e60a4e83e090e0c7a75 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:43:05 +0200 Subject: [PATCH 011/191] Fix some mistakes in descriptive messages Signed-off-by: Gilles Peskine --- programs/psa/key_ladder_demo.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh index dbe925b51..bb4a24f75 100755 --- a/programs/psa/key_ladder_demo.sh +++ b/programs/psa/key_ladder_demo.sh @@ -19,8 +19,8 @@ msg <<'EOF' This script demonstrates the use of the PSA cryptography interface to -create a master key, derive a key from it and use that key to wrap -the derived key using an AEAD algorithm. +create a master key, derive a key from it and use that derived key to +wrap some data using an AEAD algorithm. EOF depends_on MBEDTLS_SHA256_C MBEDTLS_MD_C MBEDTLS_AES_C MBEDTLS_CCM_C MBEDTLS_PSA_CRYPTO_C MBEDTLS_FS_IO @@ -49,7 +49,7 @@ run "Compare the unwrapped data with the original input." \ cmp input.txt hello_world.txt files_to_clean="$files_to_clean hellow_orld.txt" -run_bad "Derive a different key and attempt to unwrap the data. This must fail." \ +run_bad "Derive a different key and attempt to unwrap the data." \ "$program" unwrap master=master.key input=hello_world.wrap output=hellow_orld.txt label=hellow label=orld files_to_clean="$files_to_clean hello.key" From 9fdc657cbf33dfb24f77c86e31a0af15b2d7a94e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:51:05 +0200 Subject: [PATCH 012/191] Add --quiet option to suppress demos' output Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 33 +++++++++++++++++++++++---------- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index c8e399665..fcf13cd8e 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -1,44 +1,57 @@ #!/usr/bin/env python3 """Run the Mbed TLS demo scripts. """ +import argparse import glob import subprocess import sys -def run_demo(demo): +def run_demo(demo, quiet=False): """Run the specified demo script. Return True if it succeeds.""" - returncode = subprocess.call([demo]) + args = {} + if quiet: + args['stdout'] = subprocess.DEVNULL + args['stderr'] = subprocess.DEVNULL + returncode = subprocess.call([demo], **args) return returncode == 0 -def run_demos(demos): +def run_demos(demos, quiet=False): """Run the specified demos and print summary information about failures. Return True if all demos passed and False if a demo fails. """ failures = [] for demo in demos: - print('#### {} ####'.format(demo)) - success = run_demo(demo) + if not quiet: + print('#### {} ####'.format(demo)) + success = run_demo(demo, quiet=quiet) if not success: failures.append(demo) - print('{}: FAIL'.format(demo)) - print('') + if not quiet: + print('{}: FAIL'.format(demo)) + if not quiet: + print('') successes = len(demos) - len(failures) print('{}/{} demos passed'.format(successes, len(demos))) if failures: print('Failures:', *failures) return not failures -def run_all_demos(): +def run_all_demos(quiet=False): """Run all the available demos. Return True if all demos passed and False if a demo fails. """ all_demos = glob.glob('programs/*/*_demo.sh') - return run_demos(all_demos) + return run_demos(all_demos, quiet=quiet) def main(): - success = run_all_demos() + parser = argparse.ArgumentParser(description=__doc__) + parser.add_argument('--quiet', '-q', + action='store_true', + help="suppress the output of demos") + options = parser.parse_args() + success = run_all_demos(quiet=options.quiet) sys.exit(0 if success else 1) if __name__ == '__main__': From 1b01559fea0dcac3f133120a4def3803b278afe7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 Apr 2020 10:39:20 +0200 Subject: [PATCH 013/191] Error out if run from the wrong directory Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index fcf13cd8e..6d86a9bf2 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -43,6 +43,8 @@ def run_all_demos(quiet=False): Return True if all demos passed and False if a demo fails. """ all_demos = glob.glob('programs/*/*_demo.sh') + if not all_demos: + raise Exception('No demos found. run_demos needs to operate from the Mbed TLS toplevel directory.') return run_demos(all_demos, quiet=quiet) def main(): From 2f8c545d3dfb63b7f99754abac913245fb17a4a8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 Apr 2020 11:00:59 +0200 Subject: [PATCH 014/191] Make --quiet a little less quiet Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index 6d86a9bf2..6c6142c14 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -29,11 +29,13 @@ def run_demos(demos, quiet=False): failures.append(demo) if not quiet: print('{}: FAIL'.format(demo)) - if not quiet: + if quiet: + print('{}: {}'.format(demo, 'PASS' if success else 'FAIL')) + else: print('') successes = len(demos) - len(failures) print('{}/{} demos passed'.format(successes, len(demos))) - if failures: + if failures and not quiet: print('Failures:', *failures) return not failures From 63c3534981dff55c6f4f8831f82dc7639d2daa1b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 Apr 2020 14:34:38 +0200 Subject: [PATCH 015/191] Pacify Pylint Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index 6c6142c14..6a63d232f 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -46,6 +46,7 @@ def run_all_demos(quiet=False): """ all_demos = glob.glob('programs/*/*_demo.sh') if not all_demos: + # Keep the message on one line. pylint: disable=line-too-long raise Exception('No demos found. run_demos needs to operate from the Mbed TLS toplevel directory.') return run_demos(all_demos, quiet=quiet) From c25ae6f48c41362073ed31368ccc667971ed13b8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Jul 2023 19:53:04 +0200 Subject: [PATCH 016/191] Use demo_common.sh in dlopen test script Signed-off-by: Gilles Peskine --- programs/test/dlopen_demo.sh | 33 ++++++--------------------------- 1 file changed, 6 insertions(+), 27 deletions(-) diff --git a/programs/test/dlopen_demo.sh b/programs/test/dlopen_demo.sh index a6a9022fc..4c5384c0c 100755 --- a/programs/test/dlopen_demo.sh +++ b/programs/test/dlopen_demo.sh @@ -18,33 +18,12 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -e -u +. "${0%/*}/../demo_common.sh" -program_name="dlopen" -program_dir="${0%/*}" -program="$program_dir/$program_name" +msg "Test the dynamic loading of libmbed*" -if [ ! -e "$program" ]; then - # Look for programs in the current directory and the directories above it - for dir in "." ".." "../.."; do - program_dir="$dir/programs/test" - program="$program_dir/$program_name" - if [ -e "$program" ]; then - break - fi - done - if [ ! -e "$program" ]; then - echo "Could not find $program_name program" - - echo "Make sure that Mbed TLS is built as a shared library." \ - "If building out-of-tree, this script must be run" \ - "from the project build directory." - exit 1 - fi -fi - -top_dir="$program_dir/../.." -library_dir="$top_dir/library" +program="$programs_dir/test/dlopen" +library_dir="$root_dir/library" # ELF-based Unix-like (Linux, *BSD, Solaris, ...) if [ -n "${LD_LIBRARY_PATH-}" ]; then @@ -62,6 +41,6 @@ else fi export DYLD_LIBRARY_PATH -echo "Running dynamic loading test program: $program" -echo "Loading libraries from: $library_dir" +msg "Running dynamic loading test program: $program" +msg "Loading libraries from: $library_dir" "$program" From f5d2d1c7cdc3c62339dc42b7e4d1ef7437826a4e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Jul 2023 20:13:53 +0200 Subject: [PATCH 017/191] Skip dlopen demo in static builds Signed-off-by: Gilles Peskine --- programs/test/dlopen_demo.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/programs/test/dlopen_demo.sh b/programs/test/dlopen_demo.sh index 4c5384c0c..b162d7b5f 100755 --- a/programs/test/dlopen_demo.sh +++ b/programs/test/dlopen_demo.sh @@ -25,6 +25,14 @@ msg "Test the dynamic loading of libmbed*" program="$programs_dir/test/dlopen" library_dir="$root_dir/library" +# Skip this test if we don't have a shared library build. Detect this +# through the absence of the demo program. +if [ ! -e "$program" ]; then + msg "$0: this demo requires a shared library build." + # Exit with a success status so that this counts as a pass for run_demos.py. + exit +fi + # ELF-based Unix-like (Linux, *BSD, Solaris, ...) if [ -n "${LD_LIBRARY_PATH-}" ]; then LD_LIBRARY_PATH="$library_dir:$LD_LIBRARY_PATH" From f1517e690ae5745cdd091e6b34fa49a08f32daca Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Jul 2023 20:59:14 +0200 Subject: [PATCH 018/191] PermissionIssueTracker is obsoleted by ShebangIssueTracker ShebangIssueTracker implements the rule that scripts must be executable if and only if they have a shebang line. By removing PermissionIssueTracker, we now allow files with any extension to be executable (provided they have a shebang line), and allow *.sh and *.pl to be non-executable modules if they don't have a shebang line (as was already the case for *.py). Signed-off-by: Gilles Peskine --- tests/scripts/check_files.py | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index 352b55eaa..238a83fab 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -162,24 +162,6 @@ def is_windows_file(filepath): return ext in ('.bat', '.dsp', '.dsw', '.sln', '.vcxproj') -class PermissionIssueTracker(FileIssueTracker): - """Track files with bad permissions. - - Files that are not executable scripts must not be executable.""" - - heading = "Incorrect permissions:" - - # .py files can be either full scripts or modules, so they may or may - # not be executable. - suffix_exemptions = frozenset({".py"}) - - def check_file_for_issue(self, filepath): - is_executable = os.access(filepath, os.X_OK) - should_be_executable = filepath.endswith((".sh", ".pl")) - if is_executable != should_be_executable: - self.files_with_issues[filepath] = None - - class ShebangIssueTracker(FileIssueTracker): """Track files with a bad, missing or extraneous shebang line. @@ -386,7 +368,6 @@ class IntegrityChecker: self.logger = None self.setup_logger(log_file) self.issues_to_check = [ - PermissionIssueTracker(), ShebangIssueTracker(), EndOfFileNewlineIssueTracker(), Utf8BomIssueTracker(), From 5cb8605d796550483fad9616b397c51c4af04869 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 27 Aug 2023 21:31:47 +0200 Subject: [PATCH 019/191] ssl-opt.sh doesn't actually use OPENSSL_LEGACY, so remove it Signed-off-by: Gilles Peskine --- tests/ssl-opt.sh | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0164b45cd..55e88128b 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -81,14 +81,6 @@ TCP_CLIENT="$PERL scripts/tcp_client.pl" # alternative versions of OpenSSL and GnuTLS (no default path) -if [ -n "${OPENSSL_LEGACY:-}" ]; then - O_LEGACY_SRV="$OPENSSL_LEGACY s_server -www -cert data_files/server5.crt -key data_files/server5.key" - O_LEGACY_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_LEGACY s_client" -else - O_LEGACY_SRV=false - O_LEGACY_CLI=false -fi - if [ -n "${OPENSSL_NEXT:-}" ]; then O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key" O_NEXT_SRV_EARLY_DATA="$OPENSSL_NEXT s_server -early_data -cert data_files/server5.crt -key data_files/server5.key" @@ -1910,11 +1902,6 @@ O_CLI="$O_CLI -connect 127.0.0.1:+SRV_PORT" G_SRV="$G_SRV -p $SRV_PORT" G_CLI="$G_CLI -p +SRV_PORT" -if [ -n "${OPENSSL_LEGACY:-}" ]; then - O_LEGACY_SRV="$O_LEGACY_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem" - O_LEGACY_CLI="$O_LEGACY_CLI -connect 127.0.0.1:+SRV_PORT" -fi - # Newer versions of OpenSSL have a syntax to enable all "ciphers", even # low-security ones. This covers not just cipher suites but also protocol # versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on From 5f5e3886c57c37d3eb8fb7ae05675e1063ef51cb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 27 Aug 2023 21:32:36 +0200 Subject: [PATCH 020/191] Minor robustness improvement Let openssl use any experimental or obsolete cipher that's not in ALL. Signed-off-by: Gilles Peskine --- tests/compat.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/compat.sh b/tests/compat.sh index 2e03e44f3..dbe1cacc1 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -592,7 +592,7 @@ setup_arguments() fi M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE" - O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$O_MODE" + O_SERVER_ARGS="-accept $PORT -cipher ALL,COMPLEMENTOFALL -$O_MODE" G_SERVER_ARGS="-p $PORT --http $G_MODE" G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE" From e29203be88c1ee6ed850eb9702953a5d3dfb23a3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 27 Aug 2023 21:43:00 +0200 Subject: [PATCH 021/191] Stop using "legacy" OpenSSL and GnuTLS None of the tests actually need GNUTLS_LEGACY (3.3.8): GNUTLS (3.4.10) works. None of the tests actually need OPENSSL_LEGACY (1.0.1j): OPENSSL (1.0.2g) works. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 4 ++-- tests/scripts/basic-build-test.sh | 4 +--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8e978ac72..b456c300f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1855,7 +1855,7 @@ component_test_full_cmake_clang () { tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' msg "test: compat.sh NULL (full config)" # ~ 2 min - env OPENSSL="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL' + tests/compat.sh -e '^$' -f 'NULL' msg "test: compat.sh ARIA + ChachaPoly" env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' @@ -2242,7 +2242,7 @@ component_test_no_use_psa_crypto_full_cmake_asan() { tests/compat.sh msg "test: compat.sh NULL (full minus MBEDTLS_USE_PSA_CRYPTO)" - env OPENSSL="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -f 'NULL' + tests/compat.sh -f 'NULL' msg "test: compat.sh ARIA + ChachaPoly (full minus MBEDTLS_USE_PSA_CRYPTO)" env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 32be0eef1..69b25a418 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -124,9 +124,7 @@ echo '################ compat.sh ################' sh compat.sh echo - echo '#### compat.sh: legacy (null)' - OPENSSL="$OPENSSL_LEGACY" \ - GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" \ + echo '#### compat.sh: null cipher' sh compat.sh -e '^$' -f 'NULL' echo From 7be571ac853ef94774d138e033d0f348411644cf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 27 Aug 2023 21:39:21 +0200 Subject: [PATCH 022/191] Remove GNUTLS_LEGACY and OPENSSL_LEGACY They aren't used anywhere. Keep the command line options of all.sh to avoid breaking any wrapper scripts that people might have. Signed-off-by: Gilles Peskine --- scripts/output_env.sh | 21 ------------------- tests/scripts/all.sh | 34 +++++++++++-------------------- tests/scripts/basic-build-test.sh | 6 ------ 3 files changed, 12 insertions(+), 49 deletions(-) diff --git a/scripts/output_env.sh b/scripts/output_env.sh index 535613298..302f3fdaa 100755 --- a/scripts/output_env.sh +++ b/scripts/output_env.sh @@ -170,13 +170,6 @@ echo print_version "$OPENSSL" "version" "default" echo -if [ -n "${OPENSSL_LEGACY+set}" ]; then - print_version "$OPENSSL_LEGACY" "version" "legacy" -else - echo " * openssl (legacy): Not configured." -fi -echo - if [ -n "${OPENSSL_NEXT+set}" ]; then print_version "$OPENSSL_NEXT" "version" "next" else @@ -192,20 +185,6 @@ echo print_version "$GNUTLS_SERV" "--version" "default" "head -n 1" echo -if [ -n "${GNUTLS_LEGACY_CLI+set}" ]; then - print_version "$GNUTLS_LEGACY_CLI" "--version" "legacy" "head -n 1" -else - echo " * gnutls-cli (legacy): Not configured." -fi -echo - -if [ -n "${GNUTLS_LEGACY_SERV+set}" ]; then - print_version "$GNUTLS_LEGACY_SERV" "--version" "legacy" "head -n 1" -else - echo " * gnutls-serv (legacy): Not configured." -fi -echo - echo " * Installed asan versions:" if type dpkg-query >/dev/null 2>/dev/null; then if ! dpkg-query -f '${Status} ${Package}: ${Version}\n' -W 'libasan*' | diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b456c300f..8b9a3343c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -50,10 +50,13 @@ # * G++ # * arm-gcc and mingw-gcc # * ArmCC 5 and ArmCC 6, unless invoked with --no-armcc -# * OpenSSL and GnuTLS command line tools, recent enough for the -# interoperability tests. If they don't support old features which we want -# to test, then a legacy version of these tools must be present as well -# (search for LEGACY below). +# * OpenSSL and GnuTLS command line tools, in suitable versions for the +# interoperability tests. The following are the official versions at the +# time of writing: +# * GNUTLS_{CLI,SERV} = 3.4.10 +# * GNUTLS_NEXT_{CLI,SERV} = 3.7.2 +# * OPENSSL = 1.0.2g (without Debian/Ubuntu patches) +# * OPENSSL_NEXT = 1.1.1a # See the invocation of check_tools below for details. # # This script must be invoked from the toplevel directory of a git @@ -165,12 +168,9 @@ pre_initialize_variables () { # Default commands, can be overridden by the environment : ${OPENSSL:="openssl"} - : ${OPENSSL_LEGACY:="$OPENSSL"} : ${OPENSSL_NEXT:="$OPENSSL"} : ${GNUTLS_CLI:="gnutls-cli"} : ${GNUTLS_SERV:="gnutls-serv"} - : ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"} - : ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build} : ${ARMC5_BIN_DIR:=/usr/bin} : ${ARMC6_BIN_DIR:=/usr/bin} @@ -286,10 +286,7 @@ Tool path options: --gcc-latest= Latest version of GCC available --gnutls-cli= GnuTLS client executable to use for most tests. --gnutls-serv= GnuTLS server executable to use for most tests. - --gnutls-legacy-cli= GnuTLS client executable to use for legacy tests. - --gnutls-legacy-serv= GnuTLS server executable to use for legacy tests. --openssl= OpenSSL executable to use for most tests. - --openssl-legacy= OpenSSL executable to use for legacy tests.. --openssl-next= OpenSSL executable to use for recent things like ARIA EOF } @@ -458,8 +455,8 @@ pre_parse_command_line () { --gcc-earliest) shift; GCC_EARLIEST="$1";; --gcc-latest) shift; GCC_LATEST="$1";; --gnutls-cli) shift; GNUTLS_CLI="$1";; - --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; - --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";; + --gnutls-legacy-cli) shift;; # ignored for backward compatibility + --gnutls-legacy-serv) shift;; # ignored for backward compatibility --gnutls-serv) shift; GNUTLS_SERV="$1";; --help|-h) usage; exit;; --keep-going|-k) KEEP_GOING=1;; @@ -473,7 +470,6 @@ pre_parse_command_line () { --no-memory) MEMORY=0;; --no-quiet) QUIET=0;; --openssl) shift; OPENSSL="$1";; - --openssl-legacy) shift; OPENSSL_LEGACY="$1";; --openssl-next) shift; OPENSSL_NEXT="$1";; --outcome-file) shift; MBEDTLS_TEST_OUTCOME_FILE="$1";; --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";; @@ -728,12 +724,9 @@ pre_print_configuration () { echo "SEED: ${SEED-"UNSET"}" echo echo "OPENSSL: $OPENSSL" - echo "OPENSSL_LEGACY: $OPENSSL_LEGACY" echo "OPENSSL_NEXT: $OPENSSL_NEXT" echo "GNUTLS_CLI: $GNUTLS_CLI" echo "GNUTLS_SERV: $GNUTLS_SERV" - echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI" - echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV" echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR" echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR" } @@ -757,13 +750,10 @@ pre_check_tools () { if [ -n "${SEED-}" ]; then export SEED fi - set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" + set "$@" OPENSSL="$OPENSSL" set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV" - set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" - set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" - check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \ - "$GNUTLS_CLI" "$GNUTLS_SERV" \ - "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" + check_tools "$OPENSSL" "$OPENSSL_NEXT" \ + "$GNUTLS_CLI" "$GNUTLS_SERV" ;; esac diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 69b25a418..bee6b908a 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -48,11 +48,8 @@ if [ -d library -a -d include -a -d tests ]; then :; else fi : ${OPENSSL:="openssl"} -: ${OPENSSL_LEGACY:="$OPENSSL"} : ${GNUTLS_CLI:="gnutls-cli"} : ${GNUTLS_SERV:="gnutls-serv"} -: ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"} -: ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} # Used to make ssl-opt.sh deterministic. # @@ -78,11 +75,8 @@ CONFIG_BAK="$CONFIG_H.bak" # Step 0 - print build environment info OPENSSL="$OPENSSL" \ - OPENSSL_LEGACY="$OPENSSL_LEGACY" \ GNUTLS_CLI="$GNUTLS_CLI" \ GNUTLS_SERV="$GNUTLS_SERV" \ - GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" \ - GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" \ scripts/output_env.sh echo From 1783870681c31962a919a1107d9e872a4b1710e9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 28 Aug 2023 17:36:22 +0200 Subject: [PATCH 023/191] compat.sh: add --preserve-logs option Similar to ssl-opt.sh. Signed-off-by: Gilles Peskine --- tests/compat.sh | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/tests/compat.sh b/tests/compat.sh index dbe1cacc1..51c9bcdb5 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -108,6 +108,7 @@ FILTER="" EXCLUDE='NULL\|ARIA\|CHACHA20_POLY1305' VERBOSE="" MEMCHECK=0 +PRESERVE_LOGS=0 PEERS="OpenSSL$PEER_GNUTLS mbedTLS" # hidden option: skip DTLS with OpenSSL @@ -128,6 +129,7 @@ print_usage() { printf " -v|--verbose\tSet verbose output.\n" printf " --outcome-file\tFile where test outcomes are written\n" printf " \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n" + printf " --preserve-logs\tPreserve logs of successful tests as well\n" } get_options() { @@ -160,6 +162,9 @@ get_options() { --outcome-file) shift; MBEDTLS_TEST_OUTCOME_FILE=$1 ;; + --preserve-logs) + PRESERVE_LOGS=1 + ;; -h|--help) print_usage exit 0 @@ -842,12 +847,16 @@ record_outcome() { fi } +save_logs() { + cp $SRV_OUT c-srv-${TESTS}.log + cp $CLI_OUT c-cli-${TESTS}.log +} + # display additional information if test case fails report_fail() { FAIL_PROMPT="outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log" record_outcome "FAIL" "$FAIL_PROMPT" - cp $SRV_OUT c-srv-${TESTS}.log - cp $CLI_OUT c-cli-${TESTS}.log + save_logs echo " ! $FAIL_PROMPT" if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then @@ -966,6 +975,9 @@ run_client() { case $RESULT in "0") record_outcome "PASS" + if [ "$PRESERVE_LOGS" -gt 0 ]; then + save_logs + fi ;; "1") record_outcome "SKIP" From 2c40b9059837cdecb55b3393813b77c426edf8fc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 30 Aug 2023 16:38:56 +0200 Subject: [PATCH 024/191] ssl-opt.sh doesn't actually use OPENSSL_LEGACY: remove unused function Signed-off-by: Gilles Peskine --- tests/ssl-opt.sh | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 55e88128b..1f2aac2e6 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -636,20 +636,6 @@ requires_gnutls_next() { fi } -# skip next test if OpenSSL-legacy isn't available -requires_openssl_legacy() { - if [ -z "${OPENSSL_LEGACY_AVAILABLE:-}" ]; then - if which "${OPENSSL_LEGACY:-}" >/dev/null 2>&1; then - OPENSSL_LEGACY_AVAILABLE="YES" - else - OPENSSL_LEGACY_AVAILABLE="NO" - fi - fi - if [ "$OPENSSL_LEGACY_AVAILABLE" = "NO" ]; then - SKIP_NEXT="YES" - fi -} - requires_openssl_next() { if [ -z "${OPENSSL_NEXT_AVAILABLE:-}" ]; then if which "${OPENSSL_NEXT:-}" >/dev/null 2>&1; then From 745af9f47bc3252708dd425b0f572f59ca122f1b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 15:47:07 +0100 Subject: [PATCH 025/191] Extend testing of aes.o options Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 37 ++++++++++++++++++++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9e1d84f5d..20b7fda8c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3934,13 +3934,25 @@ component_build_tfm() { make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" } -component_build_aes_variations() { # ~45s +component_build_aes_variations() { # 3m20s # aes.o has many #if defined(...) guards that intersect in complex ways. # Test that all the combinations build cleanly. The most common issue is # unused variables/functions, so ensure -Wunused is set. msg "build: aes.o for all combinations of relevant config options" + # check to see if we can enable MBEDTLS_AES_USE_HARDWARE_ONLY - require + # Linux (so we can check for CPU flags) + if [[ "$OSTYPE" == "linux-gnu" ]]; then + # Runtime detection is supported on Linux, so it's safe to set these here + AESNI_OPTIONS="set unset" + AESCE_OPTIONS="set unset" + else + # otherwise leave them unset + AESNI_OPTIONS="unset" + AESCE_OPTIONS="unset" + fi + for a in set unset; do for b in set unset; do for c in set unset; do @@ -3948,6 +3960,20 @@ component_build_aes_variations() { # ~45s for e in set unset; do for f in set unset; do for g in set unset; do + for h in set unset; do + for i in ${AESNI_OPTIONS}; do + for j in ${AESCE_OPTIONS}; do + if [[ "$h" == "set" ]]; then + if [[ !(("$HOSTTYPE" == "aarch64" && "$j" == "set") || ("$HOSTTYPE" == "x86_64" && "$i" == "set")) ]]; then + # MBEDTLS_AES_USE_HARDWARE_ONLY requires hw acceleration for the target platform + continue + fi + if [[ "$g" == "set" ]]; then + # MBEDTLS_AES_USE_HARDWARE_ONLY and MBEDTLS_PADLOCK_C is not supported + continue + fi + fi + echo ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT echo ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT echo ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES @@ -3955,6 +3981,9 @@ component_build_aes_variations() { # ~45s echo ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT echo ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES echo ./scripts/config.py $g MBEDTLS_PADLOCK_C + echo ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY + echo ./scripts/config.py $i MBEDTLS_AESNI_C + echo ./scripts/config.py $j MBEDTLS_AESCE_C ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT @@ -3963,6 +3992,9 @@ component_build_aes_variations() { # ~45s ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES ./scripts/config.py $g MBEDTLS_PADLOCK_C + ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY + ./scripts/config.py $i MBEDTLS_AESNI_C + ./scripts/config.py $j MBEDTLS_AESCE_C rm -f library/aes.o make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" @@ -3973,6 +4005,9 @@ component_build_aes_variations() { # ~45s done done done + done + done + done } component_test_no_platform () { From 450c1ff353e8e7431d916178a8a6f19f3568e4c3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 15:52:33 +0100 Subject: [PATCH 026/191] Fix some more incorrect guards in aes.c Signed-off-by: Dave Rodgman --- library/aes.c | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/library/aes.c b/library/aes.c index 0a7b26ce9..3e27cd39b 100644 --- a/library/aes.c +++ b/library/aes.c @@ -84,8 +84,10 @@ static int aes_padlock_ace = -1; /* * Forward S-box */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || \ + (!defined(MBEDTLS_AES_SETKEY_ENC_ALT) && (!defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \ + !defined(MBEDTLS_AES_ROM_TABLES))) || \ + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) static const unsigned char FSb[256] = { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, @@ -330,7 +332,8 @@ static const unsigned char RSb[256] = V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \ V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0) -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || \ + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) #define V(a, b, c, d) 0x##a##b##c##d static const uint32_t RT0[256] = { RT }; @@ -352,11 +355,12 @@ static const uint32_t RT3[256] = { RT }; #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif \ + /* !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) */ #undef RT -#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) /* * Round constants */ @@ -373,11 +377,12 @@ static const uint32_t RCON[10] = /* * Forward S-box & tables */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || \ + (!defined(MBEDTLS_AES_SETKEY_ENC_ALT) && (!defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \ + !defined(MBEDTLS_AES_ROM_TABLES))) || \ + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) static unsigned char FSb[256]; -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif #if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static uint32_t FT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) @@ -394,7 +399,8 @@ static uint32_t FT3[256]; static unsigned char RSb[256]; #endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */ -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && \ + !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) static uint32_t RT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) static uint32_t RT1[256]; @@ -482,7 +488,8 @@ static void aes_gen_tables(void) x = RSb[i]; -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || \ + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) RT0[i] = ((uint32_t) MUL(0x0E, x)) ^ ((uint32_t) MUL(0x09, x) << 8) ^ ((uint32_t) MUL(0x0D, x) << 16) ^ @@ -493,7 +500,8 @@ static void aes_gen_tables(void) RT2[i] = ROTL8(RT1[i]); RT3[i] = ROTL8(RT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif \ + /* !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) */ } } From 573dfc167ae1a3953e5613eeff67e3766fa73c34 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 16:27:29 +0100 Subject: [PATCH 027/191] Add testing for MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 20b7fda8c..238d4ccce 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3934,7 +3934,7 @@ component_build_tfm() { make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" } -component_build_aes_variations() { # 3m20s +component_build_aes_variations() { # ~7m # aes.o has many #if defined(...) guards that intersect in complex ways. # Test that all the combinations build cleanly. The most common issue is # unused variables/functions, so ensure -Wunused is set. @@ -3963,6 +3963,7 @@ component_build_aes_variations() { # 3m20s for h in set unset; do for i in ${AESNI_OPTIONS}; do for j in ${AESCE_OPTIONS}; do + for k in set unset; do if [[ "$h" == "set" ]]; then if [[ !(("$HOSTTYPE" == "aarch64" && "$j" == "set") || ("$HOSTTYPE" == "x86_64" && "$i" == "set")) ]]; then # MBEDTLS_AES_USE_HARDWARE_ONLY requires hw acceleration for the target platform @@ -3984,6 +3985,7 @@ component_build_aes_variations() { # 3m20s echo ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY echo ./scripts/config.py $i MBEDTLS_AESNI_C echo ./scripts/config.py $j MBEDTLS_AESCE_C + echo ./scripts/config.py $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT @@ -3995,6 +3997,7 @@ component_build_aes_variations() { # 3m20s ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY ./scripts/config.py $i MBEDTLS_AESNI_C ./scripts/config.py $j MBEDTLS_AESCE_C + ./scripts/config.py $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH rm -f library/aes.o make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" @@ -4008,6 +4011,7 @@ component_build_aes_variations() { # 3m20s done done done + done } component_test_no_platform () { From 972856219202c4bc134493f6dfc420497959d7ed Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 17:32:06 +0100 Subject: [PATCH 028/191] Improve test speed Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 122 ++++++++++++++++++++++++------------------- 1 file changed, 68 insertions(+), 54 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 238d4ccce..22b471445 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3934,84 +3934,98 @@ component_build_tfm() { make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" } -component_build_aes_variations() { # ~7m +component_build_aes_variations() { + # 1m40 - around 90ms per clang invocation on M1 Pro + # # aes.o has many #if defined(...) guards that intersect in complex ways. # Test that all the combinations build cleanly. The most common issue is # unused variables/functions, so ensure -Wunused is set. msg "build: aes.o for all combinations of relevant config options" + WARNING_FLAGS="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" + # check to see if we can enable MBEDTLS_AES_USE_HARDWARE_ONLY - require # Linux (so we can check for CPU flags) if [[ "$OSTYPE" == "linux-gnu" ]]; then # Runtime detection is supported on Linux, so it's safe to set these here - AESNI_OPTIONS="set unset" - AESCE_OPTIONS="set unset" + AESNI_OPTIONS="0 1" + AESCE_OPTIONS="0 1" else # otherwise leave them unset - AESNI_OPTIONS="unset" - AESCE_OPTIONS="unset" + AESNI_OPTIONS="0" + AESCE_OPTIONS="0" fi - for a in set unset; do - for b in set unset; do - for c in set unset; do - for d in set unset; do - for e in set unset; do - for f in set unset; do - for g in set unset; do - for h in set unset; do - for i in ${AESNI_OPTIONS}; do - for j in ${AESCE_OPTIONS}; do - for k in set unset; do - if [[ "$h" == "set" ]]; then - if [[ !(("$HOSTTYPE" == "aarch64" && "$j" == "set") || ("$HOSTTYPE" == "x86_64" && "$i" == "set")) ]]; then + # clear all the variables, so that we can individually set them via clang + for x in "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" "MBEDTLS_AES_ROM_TABLES" \ + "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" "MBEDTLS_AES_FEWER_TABLES" \ + "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" \ + "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do + echo ./scripts/config.py unset ${x} + ./scripts/config.py unset ${x} + done + + FAILED=0 + + for a in 0 1; do [[ $a == 0 ]] && A="" || A="-DMBEDTLS_AES_SETKEY_ENC_ALT" + for b in 0 1; do [[ $b == 0 ]] && B="" || B="-DMBEDTLS_AES_DECRYPT_ALT" + for c in 0 1; do [[ $c == 0 ]] && C="" || C="-DMBEDTLS_AES_ROM_TABLES" + for d in 0 1; do [[ $d == 0 ]] && D="" || D="-DMBEDTLS_AES_ENCRYPT_ALT" + for e in 0 1; do [[ $e == 0 ]] && E="" || E="-DMBEDTLS_AES_SETKEY_DEC_ALT" + for f in 0 1; do [[ $f == 0 ]] && F="" || F="-DMBEDTLS_AES_FEWER_TABLES" + for g in 0 1; do [[ $g == 0 ]] && G="" || G="-DMBEDTLS_PADLOCK_C" + for h in 0 1; do [[ $h == 0 ]] && H="" || H="-DMBEDTLS_AES_USE_HARDWARE_ONLY" + for i in $AESNI_OPTIONS; do [[ $i == 0 ]] && I="" || I="-DMBEDTLS_AESNI_C" + for j in $AESCE_OPTIONS; do [[ $j == 0 ]] && J="" || J="-DMBEDTLS_AESCE_C" + for k in 0 1; do [[ $k == 0 ]] && K="" || K="-DMBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" + + # skip invalid combinations + if [[ $h -eq 1 ]]; then + if [[ !(("$HOSTTYPE" == "aarch64" && $j -eq 1) || ("$HOSTTYPE" == "x86_64" && $i -eq 1)) ]]; then # MBEDTLS_AES_USE_HARDWARE_ONLY requires hw acceleration for the target platform continue fi - if [[ "$g" == "set" ]]; then + if [[ $g -eq 1 ]]; then # MBEDTLS_AES_USE_HARDWARE_ONLY and MBEDTLS_PADLOCK_C is not supported continue fi fi - echo ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT - echo ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT - echo ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES - echo ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT - echo ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT - echo ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES - echo ./scripts/config.py $g MBEDTLS_PADLOCK_C - echo ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY - echo ./scripts/config.py $i MBEDTLS_AESNI_C - echo ./scripts/config.py $j MBEDTLS_AESCE_C - echo ./scripts/config.py $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + # Check syntax only, for speed + # Capture failures and continue, but hide successes to avoid spamming the log with 2^11 combinations + CMD_FAILED=0 + cmd="clang $A $B $C $D $E $F $G $H $I $J $K -fsyntax-only library/aes.c -Iinclude -std=c99 $WARNING_FLAGS" + $cmd || CMD_FAILED=1 - ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT - ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT - ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES - ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT - ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT - ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES - ./scripts/config.py $g MBEDTLS_PADLOCK_C - ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY - ./scripts/config.py $i MBEDTLS_AESNI_C - ./scripts/config.py $j MBEDTLS_AESCE_C - ./scripts/config.py $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + if [[ $CMD_FAILED -eq 1 ]]; then + FAILED=1 + echo "Failed: $cmd" + echo $a MBEDTLS_AES_SETKEY_ENC_ALT + echo $b MBEDTLS_AES_DECRYPT_ALT + echo $c MBEDTLS_AES_ROM_TABLES + echo $d MBEDTLS_AES_ENCRYPT_ALT + echo $e MBEDTLS_AES_SETKEY_DEC_ALT + echo $f MBEDTLS_AES_FEWER_TABLES + echo $g MBEDTLS_PADLOCK_C + echo $h MBEDTLS_AES_USE_HARDWARE_ONLY + echo $i MBEDTLS_AESNI_C + echo $j MBEDTLS_AESCE_C + echo $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + fi + done + done + done + done + done + done + done + done + done + done + done - rm -f library/aes.o - make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" - done - done - done - done - done - done - done - done - done - done - done + [[ $FAILED -eq 1 ]] && false # fail if any combination failed } component_test_no_platform () { From aea01c9455117da6bee185377a100f46e801f466 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 18:54:49 +0100 Subject: [PATCH 029/191] Use make to parellise tests Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 34 ++++++++++++++-------------------- 1 file changed, 14 insertions(+), 20 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 22b471445..ba43d133d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3935,7 +3935,7 @@ component_build_tfm() { } component_build_aes_variations() { - # 1m40 - around 90ms per clang invocation on M1 Pro + # 18s - around 90ms per clang invocation on M1 Pro # # aes.o has many #if defined(...) guards that intersect in complex ways. # Test that all the combinations build cleanly. The most common issue is @@ -3962,11 +3962,11 @@ component_build_aes_variations() { "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" "MBEDTLS_AES_FEWER_TABLES" \ "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" \ "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do - echo ./scripts/config.py unset ${x} ./scripts/config.py unset ${x} done - FAILED=0 + MAKEFILE=$(mktemp) + DEPS="" for a in 0 1; do [[ $a == 0 ]] && A="" || A="-DMBEDTLS_AES_SETKEY_ENC_ALT" for b in 0 1; do [[ $b == 0 ]] && B="" || B="-DMBEDTLS_AES_DECRYPT_ALT" @@ -3996,23 +3996,12 @@ component_build_aes_variations() { # Capture failures and continue, but hide successes to avoid spamming the log with 2^11 combinations CMD_FAILED=0 cmd="clang $A $B $C $D $E $F $G $H $I $J $K -fsyntax-only library/aes.c -Iinclude -std=c99 $WARNING_FLAGS" - $cmd || CMD_FAILED=1 - if [[ $CMD_FAILED -eq 1 ]]; then - FAILED=1 - echo "Failed: $cmd" - echo $a MBEDTLS_AES_SETKEY_ENC_ALT - echo $b MBEDTLS_AES_DECRYPT_ALT - echo $c MBEDTLS_AES_ROM_TABLES - echo $d MBEDTLS_AES_ENCRYPT_ALT - echo $e MBEDTLS_AES_SETKEY_DEC_ALT - echo $f MBEDTLS_AES_FEWER_TABLES - echo $g MBEDTLS_PADLOCK_C - echo $h MBEDTLS_AES_USE_HARDWARE_ONLY - echo $i MBEDTLS_AESNI_C - echo $j MBEDTLS_AESCE_C - echo $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH - fi + TARGET="t$a$b$c$d$e$f$g$h$i$j$k" + echo "${TARGET}:" >> $MAKEFILE + echo -e "\t$cmd" >> $MAKEFILE + echo >> $MAKEFILE + DEPS="${DEPS} ${TARGET}" done done done @@ -4025,7 +4014,12 @@ component_build_aes_variations() { done done - [[ $FAILED -eq 1 ]] && false # fail if any combination failed + echo "all: ${DEPS}" >> $MAKEFILE + + MAKEFILE_CONTENT=`cat $MAKEFILE` + rm ${MAKEFILE} + NCPUS=$(lscpu -p|tail -n1|sed 's/,.*//') + echo $MAKEFILE_CONTENT | make --quiet -j$((NCPUS * 2)) -f ${MAKEFILE} all } component_test_no_platform () { From 86cc70871ceecfa5d26ce1b736a48b59658ea628 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 22:32:04 +0100 Subject: [PATCH 030/191] fix make issue Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ba43d133d..14d32c158 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4016,10 +4016,9 @@ component_build_aes_variations() { echo "all: ${DEPS}" >> $MAKEFILE - MAKEFILE_CONTENT=`cat $MAKEFILE` - rm ${MAKEFILE} NCPUS=$(lscpu -p|tail -n1|sed 's/,.*//') - echo $MAKEFILE_CONTENT | make --quiet -j$((NCPUS * 2)) -f ${MAKEFILE} all + make --quiet -j$((NCPUS * 2)) -f ${MAKEFILE} all + rm ${MAKEFILE} } component_test_no_platform () { From 8a64fb82a8279e26bf4309716fc1ba40b62b11ca Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 1 Oct 2023 13:31:31 +0100 Subject: [PATCH 031/191] Simplify makefile generation; don't use -j Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 41 ++++++++++++++++++++--------------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 14d32c158..0e3e6d4e5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3949,12 +3949,12 @@ component_build_aes_variations() { # Linux (so we can check for CPU flags) if [[ "$OSTYPE" == "linux-gnu" ]]; then # Runtime detection is supported on Linux, so it's safe to set these here - AESNI_OPTIONS="0 1" - AESCE_OPTIONS="0 1" + AESNI_OPTIONS=("" "-DMBEDTLS_AESNI_C") + AESCE_OPTIONS=("" "-DMBEDTLS_AESCE_C") else # otherwise leave them unset - AESNI_OPTIONS="0" - AESCE_OPTIONS="0" + AESNI_OPTIONS=("") + AESCE_OPTIONS=("") fi # clear all the variables, so that we can individually set them via clang @@ -3968,25 +3968,25 @@ component_build_aes_variations() { MAKEFILE=$(mktemp) DEPS="" - for a in 0 1; do [[ $a == 0 ]] && A="" || A="-DMBEDTLS_AES_SETKEY_ENC_ALT" - for b in 0 1; do [[ $b == 0 ]] && B="" || B="-DMBEDTLS_AES_DECRYPT_ALT" - for c in 0 1; do [[ $c == 0 ]] && C="" || C="-DMBEDTLS_AES_ROM_TABLES" - for d in 0 1; do [[ $d == 0 ]] && D="" || D="-DMBEDTLS_AES_ENCRYPT_ALT" - for e in 0 1; do [[ $e == 0 ]] && E="" || E="-DMBEDTLS_AES_SETKEY_DEC_ALT" - for f in 0 1; do [[ $f == 0 ]] && F="" || F="-DMBEDTLS_AES_FEWER_TABLES" - for g in 0 1; do [[ $g == 0 ]] && G="" || G="-DMBEDTLS_PADLOCK_C" - for h in 0 1; do [[ $h == 0 ]] && H="" || H="-DMBEDTLS_AES_USE_HARDWARE_ONLY" - for i in $AESNI_OPTIONS; do [[ $i == 0 ]] && I="" || I="-DMBEDTLS_AESNI_C" - for j in $AESCE_OPTIONS; do [[ $j == 0 ]] && J="" || J="-DMBEDTLS_AESCE_C" - for k in 0 1; do [[ $k == 0 ]] && K="" || K="-DMBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" + for a in "" "-DMBEDTLS_AES_SETKEY_ENC_ALT"; do + for b in "" "-DMBEDTLS_AES_DECRYPT_ALT"; do + for c in "" "-DMBEDTLS_AES_ROM_TABLES"; do + for d in "" "-DMBEDTLS_AES_ENCRYPT_ALT"; do + for e in "" "-DMBEDTLS_AES_SETKEY_DEC_ALT"; do + for f in "" "-DMBEDTLS_AES_FEWER_TABLES"; do + for g in "" "-DMBEDTLS_PADLOCK_C"; do + for h in "" "-DMBEDTLS_AES_USE_HARDWARE_ONLY"; do + for i in "${AESNI_OPTIONS[@]}"; do + for j in "${AESCE_OPTIONS[@]}"; do + for k in "" "-DMBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do # skip invalid combinations - if [[ $h -eq 1 ]]; then - if [[ !(("$HOSTTYPE" == "aarch64" && $j -eq 1) || ("$HOSTTYPE" == "x86_64" && $i -eq 1)) ]]; then + if [[ "$h" != "" ]]; then + if [[ !(("$HOSTTYPE" == "aarch64" && "$j" != "") || ("$HOSTTYPE" == "x86_64" && "$i" != "")) ]]; then # MBEDTLS_AES_USE_HARDWARE_ONLY requires hw acceleration for the target platform continue fi - if [[ $g -eq 1 ]]; then + if [[ "$g" != "" ]]; then # MBEDTLS_AES_USE_HARDWARE_ONLY and MBEDTLS_PADLOCK_C is not supported continue fi @@ -3995,7 +3995,7 @@ component_build_aes_variations() { # Check syntax only, for speed # Capture failures and continue, but hide successes to avoid spamming the log with 2^11 combinations CMD_FAILED=0 - cmd="clang $A $B $C $D $E $F $G $H $I $J $K -fsyntax-only library/aes.c -Iinclude -std=c99 $WARNING_FLAGS" + cmd="clang $a $b $c $d $e $f $g $h $i $j $k -fsyntax-only library/aes.c -Iinclude -std=c99 $WARNING_FLAGS" TARGET="t$a$b$c$d$e$f$g$h$i$j$k" echo "${TARGET}:" >> $MAKEFILE @@ -4016,8 +4016,7 @@ component_build_aes_variations() { echo "all: ${DEPS}" >> $MAKEFILE - NCPUS=$(lscpu -p|tail -n1|sed 's/,.*//') - make --quiet -j$((NCPUS * 2)) -f ${MAKEFILE} all + make --quiet -f ${MAKEFILE} all rm ${MAKEFILE} } From 184c0af06e1800b6c20c56c4e771d9fb45211d29 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 1 Oct 2023 13:43:02 +0100 Subject: [PATCH 032/191] Remove not-needed edge-case Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 0e3e6d4e5..93739f40b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3945,18 +3945,6 @@ component_build_aes_variations() { WARNING_FLAGS="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" - # check to see if we can enable MBEDTLS_AES_USE_HARDWARE_ONLY - require - # Linux (so we can check for CPU flags) - if [[ "$OSTYPE" == "linux-gnu" ]]; then - # Runtime detection is supported on Linux, so it's safe to set these here - AESNI_OPTIONS=("" "-DMBEDTLS_AESNI_C") - AESCE_OPTIONS=("" "-DMBEDTLS_AESCE_C") - else - # otherwise leave them unset - AESNI_OPTIONS=("") - AESCE_OPTIONS=("") - fi - # clear all the variables, so that we can individually set them via clang for x in "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" "MBEDTLS_AES_ROM_TABLES" \ "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" "MBEDTLS_AES_FEWER_TABLES" \ @@ -3976,8 +3964,8 @@ component_build_aes_variations() { for f in "" "-DMBEDTLS_AES_FEWER_TABLES"; do for g in "" "-DMBEDTLS_PADLOCK_C"; do for h in "" "-DMBEDTLS_AES_USE_HARDWARE_ONLY"; do - for i in "${AESNI_OPTIONS[@]}"; do - for j in "${AESCE_OPTIONS[@]}"; do + for i in "" "-DMBEDTLS_AESNI_C"; do + for j in "" "-DMBEDTLS_AESCE_C"; do for k in "" "-DMBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do # skip invalid combinations From 920343aaf74f1bd2267c8645223bfa9313dfbad1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 1 Oct 2023 18:41:09 +0100 Subject: [PATCH 033/191] Separate out a resuable option cross-product test function Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 132 ++++++++++++++++++++++++------------------- 1 file changed, 73 insertions(+), 59 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 93739f40b..fdbde160a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3934,80 +3934,94 @@ component_build_tfm() { make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" } -component_build_aes_variations() { - # 18s - around 90ms per clang invocation on M1 Pro - # - # aes.o has many #if defined(...) guards that intersect in complex ways. - # Test that all the combinations build cleanly. The most common issue is - # unused variables/functions, so ensure -Wunused is set. +build_test_config_combos() { + # test that the given file builds with all (valid) combinations of the given options. + # syntax: build_test_config_combos FILE VALIDATOR_FUNCTION OPT1 OPT2 ... + # The validator function may be "" if all combinations are valid - msg "build: aes.o for all combinations of relevant config options" + FILE=$1 + shift + # this function must echo something iff the clang "-DA -DB ..." string is invalid + VALIDATE_OPTIONS=$1 + shift + OPTIONS=("$@") + # The most common issue is unused variables/functions, so ensure -Wunused is set. WARNING_FLAGS="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" - # clear all the variables, so that we can individually set them via clang - for x in "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" "MBEDTLS_AES_ROM_TABLES" \ - "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" "MBEDTLS_AES_FEWER_TABLES" \ - "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" \ - "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do - ./scripts/config.py unset ${x} - done - MAKEFILE=$(mktemp) DEPS="" - for a in "" "-DMBEDTLS_AES_SETKEY_ENC_ALT"; do - for b in "" "-DMBEDTLS_AES_DECRYPT_ALT"; do - for c in "" "-DMBEDTLS_AES_ROM_TABLES"; do - for d in "" "-DMBEDTLS_AES_ENCRYPT_ALT"; do - for e in "" "-DMBEDTLS_AES_SETKEY_DEC_ALT"; do - for f in "" "-DMBEDTLS_AES_FEWER_TABLES"; do - for g in "" "-DMBEDTLS_PADLOCK_C"; do - for h in "" "-DMBEDTLS_AES_USE_HARDWARE_ONLY"; do - for i in "" "-DMBEDTLS_AESNI_C"; do - for j in "" "-DMBEDTLS_AESCE_C"; do - for k in "" "-DMBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do + LEN=${#OPTIONS[@]} - # skip invalid combinations - if [[ "$h" != "" ]]; then - if [[ !(("$HOSTTYPE" == "aarch64" && "$j" != "") || ("$HOSTTYPE" == "x86_64" && "$i" != "")) ]]; then - # MBEDTLS_AES_USE_HARDWARE_ONLY requires hw acceleration for the target platform - continue - fi - if [[ "$g" != "" ]]; then - # MBEDTLS_AES_USE_HARDWARE_ONLY and MBEDTLS_PADLOCK_C is not supported - continue - fi + for ((i = 0; i < $((2**${LEN})); i++)); do + # generate each of 2^n combinations of options + # each bit of $i is used to determine if OPTIONS[i] will be set or not + TARGET="t" + CLANG_ARGS="" + for ((j = 0; j < ${LEN}; j++)); do + OPT=${OPTIONS[j]} + X=$(((i >> j) & 1)) + [[ $X == 0 ]] && OPT="" || OPT="-D${OPT}" + CLANG_ARGS="${CLANG_ARGS} ${OPT}" + TARGET="${TARGET}${OPT}" + done + + # check that combination is not known to be invalid + INVALID="" + [[ "$VALIDATE_OPTIONS" != "" ]] && INVALID=$(${VALIDATE_OPTIONS} "${CLANG_ARGS}") + + # if valid, add it to the makefile + if [[ "$INVALID" == "" ]]; then + cmd="clang ${CLANG_ARGS} -fsyntax-only ${FILE} -Iinclude -std=c99 $WARNING_FLAGS" + echo "${TARGET}:" >> ${MAKEFILE} + echo -e "\t$cmd" >> ${MAKEFILE} + + DEPS="${DEPS} ${TARGET}" fi - - # Check syntax only, for speed - # Capture failures and continue, but hide successes to avoid spamming the log with 2^11 combinations - CMD_FAILED=0 - cmd="clang $a $b $c $d $e $f $g $h $i $j $k -fsyntax-only library/aes.c -Iinclude -std=c99 $WARNING_FLAGS" - - TARGET="t$a$b$c$d$e$f$g$h$i$j$k" - echo "${TARGET}:" >> $MAKEFILE - echo -e "\t$cmd" >> $MAKEFILE - echo >> $MAKEFILE - DEPS="${DEPS} ${TARGET}" - done - done - done - done - done - done - done - done - done - done done - echo "all: ${DEPS}" >> $MAKEFILE + echo "all: ${DEPS}" >> ${MAKEFILE} - make --quiet -f ${MAKEFILE} all + # clear all of the options so that they can be overridden on the clang commandline + for OPT in "${OPTIONS[@]}"; do + ./scripts/config.py unset ${OPT} + done + + # execute all of the commands via Make (probably in parallel) + make -s -f ${MAKEFILE} all + + # clean up the temporary makefile rm ${MAKEFILE} } +build_aes_variations_validate_combo() { + if [[ "$1" == *"MBEDTLS_AES_USE_HARDWARE_ONLY"* ]]; then + if [[ "$1" == *"MBEDTLS_PADLOCK_C"* ]]; then + echo 1 + fi + if [[ !(("$HOSTTYPE" == "aarch64" && "$1" != *"MBEDTLS_AESCE_C"*) || \ + ("$HOSTTYPE" == "x86_64" && "$1" != *"MBEDTLS_AESNI_C"*)) ]]; then + echo 1 + fi + fi +} + +component_build_aes_variations() { + # 18s - around 90ms per clang invocation on M1 Pro + # + # aes.o has many #if defined(...) guards that intersect in complex ways. + # Test that all the combinations build cleanly. + + msg "build: aes.o for all combinations of relevant config options" + + build_test_config_combos library/aes.c build_aes_variations_validate_combo \ + "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \ + "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ + "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ + "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" +} + component_test_no_platform () { # Full configuration build, without platform support, file IO and net sockets. # This should catch missing mbedtls_printf definitions, and by disabling file From 43a5ce8c7f1375c4a4e043277e6bd9c5321b79f7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 2 Oct 2023 17:09:37 +0100 Subject: [PATCH 034/191] rename function Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fdbde160a..943ea885c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3995,7 +3995,7 @@ build_test_config_combos() { rm ${MAKEFILE} } -build_aes_variations_validate_combo() { +validate_aes_config_variations() { if [[ "$1" == *"MBEDTLS_AES_USE_HARDWARE_ONLY"* ]]; then if [[ "$1" == *"MBEDTLS_PADLOCK_C"* ]]; then echo 1 @@ -4015,7 +4015,7 @@ component_build_aes_variations() { msg "build: aes.o for all combinations of relevant config options" - build_test_config_combos library/aes.c build_aes_variations_validate_combo \ + build_test_config_combos library/aes.c validate_aes_config_variations \ "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \ "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ From 4243610c15ebd92676d50808cec12314b9eb7020 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 3 Oct 2023 15:47:05 +0100 Subject: [PATCH 035/191] Use make to generate the test command Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 943ea885c..9ebb120a7 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3946,9 +3946,24 @@ build_test_config_combos() { shift OPTIONS=("$@") + # clear all of the options so that they can be overridden on the clang commandline + for OPT in "${OPTIONS[@]}"; do + ./scripts/config.py unset ${OPT} + done + + # enter the directory containing the target file & strip the dir from the filename + cd $(dirname ${FILE}) + FILE=$(basename ${FILE}) + # The most common issue is unused variables/functions, so ensure -Wunused is set. WARNING_FLAGS="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" + # Extract the command generated by the Makefile to build the target file. + # This ensures that we have any include paths, macro definitions, etc + # that may be applied by make. + # Add -fsyntax-only as we only want a syntax check and don't need to generate a file. + MAKE_CMD=$(make -B -n ${FILE} CC=clang CFLAGS="${WARNING_FLAGS} -fsyntax-only" | egrep "^clang") + MAKEFILE=$(mktemp) DEPS="" @@ -3973,7 +3988,7 @@ build_test_config_combos() { # if valid, add it to the makefile if [[ "$INVALID" == "" ]]; then - cmd="clang ${CLANG_ARGS} -fsyntax-only ${FILE} -Iinclude -std=c99 $WARNING_FLAGS" + cmd="${MAKE_CMD} ${CLANG_ARGS}" echo "${TARGET}:" >> ${MAKEFILE} echo -e "\t$cmd" >> ${MAKEFILE} @@ -3983,11 +3998,6 @@ build_test_config_combos() { echo "all: ${DEPS}" >> ${MAKEFILE} - # clear all of the options so that they can be overridden on the clang commandline - for OPT in "${OPTIONS[@]}"; do - ./scripts/config.py unset ${OPT} - done - # execute all of the commands via Make (probably in parallel) make -s -f ${MAKEFILE} all @@ -4015,7 +4025,7 @@ component_build_aes_variations() { msg "build: aes.o for all combinations of relevant config options" - build_test_config_combos library/aes.c validate_aes_config_variations \ + build_test_config_combos library/aes.o validate_aes_config_variations \ "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \ "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ From 3cde6a2be26ae7c00b319edcd0973700f0dbeba1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 3 Oct 2023 16:02:56 +0100 Subject: [PATCH 036/191] Improve naming Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9ebb120a7..56727ce7a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3962,7 +3962,7 @@ build_test_config_combos() { # This ensures that we have any include paths, macro definitions, etc # that may be applied by make. # Add -fsyntax-only as we only want a syntax check and don't need to generate a file. - MAKE_CMD=$(make -B -n ${FILE} CC=clang CFLAGS="${WARNING_FLAGS} -fsyntax-only" | egrep "^clang") + COMPILE_CMD=$(make -B -n ${FILE} CC=clang CFLAGS="${WARNING_FLAGS} -fsyntax-only" | egrep "^clang") MAKEFILE=$(mktemp) DEPS="" @@ -3988,7 +3988,7 @@ build_test_config_combos() { # if valid, add it to the makefile if [[ "$INVALID" == "" ]]; then - cmd="${MAKE_CMD} ${CLANG_ARGS}" + cmd="${COMPILE_CMD} ${CLANG_ARGS}" echo "${TARGET}:" >> ${MAKEFILE} echo -e "\t$cmd" >> ${MAKEFILE} From 5ed7b2dec246ac27ce303884089c8e4e3ef4524c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 3 Oct 2023 18:00:44 +0100 Subject: [PATCH 037/191] Introduce MBEDTLS_ARCH_IS_ARMV8 Signed-off-by: Dave Rodgman --- include/mbedtls/build_info.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 533e076e0..9b9f5f2ac 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -74,6 +74,17 @@ #define MBEDTLS_ARCH_IS_X86 #endif +/* This is defined if the architecture is Armv8, or higher */ +#if !defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(__ARM_ARCH) +#if __ARM_ARCH >= 8 +#define MBEDTLS_ARCH_IS_ARMV8 +#endif +#elif defined(MBEDTLS_ARCH_IS_ARM64) +#define MBEDTLS_ARCH_IS_ARMV8 +#endif +#endif + #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 #endif From cc5bf4946f9376f9410ca145953f4d77ed7b3044 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 3 Oct 2023 18:02:56 +0100 Subject: [PATCH 038/191] Make SHA256 depend on Armv8, not aarch64 Signed-off-by: Dave Rodgman --- include/mbedtls/check_config.h | 5 ++--- library/sha256.c | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index e18e9a5fc..158070783 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -865,9 +865,8 @@ #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && \ - !defined(__aarch64__) && !defined(_M_ARM64) -#error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) +#error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Armv8 system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/library/sha256.c b/library/sha256.c index 223badf00..83dcc8156 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -56,7 +56,7 @@ #include "mbedtls/platform.h" -#if defined(__aarch64__) +#if defined(MBEDTLS_ARCH_IS_ARMV8) # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) From 28e38d8e12a9a4c5562f1cc0ea4a5a0fbbb9d003 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 11:50:30 +0100 Subject: [PATCH 039/191] Use lower-case for local variables Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 62 ++++++++++++++++++++++---------------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 56727ce7a..33a2c9f49 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3939,70 +3939,70 @@ build_test_config_combos() { # syntax: build_test_config_combos FILE VALIDATOR_FUNCTION OPT1 OPT2 ... # The validator function may be "" if all combinations are valid - FILE=$1 + file=$1 shift # this function must echo something iff the clang "-DA -DB ..." string is invalid - VALIDATE_OPTIONS=$1 + validate_options=$1 shift - OPTIONS=("$@") + options=("$@") # clear all of the options so that they can be overridden on the clang commandline - for OPT in "${OPTIONS[@]}"; do - ./scripts/config.py unset ${OPT} + for opt in "${options[@]}"; do + ./scripts/config.py unset ${opt} done # enter the directory containing the target file & strip the dir from the filename - cd $(dirname ${FILE}) - FILE=$(basename ${FILE}) + cd $(dirname ${file}) + file=$(basename ${file}) # The most common issue is unused variables/functions, so ensure -Wunused is set. - WARNING_FLAGS="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" + warning_flags="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" # Extract the command generated by the Makefile to build the target file. # This ensures that we have any include paths, macro definitions, etc # that may be applied by make. # Add -fsyntax-only as we only want a syntax check and don't need to generate a file. - COMPILE_CMD=$(make -B -n ${FILE} CC=clang CFLAGS="${WARNING_FLAGS} -fsyntax-only" | egrep "^clang") + compile_cmd=$(make -B -n ${file} CC=clang CFLAGS="${warning_flags} -fsyntax-only" | egrep "^clang") - MAKEFILE=$(mktemp) - DEPS="" + makefile=$(mktemp) + deps="" - LEN=${#OPTIONS[@]} + len=${#options[@]} - for ((i = 0; i < $((2**${LEN})); i++)); do + for ((i = 0; i < $((2**${len})); i++)); do # generate each of 2^n combinations of options - # each bit of $i is used to determine if OPTIONS[i] will be set or not - TARGET="t" - CLANG_ARGS="" - for ((j = 0; j < ${LEN}; j++)); do - OPT=${OPTIONS[j]} + # each bit of $i is used to determine if options[i] will be set or not + target="t" + clang_args="" + for ((j = 0; j < ${len}; j++)); do + opt=${options[j]} X=$(((i >> j) & 1)) - [[ $X == 0 ]] && OPT="" || OPT="-D${OPT}" - CLANG_ARGS="${CLANG_ARGS} ${OPT}" - TARGET="${TARGET}${OPT}" + [[ $X == 0 ]] && opt="" || opt="-D${opt}" + clang_args="${clang_args} ${opt}" + target="${target}${opt}" done # check that combination is not known to be invalid - INVALID="" - [[ "$VALIDATE_OPTIONS" != "" ]] && INVALID=$(${VALIDATE_OPTIONS} "${CLANG_ARGS}") + invalid="" + [[ "$validate_options" != "" ]] && invalid=$(${validate_options} "${clang_args}") # if valid, add it to the makefile - if [[ "$INVALID" == "" ]]; then - cmd="${COMPILE_CMD} ${CLANG_ARGS}" - echo "${TARGET}:" >> ${MAKEFILE} - echo -e "\t$cmd" >> ${MAKEFILE} + if [[ "$invalid" == "" ]]; then + cmd="${compile_cmd} ${clang_args}" + echo "${target}:" >> ${makefile} + echo -e "\t$cmd" >> ${makefile} - DEPS="${DEPS} ${TARGET}" + deps="${deps} ${target}" fi done - echo "all: ${DEPS}" >> ${MAKEFILE} + echo "all: ${deps}" >> ${makefile} # execute all of the commands via Make (probably in parallel) - make -s -f ${MAKEFILE} all + make -s -f ${makefile} all # clean up the temporary makefile - rm ${MAKEFILE} + rm ${makefile} } validate_aes_config_variations() { From 54ada8bae8ade96010d1005964d782bdb0e3084f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 11:55:25 +0100 Subject: [PATCH 040/191] Improve docs Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 33a2c9f49..34089a402 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3934,14 +3934,17 @@ component_build_tfm() { make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" } +# Test that the given .o file builds with all (valid) combinations of the given options. +# +# Syntax: build_test_config_combos FILE VALIDATOR_FUNCTION OPT1 OPT2 ... +# +# The validator function is the name of a function to validate the combination of options. +# It may be "" if all combinations are valid. +# It receives a string containing a combination of options, as passed to the compiler, +# e.g. "-DOPT1 -DOPT2 ...". It must echo something iff the combination is invalid. build_test_config_combos() { - # test that the given file builds with all (valid) combinations of the given options. - # syntax: build_test_config_combos FILE VALIDATOR_FUNCTION OPT1 OPT2 ... - # The validator function may be "" if all combinations are valid - file=$1 shift - # this function must echo something iff the clang "-DA -DB ..." string is invalid validate_options=$1 shift options=("$@") From b1107aeee1fcb3afced5dea75171e8ec334c0c5d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 12:30:23 +0100 Subject: [PATCH 041/191] Tidy up bash syntax Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 34089a402..ace70d1a4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3978,19 +3978,16 @@ build_test_config_combos() { target="t" clang_args="" for ((j = 0; j < ${len}; j++)); do - opt=${options[j]} - X=$(((i >> j) & 1)) - [[ $X == 0 ]] && opt="" || opt="-D${opt}" + opt= + if (((i >> j) & 1)); then + opt=-D${options[j]} + fi clang_args="${clang_args} ${opt}" target="${target}${opt}" done - # check that combination is not known to be invalid - invalid="" - [[ "$validate_options" != "" ]] && invalid=$(${validate_options} "${clang_args}") - - # if valid, add it to the makefile - if [[ "$invalid" == "" ]]; then + # if combination is not known to be invalid, add it to the makefile + if [[ -z $validate_options ]] || [[ $($validate_options "${clang_args}") == "" ]] ; then cmd="${compile_cmd} ${clang_args}" echo "${target}:" >> ${makefile} echo -e "\t$cmd" >> ${makefile} From 7a8a2490e58330907c7b67e53be210782c101ec3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 13:14:20 +0100 Subject: [PATCH 042/191] Tidy-up Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ace70d1a4..164c2e99f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3978,12 +3978,11 @@ build_test_config_combos() { target="t" clang_args="" for ((j = 0; j < ${len}; j++)); do - opt= if (((i >> j) & 1)); then opt=-D${options[j]} + clang_args="${clang_args} ${opt}" + target="${target}${opt}" fi - clang_args="${clang_args} ${opt}" - target="${target}${opt}" done # if combination is not known to be invalid, add it to the makefile From a7127eb67cecc021987cd186a04965c52887c52f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 13:38:41 +0100 Subject: [PATCH 043/191] tidy up Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 164c2e99f..90e5f1bd7 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3979,7 +3979,7 @@ build_test_config_combos() { clang_args="" for ((j = 0; j < ${len}; j++)); do if (((i >> j) & 1)); then - opt=-D${options[j]} + opt=-D${options[$j]} clang_args="${clang_args} ${opt}" target="${target}${opt}" fi @@ -4007,11 +4007,11 @@ build_test_config_combos() { validate_aes_config_variations() { if [[ "$1" == *"MBEDTLS_AES_USE_HARDWARE_ONLY"* ]]; then if [[ "$1" == *"MBEDTLS_PADLOCK_C"* ]]; then - echo 1 + echo INVALID fi if [[ !(("$HOSTTYPE" == "aarch64" && "$1" != *"MBEDTLS_AESCE_C"*) || \ ("$HOSTTYPE" == "x86_64" && "$1" != *"MBEDTLS_AESNI_C"*)) ]]; then - echo 1 + echo INVALID fi fi } From 1ec1a0f0cc74cfe94c883932103edf0e9f26cdcc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 13:50:54 +0100 Subject: [PATCH 044/191] Introduce MBEDTLS_MAYBE_UNUSED Signed-off-by: Dave Rodgman --- library/common.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/common.h b/library/common.h index 3c472c685..1fc04a32e 100644 --- a/library/common.h +++ b/library/common.h @@ -334,4 +334,11 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #define MBEDTLS_OPTIMIZE_FOR_PERFORMANCE #endif +/* Suppress compiler warnings for unused functions and variables. */ +#if defined(__GNUC__) +#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#else +#define MBEDTLS_MAYBE_UNUSED +#endif + #endif /* MBEDTLS_LIBRARY_COMMON_H */ From 18ddf61a750a2a04ca677bbcb254d84f3ce1a84e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 14:03:12 +0100 Subject: [PATCH 045/191] Use MBEDTLS_MAYBE_UNUSED to simplify aes.c and let compiler remove unused variables Signed-off-by: Dave Rodgman --- library/aes.c | 103 +++++++++++++------------------------------------- 1 file changed, 26 insertions(+), 77 deletions(-) diff --git a/library/aes.c b/library/aes.c index 3e27cd39b..d23222981 100644 --- a/library/aes.c +++ b/library/aes.c @@ -84,11 +84,7 @@ static int aes_padlock_ace = -1; /* * Forward S-box */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || \ - (!defined(MBEDTLS_AES_SETKEY_ENC_ALT) && (!defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \ - !defined(MBEDTLS_AES_ROM_TABLES))) || \ - (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) -static const unsigned char FSb[256] = +MBEDTLS_MAYBE_UNUSED static const unsigned char FSb[256] = { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, @@ -123,8 +119,6 @@ static const unsigned char FSb[256] = 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }; -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ /* * Forward tables @@ -196,36 +190,28 @@ static const unsigned char FSb[256] = V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \ V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C) -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) #define V(a, b, c, d) 0x##a##b##c##d -static const uint32_t FT0[256] = { FT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t FT0[256] = { FT }; #undef V -#if !defined(MBEDTLS_AES_FEWER_TABLES) - #define V(a, b, c, d) 0x##b##c##d##a -static const uint32_t FT1[256] = { FT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t FT1[256] = { FT }; #undef V #define V(a, b, c, d) 0x##c##d##a##b -static const uint32_t FT2[256] = { FT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t FT2[256] = { FT }; #undef V #define V(a, b, c, d) 0x##d##a##b##c -static const uint32_t FT3[256] = { FT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t FT3[256] = { FT }; #undef V -#endif /* !MBEDTLS_AES_FEWER_TABLES */ - -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */ - #undef FT -#if !defined(MBEDTLS_AES_DECRYPT_ALT) /* * Reverse S-box */ -static const unsigned char RSb[256] = +MBEDTLS_MAYBE_UNUSED static const unsigned char RSb[256] = { 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, @@ -260,7 +246,6 @@ static const unsigned char RSb[256] = 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D }; -#endif /* defined(MBEDTLS_AES_DECRYPT_ALT)) */ /* * Reverse tables @@ -332,88 +317,60 @@ static const unsigned char RSb[256] = V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \ V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0) -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || \ - (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) #define V(a, b, c, d) 0x##a##b##c##d -static const uint32_t RT0[256] = { RT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t RT0[256] = { RT }; #undef V -#if !defined(MBEDTLS_AES_FEWER_TABLES) - #define V(a, b, c, d) 0x##b##c##d##a -static const uint32_t RT1[256] = { RT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t RT1[256] = { RT }; #undef V #define V(a, b, c, d) 0x##c##d##a##b -static const uint32_t RT2[256] = { RT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t RT2[256] = { RT }; #undef V #define V(a, b, c, d) 0x##d##a##b##c -static const uint32_t RT3[256] = { RT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t RT3[256] = { RT }; #undef V -#endif /* !MBEDTLS_AES_FEWER_TABLES */ - -#endif \ - /* !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) */ - #undef RT -#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) /* * Round constants */ -static const uint32_t RCON[10] = +MBEDTLS_MAYBE_UNUSED static const uint32_t RCON[10] = { 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010, 0x00000020, 0x00000040, 0x00000080, 0x0000001B, 0x00000036 }; -#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ #else /* MBEDTLS_AES_ROM_TABLES */ /* * Forward S-box & tables */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || \ - (!defined(MBEDTLS_AES_SETKEY_ENC_ALT) && (!defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \ - !defined(MBEDTLS_AES_ROM_TABLES))) || \ - (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) -static unsigned char FSb[256]; -#endif -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) -static uint32_t FT0[256]; -#if !defined(MBEDTLS_AES_FEWER_TABLES) -static uint32_t FT1[256]; -static uint32_t FT2[256]; -static uint32_t FT3[256]; -#endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ +MBEDTLS_MAYBE_UNUSED static unsigned char FSb[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t FT0[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t FT1[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t FT2[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t FT3[256]; /* * Reverse S-box & tables */ -#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) -static unsigned char RSb[256]; -#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */ +MBEDTLS_MAYBE_UNUSED static unsigned char RSb[256]; -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && \ - !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) -static uint32_t RT0[256]; -#if !defined(MBEDTLS_AES_FEWER_TABLES) -static uint32_t RT1[256]; -static uint32_t RT2[256]; -static uint32_t RT3[256]; -#endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +MBEDTLS_MAYBE_UNUSED static uint32_t RT0[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t RT1[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t RT2[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t RT3[256]; -#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* * Round constants */ -static uint32_t RCON[10]; +MBEDTLS_MAYBE_UNUSED static uint32_t RCON[10]; /* * Tables generation code @@ -422,9 +379,9 @@ static uint32_t RCON[10]; #define XTIME(x) (((x) << 1) ^ (((x) & 0x80) ? 0x1B : 0x00)) #define MUL(x, y) (((x) && (y)) ? pow[(log[(x)]+log[(y)]) % 255] : 0) -static int aes_init_done = 0; +MBEDTLS_MAYBE_UNUSED static int aes_init_done = 0; -static void aes_gen_tables(void) +MBEDTLS_MAYBE_UNUSED static void aes_gen_tables(void) { int i; uint8_t x, y, z; @@ -505,8 +462,6 @@ static void aes_gen_tables(void) } } -#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ - #undef ROTL8 #endif /* MBEDTLS_AES_ROM_TABLES */ @@ -584,9 +539,7 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx) #define MAY_NEED_TO_ALIGN #endif -#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_ENC_ALT) -static unsigned mbedtls_aes_rk_offset(uint32_t *buf) +MBEDTLS_MAYBE_UNUSED static unsigned mbedtls_aes_rk_offset(uint32_t *buf) { #if defined(MAY_NEED_TO_ALIGN) int align_16_bytes = 0; @@ -622,8 +575,6 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf) return 0; } -#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ /* * AES key schedule (encryption) @@ -1056,7 +1007,6 @@ int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, } #endif /* !MBEDTLS_AES_DECRYPT_ALT */ -#if defined(MAY_NEED_TO_ALIGN) /* VIA Padlock and our intrinsics-based implementation of AESNI require * the round keys to be aligned on a 16-byte boundary. We take care of this * before creating them, but the AES context may have moved (this can happen @@ -1064,7 +1014,7 @@ int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, * calls it might have a different alignment with respect to 16-byte memory. * So we may need to realign. */ -static void aes_maybe_realign(mbedtls_aes_context *ctx) +MBEDTLS_MAYBE_UNUSED static void aes_maybe_realign(mbedtls_aes_context *ctx) { unsigned new_offset = mbedtls_aes_rk_offset(ctx->buf); if (new_offset != ctx->rk_offset) { @@ -1074,7 +1024,6 @@ static void aes_maybe_realign(mbedtls_aes_context *ctx) ctx->rk_offset = new_offset; } } -#endif /* * AES-ECB block encryption/decryption From feadcaf4a6cd700c1074cffe19aff9add91d3ba6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 15:27:33 +0100 Subject: [PATCH 046/191] Support MBEDTLS_MAYBE_UNUSED in MSVC and IAR Signed-off-by: Dave Rodgman --- library/common.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/common.h b/library/common.h index 1fc04a32e..910106bde 100644 --- a/library/common.h +++ b/library/common.h @@ -337,6 +337,12 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, /* Suppress compiler warnings for unused functions and variables. */ #if defined(__GNUC__) #define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#elif defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) +#if (__VER__ >= 8000000) +#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#endif +#elif defined(_MSC_VER) +#define MBEDTLS_MAYBE_UNUSED __pragma(warning(suppress:4189)) #else #define MBEDTLS_MAYBE_UNUSED #endif From d9e8083d262c9cfa24cd70bdb17c70ce04391632 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:17:46 +0100 Subject: [PATCH 047/191] Add tests for SHA256 on ARMCE for thumb, arm and aarch64 Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9e1d84f5d..1d9f32d9d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4354,6 +4354,27 @@ component_build_aes_aesce_armcc () { armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" } +component_build_sha_armce () { + # Test variations of SHA256 Armv8 crypto extensions + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" +} + # For timebeing, no VIA Padlock platform available. component_build_aes_via_padlock () { From 793e264fbbd2ea57213f0d577d42d22cb50880b7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:36:20 +0100 Subject: [PATCH 048/191] Fix indentation Signed-off-by: Dave Rodgman --- library/sha256.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/sha256.c b/library/sha256.c index 83dcc8156..55f8d635c 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -69,7 +69,7 @@ # error "Target does not support NEON instructions" # endif -# if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) +# if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 # error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" From ebe4292a9ce6fda09f061fb6c4c2977efb739a34 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:36:44 +0100 Subject: [PATCH 049/191] Improve behaviour on gcc targetting arm or thumb Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/sha256.c b/library/sha256.c index 55f8d635c..f0eb6ad58 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -101,6 +101,10 @@ # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_COMPILER_IS_GCC) && !defined(MBEDTLS_ARCH_IS_ARM64) +# warning "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" +# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# endif # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ From 86908590977819e18bea5b3e097d00ab47fe65e0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:40:25 +0100 Subject: [PATCH 050/191] Improve docs Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index af0761395..14d19aeb6 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3280,7 +3280,8 @@ * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, - * armclang 6.6 or GCC 6.0. + * armclang 6.6 or GCC 6.0. Targetting Thumb or 32-bit arm with GCC is not + * supported. * * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 From d30728cf5e3e6fde80a082976cffe6493c6a300c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 18:04:39 +0100 Subject: [PATCH 051/191] Add Changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/sha256-armce-arm.txt diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt new file mode 100644 index 000000000..aaa6e39db --- /dev/null +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -0,0 +1,4 @@ +Features + * Support Armv8 Crypto Extension acceleration for SHA-256 + when compiling for Thumb or 32-bit Arm. + From 04d0d06e83729d991a5deb90163f911c8b8c10c1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 18:05:08 +0100 Subject: [PATCH 052/191] Code style Signed-off-by: Dave Rodgman --- library/sha256.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/sha256.c b/library/sha256.c index f0eb6ad58..00a01ea3d 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -102,7 +102,8 @@ # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) # if defined(MBEDTLS_COMPILER_IS_GCC) && !defined(MBEDTLS_ARCH_IS_ARM64) -# warning "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" +# warning \ + "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" # undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT # endif # if defined(__unix__) From 749f2227c67b5b07fe9c6633b0b8767de511a8b2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 15:38:58 +0100 Subject: [PATCH 053/191] Get MBEDTLS_MAYBE_UNUSED to cover more compilers Signed-off-by: Dave Rodgman --- library/common.h | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/library/common.h b/library/common.h index 910106bde..436e35a91 100644 --- a/library/common.h +++ b/library/common.h @@ -335,15 +335,23 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #endif /* Suppress compiler warnings for unused functions and variables. */ -#if defined(__GNUC__) -#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) -#elif defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) -#if (__VER__ >= 8000000) +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__GNUC__) #define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) #endif -#elif defined(_MSC_VER) +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) +#if (__VER__ >= 8010000) // IAR 8.1 or later +#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#endif +#endif +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(_MSC_VER) #define MBEDTLS_MAYBE_UNUSED __pragma(warning(suppress:4189)) -#else +#endif +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__has_attribute) +#if __has_attribute(unused) +#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#endif +#endif +#if !defined(MBEDTLS_MAYBE_UNUSED) #define MBEDTLS_MAYBE_UNUSED #endif From 9ed1853093cf1bf748a84b112a90e100a6307f8f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 00:06:47 +0100 Subject: [PATCH 054/191] require clang 4 for testing Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1d9f32d9d..b7f4f4df6 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4354,6 +4354,12 @@ component_build_aes_aesce_armcc () { armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" } +support_build_sha_armce() { + # clang >= 4 is required to build with SHA extensions + ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" + [ "${ver}" -ge 4 ] +} + component_build_sha_armce () { # Test variations of SHA256 Armv8 crypto extensions scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT From 9bf752c45d3fc2d4df3c42de4a9fa630a53d401f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 08:20:44 +0100 Subject: [PATCH 055/191] Support MSVS with clang Signed-off-by: Dave Rodgman --- library/common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index 436e35a91..de26d451b 100644 --- a/library/common.h +++ b/library/common.h @@ -335,7 +335,7 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #endif /* Suppress compiler warnings for unused functions and variables. */ -#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__GNUC__) +#if !defined(MBEDTLS_MAYBE_UNUSED) && (defined(__GNUC__) || defined(__clang__)) #define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) #endif #if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) From ca92f50e124abea85870ece48d5ee2fe365ce859 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 08:24:55 +0100 Subject: [PATCH 056/191] Update docs for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 14d19aeb6..3d44b075c 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3277,7 +3277,7 @@ * If not, the library will fall back to the C implementation. * * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building - * for a non-Aarch64 build it will be silently ignored. + * for a non-Armv8 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. Targetting Thumb or 32-bit arm with GCC is not From bfe6021e8541e3643e97e3e7b254c53900ceb06e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 08:31:22 +0100 Subject: [PATCH 057/191] Improve docs Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 3d44b075c..2b9e29ba2 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3280,8 +3280,11 @@ * for a non-Armv8 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, - * armclang 6.6 or GCC 6.0. Targetting Thumb or 32-bit arm with GCC is not - * supported. + * armclang 6.6 or GCC 6.0. + * + * \note GCC for Thumb or 32-bit Armv8 targets supports accelerated SHA-256 + * via #MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY, but does not support runtime + * detection via #MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. * * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 From 7ed619d3fa0d4d80df7eec1cd1e90abf861a2941 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 09:39:56 +0100 Subject: [PATCH 058/191] Enable run-time detection for Thumb and Arm Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 4 ---- library/sha256.c | 12 +++++++----- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 2b9e29ba2..a104114b4 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3282,10 +3282,6 @@ * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. * - * \note GCC for Thumb or 32-bit Armv8 targets supports accelerated SHA-256 - * via #MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY, but does not support runtime - * detection via #MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. - * * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 * diff --git a/library/sha256.c b/library/sha256.c index 00a01ea3d..b603b86c9 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -44,6 +44,9 @@ #define MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG #endif +/* Ensure that SIG_SETMASK is defined when -std=c99 is used. */ +#define _GNU_SOURCE + #include "common.h" #if defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA224_C) @@ -101,11 +104,6 @@ # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) -# if defined(MBEDTLS_COMPILER_IS_GCC) && !defined(MBEDTLS_ARCH_IS_ARM64) -# warning \ - "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT -# endif # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -185,7 +183,11 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) if (setjmp(return_from_sigill) == 0) { /* First return only */ /* If this traps, we will return a second time from setjmp() with 1 */ +#if defined(MBEDTLS_ARCH_IS_ARM64) asm ("sha256h q0, q0, v0.4s" : : : "v0"); +#else + asm ("sha256h.32 q0, q0, q0" : : : "q0"); +#endif ret = 1; } From cd65400c48ca10020f948c87f78cdd71fcc9a6a8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 09:40:07 +0100 Subject: [PATCH 059/191] Add tests for runtime detection Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b7f4f4df6..32d1a1527 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4379,6 +4379,13 @@ component_build_sha_armce () { msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + } # For timebeing, no VIA Padlock platform available. From 3ba9ce3c1def3278791704fe40d6cc38be201c97 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 09:58:33 +0100 Subject: [PATCH 060/191] Warn if using runtime detection and no Neon Signed-off-by: Dave Rodgman --- library/sha256.c | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index b603b86c9..8315b71f3 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -61,17 +61,24 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8) -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) - /* *INDENT-OFF* */ -# ifdef __ARM_NEON -# include -# else -# error "Target does not support NEON instructions" +# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# ifdef __ARM_NEON +# include +# else +# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# warning "Target does not support NEON instructions" +# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# else +# error "Target does not support NEON instructions" +# endif +# endif # endif +# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 From 790370b3924779f5f1cc015359df13a3484e8ba1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 11:01:31 +0100 Subject: [PATCH 061/191] code style Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 8315b71f3..c6a118d92 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -61,8 +61,6 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8) -/* *INDENT-OFF* */ - # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) # ifdef __ARM_NEON @@ -79,6 +77,8 @@ # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +/* *INDENT-OFF* */ + # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 From 9a36f4cb97a887ab3f654538b04ce59820b7d504 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 11:25:52 +0100 Subject: [PATCH 062/191] Fix cast errors on IAR Signed-off-by: Dave Rodgman --- library/sha256.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index c6a118d92..37f68c743 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -336,10 +336,10 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( uint32x4_t abcd_orig = abcd; uint32x4_t efgh_orig = efgh; - uint32x4_t sched0 = (uint32x4_t) vld1q_u8(msg + 16 * 0); - uint32x4_t sched1 = (uint32x4_t) vld1q_u8(msg + 16 * 1); - uint32x4_t sched2 = (uint32x4_t) vld1q_u8(msg + 16 * 2); - uint32x4_t sched3 = (uint32x4_t) vld1q_u8(msg + 16 * 3); + uint32x4_t sched0 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 0)); + uint32x4_t sched1 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 1)); + uint32x4_t sched2 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 2)); + uint32x4_t sched3 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 3)); #if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ /* Will be true if not defined */ /* Untested on BE */ From bc2d2179beb74b70d6d4e497438bd9a554703fa6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 11:36:26 +0100 Subject: [PATCH 063/191] Update baremetal config to exclude MBEDTLS_SHAxxx_USE_A64_CRYPTO_IF_PRESENT Signed-off-by: Dave Rodgman --- scripts/config.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/config.py b/scripts/config.py index 17fbe653a..1a71cb35f 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -278,6 +278,8 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_THREADING_C', # requires a threading interface 'MBEDTLS_THREADING_PTHREAD', # requires pthread 'MBEDTLS_TIMING_C', # requires a clock + 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): From d3925d25ec1a6d2a4b60d699cafe69dbd62cc61d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 6 Oct 2023 13:13:19 +0200 Subject: [PATCH 064/191] pk_internal: change guards for mbedtls_pk_ec_[ro/rw] Signed-off-by: Valerio Setti --- library/pk_internal.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/pk_internal.h b/library/pk_internal.h index 67ee5fea2..d3a8e3198 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -44,7 +44,7 @@ psa_pk_status_to_mbedtls) #endif -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) /** * Public function mbedtls_pk_ec() can be used to get direct access to the * wrapped ecp_keypair structure pointed to the pk_ctx. However this is not @@ -80,7 +80,9 @@ static inline mbedtls_ecp_keypair *mbedtls_pk_ec_rw(const mbedtls_pk_context pk) return NULL; } } +#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) static inline mbedtls_ecp_group_id mbedtls_pk_get_group_id(const mbedtls_pk_context *pk) { mbedtls_ecp_group_id id; From e7cefae5f4190bee3363402da4f772da8d4e090f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 6 Oct 2023 13:19:48 +0200 Subject: [PATCH 065/191] ssl: fix getting group id in ssl_check_key_curve() Signed-off-by: Valerio Setti --- library/ssl_tls12_server.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index d2143ac15..b4719d6d1 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -676,7 +676,11 @@ static int ssl_check_key_curve(mbedtls_pk_context *pk, uint16_t *curves_tls_id) { uint16_t *curr_tls_id = curves_tls_id; +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); +#else mbedtls_ecp_group_id grp_id = mbedtls_pk_ec_ro(*pk)->grp.id; +#endif mbedtls_ecp_group_id curr_grp_id; while (*curr_tls_id != 0) { From 85d2a985496aa143d5e4e08f5995b5727c097287 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 6 Oct 2023 16:04:49 +0200 Subject: [PATCH 066/191] md: move definitions of MBEDTLS_MD_CAN to config_adjust_legacy_crypto.h Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 114 ++++++++++++++++++ include/mbedtls/md.h | 114 ------------------ 2 files changed, 114 insertions(+), 114 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 6ec59f193..a8ea53d95 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -56,6 +56,120 @@ #define MBEDTLS_MD_LIGHT #endif +#if defined(MBEDTLS_MD_LIGHT) +/* + * - MBEDTLS_MD_CAN_xxx is defined if the md module can perform xxx. + * - MBEDTLS_MD_xxx_VIA_PSA is defined if the md module may perform xxx via PSA + * (see below). + * - MBEDTLS_MD_SOME_PSA is defined if at least one algorithm may be performed + * via PSA (see below). + * - MBEDTLS_MD_SOME_LEGACY is defined if at least one algorithm may be performed + * via a direct legacy call (see below). + * + * The md module performs an algorithm via PSA if there is a PSA hash + * accelerator and the PSA driver subsytem is initialized at the time the + * operation is started, and makes a direct legacy call otherwise. + */ + +/* PSA accelerated implementations */ +#if defined(MBEDTLS_PSA_CRYPTO_C) + +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) +#define MBEDTLS_MD_CAN_MD5 +#define MBEDTLS_MD_MD5_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) +#define MBEDTLS_MD_CAN_SHA1 +#define MBEDTLS_MD_SHA1_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) +#define MBEDTLS_MD_CAN_SHA224 +#define MBEDTLS_MD_SHA224_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) +#define MBEDTLS_MD_CAN_SHA256 +#define MBEDTLS_MD_SHA256_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) +#define MBEDTLS_MD_CAN_SHA384 +#define MBEDTLS_MD_SHA384_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) +#define MBEDTLS_MD_CAN_SHA512 +#define MBEDTLS_MD_SHA512_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) +#define MBEDTLS_MD_CAN_RIPEMD160 +#define MBEDTLS_MD_RIPEMD160_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) +#define MBEDTLS_MD_CAN_SHA3_224 +#define MBEDTLS_MD_SHA3_224_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) +#define MBEDTLS_MD_CAN_SHA3_256 +#define MBEDTLS_MD_SHA3_256_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) +#define MBEDTLS_MD_CAN_SHA3_384 +#define MBEDTLS_MD_SHA3_384_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) +#define MBEDTLS_MD_CAN_SHA3_512 +#define MBEDTLS_MD_SHA3_512_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#endif /* MBEDTLS_PSA_CRYPTO_C */ + +/* Built-in implementations */ +#if defined(MBEDTLS_MD5_C) +#define MBEDTLS_MD_CAN_MD5 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA1_C) +#define MBEDTLS_MD_CAN_SHA1 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA224_C) +#define MBEDTLS_MD_CAN_SHA224 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA256_C) +#define MBEDTLS_MD_CAN_SHA256 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA384_C) +#define MBEDTLS_MD_CAN_SHA384 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA512_C) +#define MBEDTLS_MD_CAN_SHA512 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA3_C) +#define MBEDTLS_MD_CAN_SHA3_224 +#define MBEDTLS_MD_CAN_SHA3_256 +#define MBEDTLS_MD_CAN_SHA3_384 +#define MBEDTLS_MD_CAN_SHA3_512 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_RIPEMD160_C) +#define MBEDTLS_MD_CAN_RIPEMD160 +#define MBEDTLS_MD_SOME_LEGACY +#endif + +#endif /* MBEDTLS_MD_LIGHT */ + /* MBEDTLS_ECP_LIGHT is auto-enabled by the following symbols: * - MBEDTLS_ECP_C because now it consists of MBEDTLS_ECP_LIGHT plus functions * for curve arithmetic. As a consequence if MBEDTLS_ECP_C is required for diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index c9a7858f3..e5b30d045 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -32,120 +32,6 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform_util.h" -#if defined(MBEDTLS_MD_LIGHT) - -/* - * - MBEDTLS_MD_CAN_xxx is defined if the md module can perform xxx. - * - MBEDTLS_MD_xxx_VIA_PSA is defined if the md module may perform xxx via PSA - * (see below). - * - MBEDTLS_MD_SOME_PSA is defined if at least one algorithm may be performed - * via PSA (see below). - * - MBEDTLS_MD_SOME_LEGACY is defined if at least one algorithm may be performed - * via a direct legacy call (see below). - * - * The md module performs an algorithm via PSA if there is a PSA hash - * accelerator and the PSA driver subsytem is initialized at the time the - * operation is started, and makes a direct legacy call otherwise. - */ - -/* PSA accelerated implementations */ -#if defined(MBEDTLS_PSA_CRYPTO_C) -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) -#define MBEDTLS_MD_CAN_MD5 -#define MBEDTLS_MD_MD5_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) -#define MBEDTLS_MD_CAN_SHA1 -#define MBEDTLS_MD_SHA1_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) -#define MBEDTLS_MD_CAN_SHA224 -#define MBEDTLS_MD_SHA224_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) -#define MBEDTLS_MD_CAN_SHA256 -#define MBEDTLS_MD_SHA256_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) -#define MBEDTLS_MD_CAN_SHA384 -#define MBEDTLS_MD_SHA384_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) -#define MBEDTLS_MD_CAN_SHA512 -#define MBEDTLS_MD_SHA512_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) -#define MBEDTLS_MD_CAN_RIPEMD160 -#define MBEDTLS_MD_RIPEMD160_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) -#define MBEDTLS_MD_CAN_SHA3_224 -#define MBEDTLS_MD_SHA3_224_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) -#define MBEDTLS_MD_CAN_SHA3_256 -#define MBEDTLS_MD_SHA3_256_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) -#define MBEDTLS_MD_CAN_SHA3_384 -#define MBEDTLS_MD_SHA3_384_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) -#define MBEDTLS_MD_CAN_SHA3_512 -#define MBEDTLS_MD_SHA3_512_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#endif /* MBEDTLS_PSA_CRYPTO_C */ - -/* Built-in implementations */ -#if defined(MBEDTLS_MD5_C) -#define MBEDTLS_MD_CAN_MD5 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA1_C) -#define MBEDTLS_MD_CAN_SHA1 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA224_C) -#define MBEDTLS_MD_CAN_SHA224 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA256_C) -#define MBEDTLS_MD_CAN_SHA256 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA384_C) -#define MBEDTLS_MD_CAN_SHA384 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA512_C) -#define MBEDTLS_MD_CAN_SHA512 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA3_C) -#define MBEDTLS_MD_CAN_SHA3_224 -#define MBEDTLS_MD_CAN_SHA3_256 -#define MBEDTLS_MD_CAN_SHA3_384 -#define MBEDTLS_MD_CAN_SHA3_512 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_RIPEMD160_C) -#define MBEDTLS_MD_CAN_RIPEMD160 -#define MBEDTLS_MD_SOME_LEGACY -#endif - -#endif /* MBEDTLS_MD_LIGHT */ - /** The selected feature is not available. */ #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /** Bad input parameters to function. */ From 8ba9f42acd43520fc5577724e7e44ae2c2cbbf7d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 10:46:25 +0100 Subject: [PATCH 067/191] Fix arch detection for auto setting of clang flags Signed-off-by: Dave Rodgman --- library/sha256.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 37f68c743..e655cf8b9 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -22,8 +22,17 @@ * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf */ -#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ - defined(__clang__) && __clang_major__ >= 4 +#if defined(__clang__) && (__clang_major__ >= 4) + +/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8 in the following #if, + * but that is defined by build_info.h, and we need this block to happen first. */ +#if defined(__ARM_ARCH) +#if __ARM_ARCH >= 8 +#define MBEDTLS_SHA256_ARCH_IS_ARMV8 +#endif +#endif + +#if defined(MBEDTLS_SHA256_ARCH_IS_ARMV8) && !defined(__ARM_FEATURE_CRYPTO) /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: @@ -44,6 +53,8 @@ #define MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG #endif +#endif /* defined(__clang__) && (__clang_major__ >= 4) */ + /* Ensure that SIG_SETMASK is defined when -std=c99 is used. */ #define _GNU_SOURCE From dfd7ca63447a9d6df2ed86c7869eb1d9f3d623c7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 9 Oct 2023 16:30:11 +0200 Subject: [PATCH 068/191] analyze_outcomes: rename some variables for better readability Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 35 ++++++++++++++----------------- 1 file changed, 16 insertions(+), 19 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 1f20734b1..f7fc4e3ef 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -179,7 +179,7 @@ def do_analyze_driver_vs_reference(outcome_file, args): args['ignored_tests']) # List of tasks with a function that can handle this task and additional arguments if required -TASKS = { +KNOWN_TASKS = { 'analyze_coverage': { 'test_function': do_analyze_coverage, 'args': { @@ -645,7 +645,7 @@ def main(): parser = argparse.ArgumentParser(description=__doc__) parser.add_argument('outcomes', metavar='OUTCOMES.CSV', help='Outcome file to analyze') - parser.add_argument('task', default='all', nargs='?', + parser.add_argument('specified_tasks', default='all', nargs='?', help='Analysis to be done. By default, run all tasks. ' 'With one or more TASK, run only those. ' 'TASK can be the name of a single task or ' @@ -660,31 +660,28 @@ def main(): options = parser.parse_args() if options.list: - for task in TASKS: + for task in KNOWN_TASKS: Results.log(task) sys.exit(0) - result = True - - if options.task == 'all': - tasks = TASKS.keys() + if options.specified_tasks == 'all': + tasks_list = KNOWN_TASKS.keys() else: - tasks = re.split(r'[, ]+', options.task) + tasks_list = re.split(r'[, ]+', options.specified_tasks) - for task in tasks: - if task not in TASKS: - Results.log('Error: invalid task: {}'.format(task)) - sys.exit(1) + for task in tasks_list: + if task not in KNOWN_TASKS: - TASKS['analyze_coverage']['args']['full_coverage'] = \ - options.full_coverage + KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage - for task in TASKS: - if task in tasks: - if not TASKS[task]['test_function'](options.outcomes, TASKS[task]['args']): - result = False + all_succeeded = True - if result is False: + for task in KNOWN_TASKS: + if task in tasks_list: + if not KNOWN_TASKS[task]['test_function'](options.outcomes, KNOWN_TASKS[task]['args']): + all_succeeded = False + + if all_succeeded is False: sys.exit(1) Results.log("SUCCESS :-)") except Exception: # pylint: disable=broad-except From 78d78462ac9ba048d026647dd2cdfbd0eaffd561 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 09:53:44 +0100 Subject: [PATCH 069/191] Make asm without side-effects not optimisable-out Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index e655cf8b9..18be8a4b9 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -202,9 +202,9 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) if (setjmp(return_from_sigill) == 0) { /* First return only */ /* If this traps, we will return a second time from setjmp() with 1 */ #if defined(MBEDTLS_ARCH_IS_ARM64) - asm ("sha256h q0, q0, v0.4s" : : : "v0"); + asm volatile ("sha256h q0, q0, v0.4s" : : : "v0"); #else - asm ("sha256h.32 q0, q0, q0" : : : "q0"); + asm volatile ("sha256h.32 q0, q0, q0" : : : "q0"); #endif ret = 1; } From 88d806254535a1430527655488be7102b3518008 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 10:14:26 +0100 Subject: [PATCH 070/191] Fix excess newline Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index aaa6e39db..c1211f0c9 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,4 +1,3 @@ Features * Support Armv8 Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. - From 308cb232bf30316105e3419930e385649eeba384 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 10 Oct 2023 17:56:12 +0800 Subject: [PATCH 071/191] aesni: support cpuid on WIN32 `__cpuid` has two kinds of signatures in different headers depending on the target OS. We make it consistent between the usages ang the included header. Signed-off-by: Pengyu Lv --- library/aesni.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aesni.c b/library/aesni.c index 5f25a8249..7eb11aff5 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -53,7 +53,7 @@ int mbedtls_aesni_has_support(unsigned int what) if (!done) { #if MBEDTLS_AESNI_HAVE_CODE == 2 static unsigned info[4] = { 0, 0, 0, 0 }; -#if defined(_MSC_VER) +#if defined(_WIN32) __cpuid(info, 1); #else __cpuid(1, info[0], info[1], info[2], info[3]); From e8c4bf180b9ab6631d80e138bcf57fd8f3019a6a Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 10 Oct 2023 18:12:43 +0800 Subject: [PATCH 072/191] aesni: declare cpuinfo as int Change the type of array that stores the cpuinfo data to int[4] to match the signature of `__cpuinfo` in `intrin.h` header file. Signed-off-by: Pengyu Lv --- library/aesni.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aesni.c b/library/aesni.c index 7eb11aff5..322a25533 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -52,7 +52,7 @@ int mbedtls_aesni_has_support(unsigned int what) if (!done) { #if MBEDTLS_AESNI_HAVE_CODE == 2 - static unsigned info[4] = { 0, 0, 0, 0 }; + static int info[4] = { 0, 0, 0, 0 }; #if defined(_WIN32) __cpuid(info, 1); #else From 94a634db96d692a470e3c7d0098fca7ab6b8680d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 12:59:29 +0100 Subject: [PATCH 073/191] Rename A64 config options Signed-off-by: Dave Rodgman --- include/mbedtls/config_adjust_legacy_crypto.h | 15 ++++ include/mbedtls/mbedtls_config.h | 86 ++++++++++++++----- library/sha256.c | 72 ++++++++-------- library/sha512.c | 70 +++++++-------- tests/scripts/all.sh | 53 +++++++----- 5 files changed, 181 insertions(+), 115 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 65bea1a6e..78a5bb1d8 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -184,4 +184,19 @@ #define MBEDTLS_PK_HAVE_ECC_KEYS #endif /* MBEDTLS_PK_USE_PSA_EC_DATA || MBEDTLS_ECP_C */ +/* Backwards compatibility for some macros which were renamed to reflect that + * they are related to Armv8, not aarch64. */ +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +#endif +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +#endif +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +#endif +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +#endif + #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index a104114b4..f9ad2b6f9 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3270,13 +3270,13 @@ #define MBEDTLS_SHA256_C /** - * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building * for a non-Armv8 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, @@ -3285,27 +3285,38 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 * - * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. + * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA256_C. * * Module: library/sha256.c * - * Uncomment to have the library check for the A64 SHA-256 crypto extensions + * Uncomment to have the library check for the Armv8 SHA-256 crypto extensions * and use them if available. */ +//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + +/* + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. @@ -3313,17 +3324,28 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 * - * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. + * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA256_C. * * Module: library/sha256.c * - * Uncomment to have the library use the A64 SHA-256 crypto extensions + * Uncomment to have the library use the Armv8 SHA-256 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY +//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + +/* + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ +//#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT /** * \def MBEDTLS_SHA384_C @@ -3368,13 +3390,13 @@ #define MBEDTLS_SHA3_C /** - * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 7.0, @@ -3383,27 +3405,38 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. + * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library check for the A64 SHA-512 crypto extensions + * Uncomment to have the library check for the Armv8 SHA-512 crypto extensions * and use them if available. */ +//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + +/* + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY + * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 7.0, * armclang 6.9 or GCC 8.0. @@ -3411,16 +3444,27 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. + * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library use the A64 SHA-512 crypto extensions + * Uncomment to have the library use the Armv8 SHA-512 crypto extensions * unconditionally. */ +//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY + +/* + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY /** diff --git a/library/sha256.c b/library/sha256.c index 18be8a4b9..96aa25e59 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -72,34 +72,34 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8) -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) # ifdef __ARM_NEON # include # else -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) # warning "Target does not support NEON instructions" -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT # else # error "Target does not support NEON instructions" # endif # endif # endif -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) /* *INDENT-OFF* */ # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 -# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("sha2"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__clang__) # if __clang_major__ < 4 -# error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA @@ -108,20 +108,20 @@ * intrinsics are missing. Missing intrinsics could be worked around. */ # if __GNUC__ < 6 -# error "A more recent GCC is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8-a+crypto") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -132,19 +132,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA2) static int mbedtls_a64_crypto_sha256_determine_support(void) @@ -174,7 +174,7 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) static jmp_buf return_from_sigill; /* - * A64 SHA256 support detection via SIGILL + * Armv8 SHA256 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -215,11 +215,11 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) return ret; } #else -#warning "No mechanism to detect A64_CRYPTO found, using C code only" -#undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA2, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA256_ALT) @@ -321,10 +321,10 @@ static const uint32_t K[] = #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) # define mbedtls_internal_sha256_process_many_a64_crypto mbedtls_internal_sha256_process_many # define mbedtls_internal_sha256_process_a64_crypto mbedtls_internal_sha256_process #endif @@ -424,9 +424,9 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() */ static @@ -439,7 +439,7 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, SHA256_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -450,14 +450,14 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, #undef MBEDTLS_POP_TARGET_PRAGMA #endif -#if !defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha256_process_many_c mbedtls_internal_sha256_process_many #define mbedtls_internal_sha256_process_c mbedtls_internal_sha256_process #endif #if !defined(MBEDTLS_SHA256_PROCESS_ALT) && \ - !defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) + !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #define SHR(x, n) (((x) & 0xFFFFFFFF) >> (n)) #define ROTR(x, n) (SHR(x, n) | ((x) << (32 - (n)))) @@ -485,9 +485,9 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, (d) += local.temp1; (h) = local.temp1 + local.temp2; \ } while (0) -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() */ static @@ -577,10 +577,10 @@ int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) static size_t mbedtls_internal_sha256_process_many_c( mbedtls_sha256_context *ctx, const uint8_t *data, size_t len) @@ -601,10 +601,10 @@ static size_t mbedtls_internal_sha256_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha256_has_support(void) { @@ -639,7 +639,7 @@ int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, } } -#endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ /* diff --git a/library/sha512.c b/library/sha512.c index e739af254..14c9343e3 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -57,8 +57,8 @@ #include "mbedtls/platform.h" #if defined(__aarch64__) -# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) /* *INDENT-OFF* */ # ifdef __ARM_NEON # include @@ -83,35 +83,35 @@ /* Test Clang first, as it defines __GNUC__ */ # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION < 6090000 -# error "A more recent armclang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # elif __ARMCOMPILER_VERSION == 6090000 -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__clang__) # if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__GNUC__) # if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8.2-a+sha3") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -122,19 +122,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY -# undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA512) static int mbedtls_a64_crypto_sha512_determine_support(void) @@ -161,9 +161,9 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) * SHA-512 support. So we fall back to the C code only. */ #if defined(_MSC_VER) -#pragma message "No mechanism to detect A64_CRYPTO found, using C code only" +#pragma message "No mechanism to detect ARMV8_CRYPTO found, using C code only" #else -#warning "No mechanism to detect A64_CRYPTO found, using C code only" +#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" #endif #elif defined(__unix__) && defined(SIG_SETMASK) /* Detection with SIGILL, setjmp() and longjmp() */ @@ -173,7 +173,7 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) static jmp_buf return_from_sigill; /* - * A64 SHA512 support detection via SIGILL + * Armv8 SHA512 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -210,11 +210,11 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) return ret; } #else -#warning "No mechanism to detect A64_CRYPTO found, using C code only" -#undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT +#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA512, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA512_ALT) @@ -352,10 +352,10 @@ static const uint64_t K[80] = }; #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) # define mbedtls_internal_sha512_process_many_a64_crypto mbedtls_internal_sha512_process_many # define mbedtls_internal_sha512_process_a64_crypto mbedtls_internal_sha512_process #endif @@ -567,9 +567,9 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -582,7 +582,7 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, SHA512_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -594,17 +594,17 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #endif -#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha512_process_many_c mbedtls_internal_sha512_process_many #define mbedtls_internal_sha512_process_c mbedtls_internal_sha512_process #endif -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -701,10 +701,10 @@ int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) static size_t mbedtls_internal_sha512_process_many_c( mbedtls_sha512_context *ctx, const uint8_t *data, size_t len) @@ -725,10 +725,10 @@ static size_t mbedtls_internal_sha512_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha512_has_support(void) { @@ -763,7 +763,7 @@ int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, } } -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ /* * SHA-512 process buffer diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 32d1a1527..1892ef869 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2245,12 +2245,12 @@ component_build_module_alt () { # The SpecifiedECDomain parsing code accesses mbedtls_ecp_group fields # directly and assumes the implementation works with partial groups. scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED - # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_A64_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY + # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable # MBEDTLS_XXX_YYY_ALT which are for single functions. @@ -3464,10 +3464,10 @@ config_psa_crypto_hash_use_psa () { scripts/config.py unset MBEDTLS_SHA1_C scripts/config.py unset MBEDTLS_SHA224_C scripts/config.py unset MBEDTLS_SHA256_C # see external RNG below - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA3_C fi } @@ -4332,7 +4332,7 @@ component_build_aes_aesce_armcc () { scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4340,7 +4340,7 @@ component_build_aes_aesce_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM msg "AESCE, build with default configuration." @@ -4362,30 +4362,37 @@ support_build_sha_armce() { component_build_sha_armce () { # Test variations of SHA256 Armv8 crypto extensions - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, arm" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" + # test the deprecated form of the config option + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" + # test the deprecated form of the config option + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - } # For timebeing, no VIA Padlock platform available. @@ -4929,7 +4936,7 @@ component_build_armcc () { msg "build: ARM Compiler 5" scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4937,7 +4944,7 @@ component_build_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM From 5d4ef83e01645a40d07b945f8b70501f190ffd90 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 13:04:07 +0100 Subject: [PATCH 074/191] Fix hwcap detection on 32-bit Arm Signed-off-by: Dave Rodgman --- library/sha256.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/library/sha256.c b/library/sha256.c index 96aa25e59..fe343e7a4 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -126,6 +126,7 @@ # if defined(__linux__) /* Our preferred method of detection is getauxval() */ # include +# include # endif /* Use SIGILL on Unix, and fall back to it on Linux */ # include @@ -146,11 +147,16 @@ * Capability detection code comes early, so we can disable * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found */ -#if defined(HWCAP_SHA2) +#if defined(MBEDTLS_ARCH_IS_ARM64) && defined(HWCAP_SHA2) static int mbedtls_a64_crypto_sha256_determine_support(void) { return (getauxval(AT_HWCAP) & HWCAP_SHA2) ? 1 : 0; } +#elif defined(MBEDTLS_ARCH_IS_ARM32) && defined(HWCAP2_SHA2) +static int mbedtls_a64_crypto_sha256_determine_support(void) +{ + return (getauxval(AT_HWCAP2) & HWCAP2_SHA2) ? 1 : 0; +} #elif defined(__APPLE__) static int mbedtls_a64_crypto_sha256_determine_support(void) { From 6ab314f71d0fe0f4c39d78cdd57e0b65ea1a10b8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:00:17 +0100 Subject: [PATCH 075/191] More config option renaming Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 4 ++ include/mbedtls/check_config.h | 38 +++++++++---------- include/mbedtls/config_adjust_legacy_crypto.h | 8 ++-- include/mbedtls/mbedtls_config.h | 2 +- scripts/config.py | 4 ++ 5 files changed, 32 insertions(+), 24 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index c1211f0c9..13d4dda1a 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,3 +1,7 @@ Features * Support Armv8 Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. +New deprecations + * Rename the SHAxxx_USE_A64_CRYPTO_yyy config options to + SHAxxx_USE_ARMV8_CRYPTO_yyy. The old names may still be + used, but are deprecated. diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 158070783..24b3e03e2 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -829,44 +829,44 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*" +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C" +#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA512_C" #endif #if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT) -#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_*" +#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" #endif -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__) -#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) && !defined(__aarch64__) +#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY defined on non-Aarch64 system" #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA256_USE_A64_CRYPTO_*" +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA256_C) -#error "MBEDTLS_SHA256_USE_A64_CRYPTO_* defined without MBEDTLS_SHA256_C" +#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA256_C" #endif #if defined(MBEDTLS_SHA256_ALT) || defined(MBEDTLS_SHA256_PROCESS_ALT) -#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_A64_CRYPTO_*" +#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" #endif #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) -#error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Armv8 system" +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) +#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8 system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 78a5bb1d8..bd356da59 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -186,16 +186,16 @@ /* Backwards compatibility for some macros which were renamed to reflect that * they are related to Armv8, not aarch64. */ -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) #define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY #endif diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index f9ad2b6f9..0cbb0ee41 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3345,7 +3345,7 @@ * This name is now deprecated, but may still be used as an alternative form for * this option. */ -//#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +//#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY /** * \def MBEDTLS_SHA384_C diff --git a/scripts/config.py b/scripts/config.py index 1a71cb35f..619782b89 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -215,6 +215,8 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) @@ -280,6 +282,8 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_TIMING_C', # requires a clock 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): From c5861d5bf254bd991dd266cdab295216c36ca578 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:01:54 +0100 Subject: [PATCH 076/191] Code style Signed-off-by: Dave Rodgman --- include/mbedtls/config_adjust_legacy_crypto.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index bd356da59..9144c4963 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -186,13 +186,15 @@ /* Backwards compatibility for some macros which were renamed to reflect that * they are related to Armv8, not aarch64. */ -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \ + !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ + !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif #if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) From f097bef6ea9a8a83d08281c5435cf43946fe375d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:56:35 +0100 Subject: [PATCH 077/191] Refer to Armv8-A (not Armv8) in docs Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 2 +- include/mbedtls/check_config.h | 2 +- include/mbedtls/mbedtls_config.h | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index 13d4dda1a..bff70f500 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,5 +1,5 @@ Features - * Support Armv8 Crypto Extension acceleration for SHA-256 + * Support Armv8-A Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. New deprecations * Rename the SHAxxx_USE_A64_CRYPTO_yyy config options to diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 24b3e03e2..0dba0a872 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -866,7 +866,7 @@ #endif #if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) -#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8 system" +#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8-A system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 0cbb0ee41..595b8cd89 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3277,7 +3277,7 @@ * If not, the library will fall back to the C implementation. * * \note If MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building - * for a non-Armv8 build it will be silently ignored. + * for a non-Armv8-A build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. @@ -3296,7 +3296,7 @@ * * Module: library/sha256.c * - * Uncomment to have the library check for the Armv8 SHA-256 crypto extensions + * Uncomment to have the library check for the Armv8-A SHA-256 crypto extensions * and use them if available. */ //#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT @@ -3335,7 +3335,7 @@ * * Module: library/sha256.c * - * Uncomment to have the library use the Armv8 SHA-256 crypto extensions + * Uncomment to have the library use the Armv8-A SHA-256 crypto extensions * unconditionally. */ //#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY @@ -3416,7 +3416,7 @@ * * Module: library/sha512.c * - * Uncomment to have the library check for the Armv8 SHA-512 crypto extensions + * Uncomment to have the library check for the Armv8-A SHA-512 crypto extensions * and use them if available. */ //#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT @@ -3455,7 +3455,7 @@ * * Module: library/sha512.c * - * Uncomment to have the library use the Armv8 SHA-512 crypto extensions + * Uncomment to have the library use the Armv8-A SHA-512 crypto extensions * unconditionally. */ //#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY From fe9fda81aabf178eb241670d1aced3810e7be7b2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:51:06 +0100 Subject: [PATCH 078/191] Rename MBEDTLS_ARCH_IS_ARMV8 to MBEDTLS_ARCH_IS_ARMV8_A Signed-off-by: Dave Rodgman --- include/mbedtls/build_info.h | 19 ++++++++++++------- include/mbedtls/check_config.h | 2 +- library/sha256.c | 10 +++++----- 3 files changed, 18 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 9b9f5f2ac..b09c5dd09 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -74,14 +74,19 @@ #define MBEDTLS_ARCH_IS_X86 #endif -/* This is defined if the architecture is Armv8, or higher */ -#if !defined(MBEDTLS_ARCH_IS_ARMV8) -#if defined(__ARM_ARCH) -#if __ARM_ARCH >= 8 -#define MBEDTLS_ARCH_IS_ARMV8 +/* This is defined if the architecture is Armv8-A, or higher */ +#if !defined(MBEDTLS_ARCH_IS_ARMV8_A) +#if defined(__ARM_ARCH) && defined(__ARM_ARCH_PROFILE) +#if (__ARM_ARCH >= 8) && (__ARM_ARCH_PROFILE == 'A') +/* GCC, clang, armclang and IAR */ +#define MBEDTLS_ARCH_IS_ARMV8_A #endif -#elif defined(MBEDTLS_ARCH_IS_ARM64) -#define MBEDTLS_ARCH_IS_ARMV8 +#elif defined(__ARM_ARCH_8A) +/* Alternative defined by clang */ +#define MBEDTLS_ARCH_IS_ARMV8_A +#elif defined(_M_ARM64) || defined(_M_ARM64EC) +/* MSVC ARM64 is at least Armv8.0-A */ +#define MBEDTLS_ARCH_IS_ARMV8_A #endif #endif diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 0dba0a872..eac226618 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -865,7 +865,7 @@ #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A) #error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8-A system" #endif diff --git a/library/sha256.c b/library/sha256.c index fe343e7a4..763c71076 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -24,15 +24,15 @@ #if defined(__clang__) && (__clang_major__ >= 4) -/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8 in the following #if, +/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8_A in the following #if, * but that is defined by build_info.h, and we need this block to happen first. */ -#if defined(__ARM_ARCH) +#if defined(__ARM_ARCH) && (__ARM_ARCH_PROFILE == 'A') #if __ARM_ARCH >= 8 -#define MBEDTLS_SHA256_ARCH_IS_ARMV8 +#define MBEDTLS_SHA256_ARCH_IS_ARMV8_A #endif #endif -#if defined(MBEDTLS_SHA256_ARCH_IS_ARMV8) && !defined(__ARM_FEATURE_CRYPTO) +#if defined(MBEDTLS_SHA256_ARCH_IS_ARMV8_A) && !defined(__ARM_FEATURE_CRYPTO) /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: @@ -70,7 +70,7 @@ #include "mbedtls/platform.h" -#if defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(MBEDTLS_ARCH_IS_ARMV8_A) # if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) From 5b89c55bb853aab5936e5845d61eb58e91a324f2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:59:02 +0100 Subject: [PATCH 079/191] Rename MBEDTLS_SHAxxx_USE_ARMV8_yyy to MBEDTLS_SHAxxx_USE_ARMV8_A_yyy Signed-off-by: Dave Rodgman --- include/mbedtls/check_config.h | 38 +++++------ include/mbedtls/config_adjust_legacy_crypto.h | 16 ++--- include/mbedtls/mbedtls_config.h | 48 +++++++------- library/sha256.c | 64 +++++++++---------- library/sha512.c | 58 ++++++++--------- scripts/config.py | 8 +-- tests/scripts/all.sh | 48 +++++++------- 7 files changed, 140 insertions(+), 140 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index eac226618..b346f1f6e 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -829,44 +829,44 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA512_C" +#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA512_C" #endif #if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT) -#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" #endif -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) && !defined(__aarch64__) -#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) && !defined(__aarch64__) +#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY defined on non-Aarch64 system" #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA256_C) -#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA256_C" +#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA256_C" #endif #if defined(MBEDTLS_SHA256_ALT) || defined(MBEDTLS_SHA256_PROCESS_ALT) -#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" #endif #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A) -#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8-A system" +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A) +#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY defined on non-Armv8-A system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 9144c4963..c8791fc63 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -187,18 +187,18 @@ /* Backwards compatibility for some macros which were renamed to reflect that * they are related to Armv8, not aarch64. */ #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \ - !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) -#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) -#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) +#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY #endif #if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ - !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) -#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY #endif #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 595b8cd89..49ae7218e 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3270,13 +3270,13 @@ #define MBEDTLS_SHA256_C /** - * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building * for a non-Armv8-A build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, @@ -3289,8 +3289,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. + * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA256_C. * @@ -3299,24 +3299,24 @@ * Uncomment to have the library check for the Armv8-A SHA-256 crypto extensions * and use them if available. */ -//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT /* - * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. * This name is now deprecated, but may still be used as an alternative form for * this option. */ //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + * MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. @@ -3328,8 +3328,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. + * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA256_C. * @@ -3338,10 +3338,10 @@ * Uncomment to have the library use the Armv8-A SHA-256 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY /* - * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. * This name is now deprecated, but may still be used as an alternative form for * this option. */ @@ -3390,13 +3390,13 @@ #define MBEDTLS_SHA3_C /** - * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 7.0, @@ -3409,8 +3409,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. + * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA512_C. * @@ -3419,24 +3419,24 @@ * Uncomment to have the library check for the Armv8-A SHA-512 crypto extensions * and use them if available. */ -//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT /* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. * This name is now deprecated, but may still be used as an alternative form for * this option. */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY + * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 7.0, * armclang 6.9 or GCC 8.0. @@ -3448,8 +3448,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. + * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA512_C. * @@ -3458,10 +3458,10 @@ * Uncomment to have the library use the Armv8-A SHA-512 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY /* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. * This name is now deprecated, but may still be used as an alternative form for * this option. */ diff --git a/library/sha256.c b/library/sha256.c index 763c71076..726f5fb56 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -72,34 +72,34 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8_A) -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) # ifdef __ARM_NEON # include # else -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) # warning "Target does not support NEON instructions" -# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT # else # error "Target does not support NEON instructions" # endif # endif # endif -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) /* *INDENT-OFF* */ # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 -# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("sha2"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__clang__) # if __clang_major__ < 4 -# error "A more recent Clang is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA @@ -108,20 +108,20 @@ * intrinsics are missing. Missing intrinsics could be worked around. */ # if __GNUC__ < 6 -# error "A more recent GCC is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8-a+crypto") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -133,19 +133,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY -# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY +# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(MBEDTLS_ARCH_IS_ARM64) && defined(HWCAP_SHA2) static int mbedtls_a64_crypto_sha256_determine_support(void) @@ -222,10 +222,10 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) } #else #warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" -#undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +#undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA2, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA256_ALT) @@ -327,10 +327,10 @@ static const uint32_t K[] = #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) # define mbedtls_internal_sha256_process_many_a64_crypto mbedtls_internal_sha256_process_many # define mbedtls_internal_sha256_process_a64_crypto mbedtls_internal_sha256_process #endif @@ -430,7 +430,7 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() @@ -445,7 +445,7 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, SHA256_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -456,14 +456,14 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, #undef MBEDTLS_POP_TARGET_PRAGMA #endif -#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha256_process_many_c mbedtls_internal_sha256_process_many #define mbedtls_internal_sha256_process_c mbedtls_internal_sha256_process #endif #if !defined(MBEDTLS_SHA256_PROCESS_ALT) && \ - !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) + !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) #define SHR(x, n) (((x) & 0xFFFFFFFF) >> (n)) #define ROTR(x, n) (SHR(x, n) | ((x) << (32 - (n)))) @@ -491,7 +491,7 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, (d) += local.temp1; (h) = local.temp1 + local.temp2; \ } while (0) -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() @@ -583,10 +583,10 @@ int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) static size_t mbedtls_internal_sha256_process_many_c( mbedtls_sha256_context *ctx, const uint8_t *data, size_t len) @@ -607,10 +607,10 @@ static size_t mbedtls_internal_sha256_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha256_has_support(void) { @@ -645,7 +645,7 @@ int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, } } -#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT */ /* diff --git a/library/sha512.c b/library/sha512.c index 14c9343e3..ab13e841e 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -57,8 +57,8 @@ #include "mbedtls/platform.h" #if defined(__aarch64__) -# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) /* *INDENT-OFF* */ # ifdef __ARM_NEON # include @@ -83,35 +83,35 @@ /* Test Clang first, as it defines __GNUC__ */ # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION < 6090000 -# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # elif __ARMCOMPILER_VERSION == 6090000 -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__clang__) # if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__GNUC__) # if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8.2-a+sha3") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -122,19 +122,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY -# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY +# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA512) static int mbedtls_a64_crypto_sha512_determine_support(void) @@ -211,10 +211,10 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) } #else #warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" -#undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +#undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA512, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA512_ALT) @@ -352,10 +352,10 @@ static const uint64_t K[80] = }; #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) # define mbedtls_internal_sha512_process_many_a64_crypto mbedtls_internal_sha512_process_many # define mbedtls_internal_sha512_process_a64_crypto mbedtls_internal_sha512_process #endif @@ -567,7 +567,7 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() @@ -582,7 +582,7 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, SHA512_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -594,15 +594,15 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #endif -#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha512_process_many_c mbedtls_internal_sha512_process_many #define mbedtls_internal_sha512_process_c mbedtls_internal_sha512_process #endif -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() @@ -701,10 +701,10 @@ int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) static size_t mbedtls_internal_sha512_process_many_c( mbedtls_sha512_context *ctx, const uint8_t *data, size_t len) @@ -725,10 +725,10 @@ static size_t mbedtls_internal_sha512_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha512_has_support(void) { @@ -763,7 +763,7 @@ int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, } } -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ /* * SHA-512 process buffer diff --git a/scripts/config.py b/scripts/config.py index 619782b89..6e32e3db2 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -215,8 +215,8 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) @@ -282,8 +282,8 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_TIMING_C', # requires a clock 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1892ef869..5be96a586 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2245,12 +2245,12 @@ component_build_module_alt () { # The SpecifiedECDomain parsing code accesses mbedtls_ecp_group fields # directly and assumes the implementation works with partial groups. scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED - # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY - # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY + # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY + # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable # MBEDTLS_XXX_YYY_ALT which are for single functions. @@ -3464,10 +3464,10 @@ config_psa_crypto_hash_use_psa () { scripts/config.py unset MBEDTLS_SHA1_C scripts/config.py unset MBEDTLS_SHA224_C scripts/config.py unset MBEDTLS_SHA256_C # see external RNG below - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA3_C fi } @@ -4332,7 +4332,7 @@ component_build_aes_aesce_armcc () { scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4340,7 +4340,7 @@ component_build_aes_aesce_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM msg "AESCE, build with default configuration." @@ -4362,36 +4362,36 @@ support_build_sha_armce() { component_build_sha_armce () { # Test variations of SHA256 Armv8 crypto extensions - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, arm" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, thumb" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, arm" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, thumb" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" } @@ -4936,7 +4936,7 @@ component_build_armcc () { msg "build: ARM Compiler 5" scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4944,7 +4944,7 @@ component_build_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM From 0ecb635ca5a41fee0af01f5cd5aeb85622a0a1f3 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 11 Oct 2023 10:36:55 +0800 Subject: [PATCH 080/191] aesni: select `__cpuid` impl based on compiler type MinGW provides both kinds of implementations of `__cpuid`, but since `cpuid.h` is provided by GNUC, so we should choose the implementation by the compiler type instead of OS type. Signed-off-by: Pengyu Lv --- library/aesni.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/library/aesni.c b/library/aesni.c index 322a25533..b90e7f9a3 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -33,10 +33,12 @@ #if defined(MBEDTLS_AESNI_HAVE_CODE) #if MBEDTLS_AESNI_HAVE_CODE == 2 -#if !defined(_WIN32) +#if defined(__GNUC__) #include -#else +#elif defined(_MSC_VER) #include +#else +#error "`__cpuid` required by MBEDTLS_AESNI_C is not supported by the compiler" #endif #include #endif @@ -53,7 +55,7 @@ int mbedtls_aesni_has_support(unsigned int what) if (!done) { #if MBEDTLS_AESNI_HAVE_CODE == 2 static int info[4] = { 0, 0, 0, 0 }; -#if defined(_WIN32) +#if defined(_MSC_VER) __cpuid(info, 1); #else __cpuid(1, info[0], info[1], info[2], info[3]); From 64cca2f3eadfbf9665f50d82348bc254f35932fe Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 10 Oct 2023 18:22:24 +0800 Subject: [PATCH 081/191] all.sh: Re-enable MBEDTLS_AESNI_C in some components Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7e6c95c62..ca8404049 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4626,8 +4626,7 @@ component_test_m32_o0 () { # build) and not the i386-specific inline assembly. msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s scripts/config.py full - scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O0 (ASan build)" make test @@ -4644,8 +4643,7 @@ component_test_m32_o2 () { # and go faster for tests. msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s scripts/config.py full - scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O2 (ASan build)" make test @@ -4660,8 +4658,7 @@ support_test_m32_o2 () { component_test_m32_everest () { msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED - scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s make test @@ -5114,16 +5111,15 @@ component_test_tls13_only_record_size_limit () { component_build_mingw () { msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s - scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 lib programs # note Make tests only builds the tests, but doesn't run them - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -maes -msse2 -mpclmul' WINDOWS_BUILD=1 tests make WINDOWS_BUILD=1 clean msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 SHARED=1 lib programs + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 SHARED=1 tests make WINDOWS_BUILD=1 clean } support_build_mingw() { From be7915aa6ceddaaf81652c0072ea5fd2b2466932 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 10:46:38 +0100 Subject: [PATCH 082/191] Revert renaming of SHA512 options Signed-off-by: Dave Rodgman --- include/mbedtls/check_config.h | 20 +++--- include/mbedtls/config_adjust_legacy_crypto.h | 7 -- include/mbedtls/mbedtls_config.h | 42 +++-------- library/sha512.c | 70 +++++++++---------- scripts/config.py | 8 +-- tests/scripts/all.sh | 12 ++-- 6 files changed, 64 insertions(+), 95 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index b346f1f6e..3df6ede44 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -829,24 +829,24 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA512_C" +#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C" #endif #if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT) -#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_*" #endif -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) && !defined(__aarch64__) -#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__) +#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" #endif #if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index c8791fc63..9bb1f88f4 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -193,12 +193,5 @@ #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) #define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ - !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) -#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT -#endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY -#endif #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 49ae7218e..b5c0d5879 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3390,13 +3390,13 @@ #define MBEDTLS_SHA3_C /** - * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 7.0, @@ -3405,38 +3405,27 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. - * That name is deprecated, but may still be used as an alternative form for this - * option. - * - * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. + * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library check for the Armv8-A SHA-512 crypto extensions + * Uncomment to have the library check for the A64 SHA-512 crypto extensions * and use them if available. */ -//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT - -/* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. - * This name is now deprecated, but may still be used as an alternative form for - * this option. - */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY + * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 7.0, * armclang 6.9 or GCC 8.0. @@ -3444,27 +3433,16 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. - * That name is deprecated, but may still be used as an alternative form for this - * option. - * - * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. + * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library use the Armv8-A SHA-512 crypto extensions + * Uncomment to have the library use the A64 SHA-512 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY - -/* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. - * This name is now deprecated, but may still be used as an alternative form for - * this option. - */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY /** diff --git a/library/sha512.c b/library/sha512.c index ab13e841e..e739af254 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -57,8 +57,8 @@ #include "mbedtls/platform.h" #if defined(__aarch64__) -# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ # ifdef __ARM_NEON # include @@ -83,35 +83,35 @@ /* Test Clang first, as it defines __GNUC__ */ # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION < 6090000 -# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "A more recent armclang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # elif __ARMCOMPILER_VERSION == 6090000 -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__clang__) # if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__GNUC__) # if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8.2-a+sha3") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -122,19 +122,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY -# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY +# undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA512) static int mbedtls_a64_crypto_sha512_determine_support(void) @@ -161,9 +161,9 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) * SHA-512 support. So we fall back to the C code only. */ #if defined(_MSC_VER) -#pragma message "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#pragma message "No mechanism to detect A64_CRYPTO found, using C code only" #else -#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#warning "No mechanism to detect A64_CRYPTO found, using C code only" #endif #elif defined(__unix__) && defined(SIG_SETMASK) /* Detection with SIGILL, setjmp() and longjmp() */ @@ -173,7 +173,7 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) static jmp_buf return_from_sigill; /* - * Armv8 SHA512 support detection via SIGILL + * A64 SHA512 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -210,11 +210,11 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) return ret; } #else -#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" -#undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT +#warning "No mechanism to detect A64_CRYPTO found, using C code only" +#undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA512, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA512_ALT) @@ -352,10 +352,10 @@ static const uint64_t K[80] = }; #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) # define mbedtls_internal_sha512_process_many_a64_crypto mbedtls_internal_sha512_process_many # define mbedtls_internal_sha512_process_a64_crypto mbedtls_internal_sha512_process #endif @@ -567,9 +567,9 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and Armv8 + * This function is for internal use only if we are building both C and A64 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -582,7 +582,7 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, SHA512_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -594,17 +594,17 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #endif -#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha512_process_many_c mbedtls_internal_sha512_process_many #define mbedtls_internal_sha512_process_c mbedtls_internal_sha512_process #endif -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and Armv8 + * This function is for internal use only if we are building both C and A64 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -701,10 +701,10 @@ int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) static size_t mbedtls_internal_sha512_process_many_c( mbedtls_sha512_context *ctx, const uint8_t *data, size_t len) @@ -725,10 +725,10 @@ static size_t mbedtls_internal_sha512_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha512_has_support(void) { @@ -763,7 +763,7 @@ int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, } } -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ /* * SHA-512 process buffer diff --git a/scripts/config.py b/scripts/config.py index 6e32e3db2..eeda6e18d 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -214,9 +214,8 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_PSA_INJECT_ENTROPY', # conflicts with platform entropy sources 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) @@ -280,10 +279,9 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_THREADING_C', # requires a threading interface 'MBEDTLS_THREADING_PTHREAD', # requires pthread 'MBEDTLS_TIMING_C', # requires a clock - 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_A64_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5be96a586..49492651d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2248,9 +2248,9 @@ component_build_module_alt () { # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY + # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable # MBEDTLS_XXX_YYY_ALT which are for single functions. @@ -3467,7 +3467,7 @@ config_psa_crypto_hash_use_psa () { scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA3_C fi } @@ -4332,7 +4332,7 @@ component_build_aes_aesce_armcc () { scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4936,7 +4936,7 @@ component_build_armcc () { msg "build: ARM Compiler 5" scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, From d680d4fbf909f78ff6a163a3206d8dd2ef1c83d7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 11:05:22 +0100 Subject: [PATCH 083/191] SHA256 renaming - fix some missed things Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 4 ++-- tests/scripts/depends.py | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index bff70f500..46b2ca2a2 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -2,6 +2,6 @@ Features * Support Armv8-A Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. New deprecations - * Rename the SHAxxx_USE_A64_CRYPTO_yyy config options to - SHAxxx_USE_ARMV8_CRYPTO_yyy. The old names may still be + * Rename the SHA256_USE_A64_CRYPTO_xxx config options to + SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still be used, but are deprecated. diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index e92564151..96529de7d 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -262,16 +262,16 @@ REVERSE_DEPENDENCIES = { 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED'], 'MBEDTLS_SHA256_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED', 'MBEDTLS_ENTROPY_FORCE_SHA256', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', 'MBEDTLS_LMS_C', 'MBEDTLS_LMS_PRIVATE'], 'MBEDTLS_SHA512_C': ['MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY'], 'MBEDTLS_SHA224_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED', 'MBEDTLS_ENTROPY_FORCE_SHA256', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY'], + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY'], 'MBEDTLS_X509_RSASSA_PSS_SUPPORT': [] } From 830dc3dc71667a85fc09ae56c3c876998eaef53f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 11:20:16 +0100 Subject: [PATCH 084/191] Improve Changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index 46b2ca2a2..0f9754460 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -2,6 +2,6 @@ Features * Support Armv8-A Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. New deprecations - * Rename the SHA256_USE_A64_CRYPTO_xxx config options to - SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still be - used, but are deprecated. + * Rename the MBEDTLS_SHA256_USE_A64_CRYPTO_xxx config options to + MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still + be used, but are deprecated. From 3f02bb7a96baf3cd95f4bb85f5ea1f52e9e9d9b7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 2 Oct 2023 15:57:33 +0200 Subject: [PATCH 085/191] test: use full config in accelerated AEAD test Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7e6c95c62..fb4f99f30 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3571,13 +3571,14 @@ component_test_psa_crypto_config_accel_cipher () { component_test_psa_crypto_config_accel_aead () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD" - loc_accel_list="ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 KEY_TYPE_AES KEY_TYPE_CHACHA20 KEY_TYPE_ARIA KEY_TYPE_CAMELLIA" + loc_accel_list="ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 \ + KEY_TYPE_AES KEY_TYPE_CHACHA20 KEY_TYPE_ARIA KEY_TYPE_CAMELLIA" # Configure # --------- - # Start from default config (no TLS 1.3, no USE_PSA) - helper_libtestdriver1_adjust_config "default" + # Start from full config + helper_libtestdriver1_adjust_config "full" # Disable things that are being accelerated scripts/config.py unset MBEDTLS_GCM_C From e7bac17b5d0cef95ff160d051b88c9df246c0e5e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 2 Oct 2023 16:03:42 +0200 Subject: [PATCH 086/191] test: keep SSL_TICKET_C and SSL_CONTEXT_SERIALIZATION enabled Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 15 +++++++++++++-- tests/scripts/all.sh | 3 --- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index e18e9a5fc..815bfb69c 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -1040,7 +1040,12 @@ #endif #if defined(MBEDTLS_SSL_TICKET_C) && \ - !( defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) ) + !( defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) || \ + defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) || \ + defined(MBEDTLS_CHACHAPOLY_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) ) #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" #endif @@ -1141,7 +1146,13 @@ #error "MBEDTLS_SSL_RECORD_SIZE_LIMIT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && !( defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) ) +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && \ + !( defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) || \ + defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) || \ + defined(MBEDTLS_CHACHAPOLY_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) ) #error "MBEDTLS_SSL_CONTEXT_SERIALIZATION defined, but not all prerequisites" #endif diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fb4f99f30..ab684089a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3584,9 +3584,6 @@ component_test_psa_crypto_config_accel_aead () { scripts/config.py unset MBEDTLS_GCM_C scripts/config.py unset MBEDTLS_CCM_C scripts/config.py unset MBEDTLS_CHACHAPOLY_C - # Features that depend on AEAD - scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION - scripts/config.py unset MBEDTLS_SSL_TICKET_C # Build # ----- From d0411defa25f51f34b18ce83723dc22ed9d5ba41 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 3 Oct 2023 15:10:59 +0200 Subject: [PATCH 087/191] cipher: add internal symbols for AEAD capabilities Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 9c8701d38..9f8657599 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -33,7 +33,24 @@ #include #include "mbedtls/platform_util.h" -#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) +/* Support for GCM either through MbedTLS SW implementation or PSA */ +#if defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#define MBEDTLS_CIPHER_HAVE_GCM +#endif +/* Support for CCM either through MbedTLS SW implementation or PSA */ +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#define MBEDTLS_CIPHER_HAVE_CCM +#endif +/* Support for CHACHAPOLY either through MbedTLS SW implementation or PSA */ +#if defined(MBEDTLS_CHACHAPOLY_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) +#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY +#endif + +#if defined(MBEDTLS_CIPHER_HAVE_GCM) || defined(MBEDTLS_CIPHER_HAVE_CCM) || \ + defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) #define MBEDTLS_CIPHER_MODE_AEAD #endif From d4a10cebe4508685395fb23044f3887079af1bbf Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 3 Oct 2023 15:11:48 +0200 Subject: [PATCH 088/191] cipher/tls: use new symbols for guarding AEAD code Signed-off-by: Valerio Setti --- library/cipher_wrap.c | 54 ++++++++++++--- library/ssl_ciphersuites.c | 132 ++++++++++++++++++------------------- library/ssl_msg.c | 18 ++--- library/ssl_tls.c | 6 +- 4 files changed, 120 insertions(+), 90 deletions(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index bbf57ceee..5a789ced9 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -80,7 +80,8 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_CAMELLIA_C) MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, #endif -#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) +#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -104,7 +105,8 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_DES_C) MBEDTLS_CIPHER_BASE_INDEX_DES, #endif -#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) @@ -576,7 +578,10 @@ static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key, return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES, key, key_bitlen); } +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) static const mbedtls_cipher_base_t gcm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -598,12 +603,22 @@ static const mbedtls_cipher_base_t gcm_aes_info = { #if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif +#if defined(MBEDTLS_GCM_C) gcm_aes_setkey_wrap, gcm_aes_setkey_wrap, gcm_ctx_alloc, gcm_ctx_free, +#else + NULL, + NULL, + NULL, + NULL, +#endif /* MBEDTLS_GCM_C */ }; +#endif /* MBEDTLS_GCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_GCM) */ +#if defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) static const mbedtls_cipher_info_t aes_128_gcm_info = { "AES-128-GCM", 16, @@ -638,7 +653,7 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; #endif -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_GCM_C || PSA_WANT_ALG_GCM */ #if defined(MBEDTLS_CCM_C) static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, @@ -647,7 +662,10 @@ static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, key, key_bitlen); } +#endif /* MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) static const mbedtls_cipher_base_t ccm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -669,12 +687,22 @@ static const mbedtls_cipher_base_t ccm_aes_info = { #if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif +#if defined(MBEDTLS_CCM_C) ccm_aes_setkey_wrap, ccm_aes_setkey_wrap, ccm_ctx_alloc, ccm_ctx_free, +#else + NULL, + NULL, + NULL, + NULL, +#endif }; +#endif /* MBEDTLS_CCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_CCM) */ +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) static const mbedtls_cipher_info_t aes_128_ccm_info = { "AES-128-CCM", 16, @@ -709,7 +737,10 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif +#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM */ +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { "AES-128-CCM*-NO-TAG", 16, @@ -744,7 +775,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM_STAR_NO_TAG */ #endif /* MBEDTLS_AES_C */ @@ -2245,19 +2276,24 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { MBEDTLS_CIPHER_AES_256_XTS, &aes_256_xts_info }, #endif #endif -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) { MBEDTLS_CIPHER_AES_128_GCM, &aes_128_gcm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_GCM, &aes_192_gcm_info }, { MBEDTLS_CIPHER_AES_256_GCM, &aes_256_gcm_info }, #endif #endif -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) { MBEDTLS_CIPHER_AES_128_CCM, &aes_128_ccm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM, &aes_192_ccm_info }, { MBEDTLS_CIPHER_AES_256_CCM, &aes_256_ccm_info }, #endif +#endif +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) { MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, &aes_128_ccm_star_no_tag_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, &aes_192_ccm_star_no_tag_info }, @@ -2387,7 +2423,8 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_CAMELLIA_C) [MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA] = &camellia_info, #endif -#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) +#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES)) [MBEDTLS_CIPHER_BASE_INDEX_CCM_AES] = &ccm_aes_info, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -2411,7 +2448,8 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_DES_C) [MBEDTLS_CIPHER_BASE_INDEX_DES] = &des_info, #endif -#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES)) [MBEDTLS_CIPHER_BASE_INDEX_GCM_AES] = &gcm_aes_info, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 2368489df..b50df5c87 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -293,7 +293,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = { #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, @@ -308,8 +308,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, #endif /* MBEDTLS_MD_CAN_SHA256 */ -#endif /* MBEDTLS_GCM_C */ -#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_MD_CAN_SHA256) +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#if defined(MBEDTLS_CIPHER_HAVE_CCM) && defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256", MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ @@ -320,19 +320,19 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_CCM_C */ +#endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_MD_CAN_SHA256) +#if defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) && defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, "TLS1-3-CHACHA20-POLY1305-SHA256", MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ 0, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_MD_CAN_SHA256 */ +#endif /* MBEDTLS_CIPHER_HAVE_CHACHAPOLY && MBEDTLS_MD_CAN_SHA256 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ -#if defined(MBEDTLS_CHACHAPOLY_C) && \ +#if defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) && \ defined(MBEDTLS_MD_CAN_SHA256) && \ defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) @@ -391,7 +391,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#endif /* MBEDTLS_CHACHAPOLY_C && +#endif /* MBEDTLS_CIPHER_HAVE_CHACHAPOLY && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) @@ -415,12 +415,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -429,14 +429,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, @@ -453,7 +453,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -474,7 +474,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -489,7 +489,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -523,12 +523,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if (defined(MBEDTLS_GCM_C) || defined(PSA_WANT_ALG_GCM)) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -537,12 +537,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if (defined(MBEDTLS_GCM_C) || defined(PSA_WANT_ALG_GCM)) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -564,7 +564,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -579,7 +579,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -595,7 +595,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_MD_CAN_SHA384) && \ - defined(MBEDTLS_GCM_C) + defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -603,12 +603,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", @@ -636,7 +636,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -653,7 +653,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -682,7 +682,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -696,7 +696,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ @@ -704,7 +704,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_MD_CAN_SHA384) && \ - defined(MBEDTLS_GCM_C) + defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -712,12 +712,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", @@ -745,7 +745,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_MD_CAN_SHA1 */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -762,7 +762,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -792,7 +792,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, @@ -806,7 +806,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ @@ -832,12 +832,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -846,12 +846,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -873,7 +873,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -888,7 +888,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -922,12 +922,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -936,12 +936,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -963,7 +963,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -978,7 +978,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -993,7 +993,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1007,7 +1007,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1036,7 +1036,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 0, @@ -1053,7 +1053,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -1073,7 +1073,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1087,14 +1087,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1108,7 +1108,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1137,7 +1137,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, @@ -1154,7 +1154,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -1174,7 +1174,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1188,7 +1188,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ @@ -1249,7 +1249,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1263,7 +1263,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1311,7 +1311,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1325,19 +1325,19 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index c312d816e..ff8de9278 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -863,9 +863,7 @@ static void ssl_extract_add_data_from_record(unsigned char *add_data, *add_data_len = cur - add_data; } -#if defined(MBEDTLS_GCM_C) || \ - defined(MBEDTLS_CCM_C) || \ - defined(MBEDTLS_CHACHAPOLY_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_transform_aead_dynamic_iv_is_explicit( mbedtls_ssl_transform const *transform) @@ -910,7 +908,7 @@ static void ssl_build_record_nonce(unsigned char *dst_iv, dst_iv += dst_iv_len - dynamic_iv_len; mbedtls_xor(dst_iv, dst_iv, dynamic_iv, dynamic_iv_len); } -#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, mbedtls_ssl_transform *transform, @@ -1146,9 +1144,7 @@ hmac_failed_etm_disabled: } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ -#if defined(MBEDTLS_GCM_C) || \ - defined(MBEDTLS_CCM_C) || \ - defined(MBEDTLS_CHACHAPOLY_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { unsigned char iv[12]; unsigned char *dynamic_iv; @@ -1258,7 +1254,7 @@ hmac_failed_etm_disabled: auth_done++; } else -#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) if (ssl_mode == MBEDTLS_SSL_MODE_CBC || ssl_mode == MBEDTLS_SSL_MODE_CBC_ETM) { @@ -1559,9 +1555,7 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, * so there's no encryption to do here.*/ } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ -#if defined(MBEDTLS_GCM_C) || \ - defined(MBEDTLS_CCM_C) || \ - defined(MBEDTLS_CHACHAPOLY_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { unsigned char iv[12]; unsigned char *dynamic_iv; @@ -1677,7 +1671,7 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } } else -#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) if (ssl_mode == MBEDTLS_SSL_MODE_CBC || ssl_mode == MBEDTLS_SSL_MODE_CBC_ETM) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d3a7ddb42..540beb0f9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -8287,9 +8287,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; #endif -#if defined(MBEDTLS_GCM_C) || \ - defined(MBEDTLS_CCM_C) || \ - defined(MBEDTLS_CHACHAPOLY_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { size_t explicit_ivlen; @@ -8324,7 +8322,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, explicit_ivlen = transform->ivlen - transform->fixed_ivlen; transform->minlen = explicit_ivlen + transform->taglen; } else -#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) if (ssl_mode == MBEDTLS_SSL_MODE_STREAM || ssl_mode == MBEDTLS_SSL_MODE_CBC || From a797ce3ed2fd23779851f1dfb4bc1e067162d099 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 3 Oct 2023 15:16:38 +0200 Subject: [PATCH 089/191] test: use full config in test_psa_crypto_config_accel_cipher Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ab684089a..ab1007812 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3532,7 +3532,7 @@ component_test_psa_crypto_config_accel_cipher () { # --------- # Start from the default config (no TLS 1.3, no USE_PSA) - helper_libtestdriver1_adjust_config "default" + helper_libtestdriver1_adjust_config "full" # There is no intended accelerator support for ALG CMAC. Therefore, asking # for it in the build implies the inclusion of the Mbed TLS cipher From 6bd3d9b166ec086b8eefe834fec390194c2c4df7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 9 Oct 2023 09:29:25 +0200 Subject: [PATCH 090/191] cipher: fix missing spaces Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 9f8657599..5153e19dd 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -33,17 +33,17 @@ #include #include "mbedtls/platform_util.h" -/* Support for GCM either through MbedTLS SW implementation or PSA */ +/* Support for GCM either through Mbed TLS SW implementation or PSA */ #if defined(MBEDTLS_GCM_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) #define MBEDTLS_CIPHER_HAVE_GCM #endif -/* Support for CCM either through MbedTLS SW implementation or PSA */ +/* Support for CCM either through Mbed TLS SW implementation or PSA */ #if defined(MBEDTLS_CCM_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) #define MBEDTLS_CIPHER_HAVE_CCM #endif -/* Support for CHACHAPOLY either through MbedTLS SW implementation or PSA */ +/* Support for CHACHAPOLY either through Mbed TLS SW implementation or PSA */ #if defined(MBEDTLS_CHACHAPOLY_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) #define MBEDTLS_CIPHER_HAVE_CHACHAPOLY From 4d0e84628c28d931823d47d5e87f4911e00c8e63 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 6 Oct 2023 13:20:21 +0200 Subject: [PATCH 091/191] ssl: reorganize guards surrounding ssl_get_ecdh_params_from_cert() Signed-off-by: Valerio Setti --- library/ssl_tls12_server.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index b4719d6d1..4433e8b4a 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -2604,9 +2604,9 @@ static int ssl_write_certificate_request(mbedtls_ssl_context *ssl) } #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - (defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ +#if (defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)) +#if defined(MBEDTLS_USE_PSA_CRYPTO) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) { @@ -2716,8 +2716,7 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) return ret; } -#elif defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +#else /* MBEDTLS_USE_PSA_CRYPTO */ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) { @@ -2743,6 +2742,7 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) return 0; } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ From 02a634decd0f07c9d29985e81a670c7e8a16a89e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 6 Oct 2023 16:24:04 +0200 Subject: [PATCH 092/191] md: remove unnecessary inclusions of mbedtls/md.h Signed-off-by: Valerio Setti --- include/mbedtls/oid.h | 1 - include/mbedtls/ssl.h | 1 - include/mbedtls/ssl_ciphersuites.h | 1 - library/psa_crypto.c | 1 - library/rsa.c | 1 - library/x509write.c | 1 - library/x509write_crt.c | 1 - tests/include/test/psa_crypto_helpers.h | 3 --- tests/src/drivers/test_driver_signature.c | 1 - tests/suites/test_suite_entropy.function | 1 - tests/suites/test_suite_md.function | 1 - tests/suites/test_suite_pkcs1_v15.function | 1 - tests/suites/test_suite_psa_crypto_persistent_key.function | 2 -- 13 files changed, 16 deletions(-) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 954507229..8ab7f7f94 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -34,7 +34,6 @@ #include "mbedtls/cipher.h" #endif -#include "mbedtls/md.h" /** OID is not found. */ #define MBEDTLS_ERR_OID_NOT_FOUND -0x002E diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index debb1cc2c..b69e3150f 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -40,7 +40,6 @@ #include "mbedtls/dhm.h" #endif -#include "mbedtls/md.h" #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) #include "mbedtls/ecdh.h" diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 07f2facef..07791e541 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -27,7 +27,6 @@ #include "mbedtls/pk.h" #include "mbedtls/cipher.h" -#include "mbedtls/md.h" #ifdef __cplusplus extern "C" { diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1faf1dd6c..739b07708 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -73,7 +73,6 @@ #include "mbedtls/error.h" #include "mbedtls/gcm.h" #include "mbedtls/md5.h" -#include "mbedtls/md.h" #include "mbedtls/pk.h" #include "pk_wrap.h" #include "mbedtls/platform_util.h" diff --git a/library/rsa.c b/library/rsa.c index 3c538bf43..802bf5d24 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2431,7 +2431,6 @@ void mbedtls_rsa_free(mbedtls_rsa_context *ctx) #if defined(MBEDTLS_SELF_TEST) -#include "mbedtls/md.h" /* * Example RSA-1024 keypair, for test purposes diff --git a/library/x509write.c b/library/x509write.c index cd3c7394d..5628c29ef 100644 --- a/library/x509write.c +++ b/library/x509write.c @@ -25,7 +25,6 @@ #include "mbedtls/oid.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/md.h" #include #include diff --git a/library/x509write_crt.c b/library/x509write_crt.c index a8a3022cb..c0657a827 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -33,7 +33,6 @@ #include "mbedtls/oid.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/md.h" #include #include diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 9ba7dbcd9..959308af9 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -28,9 +28,6 @@ #include #endif -#if defined(MBEDTLS_MD_LIGHT) -#include "mbedtls/md.h" -#endif #if defined(MBEDTLS_PSA_CRYPTO_C) /** Initialize the PSA Crypto subsystem. */ diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index c312477c8..7d1f91fdf 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -33,7 +33,6 @@ #include "test/drivers/signature.h" #include "test/drivers/hash.h" -#include "mbedtls/md.h" #include "mbedtls/ecdsa.h" #include "test/random.h" diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 0e013b740..7c7e43f17 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -1,7 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/entropy.h" #include "entropy_poll.h" -#include "mbedtls/md.h" #include "string.h" typedef enum { diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 866ff588f..71dcb8765 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -1,5 +1,4 @@ /* BEGIN_HEADER */ -#include "mbedtls/md.h" #include "md_psa.h" #include "mbedtls/oid.h" diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 711327455..716ae4453 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -1,6 +1,5 @@ /* BEGIN_HEADER */ #include "mbedtls/rsa.h" -#include "mbedtls/md.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index a48114ff6..c4e4c7dc0 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -17,8 +17,6 @@ #include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" -#include "mbedtls/md.h" - #define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY" #define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH (sizeof(PSA_KEY_STORAGE_MAGIC_HEADER)) From 9be3cf077624e44eea551cb65866272fdbb76453 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 14:47:55 +0100 Subject: [PATCH 093/191] Fix a couple of typos related to renaming options Signed-off-by: Dave Rodgman --- scripts/config.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index eeda6e18d..3173be483 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -214,7 +214,7 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_PSA_INJECT_ENTROPY', # conflicts with platform entropy sources 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_A_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) @@ -279,7 +279,7 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_THREADING_C', # requires a threading interface 'MBEDTLS_THREADING_PTHREAD', # requires pthread 'MBEDTLS_TIMING_C', # requires a clock - 'MBEDTLS_SHA256_USE_A64_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) From c20d8992662d92604954bd5692efa636b8016b25 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 15:01:35 +0100 Subject: [PATCH 094/191] Adjust messages in all.sh Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 4c96f8688..ce06c11c8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4360,7 +4360,7 @@ component_build_sha_armce () { scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, thumb" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT @@ -4373,10 +4373,10 @@ component_build_sha_armce () { scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, arm" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, thumb" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" } From f4b415c369d1ae35655c8de36a4e6e4ff243eb0a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 16:11:42 +0100 Subject: [PATCH 095/191] Test instructions built/not built Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 67 ++++++++++++++++++++++++++++++++------------ 1 file changed, 49 insertions(+), 18 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ce06c11c8..253f6c0fa 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4346,38 +4346,69 @@ support_build_sha_armce() { } component_build_sha_armce () { - # Test variations of SHA256 Armv8 crypto extensions scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + + + # Test variations of SHA256 Armv8 crypto extensions scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, aarch64" - make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, arm" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, aarch64" - make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + # examine the disassembly for presence of SHA instructions + for opt in MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT; do + scripts/config.py set ${opt} + msg "${opt} clang, test A32 crypto instructions built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S" + grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "${opt} clang, test T32 crypto instructions built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S" + grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "${opt} clang, test aarch64 crypto instructions built" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S" + grep -E 'sha256[a-z0-9]+\s+[qv]' library/sha256.o + scripts/config.py unset ${opt} + done + + + # examine the disassembly for absence of SHA instructions + msg "clang, test A32 crypto instructions not built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S" + not grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "clang, test T32 crypto instructions not built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S" + not grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "clang, test aarch64 crypto instructions not built" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S" + not grep -E 'sha256[a-z0-9]+\s+[qv]' library/sha256.o } # For timebeing, no VIA Padlock platform available. From aaef0bc172d09c289d8f59c01187c4cbaf76af38 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 10 Oct 2023 09:42:13 +0200 Subject: [PATCH 096/191] analyze_outcomes: improve logging system - the script now only terminates in case of hard faults - each task is assigned a log - this log tracks messages, warning and errors - when task completes, errors and warnings are listed and messages are appended to the main log - on exit the main log is printed and the proper return value is returned Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 100 +++++++++++++++++++----------- 1 file changed, 63 insertions(+), 37 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index f7fc4e3ef..49445a473 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -15,25 +15,31 @@ import os import check_test_cases -class Results: +class TestLog: """Process analysis results.""" def __init__(self): self.error_count = 0 self.warning_count = 0 + self.output = "" - @staticmethod - def log(fmt, *args, **kwargs): - sys.stderr.write((fmt + '\n').format(*args, **kwargs)) + def add_line(self, fmt, *args, **kwargs): + self.output = self.output + (fmt + '\n').format(*args, **kwargs) + + def info(self, fmt, *args, **kwargs): + self.add_line(fmt, *args, **kwargs) def error(self, fmt, *args, **kwargs): - self.log('Error: ' + fmt, *args, **kwargs) + self.info('Error: ' + fmt, *args, **kwargs) self.error_count += 1 def warning(self, fmt, *args, **kwargs): - self.log('Warning: ' + fmt, *args, **kwargs) + self.info('Warning: ' + fmt, *args, **kwargs) self.warning_count += 1 + def print_output(self): + sys.stderr.write(self.output) + class TestCaseOutcomes: """The outcomes of one test case across many configurations.""" # pylint: disable=too-few-public-methods @@ -53,25 +59,27 @@ class TestCaseOutcomes: """ return len(self.successes) + len(self.failures) -def execute_reference_driver_tests(ref_component, driver_component, outcome_file): +def execute_reference_driver_tests(log: TestLog, ref_component, driver_component, \ + outcome_file) -> TestLog: """Run the tests specified in ref_component and driver_component. Results are stored in the output_file and they will be used for the following coverage analysis""" # If the outcome file already exists, we assume that the user wants to # perform the comparison analysis again without repeating the tests. if os.path.exists(outcome_file): - Results.log("Outcome file (" + outcome_file + ") already exists. " + \ - "Tests will be skipped.") - return + log.info("Outcome file (" + outcome_file + ") already exists. " + \ + "Tests will be skipped.") + return log shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \ " " + ref_component + " " + driver_component - Results.log("Running: " + shell_command) + log.info("Running: " + shell_command) ret_val = subprocess.run(shell_command.split(), check=False).returncode if ret_val != 0: - Results.log("Error: failed to run reference/driver components") - sys.exit(ret_val) + log.error("failed to run reference/driver components") + + return log def analyze_coverage(results, outcomes, allow_list, full_coverage): """Check that all available test cases are executed at least once.""" @@ -90,7 +98,8 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage): else: results.warning('Allow listed test case was executed: {}', key) -def analyze_driver_vs_reference(outcomes, component_ref, component_driver, +def analyze_driver_vs_reference(log: TestLog, outcomes, + component_ref, component_driver, ignored_suites, ignored_test=None): """Check that all tests executed in the reference component are also executed in the corresponding driver component. @@ -100,7 +109,6 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver, output string is provided """ available = check_test_cases.collect_available_test_cases() - result = True for key in available: # Continue if test was not executed by any component @@ -125,16 +133,15 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver, if component_ref in entry: reference_test_passed = True if(reference_test_passed and not driver_test_passed): - Results.log(key) - result = False - return result + log.error(key) -def analyze_outcomes(outcomes, args): + return log + +def analyze_outcomes(log: TestLog, outcomes, args) -> TestLog: """Run all analyses on the given outcome collection.""" - results = Results() - analyze_coverage(results, outcomes, args['allow_list'], + analyze_coverage(log, outcomes, args['allow_list'], args['full_coverage']) - return results + return log def read_outcome_file(outcome_file): """Parse an outcome file and return an outcome collection. @@ -159,24 +166,32 @@ by a semicolon. def do_analyze_coverage(outcome_file, args): """Perform coverage analysis.""" + log = TestLog() + log.info("\n*** Analyze coverage ***\n") outcomes = read_outcome_file(outcome_file) - Results.log("\n*** Analyze coverage ***\n") - results = analyze_outcomes(outcomes, args) - return results.error_count == 0 + log = analyze_outcomes(log, outcomes, args) + return log def do_analyze_driver_vs_reference(outcome_file, args): """Perform driver vs reference analyze.""" - execute_reference_driver_tests(args['component_ref'], \ - args['component_driver'], outcome_file) + log = TestLog() + + log = execute_reference_driver_tests(log, args['component_ref'], \ + args['component_driver'], outcome_file) + if log.error_count != 0: + return log ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] outcomes = read_outcome_file(outcome_file) - Results.log("\n*** Analyze driver {} vs reference {} ***\n".format( + + log.info("\n*** Analyze driver {} vs reference {} ***\n".format( args['component_driver'], args['component_ref'])) - return analyze_driver_vs_reference(outcomes, args['component_ref'], - args['component_driver'], ignored_suites, - args['ignored_tests']) + log = analyze_driver_vs_reference(log, outcomes, + args['component_ref'], args['component_driver'], + ignored_suites, args['ignored_tests']) + + return log # List of tasks with a function that can handle this task and additional arguments if required KNOWN_TASKS = { @@ -641,6 +656,8 @@ KNOWN_TASKS = { } def main(): + main_log = TestLog() + try: parser = argparse.ArgumentParser(description=__doc__) parser.add_argument('outcomes', metavar='OUTCOMES.CSV', @@ -661,16 +678,17 @@ def main(): if options.list: for task in KNOWN_TASKS: - Results.log(task) + main_log.info(task) + main_log.print_output() sys.exit(0) if options.specified_tasks == 'all': tasks_list = KNOWN_TASKS.keys() else: tasks_list = re.split(r'[, ]+', options.specified_tasks) - for task in tasks_list: if task not in KNOWN_TASKS: + main_log.error('invalid task: {}'.format(task)) KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage @@ -678,12 +696,20 @@ def main(): for task in KNOWN_TASKS: if task in tasks_list: - if not KNOWN_TASKS[task]['test_function'](options.outcomes, KNOWN_TASKS[task]['args']): + test_function = KNOWN_TASKS[task]['test_function'] + test_args = KNOWN_TASKS[task]['args'] + test_log = test_function(options.outcomes, test_args) + # Merge the output of this task with the main one + main_log.output = main_log.output + test_log.output + main_log.info("Task {} completed with:\n".format(task) + \ + "{} warnings\n".format(test_log.warning_count) + \ + "{} errors\n".format(test_log.error_count)) + if test_log.error_count != 0: all_succeeded = False - if all_succeeded is False: - sys.exit(1) - Results.log("SUCCESS :-)") + main_log.print_output() + sys.exit(0 if all_succeeded else 1) + except Exception: # pylint: disable=broad-except # Print the backtrace and exit explicitly with our chosen status. traceback.print_exc() From 4fd868e4b1786b07af1500d5edc264353a460169 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 09:09:42 +0100 Subject: [PATCH 097/191] Refer to Armv8-A (not Armv8) in comments Co-authored-by: Jerry Yu Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 726f5fb56..a6d0a7a46 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -180,7 +180,7 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) static jmp_buf return_from_sigill; /* - * Armv8 SHA256 support detection via SIGILL + * Armv8-A SHA256 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -432,7 +432,7 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( #if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and Armv8 + * This function is for internal use only if we are building both C and Armv8-A * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() */ static From e570704f1fa834a5fc408cd0efad31613655b164 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 11 Oct 2023 11:54:42 +0200 Subject: [PATCH 098/191] ssl: use MBEDTLS_SSL_HAVE_[CCM/GCM/CHACHAPOLY/AEAD] macros for ssl code Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 16 +-- include/mbedtls/config_adjust_legacy_crypto.h | 20 +++ library/ssl_ciphersuites.c | 128 +++++++++--------- library/ssl_msg.c | 16 +-- library/ssl_tls.c | 4 +- 5 files changed, 98 insertions(+), 86 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 815bfb69c..2e7128595 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -1040,12 +1040,8 @@ #endif #if defined(MBEDTLS_SSL_TICKET_C) && \ - !( defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) || \ - defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) || \ - defined(MBEDTLS_CHACHAPOLY_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) ) + !( defined(MBEDTLS_SSL_HAVE_GCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ + defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) ) #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" #endif @@ -1147,12 +1143,8 @@ #endif #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && \ - !( defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) || \ - defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) || \ - defined(MBEDTLS_CHACHAPOLY_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) ) + !( defined(MBEDTLS_SSL_HAVE_GCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ + defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) ) #error "MBEDTLS_SSL_CONTEXT_SERIALIZATION defined, but not all prerequisites" #endif diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 495cd5ab3..53c03b5d3 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -192,4 +192,24 @@ #define MBEDTLS_CIPHER_PADDING_PKCS7 #endif +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_GCM_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#define MBEDTLS_SSL_HAVE_GCM +#endif + +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CCM_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#define MBEDTLS_SSL_HAVE_CCM +#endif + +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CHACHAPOLY_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) +#define MBEDTLS_SSL_HAVE_CHACHAPOLY +#endif + +#if defined(MBEDTLS_SSL_HAVE_GCM) || defined(MBEDTLS_SSL_HAVE_CCM) || \ + defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) +#define MBEDTLS_SSL_HAVE_AEAD +#endif + #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index b50df5c87..95aa5816c 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -293,7 +293,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = { #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, @@ -308,8 +308,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, #endif /* MBEDTLS_MD_CAN_SHA256 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) && defined(MBEDTLS_MD_CAN_SHA256) +#endif /* MBEDTLS_SSL_HAVE_GCM */ +#if defined(MBEDTLS_SSL_HAVE_CCM) && defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256", MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ @@ -320,19 +320,19 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) && defined(MBEDTLS_MD_CAN_SHA256) +#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, "TLS1-3-CHACHA20-POLY1305-SHA256", MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ 0, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_CIPHER_HAVE_CHACHAPOLY && MBEDTLS_MD_CAN_SHA256 */ +#endif /* MBEDTLS_SSL_HAVE_CHACHAPOLY && MBEDTLS_MD_CAN_SHA256 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ -#if defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) && \ +#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && \ defined(MBEDTLS_MD_CAN_SHA256) && \ defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) @@ -391,7 +391,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#endif /* MBEDTLS_CIPHER_HAVE_CHACHAPOLY && +#endif /* MBEDTLS_SSL_HAVE_CHACHAPOLY && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) @@ -415,12 +415,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -429,14 +429,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, @@ -453,7 +453,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -474,7 +474,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -489,7 +489,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -528,7 +528,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -542,7 +542,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -564,7 +564,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -579,7 +579,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -595,7 +595,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_MD_CAN_SHA384) && \ - defined(MBEDTLS_CIPHER_HAVE_GCM) + defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -603,12 +603,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", @@ -636,7 +636,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -653,7 +653,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -682,7 +682,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -696,7 +696,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ @@ -704,7 +704,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_MD_CAN_SHA384) && \ - defined(MBEDTLS_CIPHER_HAVE_GCM) + defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -712,12 +712,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", @@ -745,7 +745,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_MD_CAN_SHA1 */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -762,7 +762,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -792,7 +792,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, @@ -806,7 +806,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ @@ -832,12 +832,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -846,12 +846,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -873,7 +873,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -888,7 +888,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -922,12 +922,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -936,12 +936,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -963,7 +963,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -978,7 +978,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -993,7 +993,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1007,7 +1007,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1036,7 +1036,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 0, @@ -1053,7 +1053,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -1073,7 +1073,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1087,14 +1087,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1108,7 +1108,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1137,7 +1137,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, @@ -1154,7 +1154,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -1174,7 +1174,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1188,7 +1188,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ @@ -1249,7 +1249,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1263,7 +1263,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1311,7 +1311,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1325,19 +1325,19 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index ff8de9278..12b8f9bf0 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -863,7 +863,7 @@ static void ssl_extract_add_data_from_record(unsigned char *add_data, *add_data_len = cur - add_data; } -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_SSL_HAVE_AEAD) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_transform_aead_dynamic_iv_is_explicit( mbedtls_ssl_transform const *transform) @@ -908,7 +908,7 @@ static void ssl_build_record_nonce(unsigned char *dst_iv, dst_iv += dst_iv_len - dynamic_iv_len; mbedtls_xor(dst_iv, dst_iv, dynamic_iv, dynamic_iv_len); } -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_SSL_HAVE_AEAD */ int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, mbedtls_ssl_transform *transform, @@ -1144,7 +1144,7 @@ hmac_failed_etm_disabled: } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_SSL_HAVE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { unsigned char iv[12]; unsigned char *dynamic_iv; @@ -1254,7 +1254,7 @@ hmac_failed_etm_disabled: auth_done++; } else -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_SSL_HAVE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) if (ssl_mode == MBEDTLS_SSL_MODE_CBC || ssl_mode == MBEDTLS_SSL_MODE_CBC_ETM) { @@ -1492,9 +1492,9 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, mbedtls_ssl_transform *transform, mbedtls_record *rec) { -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) || defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) || defined(MBEDTLS_SSL_HAVE_AEAD) size_t olen; -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC || MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC || MBEDTLS_SSL_HAVE_AEAD */ mbedtls_ssl_mode_t ssl_mode; int ret; @@ -1555,7 +1555,7 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, * so there's no encryption to do here.*/ } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_SSL_HAVE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { unsigned char iv[12]; unsigned char *dynamic_iv; @@ -1671,7 +1671,7 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } } else -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_SSL_HAVE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) if (ssl_mode == MBEDTLS_SSL_MODE_CBC || ssl_mode == MBEDTLS_SSL_MODE_CBC_ETM) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 540beb0f9..827b7fbcf 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -8287,7 +8287,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; #endif -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_SSL_HAVE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { size_t explicit_ivlen; @@ -8322,7 +8322,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, explicit_ivlen = transform->ivlen - transform->fixed_ivlen; transform->minlen = explicit_ivlen + transform->taglen; } else -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_SSL_HAVE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) if (ssl_mode == MBEDTLS_SSL_MODE_STREAM || ssl_mode == MBEDTLS_SSL_MODE_CBC || From db1ca8fc3344df9c5b065ea0247d2df7a65ee539 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 11 Oct 2023 12:46:16 +0200 Subject: [PATCH 099/191] cipher: keep MBEDTLS_CIPHER_HAVE symbols private This commit also improve the usage of these new symbols in cipher_wrap code Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 25 ++------------ library/cipher.c | 16 ++++----- library/cipher_wrap.c | 46 +++++++++---------------- library/cipher_wrap.h | 36 +++++++++++++++++++ tests/suites/test_suite_cipher.function | 2 +- 5 files changed, 64 insertions(+), 61 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 5153e19dd..bda768cfb 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -33,27 +33,6 @@ #include #include "mbedtls/platform_util.h" -/* Support for GCM either through Mbed TLS SW implementation or PSA */ -#if defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) -#define MBEDTLS_CIPHER_HAVE_GCM -#endif -/* Support for CCM either through Mbed TLS SW implementation or PSA */ -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) -#define MBEDTLS_CIPHER_HAVE_CCM -#endif -/* Support for CHACHAPOLY either through Mbed TLS SW implementation or PSA */ -#if defined(MBEDTLS_CHACHAPOLY_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) -#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY -#endif - -#if defined(MBEDTLS_CIPHER_HAVE_GCM) || defined(MBEDTLS_CIPHER_HAVE_CCM) || \ - defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) -#define MBEDTLS_CIPHER_MODE_AEAD -#endif - #if defined(MBEDTLS_CIPHER_MODE_CBC) #define MBEDTLS_CIPHER_MODE_WITH_PADDING #endif @@ -1097,7 +1076,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen); -#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) /** * \brief The authenticated encryption (AEAD/NIST_KW) function. * @@ -1204,7 +1183,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len); -#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD || MBEDTLS_NIST_KW_C */ #ifdef __cplusplus } #endif diff --git a/library/cipher.c b/library/cipher.c index 9f9f1075c..f17f3e0e1 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1390,7 +1390,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, return 0; } -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) /* * Packet-oriented encryption for AEAD modes: internal function used by * mbedtls_cipher_auth_encrypt_ext(). @@ -1569,9 +1569,9 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ -#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) /* * Packet-oriented encryption for AEAD/NIST_KW: public function. */ @@ -1607,7 +1607,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) /* AEAD case: check length before passing on to shared function */ if (output_len < ilen + tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1620,7 +1620,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, return ret; #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ } /* @@ -1658,7 +1658,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) /* AEAD case: check length before passing on to shared function */ if (ilen < tag_len || output_len < ilen - tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1669,8 +1669,8 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, input + ilen - tag_len, tag_len); #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ } -#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD || MBEDTLS_NIST_KW_C */ #endif /* MBEDTLS_CIPHER_C */ diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 5a789ced9..63b725fb7 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -80,8 +80,7 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_CAMELLIA_C) MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, #endif -#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES) MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -105,8 +104,7 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_DES_C) MBEDTLS_CIPHER_BASE_INDEX_DES, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES) MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) @@ -580,8 +578,7 @@ static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key, } #endif /* MBEDTLS_GCM_C */ -#if defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) static const mbedtls_cipher_base_t gcm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -615,10 +612,9 @@ static const mbedtls_cipher_base_t gcm_aes_info = { NULL, #endif /* MBEDTLS_GCM_C */ }; -#endif /* MBEDTLS_GCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_GCM) */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ -#if defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) static const mbedtls_cipher_info_t aes_128_gcm_info = { "AES-128-GCM", 16, @@ -653,7 +649,7 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; #endif -#endif /* MBEDTLS_GCM_C || PSA_WANT_ALG_GCM */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CCM_C) static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, @@ -664,8 +660,7 @@ static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, } #endif /* MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) static const mbedtls_cipher_base_t ccm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -699,10 +694,9 @@ static const mbedtls_cipher_base_t ccm_aes_info = { NULL, #endif }; -#endif /* MBEDTLS_CCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_CCM) */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) static const mbedtls_cipher_info_t aes_128_ccm_info = { "AES-128-CCM", 16, @@ -737,10 +731,9 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { "AES-128-CCM*-NO-TAG", 16, @@ -775,7 +768,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM_STAR_NO_TAG */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG */ #endif /* MBEDTLS_AES_C */ @@ -2276,24 +2269,21 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { MBEDTLS_CIPHER_AES_256_XTS, &aes_256_xts_info }, #endif #endif -#if defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_CIPHER_AES_128_GCM, &aes_128_gcm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_GCM, &aes_192_gcm_info }, { MBEDTLS_CIPHER_AES_256_GCM, &aes_256_gcm_info }, #endif #endif -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_CIPHER_AES_128_CCM, &aes_128_ccm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM, &aes_192_ccm_info }, { MBEDTLS_CIPHER_AES_256_CCM, &aes_256_ccm_info }, #endif #endif -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) { MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, &aes_128_ccm_star_no_tag_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, &aes_192_ccm_star_no_tag_info }, @@ -2423,8 +2413,7 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_CAMELLIA_C) [MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA] = &camellia_info, #endif -#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES) [MBEDTLS_CIPHER_BASE_INDEX_CCM_AES] = &ccm_aes_info, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -2448,8 +2437,7 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_DES_C) [MBEDTLS_CIPHER_BASE_INDEX_DES] = &des_info, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES)) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES) [MBEDTLS_CIPHER_BASE_INDEX_GCM_AES] = &gcm_aes_info, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index c85a4efa8..53cf12ff4 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -36,6 +36,42 @@ extern "C" { #endif +/* Support for GCM either through Mbed TLS SW implementation or PSA */ +#if defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#define MBEDTLS_CIPHER_HAVE_GCM +#endif + +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES)) +#define MBEDTLS_CIPHER_HAVE_GCM_AES +#endif + +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#define MBEDTLS_CIPHER_HAVE_CCM +#endif + +#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES)) +#define MBEDTLS_CIPHER_HAVE_CCM_AES +#endif + +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) +#define MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG +#endif + +#if defined(MBEDTLS_CHACHAPOLY_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) +#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY +#endif + +#if defined(MBEDTLS_CIPHER_HAVE_GCM) || defined(MBEDTLS_CIPHER_HAVE_CCM) || \ + defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) || defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) +#define MBEDTLS_CIPHER_HAVE_SOME_AEAD +#endif + /** * Base cipher information. The non-mode specific functions and values. */ diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index fdf22a92f..da43fda19 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -6,7 +6,7 @@ #include "mbedtls/gcm.h" #endif -#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) #define MBEDTLS_CIPHER_AUTH_CRYPT #endif From 0d3fe733cc6835bac635ce2f2c4ed25ce526a77b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 11:00:49 +0100 Subject: [PATCH 100/191] Clarify changelog Co-authored-by: Tom Cosgrove Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index 0f9754460..5b18eb3fc 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,6 +1,6 @@ Features * Support Armv8-A Crypto Extension acceleration for SHA-256 - when compiling for Thumb or 32-bit Arm. + when compiling for Thumb (T32) or 32-bit Arm (A32). New deprecations * Rename the MBEDTLS_SHA256_USE_A64_CRYPTO_xxx config options to MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still From 476c1198e8a5e31b9674da98e58061a84a677711 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 12 Oct 2023 14:19:25 +0100 Subject: [PATCH 101/191] Fix possible NULL dereference issue in X509 cert_write program Signed-off-by: Waleed Elmelegy --- programs/x509/cert_write.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 40b1871f3..5e0d608bc 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -583,6 +583,9 @@ usage: if ((subtype_value = strchr(q, ':')) != NULL) { *subtype_value++ = '\0'; + } else { + mbedtls_printf("Invalid argument for option SAN: Entry should be seperated by a colon\n"); + goto usage; } if (strcmp(q, "RFC822") == 0) { cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME; From 1444c0eb20163cf4979902572c08e9e720a9a310 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 12 Oct 2023 14:31:06 +0100 Subject: [PATCH 102/191] Add changelog entry for x509 cert_write null dereference fix Also fix a typo in cert_write.c Signed-off-by: Waleed Elmelegy --- ChangeLog.d/fix-issue-x509-cert_write.txt | 2 ++ programs/x509/cert_write.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 ChangeLog.d/fix-issue-x509-cert_write.txt diff --git a/ChangeLog.d/fix-issue-x509-cert_write.txt b/ChangeLog.d/fix-issue-x509-cert_write.txt new file mode 100644 index 000000000..7e1f31d2e --- /dev/null +++ b/ChangeLog.d/fix-issue-x509-cert_write.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix possible NULL dereference issue in X509 cert_write program if an entry in the san parameter is not separated by a colon. diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 5e0d608bc..19215c954 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -584,7 +584,7 @@ usage: if ((subtype_value = strchr(q, ':')) != NULL) { *subtype_value++ = '\0'; } else { - mbedtls_printf("Invalid argument for option SAN: Entry should be seperated by a colon\n"); + mbedtls_printf("Invalid argument for option SAN: Entry should be separated by a colon\n"); goto usage; } if (strcmp(q, "RFC822") == 0) { From ac97af223eda0358413dee5349d6912d82d891f8 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 12 Oct 2023 15:46:06 +0100 Subject: [PATCH 103/191] Fix possible NULL dereference issue in X509 cert_req program Signed-off-by: Waleed Elmelegy --- programs/x509/cert_req.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 558d8cc73..bc4eb80d5 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -261,6 +261,9 @@ usage: if ((subtype_value = strchr(q, ':')) != NULL) { *subtype_value++ = '\0'; + } else { + mbedtls_printf("Invalid argument for option SAN: Entry should be separated by a colon\n"); + goto usage; } if (strcmp(q, "RFC822") == 0) { cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME; From 737cfe184b47472fda7305a3f90f9805dbc9de44 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 12 Oct 2023 15:51:13 +0100 Subject: [PATCH 104/191] Add changelog entry for x509 cert_req null dereference fix Signed-off-by: Waleed Elmelegy --- ChangeLog.d/fix-issue-x509-cert_req.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/fix-issue-x509-cert_req.txt diff --git a/ChangeLog.d/fix-issue-x509-cert_req.txt b/ChangeLog.d/fix-issue-x509-cert_req.txt new file mode 100644 index 000000000..7e4effdf8 --- /dev/null +++ b/ChangeLog.d/fix-issue-x509-cert_req.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix possible NULL dereference issue in X509 cert_req program if an entry in the san parameter is not separated by a colon. From 7cb635a56340785bcf2b61caef9ac70df6e014ca Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 16:14:51 +0100 Subject: [PATCH 105/191] Adjust the full config Signed-off-by: Dave Rodgman --- scripts/config.py | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/config.py b/scripts/config.py index 3173be483..5f49f2d8c 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -216,6 +216,7 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_A_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # setting *_USE_ARMV8_A_CRYPTO is sufficient 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) From 193e383686f1e187f0095bdaf12e860dfd78156e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 13 Oct 2023 09:37:24 +0200 Subject: [PATCH 106/191] check_config: fix typo causing build issues with only CCM enabled Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 2e7128595..d9c3b813e 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -1040,7 +1040,7 @@ #endif #if defined(MBEDTLS_SSL_TICKET_C) && \ - !( defined(MBEDTLS_SSL_HAVE_GCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ + !( defined(MBEDTLS_SSL_HAVE_CCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) ) #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" #endif @@ -1143,7 +1143,7 @@ #endif #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && \ - !( defined(MBEDTLS_SSL_HAVE_GCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ + !( defined(MBEDTLS_SSL_HAVE_CCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) ) #error "MBEDTLS_SSL_CONTEXT_SERIALIZATION defined, but not all prerequisites" #endif From d85277c62e3618681f8d2d2d5921b73d143cdf8d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 09:22:54 +0100 Subject: [PATCH 107/191] Doxygen fixes Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index b5c0d5879..f2451cb4c 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3301,7 +3301,9 @@ */ //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT -/* +/** + * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + * * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. * This name is now deprecated, but may still be used as an alternative form for * this option. @@ -3325,7 +3327,7 @@ * armclang <= 6.9 * * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. - * That name is deprecated, but may still be used as an alternative form for this + * That name is \deprecated, but may still be used as an alternative form for this * option. * * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same @@ -3340,7 +3342,9 @@ */ //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY -/* +/** + * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + * * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. * This name is now deprecated, but may still be used as an alternative form for * this option. From ab0cff5b4e3215c7c5b4541a10a6397fd59bb4ff Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 09:32:04 +0100 Subject: [PATCH 108/191] Require asm/hwcap.h for testing Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 253f6c0fa..aec54c166 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4341,8 +4341,13 @@ component_build_aes_aesce_armcc () { support_build_sha_armce() { # clang >= 4 is required to build with SHA extensions - ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - [ "${ver}" -ge 4 ] + clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" + + # we need asm/hwcap.h available for runtime detection + echo '#include ' | clang -E - >/dev/null 2>&1 + have_hwcap=$? + + [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 0 ]] } component_build_sha_armce () { From 7821df3e8baab741b6753223d1d971078609cfa9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 09:38:44 +0100 Subject: [PATCH 109/191] Adjust use of deprecated in Doxygen Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index f2451cb4c..73229ea91 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3327,7 +3327,7 @@ * armclang <= 6.9 * * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. - * That name is \deprecated, but may still be used as an alternative form for this + * That name is deprecated, but may still be used as an alternative form for this * option. * * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same From eade3fedb240ce288e7b0102d60709ccb1a3dc1f Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 13 Oct 2023 09:59:19 +0100 Subject: [PATCH 110/191] Fix code style issue in cert_req program Signed-off-by: Waleed Elmelegy --- programs/x509/cert_req.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index bc4eb80d5..ff744a430 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -262,7 +262,8 @@ usage: if ((subtype_value = strchr(q, ':')) != NULL) { *subtype_value++ = '\0'; } else { - mbedtls_printf("Invalid argument for option SAN: Entry should be separated by a colon\n"); + mbedtls_printf( + "Invalid argument for option SAN: Entry should be separated by a colon\n"); goto usage; } if (strcmp(q, "RFC822") == 0) { From 5867465e9093c1e8b6846f48ed33da8a5ec1b4af Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 13 Oct 2023 10:03:12 +0100 Subject: [PATCH 111/191] Fix code style issue in cert_write program Signed-off-by: Waleed Elmelegy --- programs/x509/cert_write.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 19215c954..8bee0a666 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -584,7 +584,8 @@ usage: if ((subtype_value = strchr(q, ':')) != NULL) { *subtype_value++ = '\0'; } else { - mbedtls_printf("Invalid argument for option SAN: Entry should be separated by a colon\n"); + mbedtls_printf( + "Invalid argument for option SAN: Entry should be separated by a colon\n"); goto usage; } if (strcmp(q, "RFC822") == 0) { From 768bc143ad8aad064bdee6033bdcc69b2cb362a4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 10:15:55 +0100 Subject: [PATCH 112/191] Fix hwcap test for CI Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index aec54c166..22289e543 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4344,10 +4344,9 @@ support_build_sha_armce() { clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 - have_hwcap=$? + echo '#include ' | clang -E - >/dev/null 2>&1 && no_hwcap=0 || no_hwcap=1 - [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 0 ]] + [[ "${clang_ver}" -ge 4 && "${no_hwcap}" -eq 0 ]] } component_build_sha_armce () { From 107c60c765b9fdc7832612cc199648732b3943dc Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 13 Oct 2023 10:25:58 +0100 Subject: [PATCH 113/191] Fix changelog style issue Signed-off-by: Waleed Elmelegy --- ChangeLog.d/fix-issue-x509-cert_write.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-issue-x509-cert_write.txt b/ChangeLog.d/fix-issue-x509-cert_write.txt index 7e1f31d2e..43d67c21d 100644 --- a/ChangeLog.d/fix-issue-x509-cert_write.txt +++ b/ChangeLog.d/fix-issue-x509-cert_write.txt @@ -1,2 +1,3 @@ Bugfix - * Fix possible NULL dereference issue in X509 cert_write program if an entry in the san parameter is not separated by a colon. + * Fix possible NULL dereference issue in X509 cert_write program if an entry + in the san parameter is not separated by a colon. From 0badeb45607f9dc21503433ef7db74c10c5eeaf9 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 13 Oct 2023 10:27:13 +0100 Subject: [PATCH 114/191] Fix changelog code style issue Signed-off-by: Waleed Elmelegy --- ChangeLog.d/fix-issue-x509-cert_req.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-issue-x509-cert_req.txt b/ChangeLog.d/fix-issue-x509-cert_req.txt index 7e4effdf8..3a5171b83 100644 --- a/ChangeLog.d/fix-issue-x509-cert_req.txt +++ b/ChangeLog.d/fix-issue-x509-cert_req.txt @@ -1,2 +1,3 @@ Bugfix - * Fix possible NULL dereference issue in X509 cert_req program if an entry in the san parameter is not separated by a colon. + * Fix possible NULL dereference issue in X509 cert_req program if an entry + in the san parameter is not separated by a colon. From 9a32632577c9ea24f6c8f2e487e6b2ed8511dca4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Oct 2023 20:03:55 +0200 Subject: [PATCH 115/191] Fix 3rdparty/Makefile.inc when included recursively 3rdparty/Makefile.inc could only be used when included from the primary makefile passed to make. It could not be used directly, or included from a makefile that is itself included. This was due to counting from the left of $(MAKEFILE_LIST) instead of using the last element. Since each include directive appends to $(MAKEFILE_LIST), when using it to determine $(THIRDPARTY_DIR), we need to use a simply-expanded variable. Signed-off-by: Gilles Peskine --- 3rdparty/Makefile.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty/Makefile.inc b/3rdparty/Makefile.inc index 80dc12692..70f316b0c 100644 --- a/3rdparty/Makefile.inc +++ b/3rdparty/Makefile.inc @@ -1,3 +1,3 @@ -THIRDPARTY_DIR = $(dir $(word 2, $(MAKEFILE_LIST))) +THIRDPARTY_DIR := $(dir $(lastword $(MAKEFILE_LIST))) include $(THIRDPARTY_DIR)/everest/Makefile.inc include $(THIRDPARTY_DIR)/p256-m/Makefile.inc From cc88ccdda1d594fea51218c5b584e166d020c6f7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 10:33:15 +0100 Subject: [PATCH 116/191] Include existing Makefile Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fec46cc50..7b801a3ec 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3950,12 +3950,16 @@ build_test_config_combos() { # This ensures that we have any include paths, macro definitions, etc # that may be applied by make. # Add -fsyntax-only as we only want a syntax check and don't need to generate a file. - compile_cmd=$(make -B -n ${file} CC=clang CFLAGS="${warning_flags} -fsyntax-only" | egrep "^clang") + compile_cmd="clang \$(LOCAL_CFLAGS) ${warning_flags} -fsyntax-only -c" - makefile=$(mktemp) + makefile=$(TMPDIR=. mktemp) deps="" len=${#options[@]} + source_file=${file%.o}.c + + targets=0 + echo 'include Makefile' >${makefile} for ((i = 0; i < $((2**${len})); i++)); do # generate each of 2^n combinations of options @@ -3973,17 +3977,18 @@ build_test_config_combos() { # if combination is not known to be invalid, add it to the makefile if [[ -z $validate_options ]] || [[ $($validate_options "${clang_args}") == "" ]] ; then cmd="${compile_cmd} ${clang_args}" - echo "${target}:" >> ${makefile} - echo -e "\t$cmd" >> ${makefile} + echo "${target}: ${source_file}; $cmd ${source_file}" >> ${makefile} deps="${deps} ${target}" + ((++targets)) fi done - echo "all: ${deps}" >> ${makefile} + echo "build_test_config_combos: ${deps}" >> ${makefile} # execute all of the commands via Make (probably in parallel) - make -s -f ${makefile} all + make -s -f ${makefile} build_test_config_combos + echo "$targets targets checked" # clean up the temporary makefile rm ${makefile} From 2457bcd26c2c8b803dce6318432b2a4f31ffa0bf Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 12:31:45 +0100 Subject: [PATCH 117/191] Tidy up logic for MBEDTLS_MAYBE_UNUSED Signed-off-by: Dave Rodgman --- library/common.h | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/library/common.h b/library/common.h index de26d451b..570b97eca 100644 --- a/library/common.h +++ b/library/common.h @@ -335,24 +335,24 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #endif /* Suppress compiler warnings for unused functions and variables. */ -#if !defined(MBEDTLS_MAYBE_UNUSED) && (defined(__GNUC__) || defined(__clang__)) -#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__has_attribute) +# if __has_attribute(unused) +# define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +# endif +#endif +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__GNUC__) +# define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) #endif #if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) -#if (__VER__ >= 8010000) // IAR 8.1 or later -#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) -#endif +# if (__VER__ >= 8010000) // IAR 8.1 or later +# define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +# endif #endif #if !defined(MBEDTLS_MAYBE_UNUSED) && defined(_MSC_VER) -#define MBEDTLS_MAYBE_UNUSED __pragma(warning(suppress:4189)) -#endif -#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__has_attribute) -#if __has_attribute(unused) -#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) -#endif +# define MBEDTLS_MAYBE_UNUSED __pragma(warning(suppress:4189)) #endif #if !defined(MBEDTLS_MAYBE_UNUSED) -#define MBEDTLS_MAYBE_UNUSED +# define MBEDTLS_MAYBE_UNUSED #endif #endif /* MBEDTLS_LIBRARY_COMMON_H */ From 515af1d80dce7effa946bb31a91c3b5f19189872 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 14:40:14 +0100 Subject: [PATCH 118/191] Stop IAR warning about goto skipping variable definition Signed-off-by: Dave Rodgman --- library/pkcs12.c | 27 ++++++++++++++------------- library/pkcs5.c | 32 +++++++++++++++++--------------- library/x509_create.c | 42 ++++++++++++++++++++++-------------------- 3 files changed, 53 insertions(+), 48 deletions(-) diff --git a/library/pkcs12.c b/library/pkcs12.c index 4db2a4bbf..42e4fb438 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -216,21 +216,22 @@ int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - /* PKCS12 uses CBC with PKCS7 padding */ - - mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; + { + /* PKCS12 uses CBC with PKCS7 padding */ + mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; #if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) - /* For historical reasons, when decrypting, this function works when - * decrypting even when support for PKCS7 padding is disabled. In this - * case, it ignores the padding, and so will never report a - * password mismatch. - */ - if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) { - padding = MBEDTLS_PADDING_NONE; - } + /* For historical reasons, when decrypting, this function works when + * decrypting even when support for PKCS7 padding is disabled. In this + * case, it ignores the padding, and so will never report a + * password mismatch. + */ + if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) { + padding = MBEDTLS_PADDING_NONE; + } #endif - if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { - goto exit; + if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { + goto exit; + } } #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ diff --git a/library/pkcs5.c b/library/pkcs5.c index 2756d058e..d10a1937c 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -242,23 +242,25 @@ int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - /* PKCS5 uses CBC with PKCS7 padding (which is the same as - * "PKCS5 padding" except that it's typically only called PKCS5 - * with 64-bit-block ciphers). - */ - mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; + { + /* PKCS5 uses CBC with PKCS7 padding (which is the same as + * "PKCS5 padding" except that it's typically only called PKCS5 + * with 64-bit-block ciphers). + */ + mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; #if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) - /* For historical reasons, when decrypting, this function works when - * decrypting even when support for PKCS7 padding is disabled. In this - * case, it ignores the padding, and so will never report a - * password mismatch. - */ - if (mode == MBEDTLS_DECRYPT) { - padding = MBEDTLS_PADDING_NONE; - } + /* For historical reasons, when decrypting, this function works when + * decrypting even when support for PKCS7 padding is disabled. In this + * case, it ignores the padding, and so will never report a + * password mismatch. + */ + if (mode == MBEDTLS_DECRYPT) { + padding = MBEDTLS_PADDING_NONE; + } #endif - if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { - goto exit; + if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { + goto exit; + } } #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ if ((ret = mbedtls_cipher_crypt(&cipher_ctx, iv, enc_scheme_params.len, diff --git a/library/x509_create.c b/library/x509_create.c index 2583cdd0f..62fb119ba 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -254,31 +254,33 @@ static int parse_attribute_value_hex_der_encoded(const char *s, /* Step 3: decode the DER. */ /* We've checked that der_length >= 1 above. */ *tag = der[0]; - unsigned char *p = der + 1; - if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { - goto error; - } - /* Now p points to the first byte of the payload inside der, - * and *data_len is the length of the payload. */ + { + unsigned char *p = der + 1; + if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { + goto error; + } + /* Now p points to the first byte of the payload inside der, + * and *data_len is the length of the payload. */ - /* Step 4: payload validation */ - if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) { - goto error; - } - /* Strings must not contain null bytes. */ - if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) { - for (size_t i = 0; i < *data_len; i++) { - if (p[i] == 0) { - goto error; + /* Step 4: payload validation */ + if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) { + goto error; + } + /* Strings must not contain null bytes. */ + if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) { + for (size_t i = 0; i < *data_len; i++) { + if (p[i] == 0) { + goto error; + } } } - } - /* Step 5: output the payload. */ - if (*data_len > data_size) { - goto error; + /* Step 5: output the payload. */ + if (*data_len > data_size) { + goto error; + } + memcpy(data, p, *data_len); } - memcpy(data, p, *data_len); mbedtls_free(der); return 0; From 37801d714b6f72b349536a9ed1b5663edbb0524c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 16:06:55 +0100 Subject: [PATCH 119/191] Invert no_hwcap variable Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 22289e543..91ed1a566 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4344,9 +4344,9 @@ support_build_sha_armce() { clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 && no_hwcap=0 || no_hwcap=1 + echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 - [[ "${clang_ver}" -ge 4 && "${no_hwcap}" -eq 0 ]] + [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] } component_build_sha_armce () { From 5f5573fa90bade3f5d505882a486df2c9c7df839 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 13 Oct 2023 14:32:09 +0200 Subject: [PATCH 120/191] cipher: reintroduce symbol for legacy AEAD support Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 8 ++++++-- library/cipher.c | 8 ++++---- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index bda768cfb..e13bee6a0 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -33,6 +33,10 @@ #include #include "mbedtls/platform_util.h" +#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) +#define MBEDTLS_CIPHER_HAVE_AEAD_LEGACY +#endif + #if defined(MBEDTLS_CIPHER_MODE_CBC) #define MBEDTLS_CIPHER_MODE_WITH_PADDING #endif @@ -1076,7 +1080,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen); -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) || defined(MBEDTLS_NIST_KW_C) /** * \brief The authenticated encryption (AEAD/NIST_KW) function. * @@ -1183,7 +1187,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len); -#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY || MBEDTLS_NIST_KW_C */ #ifdef __cplusplus } #endif diff --git a/library/cipher.c b/library/cipher.c index f17f3e0e1..7009c19b4 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1390,7 +1390,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, return 0; } -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) /* * Packet-oriented encryption for AEAD modes: internal function used by * mbedtls_cipher_auth_encrypt_ext(). @@ -1569,9 +1569,9 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) || defined(MBEDTLS_NIST_KW_C) /* * Packet-oriented encryption for AEAD/NIST_KW: public function. */ @@ -1671,6 +1671,6 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ } -#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY || MBEDTLS_NIST_KW_C */ #endif /* MBEDTLS_CIPHER_C */ From 132261345d1fec20f629138cf74c8cf5fb5a744c Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Mon, 16 Oct 2023 14:03:29 +0800 Subject: [PATCH 121/191] all.sh: revert changes in test_m32* AESNI for x86 (32-bit) have been tested in a seperate component, we don't need to test twice. Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ca8404049..64bde15fd 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4626,7 +4626,8 @@ component_test_m32_o0 () { # build) and not the i386-specific inline assembly. msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s scripts/config.py full - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" + scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O0 (ASan build)" make test @@ -4643,7 +4644,8 @@ component_test_m32_o2 () { # and go faster for tests. msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s scripts/config.py full - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" + scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O2 (ASan build)" make test @@ -4658,7 +4660,8 @@ support_test_m32_o2 () { component_test_m32_everest () { msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" + scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s make test From 4b0e8f0e2c67f88816f7ebfc314e725986fe6343 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 6 Jul 2023 12:25:12 +0200 Subject: [PATCH 122/191] Remove redundant include MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It's also included later, guarded by support for ECC keys, and actually that's the only case where we need it. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index e1422df77..687c2c082 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -26,7 +26,6 @@ #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -#include "pk_internal.h" #include From da88c380bd9674efef64b91b9ff34057c6b537d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 6 Jul 2023 12:31:43 +0200 Subject: [PATCH 123/191] Minimize key-type-related includes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - we don't use any ECDSA function here - we only need to include ecp.h when supporting ECC keys Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 687c2c082..1dd5653e2 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -29,16 +29,16 @@ #include +/* Key types */ #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" #endif -#include "mbedtls/ecp.h" #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +#include "mbedtls/ecp.h" #include "pk_internal.h" #endif -#if defined(MBEDTLS_ECDSA_C) -#include "mbedtls/ecdsa.h" -#endif + +/* Extended formats */ #if defined(MBEDTLS_PEM_PARSE_C) #include "mbedtls/pem.h" #endif From 5fcbe4c1f802b5532a198f91d7cfa33f211c7cbc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 6 Jul 2023 13:02:51 +0200 Subject: [PATCH 124/191] Further rationalize includes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - only include psa_util when we use PSA Crypto - re-order includes Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 1dd5653e2..3fca2c44f 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -25,10 +25,16 @@ #include "mbedtls/asn1.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" +#include "mbedtls/platform.h" #include "mbedtls/error.h" #include +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "mbedtls/psa_util.h" +#include "psa/crypto.h" +#endif + /* Key types */ #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" @@ -49,16 +55,6 @@ #include "mbedtls/pkcs12.h" #endif -#if defined(MBEDTLS_PSA_CRYPTO_C) -#include "psa_util_internal.h" -#endif - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "psa/crypto.h" -#endif - -#include "mbedtls/platform.h" - /* Helper for Montgomery curves */ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) #define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \ From 2585852231fb4e895dc9471f547c0e81bd97f308 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 24 Jul 2023 11:44:55 +0200 Subject: [PATCH 125/191] Factor common code into a function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit There were two places that were calling either pk_update_ecparams() or mbedtls_ecp_group_load() depending on the same guard. Factor this into a single function, that works in both configs, so that callers don't have to worry about guards. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 67 ++++++++++++++++++----------------------------- 1 file changed, 26 insertions(+), 41 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 3fca2c44f..d5ffc862d 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -453,28 +453,39 @@ cleanup: } #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) -/* Functions pk_use_ecparams() and pk_use_ecparams_rfc8410() update the - * ecp_keypair structure with proper group ID. The purpose of this helper - * function is to update ec_family and ec_bits accordingly. */ -static int pk_update_psa_ecparams(mbedtls_pk_context *pk, - mbedtls_ecp_group_id grp_id) +/* + * Set the group used by this key. + */ +static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) { - psa_ecc_family_t ec_family; - size_t bits; +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + size_t ec_bits; + psa_ecc_family_t ec_family = mbedtls_ecc_group_to_psa(grp_id, &ec_bits); - ec_family = mbedtls_ecc_group_to_psa(grp_id, &bits); - - if ((pk->ec_family != 0) && (pk->ec_family != ec_family)) { + /* group may already be initialized; if so, make sure IDs match */ + if ((pk->ec_family != 0 && pk->ec_family != ec_family) || + (pk->ec_bits != 0 && pk->ec_bits != ec_bits)) { return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } + /* set group */ pk->ec_family = ec_family; - pk->ec_bits = bits; + pk->ec_bits = ec_bits; return 0; -} +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec_rw(*pk); + + /* grp may already be initialized; if so, make sure IDs match */ + if (mbedtls_pk_ec_ro(*pk)->grp.id != MBEDTLS_ECP_DP_NONE && + mbedtls_pk_ec_ro(*pk)->grp.id != grp_id) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + + /* set group */ + return mbedtls_ecp_group_load(&(ecp->grp), grp_id); #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +} /* * Use EC parameters to initialise an EC group @@ -503,22 +514,7 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_pk_context *p #endif } -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - ret = pk_update_psa_ecparams(pk, grp_id); -#else - /* grp may already be initialized; if so, make sure IDs match */ - if (mbedtls_pk_ec_ro(*pk)->grp.id != MBEDTLS_ECP_DP_NONE && - mbedtls_pk_ec_ro(*pk)->grp.id != grp_id) { - return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; - } - - if ((ret = mbedtls_ecp_group_load(&(mbedtls_pk_ec_rw(*pk)->grp), - grp_id)) != 0) { - return ret; - } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - - return ret; + return pk_ecc_set_group(pk, grp_id); } /* @@ -588,22 +584,11 @@ static int pk_use_ecparams_rfc8410(const mbedtls_asn1_buf *params, mbedtls_ecp_group_id grp_id, mbedtls_pk_context *pk) { - int ret; - if (params->tag != 0 || params->len != 0) { return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - ret = pk_update_psa_ecparams(pk, grp_id); -#else - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec_rw(*pk); - ret = mbedtls_ecp_group_load(&(ecp->grp), grp_id); - if (ret != 0) { - return ret; - } -#endif - return ret; + return pk_ecc_set_group(pk, grp_id); } /* From d5b43720121916237f4474f13e27e288c62cb8f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 24 Jul 2023 12:06:22 +0200 Subject: [PATCH 126/191] Slightly simplify pk_derive_public_key() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - add a comment explain potentially surprising parameters - avoid nesting #if guards: I find the linear structure #if #elif #else makes the three cases clearer. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index d5ffc862d..78155ba32 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -519,24 +519,32 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_pk_context *p /* * Helper function for deriving a public key from its private counterpart. + * + * Note: the private key information is always available from pk, + * however for convenience the serialized version is also passed, + * as it's available at each calling site, and useful in some configs + * (as otherwise we're have to re-serialize it from the pk context). */ static int pk_derive_public_key(mbedtls_pk_context *pk, const unsigned char *d, size_t d_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - int ret; -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) psa_status_t status; (void) f_rng; (void) p_rng; -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) (void) d; (void) d_len; status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), &pk->pub_raw_len); - ret = psa_pk_status_to_mbedtls(status); -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + return psa_pk_status_to_mbedtls(status); +#elif defined(MBEDTLS_USE_PSA_CRYPTO) /* && !MBEDTLS_PK_USE_PSA_EC_DATA */ + int ret; + psa_status_t status; + (void) f_rng; + (void) p_rng; + mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; unsigned char key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; size_t key_len; @@ -563,16 +571,14 @@ static int pk_derive_public_key(mbedtls_pk_context *pk, } else if (destruction_status != PSA_SUCCESS) { return psa_pk_status_to_mbedtls(destruction_status); } - ret = mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); #else /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; (void) d; (void) d_len; - ret = mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); + return mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); #endif /* MBEDTLS_USE_PSA_CRYPTO */ - return ret; } #if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) From 6db11d5068d73c56ca8bfb2a7ca68b52cc258173 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 25 Jul 2023 11:20:48 +0200 Subject: [PATCH 127/191] Group two versions of the same code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Just moving code around. The two blocks do morally the same thing: load the key, and grouping them makes the #if #else structure clearer. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 44 +++++++++++++++++++++----------------------- 1 file changed, 21 insertions(+), 23 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 78155ba32..edcc2e291 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1214,11 +1214,30 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, } -#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); + /* Setting largest masks for usage and key algorithms */ + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE); +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + psa_set_key_algorithm(&attributes, + PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); +#else + psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); +#endif + psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDH); + + status = psa_import_key(&attributes, d, d_len, &pk->priv_id); + if (status != PSA_SUCCESS) { + ret = psa_pk_status_to_mbedtls(status); + return ret; + } +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ if ((ret = mbedtls_ecp_read_key(eck->grp.id, eck, d, d_len)) != 0) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } -#endif +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ if (p != end) { /* @@ -1255,27 +1274,6 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, } } -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); - /* Setting largest masks for usage and key algorithms */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | - PSA_KEY_USAGE_SIGN_MESSAGE | - PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE); -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - psa_set_key_algorithm(&attributes, - PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); -#else - psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); -#endif - psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDH); - - status = psa_import_key(&attributes, d, d_len, &pk->priv_id); - if (status != PSA_SUCCESS) { - ret = psa_pk_status_to_mbedtls(status); - return ret; - } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - if (!pubkey_done) { if ((ret = pk_derive_public_key(pk, d, d_len, f_rng, p_rng)) != 0) { return ret; From dcd98fffabeedfbff4dae473b8be368b728960af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 25 Jul 2023 11:58:31 +0200 Subject: [PATCH 128/191] Factor similar code into pk_ecc_set_key() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 100 ++++++++++++++++++++++++---------------------- 1 file changed, 52 insertions(+), 48 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index edcc2e291..114a56389 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -487,6 +487,48 @@ static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ } +/* + * Set the private key material + * + * Must have already set the group with pk_ecc_set_group(). + * + * The 'key' argument points to the raw private key (no ASN.1 wrapping). + */ +static int pk_ecc_set_key(mbedtls_pk_context *pk, + unsigned char *key, size_t len) +{ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status; + + psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); + psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); + psa_key_usage_t flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE; + if (pk->ec_family != PSA_ECC_FAMILY_MONTGOMERY) { + flags |= PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE; +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + psa_set_key_enrollment_algorithm(&attributes, + PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); +#else + psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); +#endif + } + psa_set_key_usage_flags(&attributes, flags); + + status = psa_import_key(&attributes, key, len, &pk->priv_id); + return psa_pk_status_to_mbedtls(status); + +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + + mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); + int ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, len); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } + return 0; +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +} + /* * Use EC parameters to initialise an EC group * @@ -617,27 +659,13 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_status_t status; - - psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT | - PSA_KEY_USAGE_DERIVE); - psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); - - status = psa_import_key(&attributes, key, len, &pk->priv_id); - if (status != PSA_SUCCESS) { - ret = psa_pk_status_to_mbedtls(status); + /* + * Load the private key + */ + ret = pk_ecc_set_key(pk, key, len); + if (ret != 0) { return ret; } -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); - - if ((ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, len)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); - } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* pk_parse_key_pkcs8_unencrypted_der() only supports version 1 PKCS8 keys, * which never contain a public key. As such, derive the public key @@ -1153,12 +1181,6 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, unsigned char *d; unsigned char *end = p + keylen; unsigned char *end2; -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_status_t status; -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* * RFC 5915, or SEC1 Appendix C.4 @@ -1213,31 +1235,13 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, } } - -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); - /* Setting largest masks for usage and key algorithms */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | - PSA_KEY_USAGE_SIGN_MESSAGE | - PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE); -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - psa_set_key_algorithm(&attributes, - PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); -#else - psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); -#endif - psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDH); - - status = psa_import_key(&attributes, d, d_len, &pk->priv_id); - if (status != PSA_SUCCESS) { - ret = psa_pk_status_to_mbedtls(status); + /* + * Load the private key + */ + ret = pk_ecc_set_key(pk, d, d_len); + if (ret != 0) { return ret; } -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - if ((ret = mbedtls_ecp_read_key(eck->grp.id, eck, d, d_len)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); - } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ if (p != end) { /* From 116175c5d7f2b44f5d3186e845b9881d519d53d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 25 Jul 2023 12:06:55 +0200 Subject: [PATCH 129/191] Use helper macro for (deterministic) ECDSA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - centralizes decision making about which version to use when - avoids nested #ifs in pk_ecc_set_key() Signed-off-by: Manuel Pégourié-Gonnard --- library/pk_internal.h | 9 +++++++-- library/pk_wrap.c | 9 ++------- library/pkparse.c | 7 ++----- 3 files changed, 11 insertions(+), 14 deletions(-) diff --git a/library/pk_internal.h b/library/pk_internal.h index 004660e09..9becbecd4 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -117,14 +117,19 @@ static inline mbedtls_ecp_group_id mbedtls_pk_get_group_id(const mbedtls_pk_cont #endif /* MBEDTLS_ECP_HAVE_CURVE25519 || MBEDTLS_ECP_DP_CURVE448 */ #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ -#if defined(MBEDTLS_TEST_HOOKS) +/* Helper for (deterministic) ECDSA */ +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) +#define MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET PSA_ALG_DETERMINISTIC_ECDSA +#else +#define MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET PSA_ALG_ECDSA +#endif +#if defined(MBEDTLS_TEST_HOOKS) MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( mbedtls_pk_context *pk, unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); - #endif #endif /* MBEDTLS_PK_INTERNAL_H */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 436876a5d..53e11d5cb 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -1037,13 +1037,8 @@ static int ecdsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(ctx->grp.id, &curve_bits); size_t key_len = PSA_BITS_TO_BYTES(curve_bits); -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - psa_algorithm_t psa_sig_md = - PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); -#else - psa_algorithm_t psa_sig_md = - PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); -#endif + psa_algorithm_t psa_hash = mbedtls_md_psa_alg_from_type(md_alg); + psa_algorithm_t psa_sig_md = MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(psa_hash); ((void) f_rng); ((void) p_rng); diff --git a/library/pkparse.c b/library/pkparse.c index 114a56389..3f67786e4 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -504,14 +504,11 @@ static int pk_ecc_set_key(mbedtls_pk_context *pk, psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); psa_key_usage_t flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE; + /* Montgomery allows only ECDH, others ECDSA too */ if (pk->ec_family != PSA_ECC_FAMILY_MONTGOMERY) { flags |= PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE; -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) psa_set_key_enrollment_algorithm(&attributes, - PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); -#else - psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); -#endif + MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(PSA_ALG_ANY_HASH)); } psa_set_key_usage_flags(&attributes, flags); From e82fcd9c9e01cd3b63c76e792b9136834cc38f34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 10:53:25 +0200 Subject: [PATCH 130/191] Avoid nested #ifs in body of pk_get_ecpubkey() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 3f67786e4..72eed097f 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -675,7 +675,7 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, } #endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) && defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) /* * Create a temporary ecp_keypair for converting an EC point in compressed * format to an uncompressed one @@ -685,6 +685,7 @@ static int pk_convert_compressed_ec(mbedtls_pk_context *pk, size_t *out_buf_len, unsigned char *out_buf, size_t out_buf_size) { +#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) mbedtls_ecp_keypair ecp_key; mbedtls_ecp_group_id ecp_group_id; int ret; @@ -708,8 +709,11 @@ static int pk_convert_compressed_ec(mbedtls_pk_context *pk, exit: mbedtls_ecp_keypair_free(&ecp_key); return ret; +#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA && MBEDTLS_PK_PARSE_EC_COMPRESSED */ +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* * EC public key is an EC point @@ -732,20 +736,15 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - /* Compressed point format are not supported yet by PSA crypto. As a - * consequence ecp functions are used to "convert" the point to - * uncompressed format */ if ((**p == 0x02) || (**p == 0x03)) { -#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) + /* Compressed format, not supported by PSA Crypto. + * Try converting using functions from ECP_LIGHT. */ ret = pk_convert_compressed_ec(pk, *p, len, &(pk->pub_raw_len), pk->pub_raw, PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); if (ret != 0) { return ret; } -#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ } else { /* Uncompressed format */ if ((size_t) (end - *p) > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { From df151bbc37c47c9da99ecf7eca8e127e521038db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 11:06:46 +0200 Subject: [PATCH 131/191] Minor improvements to pk_ecc_read_compressed() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - new name starting with pk_ecc for consistency - re-order params to match the PSA convention: buf, len, &size - add comment about input consumption Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 72eed097f..3fa1a8422 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -679,11 +679,14 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, /* * Create a temporary ecp_keypair for converting an EC point in compressed * format to an uncompressed one + * + * Consumes everything or fails - inherited from + * mbedtls_ecp_point_read_binary(). */ -static int pk_convert_compressed_ec(mbedtls_pk_context *pk, - const unsigned char *in_start, size_t in_len, - size_t *out_buf_len, unsigned char *out_buf, - size_t out_buf_size) +static int pk_ecc_read_compressed(mbedtls_pk_context *pk, + const unsigned char *in_start, size_t in_len, + unsigned char *out_buf, size_t out_buf_size, + size_t *out_buf_len) { #if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) mbedtls_ecp_keypair ecp_key; @@ -730,7 +733,7 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) mbedtls_svc_key_id_t key; psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; - size_t len = (end - *p); + size_t len = (size_t) (end - *p); if (len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -739,19 +742,20 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, if ((**p == 0x02) || (**p == 0x03)) { /* Compressed format, not supported by PSA Crypto. * Try converting using functions from ECP_LIGHT. */ - ret = pk_convert_compressed_ec(pk, *p, len, - &(pk->pub_raw_len), pk->pub_raw, - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + ret = pk_ecc_read_compressed(pk, *p, len, + pk->pub_raw, + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE, + &pk->pub_raw_len); if (ret != 0) { return ret; } } else { /* Uncompressed format */ - if ((size_t) (end - *p) > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { + if (len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; } - memcpy(pk->pub_raw, *p, (end - *p)); - pk->pub_raw_len = end - *p; + memcpy(pk->pub_raw, *p, len); + pk->pub_raw_len = len; } /* Validate the key by trying to importing it */ @@ -778,7 +782,8 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* - * We know mbedtls_ecp_point_read_binary consumed all bytes or failed + * We know mbedtls_ecp_point_read_binary and pk_ecc_read_compressed either + * consumed all bytes or failed, and memcpy consumed all bytes too. */ *p = (unsigned char *) end; From 212517b87d72fb96145e066535f3a895884ea701 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 12:05:38 +0200 Subject: [PATCH 132/191] Start re-ordering functions in pkparse MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The general order is low-level first, top-level last, for the sake of static function and avoiding forward declarations. The obvious exception was functions that parse files that were at the beginning; move them to the end. Also start defining sections in the file; this is incomplete as I don't have a clear view of the beginning of the file yet. Will continue in further commits. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 222 +++++++++++++++++++++++++--------------------- 1 file changed, 120 insertions(+), 102 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 3fa1a8422..fbf8cbfc1 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -61,108 +61,6 @@ ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448)) #endif /* MBEDTLS_PK_HAVE_ECC_KEYS && MBEDTLS_PK_HAVE_RFC8410_CURVES */ -#if defined(MBEDTLS_FS_IO) -/* - * Load all data from a file into a given buffer. - * - * The file is expected to contain either PEM or DER encoded data. - * A terminating null byte is always appended. It is included in the announced - * length only if the data looks like it is PEM encoded. - */ -int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n) -{ - FILE *f; - long size; - - if ((f = fopen(path, "rb")) == NULL) { - return MBEDTLS_ERR_PK_FILE_IO_ERROR; - } - - /* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */ - mbedtls_setbuf(f, NULL); - - fseek(f, 0, SEEK_END); - if ((size = ftell(f)) == -1) { - fclose(f); - return MBEDTLS_ERR_PK_FILE_IO_ERROR; - } - fseek(f, 0, SEEK_SET); - - *n = (size_t) size; - - if (*n + 1 == 0 || - (*buf = mbedtls_calloc(1, *n + 1)) == NULL) { - fclose(f); - return MBEDTLS_ERR_PK_ALLOC_FAILED; - } - - if (fread(*buf, 1, *n, f) != *n) { - fclose(f); - - mbedtls_zeroize_and_free(*buf, *n); - - return MBEDTLS_ERR_PK_FILE_IO_ERROR; - } - - fclose(f); - - (*buf)[*n] = '\0'; - - if (strstr((const char *) *buf, "-----BEGIN ") != NULL) { - ++*n; - } - - return 0; -} - -/* - * Load and parse a private key - */ -int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx, - const char *path, const char *pwd, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n; - unsigned char *buf; - - if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { - return ret; - } - - if (pwd == NULL) { - ret = mbedtls_pk_parse_key(ctx, buf, n, NULL, 0, f_rng, p_rng); - } else { - ret = mbedtls_pk_parse_key(ctx, buf, n, - (const unsigned char *) pwd, strlen(pwd), f_rng, p_rng); - } - - mbedtls_zeroize_and_free(buf, n); - - return ret; -} - -/* - * Load and parse a public key - */ -int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n; - unsigned char *buf; - - if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { - return ret; - } - - ret = mbedtls_pk_parse_public_key(ctx, buf, n); - - mbedtls_zeroize_and_free(buf, n); - - return ret; -} -#endif /* MBEDTLS_FS_IO */ - #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf * @@ -1289,6 +1187,12 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, } #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ +/*********************************************************************** + * + * PKCS#8 parsing functions + * + **********************************************************************/ + /* * Parse an unencrypted PKCS#8 encoded private key * @@ -1524,6 +1428,12 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( } #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ +/*********************************************************************** + * + * Top-level functions, with format auto-discovery + * + **********************************************************************/ + /* * Parse a private key */ @@ -1843,4 +1753,112 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, return ret; } +/*********************************************************************** + * + * Top-level functions, with filesystem support + * + **********************************************************************/ + +#if defined(MBEDTLS_FS_IO) +/* + * Load all data from a file into a given buffer. + * + * The file is expected to contain either PEM or DER encoded data. + * A terminating null byte is always appended. It is included in the announced + * length only if the data looks like it is PEM encoded. + */ +int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n) +{ + FILE *f; + long size; + + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_PK_FILE_IO_ERROR; + } + + /* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */ + mbedtls_setbuf(f, NULL); + + fseek(f, 0, SEEK_END); + if ((size = ftell(f)) == -1) { + fclose(f); + return MBEDTLS_ERR_PK_FILE_IO_ERROR; + } + fseek(f, 0, SEEK_SET); + + *n = (size_t) size; + + if (*n + 1 == 0 || + (*buf = mbedtls_calloc(1, *n + 1)) == NULL) { + fclose(f); + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } + + if (fread(*buf, 1, *n, f) != *n) { + fclose(f); + + mbedtls_zeroize_and_free(*buf, *n); + + return MBEDTLS_ERR_PK_FILE_IO_ERROR; + } + + fclose(f); + + (*buf)[*n] = '\0'; + + if (strstr((const char *) *buf, "-----BEGIN ") != NULL) { + ++*n; + } + + return 0; +} + +/* + * Load and parse a private key + */ +int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx, + const char *path, const char *pwd, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t n; + unsigned char *buf; + + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } + + if (pwd == NULL) { + ret = mbedtls_pk_parse_key(ctx, buf, n, NULL, 0, f_rng, p_rng); + } else { + ret = mbedtls_pk_parse_key(ctx, buf, n, + (const unsigned char *) pwd, strlen(pwd), f_rng, p_rng); + } + + mbedtls_zeroize_and_free(buf, n); + + return ret; +} + +/* + * Load and parse a public key + */ +int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t n; + unsigned char *buf; + + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } + + ret = mbedtls_pk_parse_public_key(ctx, buf, n); + + mbedtls_zeroize_and_free(buf, n); + + return ret; +} +#endif /* MBEDTLS_FS_IO */ + #endif /* MBEDTLS_PK_PARSE_C */ From 997a95e5926d4ef64836e8702fe2d00c955b9878 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 15:18:30 +0200 Subject: [PATCH 133/191] Merge two consecutive #ifs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index fbf8cbfc1..98094a36f 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -55,13 +55,14 @@ #include "mbedtls/pkcs12.h" #endif +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + /* Helper for Montgomery curves */ -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) #define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \ ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448)) -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS && MBEDTLS_PK_HAVE_RFC8410_CURVES */ +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf * * ECParameters ::= CHOICE { From 5470898e37875e2cf29019c4e66322f8a4ba5e69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 15:38:36 +0200 Subject: [PATCH 134/191] Move code around again MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 566 ++++++++++++++++++++++++---------------------- 1 file changed, 292 insertions(+), 274 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 98094a36f..5a35c43fb 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -57,56 +57,274 @@ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) -/* Helper for Montgomery curves */ -#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) -#define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \ - ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448)) -#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ - -/* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf +/*********************************************************************** * - * ECParameters ::= CHOICE { - * namedCurve OBJECT IDENTIFIER - * specifiedCurve SpecifiedECDomain -- = SEQUENCE { ... } - * -- implicitCurve NULL - * } + * ECC setters + * + * 1. This is an abstraction layer around MBEDTLS_PK_USE_PSA_EC_DATA: + * this macro will not appear outside this section. + * 2. All inputs are raw: no metadata, no ASN.1 until the next section. + * + **********************************************************************/ + +/* + * Set the group used by this key. */ -static int pk_get_ecparams(unsigned char **p, const unsigned char *end, - mbedtls_asn1_buf *params) +static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) +{ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + size_t ec_bits; + psa_ecc_family_t ec_family = mbedtls_ecc_group_to_psa(grp_id, &ec_bits); + + /* group may already be initialized; if so, make sure IDs match */ + if ((pk->ec_family != 0 && pk->ec_family != ec_family) || + (pk->ec_bits != 0 && pk->ec_bits != ec_bits)) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + + /* set group */ + pk->ec_family = ec_family; + pk->ec_bits = ec_bits; + + return 0; +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec_rw(*pk); + + /* grp may already be initialized; if so, make sure IDs match */ + if (mbedtls_pk_ec_ro(*pk)->grp.id != MBEDTLS_ECP_DP_NONE && + mbedtls_pk_ec_ro(*pk)->grp.id != grp_id) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + + /* set group */ + return mbedtls_ecp_group_load(&(ecp->grp), grp_id); +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +} + +/* + * Set the private key material + * + * Must have already set the group with pk_ecc_set_group(). + * + * The 'key' argument points to the raw private key (no ASN.1 wrapping). + */ +static int pk_ecc_set_key(mbedtls_pk_context *pk, + unsigned char *key, size_t len) +{ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status; + + psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); + psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); + psa_key_usage_t flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE; + /* Montgomery allows only ECDH, others ECDSA too */ + if (pk->ec_family != PSA_ECC_FAMILY_MONTGOMERY) { + flags |= PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE; + psa_set_key_enrollment_algorithm(&attributes, + MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(PSA_ALG_ANY_HASH)); + } + psa_set_key_usage_flags(&attributes, flags); + + status = psa_import_key(&attributes, key, len, &pk->priv_id); + return psa_pk_status_to_mbedtls(status); + +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + + mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); + int ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, len); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } + return 0; +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +} + +/* + * Helper function for deriving a public key from its private counterpart. + * + * Note: the private key information is always available from pk, + * however for convenience the serialized version is also passed, + * as it's available at each calling site, and useful in some configs + * (as otherwise we're have to re-serialize it from the pk context). + */ +static int pk_derive_public_key(mbedtls_pk_context *pk, + const unsigned char *d, size_t d_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +{ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_status_t status; + (void) f_rng; + (void) p_rng; + (void) d; + (void) d_len; + + status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), + &pk->pub_raw_len); + return psa_pk_status_to_mbedtls(status); +#elif defined(MBEDTLS_USE_PSA_CRYPTO) /* && !MBEDTLS_PK_USE_PSA_EC_DATA */ + int ret; + psa_status_t status; + (void) f_rng; + (void) p_rng; + + mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; + unsigned char key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t key_len; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; + size_t curve_bits; + psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(eck->grp.id, &curve_bits); + psa_status_t destruction_status; + + psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); + psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); + + status = psa_import_key(&key_attr, d, d_len, &key_id); + ret = psa_pk_status_to_mbedtls(status); + if (ret != 0) { + return ret; + } + + status = psa_export_public_key(key_id, key_buf, sizeof(key_buf), &key_len); + ret = psa_pk_status_to_mbedtls(status); + destruction_status = psa_destroy_key(key_id); + if (ret != 0) { + return ret; + } else if (destruction_status != PSA_SUCCESS) { + return psa_pk_status_to_mbedtls(destruction_status); + } + return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); +#else /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; + (void) d; + (void) d_len; + + return mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +} + +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) +/* + * Create a temporary ecp_keypair for converting an EC point in compressed + * format to an uncompressed one + * + * Consumes everything or fails - inherited from + * mbedtls_ecp_point_read_binary(). + */ +static int pk_ecc_read_compressed(mbedtls_pk_context *pk, + const unsigned char *in_start, size_t in_len, + unsigned char *out_buf, size_t out_buf_size, + size_t *out_buf_len) +{ +#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) + mbedtls_ecp_keypair ecp_key; + mbedtls_ecp_group_id ecp_group_id; + int ret; + + ecp_group_id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); + + mbedtls_ecp_keypair_init(&ecp_key); + ret = mbedtls_ecp_group_load(&(ecp_key.grp), ecp_group_id); + if (ret != 0) { + return ret; + } + ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q, + in_start, in_len); + if (ret != 0) { + goto exit; + } + ret = mbedtls_ecp_point_write_binary(&(ecp_key.grp), &ecp_key.Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + out_buf_len, out_buf, out_buf_size); + +exit: + mbedtls_ecp_keypair_free(&ecp_key); + return ret; +#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + +/* + * EC public key is an EC point + * + * The caller is responsible for clearing the structure upon failure if + * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE + * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state. + */ +static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, + mbedtls_pk_context *pk) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if (end - *p < 1) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_OUT_OF_DATA); +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + mbedtls_svc_key_id_t key; + psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; + size_t len = (size_t) (end - *p); + + if (len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - /* Tag may be either OID or SEQUENCE */ - params->tag = **p; - if (params->tag != MBEDTLS_ASN1_OID -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - && params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) -#endif - ) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + if ((**p == 0x02) || (**p == 0x03)) { + /* Compressed format, not supported by PSA Crypto. + * Try converting using functions from ECP_LIGHT. */ + ret = pk_ecc_read_compressed(pk, *p, len, + pk->pub_raw, + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE, + &pk->pub_raw_len); + if (ret != 0) { + return ret; + } + } else { + /* Uncompressed format */ + if (len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { + return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; + } + memcpy(pk->pub_raw, *p, len); + pk->pub_raw_len = len; } - if ((ret = mbedtls_asn1_get_tag(p, end, ¶ms->len, params->tag)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + /* Validate the key by trying to importing it */ + psa_set_key_usage_flags(&key_attrs, 0); + psa_set_key_algorithm(&key_attrs, PSA_ALG_ECDSA_ANY); + psa_set_key_type(&key_attrs, PSA_KEY_TYPE_ECC_PUBLIC_KEY(pk->ec_family)); + psa_set_key_bits(&key_attrs, pk->ec_bits); + + if ((psa_import_key(&key_attrs, pk->pub_raw, pk->pub_raw_len, + &key) != PSA_SUCCESS) || + (psa_destroy_key(key) != PSA_SUCCESS)) { + mbedtls_platform_zeroize(pk->pub_raw, MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN); + pk->pub_raw_len = 0; + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - - params->p = *p; - *p += params->len; - - if (*p != end) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + ret = 0; +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *ec_key = (mbedtls_ecp_keypair *) pk->pk_ctx; + if ((ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, + (const unsigned char *) *p, + end - *p)) == 0) { + ret = mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); } +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - return 0; + /* + * We know mbedtls_ecp_point_read_binary and pk_ecc_read_compressed either + * consumed all bytes or failed, and memcpy consumed all bytes too. + */ + *p = (unsigned char *) end; + + return ret; } +/*********************************************************************** + * + * Unsorted (yet!) from this point on until the next section header + * + **********************************************************************/ + #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) /* * Parse a SpecifiedECDomain (SEC 1 C.2) and (mostly) fill the group with it. @@ -352,77 +570,49 @@ cleanup: } #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ -/* - * Set the group used by this key. - */ -static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) -{ -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - size_t ec_bits; - psa_ecc_family_t ec_family = mbedtls_ecc_group_to_psa(grp_id, &ec_bits); - /* group may already be initialized; if so, make sure IDs match */ - if ((pk->ec_family != 0 && pk->ec_family != ec_family) || - (pk->ec_bits != 0 && pk->ec_bits != ec_bits)) { - return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; - } - - /* set group */ - pk->ec_family = ec_family; - pk->ec_bits = ec_bits; - - return 0; -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec_rw(*pk); - - /* grp may already be initialized; if so, make sure IDs match */ - if (mbedtls_pk_ec_ro(*pk)->grp.id != MBEDTLS_ECP_DP_NONE && - mbedtls_pk_ec_ro(*pk)->grp.id != grp_id) { - return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; - } - - /* set group */ - return mbedtls_ecp_group_load(&(ecp->grp), grp_id); -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ -} - -/* - * Set the private key material +/* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf * - * Must have already set the group with pk_ecc_set_group(). - * - * The 'key' argument points to the raw private key (no ASN.1 wrapping). + * ECParameters ::= CHOICE { + * namedCurve OBJECT IDENTIFIER + * specifiedCurve SpecifiedECDomain -- = SEQUENCE { ... } + * -- implicitCurve NULL + * } */ -static int pk_ecc_set_key(mbedtls_pk_context *pk, - unsigned char *key, size_t len) +static int pk_get_ecparams(unsigned char **p, const unsigned char *end, + mbedtls_asn1_buf *params) { -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_status_t status; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); - psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); - psa_key_usage_t flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE; - /* Montgomery allows only ECDH, others ECDSA too */ - if (pk->ec_family != PSA_ECC_FAMILY_MONTGOMERY) { - flags |= PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE; - psa_set_key_enrollment_algorithm(&attributes, - MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(PSA_ALG_ANY_HASH)); + if (end - *p < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); } - psa_set_key_usage_flags(&attributes, flags); - status = psa_import_key(&attributes, key, len, &pk->priv_id); - return psa_pk_status_to_mbedtls(status); + /* Tag may be either OID or SEQUENCE */ + params->tag = **p; + if (params->tag != MBEDTLS_ASN1_OID +#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) + && params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) +#endif + ) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - - mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); - int ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, len); - if (ret != 0) { + if ((ret = mbedtls_asn1_get_tag(p, end, ¶ms->len, params->tag)) != 0) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } + + params->p = *p; + *p += params->len; + + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + return 0; -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ } /* @@ -455,70 +645,6 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_pk_context *p return pk_ecc_set_group(pk, grp_id); } -/* - * Helper function for deriving a public key from its private counterpart. - * - * Note: the private key information is always available from pk, - * however for convenience the serialized version is also passed, - * as it's available at each calling site, and useful in some configs - * (as otherwise we're have to re-serialize it from the pk context). - */ -static int pk_derive_public_key(mbedtls_pk_context *pk, - const unsigned char *d, size_t d_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) -{ -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_status_t status; - (void) f_rng; - (void) p_rng; - (void) d; - (void) d_len; - - status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), - &pk->pub_raw_len); - return psa_pk_status_to_mbedtls(status); -#elif defined(MBEDTLS_USE_PSA_CRYPTO) /* && !MBEDTLS_PK_USE_PSA_EC_DATA */ - int ret; - psa_status_t status; - (void) f_rng; - (void) p_rng; - - mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; - unsigned char key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; - size_t key_len; - mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; - psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; - size_t curve_bits; - psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(eck->grp.id, &curve_bits); - psa_status_t destruction_status; - - psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); - psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); - - status = psa_import_key(&key_attr, d, d_len, &key_id); - ret = psa_pk_status_to_mbedtls(status); - if (ret != 0) { - return ret; - } - - status = psa_export_public_key(key_id, key_buf, sizeof(key_buf), &key_len); - ret = psa_pk_status_to_mbedtls(status); - destruction_status = psa_destroy_key(key_id); - if (ret != 0) { - return ret; - } else if (destruction_status != PSA_SUCCESS) { - return psa_pk_status_to_mbedtls(destruction_status); - } - return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); -#else /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; - (void) d; - (void) d_len; - - return mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -} - #if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) /* @@ -574,120 +700,6 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, } #endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) -/* - * Create a temporary ecp_keypair for converting an EC point in compressed - * format to an uncompressed one - * - * Consumes everything or fails - inherited from - * mbedtls_ecp_point_read_binary(). - */ -static int pk_ecc_read_compressed(mbedtls_pk_context *pk, - const unsigned char *in_start, size_t in_len, - unsigned char *out_buf, size_t out_buf_size, - size_t *out_buf_len) -{ -#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) - mbedtls_ecp_keypair ecp_key; - mbedtls_ecp_group_id ecp_group_id; - int ret; - - ecp_group_id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); - - mbedtls_ecp_keypair_init(&ecp_key); - ret = mbedtls_ecp_group_load(&(ecp_key.grp), ecp_group_id); - if (ret != 0) { - return ret; - } - ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q, - in_start, in_len); - if (ret != 0) { - goto exit; - } - ret = mbedtls_ecp_point_write_binary(&(ecp_key.grp), &ecp_key.Q, - MBEDTLS_ECP_PF_UNCOMPRESSED, - out_buf_len, out_buf, out_buf_size); - -exit: - mbedtls_ecp_keypair_free(&ecp_key); - return ret; -#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ -} -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - -/* - * EC public key is an EC point - * - * The caller is responsible for clearing the structure upon failure if - * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE - * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state. - */ -static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, - mbedtls_pk_context *pk) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - mbedtls_svc_key_id_t key; - psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; - size_t len = (size_t) (end - *p); - - if (len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - - if ((**p == 0x02) || (**p == 0x03)) { - /* Compressed format, not supported by PSA Crypto. - * Try converting using functions from ECP_LIGHT. */ - ret = pk_ecc_read_compressed(pk, *p, len, - pk->pub_raw, - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE, - &pk->pub_raw_len); - if (ret != 0) { - return ret; - } - } else { - /* Uncompressed format */ - if (len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { - return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; - } - memcpy(pk->pub_raw, *p, len); - pk->pub_raw_len = len; - } - - /* Validate the key by trying to importing it */ - psa_set_key_usage_flags(&key_attrs, 0); - psa_set_key_algorithm(&key_attrs, PSA_ALG_ECDSA_ANY); - psa_set_key_type(&key_attrs, PSA_KEY_TYPE_ECC_PUBLIC_KEY(pk->ec_family)); - psa_set_key_bits(&key_attrs, pk->ec_bits); - - if ((psa_import_key(&key_attrs, pk->pub_raw, pk->pub_raw_len, - &key) != PSA_SUCCESS) || - (psa_destroy_key(key) != PSA_SUCCESS)) { - mbedtls_platform_zeroize(pk->pub_raw, MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN); - pk->pub_raw_len = 0; - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - ret = 0; -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - mbedtls_ecp_keypair *ec_key = (mbedtls_ecp_keypair *) pk->pk_ctx; - if ((ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, - (const unsigned char *) *p, - end - *p)) == 0) { - ret = mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); - } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - - /* - * We know mbedtls_ecp_point_read_binary and pk_ecc_read_compressed either - * consumed all bytes or failed, and memcpy consumed all bytes too. - */ - *p = (unsigned char *) end; - - return ret; -} #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #if defined(MBEDTLS_RSA_C) @@ -799,6 +811,12 @@ static int pk_get_pk_alg(unsigned char **p, return 0; } +/* Helper for Montgomery curves */ +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) +#define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \ + ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448)) +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ + /* * SubjectPublicKeyInfo ::= SEQUENCE { * algorithm AlgorithmIdentifier, From d1aa64239443ec4de20c0571f2dc56b50afa2586 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 22:24:23 +0200 Subject: [PATCH 135/191] Document pk_ecc_set_group() and pk_ecc_set_key() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 5a35c43fb..a12374358 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -69,6 +69,10 @@ /* * Set the group used by this key. + * + * [in/out] pk: in: must have been pk_setup() to an ECC type + * out: will have group (curve) information set + * [in] grp_in: a supported group ID (not NONE) */ static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) { @@ -104,12 +108,12 @@ static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) /* * Set the private key material * - * Must have already set the group with pk_ecc_set_group(). - * - * The 'key' argument points to the raw private key (no ASN.1 wrapping). + * [in/out] pk: in: must have the group set already, see pk_ecc_set_group(). + * out: will have the private key set. + * [in] key, key_len: the raw private key (no ASN.1 wrapping). */ static int pk_ecc_set_key(mbedtls_pk_context *pk, - unsigned char *key, size_t len) + unsigned char *key, size_t key_len) { #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -126,13 +130,13 @@ static int pk_ecc_set_key(mbedtls_pk_context *pk, } psa_set_key_usage_flags(&attributes, flags); - status = psa_import_key(&attributes, key, len, &pk->priv_id); + status = psa_import_key(&attributes, key, key_len, &pk->priv_id); return psa_pk_status_to_mbedtls(status); #else /* MBEDTLS_PK_USE_PSA_EC_DATA */ mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); - int ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, len); + int ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, key_len); if (ret != 0) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } From de25194a20a978a253f8804f47c7cbcf7c402ef8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 22:33:58 +0200 Subject: [PATCH 136/191] Rename and document pk_ecc_set_pubkey_from_prv() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 33 ++++++++++++++++++++++----------- 1 file changed, 22 insertions(+), 11 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index a12374358..007e1fc03 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -145,23 +145,34 @@ static int pk_ecc_set_key(mbedtls_pk_context *pk, } /* - * Helper function for deriving a public key from its private counterpart. + * Derive a public key from its private counterpart. + * Computationally intensive, only use when public key is not available. + * + * [in/out] pk: in: must have the private key set, see pk_ecc_set_key(). + * out: will have the public key set. + * [in] prv, prv_len: the raw private key (see note below). + * [in] f_rng, p_rng: RNG function and context. * * Note: the private key information is always available from pk, * however for convenience the serialized version is also passed, * as it's available at each calling site, and useful in some configs * (as otherwise we're have to re-serialize it from the pk context). + * + * There are three implementations of this function: + * 1. MBEDTLS_PK_USE_PSA_EC_DATA, + * 2. MBEDTLS_USE_PSA_CRYPTO but not MBEDTLS_PK_USE_PSA_EC_DATA, + * 3. not MBEDTLS_USE_PSA_CRYPTO. */ -static int pk_derive_public_key(mbedtls_pk_context *pk, - const unsigned char *d, size_t d_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +static int pk_ecc_set_pubkey_from_prv(mbedtls_pk_context *pk, + const unsigned char *prv, size_t prv_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) psa_status_t status; (void) f_rng; (void) p_rng; - (void) d; - (void) d_len; + (void) prv; + (void) prv_len; status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), &pk->pub_raw_len); @@ -184,7 +195,7 @@ static int pk_derive_public_key(mbedtls_pk_context *pk, psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); - status = psa_import_key(&key_attr, d, d_len, &key_id); + status = psa_import_key(&key_attr, prv, prv_len, &key_id); ret = psa_pk_status_to_mbedtls(status); if (ret != 0) { return ret; @@ -201,8 +212,8 @@ static int pk_derive_public_key(mbedtls_pk_context *pk, return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); #else /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; - (void) d; - (void) d_len; + (void) prv; + (void) prv_len; return mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -696,7 +707,7 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, /* pk_parse_key_pkcs8_unencrypted_der() only supports version 1 PKCS8 keys, * which never contain a public key. As such, derive the public key * unconditionally. */ - if ((ret = pk_derive_public_key(pk, key, len, f_rng, p_rng)) != 0) { + if ((ret = pk_ecc_set_pubkey_from_prv(pk, key, len, f_rng, p_rng)) != 0) { return ret; } @@ -1201,7 +1212,7 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, } if (!pubkey_done) { - if ((ret = pk_derive_public_key(pk, d, d_len, f_rng, p_rng)) != 0) { + if ((ret = pk_ecc_set_pubkey_from_prv(pk, d, d_len, f_rng, p_rng)) != 0) { return ret; } } From 0b8e45650f0b8d322a823b61ad9a90a2e7cbbbfd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 22:43:25 +0200 Subject: [PATCH 137/191] Tune body of pk_ecc_set_pubkey_from_prv() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - avoid useless use of ret in PSA code, keep only status - improve variable names - keep declarations closer to use - a few internal comments Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 43 ++++++++++++++++++++++++------------------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 007e1fc03..826412a54 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -168,54 +168,59 @@ static int pk_ecc_set_pubkey_from_prv(mbedtls_pk_context *pk, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_status_t status; + (void) f_rng; (void) p_rng; (void) prv; (void) prv_len; + psa_status_t status; status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), &pk->pub_raw_len); return psa_pk_status_to_mbedtls(status); + #elif defined(MBEDTLS_USE_PSA_CRYPTO) /* && !MBEDTLS_PK_USE_PSA_EC_DATA */ - int ret; - psa_status_t status; + (void) f_rng; (void) p_rng; + psa_status_t status; mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; - unsigned char key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; - size_t key_len; - mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; - psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; size_t curve_bits; psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(eck->grp.id, &curve_bits); - psa_status_t destruction_status; + /* Import private key into PSA, from serialized input */ + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); - status = psa_import_key(&key_attr, prv, prv_len, &key_id); - ret = psa_pk_status_to_mbedtls(status); - if (ret != 0) { - return ret; + if (status != PSA_SUCCESS) { + return psa_pk_status_to_mbedtls(status); } - status = psa_export_public_key(key_id, key_buf, sizeof(key_buf), &key_len); - ret = psa_pk_status_to_mbedtls(status); - destruction_status = psa_destroy_key(key_id); - if (ret != 0) { - return ret; + /* Export public key from PSA */ + unsigned char pub[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t pub_len; + status = psa_export_public_key(key_id, pub, sizeof(pub), &pub_len); + psa_status_t destruction_status = psa_destroy_key(key_id); + if (status != PSA_SUCCESS) { + return psa_pk_status_to_mbedtls(status); } else if (destruction_status != PSA_SUCCESS) { return psa_pk_status_to_mbedtls(destruction_status); } - return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); + + /* Load serialized public key into ecp_keypair structure */ + return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, pub, pub_len); + #else /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; + (void) prv; (void) prv_len; + mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; return mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); + #endif /* MBEDTLS_USE_PSA_CRYPTO */ } From 681e30b7275c408549db58a20c8a999c98ab4fce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 23:03:35 +0200 Subject: [PATCH 138/191] Rework pk_ecc_set_pubkey_psa_ecp_fallback() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - new semantic: sets the pubkey directly in the PK context - new name to reflect that semantic and obey the naming scheme - trivial case first - documentation and better parameter names Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 38 +++++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 17 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 826412a54..91f56062d 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -226,18 +226,26 @@ static int pk_ecc_set_pubkey_from_prv(mbedtls_pk_context *pk, #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) /* - * Create a temporary ecp_keypair for converting an EC point in compressed - * format to an uncompressed one + * Set the public key: fallback using ECP_LIGHT in the USE_PSA_EC_DATA case. * - * Consumes everything or fails - inherited from - * mbedtls_ecp_point_read_binary(). + * Normally, when MBEDTLS_PK_USE_PSA_EC_DATA is enabled, we only use PSA + * functions to handle keys. However, currently psa_import_key() does not + * support compressed points. In case that support was explicitly requested, + * this fallback uses ECP functions to get the job done. This is the reason + * why MBEDTLS_PK_PARSE_EC_COMPRESSED auto-enables MBEDTLS_ECP_LIGHT. + * + * [in/out] pk: in: must have the group set, see pk_ecc_set_group(). + * out: will have the public key set. + * [in] pub, pub_len: the public key as an ECPoint, + * in any format supported by ECP. */ -static int pk_ecc_read_compressed(mbedtls_pk_context *pk, - const unsigned char *in_start, size_t in_len, - unsigned char *out_buf, size_t out_buf_size, - size_t *out_buf_len) +static int pk_ecc_set_pubkey_psa_ecp_fallback(mbedtls_pk_context *pk, + const unsigned char *pub, + size_t pub_len) { -#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) +#if !defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ mbedtls_ecp_keypair ecp_key; mbedtls_ecp_group_id ecp_group_id; int ret; @@ -250,19 +258,18 @@ static int pk_ecc_read_compressed(mbedtls_pk_context *pk, return ret; } ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q, - in_start, in_len); + pub, pub_len); if (ret != 0) { goto exit; } ret = mbedtls_ecp_point_write_binary(&(ecp_key.grp), &ecp_key.Q, MBEDTLS_ECP_PF_UNCOMPRESSED, - out_buf_len, out_buf, out_buf_size); + &pk->pub_raw_len, pk->pub_raw, + sizeof(pk->pub_raw)); exit: mbedtls_ecp_keypair_free(&ecp_key); return ret; -#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ } #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ @@ -291,10 +298,7 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, if ((**p == 0x02) || (**p == 0x03)) { /* Compressed format, not supported by PSA Crypto. * Try converting using functions from ECP_LIGHT. */ - ret = pk_ecc_read_compressed(pk, *p, len, - pk->pub_raw, - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE, - &pk->pub_raw_len); + ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, *p, len); if (ret != 0) { return ret; } From e4c883bc8cc64141b764b30ad0bc5c820e6831d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 23:31:01 +0200 Subject: [PATCH 139/191] New signature for pk_ecc_set_pubkey() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also new name, for consistency, and documentation. The signature **p, *end is mostly for parsing functions that may not consume everything, and need to update the "current" pointer to reflect what has been consumed. This is not the case here. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 42 +++++++++++++++++------------------------- 1 file changed, 17 insertions(+), 25 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 91f56062d..f897c1e8c 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -275,40 +275,39 @@ exit: #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* - * EC public key is an EC point + * Set the public key. * - * The caller is responsible for clearing the structure upon failure if - * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE - * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state. + * [in/out] pk: in: must have its group set, see pk_ecc_set_group(). + * out: will have the public key set. + * [in] pub, pub_len: the raw public key (an ECPoint). */ -static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, - mbedtls_pk_context *pk) +static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, + const unsigned char *pub, size_t pub_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) mbedtls_svc_key_id_t key; psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; - size_t len = (size_t) (end - *p); - if (len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { + if (pub_len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - if ((**p == 0x02) || (**p == 0x03)) { + if ((*pub == 0x02) || (*pub == 0x03)) { /* Compressed format, not supported by PSA Crypto. * Try converting using functions from ECP_LIGHT. */ - ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, *p, len); + ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, pub, pub_len); if (ret != 0) { return ret; } } else { /* Uncompressed format */ - if (len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { + if (pub_len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; } - memcpy(pk->pub_raw, *p, len); - pk->pub_raw_len = len; + memcpy(pk->pub_raw, pub, pub_len); + pk->pub_raw_len = pub_len; } /* Validate the key by trying to importing it */ @@ -328,18 +327,10 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, #else /* MBEDTLS_PK_USE_PSA_EC_DATA */ mbedtls_ecp_keypair *ec_key = (mbedtls_ecp_keypair *) pk->pk_ctx; if ((ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, - (const unsigned char *) *p, - end - *p)) == 0) { + pub, pub_len)) == 0) { ret = mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); } #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - - /* - * We know mbedtls_ecp_point_read_binary and pk_ecc_read_compressed either - * consumed all bytes or failed, and memcpy consumed all bytes too. - */ - *p = (unsigned char *) end; - return ret; } @@ -900,7 +891,8 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, ret = pk_use_ecparams(&alg_params, pk); } if (ret == 0) { - ret = pk_get_ecpubkey(p, end, pk); + ret = pk_ecc_set_pubkey(pk, *p, end - *p); + *p += end - *p; } } else #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ @@ -1204,11 +1196,11 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - if ((ret = pk_get_ecpubkey(&p, end2, pk)) == 0) { + if ((ret = pk_ecc_set_pubkey(pk, p, end2 - p)) == 0) { pubkey_done = 1; } else { /* - * The only acceptable failure mode of pk_get_ecpubkey() above + * The only acceptable failure mode of pk_ecc_set_pubkey() above * is if the point format is not recognized. */ if (ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE) { From ff72ea9d518b5cfda03288adb586e0c6055d6103 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 23:56:05 +0200 Subject: [PATCH 140/191] Rework pk_ecc_set_pubkey() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Fix the logic around format: we were just assuming that if the format was not compressed, it was uncompressed, but it could also have been just invalid. - Remove redundant length check: the fallback does its own checks. - Remove set_algorithm() that's not needed and introduced a depencency on ECDSA. - Some style / naming / scope reduction. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 57 ++++++++++++++++++++++------------------------- 1 file changed, 27 insertions(+), 30 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index f897c1e8c..e8678ed34 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -284,54 +284,51 @@ exit: static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, const unsigned char *pub, size_t pub_len) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - mbedtls_svc_key_id_t key; - psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; - if (pub_len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - - if ((*pub == 0x02) || (*pub == 0x03)) { - /* Compressed format, not supported by PSA Crypto. - * Try converting using functions from ECP_LIGHT. */ - ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, pub, pub_len); - if (ret != 0) { - return ret; - } - } else { - /* Uncompressed format */ - if (pub_len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { + /* Load the key */ + if (*pub == 0x04) { + /* Uncompressed format, directly supported by PSA */ + if (pub_len > sizeof(pk->pub_raw)) { return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; } memcpy(pk->pub_raw, pub, pub_len); pk->pub_raw_len = pub_len; + } else { + /* Other format, try the fallback */ + int ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, pub, pub_len); + if (ret != 0) { + return ret; + } } - /* Validate the key by trying to importing it */ + /* Validate the key by trying to import it */ + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; + psa_set_key_usage_flags(&key_attrs, 0); - psa_set_key_algorithm(&key_attrs, PSA_ALG_ECDSA_ANY); psa_set_key_type(&key_attrs, PSA_KEY_TYPE_ECC_PUBLIC_KEY(pk->ec_family)); psa_set_key_bits(&key_attrs, pk->ec_bits); if ((psa_import_key(&key_attrs, pk->pub_raw, pk->pub_raw_len, - &key) != PSA_SUCCESS) || - (psa_destroy_key(key) != PSA_SUCCESS)) { - mbedtls_platform_zeroize(pk->pub_raw, MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN); - pk->pub_raw_len = 0; - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + &key_id) != PSA_SUCCESS) || + (psa_destroy_key(key_id) != PSA_SUCCESS)) { + return MBEDTLS_ERR_PK_INVALID_PUBKEY; } - ret = 0; + + return 0; + #else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + + int ret; mbedtls_ecp_keypair *ec_key = (mbedtls_ecp_keypair *) pk->pk_ctx; - if ((ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, - pub, pub_len)) == 0) { - ret = mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); + ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, pub, pub_len); + if (ret != 0) { + return ret; } + return mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); + #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - return ret; } /*********************************************************************** From fac9819edcbc4b647dc44b99909972cac066970c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 27 Jul 2023 09:19:42 +0200 Subject: [PATCH 141/191] Fix and document return of pk_ecc_set_pubkey() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit One of the calling site needs to distinguish between "the format is potentially valid but not supported" vs "other errors", and it uses MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE for that. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index e8678ed34..d12984fb0 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -238,13 +238,19 @@ static int pk_ecc_set_pubkey_from_prv(mbedtls_pk_context *pk, * out: will have the public key set. * [in] pub, pub_len: the public key as an ECPoint, * in any format supported by ECP. + * + * Return: + * - 0 on success; + * - MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the format is potentially valid + * but not supported; + * - another error code otherwise. */ static int pk_ecc_set_pubkey_psa_ecp_fallback(mbedtls_pk_context *pk, const unsigned char *pub, size_t pub_len) { #if !defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ mbedtls_ecp_keypair ecp_key; mbedtls_ecp_group_id ecp_group_id; @@ -280,6 +286,12 @@ exit: * [in/out] pk: in: must have its group set, see pk_ecc_set_group(). * out: will have the public key set. * [in] pub, pub_len: the raw public key (an ECPoint). + * + * Return: + * - 0 on success; + * - MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the format is potentially valid + * but not supported; + * - another error code otherwise. */ static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, const unsigned char *pub, size_t pub_len) From 12ea63a5f7b96b2169331a40221b0f5779111201 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 27 Jul 2023 12:20:16 +0200 Subject: [PATCH 142/191] Abstract away MBEDTLS_PK_PARSE_EC_EXTENDED MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 69 +++++++++++++++++++++++++++++++++++------------ 1 file changed, 52 insertions(+), 17 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index d12984fb0..9d87a7150 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -345,15 +345,51 @@ static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, /*********************************************************************** * - * Unsorted (yet!) from this point on until the next section header + * Low-level ECC parsing: optional support for SpecifiedECDomain + * + * There are two functions here that are used by the rest of the code: + * - pk_ecc_tag_may_be_speficied_ec_domain() + * - pk_ecc_group_id_from_specified() + * + * All the other functions are internal to this section. + * + * The two "public" functions have a dummy variant provided + * in configs without MBEDTLS_PK_PARSE_EC_EXTENDED. This acts as an + * abstraction layer for this macro, which should not appear outside + * this section. * **********************************************************************/ -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) +#if !defined(MBEDTLS_PK_PARSE_EC_EXTENDED) +/* See the "real" version for documentation */ +static int pk_ecc_tag_may_be_specified_ec_domain(int tag) +{ + (void) tag; + return 0; +} + +/* See the "real" version for documentation */ +static int pk_ecc_group_id_from_specified(const mbedtls_asn1_buf *params, + mbedtls_ecp_group_id *grp_id) +{ + (void) params; + (void) grp_id; + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; +} +#else /* MBEDTLS_PK_PARSE_EC_EXTENDED */ +/* + * Tell if the passed tag might be the start of SpecifiedECDomain + * (that is, a sequence). + */ +static int pk_ecc_tag_may_be_specified_ec_domain(int tag) +{ + return tag == (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); +} + /* * Parse a SpecifiedECDomain (SEC 1 C.2) and (mostly) fill the group with it. * WARNING: the resulting group should only be used with - * pk_group_id_from_specified(), since its base point may not be set correctly + * pk_ecc_group_id_from_specified(), since its base point may not be set correctly * if it was encoded compressed. * * SpecifiedECDomain ::= SEQUENCE { @@ -562,8 +598,8 @@ cleanup: /* * Parse a SpecifiedECDomain (SEC 1 C.2) and find the associated group ID */ -static int pk_group_id_from_specified(const mbedtls_asn1_buf *params, - mbedtls_ecp_group_id *grp_id) +static int pk_ecc_group_id_from_specified(const mbedtls_asn1_buf *params, + mbedtls_ecp_group_id *grp_id) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group grp; @@ -578,7 +614,7 @@ static int pk_group_id_from_specified(const mbedtls_asn1_buf *params, cleanup: /* The API respecting lifecycle for mbedtls_ecp_group struct is - * _init(), _load() and _free(). In pk_group_id_from_specified() the + * _init(), _load() and _free(). In pk_ecc_group_id_from_specified() the * temporary grp breaks that flow and it's members are populated * by pk_group_id_from_group(). As such mbedtls_ecp_group_free() * which is assuming a group populated by _setup() may not clean-up @@ -594,6 +630,11 @@ cleanup: } #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ +/*********************************************************************** + * + * Unsorted (yet!) from this point on until the next section header + * + **********************************************************************/ /* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf * @@ -613,13 +654,10 @@ static int pk_get_ecparams(unsigned char **p, const unsigned char *end, MBEDTLS_ERR_ASN1_OUT_OF_DATA); } - /* Tag may be either OID or SEQUENCE */ + /* Acceptable tags: OID for namedCurve, or specifiedECDomain */ params->tag = **p; - if (params->tag != MBEDTLS_ASN1_OID -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - && params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) -#endif - ) { + if (params->tag != MBEDTLS_ASN1_OID && + !pk_ecc_tag_may_be_specified_ec_domain(params->tag)) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } @@ -657,13 +695,10 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_pk_context *p return MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE; } } else { -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - if ((ret = pk_group_id_from_specified(params, &grp_id)) != 0) { + ret = pk_ecc_group_id_from_specified(params, &grp_id); + if (ret != 0) { return ret; } -#else - return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; -#endif } return pk_ecc_set_group(pk, grp_id); From 53d3e40a21c9c56a053c25ec8fe801ccb796a18e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 1 Aug 2023 11:19:24 +0200 Subject: [PATCH 143/191] Fix unused warnings in dummy definition MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/pkparse.c b/library/pkparse.c index 9d87a7150..ffa91d30d 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -250,6 +250,9 @@ static int pk_ecc_set_pubkey_psa_ecp_fallback(mbedtls_pk_context *pk, size_t pub_len) { #if !defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) + (void) pk; + (void) pub; + (void) pub_len; return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ mbedtls_ecp_keypair ecp_key; From 564bc1bb960cd4d67a3d58488fff53565cf74ef2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 2 Aug 2023 12:05:16 +0200 Subject: [PATCH 144/191] Fix limitation in checking supported alg in pk_sign MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The recent changes in pkparse made it so ECDSA (deterministic or not) is set as the secondary alg and ECDH the first one. This broke the wrapper in pk_wrap as it was only checking the first alg when deciding whether to use deterministic or not. The wrapper should not have unnecessary requirements on how algs are set up, so make the check more flexible. Signed-off-by: Manuel Pégourié-Gonnard --- library/pk_wrap.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 53e11d5cb..2c6783674 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -976,16 +976,17 @@ static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg, psa_status_t status; psa_algorithm_t psa_sig_md; psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg; + psa_algorithm_t alg, alg2; status = psa_get_key_attributes(key_id, &key_attr); if (status != PSA_SUCCESS) { return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); } alg = psa_get_key_algorithm(&key_attr); + alg2 = psa_get_key_enrollment_algorithm(&key_attr); psa_reset_key_attributes(&key_attr); - if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) { + if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) || PSA_ALG_IS_DETERMINISTIC_ECDSA(alg2)) { psa_sig_md = PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); } else { psa_sig_md = PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); From 94cf1f82ad73ea2dcf68367d9daf18a13e3b3db5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 2 Aug 2023 12:09:24 +0200 Subject: [PATCH 145/191] Fix a typo in a comment MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index ffa91d30d..bb6db0824 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -156,7 +156,7 @@ static int pk_ecc_set_key(mbedtls_pk_context *pk, * Note: the private key information is always available from pk, * however for convenience the serialized version is also passed, * as it's available at each calling site, and useful in some configs - * (as otherwise we're have to re-serialize it from the pk context). + * (as otherwise we would have to re-serialize it from the pk context). * * There are three implementations of this function: * 1. MBEDTLS_PK_USE_PSA_EC_DATA, From 842ffc5085a12998407de61d465c3d2fbb910e04 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 2 Aug 2023 12:10:51 +0200 Subject: [PATCH 146/191] Make code more robust MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Using return here is only correct if we know that group_load() is atomic (either succeeds, or allocates no ressources). I'm not sure it is, and even if it were, goto exit is more obviously correct, so let's use that. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index bb6db0824..b0eef95a3 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -264,7 +264,7 @@ static int pk_ecc_set_pubkey_psa_ecp_fallback(mbedtls_pk_context *pk, mbedtls_ecp_keypair_init(&ecp_key); ret = mbedtls_ecp_group_load(&(ecp_key.grp), ecp_group_id); if (ret != 0) { - return ret; + goto exit; } ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q, pub, pub_len); From f1b7633443ef3c4709e594817fd7e57645404472 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 2 Aug 2023 12:14:19 +0200 Subject: [PATCH 147/191] Use clearer function name MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I went for "may be" as I was thinking just checking the tag technically does not guarantee that what follows is correct, but I was wrong: according to ASN.1, when there are variants, the tag does distinguish unambiguously between variants, so we can be more positive here. (Whether the thing inside that variant is correct is a different question.) As a welcome side effect, this makes the name more standard hence more readable. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index b0eef95a3..820c8d1cf 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -351,7 +351,7 @@ static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, * Low-level ECC parsing: optional support for SpecifiedECDomain * * There are two functions here that are used by the rest of the code: - * - pk_ecc_tag_may_be_speficied_ec_domain() + * - pk_ecc_tag_is_speficied_ec_domain() * - pk_ecc_group_id_from_specified() * * All the other functions are internal to this section. @@ -365,7 +365,7 @@ static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, #if !defined(MBEDTLS_PK_PARSE_EC_EXTENDED) /* See the "real" version for documentation */ -static int pk_ecc_tag_may_be_specified_ec_domain(int tag) +static int pk_ecc_tag_is_specified_ec_domain(int tag) { (void) tag; return 0; @@ -384,7 +384,7 @@ static int pk_ecc_group_id_from_specified(const mbedtls_asn1_buf *params, * Tell if the passed tag might be the start of SpecifiedECDomain * (that is, a sequence). */ -static int pk_ecc_tag_may_be_specified_ec_domain(int tag) +static int pk_ecc_tag_is_specified_ec_domain(int tag) { return tag == (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); } @@ -660,7 +660,7 @@ static int pk_get_ecparams(unsigned char **p, const unsigned char *end, /* Acceptable tags: OID for namedCurve, or specifiedECDomain */ params->tag = **p; if (params->tag != MBEDTLS_ASN1_OID && - !pk_ecc_tag_may_be_specified_ec_domain(params->tag)) { + !pk_ecc_tag_is_specified_ec_domain(params->tag)) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } From 52e9548c227d659fb889d3a73657244608cf8d82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 3 Aug 2023 10:22:41 +0200 Subject: [PATCH 148/191] Fix check for format supported by PSA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For non-Weierstrass curves there's only one format and it's supported. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 820c8d1cf..b4299518f 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -302,8 +302,10 @@ static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) /* Load the key */ - if (*pub == 0x04) { - /* Uncompressed format, directly supported by PSA */ + if (!PSA_ECC_FAMILY_IS_WEIERSTRASS(pk->ec_family) || *pub == 0x04) { + /* Format directly supported by PSA: + * - non-Weierstrass curves that only have one format; + * - uncompressed format for Weierstrass curves. */ if (pub_len > sizeof(pk->pub_raw)) { return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; } From 05216335596a21e0986a6c617f989ee2f1c4a0e8 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 11:22:21 +0200 Subject: [PATCH 149/191] cipher: fix guards in mbedtls_cipher_auth_[encrypt/decrypt]_ext() Signed-off-by: Valerio Setti --- library/cipher.c | 8 ++++---- tests/suites/test_suite_cipher.function | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index 7009c19b4..c5d82cb9c 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1607,7 +1607,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) /* AEAD case: check length before passing on to shared function */ if (output_len < ilen + tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1620,7 +1620,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, return ret; #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ } /* @@ -1658,7 +1658,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) /* AEAD case: check length before passing on to shared function */ if (ilen < tag_len || output_len < ilen - tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1669,7 +1669,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, input + ilen - tag_len, tag_len); #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ } #endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY || MBEDTLS_NIST_KW_C */ diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index da43fda19..9679e019d 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -85,7 +85,7 @@ exit: return 0; } -#if defined(MBEDTLS_CIPHER_AUTH_CRYPT) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) /* Helper for resetting key/direction * * The documentation doesn't explicitly say whether calling @@ -842,7 +842,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_AUTH_CRYPT */ +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, data_t *ad, data_t *cipher, data_t *tag, char *result, data_t *clear, int use_psa) From d35b188a5cf0e9e706129a8a04bebbfd3047d3c3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 16 Oct 2023 10:25:30 +0100 Subject: [PATCH 150/191] Make component_build_aes_aesce_armcc silent Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 91ed1a566..8adf3f485 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4340,13 +4340,18 @@ component_build_aes_aesce_armcc () { } support_build_sha_armce() { - # clang >= 4 is required to build with SHA extensions - clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" + if ( $(which clang > /dev/null) ); then + # clang >= 4 is required to build with SHA extensions + clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 + # we need asm/hwcap.h available for runtime detection + echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 - [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] + [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] + else + # clang not available + false + fi } component_build_sha_armce () { From 596ef6c0b1031f518e85f2d1a102eba570d8c0de Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 11:26:08 +0200 Subject: [PATCH 151/191] cipher: reset MBEDTLS_CIPHER_HAVE_AEAD_LEGACY to previous naming Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 6 +++--- library/cipher.c | 16 ++++++++-------- tests/suites/test_suite_cipher.function | 4 ++-- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index e13bee6a0..3a98976d5 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -34,7 +34,7 @@ #include "mbedtls/platform_util.h" #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) -#define MBEDTLS_CIPHER_HAVE_AEAD_LEGACY +#define MBEDTLS_CIPHER_HAVE_AEAD #endif #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1080,7 +1080,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen); -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) || defined(MBEDTLS_NIST_KW_C) /** * \brief The authenticated encryption (AEAD/NIST_KW) function. * @@ -1187,7 +1187,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len); -#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD || MBEDTLS_NIST_KW_C */ #ifdef __cplusplus } #endif diff --git a/library/cipher.c b/library/cipher.c index c5d82cb9c..97dd0e95a 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1390,7 +1390,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, return 0; } -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) /* * Packet-oriented encryption for AEAD modes: internal function used by * mbedtls_cipher_auth_encrypt_ext(). @@ -1569,9 +1569,9 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) || defined(MBEDTLS_NIST_KW_C) /* * Packet-oriented encryption for AEAD/NIST_KW: public function. */ @@ -1607,7 +1607,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) /* AEAD case: check length before passing on to shared function */ if (output_len < ilen + tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1620,7 +1620,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, return ret; #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ } /* @@ -1658,7 +1658,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) /* AEAD case: check length before passing on to shared function */ if (ilen < tag_len || output_len < ilen - tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1669,8 +1669,8 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, input + ilen - tag_len, tag_len); #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ } -#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD || MBEDTLS_NIST_KW_C */ #endif /* MBEDTLS_CIPHER_C */ diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 9679e019d..3403af0b1 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -85,7 +85,7 @@ exit: return 0; } -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) /* Helper for resetting key/direction * * The documentation doesn't explicitly say whether calling @@ -842,7 +842,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_HAVE_AEAD */ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, data_t *ad, data_t *cipher, data_t *tag, char *result, data_t *clear, int use_psa) From dcee98730b544e77321ea0a73c42f46385abe614 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 11:35:57 +0200 Subject: [PATCH 152/191] cipher_wrap: add VIA_LEGACY_OR_USE_PSA to new internal symbols Signed-off-by: Valerio Setti --- library/cipher_wrap.c | 34 ++++++++++++------------- library/cipher_wrap.h | 20 ++++++++------- tests/suites/test_suite_cipher.function | 2 +- 3 files changed, 29 insertions(+), 27 deletions(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 63b725fb7..4e1e996c6 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -80,7 +80,7 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_CAMELLIA_C) MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, #endif -#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA) MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -104,7 +104,7 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_DES_C) MBEDTLS_CIPHER_BASE_INDEX_DES, #endif -#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA) MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) @@ -578,7 +578,7 @@ static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key, } #endif /* MBEDTLS_GCM_C */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_base_t gcm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -612,9 +612,9 @@ static const mbedtls_cipher_base_t gcm_aes_info = { NULL, #endif /* MBEDTLS_GCM_C */ }; -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_info_t aes_128_gcm_info = { "AES-128-GCM", 16, @@ -649,7 +649,7 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; #endif -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA */ #if defined(MBEDTLS_CCM_C) static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, @@ -660,7 +660,7 @@ static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, } #endif /* MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_base_t ccm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -694,9 +694,9 @@ static const mbedtls_cipher_base_t ccm_aes_info = { NULL, #endif }; -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_info_t aes_128_ccm_info = { "AES-128-CCM", 16, @@ -731,9 +731,9 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { "AES-128-CCM*-NO-TAG", 16, @@ -768,7 +768,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA */ #endif /* MBEDTLS_AES_C */ @@ -2269,21 +2269,21 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { MBEDTLS_CIPHER_AES_256_XTS, &aes_256_xts_info }, #endif #endif -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA) { MBEDTLS_CIPHER_AES_128_GCM, &aes_128_gcm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_GCM, &aes_192_gcm_info }, { MBEDTLS_CIPHER_AES_256_GCM, &aes_256_gcm_info }, #endif #endif -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA) { MBEDTLS_CIPHER_AES_128_CCM, &aes_128_ccm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM, &aes_192_ccm_info }, { MBEDTLS_CIPHER_AES_256_CCM, &aes_256_ccm_info }, #endif #endif -#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA) { MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, &aes_128_ccm_star_no_tag_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, &aes_192_ccm_star_no_tag_info }, @@ -2413,7 +2413,7 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_CAMELLIA_C) [MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA] = &camellia_info, #endif -#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA) [MBEDTLS_CIPHER_BASE_INDEX_CCM_AES] = &ccm_aes_info, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -2437,7 +2437,7 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_DES_C) [MBEDTLS_CIPHER_BASE_INDEX_DES] = &des_info, #endif -#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA) [MBEDTLS_CIPHER_BASE_INDEX_GCM_AES] = &gcm_aes_info, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index 53cf12ff4..c1915bce9 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -39,37 +39,39 @@ extern "C" { /* Support for GCM either through Mbed TLS SW implementation or PSA */ #if defined(MBEDTLS_GCM_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) -#define MBEDTLS_CIPHER_HAVE_GCM +#define MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES)) -#define MBEDTLS_CIPHER_HAVE_GCM_AES +#define MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA #endif #if defined(MBEDTLS_CCM_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) -#define MBEDTLS_CIPHER_HAVE_CCM +#define MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA #endif #if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES)) -#define MBEDTLS_CIPHER_HAVE_CCM_AES +#define MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA #endif #if defined(MBEDTLS_CCM_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) -#define MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG +#define MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA #endif #if defined(MBEDTLS_CHACHAPOLY_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) -#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY +#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY_VIA_LEGACY_OR_USE_PSA #endif -#if defined(MBEDTLS_CIPHER_HAVE_GCM) || defined(MBEDTLS_CIPHER_HAVE_CCM) || \ - defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) || defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) -#define MBEDTLS_CIPHER_HAVE_SOME_AEAD +#if defined(MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA) || \ + defined(MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA) || \ + defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA) || \ + defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY_VIA_LEGACY_OR_USE_PSA) +#define MBEDTLS_CIPHER_HAVE_SOME_AEAD_VIA_LEGACY_OR_USE_PSA #endif /** diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 3403af0b1..6fd94ce22 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -6,7 +6,7 @@ #include "mbedtls/gcm.h" #endif -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD_VIA_LEGACY_OR_USE_PSA) || defined(MBEDTLS_NIST_KW_C) #define MBEDTLS_CIPHER_AUTH_CRYPT #endif From f2ea08ae5039e30fba8289ea26a0d04f432852c0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 16 Oct 2023 11:37:28 +0100 Subject: [PATCH 153/191] Improve test for clang presence Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8adf3f485..28767eb3f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4340,7 +4340,7 @@ component_build_aes_aesce_armcc () { } support_build_sha_armce() { - if ( $(which clang > /dev/null) ); then + if command -v clang > /dev/null ; then # clang >= 4 is required to build with SHA extensions clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" From 74cb404b0d779fe04b80a482c4562b9b41e9ee27 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 13:40:50 +0200 Subject: [PATCH 154/191] ssl: improve ssl_check_key_curve() Signed-off-by: Valerio Setti --- library/ssl_tls12_server.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 4433e8b4a..6f5472416 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -676,11 +676,7 @@ static int ssl_check_key_curve(mbedtls_pk_context *pk, uint16_t *curves_tls_id) { uint16_t *curr_tls_id = curves_tls_id; -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); -#else - mbedtls_ecp_group_id grp_id = mbedtls_pk_ec_ro(*pk)->grp.id; -#endif + mbedtls_ecp_group_id grp_id = mbedtls_pk_get_group_id(pk); mbedtls_ecp_group_id curr_grp_id; while (*curr_tls_id != 0) { From b0c618e147554e672b6c3f438127e1163157e807 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 14:19:49 +0200 Subject: [PATCH 155/191] analyze_outcomes: minor improvements Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 49445a473..105a4aaed 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -27,7 +27,7 @@ class TestLog: self.output = self.output + (fmt + '\n').format(*args, **kwargs) def info(self, fmt, *args, **kwargs): - self.add_line(fmt, *args, **kwargs) + self.add_line('Info: ' + fmt, *args, **kwargs) def error(self, fmt, *args, **kwargs): self.info('Error: ' + fmt, *args, **kwargs) @@ -176,6 +176,9 @@ def do_analyze_driver_vs_reference(outcome_file, args): """Perform driver vs reference analyze.""" log = TestLog() + log.info("\n*** Analyze driver {} vs reference {} ***\n".format( + args['component_driver'], args['component_ref'])) + log = execute_reference_driver_tests(log, args['component_ref'], \ args['component_driver'], outcome_file) if log.error_count != 0: @@ -185,8 +188,6 @@ def do_analyze_driver_vs_reference(outcome_file, args): outcomes = read_outcome_file(outcome_file) - log.info("\n*** Analyze driver {} vs reference {} ***\n".format( - args['component_driver'], args['component_ref'])) log = analyze_driver_vs_reference(log, outcomes, args['component_ref'], args['component_driver'], ignored_suites, args['ignored_tests']) From 9fc1f24331c364398394db39a0e76baa8f200272 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 14:39:38 +0200 Subject: [PATCH 156/191] md: restore md.h includes in source files directly using its elements Signed-off-by: Valerio Setti --- include/mbedtls/oid.h | 1 + include/mbedtls/ssl.h | 1 + include/mbedtls/ssl_ciphersuites.h | 1 + library/x509write_crt.c | 1 + tests/suites/test_suite_entropy.function | 1 + tests/suites/test_suite_md.function | 1 + tests/suites/test_suite_pkcs1_v15.function | 1 + 7 files changed, 7 insertions(+) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 8ab7f7f94..954507229 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -34,6 +34,7 @@ #include "mbedtls/cipher.h" #endif +#include "mbedtls/md.h" /** OID is not found. */ #define MBEDTLS_ERR_OID_NOT_FOUND -0x002E diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b69e3150f..debb1cc2c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -40,6 +40,7 @@ #include "mbedtls/dhm.h" #endif +#include "mbedtls/md.h" #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) #include "mbedtls/ecdh.h" diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 07791e541..07f2facef 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -27,6 +27,7 @@ #include "mbedtls/pk.h" #include "mbedtls/cipher.h" +#include "mbedtls/md.h" #ifdef __cplusplus extern "C" { diff --git a/library/x509write_crt.c b/library/x509write_crt.c index c0657a827..a8a3022cb 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -33,6 +33,7 @@ #include "mbedtls/oid.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" +#include "mbedtls/md.h" #include #include diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 7c7e43f17..0e013b740 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -1,6 +1,7 @@ /* BEGIN_HEADER */ #include "mbedtls/entropy.h" #include "entropy_poll.h" +#include "mbedtls/md.h" #include "string.h" typedef enum { diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 71dcb8765..866ff588f 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -1,4 +1,5 @@ /* BEGIN_HEADER */ +#include "mbedtls/md.h" #include "md_psa.h" #include "mbedtls/oid.h" diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 716ae4453..711327455 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -1,5 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/rsa.h" +#include "mbedtls/md.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES From f3803a1f715245f36226abdd4b398bdb92fbdc85 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 16 Oct 2023 13:47:15 +0100 Subject: [PATCH 157/191] Cleanup validation interface Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7b801a3ec..f07de88f1 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3926,7 +3926,7 @@ component_build_tfm() { # The validator function is the name of a function to validate the combination of options. # It may be "" if all combinations are valid. # It receives a string containing a combination of options, as passed to the compiler, -# e.g. "-DOPT1 -DOPT2 ...". It must echo something iff the combination is invalid. +# e.g. "-DOPT1 -DOPT2 ...". It must return 0 iff the combination is valid, non-zero if invalid. build_test_config_combos() { file=$1 shift @@ -3975,7 +3975,7 @@ build_test_config_combos() { done # if combination is not known to be invalid, add it to the makefile - if [[ -z $validate_options ]] || [[ $($validate_options "${clang_args}") == "" ]] ; then + if [[ -z $validate_options ]] || $validate_options "${clang_args}"; then cmd="${compile_cmd} ${clang_args}" echo "${target}: ${source_file}; $cmd ${source_file}" >> ${makefile} @@ -3997,11 +3997,11 @@ build_test_config_combos() { validate_aes_config_variations() { if [[ "$1" == *"MBEDTLS_AES_USE_HARDWARE_ONLY"* ]]; then if [[ "$1" == *"MBEDTLS_PADLOCK_C"* ]]; then - echo INVALID + false fi if [[ !(("$HOSTTYPE" == "aarch64" && "$1" != *"MBEDTLS_AESCE_C"*) || \ ("$HOSTTYPE" == "x86_64" && "$1" != *"MBEDTLS_AESNI_C"*)) ]]; then - echo INVALID + false fi fi } From 41bc798d7cb258871ab13f3122b5971a4ce64be6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 16 Oct 2023 14:04:21 +0100 Subject: [PATCH 158/191] Tidy-up Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f07de88f1..7493c9734 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3997,13 +3997,14 @@ build_test_config_combos() { validate_aes_config_variations() { if [[ "$1" == *"MBEDTLS_AES_USE_HARDWARE_ONLY"* ]]; then if [[ "$1" == *"MBEDTLS_PADLOCK_C"* ]]; then - false + return 1 fi if [[ !(("$HOSTTYPE" == "aarch64" && "$1" != *"MBEDTLS_AESCE_C"*) || \ ("$HOSTTYPE" == "x86_64" && "$1" != *"MBEDTLS_AESNI_C"*)) ]]; then - false + return 1 fi fi + return 0 } component_build_aes_variations() { From 5329ff06b9456fecb7cbe42021177da14999c4c3 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 09:44:36 +0200 Subject: [PATCH 159/191] analyze_outcomes: print task list directly to stdout Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 105a4aaed..f1680adc9 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -679,8 +679,7 @@ def main(): if options.list: for task in KNOWN_TASKS: - main_log.info(task) - main_log.print_output() + print(task) sys.exit(0) if options.specified_tasks == 'all': From 6d429216339adf27c6404b78d67c4b674c75319e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 17 Oct 2023 10:01:33 +0200 Subject: [PATCH 160/191] Require at least on curve for ECP_LIGHT MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ECP_LIGHT is not usable without any curve, just the same as ECP_C. We forgot to update this check when introducing the ECP_LIGHT subset. Note: the message doesn't mention ECP_LIGHT as that's not a public config knob, hence the message with "ECP_C or a subset" (that's how it's referred to in user-facing documentation such as docs/driver-only-builds.md). Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/check_config.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index e18e9a5fc..cdc2be171 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -231,7 +231,7 @@ #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" #endif -#if defined(MBEDTLS_ECP_C) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ +#if defined(MBEDTLS_ECP_LIGHT) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \ @@ -245,7 +245,7 @@ !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \ !defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) ) -#error "MBEDTLS_ECP_C defined, but not all prerequisites" +#error "MBEDTLS_ECP_C defined (or a subset enabled), but not all prerequisites" #endif #if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_ASN1_PARSE_C) From 745ec5d75ebdebdc7f2c913d2e45d7d2e918e06e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 17 Oct 2023 10:13:45 +0200 Subject: [PATCH 161/191] Fix static initializer warning MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In a hypothetical build with no curves, or in the future when we add a new curve type and possibly forget updating this function with a new block for the new type, we write to `ret` at the beginning or the function then immediately overwrite it with MPI_CHK(check_privkey), which static analyzers understandably find questionable. Use `ret` here and check the key only if it was actually set. Signed-off-by: Manuel Pégourié-Gonnard --- library/ecp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/ecp.c b/library/ecp.c index 5f2a7b0c0..dfa095782 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3288,7 +3288,10 @@ int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&key->d, buf, buflen)); } #endif - MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d)); + + if (ret == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d)); + } cleanup: From fb2750e98e1f68e61a04b54ad6821bee89ee54a9 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 10:11:45 +0200 Subject: [PATCH 162/191] analyze_outcomes: exit immediately in case of invalid task Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index f1680adc9..28c55125c 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -688,24 +688,24 @@ def main(): tasks_list = re.split(r'[, ]+', options.specified_tasks) for task in tasks_list: if task not in KNOWN_TASKS: - main_log.error('invalid task: {}'.format(task)) + sys.stderr.write('invalid task: {}'.format(task)) + sys.exit(2) KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage all_succeeded = True - for task in KNOWN_TASKS: - if task in tasks_list: - test_function = KNOWN_TASKS[task]['test_function'] - test_args = KNOWN_TASKS[task]['args'] - test_log = test_function(options.outcomes, test_args) - # Merge the output of this task with the main one - main_log.output = main_log.output + test_log.output - main_log.info("Task {} completed with:\n".format(task) + \ - "{} warnings\n".format(test_log.warning_count) + \ - "{} errors\n".format(test_log.error_count)) - if test_log.error_count != 0: - all_succeeded = False + for task in tasks_list: + test_function = KNOWN_TASKS[task]['test_function'] + test_args = KNOWN_TASKS[task]['args'] + test_log = test_function(options.outcomes, test_args) + # Merge the output of this task with the main one + main_log.output = main_log.output + test_log.output + main_log.info("Task {} completed with:\n".format(task) + \ + "{} warnings\n".format(test_log.warning_count) + \ + "{} errors\n".format(test_log.error_count)) + if test_log.error_count != 0: + all_succeeded = False main_log.print_output() sys.exit(0 if all_succeeded else 1) From 3f339897628ebd9ee37320042099aa255a83823a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 10:42:11 +0200 Subject: [PATCH 163/191] analyze_outcomes: use a single TestLog instance and do not delay output Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 41 +++++++++++-------------------- 1 file changed, 14 insertions(+), 27 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 28c55125c..8ddbf6c1e 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -21,24 +21,21 @@ class TestLog: def __init__(self): self.error_count = 0 self.warning_count = 0 - self.output = "" - - def add_line(self, fmt, *args, **kwargs): - self.output = self.output + (fmt + '\n').format(*args, **kwargs) def info(self, fmt, *args, **kwargs): - self.add_line('Info: ' + fmt, *args, **kwargs) + self.print_line('Info: ' + fmt, *args, **kwargs) def error(self, fmt, *args, **kwargs): - self.info('Error: ' + fmt, *args, **kwargs) self.error_count += 1 + self.print_line('Error: ' + fmt, *args, **kwargs) def warning(self, fmt, *args, **kwargs): - self.info('Warning: ' + fmt, *args, **kwargs) self.warning_count += 1 + self.print_line('Warning: ' + fmt, *args, **kwargs) - def print_output(self): - sys.stderr.write(self.output) + @staticmethod + def print_line(fmt, *args, **kwargs): + sys.stderr.write(fmt, *args, **kwargs) class TestCaseOutcomes: """The outcomes of one test case across many configurations.""" @@ -164,25 +161,20 @@ by a semicolon. outcomes[key].failures.append(setup) return outcomes -def do_analyze_coverage(outcome_file, args): +def do_analyze_coverage(log: TestLog, outcome_file, args) -> TestLog: """Perform coverage analysis.""" - log = TestLog() log.info("\n*** Analyze coverage ***\n") outcomes = read_outcome_file(outcome_file) log = analyze_outcomes(log, outcomes, args) return log -def do_analyze_driver_vs_reference(outcome_file, args): +def do_analyze_driver_vs_reference(log: TestLog, outcome_file, args) -> TestLog: """Perform driver vs reference analyze.""" - log = TestLog() - log.info("\n*** Analyze driver {} vs reference {} ***\n".format( args['component_driver'], args['component_ref'])) log = execute_reference_driver_tests(log, args['component_ref'], \ args['component_driver'], outcome_file) - if log.error_count != 0: - return log ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] @@ -693,22 +685,17 @@ def main(): KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage - all_succeeded = True - for task in tasks_list: test_function = KNOWN_TASKS[task]['test_function'] test_args = KNOWN_TASKS[task]['args'] - test_log = test_function(options.outcomes, test_args) - # Merge the output of this task with the main one - main_log.output = main_log.output + test_log.output - main_log.info("Task {} completed with:\n".format(task) + \ - "{} warnings\n".format(test_log.warning_count) + \ - "{} errors\n".format(test_log.error_count)) - if test_log.error_count != 0: - all_succeeded = False + main_log = test_function(main_log, options.outcomes, test_args) + + main_log.info("Overall results:\n" + \ + "{} warnings\n".format(main_log.warning_count) + \ + "{} errors\n".format(main_log.error_count)) main_log.print_output() - sys.exit(0 if all_succeeded else 1) + sys.exit(0 if (main_log.error_count == 0) else 2) except Exception: # pylint: disable=broad-except # Print the backtrace and exit explicitly with our chosen status. From f075e47bc1ea7a02bfc5d9c44427ee4e7908a419 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 11:03:16 +0200 Subject: [PATCH 164/191] analyze_outcomes: reset name of TestLog to Results Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 67 +++++++++++++++---------------- 1 file changed, 33 insertions(+), 34 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 8ddbf6c1e..95f0cc697 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python3 + #!/usr/bin/env python3 """Analyze the test outcomes from a full CI run. @@ -15,7 +15,7 @@ import os import check_test_cases -class TestLog: +class Results: """Process analysis results.""" def __init__(self): @@ -56,27 +56,27 @@ class TestCaseOutcomes: """ return len(self.successes) + len(self.failures) -def execute_reference_driver_tests(log: TestLog, ref_component, driver_component, \ - outcome_file) -> TestLog: +def execute_reference_driver_tests(results: Results, ref_component, driver_component, \ + outcome_file) -> Results: """Run the tests specified in ref_component and driver_component. Results are stored in the output_file and they will be used for the following coverage analysis""" # If the outcome file already exists, we assume that the user wants to # perform the comparison analysis again without repeating the tests. if os.path.exists(outcome_file): - log.info("Outcome file (" + outcome_file + ") already exists. " + \ + results.info("Outcome file (" + outcome_file + ") already exists. " + \ "Tests will be skipped.") - return log + return results shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \ " " + ref_component + " " + driver_component - log.info("Running: " + shell_command) + results.info("Running: " + shell_command) ret_val = subprocess.run(shell_command.split(), check=False).returncode if ret_val != 0: - log.error("failed to run reference/driver components") + results.error("failed to run reference/driver components") - return log + return results def analyze_coverage(results, outcomes, allow_list, full_coverage): """Check that all available test cases are executed at least once.""" @@ -95,7 +95,7 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage): else: results.warning('Allow listed test case was executed: {}', key) -def analyze_driver_vs_reference(log: TestLog, outcomes, +def analyze_driver_vs_reference(results: Results, outcomes, component_ref, component_driver, ignored_suites, ignored_test=None): """Check that all tests executed in the reference component are also @@ -130,15 +130,15 @@ def analyze_driver_vs_reference(log: TestLog, outcomes, if component_ref in entry: reference_test_passed = True if(reference_test_passed and not driver_test_passed): - log.error(key) + results.error(key) - return log + return results -def analyze_outcomes(log: TestLog, outcomes, args) -> TestLog: +def analyze_outcomes(results: Results, outcomes, args) -> Results: """Run all analyses on the given outcome collection.""" - analyze_coverage(log, outcomes, args['allow_list'], + analyze_coverage(results, outcomes, args['allow_list'], args['full_coverage']) - return log + return results def read_outcome_file(outcome_file): """Parse an outcome file and return an outcome collection. @@ -161,30 +161,30 @@ by a semicolon. outcomes[key].failures.append(setup) return outcomes -def do_analyze_coverage(log: TestLog, outcome_file, args) -> TestLog: +def do_analyze_coverage(results: Results, outcome_file, args) -> Results: """Perform coverage analysis.""" - log.info("\n*** Analyze coverage ***\n") + results.info("\n*** Analyze coverage ***\n") outcomes = read_outcome_file(outcome_file) - log = analyze_outcomes(log, outcomes, args) - return log + results = analyze_outcomes(results, outcomes, args) + return results -def do_analyze_driver_vs_reference(log: TestLog, outcome_file, args) -> TestLog: +def do_analyze_driver_vs_reference(results: Results, outcome_file, args) -> Results: """Perform driver vs reference analyze.""" - log.info("\n*** Analyze driver {} vs reference {} ***\n".format( + results.info("\n*** Analyze driver {} vs reference {} ***\n".format( args['component_driver'], args['component_ref'])) - log = execute_reference_driver_tests(log, args['component_ref'], \ + results = execute_reference_driver_tests(results, args['component_ref'], \ args['component_driver'], outcome_file) ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] outcomes = read_outcome_file(outcome_file) - log = analyze_driver_vs_reference(log, outcomes, - args['component_ref'], args['component_driver'], - ignored_suites, args['ignored_tests']) + results = analyze_driver_vs_reference(results, outcomes, + args['component_ref'], args['component_driver'], + ignored_suites, args['ignored_tests']) - return log + return results # List of tasks with a function that can handle this task and additional arguments if required KNOWN_TASKS = { @@ -649,7 +649,7 @@ KNOWN_TASKS = { } def main(): - main_log = TestLog() + main_results = Results() try: parser = argparse.ArgumentParser(description=__doc__) @@ -688,14 +688,13 @@ def main(): for task in tasks_list: test_function = KNOWN_TASKS[task]['test_function'] test_args = KNOWN_TASKS[task]['args'] - main_log = test_function(main_log, options.outcomes, test_args) - - main_log.info("Overall results:\n" + \ - "{} warnings\n".format(main_log.warning_count) + \ - "{} errors\n".format(main_log.error_count)) + main_results = test_function(main_results, options.outcomes, test_args) - main_log.print_output() - sys.exit(0 if (main_log.error_count == 0) else 2) + main_results.info("Overall results:\n" + \ + "{} warnings\n".format(main_results.warning_count) + \ + "{} errors\n".format(main_results.error_count)) + + sys.exit(0 if (main_results.error_count == 0) else 2) except Exception: # pylint: disable=broad-except # Print the backtrace and exit explicitly with our chosen status. From 40314fcc75d3343ecc7cb3b8a366e89715f52a85 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 11:34:31 +0200 Subject: [PATCH 165/191] analyze_outcomes: fix newlines Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 95f0cc697..57f359a65 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -35,7 +35,7 @@ class Results: @staticmethod def print_line(fmt, *args, **kwargs): - sys.stderr.write(fmt, *args, **kwargs) + sys.stderr.write(fmt + '\n', *args, **kwargs) class TestCaseOutcomes: """The outcomes of one test case across many configurations.""" @@ -163,14 +163,14 @@ by a semicolon. def do_analyze_coverage(results: Results, outcome_file, args) -> Results: """Perform coverage analysis.""" - results.info("\n*** Analyze coverage ***\n") + results.info("*** Analyze coverage ***") outcomes = read_outcome_file(outcome_file) results = analyze_outcomes(results, outcomes, args) return results def do_analyze_driver_vs_reference(results: Results, outcome_file, args) -> Results: """Perform driver vs reference analyze.""" - results.info("\n*** Analyze driver {} vs reference {} ***\n".format( + results.info("*** Analyze driver {} vs reference {} ***".format( args['component_driver'], args['component_ref'])) results = execute_reference_driver_tests(results, args['component_ref'], \ @@ -690,9 +690,9 @@ def main(): test_args = KNOWN_TASKS[task]['args'] main_results = test_function(main_results, options.outcomes, test_args) - main_results.info("Overall results:\n" + \ - "{} warnings\n".format(main_results.warning_count) + \ - "{} errors\n".format(main_results.error_count)) + main_results.info("Overall results: " + \ + "{} warnings | ".format(main_results.warning_count) + \ + "{} errors".format(main_results.error_count)) sys.exit(0 if (main_results.error_count == 0) else 2) From 9a4273099c4c3cade2aeff3cfe58ba824626c679 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 11:40:42 +0200 Subject: [PATCH 166/191] all.sh: fix comment Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ab1007812..564e2e46a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3531,7 +3531,7 @@ component_test_psa_crypto_config_accel_cipher () { # Configure # --------- - # Start from the default config (no TLS 1.3, no USE_PSA) + # Start from the full config helper_libtestdriver1_adjust_config "full" # There is no intended accelerator support for ALG CMAC. Therefore, asking From 2f00b7a5dab28ff93b731f4972887251ab4e4882 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 11:43:34 +0200 Subject: [PATCH 167/191] cipher: reset MBEDTLS_CIPHER_HAVE_AEAD to MBEDTLS_CIPHER_MODE_AEAD Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 6 +++--- library/cipher.c | 16 ++++++++-------- tests/suites/test_suite_cipher.function | 4 ++-- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 3a98976d5..9c8701d38 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -34,7 +34,7 @@ #include "mbedtls/platform_util.h" #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) -#define MBEDTLS_CIPHER_HAVE_AEAD +#define MBEDTLS_CIPHER_MODE_AEAD #endif #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1080,7 +1080,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen); -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) /** * \brief The authenticated encryption (AEAD/NIST_KW) function. * @@ -1187,7 +1187,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len); -#endif /* MBEDTLS_CIPHER_HAVE_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ #ifdef __cplusplus } #endif diff --git a/library/cipher.c b/library/cipher.c index 97dd0e95a..9f9f1075c 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1390,7 +1390,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, return 0; } -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) /* * Packet-oriented encryption for AEAD modes: internal function used by * mbedtls_cipher_auth_encrypt_ext(). @@ -1569,9 +1569,9 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) /* * Packet-oriented encryption for AEAD/NIST_KW: public function. */ @@ -1607,7 +1607,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) /* AEAD case: check length before passing on to shared function */ if (output_len < ilen + tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1620,7 +1620,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, return ret; #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ } /* @@ -1658,7 +1658,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) /* AEAD case: check length before passing on to shared function */ if (ilen < tag_len || output_len < ilen - tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1669,8 +1669,8 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, input + ilen - tag_len, tag_len); #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ } -#endif /* MBEDTLS_CIPHER_HAVE_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ #endif /* MBEDTLS_CIPHER_C */ diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 6fd94ce22..e6970129e 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -85,7 +85,7 @@ exit: return 0; } -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) /* Helper for resetting key/direction * * The documentation doesn't explicitly say whether calling @@ -842,7 +842,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_HAVE_AEAD */ +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_AEAD */ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, data_t *ad, data_t *cipher, data_t *tag, char *result, data_t *clear, int use_psa) From 8d178be66e5cdc1b5ba60d90a96d2e63da9a7ff2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 12:23:55 +0200 Subject: [PATCH 168/191] analyze_outcomes: fix return value in case of test failure Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 57f359a65..2998d322d 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -1,4 +1,4 @@ - #!/usr/bin/env python3 +#!/usr/bin/env python3 """Analyze the test outcomes from a full CI run. @@ -694,7 +694,7 @@ def main(): "{} warnings | ".format(main_results.warning_count) + \ "{} errors".format(main_results.error_count)) - sys.exit(0 if (main_results.error_count == 0) else 2) + sys.exit(0 if (main_results.error_count == 0) else 1) except Exception: # pylint: disable=broad-except # Print the backtrace and exit explicitly with our chosen status. From f6f64cfd819335fab6d09320a66de27c821ee4ad Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 12:28:26 +0200 Subject: [PATCH 169/191] analyze_outcomes: code style improvement Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 2998d322d..e0c69469f 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -690,9 +690,8 @@ def main(): test_args = KNOWN_TASKS[task]['args'] main_results = test_function(main_results, options.outcomes, test_args) - main_results.info("Overall results: " + \ - "{} warnings | ".format(main_results.warning_count) + \ - "{} errors".format(main_results.error_count)) + main_results.info("Overall results: {} warnings and {} errors", + main_results.warning_count, main_results.error_count) sys.exit(0 if (main_results.error_count == 0) else 1) From 8070dbec6b76f5a4dcf8260d855065dca42dc633 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 12:29:30 +0200 Subject: [PATCH 170/191] analyze_outcomes: keep print_line() method non-static Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index e0c69469f..034640430 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -23,18 +23,18 @@ class Results: self.warning_count = 0 def info(self, fmt, *args, **kwargs): - self.print_line('Info: ' + fmt, *args, **kwargs) + self._print_line('Info: ' + fmt, *args, **kwargs) def error(self, fmt, *args, **kwargs): self.error_count += 1 - self.print_line('Error: ' + fmt, *args, **kwargs) + self._print_line('Error: ' + fmt, *args, **kwargs) def warning(self, fmt, *args, **kwargs): self.warning_count += 1 - self.print_line('Warning: ' + fmt, *args, **kwargs) + self._print_line('Warning: ' + fmt, *args, **kwargs) @staticmethod - def print_line(fmt, *args, **kwargs): + def _print_line(fmt, *args, **kwargs): sys.stderr.write(fmt + '\n', *args, **kwargs) class TestCaseOutcomes: From 781c23416e511ab31738bfc2607f944e8fcc4ce3 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 12:47:35 +0200 Subject: [PATCH 171/191] analyze_oucomes: do not return Results instance passed as parameter Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 32 ++++++++++++------------------- 1 file changed, 12 insertions(+), 20 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 034640430..5f2e37877 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -57,7 +57,7 @@ class TestCaseOutcomes: return len(self.successes) + len(self.failures) def execute_reference_driver_tests(results: Results, ref_component, driver_component, \ - outcome_file) -> Results: + outcome_file): """Run the tests specified in ref_component and driver_component. Results are stored in the output_file and they will be used for the following coverage analysis""" @@ -66,7 +66,7 @@ def execute_reference_driver_tests(results: Results, ref_component, driver_compo if os.path.exists(outcome_file): results.info("Outcome file (" + outcome_file + ") already exists. " + \ "Tests will be skipped.") - return results + return shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \ " " + ref_component + " " + driver_component @@ -76,8 +76,6 @@ def execute_reference_driver_tests(results: Results, ref_component, driver_compo if ret_val != 0: results.error("failed to run reference/driver components") - return results - def analyze_coverage(results, outcomes, allow_list, full_coverage): """Check that all available test cases are executed at least once.""" available = check_test_cases.collect_available_test_cases() @@ -132,13 +130,10 @@ def analyze_driver_vs_reference(results: Results, outcomes, if(reference_test_passed and not driver_test_passed): results.error(key) - return results - -def analyze_outcomes(results: Results, outcomes, args) -> Results: +def analyze_outcomes(results: Results, outcomes, args): """Run all analyses on the given outcome collection.""" analyze_coverage(results, outcomes, args['allow_list'], args['full_coverage']) - return results def read_outcome_file(outcome_file): """Parse an outcome file and return an outcome collection. @@ -161,30 +156,27 @@ by a semicolon. outcomes[key].failures.append(setup) return outcomes -def do_analyze_coverage(results: Results, outcome_file, args) -> Results: +def do_analyze_coverage(results: Results, outcome_file, args): """Perform coverage analysis.""" results.info("*** Analyze coverage ***") outcomes = read_outcome_file(outcome_file) - results = analyze_outcomes(results, outcomes, args) - return results + analyze_outcomes(results, outcomes, args) -def do_analyze_driver_vs_reference(results: Results, outcome_file, args) -> Results: +def do_analyze_driver_vs_reference(results: Results, outcome_file, args): """Perform driver vs reference analyze.""" results.info("*** Analyze driver {} vs reference {} ***".format( args['component_driver'], args['component_ref'])) - results = execute_reference_driver_tests(results, args['component_ref'], \ - args['component_driver'], outcome_file) + execute_reference_driver_tests(results, args['component_ref'], \ + args['component_driver'], outcome_file) ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] outcomes = read_outcome_file(outcome_file) - results = analyze_driver_vs_reference(results, outcomes, - args['component_ref'], args['component_driver'], - ignored_suites, args['ignored_tests']) - - return results + analyze_driver_vs_reference(results, outcomes, + args['component_ref'], args['component_driver'], + ignored_suites, args['ignored_tests']) # List of tasks with a function that can handle this task and additional arguments if required KNOWN_TASKS = { @@ -688,7 +680,7 @@ def main(): for task in tasks_list: test_function = KNOWN_TASKS[task]['test_function'] test_args = KNOWN_TASKS[task]['args'] - main_results = test_function(main_results, options.outcomes, test_args) + test_function(main_results, options.outcomes, test_args) main_results.info("Overall results: {} warnings and {} errors", main_results.warning_count, main_results.error_count) From 4a493b267f55b21bf056af363f942862f7a9a754 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 17 Oct 2023 14:57:23 +0100 Subject: [PATCH 172/191] Reword error message on format of SAN arguments Signed-off-by: David Horstmann --- programs/x509/cert_write.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 8bee0a666..d8660dc95 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -585,7 +585,7 @@ usage: *subtype_value++ = '\0'; } else { mbedtls_printf( - "Invalid argument for option SAN: Entry should be separated by a colon\n"); + "Invalid argument for option SAN: Entry must be of the form TYPE:value\n"); goto usage; } if (strcmp(q, "RFC822") == 0) { From 9534dfd15bb8b38553c28c861bff25b2b90cfb03 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 17 Oct 2023 14:59:31 +0100 Subject: [PATCH 173/191] Reword error message on format of SAN arguments Signed-off-by: David Horstmann --- programs/x509/cert_req.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index ff744a430..7e2a6bd8e 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -263,7 +263,7 @@ usage: *subtype_value++ = '\0'; } else { mbedtls_printf( - "Invalid argument for option SAN: Entry should be separated by a colon\n"); + "Invalid argument for option SAN: Entry must be of the form TYPE:value\n"); goto usage; } if (strcmp(q, "RFC822") == 0) { From 735794c7454c91ba06a1e0c518799b85ed00b99e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 18 Oct 2023 08:05:15 +0200 Subject: [PATCH 174/191] analyze_outcomes: fix missing format for args/kwargs Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 5f2e37877..d0b72a859 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -35,7 +35,7 @@ class Results: @staticmethod def _print_line(fmt, *args, **kwargs): - sys.stderr.write(fmt + '\n', *args, **kwargs) + sys.stderr.write((fmt + '\n').format(*args, **kwargs)) class TestCaseOutcomes: """The outcomes of one test case across many configurations.""" From 39d4b9d15bf6a89bc2d9ef59c064041c539ab38f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 18 Oct 2023 14:30:03 +0200 Subject: [PATCH 175/191] analyze_outcomes: fix format interpolation errors Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index d0b72a859..b522efb31 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -64,13 +64,12 @@ def execute_reference_driver_tests(results: Results, ref_component, driver_compo # If the outcome file already exists, we assume that the user wants to # perform the comparison analysis again without repeating the tests. if os.path.exists(outcome_file): - results.info("Outcome file (" + outcome_file + ") already exists. " + \ - "Tests will be skipped.") + results.info("Outcome file ({}) already exists. Tests will be skipped.", outcome_file) return shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \ " " + ref_component + " " + driver_component - results.info("Running: " + shell_command) + results.info("Running: {}", shell_command) ret_val = subprocess.run(shell_command.split(), check=False).returncode if ret_val != 0: @@ -128,7 +127,7 @@ def analyze_driver_vs_reference(results: Results, outcomes, if component_ref in entry: reference_test_passed = True if(reference_test_passed and not driver_test_passed): - results.error(key) + results.error("Did not pass with driver: {}", key) def analyze_outcomes(results: Results, outcomes, args): """Run all analyses on the given outcome collection.""" @@ -164,8 +163,8 @@ def do_analyze_coverage(results: Results, outcome_file, args): def do_analyze_driver_vs_reference(results: Results, outcome_file, args): """Perform driver vs reference analyze.""" - results.info("*** Analyze driver {} vs reference {} ***".format( - args['component_driver'], args['component_ref'])) + results.info("*** Analyze driver {} vs reference {} ***", + args['component_driver'], args['component_ref']) execute_reference_driver_tests(results, args['component_ref'], \ args['component_driver'], outcome_file) From 2cff82069e6933358cb03c5f87a169fad52acf38 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 18 Oct 2023 14:36:47 +0200 Subject: [PATCH 176/191] analyze_outcomes: add new_section() method to the Results class Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index b522efb31..925433118 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -22,6 +22,9 @@ class Results: self.error_count = 0 self.warning_count = 0 + def new_section(self, fmt, *args, **kwargs): + self._print_line('\n*** ' + fmt + ' ***\n', *args, **kwargs) + def info(self, fmt, *args, **kwargs): self._print_line('Info: ' + fmt, *args, **kwargs) @@ -157,14 +160,14 @@ by a semicolon. def do_analyze_coverage(results: Results, outcome_file, args): """Perform coverage analysis.""" - results.info("*** Analyze coverage ***") + results.new_section("Analyze coverage") outcomes = read_outcome_file(outcome_file) analyze_outcomes(results, outcomes, args) def do_analyze_driver_vs_reference(results: Results, outcome_file, args): """Perform driver vs reference analyze.""" - results.info("*** Analyze driver {} vs reference {} ***", - args['component_driver'], args['component_ref']) + results.new_section("Analyze driver {} vs reference {}", + args['component_driver'], args['component_ref']) execute_reference_driver_tests(results, args['component_ref'], \ args['component_driver'], outcome_file) From 3bda79ba9f6404f1aecaa08838238490f1703020 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 18 Oct 2023 15:09:09 +0100 Subject: [PATCH 177/191] Move initialisation in test to before first test Calling mbedtls_cipher_free() on a context that was not initialised is dangerous, and this could happen if the first test in check_set_padding() failed. Signed-off-by: Paul Elliott --- tests/suites/test_suite_cipher.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index e6970129e..3140ba9ed 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -1218,6 +1218,8 @@ void check_set_padding(int cipher_id) const mbedtls_cipher_info_t *cipher_info; size_t keylen = 0; + mbedtls_cipher_init(&ctx); + cipher_info = mbedtls_cipher_info_from_type(cipher_id); if (cipher_info->mode != MBEDTLS_MODE_CBC) { @@ -1228,8 +1230,6 @@ void check_set_padding(int cipher_id) TEST_CALLOC(key, keylen/8); memset(key, 0, keylen/8); - mbedtls_cipher_init(&ctx); - TEST_EQUAL(0, mbedtls_cipher_setup(&ctx, cipher_info)); TEST_EQUAL(0, mbedtls_cipher_setkey(&ctx, key, keylen, From bb4f63cbb222994c35c061c9785289de3e7b0599 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 19 Oct 2023 10:38:58 +0800 Subject: [PATCH 178/191] all.sh: build_mingw: test default config without MBEDTLS_AESNI_C Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 64bde15fd..c197ee10b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -5124,6 +5124,17 @@ component_build_mingw () { make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 SHARED=1 lib programs make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 SHARED=1 tests make WINDOWS_BUILD=1 clean + + msg "build: Windows cross build - mingw64, make (Link Library, default config without MBEDTLS_AESNI_C)" # ~ 30s + ./scripts/config.py unset MBEDTLS_AESNI_C # + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests + make WINDOWS_BUILD=1 clean + + msg "build: Windows cross build - mingw64, make (DLL, default config without MBEDTLS_AESNI_C)" # ~ 30s + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests + make WINDOWS_BUILD=1 clean } support_build_mingw() { case $(i686-w64-mingw32-gcc -dumpversion 2>/dev/null) in From 158eead001677307d4731f1a4dacb4f38245dc6d Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 19 Oct 2023 11:27:05 +0800 Subject: [PATCH 179/191] all.sh: build_mingw: only test build lib without MBEDTLS_AESNI_C Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c197ee10b..81084a9ee 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -5125,15 +5125,9 @@ component_build_mingw () { make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 SHARED=1 tests make WINDOWS_BUILD=1 clean - msg "build: Windows cross build - mingw64, make (Link Library, default config without MBEDTLS_AESNI_C)" # ~ 30s + msg "build: Windows cross build - mingw64, make (Library only, default config without MBEDTLS_AESNI_C)" # ~ 30s ./scripts/config.py unset MBEDTLS_AESNI_C # - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests - make WINDOWS_BUILD=1 clean - - msg "build: Windows cross build - mingw64, make (DLL, default config without MBEDTLS_AESNI_C)" # ~ 30s - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib make WINDOWS_BUILD=1 clean } support_build_mingw() { From 74f2c15ea3894ca52fef5d32047cedccec4af3ed Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 19 Oct 2023 11:39:17 +0800 Subject: [PATCH 180/191] Add a changelog entry Signed-off-by: Pengyu Lv --- ChangeLog.d/fix-mingw32-build.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/fix-mingw32-build.txt diff --git a/ChangeLog.d/fix-mingw32-build.txt b/ChangeLog.d/fix-mingw32-build.txt new file mode 100644 index 000000000..c657f23e2 --- /dev/null +++ b/ChangeLog.d/fix-mingw32-build.txt @@ -0,0 +1,4 @@ +Bugfix + * Fix an inconsistency between implementations and usages of `__cpuid`, + which mainly causes failures when building Windows target using + mingw or clang. Fix #8334 & #8332. From 0df6d9688add33721fbae9d9a098a3cc49a584f6 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 11 Oct 2023 13:27:25 +0800 Subject: [PATCH 181/191] all.sh: fix a typo in comment Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9290aa6d9..baa2b600f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -864,7 +864,7 @@ pre_generate_files() { # Example: # loc_extra_list="ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" # helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" -# 4b. Call helper_libtestdriver1_make_main "$loc_accel_list". Any +# 3b. Call helper_libtestdriver1_make_main "$loc_accel_list". Any # additional arguments will be passed to make: this can be useful if # you don't want to build everything when iterating during development. # Example: From af5003a1577d2798e90a7f3c1824b9e6d0145bdf Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 11 Oct 2023 11:57:10 +0800 Subject: [PATCH 182/191] CMAC: accelerate CMAC in accel_cipher Signed-off-by: Yanray Wang --- .../crypto_config_test_driver_extension.h | 9 ++++++++- tests/scripts/all.sh | 19 ++++++++++--------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index ef8c88a66..b0bbc4421 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -32,6 +32,14 @@ #endif #endif +#if defined(PSA_WANT_ALG_CMAC) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) +#undef MBEDTLS_PSA_ACCEL_ALG_CMAC +#else +#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1 +#endif +#endif + #if defined(PSA_WANT_ALG_CTR) #if defined(MBEDTLS_PSA_ACCEL_ALG_CTR) #undef MBEDTLS_PSA_ACCEL_ALG_CTR @@ -395,7 +403,6 @@ #define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1 #define MBEDTLS_PSA_ACCEL_ALG_CCM 1 -#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1 #define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1 #define MBEDTLS_PSA_ACCEL_ALG_GCM 1 #define MBEDTLS_PSA_ACCEL_ALG_HKDF 1 diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index baa2b600f..17f894a7b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3528,22 +3528,22 @@ component_test_psa_crypto_config_reference_hash_use_psa() { component_test_psa_crypto_config_accel_cipher () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" - loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS KEY_TYPE_DES" + loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 \ + ALG_CTR ALG_CFB ALG_OFB ALG_XTS \ + KEY_TYPE_DES ALG_CMAC" # Configure # --------- + # There is no intended accelerator support for STREAM_CIPHER and + # ECB_NO_PADDING. Therefore, asking for them in the build implies the + # inclusion of the Mbed TLS cipher operations. As we want to test here with + # cipher operations solely supported by accelerators, disabled those + # PSA configuration options by helper_libtestdriver1_adjust_config. + # Start from the full config helper_libtestdriver1_adjust_config "full" - # There is no intended accelerator support for ALG CMAC. Therefore, asking - # for it in the build implies the inclusion of the Mbed TLS cipher - # operations. As we want to test here with cipher operations solely - # supported by accelerators, disabled this PSA configuration option. - # (Note: the same applies to STREAM_CIPHER and ECB_NO_PADDING, which are - # already disabled by helper_libtestdriver1_adjust_config above.) - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC - # Disable the things that are being accelerated scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_PADDING_PKCS7 @@ -3552,6 +3552,7 @@ component_test_psa_crypto_config_accel_cipher () { scripts/config.py unset MBEDTLS_CIPHER_MODE_OFB scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS scripts/config.py unset MBEDTLS_DES_C + scripts/config.py unset MBEDTLS_CMAC_C # Build # ----- From 893623fb289d170e0a32ea8dbb26cb7bba469434 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 16 Oct 2023 11:55:37 +0800 Subject: [PATCH 183/191] PBKDF2-AES-CMAC: remove not needed preprocessor directive PBKDF2-AES-CMAC works if we provide the driver of AES-CMAC or KEY-TYPE-AES or both. So if PBKDF2-AES-CMAC is requested via PSA, we don't need to additionally enable builtin AES-CMAC or builtin KEY-TYPE-AES. Signed-off-by: Yanray Wang --- include/mbedtls/config_adjust_legacy_from_psa.h | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index e3c2ed117..5c294e914 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -724,8 +724,7 @@ #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */ #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ - defined(PSA_HAVE_SOFT_BLOCK_AEAD) || \ - defined(PSA_HAVE_SOFT_PBKDF2_CMAC) + defined(PSA_HAVE_SOFT_BLOCK_AEAD) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 #define MBEDTLS_AES_C #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */ @@ -796,8 +795,7 @@ #if defined(PSA_WANT_ALG_CMAC) #if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \ - defined(PSA_HAVE_SOFT_BLOCK_CIPHER) || \ - defined(PSA_HAVE_SOFT_PBKDF2_CMAC) + defined(PSA_HAVE_SOFT_BLOCK_CIPHER) #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 #define MBEDTLS_CMAC_C #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */ From 3d43434953767d64a8bb1770e506157e1dbcc07e Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 16 Oct 2023 14:03:52 +0800 Subject: [PATCH 184/191] test_suite_psa_crypto_driver_wrappers.data: fix dependency There are some fallback test cases which should rely on builtin implementations. This commit adjusts them with correct dependencies. Signed-off-by: Yanray Wang --- ...test_suite_psa_crypto_driver_wrappers.data | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 54558f0f0..8ba3b7997 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -340,11 +340,11 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fake @@ -372,7 +372,7 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fake @@ -460,7 +460,7 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_SUCCESS PSA AEAD encrypt: AES-CCM, 24 bytes, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CCM aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_NOT_SUPPORTED PSA AEAD encrypt: AES-CCM, 24 bytes, INSUFFICIENT_MEMORY @@ -472,7 +472,7 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_SUCCESS PSA AEAD encrypt, AES-GCM, 128 bytes #1, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_GCM aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_ERROR_NOT_SUPPORTED PSA AEAD encrypt, AES-GCM, 128 bytes #1, INSUFFICIENT_MEMORY @@ -484,7 +484,7 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS PSA AEAD decrypt: AES-CCM, 39 bytes, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CCM aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_ERROR_NOT_SUPPORTED PSA AEAD decrypt: AES-CCM, 39 bytes, INSUFFICIENT_MEMORY @@ -496,7 +496,7 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS PSA AEAD decrypt, AES-GCM, 144 bytes #1, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_GCM aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_NOT_SUPPORTED PSA AEAD decrypt, AES-GCM, 144 bytes #1, INSUFFICIENT_MEMORY @@ -536,7 +536,7 @@ depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_ACCEL_ALG_CMAC mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_SUCCESS PSA MAC sign, fallback: CMAC-AES-128 -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_NOT_SUPPORTED PSA MAC sign, driver reports error: CMAC-AES-128 @@ -576,7 +576,7 @@ depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_ACCEL_ALG_CMAC mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_SUCCESS PSA MAC verify, fallback: CMAC-AES-128 -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_NOT_SUPPORTED PSA MAC verify, driver reports error: CMAC-AES-128 @@ -802,7 +802,7 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_encrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":"4365847fe0b7b7fbed325953df344a96":PSA_SUCCESS:PSA_SUCCESS PSA AEAD encrypt setup, AES-GCM, 128 bytes #1, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_GCM aead_encrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":"4365847fe0b7b7fbed325953df344a96":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA AEAD encrypt setup, AES-GCM, 128 bytes #1, INSUFFICIENT_MEMORY @@ -814,7 +814,7 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_decrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":"4365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS:PSA_SUCCESS PSA AEAD decrypt setup, AES-GCM, 144 bytes #1, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_GCM aead_decrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":"4365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA AEAD decrypt setup, AES-GCM, 144 bytes #1, insufficient memory From d2d3d6374ec0df38dca7d6bd35d9bb4fad54681f Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 19 Oct 2023 16:50:45 +0800 Subject: [PATCH 185/191] Reword the changelog entry Signed-off-by: Pengyu Lv --- ChangeLog.d/fix-mingw32-build.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-mingw32-build.txt b/ChangeLog.d/fix-mingw32-build.txt index c657f23e2..feef0a2c5 100644 --- a/ChangeLog.d/fix-mingw32-build.txt +++ b/ChangeLog.d/fix-mingw32-build.txt @@ -1,4 +1,4 @@ Bugfix * Fix an inconsistency between implementations and usages of `__cpuid`, which mainly causes failures when building Windows target using - mingw or clang. Fix #8334 & #8332. + mingw or clang. Fixes #8334 & #8332. From 22334a202aea9302222fa0451652fdc688fdabaf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 19 Oct 2023 11:27:33 +0200 Subject: [PATCH 186/191] Fix some dependencies in ssl-opt.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These are explicitly PSA tests, so use PSA_WANT. Was missed by analyze_outcomes.py because those test cases were not listed properly, which will be fixed by #8088. Signed-off-by: Manuel Pégourié-Gonnard --- tests/ssl-opt.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0dcff6796..51d59bbbf 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2572,32 +2572,32 @@ run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 -requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_R1_521 run_test_psa_force_curve "secp521r1" -requires_config_enabled MBEDTLS_ECP_DP_BP512R1_ENABLED +requires_config_enabled PSA_WANT_ECC_BRAINPOOL_P_R1_512 run_test_psa_force_curve "brainpoolP512r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP384R1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_R1_384 run_test_psa_force_curve "secp384r1" -requires_config_enabled MBEDTLS_ECP_DP_BP384R1_ENABLED +requires_config_enabled PSA_WANT_ECC_BRAINPOOL_P_R1_384 run_test_psa_force_curve "brainpoolP384r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_R1_256 run_test_psa_force_curve "secp256r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP256K1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_K1_256 run_test_psa_force_curve "secp256k1" -requires_config_enabled MBEDTLS_ECP_DP_BP256R1_ENABLED +requires_config_enabled PSA_WANT_ECC_BRAINPOOL_P_R1_256 run_test_psa_force_curve "brainpoolP256r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP224R1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_R1_224 run_test_psa_force_curve "secp224r1" ## SECP224K1 is buggy via the PSA API ## (https://github.com/Mbed-TLS/mbedtls/issues/3541), ## so it is disabled in PSA even when it's enabled in Mbed TLS. ## The proper dependency would be on PSA_WANT_ECC_SECP_K1_224 but ## dependencies on PSA symbols in ssl-opt.sh are not implemented yet. -#requires_config_enabled MBEDTLS_ECP_DP_SECP224K1_ENABLED +#requires_config_enabled PSA_WANT_ECC_SECP_K1_224 #run_test_psa_force_curve "secp224k1" -requires_config_enabled MBEDTLS_ECP_DP_SECP192R1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_R1_192 run_test_psa_force_curve "secp192r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP192K1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_K1_192 run_test_psa_force_curve "secp192k1" # Test current time in ServerHello From bd24d95c27c82d2e33c1ae3d2e141ecea9ebe1d1 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 16:31:32 +0200 Subject: [PATCH 187/191] legacy_from_psa: fix support for PSA_ACCEL_ALG_[STREAM_CIPHER/ECB_NO_PADDING] Signed-off-by: Valerio Setti --- .../mbedtls/config_adjust_legacy_from_psa.h | 21 ++++++++++--------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 5c294e914..66d9887e1 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -697,11 +697,9 @@ #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \ (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \ (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ - defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ - (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ - (defined(PSA_WANT_ALG_CBC_PKCS7) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ + (defined(PSA_WANT_ALG_ECB_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)) || \ + (defined(PSA_WANT_ALG_CBC_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ + (defined(PSA_WANT_ALG_CBC_PKCS7) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) #define PSA_HAVE_SOFT_BLOCK_MODE 1 #endif @@ -765,8 +763,15 @@ #endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */ #endif /* PSA_WANT_KEY_TYPE_DES */ +#if defined(PSA_WANT_ALG_STREAM_CIPHER) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER) +#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 +#endif /* MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER */ +#endif /* PSA_WANT_ALG_STREAM_CIPHER */ + #if defined(PSA_WANT_KEY_TYPE_CHACHA20) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 #define MBEDTLS_CHACHA20_C #endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */ @@ -782,10 +787,6 @@ #define PSA_HAVE_SOFT_BLOCK_CIPHER 1 #endif -#if defined(PSA_WANT_ALG_STREAM_CIPHER) -#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 -#endif /* PSA_WANT_ALG_STREAM_CIPHER */ - #if defined(PSA_WANT_ALG_CBC_MAC) #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) #error "CBC-MAC is not yet supported via the PSA API in Mbed TLS." From 91adb41a8cf373d6b36d0d06ccdc893a3301293e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 16:34:09 +0200 Subject: [PATCH 188/191] all.sh: remove fixes in test components Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 17f894a7b..29390ef39 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -883,11 +883,6 @@ helper_libtestdriver1_adjust_config() { # Enable PSA-based config (necessary to use drivers) scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having - # partial support for cipher operations in the driver test library. - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING - # Dynamic secure element support is a deprecated feature and needs to be disabled here. # This is done to have the same form of psa_key_attributes_s for libdriver and library. scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C @@ -3535,12 +3530,6 @@ component_test_psa_crypto_config_accel_cipher () { # Configure # --------- - # There is no intended accelerator support for STREAM_CIPHER and - # ECB_NO_PADDING. Therefore, asking for them in the build implies the - # inclusion of the Mbed TLS cipher operations. As we want to test here with - # cipher operations solely supported by accelerators, disabled those - # PSA configuration options by helper_libtestdriver1_adjust_config. - # Start from the full config helper_libtestdriver1_adjust_config "full" From 221d8aa8e747759544f3a9c11cf6200fdc8c3e28 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 13:55:38 +0200 Subject: [PATCH 189/191] libtestdriver1: fix acceleration for ALG_STREAM_CIPHER/ALG_ECB_NO_PADDING Signed-off-by: Valerio Setti --- .../crypto_config_test_driver_extension.h | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index b0bbc4421..0eedb8b10 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -48,6 +48,22 @@ #endif #endif +#if defined(PSA_WANT_ALG_STREAM_CIPHER) +#if defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER) +#undef MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER +#else +#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_ECB_NO_PADDING) +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING) +#undef MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING +#else +#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1 +#endif +#endif + #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) #if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) #undef MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA @@ -403,7 +419,6 @@ #define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1 #define MBEDTLS_PSA_ACCEL_ALG_CCM 1 -#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1 #define MBEDTLS_PSA_ACCEL_ALG_GCM 1 #define MBEDTLS_PSA_ACCEL_ALG_HKDF 1 #define MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT 1 @@ -411,7 +426,6 @@ #define MBEDTLS_PSA_ACCEL_ALG_HMAC 1 #define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1 #define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1 -#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1 #if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \ defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) && \ From 0244fbbf28d693588aafb622b4ae19cf51ae5fee Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 19 Oct 2023 10:42:31 +0200 Subject: [PATCH 190/191] all.sh: accelerate ALG_ECB_NO_PADDING in test_psa_crypto_config_accel_cipher() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 29390ef39..86e8a0eca 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3523,9 +3523,9 @@ component_test_psa_crypto_config_reference_hash_use_psa() { component_test_psa_crypto_config_accel_cipher () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" - loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 \ - ALG_CTR ALG_CFB ALG_OFB ALG_XTS \ - KEY_TYPE_DES ALG_CMAC" + loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 \ + ALG_CTR ALG_CFB ALG_OFB ALG_XTS ALG_CMAC \ + KEY_TYPE_DES" # Configure # --------- From 66d5512571305e3aed3bf5a28e0ee7a5c020bad4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 23 Oct 2023 15:12:32 +0100 Subject: [PATCH 191/191] Remove dependency on asm/hwcap.h Signed-off-by: Dave Rodgman --- library/sha256.c | 8 +++++++- tests/scripts/all.sh | 5 +---- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index a6d0a7a46..596b2c533 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -126,7 +126,13 @@ # if defined(__linux__) /* Our preferred method of detection is getauxval() */ # include -# include +/* These are not always defined via sys/auxv.h */ +# if !defined(HWCAP_SHA2) +# define HWCAP_SHA2 (1 << 6) +# endif +# if !defined(HWCAP2_SHA2) +# define HWCAP2_SHA2 (1 << 3) +# endif # endif /* Use SIGILL on Unix, and fall back to it on Linux */ # include diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 28767eb3f..114f27109 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4344,10 +4344,7 @@ support_build_sha_armce() { # clang >= 4 is required to build with SHA extensions clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 - - [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] + [[ "${clang_ver}" -ge 4 ]] else # clang not available false