Merge pull request #6168 from mman/mbedtls-2.28
Use double quotes to include private header file psa_crypto_cipher.h
diff --git a/ChangeLog.d/bn_mul-fix-x86-pic-compilation-for-gcc-4.txt b/ChangeLog.d/bn_mul-fix-x86-pic-compilation-for-gcc-4.txt
new file mode 100644
index 0000000..1d59c22
--- /dev/null
+++ b/ChangeLog.d/bn_mul-fix-x86-pic-compilation-for-gcc-4.txt
@@ -0,0 +1,4 @@
+Bugfix
+ * Fix a long-standing build failure when building x86 PIC code with old
+ gcc (4.x). The code will be slower, but will compile. We do however
+ recommend upgrading to a more recent compiler instead. Fixes #1910.
diff --git a/ChangeLog.d/muladdc_microblaze.txt b/ChangeLog.d/muladdc_microblaze.txt
new file mode 100644
index 0000000..70fdff0
--- /dev/null
+++ b/ChangeLog.d/muladdc_microblaze.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Fix support for little-endian Microblaze when MBEDTLS_HAVE_ASM is defined.
+ Contributed by Kazuyuki Kimura to fix #2020.
diff --git a/SECURITY.md b/SECURITY.md
index 26b77ab..33bbc2f 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,4 +1,4 @@
-## Reporting Vulneratibilities
+## Reporting Vulnerabilities
If you think you have found an Mbed TLS security vulnerability, then please
send an email to the security team at
diff --git a/docs/architecture/psa-crypto-implementation-structure.md b/docs/architecture/psa-crypto-implementation-structure.md
index cd4d427..6a0a095 100644
--- a/docs/architecture/psa-crypto-implementation-structure.md
+++ b/docs/architecture/psa-crypto-implementation-structure.md
@@ -1,4 +1,4 @@
-PSA Cryptograpy API implementation and PSA driver interface
+PSA Cryptography API implementation and PSA driver interface
===========================================================
## Introduction
diff --git a/docs/proposed/psa-driver-interface.md b/docs/proposed/psa-driver-interface.md
index 23274c7..65601a4 100644
--- a/docs/proposed/psa-driver-interface.md
+++ b/docs/proposed/psa-driver-interface.md
@@ -237,7 +237,7 @@
1. The core calls the `xxx_setup` entry point for this operation family. If this fails, the core destroys the operation context object without calling any other driver entry point on it.
1. The core calls other entry points that manipulate the operation context object, respecting the constraints.
1. If any entry point fails, the core calls the driver's `xxx_abort` entry point for this operation family, then destroys the operation context object without calling any other driver entry point on it.
-1. If a “finish” entry point fails, the core destroys the operation context object without calling any other driver entry point on it. The finish entry points are: *prefix*`_mac_sign_finish`, *prefix*`_mac_verify_finish`, *prefix*`_cipher_fnish`, *prefix*`_aead_finish`, *prefix*`_aead_verify`.
+1. If a “finish” entry point fails, the core destroys the operation context object without calling any other driver entry point on it. The finish entry points are: *prefix*`_mac_sign_finish`, *prefix*`_mac_verify_finish`, *prefix*`_cipher_finish`, *prefix*`_aead_finish`, *prefix*`_aead_verify`.
If a driver implements a multi-part operation but not the corresponding single-part operation, the core calls the driver's multipart operation entry points to perform the single-part operation.
diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h
index 44afae0..5da7654 100644
--- a/include/mbedtls/asn1write.h
+++ b/include/mbedtls/asn1write.h
@@ -90,7 +90,7 @@
#if defined(MBEDTLS_BIGNUM_C)
/**
- * \brief Write a arbitrary-precision number (#MBEDTLS_ASN1_INTEGER)
+ * \brief Write an arbitrary-precision number (#MBEDTLS_ASN1_INTEGER)
* in ASN.1 format.
*
* \note This function works backwards in data buffer.
diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h
index 31137cd..a3fc363 100644
--- a/include/mbedtls/bn_mul.h
+++ b/include/mbedtls/bn_mul.h
@@ -95,12 +95,28 @@
( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 )
/*
+ * GCC < 5.0 treated the x86 ebx (which is used for the GOT) as a
+ * fixed reserved register when building as PIC, leading to errors
+ * like: bn_mul.h:46:13: error: PIC register clobbered by 'ebx' in 'asm'
+ *
+ * This is fixed by an improved register allocator in GCC 5+. From the
+ * release notes:
+ * Register allocation improvements: Reuse of the PIC hard register,
+ * instead of using a fixed register, was implemented on x86/x86-64
+ * targets. This improves generated PIC code performance as more hard
+ * registers can be used.
+ */
+#if defined(__GNUC__) && __GNUC__ < 5 && defined(__PIC__)
+#define MULADDC_CANNOT_USE_EBX
+#endif
+
+/*
* Disable use of the i386 assembly code below if option -O0, to disable all
* compiler optimisations, is passed, detected with __OPTIMIZE__
* This is done as the number of registers used in the assembly code doesn't
* work with the -O0 option.
*/
-#if defined(__i386__) && defined(__OPTIMIZE__)
+#if defined(__i386__) && defined(__OPTIMIZE__) && !defined(MULADDC_CANNOT_USE_EBX)
#define MULADDC_INIT \
asm( \
@@ -563,10 +579,20 @@
"andi r7, r6, 0xffff \n\t" \
"bsrli r6, r6, 16 \n\t"
-#define MULADDC_CORE \
+#if(__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__)
+#define MULADDC_LHUI \
+ "lhui r9, r3, 0 \n\t" \
+ "addi r3, r3, 2 \n\t" \
+ "lhui r8, r3, 0 \n\t"
+#else
+#define MULADDC_LHUI \
"lhui r8, r3, 0 \n\t" \
"addi r3, r3, 2 \n\t" \
- "lhui r9, r3, 0 \n\t" \
+ "lhui r9, r3, 0 \n\t"
+#endif
+
+#define MULADDC_CORE \
+ MULADDC_LHUI \
"addi r3, r3, 2 \n\t" \
"mul r10, r9, r6 \n\t" \
"mul r11, r8, r7 \n\t" \
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 1cd6eb6..1da9802 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1329,7 +1329,7 @@
* Include backtrace information with each allocated block.
*
* Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
- * GLIBC-compatible backtrace() an backtrace_symbols() support
+ * GLIBC-compatible backtrace() and backtrace_symbols() support
*
* Uncomment this macro to include backtrace information
*/
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index 84fafd2..9cea40a 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -215,7 +215,7 @@
int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
/**
- * \brief This function clones the state of an message-digest
+ * \brief This function clones the state of a message-digest
* context.
*
* \note You must call mbedtls_md_setup() on \c dst before calling
diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h
index 63270d1..f890aef 100644
--- a/include/mbedtls/ripemd160.h
+++ b/include/mbedtls/ripemd160.h
@@ -74,7 +74,7 @@
void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx );
/**
- * \brief Clone (the state of) an RIPEMD-160 context
+ * \brief Clone (the state of) a RIPEMD-160 context
*
* \param dst The destination context
* \param src The context to be cloned
diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 062df73..8559f67 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -491,7 +491,7 @@
* the current function does not have access to them,
* and therefore cannot check them. See mbedtls_rsa_complete().
* If you want to check the consistency of the entire
- * content of an PKCS1-encoded RSA private key, for example, you
+ * content of a PKCS1-encoded RSA private key, for example, you
* should use mbedtls_rsa_validate_params() before setting
* up the RSA context.
* Additionally, if the implementation performs empirical checks,
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 5064ec5..9cfb00c 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -652,7 +652,7 @@
* for the associated \c mbedtls_ssl_get_timer_t callback to
* return correct information.
*
- * \note If using a event-driven style of programming, an event must
+ * \note If using an event-driven style of programming, an event must
* be generated when the final delay is passed. The event must
* cause a call to \c mbedtls_ssl_handshake() with the proper
* SSL context to be scheduled. Care must be taken to ensure
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index d6d3e4f..faa3b9e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -551,7 +551,7 @@
* \retval #PSA_ERROR_INVALID_HANDLE
* \p key is not a valid identifier nor \c 0.
* \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * There was an failure in communication with the cryptoprocessor.
+ * There was a failure in communication with the cryptoprocessor.
* The key material may still be present in the cryptoprocessor.
* \retval #PSA_ERROR_DATA_INVALID
* This error is typically a result of either storage corruption on a
diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h
index 09ac488..0d18404 100644
--- a/include/psa/crypto_compat.h
+++ b/include/psa/crypto_compat.h
@@ -44,7 +44,7 @@
#define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT
-/** Check whether an handle is null.
+/** Check whether a handle is null.
*
* \param handle Handle
*
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index a48a4bb..a34d551 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -356,7 +356,7 @@
*/
#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002)
-/** Whether a key type is an DSA key (pair or public-only). */
+/** Whether a key type is a DSA key (pair or public-only). */
#define PSA_KEY_TYPE_IS_DSA(type) \
(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index 66f4687..d3f518e 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -60,8 +60,8 @@
*
* The function psa_its_identifier_of_slot() in psa_crypto_storage.c that
* translates a key identifier to a key storage file name assumes that
- * mbedtls_key_owner_id_t is an 32 bits integer. This function thus needs
- * reworking if mbedtls_key_owner_id_t is not defined as a 32 bits integer
+ * mbedtls_key_owner_id_t is a 32-bit integer. This function thus needs
+ * reworking if mbedtls_key_owner_id_t is not defined as a 32-bit integer
* here anymore.
*/
typedef int32_t mbedtls_key_owner_id_t;
diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h
index 1dc8f9b..e34c500 100644
--- a/include/psa/crypto_se_driver.h
+++ b/include/psa/crypto_se_driver.h
@@ -394,7 +394,7 @@
psa_encrypt_or_decrypt_t direction);
/** \brief A function that sets the initialization vector (if
- * necessary) for an secure element cipher operation
+ * necessary) for a secure element cipher operation
*
* Rationale: The `psa_se_cipher_*` operation in the PSA Cryptographic API has
* two IV functions: one to set the IV, and one to generate it internally. The
diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h
index 8f23021..d8a90a8 100644
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@@ -104,7 +104,7 @@
* Values of this type are generally constructed by macros called
* `PSA_DH_FAMILY_xxx`.
*
- * The group identifier is required to create an Diffie-Hellman key using the
+ * The group identifier is required to create a Diffie-Hellman key using the
* PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY()
* macros.
*
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 8b3a815..8e61f2f 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -1195,7 +1195,7 @@
*/
#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500)
-/* In the encoding of a AEAD algorithm, the bits corresponding to
+/* In the encoding of an AEAD algorithm, the bits corresponding to
* PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
* The constants for default lengths follow this encoding.
*/
diff --git a/library/bignum.c b/library/bignum.c
index 32578e2..88915a1 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -2862,7 +2862,7 @@
else
{
/*
- * An necessary condition for Y and X = 2Y + 1 to be prime
+ * A necessary condition for Y and X = 2Y + 1 to be prime
* is X = 2 mod 3 (which is equivalent to Y = 2 mod 3).
* Make sure it is satisfied, while keeping X = 3 mod 4
*/
diff --git a/library/error.c b/library/error.c
index afad389..630e142 100644
--- a/library/error.c
+++ b/library/error.c
@@ -961,7 +961,7 @@
#else /* MBEDTLS_ERROR_C */
/*
- * Provide an non-function in case MBEDTLS_ERROR_C is not defined
+ * Provide a dummy implementation when MBEDTLS_ERROR_C is not defined
*/
void mbedtls_strerror( int ret, char *buf, size_t buflen )
{
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 107e912..079526c 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -872,7 +872,7 @@
{
void *ctx = mbedtls_calloc( 1, sizeof( psa_key_id_t ) );
- /* no _init() function to call, an calloc() already zeroized */
+ /* no _init() function to call, as calloc() already zeroized */
return( ctx );
}
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 72351c9..74b2df7 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -174,7 +174,7 @@
*olen = 0;
- /* We're always including an TLS_EMPTY_RENEGOTIATION_INFO_SCSV in the
+ /* We're always including a TLS_EMPTY_RENEGOTIATION_INFO_SCSV in the
* initial ClientHello, in which case also adding the renegotiation
* info extension is NOT RECOMMENDED as per RFC 5746 Section 3.4. */
if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
diff --git a/library/xtea.c b/library/xtea.c
index 77f6cb6..01478ac 100644
--- a/library/xtea.c
+++ b/library/xtea.c
@@ -1,5 +1,5 @@
/*
- * An 32-bit implementation of the XTEA algorithm
+ * A 32-bit implementation of the XTEA algorithm
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt
index 3be94bd..c42d2ff 100644
--- a/scripts/data_files/error.fmt
+++ b/scripts/data_files/error.fmt
@@ -150,7 +150,7 @@
#else /* MBEDTLS_ERROR_C */
/*
- * Provide an non-function in case MBEDTLS_ERROR_C is not defined
+ * Provide a dummy implementation when MBEDTLS_ERROR_C is not defined
*/
void mbedtls_strerror( int ret, char *buf, size_t buflen )
{
diff --git a/tests/git-scripts/README.md b/tests/git-scripts/README.md
index 29d7501..23db168 100644
--- a/tests/git-scripts/README.md
+++ b/tests/git-scripts/README.md
@@ -1,16 +1,16 @@
README for git hooks script
===========================
git has a way to run scripts, which are invoked by specific git commands.
-The git hooks are located in `<mbed TLS root>/.git/hooks`, and as such are not under version control
+The git hooks are located in `<Mbed TLS root>/.git/hooks`, and as such are not under version control
for more information, see the [git documentation](https://git-scm.com/docs/githooks).
-The mbed TLS git hooks are located in `<mbed TLS root>/tests/git-scripts` directory, and one must create a soft link from `<mbed TLS root>/.git/hooks` to `<mbed TLS root>/tesst/git-scripts`, in order to make the hook scripts successfully work.
+The Mbed TLS git hooks are located in `<Mbed TLS root>/tests/git-scripts` directory, and one must create a soft link from `<Mbed TLS root>/.git/hooks` to `<Mbed TLS root>/tests/git-scripts`, in order to make the hook scripts successfully work.
Example:
-Execute the following command to create a link on linux from the mbed TLS `.git/hooks` directory:
+Execute the following command to create a link on Linux from the Mbed TLS `.git/hooks` directory:
`ln -s ../../tests/git-scripts/pre-push.sh pre-push`
-**Note: Currently the mbed TLS git hooks work only on a GNU platform. If using a non-GNU platform, don't enable these hooks!**
+**Note: Currently the Mbed TLS git hooks work only on a GNU platform. If using a non-GNU platform, don't enable these hooks!**
These scripts can also be used independently.
diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function
index b9ea3d6..bb06822 100644
--- a/tests/suites/host_test.function
+++ b/tests/suites/host_test.function
@@ -590,6 +590,7 @@
*/
test_files = &argv[ arg_index ];
testfile_count = argc - arg_index;
+ break;
}
arg_index++;