yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
22232 commits 1 branch 0 tags 94 MiB
Commit graph

9807 commits

Author SHA1 Message Date
Gilles Peskine
42649d9270 Fix NULL+0 undefined behavior in ECB encryption and decryption 
psa_cipher_encrypt() and psa_cipher_decrypt() sometimes add a zero offset to
a null pointer when the cipher does not use an IV. This is undefined
behavior, although it works as naively expected on most platforms. This
can cause a crash with modern Clang+ASan (depending on compiler optimizations).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-23 14:16:52 +01:00
Ronald Cron
1d1d53622f
Merge pull request #6490 from xkqian/tls13_parse_early_data_indication_ee 
The internal CI merge job ran successfully.
 2022-11-23 12:31:25 +01:00
Ronald Cron
cb0e680779
Merge pull request #6476 from yuhaoth/pr/fix-tls13-mbedtls_ssl_is_handshake_over 
TLS 1.3: Fix tls13 mbedtls ssl is handshake over
 2022-11-23 12:12:02 +01:00
Xiaokang Qian
b157e915ad Move the early data status set afeter all of the extensions parse 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-23 08:12:26 +00:00
Xiaokang Qian
e861ba01d4 Remove the duplicate early_data_status check 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-23 03:21:02 +00:00
Xiaokang Qian
ca09afc60a Remove useless function and parse early data in ee 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-23 02:16:49 +00:00
Gilles Peskine
4f19d86e3f
Merge pull request #6608 from mprse/ecjpake_password_fix 
Make a copy of the password key in operation object while setting j-pake password
 2022-11-22 14:52:12 +01:00
Xiaokang Qian
8bee89994d Add parse function for early data in encrypted extentions 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-22 09:40:07 +00:00
Przemek Stekiel
0bdec19c93 Further optimizations of pake set_password implementation 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-22 09:10:35 +01:00
Jerry Yu
fdd24b8c49 Revert change in flight transmit 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-22 14:08:03 +08:00
Gilles Peskine
339406daf9
Merge pull request #6609 from gilles-peskine-arm/mpi_sint-min-ub 
Fix undefined behavior in bignum: NULL+0 and -most-negative-sint
 2022-11-21 19:51:58 +01:00
Przemek Stekiel
ad0f357178 Optimize pake code that sets/use password key 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-21 15:04:37 +01:00
Przemek Stekiel
e2d6b5f45b psa_key_slot_get_slot_number: Move documentation to header file 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-21 15:03:52 +01:00
Dave Rodgman
9e1836cc16
Merge pull request #6593 from Mbed-TLS/fix_tls12_sent_sigalgs 
Fix TLS1.2 signature algorithms list entry getting overwritten by length.
 2022-11-21 10:09:57 +00:00
Jerry Yu
9b421456b0 Revert change in dtls1.2 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu
668070d5f4 Remove unnecessary replace 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu
a8d3c5048f Rename new session ticket name for TLS 1.3 
NewSessionTicket is different with TLS 1.2.
It should not share same state.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu
cfda4bbeac Replace handshake over in flight transmit 
Fix deadloop in DTLS resumption test.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu
1fb3299ad7 Replace internal usage of is_handshake_over. 
NEW_SESSION_TICKETS* are processed in handshake_step.
Change the stop condition from `mbedtls_ssl_is_handshake_over`
to directly check.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Jerry Yu
5ed73ff6de Add NEW_SESSION_TICKET* into handshake over states 
All state list after HANDSHAKE_OVER as is_handshakeover

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Jerry Yu
6848a61922 Revert "Replace internal usage of mbedtls_ssl_is_handshake_over" 
This reverts commit 1d3ed2975e7ef0d84050a3aece02eec1f890dec3.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Jerry Yu
e219c11b4e Replace internal usage of mbedtls_ssl_is_handshake_over 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Andrzej Kurek
ec71b0937f Introduce a test for single signature algorithm correctness 
The value of the first sent signature algorithm is overwritten.
This test forces only a single algorithm to be sent and then
validates that the client received such algorithm.
04 03 is the expected value for SECP256R1_SHA256.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-11-17 14:58:14 +00:00
Paul Elliott
96a0fd951f Fix signature algorithms list entry getting overwritten by length. 
Fix bug whereby the supported signature algorithm list sent by the
server in the certificate request would not leave enough space for the
length to be written, and thus the first element would get overwritten,
leaving two random bytes in the last entry.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-11-17 14:58:14 +00:00
Przemek Stekiel
369ae0afc3 Zeroize pake password buffer before free 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-17 14:14:31 +01:00
Przemek Stekiel
152ae07682 Change password ec j-pake operation fields to more suitable 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-17 13:24:36 +01:00
Ronald Cron
d12922a69a
Merge pull request #6486 from xkqian/tls13_add_early_data_indication 
The merge job of the internal CI ran successfully. This is good to go.
 2022-11-17 12:48:50 +01:00
Przemyslaw Stekiel
1def5becc2 Add psa_get_and_lock_key_slot_with_policy to header file 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-16 16:28:04 +01:00
Xiaokang Qian
0cc4320e16 Add EARLY_DATA guard to the early data extension in session ticket 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-16 08:43:50 +00:00
Gilles Peskine
ef7f4e47b1 Express abs(z) in a way that satisfies GCC and MSVC 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-15 23:25:27 +01:00
Gilles Peskine
af601f9751 Fix undefined behavior with the most negative mbedtls_mpi_sint 
When x is the most negative value of a two's complement type,
`(unsigned_type)(-x)` has undefined behavior, whereas `-(unsigned_type)x`
has well-defined behavior and does what was intended.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-15 23:02:14 +01:00
Gilles Peskine
db14a9d180 Fix NULL+0 in addition 0 + 0 
Fix undefined behavior (typically harmless in practice) of
mbedtls_mpi_add_mpi(), mbedtls_mpi_add_abs() and mbedtls_mpi_add_int() when
both operands are 0 and the left operand is represented with 0 limbs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-15 23:00:21 +01:00
Przemek Stekiel
348410f709 Make a copy of the key in operation while setting pake password 
Additionally use psa_get_and_lock_key_slot_with_policy() to obtain key.
This requires making this function public. This will have to be solved while adding driver dipatch for EC-JPAKE.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-15 22:22:07 +01:00
Gilles Peskine
4a768dd17d Fix negative zero created by (-A) + (+A) or (-A) - (-A) 
In mbedtls_mpi_add_mpi() and mbedtls_mpi_sub_mpi(), and by extention
mbedtls_mpi_add_int() and mbedtls_mpi_sub_int(), when the resulting value
was zero, the sign bit of the result was incorrectly set to -1 when the
left-hand operand was negative. This is not a valid mbedtls_mpi
representation. Fix this: always set the sign to +1 when the result is 0.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-15 20:36:18 +01:00
Gilles Peskine
72ee1e3f3c Unify mbedtls_mpi_add_mpi and mbedtls_mpi_sub_mpi 
mbedtls_mpi_add_mpi() and mbedtls_mpi_sub_mpi() have the same logic, just
with one bit to flip in the sign calculation. Move the shared logic to a new
auxiliary function. This slightly reduces the code size (if the compiler
doesn't inline) and reduces the maintenance burden.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-15 20:30:09 +01:00
Xiaokang Qian
2cd5ce0c6b Fix various issues cause rebase to latest code 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-15 10:33:53 +00:00
Janos Follath
4d0ea7f4cc
Merge pull request #6550 from minosgalanakis/minos/6017_add_montgomery_conversion 
Bignum: Add Montgomery conversion from/to cannonical form
 2022-11-14 11:12:13 +00:00
Xiaokang Qian
fe3483f9a1 Update early data doument and config dependencies 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:22 +00:00
Xiaokang Qian
ae07cd995a Change ticket_flag base on review 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:22 +00:00
Xiaokang Qian
2d87a9eeb5 Pend one alert in case wrong EXT_EARLY_DATA length 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:22 +00:00
Xiaokang Qian
a042b8406d Address some format issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:16:19 +00:00
Xiaokang Qian
f447e8a8d3 Address comments base on reviews 
Improve early data indication check
Update test case to gnutls server

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:36 +00:00
Xiaokang Qian
a341225fd0 Change function name ssl_tls13_early_data_has_valid_ticket 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:05 +00:00
Xiaokang Qian
01323a46c6 Add session ticket related check when send early data 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:05 +00:00
Xiaokang Qian
ecc2948f21 Fix format issues 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:05 +00:00
Xiaokang Qian
76332816c7 Define the EARLY_DATA_STATUS 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:05 +00:00
Xiaokang Qian
338f727683 Move EARLY_DATA_OFF/ON guard to ssl_misc.h 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:15:03 +00:00
Xiaokang Qian
b781a2323c Move ssl_tls13_has_configured_ticket() back to tls13 client 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:13:51 +00:00
Xiaokang Qian
893ad81966 Remove useless early_secrets field 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:13:51 +00:00
Xiaokang Qian
911c0cc4f0 Fix format issues in comments 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-14 03:13:50 +00:00