Commit graph

4950 commits

Author SHA1 Message Date
Gabor Mezei
be7b21da22
Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module 2021-11-24 10:44:13 +01:00
Gilles Peskine
9264428266
Merge pull request #5105 from AaronErhardt/doc-fixes
doc improvements in aes and sha256 includes
2021-11-22 22:22:00 +01:00
Ronald Cron
28777db226
Merge pull request #4952 from xkqian/add_server_finished
Add server finished
2021-11-12 12:30:10 +01:00
XiaokangQian
3306284776 Change code base on comments
Remove client certificate verify in tests.
Change the layout of structure to fix abi_api check issues.
Add comments of Finished.
Align with the coding styles.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-11 03:37:45 +00:00
XiaokangQian
d6d234f698 Solve the ABI_API check issue for mbedtls_ssl_session
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-11 02:22:12 +00:00
Manuel Pégourié-Gonnard
087f04783d
Merge pull request #5076 from mstarzyk-mobica/psa_ccm_no_tag
PSA CCM*-no-tag
2021-11-10 10:18:55 +01:00
XiaokangQian
c5c39d5800 Change code for styles and comments .etc
Remove useless code in union.
Rename functions and parameters.
Move definitions into othe files.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
1aef02ee20 Fix initialized issues and remove useless code
Fix the variable not inialized issue, remove the client
certificate related code, remove early data related code.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
f13c56032f Revert some changes about tls13 and macros
There is one PR #4988 to change it in the future

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
a763498490 Change code based on commetns
Focus on the code style, naming rule,etc.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:23 +00:00
XiaokangQian
aa5f5c1f5d TLS1.3: Add server finish processing in client side
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-11-10 01:47:22 +00:00
Gabor Mezei
642eeb2879
Fix documentation and comments
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-11-03 16:13:32 +01:00
Gilles Peskine
f2fe31ab4e Reorder macro definitions
Definition before mention

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-11-03 15:48:15 +01:00
Gilles Peskine
f7b4137e69 Untangle PSA_ALG_IS_HASH_AND_SIGN and PSA_ALG_IS_SIGN_HASH
The current definition of PSA_ALG_IS_HASH_AND_SIGN includes
PSA_ALG_RSA_PKCS1V15_SIGN_RAW and PSA_ALG_ECDSA_ANY, which don't strictly
follow the hash-and-sign paradigm: the algorithm does not encode a hash
algorithm that is applied prior to the signature step. The definition in
fact encompasses what can be used with psa_sign_hash/psa_verify_hash, so
it's the correct definition for PSA_ALG_IS_SIGN_HASH. Therefore this commit
moves definition of PSA_ALG_IS_HASH_AND_SIGN to PSA_ALG_IS_SIGN_HASH, and
replace the definition of PSA_ALG_IS_HASH_AND_SIGN by a correct one (based
on PSA_ALG_IS_SIGN_HASH, excluding the algorithms where the pre-signature
step isn't to apply the hash encoded in the algorithm).

In the definition of PSA_ALG_SIGN_GET_HASH, keep the condition for a nonzero
output to be PSA_ALG_IS_HASH_AND_SIGN.

Everywhere else in the code base (definition of PSA_ALG_IS_SIGN_MESSAGE, and
every use of PSA_ALG_IS_HASH_AND_SIGN outside of crypto_values.h), we meant
PSA_ALG_IS_SIGN_HASH where we wrote PSA_ALG_IS_HASH_AND_SIGN, so do a
global replacement.
```
git grep -l IS_HASH_AND_SIGN ':!include/psa/crypto_values.h' | xargs perl -i -pe 's/ALG_IS_HASH_AND_SIGN/ALG_IS_SIGN_HASH/g'
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-11-03 15:48:15 +01:00
Mateusz Starzyk
c5c5b93611 Add missing PSA_KEY_ID_NULL macro.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-11-03 15:47:03 +01:00
Mateusz Starzyk
7d262dd1ee Add missing PSA_HASH_BLOCK_LENGTH macro.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-11-03 15:47:03 +01:00
Mateusz Starzyk
359b5ab6ea Add missing PSA_ALG_NONE macro.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-11-03 15:47:03 +01:00
Mateusz Starzyk
e6d3edaf32 Add missing PSA_ALG_IS_SIGN_HASH macro.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-11-03 15:47:03 +01:00
Manuel Pégourié-Gonnard
0dbe1dfa1c
Merge pull request #4859 from brett-warren-arm/supported_groups
Add mbedtls_ssl_conf_groups to API
2021-11-02 10:49:09 +01:00
Manuel Pégourié-Gonnard
4313d3ac87
Merge pull request #5010 from gilles-peskine-arm/psa-rsa-pss_any_salt
PSA: fix salt length for PSS verification
2021-10-29 16:36:36 +02:00
Brett Warren
e0edc8407b Add mbedtls_ssl_conf_groups to API
mbedtls_ssl_conf_groups allows supported groups for key
sharing to be configured via their IANA NamedGroup ID.

This is added in anticipation of PQC and Hybrid key
sharing algorithms being integrated into Mbed TLS.

mbedtls_ssl_conf_curves is deprecated in favor of
mbedtls_ssl_conf_groups. handshake_init has been
modified to translate and copy curves configured
via conf_curves into a heap allocatied array of
NamedGroup IDs. This allows the refactoring of code
interacting with conf_curve related variables (such
as curve_list) to use NamedGroup IDs while retaining
the deprecated API.

Signed-off-by: Brett Warren <brett.warren@arm.com>
2021-10-29 11:27:00 +01:00
Manuel Pégourié-Gonnard
136819fe6e
Merge pull request #4959 from gilles-peskine-arm/psa-add-aria
Add ARIA to the PSA API
2021-10-29 09:38:06 +02:00
Mateusz Starzyk
a706e5e317 Add missing cipher mode translations for PSA
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-10-28 17:59:06 +02:00
Brett Warren
36b70b2a4e Change MBEDTLS_ECP_DP_MAX to 14
Signed-off-by: Brett Warren <brett.warren@arm.com>
2021-10-28 16:00:13 +01:00
XiaokangQian
7b2d4efee8 Change the buffer boundary check and alert type
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-10-28 01:49:37 +00:00
XiaokangQian
2d5c72be0b TLS1.3: Add Encrypted Extensions
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2021-10-28 01:49:37 +00:00
Mateusz Starzyk
7de19ddaf5 Remove invalid comments in CCM API
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-10-27 11:25:08 +02:00
Mateusz Starzyk
4cb9739038 Use separate MBEDTLS_MODE for the CCM*.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-10-27 10:42:31 +02:00
Gilles Peskine
4fa0725936
Merge pull request #5002 from mstarzyk-mobica/psa_output_buffer_limitation
Remove output buffer limitation for PSA with GCM.
2021-10-25 19:37:33 +02:00
Aaron Erhardt
9bb56dc6be Add return info to sha256 docs
Signed-off-by: Aaron Erhardt <aaron.erhardt@t-online.de>
2021-10-22 22:05:10 +02:00
Aaron Erhardt
a5a2399cb0 Remove mode param from AES-CTR docs
Signed-off-by: Aaron Erhardt <aaron.erhardt@t-online.de>
2021-10-22 22:05:04 +02:00
Mateusz Starzyk
30bd7fa607 Change error code for MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-10-22 10:33:32 +02:00
Mateusz Starzyk
594215be6e Add support for CCM*-no-tag to PSA.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-10-21 11:33:41 +02:00
Mateusz Starzyk
bb2ced33dd Ignore plaintext length for CCM*-no-tag.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-10-21 11:33:37 +02:00
Brett Warren
9e98573ca2 fix build fail with MBEDTLS_DEPRECATED
When deprecated functions are allowed

Signed-off-by: Brett Warren <brett.warren@arm.com>
2021-10-20 23:33:15 +01:00
Brett Warren
3a96d09898 export MBEDTLS_DEPRECATED from platform_util.h
Since there are no longer any alternative
MBEDTLS_DEPRECATED definitions in the codebase,
MBEDTLS_DEPRECATED can now be exported without breaking
anything.

Signed-off-by: Brett Warren <brett.warren@arm.com>
2021-10-20 23:33:15 +01:00
Gabor Mezei
90437e3762
Rename constant-time functions to have mbedtls_ct prefix
Rename functions to better suite with the module name.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-10-20 11:59:27 +02:00
Gabor Mezei
53dd04c13b
Remove unneeded include
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-10-20 11:19:16 +02:00
Gabor Mezei
765862c4f3
Move mbedtls_cf_memcmp to a new public header
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2021-10-19 12:22:25 +02:00
Gilles Peskine
6210320215
Merge pull request #4989 from AndrzejKurek/remove-ssl-export-keys
Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on
2021-10-18 17:53:56 +02:00
Gilles Peskine
2bb5e9c973
Merge pull request #4760 from gilles-peskine-arm/ecb-alt-ret-3.0
Catch failures of mbedtls_aes_crypt_ecb and its DES equivalents
2021-10-14 12:11:20 +02:00
Ronald Cron
e23bba04ee
Merge pull request #4927 from yuhaoth/pr/add-tls13-serverhello-utils
TLS 1.3: ServerHello: add  utils functions used by ServerHello
Regarding the merge job, there was only one of the failure we currently encounter on almost all PR (Session resume using tickets, DTLS: openssl client test case see #5012) thus we can consider that this PR passed CI.
2021-10-11 11:01:11 +02:00
Gilles Peskine
f6892dec2a Readability improvements
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-08 16:28:32 +02:00
Gilles Peskine
09c46da27e Implement PSA_WANT_KEY_TYPE_ARIA
Follow what has been done for CAMELLIA.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-08 15:48:16 +02:00
Jerry Yu
88b756bacb move tls1_3 max md size
It should be internal definition

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-08 18:41:38 +08:00
Jerry Yu
d1ab262844 define max md size for tls1_3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-08 16:19:24 +08:00
Jerry Yu
ae0b2e2a2f Rename counter_len
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-10-08 15:40:14 +08:00
Gilles Peskine
44c96aa046 Support PSA_ALG_RSA_PSS_ANY_SALT iff PSA_ALG_RSA_PSS is supported
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-05 14:26:25 +02:00
Gilles Peskine
acd2d0e923 New algorithm PSA_ALG_RSA_PSS_ANY_SALT
This is a variant of PSA_ALG_RSA_PSS which currently has exactly the same
behavior, but is intended to have a different behavior when verifying
signatures.

In a subsequent commit, PSA_ALG_RSA_PSS will change to requiring the salt
length to be what it would produce when signing, as is currently documented,
whereas PSA_ALG_RSA_PSS_ANY_SALT will retain the current behavior of
allowing any salt length (including 0).

Changes in this commit:

* New algorithm constructor PSA_ALG_RSA_PSS_ANY_SALT.
* New predicates PSA_ALG_IS_RSA_PSS_STANDARD_SALT (corresponding to
  PSA_ALG_RSA_PSS) and PSA_ALG_IS_RSA_PSS_ANY_SALT (corresponding to
  PSA_ALG_RSA_PSS_ANY_SALT).
* Support for the new predicates in macro_collector.py (needed for
  generate_psa_constant_names).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-05 14:26:25 +02:00
Mateusz Starzyk
f28261fc14 Remove output buffer limitation for PSA with GCM.
The requirement of minimum 15 bytes for output buffer in
psa_aead_finish() and psa_aead_verify() does not apply
to the built-in implementation of the GCM.

Alternative implementations are expected to verify the
length of the provided output buffers and to return
the MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL in case the
buffer length is too small.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-10-04 13:54:54 +02:00