Commit graph

10173 commits

Author SHA1 Message Date
Dave Rodgman
7658b63390 Remove volatile from diff; add explanatory comment
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-20 14:04:48 +00:00
Dave Rodgman
fa96026a0e Move definition of asm out of public header
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-20 14:04:48 +00:00
Dave Rodgman
7f376fa6fc Improve documentation
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-20 14:04:48 +00:00
Dave Rodgman
b9cd19bc8c Prevent perf regressions in mbedtls_xor
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-20 14:04:48 +00:00
Dave Rodgman
051225d07a Address potential perf regression
Ensure platforms that don't have an assembly implementation for
mbedtls_get_unaligned_volatile_uint32() don't experience a performance
regression.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-20 14:04:48 +00:00
Dave Rodgman
36dfc5a237 Improve efficiency of some constant time functions
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-20 14:04:48 +00:00
Dave Rodgman
cb0f2c4491 Tidy-up - move asm #define into build_info.h
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-20 14:04:48 +00:00
Pengyu Lv
9b84ea75de remove ssl_tls13_has_compat_ticket_flags
This content of the function is moved to
ssl_tls13_has_configured_ticket.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-16 14:08:23 +08:00
Pengyu Lv
e2f1dbf5ae update docs of ssl_client2 and improve code format
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-16 12:38:12 +08:00
Pengyu Lv
4938a566bf refine ticket_flags printing helper
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-16 11:28:49 +08:00
Pengyu Lv
acecf9c95b make ticket_flags param types consistent
When ticket_flags used as parameter, use unsigned int,
instead of uint8_t or mbedtls_ssl_tls13_ticket_flags.Also
remove the definition of mbedtls_ssl_tls13_ticket_flags.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-16 11:23:24 +08:00
Pengyu Lv
3643fdbab9 refine the state setting in tls13_handshake_wrapup
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:06:02 +08:00
Pengyu Lv
ee455c01ce move ticket_flags debug helpers
The debug helpers printing ticket_flags status are
moved to ssl_tls.c and ssl_debug_helpers.h.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:06:01 +08:00
Pengyu Lv
189465306d remove MBEDTLS_ERR_SSL_TICKET_INVALID_KEX_MODE error
Return MBEDTLS_ERR_ERROR_GENERIC_ERROR when ticket_flags
are not compatible with advertised key exchange mode.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:06:00 +08:00
Pengyu Lv
80270b2151 rename ticket_flags helper functions to generic ones
Ticket flags is quite generic and may make sense in the
future versions of TLS or even in TLS 1.2 with new
extensions. This change remane the ticket_flags helper
functions with more generic `mbedtls_ssl_session` prefix
instead of `mbedtls_ssl_tls13_session`.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:59 +08:00
Pengyu Lv
a1aa31b8b1 fix review comments
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:58 +08:00
Pengyu Lv
1735ba30ea fix review comments
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:57 +08:00
Pengyu Lv
9eacb44a5e improve code format and readability
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:57 +08:00
Pengyu Lv
9356678047 filter the tickets with tls13_kex_mode on client side.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:56 +08:00
Pengyu Lv
e6487fe3c2 guard tls13_kex_modes related function calls with macro
Handshake parameter field, tls13_kex_mode is only valid when
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED is set.
So, any functions / calls should be guarded by this macros.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:55 +08:00
Pengyu Lv
3eb49be6a8 move kex mode check in ticket_flags to psks_check_identity_match_ticket
Move the kex mode check in ticket_flags to
ssl_tls13_offered_psks_check_identity_match_ticket and add new error
'MBEDTLS_ERR_SSL_TICKET_INVALID_KEX_MODE' to indicate the check
failure.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:55 +08:00
Pengyu Lv
c7af2c4f8c tls13: send new session ticket only when client supports psk
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:54 +08:00
Pengyu Lv
c55eeb682d tls13: check if the session ticket is compatible with key exchange modes
The server check if the ticket_flags is compatible with the advertised
key exchange modes in Pre-Shared Key Exchange Modes extension. The
incompatible ticket should be mark as not matched.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:53 +08:00
Pengyu Lv
9f92695c8d tls13: set key exchange mode in ticket_flags on client/server
Set the ticket_flags when:
  - server: preparing NST (new session ticket) message
  - client: postprocessing NST message

Clear the ticket_flags when:
  - server: preparing NST message
  - client: parsing NST message

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:53 +08:00
Pengyu Lv
b7d50acb37 tls13: add helpers to manipulate ticket_flags
Add helper functions to get/set/clear ticket_flags.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:52 +08:00
Pengyu Lv
5b8dcd2097 Add debug helper to print ticket_flags status
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-01-13 11:05:52 +08:00
Gilles Peskine
449bd8303e Switch to the new code style
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-11 14:50:10 +01:00
Gilles Peskine
03e99cf14d Remove redundant error code definitions
We're including psa/crypto_values.h, which defines the necessary error
codes. Remove redundant definitions, which hurt because they need to be
styled in exactly the same way (same presence/absence of spaces between
tokens).

This completes the fix of https://github.com/Mbed-TLS/mbedtls/issues/6875.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-11 11:15:18 +01:00
Ronald Cron
83c5ad4873
Merge pull request #6787 from yuhaoth/pr/workaround-gnutls_anti_replay_fail
TLS 1.3: EarlyData: Workaround anti replay fail from GnuTLS
2023-01-11 09:05:36 +01:00
Gilles Peskine
0770efe4e1
Merge pull request #6888 from daverodgman/iar-bignum-warning
Fix IAR warning
2023-01-10 22:08:37 +01:00
Manuel Pégourié-Gonnard
28d4d43416
Merge pull request #6863 from valeriosetti/issue6830
Remove uses of mbedtls_ecp_curve_info in TLS (with USE_PSA)
2023-01-10 10:01:17 +01:00
Jerry Yu
3e60cada5d Improve comment and changlog
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-01-10 14:58:08 +08:00
Valerio Setti
a0b97bc803 fix wrong type in debug message
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2023-01-09 19:10:32 +01:00
Valerio Setti
1e868ccbac fix several typos and extra blank spaces
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2023-01-09 17:59:46 +01:00
Valerio Setti
2b5d3ded1f remove remaining occurencies of mbedtls_ecc_group_to_psa() from TLS
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2023-01-09 11:04:52 +01:00
Jerry Yu
bdb936b7a5 Workaround anti replay fail of GnuTLS
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-01-07 20:19:55 +08:00
Glenn Strauss
14db51224e Fix IAR warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-06 14:20:14 +00:00
Gilles Peskine
cd0a565644
Merge pull request #6703 from yuhaoth/pr/tls13-misc-from-prototype
TLS 1.3: Upstream misc fix from prototype
2023-01-05 14:35:54 +01:00
David Horstmann
bec95320ba Don't restyle end of file
Move the *INDENT-ON* annotation to the end of the file so that
uncrustify does not restyle the later sections (since it introduces a
risk of future problems).

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-05 09:50:47 +00:00
David Horstmann
cb3b6ae580 Disable code style correction for bignum assembly
The inline assembly defined in bn_mul.h confuses code style parsing,
causing code style correction to fail. Disable code style correction for
the whole section gated by "#if defined(MBEDTLS_HAVE_ASM)" to prevent
this.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-04 17:50:08 +00:00
Valerio Setti
67419f0e11 tls: fix + save code size when DEBUG_C is not enabled
Some PSA curves' symbols (PSA_WANT_) were not matching the corresponding
MBEDTLS_ECP_DP_. This was fixed together with the removal of extra code
when DEBUG_C is not enabled.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2023-01-04 17:36:00 +01:00
Valerio Setti
40d9ca907b tls: remove useless legacy function
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2023-01-04 16:08:04 +01:00
Valerio Setti
18c9fed857 tls: remove dependency from mbedtls_ecp_curve functions
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2023-01-03 13:03:34 +01:00
David Horstmann
e3d8f31ba1 Workaround Uncrustify parsing of "asm"
The following code:

 #ifndef asm
 #define asm __asm
 #endif

causes Uncrustify to stop correcting the rest of the file. This may be
due to parsing the "asm" keyword in the definition.

Work around this by wrapping the idiom in an *INDENT-OFF* comment
wherever it appears.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-01-03 11:07:09 +00:00
Manuel Pégourié-Gonnard
7a389ddc84
Merge pull request #6784 from valeriosetti/issue6702
Make SHA224_C/SHA384_C independent from SHA256_C/SHA512_C
2023-01-03 09:36:58 +01:00
Janos Follath
b4b0bb737d
Merge pull request #5907 from mpg/use-psa-rsa-pss
Use PSA more often in `pk_verify_ext()`
2022-12-30 12:33:50 +00:00
Gilles Peskine
b402e4bde1
Merge pull request #6595 from mfischer/lms_heap
lms: Move merkle tree generation to heap allocation
2022-12-23 18:29:04 +01:00
Valerio Setti
326cf46764 test: improved readability in sha self tests
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-12-23 14:57:18 +01:00
Manuel Pégourié-Gonnard
676766ff77
Merge pull request #6776 from gabor-mezei-arm/6222_bignum_mod_mul
Bignum: Implement fixed width modular multiplication
2022-12-23 10:39:30 +01:00
Manuel Pégourié-Gonnard
2fcb4c1d06
Merge pull request #6747 from gilles-peskine-arm/bignum-mod-random
Bignum mod random
2022-12-23 10:36:22 +01:00