Skip to content

Commit

Permalink
crypto: Update to Mbed Crypto 2.0.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@Patater
Patater committed Sep 6, 2019
1 parent 612255f commit ea834eb
Show file tree
Hide file tree
Showing 20 changed files with 742 additions and 123 deletions.
2 changes: 1 addition & 1 deletion features/mbedtls/mbed-crypto/VERSION.txt
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
mbedcrypto-2.0.0d1
mbedcrypto-2.0.0
4 changes: 2 additions & 2 deletions features/mbedtls/mbed-crypto/importer/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,8 @@

# Set the Mbed Crypto release to import (this can/should be edited before
# import)
CRYPTO_RELEASE ?= mbedcrypto-2.0.0d1
CRYPTO_REPO_URL ?= git@github.com:ARMmbed/mbed-crypto.git
CRYPTO_RELEASE ?= mbedcrypto-2.0.0
CRYPTO_REPO_URL ?= git@github.com:ARMmbed/mbedtls-psa.git

# Translate between Mbed Crypto namespace and Mbed OS namespace
TARGET_PREFIX:=..
Expand Down
3 changes: 2 additions & 1 deletion features/mbedtls/mbed-crypto/inc/mbedtls/bignum.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,8 @@
defined(__ppc64__) || defined(__powerpc64__) || \
defined(__ia64__) || defined(__alpha__) || \
( defined(__sparc__) && defined(__arch64__) ) || \
defined(__s390x__) || defined(__mips64) )
defined(__s390x__) || defined(__mips64) || \
defined(__aarch64__) )
#if !defined(MBEDTLS_HAVE_INT64)
#define MBEDTLS_HAVE_INT64
#endif /* MBEDTLS_HAVE_INT64 */
Expand Down
24 changes: 24 additions & 0 deletions features/mbedtls/mbed-crypto/inc/mbedtls/bn_mul.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,6 +198,30 @@

#endif /* AMD64 */

#if defined(__aarch64__)

#define MULADDC_INIT \
asm(

#define MULADDC_CORE \
"ldr x4, [%2], #8 \n\t" \
"ldr x5, [%1] \n\t" \
"mul x6, x4, %3 \n\t" \
"umulh x7, x4, %3 \n\t" \
"adds x5, x5, x6 \n\t" \
"adc x7, x7, xzr \n\t" \
"adds x5, x5, %0 \n\t" \
"adc %0, x7, xzr \n\t" \
"str x5, [%1], #8 \n\t"

#define MULADDC_STOP \
: "+r" (c), "+r" (d), "+r" (s) \
: "r" (b) \
: "x4", "x5", "x6", "x7", "cc" \
);

#endif /* Aarch64 */

#if defined(__mc68020__) || defined(__mcpu32__)

#define MULADDC_INIT \
Expand Down
20 changes: 20 additions & 0 deletions features/mbedtls/mbed-crypto/inc/mbedtls/ecdh.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,11 @@

#include "mbedtls/ecp.h"

#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
#undef MBEDTLS_ECDH_LEGACY_CONTEXT
#include "everest/everest.h"
#endif

#ifdef __cplusplus
extern "C" {
#endif
Expand All @@ -66,6 +71,9 @@ typedef enum
{
MBEDTLS_ECDH_VARIANT_NONE = 0, /*!< Implementation not defined. */
MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
MBEDTLS_ECDH_VARIANT_EVEREST /*!< Everest implementation */
#endif
} mbedtls_ecdh_variant;

/**
Expand Down Expand Up @@ -119,6 +127,9 @@ typedef struct mbedtls_ecdh_context
union
{
mbedtls_ecdh_context_mbed mbed_ecdh;
#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
mbedtls_ecdh_context_everest everest_ecdh;
#endif
} ctx; /*!< Implementation-specific context. The
context in use is specified by the \c var
field. */
Expand All @@ -133,6 +144,15 @@ typedef struct mbedtls_ecdh_context
}
mbedtls_ecdh_context;

/**
* \brief Check whether a given group can be used for ECDH.
*
* \param gid The ECP group ID to check.
*
* \return \c 1 if the group can be used, \c 0 otherwise
*/
int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid );

/**
* \brief This function generates an ECDH keypair on an elliptic
* curve.
Expand Down
82 changes: 80 additions & 2 deletions features/mbedtls/mbed-crypto/inc/mbedtls/ecdsa.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,16 @@ typedef void mbedtls_ecdsa_restart_ctx;

#endif /* MBEDTLS_ECP_RESTARTABLE */

/**
* \brief This function checks whether a given group can be used
* for ECDSA.
*
* \param gid The ECP group ID to check.
*
* \return \c 1 if the group can be used, \c 0 otherwise
*/
int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid );

/**
* \brief This function computes the ECDSA signature of a
* previously-hashed message.
Expand Down Expand Up @@ -166,6 +176,12 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );

#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(MBEDTLS_DEPRECATED_WARNING)
#define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else
#define MBEDTLS_DEPRECATED
#endif
/**
* \brief This function computes the ECDSA signature of a
* previously-hashed message, deterministic version.
Expand All @@ -180,6 +196,19 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
* (SECG): SEC1 Elliptic Curve Cryptography</em>, section
* 4.1.3, step 5.
*
* \warning Since the output of the internal RNG is always the same for
* the same key and message, this limits the efficiency of
* blinding and leaks information through side channels. For
* secure behavior use mbedtls_ecdsa_sign_det_ext() instead.
*
* (Optimally the blinding is a random value that is different
* on every execution. In this case the blinding is still
* random from the attackers perspective, but is the same on
* each execution. This means that this blinding does not
* prevent attackers from recovering secrets by combining
* several measurement traces, but may prevent some attacks
* that exploit relationships between secret data.)
*
* \see ecp.h
*
* \param grp The context for the elliptic curve to use.
Expand All @@ -204,7 +233,55 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r,
mbedtls_mpi *s, const mbedtls_mpi *d,
const unsigned char *buf, size_t blen,
mbedtls_md_type_t md_alg );
mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED;
#undef MBEDTLS_DEPRECATED
#endif /* MBEDTLS_DEPRECATED_REMOVED */

/**
* \brief This function computes the ECDSA signature of a
* previously-hashed message, deterministic version.
*
* For more information, see <em>RFC-6979: Deterministic
* Usage of the Digital Signature Algorithm (DSA) and Elliptic
* Curve Digital Signature Algorithm (ECDSA)</em>.
*
* \note If the bitlength of the message hash is larger than the
* bitlength of the group order, then the hash is truncated as
* defined in <em>Standards for Efficient Cryptography Group
* (SECG): SEC1 Elliptic Curve Cryptography</em>, section
* 4.1.3, step 5.
*
* \see ecp.h
*
* \param grp The context for the elliptic curve to use.
* This must be initialized and have group parameters
* set, for example through mbedtls_ecp_group_load().
* \param r The MPI context in which to store the first part
* the signature. This must be initialized.
* \param s The MPI context in which to store the second part
* the signature. This must be initialized.
* \param d The private signing key. This must be initialized
* and setup, for example through mbedtls_ecp_gen_privkey().
* \param buf The hashed content to be signed. This must be a readable
* buffer of length \p blen Bytes. It may be \c NULL if
* \p blen is zero.
* \param blen The length of \p buf in Bytes.
* \param md_alg The hash algorithm used to hash the original data.
* \param f_rng_blind The RNG function used for blinding. This must not be
* \c NULL.
* \param p_rng_blind The RNG context to be passed to \p f_rng. This may be
* \c NULL if \p f_rng doesn't need a context parameter.
*
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
* error code on failure.
*/
int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r,
mbedtls_mpi *s, const mbedtls_mpi *d,
const unsigned char *buf, size_t blen,
mbedtls_md_type_t md_alg,
int (*f_rng_blind)(void *, unsigned char *, size_t),
void *p_rng_blind );
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */

/**
Expand Down Expand Up @@ -283,7 +360,8 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
* the signature written. Must not be \c NULL.
* \param f_rng The RNG function. This must not be \c NULL if
* #MBEDTLS_ECDSA_DETERMINISTIC is unset. Otherwise,
* it is unused and may be set to \c NULL.
* it is used only for blinding and may be set to \c NULL, but
* doing so is DEPRECATED.
* \param p_rng The RNG context to be passed to \p f_rng. This may be
* \c NULL if \p f_rng is \c NULL or doesn't use a context.
*
Expand Down
12 changes: 12 additions & 0 deletions features/mbedtls/mbed-crypto/inc/mbedtls/ecp.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -437,6 +437,12 @@ mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp );
* mbedtls_ecp_curve_info() for all supported curves in order
* of preference.
*
* \note This function returns information about all curves
* supported by the library. Some curves may not be
* supported for all algorithms. Call mbedtls_ecdh_can_do()
* or mbedtls_ecdsa_can_do() to check if a curve is
* supported for ECDH or ECDSA.
*
* \return A statically allocated array. The last entry is 0.
*/
const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
Expand All @@ -446,6 +452,12 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
* identifiers of all supported curves in the order of
* preference.
*
* \note This function returns information about all curves
* supported by the library. Some curves may not be
* supported for all algorithms. Call mbedtls_ecdh_can_do()
* or mbedtls_ecdsa_can_do() to check if a curve is
* supported for ECDH or ECDSA.
*
* \return A statically allocated array,
* terminated with MBEDTLS_ECP_DP_NONE.
*/
Expand Down
Loading

0 comments on commit ea834eb

Please sign in to comment.