Tom Cosgrove
1c0b1bffee
Merge pull request #8779 from gilles-peskine-arm/rsa-bitlen-fix
...
Fix mbedtls_pk_get_bitlen for a key size that is not a multiple of 8
2024-02-14 11:18:25 +00:00
Tom Cosgrove
d26df72256
Merge pull request #8820 from gilles-peskine-arm/sha3-compressed-rc
...
SHA3: Pack the iota round constants
2024-02-14 09:33:50 +00:00
Manuel Pégourié-Gonnard
e6c80bc6e5
Merge pull request #8755 from ronald-cron-arm/tls13-client-early-data-status
...
TLS 1.3: Refine and test client early data status
2024-02-13 20:36:42 +00:00
Gilles Peskine
f8b983c855
Pack the iota round constants
...
This saves ~160 bytes of code size, at the cost of a bit of localized
complexity in the code. The impact on performance is measurable but small
(<5% observed on x86_64) and can go either way (there's a calculation vs
memory bandwidth compromise).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-13 18:14:58 +01:00
Dave Rodgman
1e23f938cb
Merge pull request #8817 from daverodgman/iar-pk-fix
...
Compiler warning fixes
2024-02-13 16:33:24 +00:00
Tom Cosgrove
8fe2e36de5
Merge pull request #8801 from gilles-peskine-arm/sha3-no-table
...
Inline the SHA3 parameters table into a switch
2024-02-13 14:06:44 +00:00
Dave Rodgman
b4cb8bef42
Fix remaining warnings from -Wshorten-64-to-32
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-13 13:41:16 +00:00
Dave Rodgman
aa74165948
Fix IAR cast warning
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-13 13:40:26 +00:00
Gilles Peskine
92fb604139
Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes
...
Add non-regression tests. Update some test functions to not assume that
byte_length == bit_length / 8.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-12 11:24:08 +01:00
Gilles Peskine
19f1adfc69
New function mbedtls_rsa_get_bitlen()
...
Document, implement and test mbedtls_rsa_get_bitlen().
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-12 11:23:05 +01:00
Janos Follath
f741db3d6e
Merge pull request #8764 from Ryan-Everett-arm/threadsafe-key-wiping
...
Make key destruction thread safe
2024-02-12 09:37:59 +00:00
Manuel Pégourié-Gonnard
2e2af414d0
Merge pull request #7604 from zvolin/feature/pkcs5-aes
...
Add AES encrypted keys support for PKCS5 PBES2
2024-02-10 08:46:18 +00:00
Ryan Everett
9dc076b4f4
Fix issue with lock failures returning CORRUPTION_DETECTED
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-09 14:20:09 +00:00
Ryan Everett
7fee4f7318
Fix mutex unlock error handling in psa_destroy_key
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-09 14:11:27 +00:00
Ryan Everett
791fc2e24c
Merge remote-tracking branch 'upstream/development' into pkcs5_aes_new
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-08 14:26:29 +00:00
Janos Follath
7a28738205
Merge pull request #8636 from paul-elliott-arm/new_test_thread_interface
...
New test thread interface
2024-02-08 12:35:40 +00:00
Gilles Peskine
a3172d1e96
Inline the SHA3 parameters table into a switch
...
This saves a few bytes of code size.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-08 10:47:08 +01:00
Manuel Pégourié-Gonnard
b7307630bb
Merge pull request #8703 from valeriosetti/issue7765-guards-in-asn1
...
Conversion function between raw and DER ECDSA signatures (guards in ASN1)
2024-02-08 08:45:30 +00:00
Manuel Pégourié-Gonnard
7bf1e98f44
Merge pull request #8740 from valeriosetti/issue8647
...
Move RSA basic key parsing/writing to rsa.c
2024-02-08 08:35:42 +00:00
Tom Cosgrove
c8de362202
Merge pull request #8665 from ivq/reduce_static_mem
...
Reduce many unnecessary static memory consumption
2024-02-07 23:26:27 +00:00
Valerio Setti
1910390b4a
psa_util: improve leading zeros check in convert_der_to_raw_single_int()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 16:16:58 +01:00
Manuel Pégourié-Gonnard
1d7bc1ecdf
Merge pull request #8717 from valeriosetti/issue8030
...
PSA FFDH: feature macros for parameters
2024-02-07 10:06:03 +00:00
Dave Rodgman
57a0957938
Merge pull request #8788 from daverodgman/old-gcc-alignment-bug
...
Change unaligned access method for old gcc
2024-02-07 09:31:45 +00:00
Valerio Setti
447bbce8b4
rsa: remove unnecessary check in priv/pub key parsing
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 08:02:03 +01:00
Gilles Peskine
f45589b492
Merge pull request #8198 from silabs-Kusumit/kdf_incorrect_initial_capacity
...
KDF incorrect initial capacity
2024-02-06 17:29:43 +00:00
Gilles Peskine
137e0c1a02
Merge pull request #8761 from valeriosetti/issue4681
...
Re-introduce enum-like checks from CHECK_PARAMS
2024-02-06 17:29:38 +00:00
Gilles Peskine
fb7001f15b
Merge pull request #8738 from gilles-peskine-arm/pk_import_into_psa-use_usage
...
Implement mbedtls_pk_get_psa_attributes
2024-02-06 17:28:54 +00:00
Ryan Everett
a76a0011ab
Remove mutex calls in psa_wipe_all_key_slots
...
Code size and code style improvement, these calls aren't needed.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-06 16:45:54 +00:00
Valerio Setti
bb76f80218
pk_wrap: use proper raw buffer length in ecdsa_sign_psa()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 16:57:23 +01:00
Valerio Setti
cf81f69977
psa_util: smarter raw length check in mbedtls_ecdsa_raw_to_der()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 16:57:12 +01:00
Valerio Setti
6269f3baf4
Revert "psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()"
...
This reverts commit d4fc5d9d1c
.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 16:55:18 +01:00
Ronald Cron
90e223364c
tls13: cli: Refine early data status
...
The main purpose of the change is to
know from the status, at any point in
the handshake, if early data can be
sent or not and why.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
fe59ff794d
tls13: Send dummy CCS only once
...
Fix cases where the client was sending
two CCS, no harm but better to send only one.
Prevent to send even more CCS when early data
are involved without having to add conditional
state transitions.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Dave Rodgman
e093281a8b
Pacify check-names
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 15:00:58 +00:00
Dave Rodgman
d09f96b829
Improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 13:51:58 +00:00
Dave Rodgman
22b934e6d2
Use struct not union
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 13:16:13 +00:00
Dave Rodgman
f4e8234f93
Improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 13:16:13 +00:00
Manuel Pégourié-Gonnard
5c9cc0b30f
Merge pull request #8727 from ronald-cron-arm/tls13-ignore-early-data-when-rejected
...
TLS 1.3: SRV: Ignore early data when rejected
2024-02-06 13:16:03 +00:00
Dave Rodgman
ec9936d122
Improve gcc guards
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 13:04:09 +00:00
Dave Rodgman
b327a1e706
Change unaligned access method for old gcc
...
gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94662 shows
that __attribute__ aligned may be ignored.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 11:32:01 +00:00
Chien Wong
4e9683e818
Reduce many unnecessary static memory consumption
...
.data section of ssl_client1 becomes 320 bytes smaller on AMD64.
Signed-off-by: Chien Wong <m@xv97.com>
2024-02-06 17:50:44 +08:00
Gilles Peskine
8a85673a39
Merge remote-tracking branch 'development' into pk_import_into_psa-use_usage
2024-02-06 10:14:17 +01:00
Valerio Setti
d4fc5d9d1c
psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()
...
The only real contraint on the raw buffer is that it is large
enough to contain 2 coordinates. Larger buffers are therefore
allowed and the extra data will simply be ignored.
Note = trying to impose a strict sizing on the raw buffer causes
several failures in test suites. This suggests that it is
quite common to use larger buffer to store raw signatures.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 08:42:42 +01:00
Valerio Setti
fe329cea3f
rsa: handle buffer length similarly in private and public key parsing
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 08:00:18 +01:00
Ronald Cron
71c6e65d83
tls13: ssl_msg.c: Improve/add comments
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-05 16:54:37 +01:00
Ronald Cron
31e2d83eee
tls13: srv: Improve coding
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-05 16:45:57 +01:00
Valerio Setti
091bdc416d
psa_util: enhance checks on leading zeros in convert_der_to_raw_single_int()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-05 16:18:04 +01:00
Manuel Pégourié-Gonnard
32c28cebb4
Merge pull request #8715 from valeriosetti/issue7964
...
Remove all internal functions from public headers
2024-02-05 15:09:15 +00:00
Valerio Setti
05c256fb36
psa_util: minor performance improvement in mbedtls_ecdsa_der_to_raw()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-05 16:02:11 +01:00
Valerio Setti
bec1d842ac
psa_util: convert_der_to_raw_single_int() accepts also all zero integers
...
These values are not mathematically valid as signature, but as
for what it concerns with ECDSA conversion functions, 0 values
in DER format should be translated to 0 values in raw format.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-05 15:50:02 +01:00