Paul Elliott
1bc59df92c
Rename curve_bytes to coordinate_bytes
...
Also remove unneeded instance from verify operation struct.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
096abc4dc0
Remove incorrect copied comment
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
e17a8fd9fd
Remove unneeded warning from internal headers
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
4684525ae9
Remove unrequired mpis from sign operation struct
...
These are only used at the output stage.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
6ee2408d26
Remove deterministic alg restriction on sign hash
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
068fe07740
Improve indentation of hash start functions
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
7cc4e816c1
Ensure max ops gets set regardless of having built-in implementation
...
Set the psa level global anyway, regardless of having a built in
implementation, to match the set function. Also, ensure that value returned
is the same as value passed in, irregardless of internal implementation
requirements.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
59ad9457b6
Add {sign/verify}_hash_abort_internal
...
Ensure that num_ops is cleared when manual abort is called, but obviously not
when an operation just completes, and test this.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
296ede99c9
Fix issues with get_{sign/verify}_num_ops
...
Move to accumulate ops in context rather than attempting to read straight out
of structures due to structure ops getting reset per operation, and also
issues with _abort clearing internal data. Fix usage of size_t in structures
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
588f8ed498
Add internal implementation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
2ba002cc2f
Make ECDSA restartable sign and verify functions public
...
Make public the versions of ECSDA sign and verify which return raw signatures
rather than returning ASN.1 encoded signatures, in order to use them for the
internal implemention of psa_sign/verify_hash_interruptible.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 23:34:29 +00:00
Paul Elliott
9fe12f666b
PSA level initial implementation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 12:13:17 +00:00
Paul Elliott
2d247923e5
Initial empty driver wrapper implementation
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-15 12:13:17 +00:00
Gilles Peskine
edc6ae9578
Merge pull request #7090 from paul-elliott-arm/fix_iar_warnings_dev
...
Fix IAR Warnings
2023-02-14 20:01:00 +01:00
Dave Rodgman
319a5675db
Merge pull request #7084 from daverodgman/sizemax-uintmax
...
Assume SIZE_MAX >= INT_MAX, UINT_MAX
2023-02-14 10:06:22 +00:00
Ronald Cron
70341c17b7
Merge pull request #6773 from yanrayw/6675-change-early_secrets-to-local
...
TLS 1.3: Key Generation: Change tls13_early_secrets to local variable
2023-02-14 09:03:32 +01:00
Paul Elliott
1748de160a
Fix IAR Warnings
...
IAR was warning that conditional execution could bypass initialisation of
variables, although those same variables were not used uninitialised.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-13 15:35:35 +00:00
Manuel Pégourié-Gonnard
d3d8c852a0
Merge pull request #6997 from valeriosetti/issue6858
...
driver-only ECDSA: get testing parity in X.509
2023-02-13 15:30:06 +01:00
Valerio Setti
178b5bdddf
pk: move MBEDTLS_PK_CAN_ECDSA_SOME macro to pk.h and fix tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-13 11:15:06 +01:00
Dave Rodgman
ab1f3c153a
Merge pull request #7081 from tom-cosgrove-arm/dont-use-lstrlenW
2023-02-10 20:50:07 +00:00
Dave Rodgman
4a5c9ee7f2
Remove redundant SIZE_MAX guards
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-10 16:03:44 +00:00
Gilles Peskine
b8531c4b0b
Merge pull request #6882 from AndrzejKurek/x509_san_parsing_testing-dev
...
X.509: Fix bug in SAN parsing and enhance negative testing
2023-02-10 15:05:32 +01:00
Dave Rodgman
a22749e749
Merge pull request #6816 from nick-child-ibm/pkcs7_coverage
...
Pkcs7 coverage
2023-02-10 12:55:29 +00:00
Tom Cosgrove
b96c309395
Don't use lstrlenW() on Windows
...
The lstrlenW() function isn't available to UWP apps, and isn't necessary, since
when given -1, WideCharToMultiByte() will process the terminating null character
itself (and the length returned by the function includes this character).
Resolves #2994
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-02-10 12:52:13 +00:00
Ronald Cron
834e65d47f
Merge pull request #6499 from xkqian/tls13_write_end_of_early_data
...
Tls13 write end of early data
2023-02-10 11:08:22 +01:00
Dave Rodgman
78c6f40736
Fix code-style
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-09 09:21:14 +00:00
Nick Child
14f255f332
pkcs7: Remove unnecessary dependencies
...
stdio, stdlib and string header files are not
used. Remove them.
Signed-off-by: Nick Child <nick.child@ibm.com>
2023-02-08 15:38:48 +00:00
Valerio Setti
ce0caa3384
oid: fix comment in #endif
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-08 13:52:31 +01:00
Valerio Setti
f972ce8d69
oid: replace ECDSA_C with new macros for ECDSA capabilities
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-02-08 13:52:31 +01:00
Xiaokang Qian
0de0d863b6
Rebase code to restore reco-delay and fix some style issues
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 07:41:42 +00:00
Xiaokang Qian
8dc4ce76c7
Fix various coding style and comment issues
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
6b980011e5
Replace session_negotiate->ciphersuite with handshake->ciphersuite_info->id
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
53c4c27d35
Update the comment of ciphersuite check for early data
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
64bc9bc33d
Add comments to describe the early data behavior-encrypt/rejected...
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
e04afdc44f
Refine the condition of whether re-generate early keys
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
eb31cbc791
Share the hash check code between ticket and external psk
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
4ef8ba2938
Assign the ciphersuite in finalize_hrr{server_hello}
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
bb883244aa
Remove useless comments of outbound switch
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
02f5e14073
Combine the alert check of selected_id and ciphercuite
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
934ce6f6a9
Rename the finalize_client{server}_hello()
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
ac4c625dea
Add hash check of ciphersuite for ticket psk
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
6be8290aba
Change to CCS after client hello only if we offer early data
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
7179f810f1
Restore the empty lines
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
b58462157e
Refine the ciphersuite and select id check for early data
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
44051f6376
Refine the state change after write client hello
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
7892b6caad
Refine the comment about generating early secrects in post server hello
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
bd0ab06d50
Skip CCS once we proposed early data even it is rejected
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
f6d8fd3d6b
Improve the coding style of new lines
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
Xiaokang Qian
79f77528f5
Move state change to finalize client hello
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:47 +00:00
Xiaokang Qian
3f616c2493
Move selected_identity zero check to post_server_hello
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:47 +00:00