Commit graph

198 commits

Author SHA1 Message Date
Jerry Yu
435208a949 Improve generate_handshake_keys
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:29 +08:00
Jerry Yu
c068b6671e Rename tls13 prefix to fix coding issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
f0ac2352d6 Refactor key_schedule_stage_handshake
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
5ccfcd4ca1 Add local variable to represent handshake
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
a0650ebb9d tls13: add handshake key schedule
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
61e35e0047 tls13: add generate handshake keys
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
6ca7c7fd6b Remove useless variables
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-28 18:51:40 +08:00
Jerry Yu
e06f4532ef remove useless code
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
4836952f9d fix tls1_3 prefix issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
b65eb2f3cf Revert "tls13: add generate handshake keys"
This reverts commit f02ca4158674b974ae103849c43e0c92efc40e8c.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
e3131ef7f3 fix various issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
000f976070 Rename get_handshake_transcript
- Remove tls13 prefix
- Remove TLS1_3 macro wrap

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
4925ef5da1 tls13: add generate handshake keys
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
89ea321d96 tls13: add key_schedule_stage_early_data
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Joe Subbiani
2194dc477a Replace MBEDTLS_CHAR_x with MBEDTLS_BYTE_x
The CHAR macros casted to an unsigned char which in this project
is garunteed to be 8 bits - the same as uint8_t (which BYTE casts
to) therefore, instances of CHAR have been swapped with BYTE and
the number of macros have been cut down

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-08-19 09:56:47 +01:00
Joe Subbiani
cd84d76e9b Add Character byte reading macros
These cast to an unsigned char rather than a uint8_t
like with MBEDTLS_BYTE_x
These save alot of space and will improve maintence by
replacing the appropriate code with MBEDTLS_CHAR_x

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-08-19 09:55:41 +01:00
Hanno Becker
dfba065d80 Adjust ssl_tls13_keys.c to consolidated CID/1.3 padding granularity
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
f62a730e80 Add missing semicolon in TLS 1.3 transform generation code
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
edd5bf0a95 Fix and document minimum length of record ciphertext in TLS 1.3
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
7887a77c25 Match parameter check in TLS 1.3 populate transform to 1.2 version
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
c94060c641 Add TLS 1.3 specific key to SSL transform conversion function
This commit adds the TLS 1.3 specific internal function

```
  mbedtls_ssl_tls13_populate_transform()
```

which creates an instance of the SSL transform structure
`mbedtls_ssl_transform` representing a TLS 1.3 record protection
mechanism.

It is analogous to the existing internal helper function

```
   ssl_tls12_populate_transform()
```

which creates transform structures representing record
protection mechanisms in TLS 1.2 and earlier.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:52:49 +01:00
Hanno Becker
cd817b0630 Remove misleading comment in TLS 1.3 key schedule code
The implementation documentation of

```
   mbedtls_ssl_tls1_3_derive_early_secrets()
```

mentioned the PSK binder key, which is misleading because the
function doesn't actually calculate it.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-31 19:40:45 +01:00
Hanno Becker
28e5f1ed57 Avoid unused variable warning in TLS 1.3 PSK binder calculation
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-26 09:29:49 +01:00
Hanno Becker
b7d9bad6be Add helper function for calculation of TLS 1.3 PSK binder
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-24 11:20:30 +01:00
Hanno Becker
ef5235bc2e Add TLS 1.3 second level key derivations
This commit adds helper functions to ssl_tls13_keys.[ch]
allowing to derive the secrets specific to each stage of
a TLS 1.3 handshake (early, handshake, application) from
the corresponding master secret (early secret, handshake
secret, master secret).

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-24 08:32:24 +01:00
Chris Jones
84a773f8e6 Rename ssl_internal.h to ssl_misc.h
Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-03-10 12:52:37 +00:00
Chris Jones
e2191cd789 Update includes to use library/ instead of include/mbedtls/
Simple find and replace using `#include (<|")mbedtls/(.*)_internal.h(>|")`
and `#include $1$2_internal.h$3`.

Also re-generated visualc files by running
`scripts/generate_visualc_files.pl`.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-03-10 12:52:37 +00:00
Hanno Becker
531fe3054c Comment on hardcoding of maximum HKDF key expansion of 255 Bytes
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-16 09:50:17 +01:00
Hanno Becker
61baae7c9f Minor fixes and improvements in TLS 1.3 key schedule documentation
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-16 09:47:47 +01:00
Hanno Becker
2dfe1327e5 Fix miscalculation of maximum TLS 1.3 HKDF label length
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-10 09:23:12 +01:00
Hanno Becker
0c42fd94bb Fix Doxygen documentation of mbedtls_ssl_tls1_3_derive_secret()
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:58:29 +01:00
Hanno Becker
97a21567df Move misplaced comment
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:57:16 +01:00
Hanno Becker
1413bd8ae9 Simplify identification of TLS 1.3 labels in unit test suite
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:46:09 +01:00
Hanno Becker
59b50a1997 Don't use _xxx naming for local variables in ssl_tls13_keys.c
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:58:52 +01:00
Hanno Becker
70d7fb0c2d Don't hardcode TLS 1.3 labels in test cases
ssl_tls1_3_keys.c exports a structure containing all labels used
in the TLS 1.3 key schedule, but the TLS 1.3 key scheduling unit
tests so far replicated those labels in the test file. In particular,
wrong label values in ssl_tls1_3_keys.c wouldn't have been caught
by the unit tests.

This commit modifies the TLS 1.3 key schedule unit tests to use
the TLS 1.3 labels as exported by ssl_tls1_3_keys.c. This not only
makes sure that those labels are correct, but also avoids hardcoding
their hex-encoding in the test file.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:17:37 +01:00
Hanno Becker
a3a5a4e1f9 Please check-names.sh
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 11:33:48 +01:00
Hanno Becker
815869ac9c Improve documentation of ssl_tls1_3_hkdf_encode_label()
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 11:16:16 +01:00
Hanno Becker
00debc734b Minor improvement in ssl_tls13_keys.c
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 11:12:24 +01:00
Hanno Becker
493ea7f4ae Remove instances of camelCase in TLS 1.3 key schedule
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 11:08:06 +01:00
Hanno Becker
939bb4d8f6 Initialize TLS 1.3 label prefix with string literal
This is in line with how the entries of the TLS 1.3 label
structure `mbedtls_ssl_tls1_3_labels` are initialized.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:48:55 +01:00
Hanno Becker
9cb0a146f1 Remove duplicated computation of TLS 1.3 HKDF label length
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:48:14 +01:00
Hanno Becker
e4435ea777 Introduce TLS 1.3 labels in a single place
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:43:52 +01:00
Hanno Becker
1981cb2972 Use uniform naming for TLS 1.3 label fields
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:36:29 +01:00
Hanno Becker
58c5cea73b Include common.h from ssl_tls13_keys.c
`common.h` takes care of the logic of chosing the correct
configuration file, so we don't need to replicate it in
each source file.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:31:33 +01:00
Hanno Becker
e9cccb440c Implement TLS 1.3 key evolution function
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:28:28 +01:00
Hanno Becker
b35d52240b Implement TLS 1.3 key derivation function Derive-Secret
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:28:28 +01:00
Hanno Becker
3385a4d5cf Implement TLS 1.3 traffic key generation
See the documentation in library/ssl_tls13_keys.h.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:28:28 +01:00
Hanno Becker
be9d6648f8 Implement TLS 1.3 key derivation function HKDF-Expand-Label
This commit introduces a new file library/ssl_tls13_key.c
which will subsequently be populated with functionality relating
to the TLS 1.3 key schedule.

Those functions are expected to be internal and are documented
in the internal header library/ssl_tls13_keys.h.

The first function to be implemented is the key expansion
function `HKDF-Expand-Label`. See the documentation in
library/ssl_tls13_keys.h for more information.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:28:06 +01:00