Manuel Pégourié-Gonnard
3304f253d7
Merge pull request #5653 from paul-elliott-arm/handshake_over
...
Add mbedtls_ssl_is_handshake_over()
2022-03-30 12:16:40 +02:00
Paul Elliott
27b0d94e25
Use mbedtls_ssl_is_handshake_over()
...
Switch over to using the new function both internally and in tests.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-24 14:43:52 +00:00
Manuel Pégourié-Gonnard
f4042f076b
Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac
...
TLS record HMAC
2022-03-21 11:36:44 +01:00
Ronald Cron
00d012f2be
Fix type of force_flush parameter
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-09 07:51:52 +01:00
Ronald Cron
66dbf9118e
TLS 1.3: Do not send handshake data in handshake step handlers
...
Send data (call to mbedtls_ssl_flush_output()) only from
the loop over the handshake steps. That way, we do not
have to take care of the partial writings (MBEDTLS_ERR_SSL_WANT_WRITE
error code) on the network in handshake step handlers.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-09 07:51:52 +01:00
Neil Armstrong
4313f55a13
Simplify error handling of PSA mac operationsg in ssl_msg.c
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-02 15:37:04 +01:00
Neil Armstrong
e858996413
Use PSA version of mbedtls_ct_hmac() in mbedtls_ssl_decrypt_buf()
...
Due to mbedtls_ct_hmac() implementation the decryption MAC key
must be exportable.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:17:50 +01:00
Neil Armstrong
cf8841a076
Remove non-PSA MAC keys in mbedtls_ssl_transform when MBEDTLS_USE_PSA_CRYPTO is defined
...
Also remove last usage of non-PSA MAC keys in ssl_decrypt_non_etm_cbc() SSL test.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:16:49 +01:00
Neil Armstrong
26e6d6764e
Use PSA MAC API in mbedtls_ssl_encrypt/decrypt_buf()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:16:49 +01:00
Neil Armstrong
39b8e7dde4
Add, Initialize & Free HMAC keys in mbedtls_ssl_transform
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-23 09:24:57 +01:00
Przemyslaw Stekiel
c499e33ed0
ssl_msg.c: Change message in MBEDTLS_SSL_DEBUG_RET() to be the failed function name instead current function name
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-07 15:12:05 +01:00
Przemyslaw Stekiel
c8a06feae6
ssl_msg.c: Optimize null/stream cipher decryption/encryption
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-07 10:52:47 +01:00
Przemyslaw Stekiel
98ef6dca68
Remove redundant new lines
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-07 08:04:39 +01:00
Przemyslaw Stekiel
8c010eb467
Fix comments, code style, remove debug code
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 14:55:24 +01:00
Przemyslaw Stekiel
6b2eedd25f
ssl_msg.c: add debug code for psa failures
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 14:55:14 +01:00
Przemyslaw Stekiel
d66387f8fa
Init psa status to PSA_ERROR_CORRUPTION_DETECTED
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 09:16:41 +01:00
Przemyslaw Stekiel
b97556e8d1
mbedtls_ssl_encrypt/decrypt_buf: remove dead code
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 09:16:29 +01:00
Przemyslaw Stekiel
77aec8d181
Rename ssl_psa_status_to_mbedtls->psa_ssl_status_to_mbedtls
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 20:22:53 +01:00
Przemyslaw Stekiel
be47ecf5e2
mbedtls_ssl_get_record_expansion: use same condidion set as for non-psa build
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 17:50:00 +01:00
Przemyslaw Stekiel
89dad93a78
Rename psa_status_to_mbedtls->ssl_psa_status_to_mbedtls and add conversion for PSA_ERROR_INVALID_SIGNATURE
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel
399ed51185
Fix condition in mbedtls_ssl_get_record_expansion
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel
1d714479a3
mbedtls_ssl_get_record_expansion: rework switch statement for psa
...
As PSA_ALG_IS_AEAD( transform->psa_alg ) can't be used as switch labels (switch labels must be constant expressions, they have to be evaluated at compile time) refactor switch to "if else" statement.
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
e88477844c
Adapt the mbed tls mode: ccm or gcm or cachapoly to psa version
...
mode == MBEDTLS_MODE_CCM || mode == MBEDTLS_GCM || mode == MBEDTLS_CHACHAPOLY is equivalent to PSA_ALG_IS_AEAD( alg ).
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
221b52791e
ssl_msg.c: fix parm in call to mbedtls_ssl_decrypt_buf()
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
6be9cf542f
Cleanup the code
...
Use conditional compilation for psa and mbedtls code (MBEDTLS_USE_PSA_CRYPTO).
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
d4eab57933
Skip psa encryption/decryption for null cipher
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
ce09e7d868
Use psa_status_to_mbedtls() for psa error case
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
1fe065b235
Fix conditional compilation (MBEDTLS_USE_PSA_CRYPTO)
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
2e9711f766
mbedtls_ssl_decrypt_buf(): replace mbedtls_cipher_crypt() and mbedtls_cipher_auth_decrypt_ext() with PSA calls
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
b37fae122c
mbedtls_ssl_encrypt_buf(): replace mbedtls_cipher_crypt() and mbedtls_cipher_auth_encrypt_ext() with PSA calls
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel
ce37d11c67
mbedtls_ssl_transform_free(): fix destruction of psa keys
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel
8f80fb9b1d
Adapt in mbedtls_ssl_transform_init() and mbedtls_ssl_transform_free() after extending mbedtls_ssl_transform struct
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:28 +01:00
Dave Rodgman
050ad4bb50
Merge pull request #5313 from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac
...
Check HMAC return values
2021-12-13 10:51:27 +00:00
Gilles Peskine
ecf6bebb9c
Catch failures of md_hmac operations
...
Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that
their return values should be checked.
Do check the return values in our code. We were already doing that
everywhere for hash calculations, but not for HMAC calculations.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-12-11 15:00:57 +01:00
Gilles Peskine
d5ba50e239
Zeroize local MAC variables
...
Zeroize local MAC variables used for CBC+HMAC cipher suites. In encryption,
this is just good hygiene but probably not needed for security since the
data protected by the MAC that could leak is about to be transmitted anyway.
In DTLS decryption, this could be a security issue since an adversary could
learn the MAC of data that they were trying to inject. At least with
encrypt-then-MAC, the adversary could then easily inject a datagram with
a corrected packet. TLS would still be safe since the receiver would close
the connection after the bad MAC.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-12-11 14:59:45 +01:00
Ronald Cron
6f135e1148
Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3
...
As we have now a minimal viable implementation of TLS 1.3,
let's remove EXPERIMENTAL from the config option enabling
it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:47:55 +01:00
Ronald Cron
7e38cba993
Add incoming ChangeCipherSpec filtering in TLS 1.3
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-09 13:40:22 +01:00
Gabor Mezei
be7b21da22
Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module
2021-11-24 10:44:13 +01:00
Jerry Yu
a1a568c2f6
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-11-09 10:17:21 +08:00
Jerry Yu
1ca80f7ca5
fix comment issue
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-11-08 10:45:16 +08:00
Jerry Yu
47413c2c8f
fix wrong version header for tls1.3
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-30 20:23:37 +08:00
Gabor Mezei
22c9a6fccc
Rename internal header constant_time.h to constant_time_internal.h
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-10-20 12:15:20 +02:00
Gabor Mezei
90437e3762
Rename constant-time functions to have mbedtls_ct prefix
...
Rename functions to better suite with the module name.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-10-20 11:59:27 +02:00
Gabor Mezei
765862c4f3
Move mbedtls_cf_memcmp to a new public header
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-10-19 12:22:25 +02:00
Ronald Cron
e23bba04ee
Merge pull request #4927 from yuhaoth/pr/add-tls13-serverhello-utils
...
TLS 1.3: ServerHello: add utils functions used by ServerHello
Regarding the merge job, there was only one of the failure we currently encounter on almost all PR (Session resume using tickets, DTLS: openssl client test case see #5012 ) thus we can consider that this PR passed CI.
2021-10-11 11:01:11 +02:00
Jerry Yu
fd320e9a6e
Replace zeroize with memset
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-08 21:52:41 +08:00
Jerry Yu
ae0b2e2a2f
Rename counter_len
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-08 15:40:14 +08:00
Jerry Yu
c1ddeef53a
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-08 15:40:14 +08:00
Jerry Yu
d96a5c2d86
Fix wrong usage of counter len macro
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-29 17:46:51 +08:00
gabor-mezei-arm
4602564d7a
Unify memcmp functions
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:33:47 +02:00