mbedtls

Author	SHA1	Message	Date
Gilles Peskine	4d4891e18a	Merge pull request #8666 from valeriosetti/issue8340 Export the mbedtls_md_psa_alg_from_type function	2024-01-18 13:58:55 +00:00
Ryan Everett	fb02d57de7	Document the thread safety of the primitive key slot functions Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-18 10:54:42 +00:00
Ryan Everett	846889355c	Initialize and free the key slot mutex Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-18 10:47:05 +00:00
Gilles Peskine	b1f96c0354	Merge pull request #7815 from gilles-peskine-arm/ecp-export-partial ECP keypair utility functions	2024-01-18 10:29:05 +00:00
Gilles Peskine	c9077cccd3	Merge pull request #8664 from valeriosetti/issue7764 Conversion function from ecp group to PSA curve	2024-01-18 10:28:55 +00:00
Ryan Everett	491f7e5ac3	Define key_slot_mutex Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-18 10:21:38 +00:00
Dave Rodgman	fb133513d6	Merge pull request #8705 from daverodgman/ctr-perf Ctr perf	2024-01-17 20:25:41 +00:00
Paul Elliott	2728267ec4	Merge pull request #8672 from Ryan-Everett-arm/implement-new-key-slot-states Implement the new key slot state system within the PSA subsystem.	2024-01-17 17:50:04 +00:00
Valerio Setti	504a10254c	psa_crypto: do not validate DH groups which are not enabled Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 15:57:03 +01:00
Valerio Setti	ecaf7c5690	ssl_tls: add guards for enabled DH key types Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 15:56:30 +01:00
Valerio Setti	4ed8daa929	psa_crypto_ffdh: add guards for enabled domain parameters Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 15:56:30 +01:00
Ryan Everett	4a0ba80bdb	Clarify psa_destroy_key documentation Co-authored-by: Janos Follath <janos.follath@arm.com> Signed-off-by: Ryan Everett <144035422+Ryan-Everett-arm@users.noreply.github.com>	2024-01-17 14:12:33 +00:00
Ryan Everett	38a2b7a6a3	Extend psa_wipe_key_slot documentation Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-17 11:45:44 +00:00
Ryan Everett	7ed542e0f1	Implement delayed deletion in psa_destroy_key and some cleanup Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-17 11:40:29 +00:00
Dave Rodgman	885248c8ee	Add header guards Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-17 11:06:31 +00:00
Dave Rodgman	7e5b7f91ca	Fix error in ctr_drbg Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 17:28:25 +00:00
Dave Rodgman	46697da5b3	Make gcm counter increment more efficient Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	174eeff235	Save 14 bytes in CTR-DRBG Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	591ff05384	Use optimised counter increment in AES-CTR and CTR-DRBG Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	b49cf1019d	Introduce mbedtls_ctr_increment_counter Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Ryan Everett	1d32a57764	Revert change to psa_destroy_key documentation Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:27:58 +00:00
Ryan Everett	709120a9ce	Revert change to return behaviour in psa_reserve_free_key_slot This change was a mistake, we still need to wipe the pointers here. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:50 +00:00
Ryan Everett	dfe8bf86a8	Return CORRUPTION_DETECTED instead of BAD_SLOT when the slot's state is wrong These error codes are only returned if the program has been tampered with, so they should be CORRUPTION_DETECTED. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:50 +00:00
Ryan Everett	4755e6bda4	Relax psa_wipe_key_slot to allow states other than SLOT_PENDING_DELETION psa_wipe_key_slot can now be called on a slot in any state, if the slot's state is PSA_SLOT_FULL or PSA_SLOT_PENDING_DELETION then there must be exactly 1 registered reader. Remove the state changing calls that are no longer necessary. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:35 +00:00
Dave Rodgman	c4f984f2a5	Iterate in 16-byte chunks Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:20:19 +00:00
Valerio Setti	5bb454aace	psa_crypto: allow asymmetric encryption/decryption also with opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 10:43:16 +01:00
Tom Cosgrove	bc5d9165ae	Merge pull request #8554 from yanrayw/issue/8221/fix-tls-suiteB-profile TLS: remove RSA signature algorithms in `suite B` profile	2024-01-12 14:34:28 +00:00
Tom Cosgrove	f1ba1933cf	Merge pull request #8526 from yanrayw/issue/7011/send_record_size_limit_ext TLS1.3: SRV/CLI: add support for sending Record Size Limit extension	2024-01-12 13:39:15 +00:00
Waleed Elmelegy	f0ccf46713	Add minor cosmetic changes to record size limit changelog and comments Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-12 10:52:45 +00:00
Ronald Cron	ae2213c307	Merge pull request #8414 from lpy4105/issue/uniform-ssl-check-function Harmonise the names and return values of check functions in TLS code	2024-01-11 13:51:39 +00:00
Ronald Cron	7c14afcaaa	Merge pull request #8595 from yanrayw/issue/8593/srv-CH-fix-version-check TLS1.3: SRV: check `min_tls_version` when parsing ClientHello	2024-01-11 13:34:09 +00:00
Valerio Setti	19ec9e4f66	psa_crypto_ecp: remove support for secp224k1 Since this curve is not supported in PSA (and it will not ever be in the future), we save a few bytes. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-11 07:07:14 +01:00
Paul Elliott	f149cd1a3a	Merge pull request #8688 from jwinzig-at-hilscher/development Fix bug in mbedtls_x509_set_extension	2024-01-10 16:57:16 +00:00
Kusumit Ghoderao	7d4db631cf	add depends on for capacity tests and fix code style Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2024-01-10 21:49:09 +05:30
Kusumit Ghoderao	d3f70d321a	fix unused variable warning and other fixes Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2024-01-10 21:49:09 +05:30
Kusumit Ghoderao	86e83dd4a7	Add kdf_set_max_capacity function Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2024-01-10 21:49:09 +05:30
Kusumit Ghoderao	a0907f5750	Reorder and correct comment Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2024-01-10 21:49:09 +05:30
Kusumit Ghoderao	5f3a938d95	Fix psa_key_derivation_setup_kdf Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2024-01-10 21:49:09 +05:30
Waleed Elmelegy	3ff472441a	Fix warning in ssl_tls13_generic.c Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:28 +00:00
Waleed Elmelegy	f501790ff2	Improve comments across record size limit changes Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:28 +00:00
Waleed Elmelegy	fbe42743eb	Fix issue in checking in writing extensions Fix issue in checking if server received record size limit extension. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	e1ac98d888	remove mbedtls_ssl_is_record_size_limit_valid function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	d2fc90e024	Stop sending record size limit extension if it's not sent from client Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	148dfb6457	Change record size limit writing function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	47d2946943	tls13: server: write Record Size Limit ext in EncryptedExtensions - add the support in library - update corresponding test cases. Signed-off-by: Yanray Wang <yanray.wang@arm.com> Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Yanray Wang	42017cd4c9	tls13: cli: write Record Size Limit ext in ClientHello - add the support in library - update corresponding test case Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2024-01-10 16:17:27 +00:00
Yanray Wang	faf70bdf9d	ssl_tls13_generic: check value of RecordSizeLimit in helper function Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2024-01-10 16:17:27 +00:00
Yanray Wang	a8b4291836	tls13: add generic function to write Record Size Limit ext Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2024-01-10 16:17:27 +00:00
Jonathan Winzig	5caf20ea80	Update fix to be more platform-independent Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>	2024-01-09 16:41:10 +01:00
Tom Cosgrove	3a6059beca	Merge pull request #7455 from KloolK/record-size-limit/comply-with-limit Comply with the received Record Size Limit extension	2024-01-09 15:22:17 +00:00
Jonathan Winzig	05c722bfd0	Fix Issue #8687 Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>	2024-01-09 15:20:03 +01:00
Valerio Setti	39faa9cad4	psa_util: rename parameter of mbedtls_ecc_group_from_psa The new name better reflects the fact that the 1st parameter is just the EC family and not the curve. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:53 +01:00
Valerio Setti	0d438fa390	psa_crypto_ecp: fix comment for secp224k1 in check_ecc_parameters Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	7863627bd6	psa_util: remove support for secp224k1 in EC conversion functions Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	65df79303f	psa_crypto_ecp: return unsupported for secp224k1 in check_ecc_parameters() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	0bc8598d20	psa_util: properly handle secp224r1 private key size Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	0e608807e3	psa: let mbedtls_ecc_group_from_psa() accept only exact bit lengths Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	673868be5d	psa_crypto_ecp: add helper for checking EC parameters This commit also updates "test_suite_psa_crypto.data" replacing PSA_ERROR_NOT_SUPPORTED with PSA_ERROR_INVALID_ARGUMENT when a wrong bit size is provided while importing key. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	d36c313b53	psa: remove bits_is_sloppy parameter from mbedtls_ecc_group_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	ddba51e6c9	psa: rename "mbedtls_ecc_group_of_psa" to "mbedtls_ecc_group_from_psa" Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	dd2afcd881	Revert "psa_util: add algorithm's availability checks for MD conversion functions" This reverts commit `3d2e0f5f42`. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 08:41:29 +01:00
Manuel Pégourié-Gonnard	4aad0ff510	Merge pull request #8632 from valeriosetti/issue8598 [G5] Make block_cipher work with PSA	2024-01-08 08:07:53 +00:00
Waleed-Ziad Maamoun-Elmelegy	e2d3db5cfc	Update mbedtls_ssl_get_output_record_size_limit signature Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Waleed-Ziad Maamoun-Elmelegy <122474370+waleed-elmelegy-arm@users.noreply.github.com>	2024-01-05 14:19:16 +00:00
Ryan Everett	6a9c14b918	Update mbedtls_psa_get_stats Uses readers to report "locked_slots", and slot state empty to report "empty_slots". Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	6cd2b8db96	Update psa_wipe_all_key_slots This will still wipe the slot regardless of state/readers. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	1b70a07eca	Replace psa_unlock_key_slot calls in operations which act on FULL slots Replaces calls to psa_unlock_key_slot with calls to psa_unregister_read. All instances follow a pattern of a call to psa_get_and_lock_key_slot_X, followed by some code which reads from a slot, followed by a call to psa_unregister_read. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	eb27dc0f3a	Update psa_load_X_key_into_slot These functions (on success) take a slot from PSA_SLOT_FILLING to PSA_SLOT_FULL. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	c70ce576bd	Update psa_destroy_key, psa_purge_key and psa_close_key This does not yet implement destruction while a key is in use for psa_destroy_key; that will be implemented in a separate pr. (I am not sure if I am allowed to change the documentation in the include files.) Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	098c6659ad	Update psa_get_and_lock_key_slot_X functions Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	b69118ebd0	Update key creation functions to use the new key slot states Update psa_start_key_creation, psa_finish_key_creation and psa_fail_key_creation. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	2afb516011	Update and rename psa_get_empty_key_slot Rename to psa_reserve_free_key_slot, as this function reserves a slot which is free (not always empty) for filling. Implement necessary state transitions and state checks. Rename unlocked_persistent_key_slot to unused_persistent_key_slot. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	4a78277cb2	Implement psa_key_slot_state_transition This inline function is used in every case we want to change the state of a slot, except for where we do not care about what the state of the slot was before. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	39cc9d755e	Implement psa_register_read and psa_unregister_read Replaces psa_lock_key_slot and psa_unlock_key_slot. Future commits will remove the calls to locking/unlocking functions, and add calls to registering/unregistering functions. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	62aa79ac5c	Implement psa_key_slot_has_readers and remove psa_is_key_slot_occupied Remove psa_is_key_slot_occupied, any function which calls this can just check the state variable instead. Replace psa_is_key_slot_locked with psa_key_slot_has_readers. References to the now removed functions are changed in future commits. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	aa33c512cc	Update psa_wipe_key_slot Change psa_wipe_key_slot to use the new state system. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	d7dc7ff91c	Update psa_key_slot_t Remove the `status` field and replace with the `state` field. Remove the `lock_count` field and replace with the `registered_readers` field. Add documentation which describes how and why these fields are to be used. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Dave Rodgman	a021d63bf7	Merge pull request #8642 from daverodgman/default-compiler-all CI perf: Use clang by default in all.sh	2024-01-04 12:58:54 +00:00
Manuel Pégourié-Gonnard	5bad043c06	Merge pull request #8641 from valeriosetti/issue8358 G3-G4 wrap-up	2024-01-04 10:48:00 +00:00
Gilles Peskine	39b7bba8a0	Make input parameter const Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-02 17:56:54 +01:00
Valerio Setti	c1c6858bfc	cipher_wrap: fix guards for some CCM/GCM functions Legacy CCM and GCM can work even when AES_C is not defined thanks to the block_cipher module, so we can relax guards in cipher_wrap. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-02 17:20:58 +01:00
Valerio Setti	3d2e0f5f42	psa_util: add algorithm's availability checks for MD conversion functions Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-02 14:57:47 +01:00
Valerio Setti	384fbde49a	library/tests: replace md_psa.h with psa_util.h as include file for MD conversion Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-02 13:27:32 +01:00
Valerio Setti	45c3cae8a5	md: move PSA conversion functions from md_psa.h to psa_util.h Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-02 13:26:04 +01:00
Dave Rodgman	84125a167e	Merge remote-tracking branch 'origin/development' into default-compiler-all Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-02 11:42:38 +00:00
Valerio Setti	e581e140cc	oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C This commit also updates test_suite_pkparse.data file adding MBEDTLS_CIPHER_C dependencies whenever PKCS[5/12] is used. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-29 16:35:58 +01:00
Waleed Elmelegy	6a971fd61a	Refactor and improve Record size limit handling Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-28 17:48:16 +00:00
Valerio Setti	1fff4f2012	psa: add key_type as input parameter of psa_can_do_cipher() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-28 18:33:17 +01:00
Valerio Setti	1994e72e18	check_config/block_cipher: minor improvements Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-28 18:33:04 +01:00
Gilles Peskine	62e33bcc64	New function mbedtls_ecp_write_public_key Directly export the public part of a key pair without having to go through intermediate objects (using mbedtls_ecp_point_write_binary would require a group object and a point object). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-24 15:23:19 +01:00
Gilles Peskine	7ea72026cd	New function mbedtls_ecp_keypair_calc_public For when you calculate or import a private key, and then need to calculate the public key. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-22 21:30:03 +01:00
Gilles Peskine	28240323d3	New function mbedtls_ecp_set_public_key Set the public key in a key pair. This complements mbedtls_ecp_read_key and the functions can be used in either order. Document the need to call check functions separately. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-22 21:30:03 +01:00
Gilles Peskine	ba5b5d67aa	Support partial export from mbedtls_ecp_keypair Sometimes you don't need to have all the parts of a key pair object. Relax the behavior of mbedtls_ecp_keypair so that you can extract just the parts that you need. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-22 21:30:03 +01:00
Gilles Peskine	e6886102ef	New function mbedtls_ecp_keypair_get_group_id Add a simple function to get the group id from a key object. This information is available via mbedtls_ecp_export, but that function consumes a lot of memory, which is a waste if all you need is to identify the curve. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-22 21:30:03 +01:00
Valerio Setti	a69e872001	pkcs[5/12]: add CIPHER_C for [en/de]crypting functions This commit also updates corresponding test suites. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-21 16:39:04 +01:00
Dave Rodgman	3bc249959c	Merge branch 'development' into default-compiler-all Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-21 14:35:14 +00:00
Tom Cosgrove	c6088eceb4	Merge pull request #8384 from paul-elliott-arm/remove_ssl_null_tls12 Remove NULLing of ssl context in TLS1.2 transform population	2023-12-21 13:28:09 +00:00
Gilles Peskine	4bf4473ef0	Merge pull request #8633 from Wenxing-hou/clear_clienthello_comment Make clienthello comment clear	2023-12-21 12:09:23 +00:00
Gilles Peskine	0e6fdc4f1d	Merge pull request #8342 from yanesca/threading_test_pc Threading test proof of concept and plan	2023-12-21 12:08:41 +00:00
Waleed Elmelegy	65e3046e18	Fix code style in ssl_tls.c Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-20 17:55:10 +00:00
Waleed Elmelegy	049cd302ed	Refactor record size limit extension handling Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-20 17:28:31 +00:00
Tomi Fontanilles	851d8df58d	fix/work around dependency issues when !MBEDTLS_ECP_C Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>	2023-12-20 13:09:27 +02:00
Tomi Fontanilles	9f41770313	pk_*: remove remaining references to MBEDTLS_PSA_CRYPTO_C For real this time. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 13:05:55 +02:00
Tomi Fontanilles	bad170e159	pk: remove last references to MBEDTLS_PSA_CRYPTO_C They are replaced by MBEDTLS_USE_PSA_CRYPTO. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 12:59:57 +02:00
Tomi Fontanilles	1941af087c	pk_wrap: remove last references to MBEDTLS_PSA_CRYPTO_C Deprecated functions are removed and #ifdefs are updated accordingly. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 12:59:57 +02:00
Tomi Fontanilles	573dc23141	rsa: introduce rsa_internal_rsassa_pss_sign_no_mode_check() And use it in the non-PSA version of mbedtls_pk_sign_ext() to bypass checks that didn't succeed when used by TLS 1.3. That is because in the failing scenarios the padding of the RSA context is not set to PKCS_V21. See the discussion on PR #7930 for more details. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 12:59:57 +02:00
Tomi Fontanilles	8174662b64	pk: implement non-PSA mbedtls_pk_sign_ext() This makes the function always available with its its implementation depending on MBEDTLS_USE_PSA_CRYPTO. Related dependencies and tests are updated as well. Fixes #7583. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 12:59:57 +02:00
Valerio Setti	689c0f71cb	tests: use new CCM/GCM capability macros in tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-20 09:54:18 +01:00
Manuel Pégourié-Gonnard	a4b38f24fd	Merge pull request #8579 from valeriosetti/issue7995 PK: clean up pkwrite	2023-12-20 08:20:10 +00:00
Valerio Setti	50333977c6	cipher_wrap: fix guards for alloc/free functions of CCM/GCM Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-20 07:36:05 +01:00
Dave Rodgman	a69c782351	Merge pull request #8634 from daverodgman/iar-fixes IAR warning fix & some improvements	2023-12-19 16:26:23 +00:00
Dave Rodgman	d47186d6e3	Disable automatic setting of clang target flags on old clang Old versions of clang don't support this pragma, so we have to assume that the user will have set the flags. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-19 13:11:47 +00:00
Valerio Setti	7f062a58fb	pkwrite: add newlines when calling mbedtls_pem_write_buffer() New defines, which are shared with the pkparse module, lack the new line so we manually add it when invoking mbedtls_pem_write_buffer(). Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-19 07:48:42 +01:00
Valerio Setti	4bb5740a7d	Revert "pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()" This reverts commit `180915018d`. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-19 07:48:38 +01:00
Paul Elliott	8860021abc	Fix false claim of variables used unitialised GCC with TSan + O3 causes an error where it claims key_len and iv_len may be used uninitialised. This is, as far as I can tell incorrect (the only way it could not be set is in the error case, and then it is not used), however the simplest option seemed to be just to fix it. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-12-18 14:49:34 +00:00
Dave Rodgman	af616d9123	Merge remote-tracking branch 'origin/development' into iar-fixes	2023-12-18 13:38:22 +00:00
Manuel Pégourié-Gonnard	8f1c36df00	Merge pull request #8607 from valeriosetti/issue8602 Make enrollement "optional" in pk_can_do_ext()	2023-12-18 11:30:04 +00:00
Bence Szépkúti	a085fa8ccf	Merge pull request #8627 from tom-cosgrove-arm/ip_len Avoid use of `ip_len` as it clashes with a macro in AIX system headers	2023-12-18 02:03:17 +00:00
Valerio Setti	4ff405cf80	block_cipher: remove psa_key_type from mbedtls_block_cipher_context_t This information was redundant with the already existing mbedtls_block_cipher_id_t. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-15 16:10:52 +01:00
Dave Rodgman	543d275c68	Merge pull request #8635 from daverodgman/asan-opt CI perf - prefer clang for Asan	2023-12-15 13:25:02 +00:00
Manuel Pégourié-Gonnard	cddab78612	Merge pull request #8630 from joerchan/mbedtls-tfm-compat Mbedtls tfm compat	2023-12-15 09:31:27 +00:00
Dave Rodgman	815b240d72	Fix unused function/variable warnings from clang Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-14 23:20:48 +00:00
Valerio Setti	bd7528a592	ccm/gcm: use BLOCK_CIPHER whenever possible Prefer BLOCK_CIPHER instead of CIPHER_C whenever it's enabled. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	785ec17795	block_cipher: use PSA_BITS_TO_BYTES() in mbedtls_block_cipher_setkey() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	849a1abfdd	block_cipher: remove useless use of psa_cipher_operation_t Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	c6f004f0e2	psa_crypto: add internal helper to signal that cipher driver is ready Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	8ceaa75b73	psa_util: add error translations from PSA to cipher Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	c1db99d3f5	block_cipher: add PSA dispatch if possible "if possible" means: - PSA has been initialized - requested key type is available in PSA Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Waleed Elmelegy	26e3698357	Revert back checking on handshake messages length Revert back checking on handshake messages length due to limitation on our fragmentation support of handshake messages. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-14 16:23:25 +00:00
Waleed Elmelegy	05d670b711	Revert "Skip checking on maximum fragment length during handshake" This reverts commit `419f841511`. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-14 16:23:10 +00:00
Wenxing Hou	3b9de38208	Make clienthello comment clear Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>	2023-12-14 22:44:08 +08:00
Joakim Andersson	b349108b99	library: Move mbedtls_ecc helper functions to psa_util Move the mbedtls_ecc helper functions from psa_core to psa_util. These files are not implemented as part of the PSA API and should not be part of the PSA crypto implementation. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>	2023-12-14 13:55:11 +01:00
Dave Rodgman	69928dbe86	Fix compile warning from IAR Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-14 12:09:18 +00:00
Dave Rodgman	650674bb41	Add MBEDTLS_BSWAPxx intrinsics for IAR Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-14 12:08:57 +00:00
Dave Rodgman	f3c04f3f47	Better definition of MBEDTLS_IS_BIG_ENDIAN for IAR Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-14 12:08:57 +00:00
Manuel Pégourié-Gonnard	1f67363d6a	Merge pull request #8616 from lpy4105/issue/8553/test-driver-only-rsa Add test for driver-only RSA (crypto only)	2023-12-14 11:05:55 +00:00
Manuel Pégourié-Gonnard	001fb73131	Merge pull request #8612 from valeriosetti/issue8601 Quit using enrollment in pkparse	2023-12-13 14:55:34 +00:00
Manuel Pégourié-Gonnard	ea6b3c030d	Merge pull request #8605 from valeriosetti/issue8600 Quit using enrollment alg in for ECDSA in PK	2023-12-12 16:53:15 +00:00
Joakim Andersson	c5b7285da9	library: Remove unused psa_crypto_core.h include Remove unused psa_crypto_core.h include. The PSA util file provides helper functions when using the PSA API. It should not rely on PSA internal headers, and instead only use public headers. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>	2023-12-11 21:25:44 +01:00
Tom Cosgrove	656d4b3c74	Avoid use of `ip_len` as it clashes with a macro in AIX system headers Fixes #8624 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-12-08 21:51:15 +00:00
Pengyu Lv	f75893bb36	Update comments Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 17:40:00 +08:00
Pengyu Lv	e9efbc2aa5	Error out when get domain_parameters is not supported From time being, domain_parameters could not be extracted from driver. We need to return error to indicate this situation. This is temporary and would be fixed after #6494. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 17:30:26 +08:00
Pengyu Lv	94a42ccb3e	Add tls13 in ticket flags helper function names ``` sed -i \ "s/\(mbedtls_ssl\)_\(session_\(\w_\)\?ticket\)/\1_tls13_\2/g" \ library/.[ch] ``` Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 11:12:46 +08:00
Yanray Wang	90acdc65e5	tl13: srv: improve comment Improve comment when received version 1.2 of the protocol while TLS 1.2 is disabled on server side. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-08 11:00:38 +08:00
Yanray Wang	2bef917a3c	tls13: srv: return BAD_PROTOCOL_VERSION if chosen unsupported version Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-08 11:00:35 +08:00
Yanray Wang	177e49ad7a	tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-08 11:00:33 +08:00
Yanray Wang	408ba6f7b8	tls13: srv: replace with internal API to check is_tls12_enabled Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-08 11:00:30 +08:00
Pengyu Lv	abd844f379	Fix wrong format in the function doc Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	02e72f65da	Reword return value description for mbedtls_ssl_tls13_is_kex_mode_supported Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	bc4aab7673	Add "_is_" to functions ssl_tls13_key_exchange_._available Done by command: ``` sed -i \ "s/ssl_tls13_key_exchange_\(.\)_available/ssl_tls13_key_exchange_is_\1_available/g" \ library/*.[ch] ``` Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	b2cfafbb9e	Consistent renaming Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	2333b826f4	tls13: srv: rename mbedtls_ssl_tls13_check_kex_modes The function is renamed to `mbedtls_ssl_tls13_is_kex_mode_supported` and the behaviour is reversed. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	0a1ff2b969	Consistent renaming Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	4f537f73fa	tls13: rename mbedtls_ssl_session_check_ticket_flags The function is renamed to mbedtls_ssl_session_ticket_has_flags. Descriptions are added. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	d72e858fd1	tls13: srv: rename ssl_tls13_ticket_permission_check The function is renamed to ssl_tls13_ticket_is_kex_mode_permitted Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:57 +08:00
Pengyu Lv	fc2cb9632b	tls13: rename mbedtls_ssl_conf_tls13_check_kex_modes The function is renamed to mbedtls_ssl_conf_tls13_is_kex_mode_enabled. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:57 +08:00
Pengyu Lv	60a22567e4	tls13: change return value of mbedtls_ssl_conf_tls13_check_kex_modes To keep the convention in TLS code, check functions should return 0 when check is successful. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:57 +08:00
Pengyu Lv	981ec14744	tls13: rename ssl_tls13_check_*_key_exchange functions Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:57 +08:00
Waleed Elmelegy	419f841511	Skip checking on maximum fragment length during handshake MbedTLS currently does not support maximum fragment length during handshake so we skip it for now. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-07 18:33:42 +00:00
Ronald Cron	90d07118ad	Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket	2023-12-07 09:25:35 +00:00
Gilles Peskine	f3ccfddb45	Merge pull request #8615 from davidhorstmann-arm/fix-cast-potential-overflow Fix possible integer overflows	2023-12-07 00:42:10 +00:00
Gilles Peskine	57e401b39f	Merge pull request #8521 from valeriosetti/issue8441 [G4] Make CTR-DRBG fall back on PSA when AES not built in	2023-12-06 18:25:44 +00:00
David Horstmann	4749007f64	Fix possible integer overflows before widening When calculating a result to go into an mbedtls_ms_time_t, make sure that arithmetic is performed at the final size to prevent overflow. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-06 17:22:53 +00:00
Valerio Setti	202bb71dcd	ssl_tls12_server: do not export/import opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-06 17:05:24 +01:00
Waleed Elmelegy	9aec1c71f2	Add record size checking during handshake Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-06 15:18:15 +00:00
Jan Bruckner	f482dcc6c7	Comply with the received Record Size Limit extension Fixes #7010 Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-12-06 15:18:08 +00:00
Manuel Pégourié-Gonnard	ad4f0ada37	Merge pull request #8514 from mschulz-at-hilscher/fixes/uninitialized-variable-in-ssl_msg Fix uninitialized variable warnings in ssl_msg.c	2023-12-06 11:06:03 +00:00
Valerio Setti	2bd53667d6	pk: guard key enrollment function with PSA_CRYPTO_CLIENT Use key enrollment function only when MBEDTLS_PSA_CRYPTO_CLIENT is enabled, i.e. when the Mbed TLS implementation of PSA Crypto is being used. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-06 11:24:50 +01:00
Jerry Yu	95648b0134	Some minor improvement - move early data check to `prepare` - avoid `((void) output_len) - replace check with `session_ticket_allow` in 2nd place Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:21:16 +08:00
Jerry Yu	c59c586ac4	change prototype of `write_early_data_ext` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:21:15 +08:00
Jerry Yu	163e12f7ff	remove assignment for `session->max_early_data_size` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:21:09 +08:00
Jerry Yu	ebe1de62f9	fix various issue - rename connection time variable - remove unnecessary comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:20:25 +08:00
Jerry Yu	9e7f9bc253	Add missing debug message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:20:22 +08:00
Jerry Yu	db97163ac7	add ticket max_early_data_size check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:20:13 +08:00
Jerry Yu	5233539d9f	share write_early_data_ext function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:50 +08:00
Jerry Yu	0069abc141	improve comments of new session ticket Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:46 +08:00
Jerry Yu	1a160703f8	set max_early_data_size of ticket to keep consistent Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:43 +08:00
Jerry Yu	f135bac89c	Add max_early_data_size check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:39 +08:00
Jerry Yu	930ce4cfac	Revert "change max_early_data_size source" This reverts commit 3d8d6a770f3a0f3045820970bc4a5d6ee7df8e10. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:36 +08:00
Jerry Yu	2f5d93b1c9	Revert "set init value for max_early_data_size in session" This reverts commit 8b02d75ed1af883e135979d24e38c0847e66fede. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:33 +08:00
Jerry Yu	d450fd25ae	change max_early_data_size source Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:31 +08:00
Jerry Yu	525990fb62	set init value for max_early_data_size in session Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:28 +08:00
Jerry Yu	db6fda71e5	improve early data comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:51 +08:00
Jerry Yu	10795a0c3b	replace ticket permission set Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:48 +08:00
Jerry Yu	c2b1bc4fb6	replace early data permission check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:46 +08:00
Jerry Yu	4da7c22cd6	add early data flag check function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:44 +08:00
Jerry Yu	ea96ac3da9	fix various issues - get ticket_flags with function. - improve output message and check it. - improve `ssl_server2` help message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:37 +08:00
Jerry Yu	3db60dfe5e	rename nst early data write function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:16:56 +08:00
Jerry Yu	fceddb310e	Add early data permission check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:14:54 +08:00
Jerry Yu	01da35e2c8	add early data extension of NST Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:14:52 +08:00
Valerio Setti	bced8bc8d7	ssl_tls12_server: export/import PK parsed key in TLS side Instead of setting both algorithm and enrollement algorithm in the PK module when parsing the key: - for Weierstrass keys we only set ECDSA algorithm, - for Montgomery keys we don't set any algorithm. Reasons: - PK module can only do ECDSA and not ECDH - ECDH is only used in TLS - Montgomery keys cannot be used to do ECDSA, while Weierstrass ones can do both ECDSA and ECDH. So the idea is that once TLS needs the key to do ECDH (either Weierstrass and Montgomery), it exports the one parsed from the PK module and then re-imports it setting proper algorithm and flags. In this way the TLS module will own the new key so it will be its duty to clear it on exit. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-06 10:40:47 +01:00
Valerio Setti	fbbafa0d2d	pkparse: do not set key algorithm for Montgomery keys in pk_ecc_set_key() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-06 10:07:34 +01:00
Ronald Cron	40f3f1c36f	Merge pull request #7058 from yuhaoth/pr/tls13-early-data-parsing-0-rtt-data TLS 1.3 EarlyData SRV: Parsing 0-RTT data	2023-12-06 06:47:32 +00:00
Jerry Yu	42020fb186	revert output message which used by testing Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-05 17:35:53 +08:00
Ronald Cron	a1e867c676	Merge pull request #8576 from yanrayw/issue/fix-tls13-session_negotiate-assignment TLS13: CLI: EarlyData: Assign ciphersuite after associated verification in EE	2023-12-05 08:31:24 +00:00
Valerio Setti	4ac2c18834	pk_wrap: try both ECDSA signature schemes in ecdsa_sign_psa() Instead of extracting key's properties in order to check whether it supports deterministic or non-deterministic ECDSA, we try both. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-05 07:59:01 +01:00
Jerry Yu	ebb1b1d48f	fix ci test failure "skip parse certificate verify" can not be changed. It is used in `Authentication: client badcert, server none` test. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-05 11:02:15 +08:00
Jerry Yu	b55f9eb5c5	fix various issues - remove unnecessary statements - improve macro name - improve output message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-05 10:27:17 +08:00
Valerio Setti	8aec84f3a7	pkwrite: minor code reshape Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 16:04:21 +01:00
Valerio Setti	83e0de8481	crypto_extra: revert changes to mbedtls_psa_random_free() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:42 +01:00
Valerio Setti	402cfba4dc	psa: free RNG implementation before checking for remaining open key slots Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:41 +01:00

... 2 3 4 5 6 ...

12834 commits