Manuel Pégourié-Gonnard
f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2
...
Ad-hoc KDF for EC J-PAKE in TLS 1.2
2022-09-28 09:47:32 +02:00
Przemek Stekiel
e31ba83675
Use basic symbols instead MBEDTLS_CIPHER_MODE_AEAD in check config
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-28 09:44:58 +02:00
Przemek Stekiel
d582a01073
Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-28 07:59:01 +02:00
Przemek Stekiel
a82290b727
Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions
...
Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C flags - make it consistent.
As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available).
Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-27 15:04:14 +02:00
Andrzej Kurek
e09aff8f5a
Add information about ECJPAKE_TO_PMS output size expectations
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-26 10:59:31 -04:00
Andrzej Kurek
96b9f23853
Adjust ECJPAKE_TO_PMS macro value
...
This way the low 8 bits of the identifier indicate that this algorithm is used
with SHA-256.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-26 10:30:46 -04:00
Paul Elliott
2c282c9bd0
Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets
...
TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.
2022-09-23 15:48:33 +01:00
Jerry Yu
ba627bfd0d
improve document about session tickets
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-23 09:58:22 +08:00
Jerry Yu
40b4a01388
Improve documents
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 23:48:38 +08:00
Jerry Yu
f3bdf9dd51
fix various issues
...
- improve document about configuration item.
- format issue
- variable type issue.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 23:47:14 +08:00
Jerry Yu
d0766eca58
fix various issues
...
- Improve comments
- Align count variable name to `new_session_tickets_count`
- move tickets_count init to handshake init
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 13:21:29 +08:00
Manuel Pégourié-Gonnard
d433cd7d07
Merge pull request #6283 from mpg/driver-only-hashes-wrap-up
...
Driver only hashes wrap-up
2022-09-21 08:29:46 +02:00
Manuel Pégourié-Gonnard
b4e28aa2f7
Fix two typos
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-19 11:55:00 +02:00
Manuel Pégourié-Gonnard
3c16abebd4
Fix dependencies of KEY_EXCHANGE_ECJPAKE
...
The EC J-PAKE module the ability to "fall back" to PSA when MD is not
present a few PRs ago, but the dependency of this key exchange on
SHA-256 wasn't updated at the time.
(Note: the crypto primitive doesn't depend on SHA-256, only its use in
the TLS key exchange does.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-19 10:47:05 +02:00
Jerry Yu
1ad7ace6b7
Add conf new session tickets
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-19 14:22:21 +08:00
Ronald Cron
be0224aef3
Merge pull request #6167 from yuhaoth/pr/finalize-tls13-session-tickets
2022-09-18 21:18:13 +02:00
Gilles Peskine
ef843f2b0c
MBEDTLS_PLATFORM_VSNPRINTF_ALT requires MBEDTLS_PLATFORM_C
...
mbedtls_vsnprintf replacement works like mbedtls_snprintf replacement, so
copy the requirements for MBEDTLS_PLATFORM_VSNPRINTF_ALT.
(MBEDTLS_PLATFORM_xxx_MACRO shouldn't require MBEDTLS_PLATFORM_C, but that's
a separate preexisting problem which I do not try address at this time.)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-18 14:05:23 +02:00
Nick Child
9512bde5c3
pkcs7: Fix pkcs7 error code values
...
Mbed TLS uses a two layer system for error codes. The least significant
7 bits should be used to signal low-level module errors. Since PKCS7 is
a high level module, it should leave these bits unassigned. To do this,
the least significant byte of PKCS7 error codes must either be 0x00 or
0x80.
Signed-off-by: Nick Child <nick.child@ibm.com>
2022-09-16 09:49:06 -05:00
Andrzej Kurek
3c4c514302
Remove PSA_ALG_IS_TLS12_ECJPAKE_TO_PMS
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-16 07:24:14 -04:00
Andrzej Kurek
1fafb1f778
Documentation clarifications for ECJPAKE-to-PMS
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-16 07:19:49 -04:00
Manuel Pégourié-Gonnard
1be45825ab
Remove useless guard around include
...
Including a header is harmless, so we can include do it unconditionally.
The condition was wrong, should have been USE_PSA || PROTO_TLS1_3. If we
just fixed to condition, then we would need to make sure things like:
#define MBEDTLS_TLS1_3_MD_MAX_SIZE PSA_HASH_MAX_SIZE
are also guarded, which is useless (extra defines are harmless) and
annoying, so just remove the condition altogether.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 13:18:36 +02:00
Manuel Pégourié-Gonnard
138387fc8c
Fix some typos, improve wording & formatting
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
72687b76ca
Clarify dependencies in mbedtls_config.h
...
- One module was missing the warning on psa_crypto_init().
- For modules that are affected by USE_PSA_CRYPTO, it makes more sense
to mention that in the warning.
- Attempt to improve the description of the TLS 1.3 situation.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
f17f85ef0c
Simplify definition of TLS 1.3 MD max size.
...
Actually this macro is never used in parts that depend on USE_PSA, so
it's always using PSA.
Currently the macro seems a bit redundant, but:
- since it's public we can't remove it;
- and there are plans in the future to make it more precise (actually
the largest hash that matters for TLS 1.3 is SHA-384 now).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
e896705c1a
Take advantage of legacy_or_psa.h being public
...
Opportunities for using the macros were spotted using:
git grep -E -n -A2 'MBEDTLS_(MD|SHA)[0-9]+_C' | egrep 'PSA_WANT_ALG_(MD|SHA)'
then manually filtering the results.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
07018f97d2
Make legacy_or_psa.h public.
...
As a public header, it should no longer include common.h, just use
build_info.h which is what we actually need anyway.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 12:02:48 +02:00
Gilles Peskine
04e4c19ee3
Document the base state of platform abstraction
...
It's `#define mbedtls_xxx xxx` unless some option to override `mbedtls_xxx`
is enabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-15 20:34:50 +02:00
Manuel Pégourié-Gonnard
409a620dea
Merge pull request #6255 from mprse/md_tls13
...
Driver-only hashes: TLS 1.3
2022-09-15 10:37:46 +02:00
Manuel Pégourié-Gonnard
18dff1f226
Merge pull request #5871 from superna9999/4153-psa-expose-ec-j-pake
...
Expose ECJPAKE through the PSA Crypto API
2022-09-15 09:25:55 +02:00
Nick Child
8ce1b1afc8
pkcs7: Correct various syntatical mistakes
...
Resond to feedback from the following comments:
- use correct spacing [1-7]
- remove unnecessary parenthesis [8]
- fixup comments [9-11]
- remove unnecessary init work [12]
- use var instead of type for sizeof [13]
[1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953655691
[2] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953661514
[3] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953689929
[4] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953696384
[5] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697558
[6] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697793
[7] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697951
[8] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953699102
[9] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r971223775
[10] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967133905
[11] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967135932
[12] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967151430
[13] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967154159
Signed-off-by: Nick Child <nick.child@ibm.com>
2022-09-14 15:13:52 -05:00
Andrzej Kurek
d60907b85d
Define ECJPAKE_TO_PMS in config_psa only if SHA_256 is available
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-14 14:57:51 -04:00
Przemyslaw Stekiel
67ffab5600
ssl.h: use PSA hash buffer size when PSA is used
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-14 14:51:14 +02:00
Andrzej Kurek
18f8e8d62c
Document the input size restriction for EC J-PAKE to PMS
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-14 08:44:34 -04:00
Andrzej Kurek
08d34b8693
Add an EC J-PAKE KDF to transform K -> SHA256(K.X) for TLS 1.2
...
TLS uses it to derive the session secret. The algorithm takes a serialized
point in an uncompressed form, extracts the X coordinate and computes
SHA256 of it. It is only expected to work with P-256.
Fixes #5978 .
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-14 08:39:26 -04:00
Przemyslaw Stekiel
034492bd56
ssl.h: Fix hash guards
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-14 11:09:20 +02:00
Przemek Stekiel
ce0aa58fd9
check_config.h: make TLS1.3 requirements verification more readable
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
8a2f2b0bd6
check_config.h: fix TLS 1.3 requirements (add HKDF_EXTRACT/EXPAND) and comments
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
9408b70513
check_config.h: revert HKDF requirements
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
a06787a629
build_info.h: include config_psa.h also when MBEDTLS_PSA_CRYPTO_C
...
This is done to have PSA_WANT_xxx symbols available in check_config.h when MBEDTLS_PSA_CRYPTO_C.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
cf9d972a9a
Fix config for MBEDTLS_SSL_PROTO_TLS1_3
...
Remove MBEDTLS_HKDF_C as it is not needed since #5838
Reasoning: we need SHA-256 or SHA-384 via PSA because they're used by HKDF which is now always done via PSA. If in addition to that USE_PSA is enabled, then everything is done via PSA so that's enough. Otherwise, we need the software implementation of SHA-256 or SHA-384, plus MD_C because we're using a VIA_MD_OR_PSA_BASED_ON_USE_PSA as discussed above.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
a9a8816107
ssl.h: adapt guards for MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Jerry Yu
6cf85a4bb0
update document abourt maximum ticket_age_tolerance
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-13 14:28:15 +08:00
Neil Armstrong
fb3093a9cb
Use PSA_PAKE_ROLE_NONE in PSA_PAKE_OPERATION_INIT macro instead of 0
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-08 14:59:32 +02:00
Neil Armstrong
7cd4eacbd4
Fix typo in mbedtls_ecjpake_write_shared_key() comment
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-08 14:57:55 +02:00
Neil Armstrong
ecb221b1ff
Move operation buffer in operation struct and remove dynamic allocation
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-08 11:21:07 +02:00
Hannes Tschofenig
fd6cca4448
CID update to RFC 9146
...
The DTLS 1.2 CID specification has been published as RFC 9146. This PR updates the implementation to match the RFC content.
Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
2022-09-07 17:15:05 +02:00
Andrzej Kurek
f000471c66
Add missing MD dependency for pkcs5_pbkdf2_hmac
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
345a92b321
Adjust PKCS5 dependencies in check_config
...
It's possible to build PKCS5 with PSA instead of MD
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
65bf73ed6a
Enable HMAC in config_psa.h regardless of MD availability
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
890e78ae66
Deprecate mbedtls_pkcs5_pbkdf2_hmac
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
dd36c76f09
Provide a version of pkcs5_pbkdf2_hmac without MD usage
...
Use the new implementation locally
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Manuel Pégourié-Gonnard
97fc247d6a
Merge pull request #6232 from AndrzejKurek/pkcs12-no-md
...
Remove MD dependency from pkcs12 module
2022-09-02 09:43:13 +02:00
Nick Child
5d881c36ea
pkcs7: Change copyright
...
Signed-off-by: Nick Child <nick.child@ibm.com>
2022-09-01 19:45:41 -05:00
Nick Child
390e61a47a
pkcs7.h: Make pkcs7 fields private
...
All fields in the mbedtls_pkcs7 struct have been made private with MBEDTLS_PRIVATE.
Signed-off-by: Nick Child <nick.child@ibm.com>
2022-09-01 19:45:41 -05:00
Nayna Jain
673a226698
pkcs7: add support for signed data
...
OpenSSL provides APIs to generate only the signted data
format PKCS7 i.e. without content type OID. This patch
adds support to parse the data correctly even if formatted
only as signed data
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
2022-09-01 19:45:41 -05:00
Nayna Jain
c9deb184b0
mbedtls: add support for pkcs7
...
PKCS7 signing format is used by OpenPOWER Key Management, which is
using mbedtls as its crypto library.
This patch adds the limited support of pkcs7 parser and verification
to the mbedtls. The limitations are:
* Only signed data is supported.
* CRLs are not currently handled.
* Single signer is supported.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Eric Richter <erichte@linux.ibm.com>
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
2022-09-01 19:45:33 -05:00
Andrzej Kurek
7bd12c5d5e
Remove MD dependency from pkcs12 module
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-01 08:57:41 -04:00
Jerry Yu
89eb95a221
Add ticket age tolerance config option
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-08-31 23:24:25 +08:00
Neil Armstrong
b764fb60aa
Remove MBEDTLS_MD_C dep in config_psa.h when ECJPAJE is wanted
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
12663092bc
Introduce mbedtls_ecjpake_write_shared_key() to export the EC J-PAKE shared key material before the KDF()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
ed40782628
Fix SECP256R1 enable when PSA_WANT_ALG_JPAKE is defined
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
a557cb8c8b
Fixing XXX_ALG_ECJPAKE to XXX_ALG_JPAKE to match specification
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
7616ad28e3
Fix guard of ecjpake.h include in crypto_extra.h
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
63212ddf2f
Fix formatting of PSA_PAKE_OPERATION_INIT macro
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
7aaa34a1ba
Fix formatting of PSA_PAKE_OUTPUT_SIZE & PSA_PAKE_INPUT_SIZE macros
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
637d0a0290
Enable buildin PSA PAKE implementation when ECJPAKE_C is selected
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
35269d93da
Fill psa_pake_operation and INPUT/OUTPUT min/max sizes for PSA PAKE builtin implementation
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Manuel Pégourié-Gonnard
bf22a2500b
Merge pull request #6208 from AndrzejKurek/tls-tests-no-md-structured
...
Remove the dependency on MD from TLS 1.2 tests
2022-08-30 12:34:37 +02:00
Nicholas Wilson
8e5bdfbbcf
Improve programs/cert_write with a way to set extended key usages
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-08-30 10:08:43 +01:00
Dave Rodgman
0edfa9dd26
Merge pull request #6207 from daverodgman/ticket_time
...
Fix type used for capturing TLS ticket generation time
2022-08-30 10:03:06 +01:00
Andrzej Kurek
cccb044804
Style & formatting fixes
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-23 05:26:02 -04:00
Janos Follath
645ff5b8ff
Merge pull request #6095 from gabor-mezei-arm/6016_add_new_modulus_and_residue_structures
...
Add the new modulus and the residue structures with low level I/O operations
2022-08-23 09:02:43 +01:00
Andrzej Kurek
e02da81086
Update TLS1.2 dependencies description in mbedtls_config.h
...
It is possible to use it without MBEDTLS_SHAXXX defines and USE_PSA_CRYPTO
instead.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-22 17:46:50 -04:00
Andrzej Kurek
7e16ce3a72
Clarify TLS 1.2 dependencies with and without PSA crypto
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-22 17:46:50 -04:00
Dave Rodgman
0ce93933e8
Merge pull request #6219 from KloolK/development
...
Fix minor typos
2022-08-22 21:47:21 +01:00
Gilles Peskine
e5018c97f9
Merge pull request #6195 from superna9999/6149-driver-only-hashes-ec-j-pake
...
Driver-only hashes: EC J-PAKE
2022-08-22 17:28:15 +02:00
Gilles Peskine
20ebaac85e
Merge pull request #6211 from tom-cosgrove-arm/explicit-warning-re-ct-conditions-not-0-or-1
...
Be explicit about constant time bignum functions that must take a 0 or 1 condition value
2022-08-22 17:24:04 +02:00
Jan Bruckner
9ff6f8cdbd
Fix minor typos
...
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2022-08-22 16:05:58 +02:00
Dave Rodgman
34ff6a7a31
Correct documentation for mbedtls_ecdsa_verify
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-08-19 11:17:36 +01:00
Neil Armstrong
ecaba1c9b2
Make use of PSA crypto hash if MBEDTLS_MD_C isn't defined
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-19 11:49:22 +02:00
Neil Armstrong
0d76341eac
Remove md_info by md_type in ecjpake context, use mbedtls_hash_info_get_size() to get hash length
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-19 11:49:22 +02:00
Przemek Stekiel
10836a04a9
config: Fix requirements for MBEDTLS_X509_USE_C and MBEDTLS_X509_CREATE_C
...
Restore MBEDTLS_PK_PARSE_C as it was removed by mistake.
Fix module name in added warnings.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
12e69cb806
oid.h: remove MBEDTLS_MD_C guard
...
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing reference -> drivers ***
x509parse: total 723; skipped 89 -> 89
x509write: total 41; skipped 3 -> 3
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
55c17430be
oid.h: remove redundant MBEDTLS_MD_C dependency
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
278b6674bd
check_config.h: Adjust x509 dependencies (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
fd18366965
Adjust declared dependencies in library/x509*
...
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Tom Cosgrove
583816caaf
Be explicit about constant time bignum functions that must take a 0 or 1 condition value
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-08-18 14:09:18 +01:00
Dave Rodgman
536f28c892
Respect MBEDTLS_HAVE_TIME in ssl_ticket
...
Make use of ticket generation time and associated fields
conditional on MBEDTLS_HAVE_TIME, to avoid compile errors
on baremetal.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-08-17 14:20:36 +01:00
Dave Rodgman
392f714153
Fix type used for capturing TLS ticket generation time
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-08-17 12:38:24 +01:00
Gabor Mezei
d41f627650
Order the file names
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-08-12 15:20:21 +02:00
Manuel Pégourié-Gonnard
077ba8489d
PKCS#1 v2.1 now builds with PSA if no MD_C
...
Test coverage not there yet, as the entire test_suite_pkcs1_v21 is
skipped so far - dependencies to be adjusted in a future commit.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-08-11 12:47:02 +02:00
Janos Follath
d1baedb786
Bignum: extract bignum_mod.h functions
...
Extract functions declared in bignum_mod.h into a source file with a
matching name.
We are doing this because:
- This is a general best practice/convention
- We hope that this will make resolving merge conflicts in the future
easier
- Having them in a unified source file is a premature optimisation at
this point
This makes library/bignum_new.c empty and therefore it is deleted.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-09 13:44:53 +01:00
Janos Follath
0ded631879
Bignum: extract bignum_mod_raw.h functions
...
Extract functions declared in bignum_mod_raw.h into a source file with a
matching name.
We are doing this because:
- This is a general best practice/convention
- We hope that this will make resolving merge conflicts in the future
easier
- Having them in a unified source file is a premature optimisation at
this point
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-09 13:34:54 +01:00
Janos Follath
3ca0775e59
Bignum: extract bignum_core.h functions
...
Extract functions declared in bignum_core.h into a source file with a
matching name.
We are doing this because:
- This is a general best practice/convention
- We hope that this will make resolving merge conflicts in the future
easier
- Having them in a unified source file is a premature optimisation at
this point
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-09 11:45:47 +01:00
Gabor Mezei
0c655572dc
Build the new bignum_new.c file
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-08-05 17:03:56 +01:00
Gilles Peskine
5740ff5f1f
Merge pull request #5949 from Summer-ARM/mbedtls-psa-crypto-config
...
MBEDTLS_POLY1305_C and MBEDTLS_CHACHA20_C are needed when PSA_WANT_ALG_CHACHA20_POLY1305 is defined
2022-08-05 11:03:45 +02:00
Dave Rodgman
27036c9e28
Merge pull request #6142 from tom-cosgrove-arm/fix-comments-in-docs-and-comments
...
Fix a/an typos in doxygen and other comments
2022-07-29 12:59:05 +01:00
Dave Rodgman
aba26d0099
Merge pull request #5963 from tom-daubney-arm/remove_ssl_compression_new
...
Remove use of SSL session compression
2022-07-28 10:28:23 +01:00
Manuel Pégourié-Gonnard
f6b8c3297a
Merge pull request #6065 from mpg/explore2
...
Driver-only hashes: RSA 1.5 and PK + strategy doc
2022-07-28 10:43:38 +02:00
Tom Cosgrove
ce7f18c00b
Fix a/an typos in doxygen and other comments
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-07-28 05:50:56 +01:00
Thomas Daubney
20f89a9605
Remove uses of SSL compression
...
Remove or modify current uses of session compression.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-07-26 16:13:03 +01:00
Jan Bruckner
25fdc2addb
Fix minor typos
...
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2022-07-26 10:52:46 +02:00
Ronald Cron
e579ece305
Merge pull request #6087 from yuhaoth/pr/add-tls13-serialize_session_save_load
...
TLS 1.3: Add serialize session save load
I can see that https://github.com/Mbed-TLS/mbedtls/pull/6087#discussion_r927935696 and https://github.com/Mbed-TLS/mbedtls/pull/6087#discussion_r924252403 are addressed in #6123 . Thus I am ok to merge it as it is.
2022-07-23 08:57:11 +02:00
Ronald Cron
340c559cb3
Merge pull request #6079 from yuhaoth/pr/add-tls13-parse-pre_shared_key_offered_psks
...
TLS 1.3: PSK: Add parser/writer of pre_shared_key extension on server side.
2022-07-23 08:50:45 +02:00
Jerry Yu
a66fecebe7
Add endpoint/ticket_flag field for session
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
77f0148e11
Add psk/psk_ephemeral key exchange check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-21 23:27:22 +08:00
Ronald Cron
32578b3bd0
Merge pull request #6069 from yuhaoth/pr/add-tls13-write-new-session-ticket
...
TLS 1.3:add tls13 write new session ticket
Validated by the internal CI and Travis.
2022-07-21 16:17:35 +02:00
Jerry Yu
e67bef4aba
Add tls13 write new session ticket
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 22:41:00 +08:00
Dave Rodgman
7085aa42ee
Merge pull request #5896 from wernerlewis/aes_shallow_copy
...
Refactor AES context to be shallow-copyable
2022-07-20 15:16:37 +01:00
Jerry Yu
9750f813a7
Rename MBEDTLS_SSL_TICKET_NONCE_LENGTH
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 12:36:28 +08:00
Jerry Yu
0a430c8aaf
Rename resumption_key and the hardcode len
...
`resumption_key` is better name.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Jerry Yu
b14413804a
Remove ticket_flags
...
It should be added later.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Jerry Yu
08aed4def9
fix comments and time_t type issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Jerry Yu
af2c0c8dd6
fix various comment/format issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Jerry Yu
a357cf4d4c
Rename new_session_ticket state
...
Both client and server side use
`MBEDTLS_SSL_NEW_SESSION_TICKET` now
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Jerry Yu
f8a4994ec7
Add tls13 new session ticket parser
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Jerry Yu
c62ae5f539
Add new session ticket message check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Jerry Yu
a270f67340
Add tls13 session fields
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Jerry Yu
0038c5ff1c
Add ticket nonce setting
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-20 11:07:29 +08:00
Manuel Pégourié-Gonnard
abac037a7b
Migrate from old inline to new actual function.
...
This is mostly:
sed -i 's/mbedtls_psa_translate_md/mbedtls_hash_info_psa_from_md/' \
library/*.c tests/suites/*.function
This should be good for code size as the old inline function was used
from 10 translation units inside the library, so we have 10 copies at
least.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-18 21:28:38 +02:00
Manuel Pégourié-Gonnard
1f7f7172dc
Document existing dependency of MD_C
...
Trying to compile MD_C without any of the hash modules would result in a
bunch of unused parameter warning (hence errors in -Werror builds).
We could silence those warnings by casting the parameters to void, but
still, compiling the module in such a configuration would mean all of
its functions are useless (always returning an error).
Seems better to just document the dependency.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-18 12:49:20 +02:00
Ronald Cron
d5b1eb51db
Merge pull request #6078 from yuhaoth/pr/add-tls13-paser-psk-kex-mode-ext
...
TLS 1.3: PSK: Add parser of psk kex mode ext on server side
2022-07-18 11:34:24 +02:00
Paul Elliott
0b5f4950cc
Merge pull request #5953 from tuvshinzayaArm/update-document-PSA_ALG_RSA_PSS
...
Update documentation of PSA_ALG_RSA_PSS
2022-07-14 10:40:21 +01:00
Jerry Yu
e19e3b9eb8
Add psk_key_exchange_modes parser
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-12 09:53:35 +00:00
Paul Elliott
cd08ba0326
Bump version to 3.2.1
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-07-12 10:51:55 +01:00
Manuel Pégourié-Gonnard
bab73ab842
Loosen guards in mbedtls_psa_translate_md()
...
Depending only of our software implementation was too strict. The
function can be useful when only the PSA implementation is available,
since oftentimes the algorithm will still be expressed as an md_type for
legacy reasons.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-12 11:11:20 +02:00
Manuel Pégourié-Gonnard
46a295422d
Build and test RSA PKCS#1v1.5 without MD
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard
3f4778995e
Rm dependency on MD in psa_crypto_rsa.c
...
The previous commit made the PKCS#1v1.5 part of rsa.c independent from
md.c, but there was still a dependency in the corresponding part in PSA.
This commit removes it.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard
fe2b9b5397
Make mbedtls_oid_get_md_alg() always available
...
This is a step towards building with RSA PKCS#1v1.5 without MD.
Also loosen guards around oid data: the OID definitions clearly don't
depend on our software implementation.
We could simply have no dependency as this is just data. But for the
sake of code size, let's have some guards so that people who don't use
MD5, SHA1 or RIPEMD160 don't have to pay the price for them.
Note: this is used for RSA (PKCS#v1.5) signatures among other things, an
area that is not influenced by USE_PSA, so the guards should not depend
on it either.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard
b86279fc63
Build and test PK without MD
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-12 11:11:18 +02:00
Paul Elliott
20362cd1ca
Bump library and so versions for 3.2.0 release
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-07-11 13:56:01 +01:00
Ronald Cron
ce7d76e2ee
Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr
2022-07-11 10:22:37 +02:00
Manuel Pégourié-Gonnard
3e83098e01
Clarify the TLS 1.3 situation
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-04 12:44:32 +02:00
Manuel Pégourié-Gonnard
ff43ff6e78
Remove stability waiver from USE_PSA
...
It was initially motivated by the fact that the PSA Crypto APIs
themselves were not stable. In the meantime, PSA Crypto has reached
1.0.0 so this no longer applies.
If we want user to be able to fully benefit from PSA in order to
isolate long-term secrets, they need to be able to use the new APIs with
confidence. There is no reason to think those APIs are any more likely
to change than any of our other APIs, and if they do, we'll follow the
normal process (deprecated in favour of a new variant).
For reference, the APIs in question are:
mbedtls_pk_setup_opaque() // to use PSA-held ECDSA/RSA keys in TLS
mbedtls_ssl_conf_psk_opaque() // for PSA-held PSKs in TLS
mbedtls_ssl_set_hs_psk_opaque() // for PSA-held PSKs in TLS
mbedtls_cipher_setup_psa() (deprecated in 3.2)
mbedtls_pk_wrap_as_opaque() (documented internal, to be removed in 3.2)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-04 12:38:43 +02:00
Manuel Pégourié-Gonnard
4d7af2aee0
Merge pull request #5835 from superna9999/5831-tls-1-2-ciphersuite-selection
...
Permissions 2a: TLS 1.2 ciphersuite selection
2022-07-04 12:37:02 +02:00
Paul Elliott
41aa808a56
Merge pull request #952 from gilles-peskine-arm/stdio_buffering-setbuf
...
Turn off stdio buffering with setbuf()
2022-07-04 10:12:22 +01:00
Paul Elliott
bae7a1a5a6
Merge pull request #5620 from gstrauss/dn_hints
...
Add accessors to config DN hints for cert request
2022-07-01 17:23:14 +01:00
Manuel Pégourié-Gonnard
790ab52ee0
Merge pull request #5962 from gilles-peskine-arm/storage-format-doc-202206
...
Documentation about storage format compatibility
2022-07-01 12:21:17 +02:00
Gilles Peskine
0bd76ee2ed
Fix Doxygen documentation attached to non-existent elements
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-30 19:32:02 +02:00
Gilles Peskine
6497b5a1d1
Add setbuf platform function
...
Add a platform function mbedtls_setbuf(), defaulting to setbuf().
The intent is to allow disabling stdio buffering when reading or writing
files with sensitive data, because this exposes the sensitive data to a
subsequent memory disclosure vulnerability.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-30 17:01:40 +02:00
Ronald Cron
bcde39ca4a
Merge pull request #5612 from tom-cosgrove-arm/tls13-config-options
...
Document that MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is required by MBEDTLS_SSL_PROTO_TLS1_3
Fully validated by the internal CI. No need to wait for the open one.
2022-06-30 15:10:02 +02:00
Manuel Pégourié-Gonnard
31fcfd5632
Merge pull request #5981 from mprse/hkdf_config_fix
...
Add comment to config_psa.h about enabling PSA_HKDF/-EXTRACT/-EXPAND
2022-06-30 11:27:16 +02:00
Tom Cosgrove
afb2fe1acf
Document that MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is required by MBEDTLS_SSL_PROTO_TLS1_3
...
Also have check_config.h enforce this. And MBEDTLS_SSL_EXPORT_KEYS has been removed,
so no longer mention it.
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-06-29 16:36:12 +01:00
Werner Lewis
6d71944f0d
Specify unit for rk_offset in AES context
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-29 16:17:50 +01:00
Werner Lewis
dd76ef359d
Refactor AES context to be shallow-copyable
...
Replace RK pointer in AES context with a buffer offset, to allow
shallow copying. Fixes #2147 .
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-29 16:17:50 +01:00
Gilles Peskine
955993c4b5
For status values, the macro expansions must not change either
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-29 14:37:17 +02:00
Ronald Cron
7898fd456a
Merge pull request #5970 from gabor-mezei-arm/5229_Send_dummy_change_cipher_spec_records_from_server
...
TLS 1.3 server: Send dummy change_cipher_spec records
The internal CI PR-merge job ran successfully thus good to go.
2022-06-29 09:47:49 +02:00
Gilles Peskine
7d14c19730
Merge pull request #5905 from gilles-peskine-arm/changelog-improvements-20220609-development
...
Changelog improvements before the 3.2 release
2022-06-28 21:00:10 +02:00
Glenn Strauss
999ef70b27
Add accessors to config DN hints for cert request
...
mbedtls_ssl_conf_dn_hints()
mbedtls_ssl_set_hs_dn_hints()
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-06-28 12:43:59 -04:00
Neil Armstrong
9f4606e6d2
Rename mbedtls_ssl_get_ciphersuite_sig_pk_ext_XXX in mbedtls_ssl_get_ciphersuite_sig_pk_ext_XXX()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-06-28 18:12:17 +02:00
Neil Armstrong
0c9c10a401
Introduce mbedtls_ssl_get_ciphersuite_sig_pk_ext_alg() and use it in ssl_pick_cert()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-06-28 18:10:48 +02:00
Gabor Mezei
f7044eaec8
Fix name
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-06-28 16:01:49 +02:00
Summer Qin
9f2596f387
Add MBEDTLS_POLY1305_C and MBEDTLS_CHACHA20_C
...
MBEDTLS_POLY1305_C and MBEDTLS_CHACHA20_C are needed
when PSA_WANT_ALG_CHACHA20_POLY1305 is defined
Signed-off-by: Summer Qin <summer.qin@arm.com>
2022-06-28 17:56:27 +08:00
Glenn Strauss
01d2f52a32
Inline mbedtls_x509_dn_get_next() in x509.h
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-06-27 14:20:07 -04:00
Przemek Stekiel
18399d8d53
Add comment to config_psa.h about enabling PSA_HKDF/PSA_HKDF_EXRACT/PSA_HKDF_EXPAND algs
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-27 15:36:06 +02:00
Manuel Pégourié-Gonnard
93a7f7d7f8
Merge pull request #5954 from wernerlewis/x509_next_merged
...
Add mbedtls_x509_dn_get_next function
2022-06-24 09:59:22 +02:00
Manuel Pégourié-Gonnard
4cfaae5b6b
Save code size by calling get_type only once
...
This is an external function, so in the absence of link-time
optimisation (LTO) the compiler can't know anything about it and has to
call it the number of times it's called in the source code.
This only matters for pk_ec, but change pk_rsa as well for the sake of
uniformity.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-06-23 09:43:39 +02:00
Gabor Mezei
7b39bf178e
Send dummy change_cipher_spec records from TLS 1.3 server
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-06-22 17:07:21 +02:00
Przemek Stekiel
b33bd19197
Enable HKDF EXTRACT/EXPAND algs
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-21 09:58:51 +02:00
Manuel Pégourié-Gonnard
22e84de971
Improve contract of mbedtls_pk_ec/rsa()
...
Trusting the caller to perform the appropriate check is both risky, and
a bit user-unfriendly. Returning NULL on error seems both safer
(dereferencing a NULL pointer is more likely to result in a clean crash,
while mis-casting a pointer might have deeper, less predictable
consequences) and friendlier (the caller can just check the return
value for NULL, which is a common idiom).
Only add that as an additional way of using the function, for the sake
of backwards compatibility. Calls where we know the type of the context
for sure (for example because we just set it up) were legal and safe, so
they should remain legal without checking the result for NULL, which
would be redundant.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-06-20 21:12:29 +02:00
Manuel Pégourié-Gonnard
1c91b0c434
Clarify warning about mbedtls_pk_ec/rsa()
...
The previous wording "ensure it holds an XXX" context did not mean
anything without looking at the source.
Looking at the source, the criterion is:
- for mbedtls_pk_rsa(), that the info structure uses rsa_alloc_wrap;
- for mbedtls_pk_ec(), that it uses eckey_alloc_wrap or
ecdsa_alloc_wrap, since mbedtls_ecdsa_context is a typedef for
mbedtls_ecp_keypair. (Note that our test code uses mbedtls_pk_ec() on
contexts of type MBEDTLS_PK_ECDSA.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-06-20 21:12:29 +02:00
Gilles Peskine
4b873874a3
Backward compatibility: the key store with drivers
...
Promise that we will try to keep backward compatibility with basic driver
usage, but not with more experimental aspects.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-20 18:50:09 +02:00
Gilles Peskine
98473c4523
Officially deprecate MBEDTLS_PSA_CRYPTO_SE_C
...
This was intended as experimental, and we've been saying for a long time
that it's superseded by the "unified driver interface", but we hadn't
documented that inside the Mbed TLS source code. So announce it as
deprecated.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-20 18:46:22 +02:00
Gilles Peskine
7973399f7b
Add compatibility notes regarding values embedded in the key store
...
Certain numerical values are written to the key store. Changing those
numerical values would break the backward compatibility of stored keys. Add
a note to the affected types. Add comments near the definitions of affected
values.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-20 18:41:20 +02:00
Gilles Peskine
f070a5e5d5
Document how PSA identifiers are generally constructed
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-20 18:40:45 +02:00
Gilles Peskine
36aeb7f163
Merge pull request #5834 from mprse/HKDF_1
...
HKDF 1: PSA: implement HKDF_Expand and HKDF_Extract algorithms
2022-06-20 15:27:46 +02:00
Werner Lewis
2f1d51070c
Fix incorrect param in function declaration
...
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-20 11:48:35 +01:00
Werner Lewis
b3acb053fb
Add mbedtls_x509_dn_get_next function
...
Allow iteration through relative DNs when X509 name contains multi-
value RDNs.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-06-17 16:40:55 +01:00
Tuvshinzaya Erdenekhuu
44baacd089
Update documenation of PSA_ALG_RSA_PSS
...
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-06-17 12:10:35 +01:00
Gilles Peskine
9b3278b263
Doc: the SHA256/SHA512 options also cover SHA224/SHA384
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-09 19:09:38 +02:00
Paul Elliott
5f2bc754d6
Merge pull request #5792 from yuhaoth/pr/add-tls13-moving-state-tests
...
Pr/add-tls13-moving-state-tests
2022-06-08 13:39:52 +01:00
Dave Rodgman
4b55a89327
Merge pull request #5887 from tom-daubney-arm/mbedtls_x509_crt_ext_types_accessor
...
Add accessor for x509 certificate extension types
2022-06-06 21:51:38 +01:00
Thomas Daubney
a5f39e0ec2
Move accessor definition
...
Move the definition of the accessor so that it is not defined
within the MBEDTLS_X509_CRT_WRITE_C guards. Thus remove the
dependency from the test and test cases.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-06-06 15:42:32 +01:00
Przemek Stekiel
3e8249cde0
Add PSA_WANT_ALG_HKDF_EXPAND, PSA_WANT_ALG_HKDF_EXTRACT, adapt code and dependencies
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-03 16:18:15 +02:00
Przemek Stekiel
73f97d4841
PSA_ALG_HKDF: add salt processing warning
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-03 16:18:15 +02:00
Przemek Stekiel
a29b488296
Optimize code by adding PSA_ALG_IS_ANY_HKDF macro
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-03 16:18:09 +02:00
Przemek Stekiel
459ee35062
Fix typo and style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-06-02 11:16:52 +02:00
Thomas Daubney
979aa49d1c
Add accessor for x509 certificate extension types
...
Add accessor for x509 certificate extension types
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-06-01 10:22:14 +01:00
Gilles Peskine
09858ae664
Merge pull request #5813 from mprse/deprecate_mbedtls_cipher_setup_psa
...
Deprecate mbedtls_cipher_setup_psa()
2022-05-31 10:56:52 +02:00
Janos Follath
07c2e5e6d5
Merge pull request #5860 from superna9999/4745-psa-jpake-api-fixes
...
PSA J-PAKE API has missing elements and confusing documentation
2022-05-31 08:27:32 +01:00
Jerry Yu
4dec0e5329
fix state undeclare error
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-05-31 15:06:04 +08:00
Neil Armstrong
ccffab38a3
Remove linkage documentation on PAKE cipher-suite helpers
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-30 15:49:21 +02:00
Dave Rodgman
52625b739e
Merge pull request #5876 from tom-cosgrove-arm/fix-typos-220526
...
Fix spelling and typographical errors found by cspell
2022-05-30 11:35:55 +01:00
Janos Follath
1bc0ca4ed3
Merge pull request #5875 from Summer-ARM/mbedtls-psa-crypto-config
...
Remove duplicated PSA_WANT_ALG_CMAC in crypto_config.h
2022-05-30 09:41:48 +01:00
Neil Armstrong
5ed8a0ec73
Overall PSA PAKE API style issues fixes
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-27 09:47:53 +02:00
Neil Armstrong
5892aa69e3
Fix typo in PSA_ALG_JPAKE documentation
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-27 09:44:47 +02:00
Tom Cosgrove
1e21144194
Fix spelling and typographical errors found by cspell
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-05-26 11:51:00 +01:00
Summer Qin
f0b4253c68
Remove duplicated PSA_WANT_ALG_CMAC in crypto_config.h
...
Signed-off-by: Summer Qin <summer.qin@arm.com>
2022-05-26 09:38:33 +08:00
XiaokangQian
6b916b1616
Add client certificate parse and certificate verify
...
Change-Id: I638db78922a03db6f8bd70c6c5f56fb60365547d
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-05-26 00:40:53 +00:00
Neil Armstrong
ef15751f08
PSA PAKE API typos in documentation fixes
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-25 11:49:45 +02:00
Neil Armstrong
72ab56a1fe
Overall PSA PAKE API style issues fixes
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-25 11:48:37 +02:00
Neil Armstrong
eb93a6f1d8
Use PSA_ALG_NONE in PSA_PAKE_OPERATION_INIT to init psa_algorithm_t
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-25 11:41:05 +02:00
Neil Armstrong
2056ce5111
Fix PSA_PAKE_OUTPUT_MAX_SIZE/PSA_PAKE_INPUT_MAX_SIZE commment about parameters to PSA_PAKE_OUTPUT_SIZE/PSA_PAKE_INPUT_SIZE
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-25 11:38:15 +02:00
Manuel Pégourié-Gonnard
69e348db85
Merge pull request #5833 from superna9999/5826-create-mbedtls-pk-can-do-psa
...
Permissions 1: create `mbedtls_pk_can_do_ext()`
2022-05-23 10:58:32 +02:00
Neil Armstrong
b2f2b027c2
Clarify mbedtls_pk_can_do_ext() return documentation amd add warning on future addition of allowed algs & usage flags
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 12:00:56 +02:00
Neil Armstrong
e9b4581b16
Clarify BAD_STATE return documentation on bad ordering of input and output steps for psa_pake_input() & psa_pake_output()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
0d24575ad0
Clarify BAD_STATE return documentation of psa_pake_set_peer()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
59fa8ee090
Update return documentation of psa_pake_abort()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
97d74b8abb
Update return documentation of psa_pake_get_implicit_key()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
407b27b516
Update return documentation of psa_pake_input()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
664077e3ae
Update return documentation of psa_pake_output()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
2a6dd9c2a8
Rename & update documentation of function, types, and macros for psa_pake_set_role() and associated
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
16ff788f9d
Update return documentation of psa_pake_set_peer()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
3585168259
Update return documentation of psa_pake_set_user()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
71cae6121d
Update return documentation of psa_pake_set_password_key()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
4721a6f33e
Update return documentation of psa_pake_setup()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
1614537697
Fix password wording in PSA_ALG_JPAKE documentation
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
7bc71e9c04
Fix output_size documentation of psa_pake_output()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
cd974d590b
Fix return documentation of PSA_PAKE_OUTPUT_SIZE
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
d5a4825b84
Add missing psa_pake_cs_get_bits()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
ff9cac72e7
Add missing psa_pake_cs_get_family()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
0c8ef93c8e
Add missing psa_pake_abort()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
799106b441
Pass input as const reference and fix documentation of psa_pake_input()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
47e700e7de
Pass cipher_suite parameter of psa_pake_setup() by const reference
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:20 +02:00
Neil Armstrong
0151c55b56
Add documentation of PSA_PAKE_OPERATION_INIT
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:50:58 +02:00
Neil Armstrong
5ff6a7fa97
Add missing psa_pake_cipher_suite_init()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:50:57 +02:00
Neil Armstrong
fb99302726
Add missing PSA_PAKE_CIPHER_SUITE_INIT
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 10:45:01 +02:00
Neil Armstrong
a724f7ae17
Document mbedtls_pk_can_do_ext() return for non-allowed algorithms and usage flags
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 09:28:12 +02:00
bootstrap-prime
6dbbf44d78
Fix typos in documentation and constants with typo finding tool
...
Signed-off-by: bootstrap-prime <bootstrap.prime@gmail.com>
2022-05-18 14:15:33 -04:00
Przemek Stekiel
b398d8693f
Update descryption of HKDF-Extract/Expand algs and fix comment
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-18 15:43:54 +02:00
Neil Armstrong
408f6a60a3
Add usage parameter to mbedtls_pk_can_do_ext()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-17 14:23:20 +02:00
Neil Armstrong
cec133a242
Fix typo in mbedtls_pk_can_do_ext() documentation
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-17 11:56:01 +02:00
Manuel Pégourié-Gonnard
1cd4f6a873
Merge pull request #5794 from mprse/cipher_dep
...
Fix undeclared dependencies: CIPHER
2022-05-12 13:09:04 +02:00
Manuel Pégourié-Gonnard
4014a0408e
Merge pull request #5617 from gilles-peskine-arm/chacha20-rfc7539-test-vector
...
PSA: ChaCha20: add RFC 7539 test vector with counter=1
2022-05-12 12:34:20 +02:00
Neil Armstrong
0b5295848e
Add definition of mbedtls_pk_can_do_ext()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-12 11:53:02 +02:00
Przemek Stekiel
a09f835bd8
Fix CIPHER dependencies dependeny and error messages
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-12 10:42:20 +02:00
Przemek Stekiel
ea805b4f20
mbedtls_config.h, check_config.h: fix CIPHER dependencies
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-12 10:42:20 +02:00
Dave Rodgman
58f591526e
Merge pull request #5732 from daverodgman/warmsocks_spellingfixes
...
Fixed spelling and typographical errors found by CodeSpell
2022-05-12 09:26:29 +01:00
Manuel Pégourié-Gonnard
34f6ac7c22
Merge pull request #5812 from adeaarm/development
...
Fix key_id and owner_id accessor macros
2022-05-12 10:25:02 +02:00
Andrzej Kurek
5c65c5781f
Fix additional misspellings found by codespell
...
Remaining hits seem to be hex data, certificates,
and other miscellaneous exceptions.
List generated by running codespell -w -L
keypair,Keypair,KeyPair,keyPair,ciph,nd
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-05-11 21:25:54 +01:00
Shaun Case
8b0ecbccf4
Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.
...
Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 21:25:51 +01:00
Przemek Stekiel
ebf6281ce6
crypto_values.h: fix description
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-11 14:16:05 +02:00
Przemek Stekiel
6b6ce3278e
Add definitions for HKDF-Extract and HKDF-Expand algs
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-10 12:38:27 +02:00
Manuel Pégourié-Gonnard
42650260a9
Merge pull request #5783 from mprse/md_dep_v3
...
Fix undeclared dependencies: MD
2022-05-10 10:41:32 +02:00
Przemek Stekiel
6e71282c87
Fix caller list of the MD module
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-06 11:40:20 +02:00
Przemek Stekiel
ef1fb4a3d3
Deprecate mbedtls_cipher_setup_psa()
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-06 10:55:10 +02:00
Antonio de Angelis
6729474fbb
Fix key_id and owner_id accessor macros
...
The accessor macros for key_id and owner_id in the mbedtls_svc_key_id_t
need to have the MBEDTLS_PRIVATE() specifier as these fields are private
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2022-05-05 18:45:31 +01:00
Neil Armstrong
8ecd66884f
Keep raw PSK when set via mbedtls_ssl_conf_psk() and feed as input_bytes
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-05 14:01:49 +02:00
Neil Armstrong
e952a30d47
Remove RAW PSK when MBEDTLS_USE_PSA_CRYPTO is selected
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-04 11:08:41 +02:00
Neil Armstrong
501c93220d
Import PSK as opaque PSA key for mbedtls_ssl_conf_psk() & mbedtls_ssl_set_hs_psk()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-04 11:08:41 +02:00
Manuel Pégourié-Gonnard
068a13d909
Merge pull request #5771 from superna9999/5761-rsa-decrypt-rework-pk-wrap-as-opaque
...
RSA decrypt 0: Rework `mbedtls_pk_wrap_as_opaque()`
2022-05-02 09:06:49 +02:00
Gilles Peskine
2b5d898eb4
Merge pull request #5644 from gilles-peskine-arm/psa-storage-format-test-exercise
...
PSA storage format: exercise key
2022-04-28 18:20:02 +02:00
Gilles Peskine
038108388a
Merge pull request #5654 from gilles-peskine-arm/psa-crypto-config-file
...
Support alternative MBEDTLS_PSA_CRYPTO_CONFIG_FILE
2022-04-28 18:17:50 +02:00
Gilles Peskine
f21617915f
Merge pull request #2082 from hanno-arm/iotssl-2490
...
Fix documentation of allowed_pks field in mbedtls_x509_crt_profile
2022-04-28 18:13:55 +02:00
Neil Armstrong
a1fc18fa55
Change mbedtls_pk_wrap_as_opaque() signature to specify alg, usage and key_enrollment_algorithm
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-28 13:27:59 +02:00
Przemek Stekiel
bc3cfed43e
check_config.h: Add MBEDTLS_MD_C dependency MBEDTLS_PKCS12_C, MBEDTLS_PKCS1_V15, MBEDTLS_PKCS1_V21, MBEDTLS_PK_C
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-27 14:49:13 +02:00
Przemek Stekiel
6aadf0b44f
mbedtls_config.h: update dependencies for MBEDTLS_MD_C
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-27 14:49:13 +02:00
Gilles Peskine
efffd6410a
Note that MBEDTLS_CONFIG_FILE can't be defined inside the config file
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-26 18:16:33 +02:00
Manuel Pégourié-Gonnard
8ba99e736a
Clarify wording of documentation
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-04-25 11:17:47 +02:00
Hanno Becker
2b9fb88281
Clarify documentation of mbedtls_x509_crt_profile
...
This commit fixes #1992 : The documentation of mbedtls_x509_crt_profile
previously stated that the bitfield `allowed_pks` defined which signature
algorithms shall be allowed in CRT chains. In actual fact, however,
the field also applies to guard the public key of the end entity
certificate.
This commit changes the documentation to state that `allowed_pks`
applies to the public keys of all CRTs in the provided chain.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-04-25 11:17:15 +02:00