This is an automated email from the ASF dual-hosted git repository.
janc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-core.git
commit eee9cef1904816b4f41a0b3d33dc856a14c4c522
Author: Szymon Janc <szymon.j...@codecoup.pl>
AuthorDate: Wed Aug 2 16:11:40 2023 +0200
crypto/mbedtls: Update to version 2.28.3
This is latest long term support release.
Mynewt extensions are also updated to resync with this release.
---
apps/crypto_test/src/main.c | 2 +
crypto/mbedtls/include/mbedtls/config_mynewt.h | 6 +
crypto/mbedtls/pkg.yml | 5 +-
crypto/mbedtls/src/gcm_mynewt.c | 180 +++++++++++--------------
4 files changed, 89 insertions(+), 104 deletions(-)
diff --git a/apps/crypto_test/src/main.c b/apps/crypto_test/src/main.c
index 8e2887982..08ecb2104 100755
--- a/apps/crypto_test/src/main.c
+++ b/apps/crypto_test/src/main.c
@@ -27,6 +27,8 @@
#include "mbedtls/aes.h"
#include "tinycrypt/aes.h"
+#include <mbedtls/gcm_mynewt.h>
+
struct vector_data {
char *plain;
char *cipher;
diff --git a/crypto/mbedtls/include/mbedtls/config_mynewt.h
b/crypto/mbedtls/include/mbedtls/config_mynewt.h
index 86063f587..57b39c119 100644
--- a/crypto/mbedtls/include/mbedtls/config_mynewt.h
+++ b/crypto/mbedtls/include/mbedtls/config_mynewt.h
@@ -496,6 +496,12 @@ extern "C" {
#define MBEDTLS_BIGNUM_ALT
#endif
+/* TODO configure when supported */
+#undef MBEDTLS_PSA_CRYPTO_C
+#undef MBEDTLS_PSA_CRYPTO_SE_C
+#undef MBEDTLS_PSA_CRYPTO_STORAGE_C
+#undef MBEDTLS_PSA_ITS_FILE_C
+
#ifdef __cplusplus
}
#endif
diff --git a/crypto/mbedtls/pkg.yml b/crypto/mbedtls/pkg.yml
index 9c1100727..48697b528 100644
--- a/crypto/mbedtls/pkg.yml
+++ b/crypto/mbedtls/pkg.yml
@@ -34,14 +34,15 @@ pkg.cflags.TEST: -DTEST
pkg.include_dirs:
- "include"
- "@mbedtls/include"
+ - "@mbedtls/library"
pkg.src_dirs:
- - "@mbedtls/library/"
+ - "@mbedtls/library"
- "src"
repository.mbedtls:
type: github
- vers: v2.16.12-commit
+ vers: v2.28.3-commit
branch: master
user: Mbed-TLS
repo: mbedtls
diff --git a/crypto/mbedtls/src/gcm_mynewt.c b/crypto/mbedtls/src/gcm_mynewt.c
index 379576279..dfd68f559 100644
--- a/crypto/mbedtls/src/gcm_mynewt.c
+++ b/crypto/mbedtls/src/gcm_mynewt.c
@@ -18,20 +18,47 @@
*/
/* Mynewt Mbed TLS extension (based on gcm.c)
+ * TODO should be upstream eventually..
+ */
+
+/*
+ * NIST SP800-38D compliant GCM implementation
+ *
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
*
- * TODO should be upstream eventually...
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
*/
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
+/*
+ * http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
+ *
+ * See also:
+ * [MGV]
http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
+ *
+ * We use the algorithm described as Shoup's method with 4-bit tables in
+ * [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory.
+ */
+
+#include <mbedtls/gcm_mynewt.h>
+#include <common.h>
#if defined(MBEDTLS_GCM_C)
#include "mbedtls/gcm.h"
+#include "mbedtls/platform.h"
#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
#include <string.h>
@@ -39,59 +66,13 @@
#include "mbedtls/aesni.h"
#endif
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
-#include "mbedtls/aes.h"
-#include "mbedtls/platform.h"
-#if !defined(MBEDTLS_PLATFORM_C)
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
-
#if !defined(MBEDTLS_GCM_ALT)
/* Parameter validation macros */
-#define GCM_VALIDATE_RET( cond ) \
- MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_GCM_BAD_INPUT )
-#define GCM_VALIDATE( cond ) \
- MBEDTLS_INTERNAL_VALIDATE( cond )
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-}
-#endif
-
-#ifndef PUT_UINT64_BE
-#define PUT_UINT64_BE( n, b, i ) \
-{ \
- ( b )[( i ) ] = (unsigned char) ( ( (n) >> 56 ) & 0xff ); \
- ( b )[( i ) + 1] = (unsigned char) ( ( (n) >> 48 ) & 0xff ); \
- ( b )[( i ) + 2] = (unsigned char) ( ( (n) >> 40 ) & 0xff ); \
- ( b )[( i ) + 3] = (unsigned char) ( ( (n) >> 32 ) & 0xff ); \
- ( b )[( i ) + 4] = (unsigned char) ( ( (n) >> 24 ) & 0xff ); \
- ( b )[( i ) + 5] = (unsigned char) ( ( (n) >> 16 ) & 0xff ); \
- ( b )[( i ) + 6] = (unsigned char) ( ( (n) >> 8 ) & 0xff ); \
- ( b )[( i ) + 7] = (unsigned char) ( ( (n) ) & 0xff ); \
-}
-#endif
+#define GCM_VALIDATE_RET(cond) \
+ MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_GCM_BAD_INPUT)
+#define GCM_VALIDATE(cond) \
+ MBEDTLS_INTERNAL_VALIDATE(cond)
/*
* Precompute small multiples of H, that is set
@@ -101,7 +82,7 @@
* is the high-order bit of HH corresponds to P^0 and the low-order bit of HL
* corresponds to P^127.
*/
-static int gcm_gen_table( mbedtls_gcm_context *ctx )
+static int gcm_gen_table(mbedtls_gcm_context *ctx)
{
int ret, i, j;
uint64_t hi, lo;
@@ -109,56 +90,55 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx )
unsigned char h[16];
size_t olen = 0;
- memset( h, 0, 16 );
- if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) )
!= 0 )
- return( ret );
+ memset(h, 0, 16);
+ if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen)) != 0)
{
+ return ret;
+ }
/* pack h as two 64-bits ints, big-endian */
- GET_UINT32_BE( hi, h, 0 );
- GET_UINT32_BE( lo, h, 4 );
+ hi = MBEDTLS_GET_UINT32_BE(h, 0);
+ lo = MBEDTLS_GET_UINT32_BE(h, 4);
vh = (uint64_t) hi << 32 | lo;
- GET_UINT32_BE( hi, h, 8 );
- GET_UINT32_BE( lo, h, 12 );
+ hi = MBEDTLS_GET_UINT32_BE(h, 8);
+ lo = MBEDTLS_GET_UINT32_BE(h, 12);
vl = (uint64_t) hi << 32 | lo;
/* 8 = 1000 corresponds to 1 in GF(2^128) */
ctx->HL[8] = vl;
ctx->HH[8] = vh;
-#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
/* With CLMUL support, we need only h, not the rest of the table */
- if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) )
- return( 0 );
+ if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) {
+ return 0;
+ }
#endif
/* 0 corresponds to 0 in GF(2^128) */
ctx->HH[0] = 0;
ctx->HL[0] = 0;
- for( i = 4; i > 0; i >>= 1 )
- {
- uint32_t T = ( vl & 1 ) * 0xe1000000U;
- vl = ( vh << 63 ) | ( vl >> 1 );
- vh = ( vh >> 1 ) ^ ( (uint64_t) T << 32);
+ for (i = 4; i > 0; i >>= 1) {
+ uint32_t T = (vl & 1) * 0xe1000000U;
+ vl = (vh << 63) | (vl >> 1);
+ vh = (vh >> 1) ^ ((uint64_t) T << 32);
ctx->HL[i] = vl;
ctx->HH[i] = vh;
}
- for( i = 2; i <= 8; i *= 2 )
- {
+ for (i = 2; i <= 8; i *= 2) {
uint64_t *HiL = ctx->HL + i, *HiH = ctx->HH + i;
vh = *HiH;
vl = *HiL;
- for( j = 1; j < i; j++ )
- {
+ for (j = 1; j < i; j++) {
HiH[j] = vh ^ ctx->HH[j];
HiL[j] = vl ^ ctx->HL[j];
}
}
- return( 0 );
+ return 0;
}
/*
@@ -178,42 +158,40 @@ static const uint64_t last4[16] =
* Sets output to x times H using the precomputed tables.
* x and output are seen as elements of GF(2^128) as in [MGV].
*/
-static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16],
- unsigned char output[16] )
+static void gcm_mult(mbedtls_gcm_context *ctx, const unsigned char x[16],
+ unsigned char output[16])
{
int i = 0;
unsigned char lo, hi, rem;
uint64_t zh, zl;
-#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
- if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) {
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
+ if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) {
unsigned char h[16];
- PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 );
- PUT_UINT32_BE( ctx->HH[8], h, 4 );
- PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 );
- PUT_UINT32_BE( ctx->HL[8], h, 12 );
+ MBEDTLS_PUT_UINT32_BE(ctx->HH[8] >> 32, h, 0);
+ MBEDTLS_PUT_UINT32_BE(ctx->HH[8], h, 4);
+ MBEDTLS_PUT_UINT32_BE(ctx->HL[8] >> 32, h, 8);
+ MBEDTLS_PUT_UINT32_BE(ctx->HL[8], h, 12);
- mbedtls_aesni_gcm_mult( output, x, h );
+ mbedtls_aesni_gcm_mult(output, x, h);
return;
}
-#endif /* MBEDTLS_AESNI_C && MBEDTLS_HAVE_X86_64 */
+#endif /* MBEDTLS_AESNI_HAVE_CODE */
lo = x[15] & 0xf;
zh = ctx->HH[lo];
zl = ctx->HL[lo];
- for( i = 15; i >= 0; i-- )
- {
+ for (i = 15; i >= 0; i--) {
lo = x[i] & 0xf;
- hi = x[i] >> 4;
+ hi = (x[i] >> 4) & 0xf;
- if( i != 15 )
- {
+ if (i != 15) {
rem = (unsigned char) zl & 0xf;
- zl = ( zh << 60 ) | ( zl >> 4 );
- zh = ( zh >> 4 );
+ zl = (zh << 60) | (zl >> 4);
+ zh = (zh >> 4);
zh ^= (uint64_t) last4[rem] << 48;
zh ^= ctx->HH[lo];
zl ^= ctx->HL[lo];
@@ -221,20 +199,19 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const
unsigned char x[16],
}
rem = (unsigned char) zl & 0xf;
- zl = ( zh << 60 ) | ( zl >> 4 );
- zh = ( zh >> 4 );
+ zl = (zh << 60) | (zl >> 4);
+ zh = (zh >> 4);
zh ^= (uint64_t) last4[rem] << 48;
zh ^= ctx->HH[hi];
zl ^= ctx->HL[hi];
}
- PUT_UINT32_BE( zh >> 32, output, 0 );
- PUT_UINT32_BE( zh, output, 4 );
- PUT_UINT32_BE( zl >> 32, output, 8 );
- PUT_UINT32_BE( zl, output, 12 );
+ MBEDTLS_PUT_UINT32_BE(zh >> 32, output, 0);
+ MBEDTLS_PUT_UINT32_BE(zh, output, 4);
+ MBEDTLS_PUT_UINT32_BE(zl >> 32, output, 8);
+ MBEDTLS_PUT_UINT32_BE(zl, output, 12);
}
-
int mbedtls_gcm_update_add( mbedtls_gcm_context *ctx,
size_t add_len,
const unsigned char *add )
@@ -300,7 +277,6 @@ int mbedtls_gcm_setkey_noalloc( mbedtls_gcm_context *ctx,
return( 0 );
}
-
#endif /* !MBEDTLS_GCM_ALT */
#endif /* MBEDTLS_GCM_C */
