Commit graph

16083 commits

Author SHA1 Message Date
Hanno Becker
24628b69be Add ChangeLog entry
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-23 06:03:55 +01:00
Hanno Becker
b2efc4d464 Add migration guide
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-23 06:03:55 +01:00
Hanno Becker
80d163d496 Remove Doxygen references to now-internal MFL query API
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-23 06:03:55 +01:00
Hanno Becker
2d8e99b097 Add API to query maximum plaintext size of incoming records
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-23 06:03:55 +01:00
Hanno Becker
be746949c4 Relax documentation of mbedtls_ssl_get_max_out_record_payload()
The previous documentation could be read as exhaustively listing
the factors that go into computing the maximum outgoing record
plaintext size -- we should give examples, but allow ourselves
to add more factors in the future.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-23 06:03:55 +01:00
Hanno Becker
9752aadd85 Make query API for state of MFL extension internal
This commit makes the API

- mbedtls_ssl_get_output_max_frag_len()
- mbedtls_ssl_get_input_max_frag_len()
- mbedtls_ssl_get__max_frag_len()

for querying the state of the Maximum Fragment Length
extension internal.

Rationale: The value those APIs provide to the user is in
upper bounds for the size of incoming and outgoing records,
which can be used to size application data buffers apporpriately
before passing them to mbedtls_ssl_{read,write}(). However,
there are other factors which influence such upper bounds,
such as the MTU or other extensions (specifically, the
record_size_limit extension which is still to be implemented)
which should be taken into account.

There should be more general APIs for querying the maximum
size of incoming and outgoing records.

For the maximum size of outgoing records, we already have such,
namely mbedtls_ssl_get_max_out_record_payload().

For the maximum size of incoming records, a new API will be
added in a subsequent commit.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-23 06:03:55 +01:00
Hanno Becker
c49d15fded Use 'version-specific' instead of 'implementation-defined' in API
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-23 05:41:21 +01:00
Thomas Daubney
f54c5c5547 Fixes typo
Commit fixes typo in rsa.h found in review.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-21 17:05:21 +01:00
Thomas Daubney
62b0d1dbc8 Adds ChangeLog and Migration guide entry
Commit adds relevant entry to the
ChangeLog and to the
Migration guide.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-21 17:05:12 +01:00
Ronald Cron
f823722af4
Merge pull request #4532 from gilles-peskine-arm/host_test-int32-3.0
Fix build error in host_test.function when int32_t is not int
2021-05-21 16:02:28 +02:00
Thomas Daubney
d58ed587fd Restores erroneously removed checks
Some padding checks in rsa.c were
erroneously removed in a previous
commit and are restored in this
commit.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-21 11:50:39 +01:00
Thomas Daubney
2c65db9655 Corrects documentation in rsa.h
Some documentation in rsa.h was
still incorrect regarding f_rng
being mandatory. This has now
been corrected.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-21 10:58:28 +01:00
Janos Follath
7fc487c4d6
Merge pull request #4347 from hanno-arm/ssl_session_cache_3_0
Add session ID as an explicit parameter to SSL session cache API
2021-05-21 09:28:55 +01:00
Manuel Pégourié-Gonnard
ea047c8590
Merge pull request #4429 from gilles-peskine-arm/openssl-dhparam-robustness-3.0
Fix SSL tests scripts with recent OpenSSL server with Diffie-Hellman
2021-05-21 10:16:38 +02:00
Manuel Pégourié-Gonnard
59c4412767
Merge pull request #4497 from netfoundry/fix-mingw-build-development
Use proper formatting macros when using MinGW provided stdio
2021-05-21 10:03:26 +02:00
Ronald Cron
ca72287583
Merge pull request #4304 from mstarzyk-mobica/convert_NO_SHA384_to_positive
Modify config option for SHA384.
2021-05-21 08:04:33 +02:00
Jaeden Amero
424fa93efd psa: Support RSA signature without MBEDTLS_GENPRIME
On space-constrained platforms, it is a useful configuration to be able
to import/export and perform RSA key pair operations, but to exclude RSA
key generation, potentially saving flash space. It is not possible to
express this with the PSA_WANT_ configuration system at the present
time. However, in previous versions of Mbed TLS (v2.24.0 and earlier) it
was possible to configure a software PSA implementation which was
capable of making RSA signatures but not capable of generating RSA keys.
To do this, one unset MBEDTLS_GENPRIME.

Since the addition of MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR, this
expressivity was lost. Expressing that you wanted to work with RSA key
pairs forced you to include the ability to generate key pairs as well.

Change psa_crypto_rsa.c to only call mbedtls_rsa_gen_key() if
MBEDTLS_GENPRIME is also set. This restores the configuration behavior
present in Mbed TLS v2.24.0 and earlier versions.

It left as a future exercise to add the ability to PSA to be able to
express a desire for a software or accelerator configuration that
includes RSA key pair operations, like signature, but excludes key pair
generation.

Without this change, linker errors will occur when attempts to call,
which doesn't exist when MBEDTLS_GENPRIME is unset.
    psa_crypto_rsa.c.obj: in function `rsa_generate_key':
    psa_crypto_rsa.c:320: undefined reference to `mbedtls_rsa_gen_key'

Fixes #4512

Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
2021-05-20 17:08:59 +01:00
Jaeden Amero
ff143c0a34 psa: Add missing RSA test dependency
The test "PSA generate key: RSA, 1024 bits, good, encrypt (OAEP
SHA-256)" had a dependency on MBEDTLS_GENPRIME, but this was not listed
in the dependencies. Add MBEDTLS_GENPRIME to the test's dependencies to
ensure it has what it needs to run.

Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
2021-05-20 17:08:59 +01:00
Gilles Peskine
e913174c8a
Merge pull request #4543 from gilles-peskine-arm/undefined-reference-3.0
Fix missing compilation guard around psa_crypto_driver_wrappers.c
2021-05-20 17:20:31 +02:00
Thomas Daubney
03412787e1 Modifies documentation in rsa.h
Changes to documentation to show that
f_rng is no longer going to be
optional in 3.0.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-20 15:31:17 +01:00
Gilles Peskine
3248be4b3a
Merge pull request #4462 from netfoundry/gcc11.fixes
build with gcc11
2021-05-20 15:54:23 +02:00
Gilles Peskine
f4c1d58607
Merge pull request #4453 from facchinm/crt_in_filesystem_mbed_os
mbed-os: allow storing certificates in filesystem
2021-05-20 15:53:47 +02:00
Ronald Cron
49fef37ebf
Merge pull request #4342 from gilles-peskine-arm/gcm-update-any-length
GCM: allow arbitrary lengths for update
Only the ABI-API-checking job failed and this is expected thus good to go.
2021-05-20 15:08:55 +02:00
Mateusz Starzyk
17011a3185 Merge branch 'development' into convert_NO_SHA384_to_positive
Conflicts:
	library/version_features.c
	programs/test/query_config.c

Files were removed in development branch and modified by current branch.
Conflicts fixes by removing them.
2021-05-20 14:18:12 +02:00
Mateusz Starzyk
3489cc1433 Improve migration guide for SHA384 option
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-20 13:52:48 +02:00
Thomas Daubney
f505b0e307 Removes unused variables in test_suite_rsa.function
CI was failing on check_params due to
MBEDTLS_RSA_PRIVATE being assigned to a now
superfluous variable. The variable has been
as well as another superfluous variable.
This should correct the CI issue.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-20 12:20:55 +01:00
Gilles Peskine
085e94f4f7
Merge pull request #4395 from gilles-peskine-arm/no-generated-files-3.0
Remove generated files from source control
2021-05-20 12:40:54 +02:00
Gilles Peskine
15c7b40ab7 Reorder the text to say who is affected first
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 12:11:19 +02:00
Gilles Peskine
7f312c811b Add migration guides for GCM
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 11:51:46 +02:00
Mateusz Starzyk
4b3dfd0a96 Fix test data description
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-20 11:16:59 +02:00
Mateusz Starzyk
425e23ed64 Fix notes for is384 parameter
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-20 11:15:13 +02:00
Gilles Peskine
eb30b0cc39 Merge remote-tracking branch 'upstream-public/development' into no-generated-files-3.0
Conflicts: generated files that are removed in this branch and have
changed in development. Resolved by keeping the files removed.
2021-05-20 10:40:48 +02:00
Gilles Peskine
a13deaf986 Use an order-only dependency the presence matters but not the content
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
7ca4ff677d Remove Git pre-commit hook
Since generated files are no longer stored in the repository, they
don't need to be up-to-date before committing.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
67debb6161 Test check-generated-files.sh
Re-create a component check_generated_files. Unlike the old one, which checked
that the generated files were up-to-date, the job of the new one is to check
that tests/scripts/check-generated-files.sh works (at least to the extent of
not errorring out).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
94230eaf41 Fix make generated_files generating broken visualc files
Ensure that the .c files that generate_visualc_files.pl enumerates are present
before it runs. Otherwise, depending on the order in which make builds
targets, running `make generated_files` from a fresh checkout could end up
missing `library/error.c` and `library/version_features.c`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
e2f476e0fd Avoid creating visualc/VS2010/*.bak.bak files
This could happen if a previous run of check-generated-files failed.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
539f1432cd Remove caching of cc_is_msvc
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
7c18550383 Remove object file in finally
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
46d894925d Move object file handling out of create_c_file()
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
0671dd3107 Add notice of caching whether the compiler is MSVC
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
24c29fe7c3 Clean up object files produced by MSVC
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
fa6bf1e588 Detect MSVC without relying on compiler filename
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
b32966dd92 In update mode, create the files if they don't exist
`check-generated-files -u` aborted if one of the generated files
didn't exist. Now it treats a missing file as an out-of-date file.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
e151e21ae3 Explicitly use UTF-8 in assemble_changelog
Changelog contents should be UTF-8 text files. So explicitly open all files as
UTF-8. This makes the script independent of the ambient locale (except with
respect to exception messages, but we can live with that).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
7261fff37b Switch assemble_changelog to using text strings
Changelog contents should be UTF-8 text files. There's no need to be
binary-safe. So switch to using text strings in Python (str, not bytes). This
commit makes the following changes:
* Bytes literals (b'…') to string literals ('…').
* Subprocess output (which is all git information) is decoded as ascii.
* Inject text directly in exceptions rather than calling a decode method.

This is enough to make the script work as desired in a UTF-8 locale.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
383339c1f1 Changelog entry for the requirement to generate source files
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Gilles Peskine
d05a588f19 Document how to build the generated source files
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
3bd51b0bb1 Improve MSVC detection
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00
Bence Szépkúti
9e84ec7711 Always use posix semantics when joining paths
The backslashes were causing issues with Makefile rules.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-05-20 10:37:22 +02:00