Commit graph

175 commits

Author SHA1 Message Date
Valerio Setti
202bb71dcd ssl_tls12_server: do not export/import opaque keys
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 17:05:24 +01:00
Valerio Setti
bced8bc8d7 ssl_tls12_server: export/import PK parsed key in TLS side
Instead of setting both algorithm and enrollement algorithm in the
PK module when parsing the key:

- for Weierstrass keys we only set ECDSA algorithm,
- for Montgomery keys we don't set any algorithm.

Reasons:
- PK module can only do ECDSA and not ECDH
- ECDH is only used in TLS
- Montgomery keys cannot be used to do ECDSA, while Weierstrass ones
  can do both ECDSA and ECDH.

So the idea is that once TLS needs the key to do ECDH (either Weierstrass
and Montgomery), it exports the one parsed from the PK module and then
re-imports it setting proper algorithm and flags. In this way the TLS
module will own the new key so it will be its duty to clear it on
exit.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 10:40:47 +01:00
Dave Rodgman
c37ad4432b misc type fixes in ssl
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-21 17:09:46 +00:00
Dave Rodgman
a3d0f61aec Use MBEDTLS_GET_UINTxx_BE macro
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-21 17:09:46 +00:00
Dave Rodgman
e4a6f5a7ec Use size_t cast for pointer subtractions
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-21 17:09:46 +00:00
Dave Rodgman
16799db69a update headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Gilles Peskine
f6f4695824
Merge pull request #8320 from valeriosetti/issue8263
Fix dependencies of mbedtls_pk_ec_ro and mbedtls_pk_ec_rw
2023-10-18 10:03:46 +00:00
Valerio Setti
74cb404b0d ssl: improve ssl_check_key_curve()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 13:40:50 +02:00
Valerio Setti
4d0e84628c ssl: reorganize guards surrounding ssl_get_ecdh_params_from_cert()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:15:29 +02:00
Valerio Setti
e7cefae5f4 ssl: fix getting group id in ssl_check_key_curve()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-06 13:19:48 +02:00
Gilles Peskine
3713bee34c Remove leftover local debug line
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 18:43:18 +02:00
Gilles Peskine
530c423ad2 Improve some debug messages and error codes
On a parsing error in TLS, return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE, not a
crypto error code.

On error paths, emit a level-1 debug message. Report the offending sizes.

Downgrade an informational message's level to 3.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:42:11 +02:00
Gilles Peskine
c8df898204 Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing
Fix a buffer overflow in TLS 1.2 ClientKeyExchange parsing. When
MBEDTLS_USE_PSA_CRYPTO is enabled, the length of the public key in an ECDH
or ECDHE key exchange was not validated. This could result in an overflow of
handshake->xxdh_psa_peerkey, overwriting further data in the handshake
structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:33 +02:00
Gilles Peskine
eda1b1f744
Merge pull request #7921 from valeriosetti/issue7613
TLS: Clean up ECDSA dependencies
2023-09-20 12:47:55 +00:00
Dave Rodgman
b7825ceb3e Rename uint->bool operators to reflect input types
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-10 11:58:18 +01:00
Dave Rodgman
c98f8d996a
Merge branch 'development' into safer-ct5
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-07 11:47:35 +01:00
Valerio Setti
e9646ecd08 tls: fix guards for ECDSA support
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-03 09:15:28 +02:00
Valerio Setti
45d56f3d25 tls: replace ECDSA_C and PK_CAN_ECDSA_SOME with key exchange related ones
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-01 19:02:38 +02:00
Manuel Pégourié-Gonnard
de8f56e936
Merge pull request #7884 from valeriosetti/issue7612
TLS: Clean up (EC)DH dependencies
2023-08-01 07:13:36 +00:00
Gilles Peskine
bb07377458
Merge pull request #7935 from AgathiyanB/add-enum-casts
Add type casts for integer and enum types
2023-07-26 11:27:27 +02:00
Valerio Setti
ea59c43499 tls: fix a comment a rename a variable/symbol
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 11:14:03 +02:00
Valerio Setti
60d3b91eba tls: use TLS 1.2 macros in ssl_tls12_server.c
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 10:43:53 +02:00
Agathiyan Bragadeesh
8b52b88b6d Add type casts in ssl library
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 15:14:42 +01:00
Valerio Setti
c2232eadfb tls: replace PK_CAN_ECDH guards with new helpers
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-07 17:23:53 +02:00
Valerio Setti
7aeec54094 tls: replace ECDH_C guards with new helpers
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-07 17:23:53 +02:00
Przemek Stekiel
46b2d2b643 Fix code style
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-07 09:34:17 +02:00
Przemek Stekiel
615cbcdbdf Provide additional comments for claryfication
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-06 12:16:39 +02:00
Przemek Stekiel
7ac93bea8c Adapt names: dh -> xxdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:26:26 +02:00
Przemek Stekiel
6f199859b6 Adapt handshake fields to ffdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:25:00 +02:00
Manuel Pégourié-Gonnard
56b159a12a
Merge pull request #7627 from mprse/ffdh_tls13_v2
Make use of FFDH keys in TLS 1.3 v.2
2023-07-03 10:12:33 +02:00
Dave Rodgman
9fbb0cf08e Merge remote-tracking branch 'origin/development' into safer-ct5 2023-06-28 18:52:02 +01:00
Przemek Stekiel
7dda271c1d Fix description of functions
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-28 09:16:08 +02:00
Tom Cosgrove
db041cc82f
Merge pull request #7665 from AndrzejKurek/optimize-error-translation-code-size
Optimize error translation code size
2023-06-28 08:09:00 +01:00
Valerio Setti
6835b4a6ed tls: always zeroize buffer on exit
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-22 09:06:31 +02:00
Valerio Setti
3589a4c644 tls: keep buffer declaration in a single line
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-22 09:02:44 +02:00
Valerio Setti
b46217d5c1 tls: never destroy a priavte key that is not owned/created by TLS module
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-16 13:18:52 +02:00
Valerio Setti
0813b6f28d tls: optimize code in ssl_get_ecdh_params_from_cert()
When MBEDTLS_PK_USE_PSA_EC_DATA is defined, opaque and non-opaque keys
are basically stored in the same way (only a diffferent ownership for
the key itself), so they should be treated similarly in the code.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-16 12:18:53 +02:00
Andrzej Kurek
1e4a030b00 Fix wrong array size calculation in error translation code
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-13 05:46:47 -04:00
Andrzej Kurek
1c7a99856f Add missing ifdefs
Make sure that the error translating functions
are only defined when they're used.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-13 05:46:47 -04:00
Andrzej Kurek
0064484a70 Optimize error translation code size
Introducing an intermediate function
saves code size that's otherwise taken by excessive,
repeated arguments in each place that
was translating errors.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-13 05:46:46 -04:00
Dave Rodgman
c216d94560 Merge remote-tracking branch 'origin/development' into safer-ct5 2023-06-13 10:36:37 +01:00
Przemek Stekiel
75a5a9c205 Code cleanup
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-13 09:57:23 +02:00
Przemek Stekiel
da4fba64b8 Further code optimizations
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-06 12:31:09 +02:00
Przemek Stekiel
24e50d3dbd Compile out length check to silent the compiler warning
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-06 12:31:08 +02:00
Manuel Pégourié-Gonnard
6076f4124a Remove hash_info.[ch]
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
8857984b2f Replace hash_info macro with MD macro
Now the MD macro also accounts for PSA-only hashes.

Just a search-and-replace, plus manually removing the definition in
hash_info.h.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
7b1136836c
Merge pull request #7438 from valeriosetti/issue7074
Avoid parse/unparse private ECC keys in PK with USE_PSA when !ECP_C
2023-06-01 10:06:45 +02:00
Dave Rodgman
293eedd3ad Use new CT interface in ssl_tls12_server.c
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-26 12:42:48 +01:00
Valerio Setti
d0405093d9 tls: use pk_get_group_id() instead of directly accessing PK's structure
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-24 16:02:32 +02:00
Thomas Daubney
f9f0ba8211 Use functions in alignment.h to get value
Refactor code using get functions from alignment.h to
read values.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-05-24 06:24:16 +01:00