Manuel Pégourié-Gonnard
b7307630bb
Merge pull request #8703 from valeriosetti/issue7765-guards-in-asn1
...
Conversion function between raw and DER ECDSA signatures (guards in ASN1)
2024-02-08 08:45:30 +00:00
Manuel Pégourié-Gonnard
7bf1e98f44
Merge pull request #8740 from valeriosetti/issue8647
...
Move RSA basic key parsing/writing to rsa.c
2024-02-08 08:35:42 +00:00
Tom Cosgrove
c8de362202
Merge pull request #8665 from ivq/reduce_static_mem
...
Reduce many unnecessary static memory consumption
2024-02-07 23:26:27 +00:00
Valerio Setti
1910390b4a
psa_util: improve leading zeros check in convert_der_to_raw_single_int()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 16:16:58 +01:00
Manuel Pégourié-Gonnard
1d7bc1ecdf
Merge pull request #8717 from valeriosetti/issue8030
...
PSA FFDH: feature macros for parameters
2024-02-07 10:06:03 +00:00
Dave Rodgman
57a0957938
Merge pull request #8788 from daverodgman/old-gcc-alignment-bug
...
Change unaligned access method for old gcc
2024-02-07 09:31:45 +00:00
Valerio Setti
447bbce8b4
rsa: remove unnecessary check in priv/pub key parsing
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 08:02:03 +01:00
Gilles Peskine
f45589b492
Merge pull request #8198 from silabs-Kusumit/kdf_incorrect_initial_capacity
...
KDF incorrect initial capacity
2024-02-06 17:29:43 +00:00
Gilles Peskine
137e0c1a02
Merge pull request #8761 from valeriosetti/issue4681
...
Re-introduce enum-like checks from CHECK_PARAMS
2024-02-06 17:29:38 +00:00
Gilles Peskine
fb7001f15b
Merge pull request #8738 from gilles-peskine-arm/pk_import_into_psa-use_usage
...
Implement mbedtls_pk_get_psa_attributes
2024-02-06 17:28:54 +00:00
Valerio Setti
bb76f80218
pk_wrap: use proper raw buffer length in ecdsa_sign_psa()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 16:57:23 +01:00
Valerio Setti
cf81f69977
psa_util: smarter raw length check in mbedtls_ecdsa_raw_to_der()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 16:57:12 +01:00
Valerio Setti
6269f3baf4
Revert "psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()"
...
This reverts commit d4fc5d9d1c
2024-02-06 16:55:18 +01:00
Dave Rodgman
e093281a8b
Pacify check-names
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 15:00:58 +00:00
Dave Rodgman
d09f96b829
Improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 13:51:58 +00:00
Dave Rodgman
22b934e6d2
Use struct not union
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 13:16:13 +00:00
Dave Rodgman
f4e8234f93
Improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 13:16:13 +00:00
Manuel Pégourié-Gonnard
5c9cc0b30f
Merge pull request #8727 from ronald-cron-arm/tls13-ignore-early-data-when-rejected
...
TLS 1.3: SRV: Ignore early data when rejected
2024-02-06 13:16:03 +00:00
Dave Rodgman
ec9936d122
Improve gcc guards
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 13:04:09 +00:00
Dave Rodgman
b327a1e706
Change unaligned access method for old gcc
...
gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94662 shows
that __attribute__ aligned may be ignored.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-06 11:32:01 +00:00
Chien Wong
4e9683e818
Reduce many unnecessary static memory consumption
...
.data section of ssl_client1 becomes 320 bytes smaller on AMD64.
Signed-off-by: Chien Wong <m@xv97.com>
2024-02-06 17:50:44 +08:00
Gilles Peskine
8a85673a39
Merge remote-tracking branch 'development' into pk_import_into_psa-use_usage
2024-02-06 10:14:17 +01:00
Valerio Setti
d4fc5d9d1c
psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()
...
The only real contraint on the raw buffer is that it is large
enough to contain 2 coordinates. Larger buffers are therefore
allowed and the extra data will simply be ignored.
Note = trying to impose a strict sizing on the raw buffer causes
several failures in test suites. This suggests that it is
quite common to use larger buffer to store raw signatures.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 08:42:42 +01:00
Valerio Setti
fe329cea3f
rsa: handle buffer length similarly in private and public key parsing
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 08:00:18 +01:00
Ronald Cron
71c6e65d83
tls13: ssl_msg.c: Improve/add comments
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-05 16:54:37 +01:00
Ronald Cron
31e2d83eee
tls13: srv: Improve coding
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-05 16:45:57 +01:00
Valerio Setti
091bdc416d
psa_util: enhance checks on leading zeros in convert_der_to_raw_single_int()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-05 16:18:04 +01:00
Manuel Pégourié-Gonnard
32c28cebb4
Merge pull request #8715 from valeriosetti/issue7964
...
Remove all internal functions from public headers
2024-02-05 15:09:15 +00:00
Valerio Setti
05c256fb36
psa_util: minor performance improvement in mbedtls_ecdsa_der_to_raw()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-05 16:02:11 +01:00
Valerio Setti
bec1d842ac
psa_util: convert_der_to_raw_single_int() accepts also all zero integers
...
These values are not mathematically valid as signature, but as
for what it concerns with ECDSA conversion functions, 0 values
in DER format should be translated to 0 values in raw format.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-05 15:50:02 +01:00
Valerio Setti
8334d00772
psa_util: improve check of raw_len in mbedtls_ecdsa_raw_to_der()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-05 15:35:26 +01:00
Valerio Setti
2bd0ecdf45
psa_util: improve documentation for convert_raw_to_der_single_int()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-05 15:25:15 +01:00
Janos Follath
747bedb0b0
Merge pull request #8733 from ivq/gcm_ad_len_check
...
Add back restriction on AD length of GCM
2024-02-05 13:33:58 +00:00
Valerio Setti
954ef4bbd5
psa_util: improve convert_raw_to_der_single_int()
...
Allow the function to support DER buffers than what it is nominally
required by the provided coordinates. In other words let's ignore
padding zeros in the raw number.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-05 12:06:46 +01:00
Valerio Setti
315e4afc0a
psa_util: change parameters order in ECDSA conversion functions
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-05 10:09:15 +01:00
Valerio Setti
13ab693c49
rsa_internal: fix documentation for mbedtls_rsa_parse_key()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-05 08:48:39 +01:00
Jerry Yu
f57d14bed4
Ignore early data app msg before 2nd client hello
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-02 17:31:20 +01:00
Jerry Yu
263dbf7167
tls13: srv: Do not allow early data indication in 2nd ClientHello
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-02 17:31:20 +01:00
Ronald Cron
1483dc3bde
tls13: cli: Indicate early data only in first ClientHello
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-02 17:31:20 +01:00
Ronald Cron
2995d35ac3
tls13: srv: Deprotect and discard early data records
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-02 17:31:20 +01:00
Jerry Yu
4caf3ca08c
tls13: srv: Add discard_early_data_record SSL field
...
Add discard_early_data_record in SSL context for
the record layer to know if it has to discard
some potential early data record and how.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-02 17:31:20 +01:00
Valerio Setti
5a19892528
pkparse: fix check for ASN1 errors in mbedtls_pk_parse_subpubkey()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-02 16:44:18 +01:00
Gilles Peskine
cb3b4cae0a
Fix handling of ECC public keys under MBEDTLS_PK_USE_PSA_EC_DATA
...
The test code to construct test keys and the implementation had matching
errors: both assumed that there was a PSA public key object. Fix this.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-02 13:22:23 +01:00
Valerio Setti
5922cb9309
pkparse: keep legacy PK error codes when RSA key parsing fails
...
This helps in reverting the changes to test_suite_x509parse.data
when the RSA key parsing fails.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-02 09:21:25 +01:00
Gilles Peskine
793920c1ff
mbedtls_pk_get_psa_attributes: opaque: require specified usage
...
In the MBEDTLS_PK_OPAQUE, have mbedtls_pk_get_psa_attributes() require the
specified usage to be enabled for the specified key. Otherwise the following
call to mbedtls_pk_import_into_psa() is unlikely to result in a key with a
useful policy, so the call to mbedtls_pk_get_psa_attributes() was probably
an error.
Adjust the existing test cases accordingly and add a few negative test
cases.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 21:31:27 +01:00
Gilles Peskine
e820975244
Fix comment
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 21:00:33 +01:00
Gilles Peskine
0aad5f8f34
Copypasta
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 20:53:04 +01:00
Gilles Peskine
ae2668be97
Don't use mbedtls_pk_ec in our own code
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-01 20:53:04 +01:00
Ronald Cron
78a38f607c
tls13: srv: Do not use early_data_status
...
Due to the scope reduction for
mbedtls_ssl_read_early_data(), on
server as early data state variable
we now only need a flag in the
handshake context indicating if
the server has accepted early data
or not.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-01 20:10:35 +01:00
Ronald Cron
3b9034544e
Revert "tls13: Introduce early_data_state SSL context field"
...
This reverts commit 0883b8b625
2024-02-01 20:03:57 +01:00
