-
Notifications
You must be signed in to change notification settings - Fork 2.6k
Comparing changes
Open a pull request
base repository: Mbed-TLS/mbedtls
base: 18573354f7dd224ba588c0151b4eede41f6e975d
head repository: Mbed-TLS/mbedtls
compare: e323fb3ab5bf9dbdec8731c29108697e8d611755
Commits on Mar 15, 2023
-
Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for ce2985b - Browse repository at this point
Copy the full SHA ce2985bView commit details -
Signed-off-by: Janos Follath <janos.follath@arm.com> Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 661c88f - Browse repository at this point
Copy the full SHA 661c88fView commit details -
Threat Model: Miscellaneous clarifications
Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e57ed98 - Browse repository at this point
Copy the full SHA e57ed98View commit details -
Threat Model: reorganise threat definitions
Simplify organisation by placing threat definitions in their respective sections. Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5adb2c2 - Browse repository at this point
Copy the full SHA 5adb2c2View commit details -
Threat Model: increase classification detail
Originally for the sake of simplicity there was a single category for software based attacks, namely timing side channel attacks. Be more precise and categorise attacks as software based whether or not they rely on physical information. Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for adc8a0b - Browse repository at this point
Copy the full SHA adc8a0bView commit details -
Threat model: explain dangling countermeasures
Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 389cdf4 - Browse repository at this point
Copy the full SHA 389cdf4View commit details -
Threat Model: move the block cipher section
The block cipher exception affects both remote and local timing attacks. Move them to the Caveats section and reference it from both the local and the remote attack section. Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5e68d3b - Browse repository at this point
Copy the full SHA 5e68d3bView commit details -
Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 18ffba6 - Browse repository at this point
Copy the full SHA 18ffba6View commit details -
Threat Model: clarify attack vectors
Timing attacks can be launched by any of the main 3 attackers. Clarify exactly how these are covered. Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 8257d8a - Browse repository at this point
Copy the full SHA 8257d8aView commit details -
Threat Model: improve wording and grammar
Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 6ce259d - Browse repository at this point
Copy the full SHA 6ce259dView commit details -
Threat Model: clarify stance on timing attacks
Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 08094b8 - Browse repository at this point
Copy the full SHA 08094b8View commit details -
Threat Model: remove references
Remove references to scientific papers as they are too specific and might be misleading. Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e3d677c - Browse repository at this point
Copy the full SHA e3d677cView commit details -
Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 6cd0459 - Browse repository at this point
Copy the full SHA 6cd0459View commit details -
MBEDTLS_AESCE_C is not available in 2.28., remove it from workarounds. Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 35f5ef0 - Browse repository at this point
Copy the full SHA 35f5ef0View commit details
Commits on Mar 16, 2023
-
Signed-off-by: Janos Follath <janos.follath@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 8305051 - Browse repository at this point
Copy the full SHA 8305051View commit details -
Merge pull request #999 from yanesca/threat_model_summary-2.28
Threat model summary 2.28
Configuration menu - View commit details
-
Copy full SHA for b3b9059 - Browse repository at this point
Copy the full SHA b3b9059View commit details
Commits on Mar 17, 2023
-
Merge remote-tracking branch 'development/mbedtls-2.28' into mbedtls-…
…2.28-restricted Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 01298e6 - Browse repository at this point
Copy the full SHA 01298e6View commit details -
Add space to appease doxygen bug
See doxygen/doxygen#8706 Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for c9d8c33 - Browse repository at this point
Copy the full SHA c9d8c33View commit details -
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 62ef621 - Browse repository at this point
Copy the full SHA 62ef621View commit details -
Add initial API doc configuration
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 241b040 - Browse repository at this point
Copy the full SHA 241b040View commit details -
Add configuration for Read The Docs
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 7f7aadd - Browse repository at this point
Copy the full SHA 7f7aaddView commit details -
Ignore mbedtls macros causing warnings
Sphinx's breathe plugin cannot readily parse the Mbed TLS macros, so define the less essential ones away at the doxygen step to reduce the number of warnings. Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e04d492 - Browse repository at this point
Copy the full SHA e04d492View commit details -
Add exemption for make.bat in checks for tabs
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 89bf31d - Browse repository at this point
Copy the full SHA 89bf31dView commit details -
Update bibliographic references
There are new versions of the Intel whitepapers and they've moved. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 6055b78 - Browse repository at this point
Copy the full SHA 6055b78View commit details -
Don't warn about Msan/Valgrind if AESNI isn't actually built
The warning is only correct if the assembly code for AESNI is built, not if MBEDTLS_AESNI_C is activated but MBEDTLS_HAVE_ASM is disabled or the target architecture isn't x86_64. This is a partial fix for #7236. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 18d521a - Browse repository at this point
Copy the full SHA 18d521aView commit details -
Improve the presentation of assembly blocks
Uncrustify indents ``` asm("foo" HELLO "bar" "wibble"); ``` but we would like ``` asm("foo" HELLO "bar" "wibble"); ``` Make "bar" an argument of the macro HELLO, which makes the indentation from uncrustify match the semantics (everything should be aligned to the same column). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 2808a60 - Browse repository at this point
Copy the full SHA 2808a60View commit details -
New preprocessor symbol indicating that AESNI support is present
The configuration symbol MBEDTLS_AESNI_C requests AESNI support, but it is ignored if the platform doesn't have AESNI. This allows keeping MBEDTLS_AESNI_C enabled (as it is in the default build) when building for platforms other than x86_64, or when MBEDTLS_HAVE_ASM is disabled. To facilitate maintenance, always use the symbol MBEDTLS_AESNI_HAVE_CODE to answer the question "can I call mbedtls_aesni_xxx functions?", rather than repeating the check `defined(MBEDTLS_AESNI_C) && ...`. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5511a34 - Browse repository at this point
Copy the full SHA 5511a34View commit details -
AES, GCM selftest: indicate which implementation is used
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 2c8ad94 - Browse repository at this point
Copy the full SHA 2c8ad94View commit details -
AESNI: add implementation with intrinsics
As of this commit, to use the intrinsics for MBEDTLS_AESNI_C: * With MSVC, this should be the default. * With Clang, build with `clang -maes -mpclmul` or equivalent. * With GCC, build with `gcc -mpclmul -msse2` or equivalent. In particular, for now, with a GCC-like compiler, when building specifically for a target that supports both the AES and GCM instructions, the old implementation using assembly is selected. This method for platform selection will likely be improved in the future. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e7dc21f - Browse repository at this point
Copy the full SHA e7dc21fView commit details -
Get aesni.c compiling with Visual Studio
Clang is nice enough to support bitwise operators on __m128i, but MSVC isn't. Also, __cpuid() in MSVC comes from <intrin.h> (which is included via <emmintrin.h>), not <cpuid.h>. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 790756d - Browse repository at this point
Copy the full SHA 790756dView commit details -
To some extent anyway. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for d4a2393 - Browse repository at this point
Copy the full SHA d4a2393View commit details -
MSVC doesn't have _mm_storeu_si64. Fortunately it isn't really needed here. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 2e8d8d1 - Browse repository at this point
Copy the full SHA 2e8d8d1View commit details -
Travis: run selftest on Windows
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 563c492 - Browse repository at this point
Copy the full SHA 563c492View commit details -
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for de34578 - Browse repository at this point
Copy the full SHA de34578View commit details -
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5f1677f - Browse repository at this point
Copy the full SHA 5f1677fView commit details -
Fix unaligned access if the context is moved during operation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 6978e73 - Browse repository at this point
Copy the full SHA 6978e73View commit details -
Use consistent guards for padlock code
The padlock feature is enabled if ``` defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) ``` with the second macro coming from `padlock.h`. The availability of the macro `MBEDTLS_PADLOCK_ALIGN16` is coincidentally equivalent to `MBEDTLS_HAVE_X86` but this is not meaningful. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 30c356c - Browse repository at this point
Copy the full SHA 30c356cView commit details -
Remove the dependency of MBEDTLS_AESNI_C on MBEDTLS_HAVE_ASM
AESNI can now be implemented with intrinsics. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 3ba81d3 - Browse repository at this point
Copy the full SHA 3ba81d3View commit details -
Clean up AES context alignment code
Use a single auxiliary function to determine rk_offset, covering both setkey_enc and setkey_dec, covering both AESNI and PADLOCK. For AESNI, only build this when using the intrinsics-based implementation, since the assembly implementation supports unaligned access. Simplify "do we need to realign?" to "is the desired offset now equal to the current offset?". Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for b71d402 - Browse repository at this point
Copy the full SHA b71d402View commit details -
AESNI: Overhaul implementation selection
Have clearly separated code to: * determine whether the assembly-based implementation is available; * determine whether the intrinsics-based implementation is available; * select one of the available implementations if any. Now MBEDTLS_AESNI_HAVE_CODE can be the single interface for aes.c and aesni.c to determine which AESNI is built. Change the implementation selection: now, if both implementations are available, always prefer assembly. Before, the intrinsics were used if available. This preference is to minimize disruption, and will likely be revised in a later minor release. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 6dec541 - Browse repository at this point
Copy the full SHA 6dec541View commit details -
Document the new state of AESNI support
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e5038c6 - Browse repository at this point
Copy the full SHA e5038c6View commit details -
Announce the expanded AESNI support
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 9a8bf9f - Browse repository at this point
Copy the full SHA 9a8bf9fView commit details -
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 3efd314 - Browse repository at this point
Copy the full SHA 3efd314View commit details -
This was intended as an if-else-if chain. Make it so. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 9494a99 - Browse repository at this point
Copy the full SHA 9494a99View commit details -
Fix merge errors in backporting
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 58550ac - Browse repository at this point
Copy the full SHA 58550acView commit details -
Document that MBEDTLS_AESNI_HAVE_INTRINSICS and MBEDTLS_AESNI_HAVE_CO…
…DE are internal macros, despite appearing in a public header file. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 779199f - Browse repository at this point
Copy the full SHA 779199fView commit details -
Remove references to MBEDTLS_AESCE_C and MBEDTLS_HAVE_ARM64
that aren't needed in this backport Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 3b53cae - Browse repository at this point
Copy the full SHA 3b53caeView commit details
Commits on Mar 18, 2023
-
Fix another backport issue: it's VS2010/ not VS2013/
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e0c7534 - Browse repository at this point
Copy the full SHA e0c7534View commit details -
Have selftest print more information about the AESNI build
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 20458c0 - Browse repository at this point
Copy the full SHA 20458c0View commit details -
Stop selftest hanging when run on CI
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 9149e12 - Browse repository at this point
Copy the full SHA 9149e12View commit details
There are no files selected for viewing
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
Large diffs are not rendered by default.