Gabor Mezei
9f4bb319c9
Implement HKDF extract in TLS 1.3 based on PSA HMAC
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-21 15:23:29 +01:00
Gabor Mezei
8e3602569b
Typo
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-17 11:50:02 +01:00
Gabor Mezei
8d5a4cbfdb
Check return value of psa_destroy_key
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-15 16:23:17 +01:00
Gabor Mezei
833713c35c
Add better name for variable
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-15 16:16:08 +01:00
Przemyslaw Stekiel
c0824bfb11
Change mbedtls_ssl_tls13_key_schedule_stage_handshake() to use psa_raw_key_agreement()
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-14 10:19:45 +01:00
Gabor Mezei
9607ab4dbd
Prevent function not used compilation error
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-10 10:57:24 +01:00
Gabor Mezei
a3eecd242c
Implement HKDF expand in TLS 1.3 based on PSA HMAC
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-02-10 10:57:23 +01:00
Przemyslaw Stekiel
f9cd60853f
ssl_tls1X_populate_transform(): import psa keys only if alg is not MBEDTLS_SSL_NULL_CIPHER
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-01 11:25:55 +01:00
Przemyslaw Stekiel
77aec8d181
Rename ssl_psa_status_to_mbedtls->psa_ssl_status_to_mbedtls
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 20:22:53 +01:00
Przemyslaw Stekiel
89dad93a78
Rename psa_status_to_mbedtls->ssl_psa_status_to_mbedtls and add conversion for PSA_ERROR_INVALID_SIGNATURE
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel
f57b45660d
Rename tls_mbedtls_cipher_to_psa() to be consistent with function naming convention.
...
New function name: mbedtls_ssl_cipher_to_psa().
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
9b22c2b1e6
Rename: mbedtls_cipher_to_psa -> tls_mbedtls_cipher_to_psa
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
6be9cf542f
Cleanup the code
...
Use conditional compilation for psa and mbedtls code (MBEDTLS_USE_PSA_CRYPTO).
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
fe7397d8a7
Fix key attributes encrypt or decrypt only (not both)
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
dd7b501c92
Move PSA init after taglen is set
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
e87475d834
Move psa_status_to_mbedtls to ssl_misc.h
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
1fe065b235
Fix conditional compilation (MBEDTLS_USE_PSA_CRYPTO)
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
76e1583483
Convert psa status to mbedtls
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel
11a33e6d90
Use PSA_BITS_TO_BYTES macro to convert key bits to bytes
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel
ae77b0ab28
mbedtls_ssl_tls13_populate_transform: store the en/decryption keys and alg in the new fields
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:28 +01:00
lhuang04
a3890a3427
Swap the client and server random for TLS 1.3
...
Summary:
Test Plan:
Reviewers:
Subscribers:
Tasks:
Tags:
Signed-off-by: lhuang04 <lhuang04@fb.com>
2022-01-27 06:00:43 -08:00
Ronald Cron
6f135e1148
Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3
...
As we have now a minimal viable implementation of TLS 1.3,
let's remove EXPERIMENTAL from the config option enabling
it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:47:55 +01:00
Jerry Yu
a5563f6115
move position of base_key init
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 18:14:36 +08:00
Jerry Yu
b737f6a9be
move base_key init
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 17:55:59 +08:00
Jerry Yu
9c07473ebc
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 17:12:43 +08:00
Jerry Yu
889b3b76da
fix clang build fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 12:57:45 +08:00
Jerry Yu
4a2fa5d0aa
Move erase handshake secrets
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 10:37:14 +08:00
Jerry Yu
27224f58be
fix coding style issue
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 10:33:27 +08:00
Jerry Yu
23ab7a46a3
move zeroize master secrets
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 10:33:27 +08:00
Jerry Yu
2c70a39d97
move zeroize randbytes
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-10 10:33:27 +08:00
Jerry Yu
6eaa41c15e
Fix overflow error
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-12-06 18:16:30 +08:00
Xiaofei Bai
d25fab6f79
Update based on comments
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2021-12-02 06:36:27 +00:00
Xiaofei Bai
feecbbbb93
Fix some variable names in code comment
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2021-11-26 08:08:36 +00:00
Xiaofei Bai
b7972840fd
Fix variable names in ssl_tls13_keys.*
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2021-11-26 08:08:36 +00:00
Xiaofei Bai
746f9481ea
Fix 1_3/13 usages in macros and function names
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2021-11-26 08:08:36 +00:00
XiaokangQian
a4c99f2c2d
Remove useless blank line
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-11 06:46:35 +00:00
XiaokangQian
3306284776
Change code base on comments
...
Remove client certificate verify in tests.
Change the layout of structure to fix abi_api check issues.
Add comments of Finished.
Align with the coding styles.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-11 03:37:45 +00:00
XiaokangQian
d0aa3e9307
Inprove code base on review comments
...
Change debug messag for server finished.
Change name of generate_application_keys.
Remove the client vertificate tests from ssl-opt.sh.
Add test strings for server finished in ssl-opt.sh.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 06:17:40 +00:00
XiaokangQian
aaa0e197a8
Change the alignment and names of functions and a macro
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 03:07:04 +00:00
XiaokangQian
c5c39d5800
Change code for styles and comments .etc
...
Remove useless code in union.
Rename functions and parameters.
Move definitions into othe files.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
b51f8841c4
Change comments for export_keys callback
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
ac0385c08f
Change code based on comments
...
Move set_state function into client
Add back export_key callback function in generate
application keys
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
61bdbbc18b
Add cleanup in functions for secure reason
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
f26f6ade0c
Rebase and solve conflicts
...
Remove the double definition and change name
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
f13c56032f
Revert some changes about tls13 and macros
...
There is one PR #4988 to change it in the future
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
7c91705e21
Remove support for MBEDTLS_SSL_EXPORT_KEYS
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
a763498490
Change code based on commetns
...
Focus on the code style, naming rule,etc.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
4cab0240c7
Change coding style
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
aa5f5c1f5d
TLS1.3: Add server finish processing in client side
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:22 +00:00
Jerry Yu
ad3a113fc6
Remove MBEDTLS_SSL_EXPORT_KEYS
...
It is always on now in `development`
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:46:43 +08:00
Jerry Yu
b85277e3af
Address various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:29 +08:00
Jerry Yu
435208a949
Improve generate_handshake_keys
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:29 +08:00
Jerry Yu
c068b6671e
Rename tls13 prefix to fix coding issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
f0ac2352d6
Refactor key_schedule_stage_handshake
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
5ccfcd4ca1
Add local variable to represent handshake
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
a0650ebb9d
tls13: add handshake key schedule
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
61e35e0047
tls13: add generate handshake keys
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-25 10:41:28 +08:00
Jerry Yu
6ca7c7fd6b
Remove useless variables
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-28 18:51:40 +08:00
Jerry Yu
e06f4532ef
remove useless code
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
4836952f9d
fix tls1_3 prefix issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
b65eb2f3cf
Revert "tls13: add generate handshake keys"
...
This reverts commit f02ca4158674b974ae103849c43e0c92efc40e8c.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
e3131ef7f3
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
000f976070
Rename get_handshake_transcript
...
- Remove tls13 prefix
- Remove TLS1_3 macro wrap
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
4925ef5da1
tls13: add generate handshake keys
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Jerry Yu
89ea321d96
tls13: add key_schedule_stage_early_data
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-27 16:34:58 +08:00
Joe Subbiani
2194dc477a
Replace MBEDTLS_CHAR_x with MBEDTLS_BYTE_x
...
The CHAR macros casted to an unsigned char which in this project
is garunteed to be 8 bits - the same as uint8_t (which BYTE casts
to) therefore, instances of CHAR have been swapped with BYTE and
the number of macros have been cut down
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-08-19 09:56:47 +01:00
Joe Subbiani
cd84d76e9b
Add Character byte reading macros
...
These cast to an unsigned char rather than a uint8_t
like with MBEDTLS_BYTE_x
These save alot of space and will improve maintence by
replacing the appropriate code with MBEDTLS_CHAR_x
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-08-19 09:55:41 +01:00
Hanno Becker
dfba065d80
Adjust ssl_tls13_keys.c to consolidated CID/1.3 padding granularity
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
f62a730e80
Add missing semicolon in TLS 1.3 transform generation code
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
edd5bf0a95
Fix and document minimum length of record ciphertext in TLS 1.3
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
7887a77c25
Match parameter check in TLS 1.3 populate transform to 1.2 version
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:54:03 +01:00
Hanno Becker
c94060c641
Add TLS 1.3 specific key to SSL transform conversion function
...
This commit adds the TLS 1.3 specific internal function
```
mbedtls_ssl_tls13_populate_transform()
```
which creates an instance of the SSL transform structure
`mbedtls_ssl_transform` representing a TLS 1.3 record protection
mechanism.
It is analogous to the existing internal helper function
```
ssl_tls12_populate_transform()
```
which creates transform structures representing record
protection mechanisms in TLS 1.2 and earlier.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 04:52:49 +01:00
Hanno Becker
cd817b0630
Remove misleading comment in TLS 1.3 key schedule code
...
The implementation documentation of
```
mbedtls_ssl_tls1_3_derive_early_secrets()
```
mentioned the PSK binder key, which is misleading because the
function doesn't actually calculate it.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-31 19:40:45 +01:00
Hanno Becker
28e5f1ed57
Avoid unused variable warning in TLS 1.3 PSK binder calculation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-26 09:29:49 +01:00
Hanno Becker
b7d9bad6be
Add helper function for calculation of TLS 1.3 PSK binder
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-24 11:20:30 +01:00
Hanno Becker
ef5235bc2e
Add TLS 1.3 second level key derivations
...
This commit adds helper functions to ssl_tls13_keys.[ch]
allowing to derive the secrets specific to each stage of
a TLS 1.3 handshake (early, handshake, application) from
the corresponding master secret (early secret, handshake
secret, master secret).
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-24 08:32:24 +01:00
Chris Jones
84a773f8e6
Rename ssl_internal.h to ssl_misc.h
...
Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-03-10 12:52:37 +00:00
Chris Jones
e2191cd789
Update includes to use library/ instead of include/mbedtls/
...
Simple find and replace using `#include (<|")mbedtls/(.*)_internal.h(>|")`
and `#include $1$2_internal.h$3`.
Also re-generated visualc files by running
`scripts/generate_visualc_files.pl`.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-03-10 12:52:37 +00:00
Hanno Becker
531fe3054c
Comment on hardcoding of maximum HKDF key expansion of 255 Bytes
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-16 09:50:17 +01:00
Hanno Becker
61baae7c9f
Minor fixes and improvements in TLS 1.3 key schedule documentation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-16 09:47:47 +01:00
Hanno Becker
2dfe1327e5
Fix miscalculation of maximum TLS 1.3 HKDF label length
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-10 09:23:12 +01:00
Hanno Becker
0c42fd94bb
Fix Doxygen documentation of mbedtls_ssl_tls1_3_derive_secret()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:58:29 +01:00
Hanno Becker
97a21567df
Move misplaced comment
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:57:16 +01:00
Hanno Becker
1413bd8ae9
Simplify identification of TLS 1.3 labels in unit test suite
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 12:46:09 +01:00
Hanno Becker
59b50a1997
Don't use _xxx naming for local variables in ssl_tls13_keys.c
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:58:52 +01:00
Hanno Becker
70d7fb0c2d
Don't hardcode TLS 1.3 labels in test cases
...
ssl_tls1_3_keys.c exports a structure containing all labels used
in the TLS 1.3 key schedule, but the TLS 1.3 key scheduling unit
tests so far replicated those labels in the test file. In particular,
wrong label values in ssl_tls1_3_keys.c wouldn't have been caught
by the unit tests.
This commit modifies the TLS 1.3 key schedule unit tests to use
the TLS 1.3 labels as exported by ssl_tls1_3_keys.c. This not only
makes sure that those labels are correct, but also avoids hardcoding
their hex-encoding in the test file.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-09 10:17:37 +01:00
Hanno Becker
a3a5a4e1f9
Please check-names.sh
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 11:33:48 +01:00
Hanno Becker
815869ac9c
Improve documentation of ssl_tls1_3_hkdf_encode_label()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 11:16:16 +01:00
Hanno Becker
00debc734b
Minor improvement in ssl_tls13_keys.c
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 11:12:24 +01:00
Hanno Becker
493ea7f4ae
Remove instances of camelCase in TLS 1.3 key schedule
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 11:08:06 +01:00
Hanno Becker
939bb4d8f6
Initialize TLS 1.3 label prefix with string literal
...
This is in line with how the entries of the TLS 1.3 label
structure `mbedtls_ssl_tls1_3_labels` are initialized.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:48:55 +01:00
Hanno Becker
9cb0a146f1
Remove duplicated computation of TLS 1.3 HKDF label length
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:48:14 +01:00
Hanno Becker
e4435ea777
Introduce TLS 1.3 labels in a single place
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:43:52 +01:00
Hanno Becker
1981cb2972
Use uniform naming for TLS 1.3 label fields
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:36:29 +01:00
Hanno Becker
58c5cea73b
Include common.h from ssl_tls13_keys.c
...
`common.h` takes care of the logic of chosing the correct
configuration file, so we don't need to replicate it in
each source file.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:31:33 +01:00
Hanno Becker
e9cccb440c
Implement TLS 1.3 key evolution function
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:28:28 +01:00
Hanno Becker
b35d52240b
Implement TLS 1.3 key derivation function Derive-Secret
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:28:28 +01:00
Hanno Becker
3385a4d5cf
Implement TLS 1.3 traffic key generation
...
See the documentation in library/ssl_tls13_keys.h.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:28:28 +01:00
Hanno Becker
be9d6648f8
Implement TLS 1.3 key derivation function HKDF-Expand-Label
...
This commit introduces a new file library/ssl_tls13_key.c
which will subsequently be populated with functionality relating
to the TLS 1.3 key schedule.
Those functions are expected to be internal and are documented
in the internal header library/ssl_tls13_keys.h.
The first function to be implemented is the key expansion
function `HKDF-Expand-Label`. See the documentation in
library/ssl_tls13_keys.h for more information.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:28:06 +01:00