yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 17:45:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,658 Commits 88 Branches 205 Tags 69 MiB
ada61f05b3
Commit Graph

10658 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tero Jääskö
ada61f05b3 AES: masked config: remove 176 bytes of zeroing on each AES finalize round 
On MBEDTLS_AES_128_BIT_MASKED+FI_COUNTERMEASURES config the rk_mask array
was unconditionally zeroed on each dummy finalization round even though
it will be zeroed after the loop too. Remove the repeated zeroing to increase
overall transfer speed on DTLS session by 17..20% on a Cortex-M4.

Signed-off-by: Tero Jääskö <tero.jaasko@arm.com>
 2021-01-19 18:43:02 +02:00
Tero Jääskö
0241f81cbc AES: masked config: increase total transfer speed by 5% by removing zeroing 
On MBEDTLS_AES_128_BIT_MASKED config the overall DTLS transfer speed can be
increased by 3..5% or so on a Cortex-M4 by removing 472 bytes worth of
buffer zeroing done on each block {en|de}cryption. The buffer zeroings
were done before overwriting them on in masking code.

Signed-off-by: Tero Jääskö <tero.jaasko@arm.com>
 2021-01-19 18:41:30 +02:00
Andrzej Kurek
a4ffa3c474
Merge pull request #4026 from AndrzejKurek/baremetal-ci-spurious-resend 
Fix spurious resend in one of the ssl-opt.sh tests.
 2021-01-18 10:59:56 +01:00
Andrzej Kurek
7ad75b6a22 Increase the min hs timeout in one of the ssl_opt tests 
This triggered some spurious CI failure, where
the network is flaky. Increasing the min value,
leaving the max at the same distance should 
account for this.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2021-01-14 06:17:40 -05:00
Andrzej Kurek
5ef12c0cbc
Merge pull request #4016 from AndrzejKurek/baremetal-ci-spurious-resend 
Fix spurious resend in one of the ssl-opt.sh tests.
 2021-01-13 21:58:49 +01:00
Andrzej Kurek
95b87f32f6 Increase the min hs timeout in one of the ssl_opt tests 
This triggered some spurious CI failure, where
the network is flaky. Increasing the min value,
leaving the max at the same distance should 
account for this.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2021-01-12 07:49:41 -05:00
Andrzej Kurek
d7073d9290
Merge pull request #3979 from AndrzejKurek/coverity-seg-fault-context 
Fix the usage of ssl context after its nullified
 2021-01-05 12:47:41 +01:00
Andrzej Kurek
ffe07bf020
Merge pull request #3977 from AndrzejKurek/fi-missing-volatile 
FI variables missing 'volatile'
 2021-01-05 12:05:52 +01:00
Andrzej Kurek
42ed2d3c59 Fix the usage of ssl context after its nullified 
Previously, it was possible to access a null pointer
even though the given configuration should work.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2021-01-04 09:36:53 -05:00
Andrzej Kurek
17c3531b4b Add missing volatile identifiers before fi-related variables 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-31 09:56:42 -05:00
Andrzej Kurek
165564de07
Merge pull request #3946 from AndrzejKurek/optimized-key-exchange 
Key exchange optimizations
 2020-12-23 20:03:17 +01:00
Andrzej Kurek
5d3d2327ce Introduce additional fault injection protection to ssl_cli.c 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-23 03:45:53 -05:00
Andrzej Kurek
25997053a8 Introduce FI protection to ssl client handshake step handling 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-23 03:34:24 -05:00
Andrzej Kurek
ad3c4ffb56 Add an "SSL" infix to MBEDTLS_DELAYED_SERVER_CERT_VERIFICATION 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-21 08:11:36 -05:00
Andrzej Kurek
6b5c9a3744 Add an "SSL" infix to MBEDTLS_EARLY_KEY_COMPUTATION 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-21 08:02:59 -05:00
Andrzej Kurek
4f5549f595 Add an "SSL" infix to MBEDTLS_IMMEDIATE_TRANSMISSION 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-21 07:56:57 -05:00
Andrzej Kurek
df6e684460 Add a valgrind test for baremetal config 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-21 07:45:43 -05:00
Andrzej Kurek
0719b3c129 Add output flushing after each message transmission 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-19 17:15:52 -05:00
Andrzej Kurek
e6c3aa7e7b Fix minor issues and clean up the code 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-18 15:06:42 -05:00
Andrzej Kurek
e2134ed4b1 Fix certificate management when freeing handshake 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-18 11:23:19 -05:00
Shelly Liberman
a981a9605d
Merge pull request #3961 from shelib01/random_buf_fix 
fix flow control check
 2020-12-16 10:35:22 +02:00
Andrzej Kurek
38c7f2d32f Refactor the immediate transmission feature 
The original way or handling it did not cover
message fragmentation or retransmission.
Now, the messages are always appended
to the flight and sent immediately, using 
the same function as normal flight 
transmission.
Moreover, epoch handling is different for this feature,
with a possibility to perform the usual retransmission
using previous methods. 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-15 18:17:31 -05:00
Andrzej Kurek
d886d9f93c Fix freeing uninitialized fields from the ssl context 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-15 15:43:12 -05:00
Andrzej Kurek
9627202d3a Move MBEDTLS_DELAYED_SERVER_CERT_VERIFICATION to baremetal config 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-15 15:43:12 -05:00
Andrzej Kurek
5ac3a50924 DTLS: disable datagram packing tests when immediate transmission is on 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-15 15:43:12 -05:00
Andrzej Kurek
c3dde3f2f9 Fix unreachable code error 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-15 15:43:12 -05:00
Andrzej Kurek
52e08cbcb2 Fix unused parameters and ifdefs 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-15 15:43:12 -05:00
Andrzej Kurek
777d4217f1 Fix define and function names to conform to Mbed TLS rules 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-15 15:43:12 -05:00
Andrzej Kurek
b22e64045b Update generated files 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-15 15:43:12 -05:00
Andrzej Kurek
131512440e Move the new config optimization defines to be optional 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-15 15:43:12 -05:00
Hannes Tschofenig
32846c62ac Moving the ecdhe_computed variable into the handshake structure 2020-12-15 12:50:37 +01:00
Hannes Tschofenig
34630562cd Making sure that the ECDHE pre-computation is only done once. 2020-12-15 12:33:45 +01:00
Shelly Liberman
699aebecb9 fix flow control check 
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
 2020-12-14 18:57:52 +02:00
Andrzej Kurek
cee7ee86af
Merge pull request #3956 from shelib01/aes_masking_fix 
AES masking bug fix
 2020-12-14 09:37:12 +01:00
Shelly Liberman
51701bb4af aes masking bug fix 
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
 2020-12-13 18:32:09 +02:00
Andrzej Kurek
25d0202ac5
Merge pull request #3941 from AndrzejKurek/tinycrypt-ecdsa-signature 
Add ECDSA signature generation tests to tinycrypt
 2020-12-08 06:18:33 -05:00
Andrzej Kurek
3e80b1a657 Fix compilation errors when building sign_with_k test function 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-07 08:54:50 -05:00
Hannes Tschofenig
c162895030 Add call to mbedtls_x509_crt_free() 2020-12-07 11:04:09 +01:00
Andrzej Kurek
bef771bf50 Add ECDSA signature generation tests to tinycrypt 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2020-12-04 09:54:11 -05:00
Andrzej Kurek
fca6731ddd
Merge pull request #3934 from AndrzejKurek/tinycrypt-ecdsa-test-vectors 
Add NIST CAVP FIPS 186-4 test vectors for tinycrypt ecdsa
 2020-12-04 09:47:00 -05:00
Hannes Tschofenig
e151a3528a Adding early ECDHE key generation to ssl_cli.c 2020-12-03 17:37:49 +01:00
Hannes Tschofenig
c34d9cf37a Adding storage for public key to handshake_params 2020-12-03 17:37:06 +01:00
Hannes Tschofenig
77cddb3ef7 Adding early key computation config option 2020-12-03 17:36:00 +01:00
Hannes Tschofenig
3cb3db7961 Adding early key computation config check 2020-12-03 17:35:50 +01:00
Hannes Tschofenig
2279ffd2a0 Adding immediate message transmission 2020-12-03 15:52:35 +01:00
Hannes Tschofenig
dfa4bae320 Adding immediate transmission option 2020-12-03 15:49:35 +01:00
Hannes Tschofenig
cb6410c67d Wrapper function for calling parse_certificate_verify 2020-12-03 15:48:55 +01:00
Hannes Tschofenig
635f86874f Adding delayed server cert verification to client state machine 2020-12-03 15:48:32 +01:00
Hannes Tschofenig
4f8c88312c Adding wrapper function for certificate verification function 2020-12-03 15:48:12 +01:00
Hannes Tschofenig
f336c7ea71 Adding delayed server cert verification config option 2020-12-03 15:47:47 +01:00