Ronald Cron
067a1e735e
tls13: Try reasonable sig alg for CertificateVerify signature
...
Instead of fully validating beforehand
signature algorithms with regards to the
private key, do minimum validation and then
just try to compute the signature. If it
fails try another reasonable algorithm if any.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:30:13 +02:00
Ronald Cron
38391bf9b6
tls13: Do not impose minimum hash size for RSA PSS signatures
...
When providing proof of possession of
an RSA private key, allow the usage for RSA
PSS signatures of a hash with a security
level lower that the security level of the
RSA private key.
We did not allow this in the first place to
align with the ECDSA case. But as it is not
mandated by the TLS 1.3 specification (in
contrary to ECDSA), let's allow it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:29:41 +02:00
Ronald Cron
67ea2543ed
tls13: server: Add sig alg checks when selecting best certificate
...
When selecting the server certificate based on
the signature algorithms supported by the client,
check the signature algorithms as close as possible
to the way they are checked to compute the
signature for the server to prove it possesses
the private key associated to the certificate.
That way we minimize the odds of selecting a
certificate for which the server will not be
able to compute the signature to prove it
possesses the private key associated to the
certificate.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-09-20 14:26:32 +02:00
Przemek Stekiel
dca224628b
ssl_tls13_select_sig_alg_to_psa_alg: optimize code
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-15 14:16:11 +02:00
Przemek Stekiel
f937e669bd
Guard new code with MBEDTLS_USE_PSA_CRYPTO
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-15 14:16:11 +02:00
Przemek Stekiel
3c326f9697
Add function to convert sig_alg to psa alg and use it
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-15 14:16:11 +02:00
Przemek Stekiel
b40f2e81ec
TLS 1.3: Take into account key policy while picking a signature algorithm
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-15 14:10:19 +02:00
Manuel Pégourié-Gonnard
409a620dea
Merge pull request #6255 from mprse/md_tls13
...
Driver-only hashes: TLS 1.3
2022-09-15 10:37:46 +02:00
Manuel Pégourié-Gonnard
18dff1f226
Merge pull request #5871 from superna9999/4153-psa-expose-ec-j-pake
...
Expose ECJPAKE through the PSA Crypto API
2022-09-15 09:25:55 +02:00
Ronald Cron
208257b39f
Merge pull request #6259 from yuhaoth/pr/add-psk_ephemeral-possible-group-tests
...
TLS 1.3: PSK: Add possible group tests for psk with ECDHE
2022-09-14 14:21:46 +02:00
Przemyslaw Stekiel
ab9b9d4669
ssl_tls13_keys.h: use PSA max hash size
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-14 13:51:07 +02:00
Przemyslaw Stekiel
da6452578f
ssl_tls13_generic.c: fix hash buffer sizes (use PSA_HASH_MAX_SIZE)
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-14 12:50:51 +02:00
Neil Armstrong
6a12a7704d
Fix typo in comment
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-14 12:17:42 +02:00
Przemyslaw Stekiel
004c2181f0
ssl_misc.h: hash guards adaptations
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-14 11:00:57 +02:00
Przemek Stekiel
0852ef8b96
mbedtls_ssl_reset_transcript_for_hrr: remove redundant 'else' statement
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
9dfbf3a006
ssl_tls13_generic.c: optimize code to save memory
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
153b442cc3
mbedtls_ssl_tls13_sig_alg_is_supported: adapt guards
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
47e3cb1875
ssl_tls13_generic.c: adapt guards for MBEDTLS_SHAxxx_C
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Neil Armstrong
fa84962296
Add comment explaining PSA PAKE vs Mbedtls J-PAKE API matching strategy
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-13 15:19:56 +02:00
Neil Armstrong
3d4966a5cb
Move possible input/output steps check inside PSA_ALG_JPAKE handling
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-13 15:19:56 +02:00
Neil Armstrong
017db4cdda
Drop calls to mbedtls_ecjpake_check()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-13 15:19:56 +02:00
Neil Armstrong
1d0294f6ed
Clarify sequence length calculation comment
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-13 15:19:56 +02:00
Neil Armstrong
cb679f23bc
Replace 0s with proper defines when possible
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-13 14:43:07 +02:00
Przemek Stekiel
5166954d14
Make more use of MBEDTLS_MAX_HASH_SIZE macro
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 12:57:05 +02:00
Neil Armstrong
ecb221b1ff
Move operation buffer in operation struct and remove dynamic allocation
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-08 11:21:07 +02:00
Przemek Stekiel
40afdd2791
Make use of MBEDTLS_MAX_HASH_SIZE macro
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-06 14:18:45 +02:00
Przemek Stekiel
c3f2767c25
hash_info.h: add MBEDTLS_MAX_HASH_SIZE macro
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-06 14:18:39 +02:00
Neil Armstrong
9720b881f5
Remove doxygen markup outside doxygen block in psa_pake_sequence comment
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-06 11:39:21 +02:00
Neil Armstrong
b39833cff2
Fix typo in psa_pake_sequence comment
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-06 11:36:02 +02:00
Jerry Yu
58af2335d9
Add possible group tests for psk with ECDHE
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-06 14:49:39 +08:00
Neil Armstrong
bcd5bd933e
Add a comment expliciting usage of internal PAKE step/state/sequence enums
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-05 18:34:12 +02:00
Neil Armstrong
5bbdb70131
Fix style in psa_pake_input()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-05 17:54:15 +02:00
Andrzej Kurek
216baca131
pkcs5: improve error handling
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:15:34 -04:00
Andrzej Kurek
e3d544c58f
Minor PKCS5 improvements
...
Add consts, more elegant size calculation and
variable initialization.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
3d0dfb99c9
Change the pkcs5_pbkdf2_hmac deprecation approach
...
The shared part has now been extracted and will
be used regardless of the deprecation define.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
f000471c66
Add missing MD dependency for pkcs5_pbkdf2_hmac
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
ed98e95c81
Adjust pkcs5 test dependencies
...
Hashing via PSA is now supported
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
890e78ae66
Deprecate mbedtls_pkcs5_pbkdf2_hmac
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
dd36c76f09
Provide a version of pkcs5_pbkdf2_hmac without MD usage
...
Use the new implementation locally
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Manuel Pégourié-Gonnard
97fc247d6a
Merge pull request #6232 from AndrzejKurek/pkcs12-no-md
...
Remove MD dependency from pkcs12 module
2022-09-02 09:43:13 +02:00
Andrzej Kurek
e16e6edfce
Remove the dependency on MD_MAX_SIZE from PKCS12
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-01 08:57:59 -04:00
Andrzej Kurek
7bd12c5d5e
Remove MD dependency from pkcs12 module
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-01 08:57:41 -04:00
Ronald Cron
e00d6d6b55
Merge pull request #6135 from yuhaoth/pr/tls13-finalize-external-psk-negotiation
...
TLS 1.3: SRV: Finalize external PSK negotiation
2022-08-31 17:21:57 +02:00
Neil Armstrong
f19a3cb613
Use the mbedtls_ecjpake_write_shared_key() to input raw shared key material as derivation secret
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
12663092bc
Introduce mbedtls_ecjpake_write_shared_key() to export the EC J-PAKE shared key material before the KDF()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
db05cbfb86
Introduce and use mbedtls_ecjpake_to_psa_error() to translate various ECP/MPI errors to expected PSA errors
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
1e855601ca
Fix psa_pake_get_implicit_key() state & add corresponding tests in ecjpake_rounds()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
e92311176a
Add missing parentheses on return statements
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
5fb07c6a96
No need to check for state in psa_pake_setup()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
a557cb8c8b
Fixing XXX_ALG_ECJPAKE to XXX_ALG_JPAKE to match specification
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00