mbedtls

Author	SHA1	Message	Date
Neil Armstrong	79daea25db	Handle and return translated PSA errors in ssl_cookie.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-21 12:05:51 +01:00
Neil Armstrong	2d5e343c75	Use inline PSA code instead of using ssl_cookie_hmac in mbedtls_ssl_cookie_write() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-21 11:39:52 +01:00
Manuel Pégourié-Gonnard	f4042f076b	Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac TLS record HMAC	2022-03-21 11:36:44 +01:00
Manuel Pégourié-Gonnard	706f6bae27	Merge pull request #5518 from superna9999/5274-ecdsa-signing PK: ECDSA signing	2022-03-21 09:57:57 +01:00
Manuel Pégourié-Gonnard	472044f21e	Merge pull request #5525 from superna9999/5161-pk-rsa-encryption PK: RSA encryption	2022-03-21 09:57:38 +01:00
Ronald Cron	8d7afc642c	Merge pull request #5523 from ronald-cron-arm/one-flush-output-development TLS 1.3: One flush output	2022-03-21 08:44:04 +01:00
Neil Armstrong	62e6ea2c22	Avoid spurious write to *olen in PSA version of rsa_encrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 15:39:49 +01:00
Neil Armstrong	17a0655c8d	Add documentation to find_ecdsa_private_key() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 15:27:38 +01:00
Neil Armstrong	05132ed490	md_alg is used in ecdsa_sign_wrap(), cleanup code Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 15:14:57 +01:00
Neil Armstrong	cb753a6945	Use mbedtls_eckey_info directly in ecdsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 15:14:48 +01:00
Przemek Stekiel	711d0f5e29	Add implemetation of ECP keypair export function Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-18 13:52:26 +01:00
Manuel Pégourié-Gonnard	e5b53193e0	Merge pull request #5636 from mprse/tls_ecdh_2b TLS ECDH 2b: client-side static ECDH (1.2)	2022-03-18 11:36:53 +01:00
Neil Armstrong	29c0c040fc	Only make PSA HMAC key exportable when NULL or CBC & not EtM in ssl_tls12_populate_transform() This requires moving the HMAC init after CIPHER init. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:10:09 +01:00
Neil Armstrong	9ebb9ff60c	Reduce HMAC buffer usage in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:09:58 +01:00
Neil Armstrong	72c2f76c43	Assume MAC key length is always exactly the output size in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:09:36 +01:00
Neil Armstrong	36cc13b340	Use PSA defines for buffers in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:09:20 +01:00
Neil Armstrong	ae57cfd3e7	Use psa_ssl_status_to_mbedtls in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 10:00:10 +01:00
Neil Armstrong	28d9c631b8	Fix comments in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 10:00:10 +01:00
Ron Eldor	183264cb95	Fix shared library link error with cmake on Windows Set the library path as the current binary dir Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-03-17 12:07:50 +00:00
Manuel Pégourié-Gonnard	8d4bc5eeb9	Merge pull request #5481 from gabor-mezei-arm/5401_implement_hkdf_extract_based_on_psa_hmac HKDF 1a: Implement Extract in TLS 1.3 based on PSA HMAC	2022-03-17 11:55:48 +01:00
Manuel Pégourié-Gonnard	15c0e39fff	Merge pull request #5519 from superna9999/5150-pk-rsa-decryption PK: RSA decryption	2022-03-17 11:02:13 +01:00
Manuel Pégourié-Gonnard	7c92fe966a	Merge pull request #5614 from gabor-mezei-arm/5203_tls_cipher_tickets_use_psa_for_protection TLS Cipher 2a: tickets: use PSA for protection	2022-03-17 09:50:09 +01:00
Manuel Pégourié-Gonnard	560ef5975c	Merge pull request #5613 from mprse/tls_ecdh_2a TLS ECDH 2a: server-side ECDHE-ECDSA and ECDHE-RSA (1.2)	2022-03-17 09:29:41 +01:00
Przemek Stekiel	068a6b4013	ssl_check_server_ecdh_params():Adapt build flags Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-17 07:54:09 +01:00
Neil Armstrong	da1d80db19	Use mbedtls_rsa_info directly in rsa_encrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-16 15:36:32 +01:00
Neil Armstrong	7b1dc85919	Simplify padding check and get rid of psa_sig_md in rsa_encrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-16 15:36:06 +01:00
Neil Armstrong	6b03a3de5c	Use mbedtls_rsa_info directly in rsa_decrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-16 15:31:07 +01:00
Neil Armstrong	8e80504b46	Simplify padding check and get rid of psa_sig_md in rsa_decrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-16 15:30:31 +01:00
Gabor Mezei	103e08aab9	Fix return value handling Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-16 13:45:41 +01:00
Przemek Stekiel	561a42392a	ssl_parse_signature_algorithm(): refactor PSA CRYPTO code - use mbedtls_ecp_point_write_binary() instead mbedtls_mpi_write_binary(). - add check for ECDH curve type in server's certificate Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 13:16:24 +01:00
Gabor Mezei	5b8b890a61	Check PSA functions' return value before converting Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-16 12:56:58 +01:00
Gabor Mezei	36c9f51ef2	Use size_t instead of int to silence compiler warnings Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-16 12:55:32 +01:00
Gabor Mezei	4f4bac7e22	Remove blank lines Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-16 12:54:27 +01:00
Przemek Stekiel	dd482bfd6a	Modify own_pubkey_max_len calculation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 11:43:22 +01:00
Przemek Stekiel	a4e15cc0d5	Fix comment: add fields size Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 11:32:42 +01:00
Przemek Stekiel	855938e17d	Move mbedtls_ecdh_setup() to no-psa path Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 11:29:29 +01:00
Przemek Stekiel	338b61d6e4	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 11:24:09 +01:00
Przemek Stekiel	d905d33488	ssl_write_client_key_exchange(): enable psa support for ECDH-ECDSA and ECDH-RSA key exchange Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 09:50:56 +01:00
Przemek Stekiel	ea4000f897	ssl_parse_signature_algorithm(): populate psa handshake fields when psa crypto is enabled Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 09:49:33 +01:00
Dave Rodgman	2cecd8aaad	Merge pull request #3624 from daxtens/timeless RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test	2022-03-15 16:43:19 +00:00
Przemek Stekiel	ce1d792315	Remove duplicated code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-14 16:16:25 +01:00
Neil Armstrong	169e61add6	Zeroise stack buffer containing private key Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-14 14:26:49 +01:00
Neil Armstrong	3aca61fdfc	Zeroise stack buffer containing private key Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-14 14:24:48 +01:00
Dave Rodgman	868d38f50f	Merge pull request #5547 from tom-cosgrove-arm/seclib-667-sha256-acceleration-mbedtls-internal SECLIB-667: Accelerate SHA-256 with A64 crypto extensions	2022-03-14 12:57:37 +00:00
Przemek Stekiel	fc91a1f030	Use PSA for private key generation and public key export only for ECDHE keys This should be cleaned when server-side static ECDH (1.2) support is added (#5320). Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-14 12:05:27 +01:00
Przemek Stekiel	a21af3da00	Use mbedtls_psa_parse_tls_ecc_group() instead PSA_KEY_TYPE_ECC_KEY_PAIR( mbedtls_ecc_group_to_psa() ) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-14 10:09:13 +01:00
Przemek Stekiel	0a60c129de	Add intermediate variables to increase code readability Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-14 09:54:51 +01:00
Przemek Stekiel	e9f00445bc	Destroy ecdh_psa_privkey on failure Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-14 09:42:32 +01:00
Przemek Stekiel	130c4b5567	Use PSA version of key agreement only for ECDHE keys This should be cleaned when server-side static ECDH (1.2) support is added (#5320). Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-14 09:18:24 +01:00
Manuel Pégourié-Gonnard	c11bffe989	Merge pull request #5139 from mprse/key_der_ecc PSA: implement key derivation for ECC keys	2022-03-14 09:17:13 +01:00
Gilles Peskine	81d903f5aa	Merge pull request #5510 from SiliconLabs/feature/PSEC-3269-MD-X.509-hashing feat: MD: X.509 hashing	2022-03-10 20:16:43 +01:00
Gilles Peskine	afb482897b	Merge pull request #5292 from mprse/asym_encrypt Driver dispatch for PSA asymmetric encryption + RSA tests	2022-03-10 20:07:38 +01:00
Gabor Mezei	49c8eb3a5a	Enable chachcapoly cipher for SSL tickets Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-10 17:09:59 +01:00
Gabor Mezei	2a02051286	Use PSA in TLS ticket handling Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-10 17:09:59 +01:00
Gabor Mezei	e6d867f476	Typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-10 15:04:58 +01:00
Ronald Cron	a8b38879e1	Move state change from CLIENT_CERTIFICATE_VERIFY to its main handler Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-10 13:58:17 +01:00
Ronald Cron	7a94aca81a	Move state change from CLIENT_CERTIFICATE to its main handler Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-10 13:58:04 +01:00
Manuel Pégourié-Gonnard	10e5cdbbbf	Merge pull request #5454 from gstrauss/cert_cb-user_data server certificate selection callback	2022-03-10 11:51:42 +01:00
Przemek Stekiel	fd32e9609b	ssl_parse_client_key_exchange(): read the curve identifier and the peer's public key and compute the shared secret using PSA Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-09 16:01:59 +01:00
Przemek Stekiel	b6ce0b6cd8	ssl_prepare_server_key_exchange(): generate a private/public key and write out the curve identifier and public key using PSA Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-09 16:01:50 +01:00
Ronald Cron	5bb8fc830a	Call Certificate writing generic handler only if necessary Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	3f20b77517	Improve comment Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	00d012f2be	Fix type of force_flush parameter Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	9f55f6316e	Move state change from CSS states to their main handler Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	3addfa4964	Move state change from WRITE_CLIENT_HELLO to its main handler Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	66dbf9118e	TLS 1.3: Do not send handshake data in handshake step handlers Send data (call to mbedtls_ssl_flush_output()) only from the loop over the handshake steps. That way, we do not have to take care of the partial writings (MBEDTLS_ERR_SSL_WANT_WRITE error code) on the network in handshake step handlers. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	9df7c80c78	TLS 1.3: Always go through the CLIENT_CERTIFICATE state Even if certificate authentication is disabled at build time, go through the MBEDTLS_SSL_CLIENT_CERTIFICATE state. It simplifies overall the code for a small code size cost when certificate authentication is disabled at build time. Furthermore that way we have only one point in the code where we switch to the handshake keys for record encryption. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:50:08 +01:00
Paul Elliott	17f452aec4	Merge pull request #5448 from lhuang04/tls13_alpn Port ALPN support for tls13 client from tls13-prototype	2022-03-08 17:53:38 +00:00
Manuel Pégourié-Gonnard	d815114f93	Merge pull request #5524 from mprse/tls_ecdh_2c TLS ECDH 2c: ECHDE in TLS 1.3 (client-side)	2022-03-08 11:43:45 +01:00
Przemek Stekiel	c85f0912c4	psa_crypto.c, test_suite_psa_crypto.function: fix style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-08 11:37:54 +01:00
Gilles Peskine	44311f5c98	Merge pull request #5571 from superna9999/5162-pk-rsa-signing PK: RSA signing	2022-03-07 17:09:14 +01:00
Gilles Peskine	15364ffb03	Merge pull request #5579 from SiliconLabs/erase_secret_before_free Erase secrets in allocated memory before freeing said memory	2022-03-07 17:04:04 +01:00
Neil Armstrong	6d5baf5f1e	Use PSA MAC verify API in mbedtls_ssl_cookie_check() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-07 14:33:21 +01:00
Neil Armstrong	be52f500c8	Use PSA_ALG_TRUNCATED_MAC() to limit to COOKIE_HMAC_LEN in mbedtls_ssl_cookie_setup() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-07 14:33:21 +01:00
Neil Armstrong	7cd0270d6c	Drop mutex in mbedtls_ssl_cookie_ctx when PSA is used Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-07 14:33:21 +01:00
Neil Armstrong	2217d6f825	Generate cookie MAC key with psa_generate_key Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-07 14:33:21 +01:00
pespacek	b9ca22dead	Improving readability of x509_crt and x509write_crt for PR Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-03-07 13:59:44 +01:00
pespacek	d924e55944	Improving readability of x509_crt and x509write_crt Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-03-07 13:31:54 +01:00
Przemek Stekiel	7fc0751f78	Restore build options for mbedtls_ecc_group_of_psa() and related functions Additional issue created to simplifiy usage of BUILTIN_KEY_TYPE_xxx && BUILTIN_ALG_yy macros https://github.com/ARMmbed/mbedtls/issues/5596 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-06 20:43:46 +01:00
Neil Armstrong	77b69ab971	Remove non-PSA MAC key in mbedtls_ssl_cookie_ctx Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-04 14:45:45 +01:00
Neil Armstrong	23d34ce372	Use PSA HMAC API in ssl_cookie_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-04 14:45:45 +01:00
Neil Armstrong	d633201279	Import PSA HMAC key in mbedtls_ssl_cookie_setup() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-04 14:45:18 +01:00
Andrzej Kurek	09e803ce0d	Provide a dummy implementation of timing.c Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Andrzej Kurek	108bf520e0	Add a missing guard for time.h in net_sockets.c Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Daniel Axtens	f071024bf8	Do not include time.h without MBEDTLS_HAVE_TIME MBEDTLS_HAVE_TIME is documented as: "System has time.h and time()." If that is not defined, do not attempt to include time.h. A particular problem is platform-time.h, which should only be included if MBEDTLS_HAVE_TIME is defined, which makes everything messier. Maybe it should be refactored to have the check inside the header. Signed-off-by: Daniel Axtens <dja@axtens.net>	2022-03-04 05:07:45 -05:00
Neil Armstrong	bca99ee0ac	Add PSA key in mbedtls_ssl_cookie_ctx Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-04 10:20:20 +01:00
Neil Armstrong	e87804920a	Use new PSA to mbedtls PK error mapping functions in rsa_decrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:54:16 +01:00
Neil Armstrong	b556a42656	Use now shared RSA_PRV_DER_MAX_BYTES define in pk_wrap.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:52:47 +01:00
Neil Armstrong	f47135756c	Map INVALID_PADDING from PSA to MbedTLS error in rsa_decrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:52:47 +01:00
Neil Armstrong	0d46786034	Fix style issue in rsa_decrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:52:47 +01:00
Neil Armstrong	f1b564bb8d	Check psa_destroy_key() return in rsa_decrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:52:47 +01:00
Neil Armstrong	18f43c7304	PK: RSA decrypt PSA wrap implementation Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:52:47 +01:00
Neil Armstrong	e4edcf761d	Use new PSA to mbedtls PK error mapping functions in ecdsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:46:41 +01:00
Neil Armstrong	ff70f0bf77	Check psa_destroy_key() return in rsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	edcc73c992	Fix 80 characters indentation in ecdsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	dab14de96a	Use now shared ECP_PRV_DER_MAX_BYTES define in pk_wrap.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	15021659d1	Move pk_ecdsa_sig_asn1_from_psa() before ecdsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	5874aa38f7	Fix style issue in find_ecdsa_private_key() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	cf5a215a43	Check psa_destroy_key() return in rsa_verify_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	e960690b89	PK: ECDSA signing PSA wrap implementation Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	db69c5213f	Use new PSA to mbedtls PK error mapping functions in rsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:41:23 +01:00
Neil Armstrong	66fa769ae8	Fix 80 characters indentation in rsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	4b1a059f7d	Use now shared RSA_PRV_DER_MAX_BYTES define in pk_wrap.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	48a9833cdf	Check psa_destroy_key() return in rsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	e4f28688fd	Fix comment typo in rsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	9854568204	PK: RSA signing PSA wrap implementation Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	3770e2483f	Use new PSA to mbedtls PK error mapping functions in pk_wrap.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:37:33 +01:00
Neil Armstrong	deb4bfb2b9	Use now shared RSA_PUB_DER_MAX_BYTES define in pk_wrap.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	9dccd866c3	Check psa_destroy_key() return in ecdsa_verify_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	7dd3b20d36	Check psa_destroy_key() return in rsa_encrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	ac014ca5d9	Fix comment typos in rsa_encrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	96a16a429b	PK: RSA encrypt PSA wrap implementation Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Gilles Peskine	1f13e984ad	Merge pull request #5529 from superna9999/5514-translate-psa-errs-to-mbedtls Rename, move and refine PSA to mbedtls PK errors mappings	2022-03-03 13:30:29 +01:00
Gilles Peskine	d929dbbb25	Merge pull request #5368 from mfil/feature/additional_md_getters Add function to get message digest info from context	2022-03-02 16:44:26 +01:00
Gilles Peskine	e8c8300190	Merge pull request #5581 from superna9999/pk-move-rename-rsa-ec-key-sizes Move max sizes of RSA & EC DER keys into public header	2022-03-02 16:41:53 +01:00
Neil Armstrong	6828d8fdc4	Return MBEDTLS_ERR_SSL_BAD_INPUT_DATA if MAC algorithm isn't supported in ssl_tls.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-02 15:37:11 +01:00
Neil Armstrong	6958bd0206	Clean aux_out in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-02 15:37:11 +01:00
Neil Armstrong	4313f55a13	Simplify error handling of PSA mac operationsg in ssl_msg.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-02 15:37:04 +01:00
Neil Armstrong	321116c755	Remove spurious debug in ssl_tls12_populate_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-02 15:06:15 +01:00
Przemek Stekiel	e894c5c4a5	Fix code style (indentation) in ssl_tls13_generate_and_write_ecdh_key_exchange() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-02 08:45:56 +01:00
Paul Elliott	06898650f9	Merge pull request #5471 from yuhaoth/pr/add-tls13-client-certificate-verify TLS1.3: Add write client Certificate and CertificateVerify	2022-03-01 18:42:00 +00:00
Przemek Stekiel	15565eeb59	Move publick key check out of MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 17:01:39 +01:00
Neil Armstrong	19915c2c00	Rename error translation functions and move them to library/pk_wrap.* Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 15:21:02 +01:00
Przemek Stekiel	a81aed2dae	Clean up init values of psa crypto status and fix switch default case Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 15:13:30 +01:00
Przemek Stekiel	f110dc05be	Clenup conditional compilation flags. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 14:48:05 +01:00
Przemek Stekiel	dcab6ccb3b	Return PSA_ERROR_INVALID_ARGUMENT for a public key, and PSA_ERROR_NOT_SUPPORTED for a type that is not handled. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 14:29:49 +01:00
Neil Armstrong	0f49f83625	Use now shared ECP_PUB_DER_MAX_BYTES define in pk_wrap.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 10:05:33 +01:00
Neil Armstrong	e9ecd27890	Rename max sizes of RSA & EC DER keys defines Rename to match the required pattern of defines: '^(MBEDTLS\|PSA)_[0-9A-Z_]*[0-9A-Z]$' Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 10:03:21 +01:00
Neil Armstrong	e0326a6acc	Move max sizes of RSA & EC DER keys into private pkwrite.h Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 09:58:58 +01:00
Glenn Strauss	6989407261	Add accessor to retrieve SNI during handshake Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 19:55:53 -05:00
Glenn Strauss	36872dbd0b	Provide means to reset handshake cert list Extend mbedtls_ssl_set_hs_own_cert() to reset handshake cert list if cert provided is null. Previously, mbedtls_ssl_set_hs_own_cert() only provided a way to append to the handshake certificate list, without providing a way to replace the handshake certificate list. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 19:55:48 -05:00
Glenn Strauss	2ed95279c0	Add server certificate selection callback https://github.com/ARMmbed/mbedtls/issues/5430 Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 17:31:49 -05:00
Neil Armstrong	e858996413	Use PSA version of mbedtls_ct_hmac() in mbedtls_ssl_decrypt_buf() Due to mbedtls_ct_hmac() implementation the decryption MAC key must be exportable. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:17:50 +01:00
Neil Armstrong	2968d306e4	Implement mbedtls_ct_hmac() using PSA hash API Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:50 +01:00
Neil Armstrong	cf8841a076	Remove non-PSA MAC keys in mbedtls_ssl_transform when MBEDTLS_USE_PSA_CRYPTO is defined Also remove last usage of non-PSA MAC keys in ssl_decrypt_non_etm_cbc() SSL test. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Neil Armstrong	26e6d6764e	Use PSA MAC API in mbedtls_ssl_encrypt/decrypt_buf() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Neil Armstrong	0760ade761	Setup & Import HMAC keys in ssl_tls12_populate_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Steven Cooreman	cd5be32191	Erase secrets in allocated memory before freeing said memory Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2022-02-25 11:14:59 +01:00
Andrzej Kurek	a0237f86d3	Add missing key destruction calls in ssl_write_client_key_exchange Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-25 04:36:40 -05:00
Tom Cosgrove	7e7aba8c9d	Rename mbedtls_a64_crypto_sha256_check_support() to mbedtls_a64_crypto_sha256_determine_support() The Mbed TLS coding standard specifies that "check" functions must return 0 for success (i.e. feature present), while "has" functions should return 1 for true. Since we were using "check" to do the actual check, and "has" to get the cached value, having inverted values here would be confusing. Therefore, rename "check" to "determine", as that's what those functions are doing. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-02-24 08:33:11 +00:00
Jerry Yu	71f36f1d2e	change alert message type Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-23 17:34:29 +08:00
Neil Armstrong	39b8e7dde4	Add, Initialize & Free HMAC keys in mbedtls_ssl_transform Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-23 09:24:57 +01:00
Jerry Yu	0b7b101b3b	fix warnings Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-23 12:26:48 +08:00
Jerry Yu	2ff6ba1df0	Remove rsa_pss_rsae_sha256 support. Sign rsa is not thread safe. Remove it from current code. And a thread-safe version should be re-introduce in future. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-23 10:38:25 +08:00
Przemyslaw Stekiel	91ebfc0402	Adapt compilation flags for ECC key derivation Use conditional compilation flags for building ECC key derivation code consistent with flags used for mbedtls_ecc_group_of_psa(). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 15:50:30 +01:00
Neil Armstrong	3f9cef4547	Remove actual and use new PSA to mbedtls PK errors mapping functions Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 15:44:39 +01:00
Neil Armstrong	ea761963c5	Add specialized PSA to mbedtls PK/RSA error mapping function Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 14:37:00 +01:00
Neil Armstrong	cd501f406e	Add specialized PSA to mbedtls PK/ECDSA error mapping function Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 14:37:00 +01:00
Neil Armstrong	a3fdfb4925	Introduce new PSA to mbedtls PK error mapping function Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 14:37:00 +01:00
Przemyslaw Stekiel	76960a7217	mbedtls_mpi_read_binary() document that function guarantees to return an MPI with exactly the necessary number of limbs and remove redundant call to mbedtls_mpi_grow() Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	aeaa4f0651	Code optimization - fix codding style - fix comments and descriptions - add helper function for montgomery curve - move N-2 calculation outside the loop - fix access to <data> bytes: data[x] -> (data)[x] Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	6d3d18b2dc	psa_generate_derived_key_internal, psa_generate_derived_ecc_key_weierstrass_helper: optimize the code Perform the following optimizations: - fix used flags for conditional compilation - remove redundant N variable - move loop used to generate valid k value to helper function - fix initial value of status - fix comments Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	924815982a	Workaround for VS compiler build error The following error was reported by CI for win32/release builds: 37>Done Building Project "C:\builds\workspace\mbed-tls-pr-head_PR-5139-head\worktrees\tmp_nn5muy8\visualc\VS2010\gen_entropy.vcxproj.metaproj" (Rebuild target(s)). 67>c:\builds\workspace\mbed-tls-pr-head_pr-5139-head\worktrees\tmp_nn5muy8\library\psa_crypto.c(4840): fatal error C1001: An internal error has occurred in the compiler. [C:\builds\workspace\mbed-tls-pr-head_PR-5139-head\worktrees\tmp_nn5muy8\visualc\VS2010\key_ladder_demo.vcxproj] (compiler file 'f:\dd\vctools\compiler\utc\src\p2\main.c', line 228) To work around this problem, try simplifying or changing the program near the locations listed above. Please choose the Technical Support command on the Visual C++ Help menu, or open the Technical Support help file for more information Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	e33ae7186e	psa_crypto.c: adapt macros Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	dc215f4b97	Simplify calculations for clear mask Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	d80b6ed46d	Use loop instead goto and fix misleading variable name Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	dc8d7d9211	fix mbedtls/psa status code mismatch Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	871a336028	Remove redundant psa_generate_derived_ecc_key_weierstrass_check_config() Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	aaa1ada086	psa_generate_derived_ecc_key_weierstrass_check_config: Build only when ECC enabled Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	50fcc535e5	Add Weierstrass curve/bits consistancy check + negative test vectors Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel	58ce8d8fb6	Add support for Montgomery curves Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel	705fb0f918	Only Weierstrass curves supported Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel	c6e4c512af	psa_crypto.c: fix warning on windows compiler Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel	1dfd1224dc	psa_generate_derived_ecc_key_helper: compile only when ECC is supported Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel	653481632e	psa_generate_derived_ecc_key_helper: fix bugs found during testing Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel	d8cdcba970	Move derivation of ECC private key to helper function and refactor code Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel	1608e33606	PSA: implement key derivation for ECC keys Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:26:46 +01:00
Jerry Yu	782720787f	Refactor write_certificate_verify Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:28:13 +08:00
Jerry Yu	2124d05e06	Add sha384 and sha512 case Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	d66409ae92	Add non support sig alg check and test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	c8d8d4e01a	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	7db5b8f68c	add rsa_pss_rsae_sha256 write support Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	3391ac00d3	fix various issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	ca133a34c5	Change state machine Skip CertificateVerfiy if empty certificate or no CertificateRequest received. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	537530d57a	Add certificate request echo Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	3e536442f5	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	a23b9d954c	fix undefine error Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	7399d0d806	refactor write certificate Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	1bb5a1ffe3	Implement received sig_algs check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	32e0c2d526	fix server only build fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	90f152dfac	fix psk only build fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	72637c734b	fix write certificate fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	8511f125af	Add certificteVerify Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	5cc3506c9f	Add write certificate and client handler Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	566c781290	Add dummy state for client_certifiate Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Ronald Cron	4579a972bf	Merge pull request #5426 from gilles-peskine-arm/ssl-get-version-3.1 Add accessors to mbedtls_ssl_context: user data, version ABI-API-checking fails which was expected as this PR adds a new field in mbedtls_ssl_context and mbedtls_ssl_config.	2022-02-21 17:03:24 +01:00
Manuel Pégourié-Gonnard	e3a2dd787e	Merge pull request #5521 from AndrzejKurek/rsa-pss-use-psa Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO	2022-02-21 16:58:57 +01:00
Gabor Mezei	d860e0f18b	Add comment Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	0e7c6f4961	Check return value of psa_destroy_key Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	26c6741c58	Add better name for variable. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	320d21cecf	Update documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	c5efb8e58b	Use PSA error code Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:38 +01:00
Gabor Mezei	89c1a95f8f	Delete leftover code Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:42:59 +01:00
Gabor Mezei	b1f53976ee	Add documentation for mbedtls_psa_hkdf_extract Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:42:59 +01:00
Gabor Mezei	62bf024025	Make the mbedtls_psa_hkdf_extract function more PSA compatible Change the return value to `psa_status_t`. Add `prk_size` and `prk_len` parameters. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:42:57 +01:00
Gabor Mezei	9f4bb319c9	Implement HKDF extract in TLS 1.3 based on PSA HMAC Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:23:29 +01:00
Gilles Peskine	66971f8ab1	Add prototype for automatically generated debug helper Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	c63a1e0e15	Fix mbedtls_ssl_get_version() for TLSv1.3 Test it in ssl-opt.sh. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	e1a0c25f71	New function to access the TLS version from a context as an enum Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Tom Cosgrove	b9987fc344	Handle MBEDTLS_SHA256_USE_A64_* on Windows on ARM64 too Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-02-21 12:26:11 +00:00
Paul Elliott	436b72690d	Merge pull request #5362 from yuhaoth/pr/enable-tls13-only-build TLS1.3:Enable tls13 only build	2022-02-21 11:22:37 +00:00
Tom Cosgrove	f3ebd90a1c	SECLIB-667: Accelerate SHA-256 with A64 crypto extensions Provide an additional pair of #defines, MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT and MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. At most one of them may be specified. If used, it is necessary to compile with -march=armv8-a+crypto. The MBEDTLS_SHA256_PROCESS_ALT and MBEDTLS_SHA256_ALT mechanisms continue to work, and are mutually exclusive with A64_CRYPTO. There should be minimal code size impact if no A64_CRYPTO option is set. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-02-21 08:37:26 +00:00
Manuel Pégourié-Gonnard	9b545c04f7	Merge pull request #5520 from gabor-mezei-arm/5402_implement_hkdf_expand_based_on_psa_hmac HKDF 1b: Implement Expand in TLS 1.3 based on PSA HMAC	2022-02-21 09:30:31 +01:00
Jerry Yu	f1b23caa4e	move wrong comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	18621dfd23	remove extra empty line Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	50f2f703a7	remove extra guards Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	840fbb2817	guards populate_transform reference Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	4f9e3efbeb	move session_save/load_tls12 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	d9d91da7c7	move sig_hash_* Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	ee40f9d4b3	move get_key_exchange_md_tls12 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	9bccc4c63f	move populate_transform Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	e93ffcd2c7	move tls_prf_get_type Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	392112c058	move tls12prf_from_cs Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	0b3d7c1ea1	move parse_finished Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	3c8e47bbbf	move write_finished Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	2a9fff571d	move wrapup Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	aef0015ba0	move wrapup_free_hs_transform Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	b7ba49ef74	move calc_finished_tls_sha384 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	615bd6f5b9	move calc_finished_tls_sha256 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	d952669ad8	move write_certificate Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	c2c673da59	move resend_hello_request Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	ce3dca4175	move psk_derive_premaster Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	c1cb384708	move calc_verify_tls_sha384 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	8392e0dae4	move calc_verify_tls_sha256 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	d62f87e151	move derive_keys Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	2a7b5ac791	move compute_master Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	d6ab235972	move use_opaque_psk Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	f009d86186	move set_handshake_prfs Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	dc7bd17d11	move tls_prf_sha256/384 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	ed14c93008	add static prototypes prepare for moving functions Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	53d23e2c95	Guards tls_prf functions with TLS1_2 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	c73c618094	Wrap function not used by test_tls13_only Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> # Conflicts: # library/ssl_tls13_generic.c	2022-02-21 09:06:00 +08:00
Jerry Yu	bef175db96	Wrap derive_keys with TLS1_2 option Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	cc43c6bee5	fix coding style issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	e754193e87	Remove guard inside ssl_srv.c Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	fb4b6478ee	tls13_only: improve guards of files. To improve readability of the preprocess guards. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	db8c48aaff	tls13_only:Remove unnecessary functions Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	7d2396332d	fix wrong setting of max_minor version Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	c5aef88be6	tls13_only: guard ssl_{cli,srv}.c with TLS1_2 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	c10f6b4735	tls13_only: simple test pass Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	c3091b1c8c	tls13_only: compile pass Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Andrzej Kurek	d70fa0e327	Restructure error handling in mbedtls_pk_verify_ext Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-17 10:51:15 -05:00
pespacek	3015148ae6	Improving readability Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-17 16:08:23 +01:00
Gabor Mezei	8e3602569b	Typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-17 11:50:02 +01:00
Manuel Pégourié-Gonnard	4fa604cc3b	Merge pull request #5511 from SiliconLabs/feature/PSEC-3195-PSA-test-suites-NOT-using-UID-0 feat: Update test_suite_psa_its to NOT use UID=0	2022-02-17 11:49:33 +01:00
Gilles Peskine	57b1ff39c2	Merge pull request #5377 from hanno-arm/ecp_add_mixed_fewer_mpis Minor improvements to ECC arithmetic subroutines	2022-02-17 10:27:18 +01:00
Manuel Pégourié-Gonnard	3d1f8b9c00	Merge pull request #5532 from ronald-cron-arm/tls13_and_use_psa_crypto Make TLS 1.3 compatible with MBEDTLS_USE_PSA_CRYPTO	2022-02-16 17:33:47 +01:00
Andrzej Kurek	59550537f0	Change signature_length type to size_t Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-16 07:46:42 -05:00
Andrzej Kurek	4a953cdd9f	pk: properly handle signatures in larger buffers when using PSA As stated in function documentation. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-16 06:13:35 -05:00
Gabor Mezei	8d5a4cbfdb	Check return value of psa_destroy_key Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-15 16:23:17 +01:00
Gabor Mezei	833713c35c	Add better name for variable Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-15 16:16:08 +01:00
Andrzej Kurek	8666df6f18	Add signature length mismatch handling when using PSA in pk_verify_ext Introduce a regression test for that too. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-15 08:23:02 -05:00
Andrzej Kurek	90ba2cbd0a	Cosmetic changes to return placement and variable naming Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-15 08:18:44 -05:00
Manuel Pégourié-Gonnard	a1b506996d	Merge pull request #5526 from paul-elliott-arm/fix_fuzzer_null_ref Ensure ctr_drbg is initialised every time in fuzz_server	2022-02-15 10:31:03 +01:00
Ronald Cron	b788c044b7	Use PSA status to Mbed TLS error code conversion function Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-02-15 09:14:15 +01:00
Manuel Pégourié-Gonnard	e14b644f4d	Merge pull request #5456 from mpg/cleanup-ecdh-psa Cleanup PSA-based ECDHE in TLS 1.2	2022-02-15 09:09:07 +01:00
Przemyslaw Stekiel	0f5ecefbe9	Clean up the code - remove redundant local buffer - fix code style Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-15 08:53:36 +01:00
Przemyslaw Stekiel	4b3fff43a8	Destroy ecdh_psa_privkey on HRR Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-15 08:53:26 +01:00
Przemyslaw Stekiel	169f115bf0	ssl_client2: init psa crypto for TLS 1.3 build Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-14 17:15:04 +01:00
lhuang04	86cacac91a	Port ALPN support for tls13 client from tls13-prototype Summary: Port ALPN implementation of tls13 client from [tls13-prototype](https://github.com/hannestschofenig/mbedtls/blob/tls13-prototype/library/ssl_tls13_client.c#L1124). Test Plan: Reviewers: Subscribers: Tasks: Tags: Signed-off-by: lhuang04 <lhuang04@fb.com>	2022-02-14 08:03:32 -08:00
pespacek	a6e955e729	X.509: x509write_crt_set_key_identifier created Function mbedtls_x509write_crt_set_key_identifier was implemented to provide functionality of both mbedtls_x509write_crt_set_authority_key_identifier and mbedtls_x509write_crt_set_subject_key_identifier. Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-14 15:20:57 +01:00
pespacek	a7a646986f	Improving readability Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-14 15:18:43 +01:00
pespacek	b9f07a79a7	Changing buffer size checks. Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-14 15:13:26 +01:00
pespacek	3110c7b340	Changing error codes. Change from MBEDTLS_ERR_ERROR_GENERIC_ERROR to MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED where PSA crypto is used. Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-14 15:07:41 +01:00
PeterSpace	c2774a3ad4	Update library/psa_its_file.c Signed-off-by: pespacek <peter.spacek@silabs.com> Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>	2022-02-14 12:24:56 +01:00
Przemyslaw Stekiel	4f419e55a1	ssl_tls13_write_key_share_ext: initialize key_exchange_len (compiler warning) Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-14 10:19:53 +01:00
Przemyslaw Stekiel	c0824bfb11	Change mbedtls_ssl_tls13_key_schedule_stage_handshake() to use psa_raw_key_agreement() Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-14 10:19:45 +01:00
Przemyslaw Stekiel	6d6aabdb0d	Remove unused function: ssl_tls13_check_ecdh_params() Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-14 10:13:10 +01:00
Przemyslaw Stekiel	9e23ddb09d	Change ssl_tls13_read_public_ecdhe_share() to use PSA-specific parsing code. Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-14 10:13:00 +01:00
Ronald Cron	f6893e11c7	Finalize PSA hash operations in TLS 1.3 Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-02-11 16:10:34 +01:00
Przemyslaw Stekiel	ea859c24b7	Change ssl_tls13_generate_and_write_ecdh_key_exchange() to use PSA Generate ECDH private key using psa_generate_key() Export the public part of the ECDH private key using psa_export_public_key() Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-11 15:17:05 +01:00
Paul Elliott	00738bf65e	Ensure ctr_drbg is initialised every time ctr_drbg is a local variable and thus needs initialisation every time LLVMFuzzerTestOneInput() is called, the rest of the variables inside the if(initialised) block are all static. Add extra validation to attempt to catch this issue in future. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-02-10 18:38:53 +00:00
Przemyslaw Stekiel	b15f33d496	Enable ecdh_psa_xxx fields in struct mbedtls_ssl_handshake_params for TLS 1.3 These fields need to be enabled for 1.3 even if MBEDTLS_USE_PSA_CRYPTO isn't (1.3 should always use PSA). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-10 15:24:27 +01:00
Gabor Mezei	9607ab4dbd	Prevent function not used compilation error Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-10 10:57:24 +01:00
Gabor Mezei	a3eecd242c	Implement HKDF expand in TLS 1.3 based on PSA HMAC Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-10 10:57:23 +01:00
Glenn Strauss	a941b62985	Create public macros for ssl_ticket key,name sizes Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 15:28:28 -05:00
Glenn Strauss	a950938ff0	Add mbedtls_ssl_ticket_rotate for ticket rotation. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 14:33:15 -05:00
Andrzej Kurek	7db1b78fff	Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO Duplicate a test case but with a different expected error due to error translation to and from PSA. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-09 14:13:44 -05:00
Jerry Yu	7840f81303	fix client_auth fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-09 19:43:22 +08:00
Manuel Pégourié-Gonnard	62b49cd06a	Merge pull request #5472 from yuhaoth/pr/move-client-auth Move client_auth to handshake	2022-02-09 10:57:00 +01:00
Ronald Cron	6ca6faa67e	Merge pull request #5080 from xffbai/add-tls13-read-certificate-request add tls1_3 read certificate request	2022-02-09 09:51:55 +01:00
Xiaofei Bai	7c8b6a97b9	Update CertificateRequest skip condition Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-02-08 15:21:13 +00:00
Jerry Yu	5c7d1cce97	fix typo error Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-08 21:08:29 +08:00
Jerry Yu	2d9a694088	change type of client_auth Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-08 21:07:10 +08:00
pespacek	e990100ddb	BUGFIX: psa_its_set now rejects UID = 0 Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-08 14:05:41 +01:00
pespacek	7599a7744e	X.509: use PSA for hashing under USE_PSA_CRYPTO When MBEDTLS_USE_PSA_CRYPTO is enabled, use psa_hash_xxx rather than mbedtls_md_xxx. Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-08 11:27:42 +01:00
Xiaofei Bai	c234ecf695	Update mbedtls_ssl_handshake_free() and address review comments. Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-02-08 10:26:42 +00:00
Manuel Pégourié-Gonnard	45c5768a74	Merge pull request #5434 from mprse/tls_use_psa TLS Cipher: use PSA crypto	2022-02-08 10:27:25 +01:00
Manuel Pégourié-Gonnard	5d6053f548	Fix a typo Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-08 10:26:19 +01:00
Xiaofei Bai	51f515a503	update based on comments Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-02-08 07:28:04 +00:00
Jerry Yu	0ff8ac89f5	fix comments issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-08 10:10:48 +08:00
Przemyslaw Stekiel	c499e33ed0	ssl_msg.c: Change message in MBEDTLS_SSL_DEBUG_RET() to be the failed function name instead current function name Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-07 15:12:05 +01:00
Manuel Pégourié-Gonnard	ff229cf639	Add debug message for wrong curve The non-PSA path has a debug message here, so let's have a similar one in the PSA case - just add the curve ID to be a bit more informative. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-07 12:00:32 +01:00
Manuel Pégourié-Gonnard	422370d633	Improve a comment and fix some whitespace Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-07 11:55:21 +01:00
Przemyslaw Stekiel	c8a06feae6	ssl_msg.c: Optimize null/stream cipher decryption/encryption Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-07 10:52:47 +01:00
Przemyslaw Stekiel	98ef6dca68	Remove redundant new lines Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-07 08:04:39 +01:00
Przemyslaw Stekiel	6928a5164d	Compile mbedtls_ssl_cipher_to_psa() conditionally under MBEDTLS_USE_PSA_CRYPTO only Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 14:55:24 +01:00
Przemyslaw Stekiel	8c010eb467	Fix comments, code style, remove debug code Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 14:55:24 +01:00
Przemyslaw Stekiel	6b2eedd25f	ssl_msg.c: add debug code for psa failures Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 14:55:14 +01:00
Manuel Pégourié-Gonnard	141be6cc7f	Fix missing check on server-chosen curve We had this check in the non-PSA case, but it was missing in the PSA case. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:15 +01:00
Manuel Pégourié-Gonnard	0d63b84fa4	Add mbedtls_ssl_check_curve_tls_id() (internal) This can be used to validate the server's choice of group in the PSA case (this will be done in the next commit). Note that new function doesn't depend on ECP_C, as it only requires mbedtls_ssl_get_groups(), which is always available. As a general rule, functions for defining and enforcing policy in the TLS module should not depend on low-level modules but work with TLS-level identifiers are much as possible, and this new function follows that principle. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:15 +01:00
Manuel Pégourié-Gonnard	3caa0edb9b	Remove dead preprocessor code There's no way currently (see below regarding the future) that ECC-based key exchanges are enabled without ECP_C being defined. So, the #if was fully redundant with the checks surrounding the function, as it always evaluated to true. The situation arose as, in the old days (before Mbed TLS 2.0), mbedtls_ssl_conf_curves() (or ssl_set_curves() as it was called back then) was optional, controlled by its own compile-time option POLARSSL_SSL_SET_CURVES. So, in turn mbedtls_ssl_check_curve() depended on POLARSSL_SSL_SET_CURVES too, and all calls to it were guarded by that. When it was made non-optional, a blind s/POLARSSL_SSL_SET_CURVES/MBEDTLS_ECP_C/ was done, which resulted in stupid situations like this with redundant checks for ECP_C. Note regarding the future: at some point it will be possible to compile with ECC-based key exchanges but without ECP_C. This doesn't change anything to the reasoning above: mbedtls_ssl_check_curve() will be available in all builds where ECC is used; it will just need a new definition (with new guards), but that doesn't change anything for its callers. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:15 +01:00
Manuel Pégourié-Gonnard	4a0ac1f160	Remove mbedtls_psa_tls_ecpoint_to_psa_ec() Same reasons as for the previous commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:15 +01:00
Manuel Pégourié-Gonnard	58d2383ef4	Remove mbedtls_psa_tls_psa_ec_to_ecpoint() Initially this function was doing something because the output format of psa_export_public() didn't match the ECPoint format that TLS wants. Then it became a no-op then the output format of psa_export_public() changed, but it made sense to still keep the function in case the format changed again. Now that the PSA Crypto API has reached 1.0 status, this is unlikely to happen, so the no-op function is no longer useful. Removing it de-clutters the code a bit; while at it we can remove a temporary stack buffer (that was up to 133 bytes). It's OK to remove this function even if it was declared in a public header, as there's a warning at the top of the file saying it's not part of the public API. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:14 +01:00
Manuel Pégourié-Gonnard	e5119898e4	Improve a comment Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:13 +01:00
Przemyslaw Stekiel	d66387f8fa	Init psa status to PSA_ERROR_CORRUPTION_DETECTED Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 09:16:41 +01:00
Przemyslaw Stekiel	b97556e8d1	mbedtls_ssl_encrypt/decrypt_buf: remove dead code Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 09:16:29 +01:00
Przemyslaw Stekiel	f9cd60853f	ssl_tls1X_populate_transform(): import psa keys only if alg is not MBEDTLS_SSL_NULL_CIPHER Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-01 11:25:55 +01:00
Manuel Pégourié-Gonnard	9cb7b8d263	Merge pull request #5469 from Unity-Technologies/windows-arm64-workaround Don't inline mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to avoid a compiler bug	2022-02-01 09:21:27 +01:00
Tautvydas Žilys	40fc7da101	Cap the workaround for mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to MSVC versions prior to 17.1. Signed-off-by: Tautvydas Žilys <tautvydas.zilys@gmail.com>	2022-01-31 13:34:01 -08:00
Przemyslaw Stekiel	77aec8d181	Rename ssl_psa_status_to_mbedtls->psa_ssl_status_to_mbedtls Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 20:22:53 +01:00
Przemyslaw Stekiel	be47ecf5e2	mbedtls_ssl_get_record_expansion: use same condidion set as for non-psa build Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 17:50:00 +01:00
Przemyslaw Stekiel	2c87a200a3	ssl_write_encrypt_then_mac_ext(): adapt to psa crypto Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel	89dad93a78	Rename psa_status_to_mbedtls->ssl_psa_status_to_mbedtls and add conversion for PSA_ERROR_INVALID_SIGNATURE Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel	399ed51185	Fix condition in mbedtls_ssl_get_record_expansion Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel	e5c2238a99	Move mbedtls_ssl_cipher_to_psa() and psa_status_to_mbedtls() defs out of MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED build flag Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel	f57b45660d	Rename tls_mbedtls_cipher_to_psa() to be consistent with function naming convention. New function name: mbedtls_ssl_cipher_to_psa(). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	1d714479a3	mbedtls_ssl_get_record_expansion: rework switch statement for psa As PSA_ALG_IS_AEAD( transform->psa_alg ) can't be used as switch labels (switch labels must be constant expressions, they have to be evaluated at compile time) refactor switch to "if else" statement. Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	e88477844c	Adapt the mbed tls mode: ccm or gcm or cachapoly to psa version mode == MBEDTLS_MODE_CCM \|\| mode == MBEDTLS_GCM \|\| mode == MBEDTLS_CHACHAPOLY is equivalent to PSA_ALG_IS_AEAD( alg ). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	221b52791e	ssl_msg.c: fix parm in call to mbedtls_ssl_decrypt_buf() Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	9b22c2b1e6	Rename: mbedtls_cipher_to_psa -> tls_mbedtls_cipher_to_psa Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	6be9cf542f	Cleanup the code Use conditional compilation for psa and mbedtls code (MBEDTLS_USE_PSA_CRYPTO). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	d4eab57933	Skip psa encryption/decryption for null cipher Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	ce09e7d868	Use psa_status_to_mbedtls() for psa error case Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	fe7397d8a7	Fix key attributes encrypt or decrypt only (not both) Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	dd7b501c92	Move PSA init after taglen is set Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	e87475d834	Move psa_status_to_mbedtls to ssl_misc.h Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	8398a67e31	Fix description of the translation function Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	1fe065b235	Fix conditional compilation (MBEDTLS_USE_PSA_CRYPTO) Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	2e9711f766	mbedtls_ssl_decrypt_buf(): replace mbedtls_cipher_crypt() and mbedtls_cipher_auth_decrypt_ext() with PSA calls Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	b37fae122c	mbedtls_ssl_encrypt_buf(): replace mbedtls_cipher_crypt() and mbedtls_cipher_auth_encrypt_ext() with PSA calls Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	76e1583483	Convert psa status to mbedtls Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	11a33e6d90	Use PSA_BITS_TO_BYTES macro to convert key bits to bytes Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	ae77b0ab28	mbedtls_ssl_tls13_populate_transform: store the en/decryption keys and alg in the new fields Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	ffccda45df	ssl_tls12_populate_transform: store the en/decryption keys and alg in the new fields Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	ce37d11c67	mbedtls_ssl_transform_free(): fix destruction of psa keys Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	8f80fb9b1d	Adapt in mbedtls_ssl_transform_init() and mbedtls_ssl_transform_free() after extending mbedtls_ssl_transform struct Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	44187d7a3e	Extend mbedtls_ssl_transform struct for psa keys and alg Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	430f337b49	Add helper function to translate mbedtls cipher type/mode pair to psa: algorithm, key type and key size. Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Paul Elliott	a9f32fbb21	Merge pull request #5382 from lhuang04/tls13_f_export_keys Swap the client and server random for TLS 1.3 f_export_keys	2022-01-28 12:09:19 +00:00
Xiaofei Bai	6d42bb430c	Update mbedtls_ssl_handshake_free() Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-28 10:05:51 +00:00
Manuel Pégourié-Gonnard	f7d704dbd2	Avoid dead code in some configurations Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-01-28 10:05:56 +01:00
Xiaofei Bai	f5b4d25cfa	Add received_sig_algs member to struct mbedtls_ssl_handshake_params Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-28 06:37:15 +00:00
Jerry Yu	fb28b88e26	move client_auth to handshake Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-28 11:05:58 +08:00
lhuang04	a3890a3427	Swap the client and server random for TLS 1.3 Summary: Test Plan: Reviewers: Subscribers: Tasks: Tags: Signed-off-by: lhuang04 <lhuang04@fb.com>	2022-01-27 06:00:43 -08:00
XiaokangQian	8499b6ce25	Only free verify_cookie in tls 1.3 case. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-27 09:00:11 +00:00
Xiaofei Bai	82f0a9a1db	Rebase and address review comments Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-27 07:53:52 +00:00
XiaokangQian	a909061c2a	Refine HRR parse successfully message in test cases Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-27 03:48:27 +00:00
XiaokangQian	34909746df	Change cookie free code and some comments Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-27 02:25:04 +00:00
Tautvydas Žilys	60165d7708	Don't inline mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to avoid a compiler bug. Signed-off-by: Tautvydas Žilys <tautvydas.zilys@gmail.com>	2022-01-26 15:44:10 -08:00
XiaokangQian	52da558103	Change code base on comments Align the alert type in parse_server_hello Remove MBEDTLS_SSL_COOKIE_C guard Enable cookie for both DTLS and TLS1.3 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	aec1f3e913	Cookie fields are used only by DTLS 1.3 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	b119a35d07	Refine fatal alert in parse_server_hello Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	d59be77ce7	Refine code based on comments Add comments for parse hrr key share and cookie Change variable names based on RFC8466 Refine fatal allerts in parse server hello and hrr Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	0ece998287	Refine code in mbedtls_ssl_reset_transcript_for_hrr Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	f1e7d12cb6	Fix compile issues in mbedtls_ssl_session_reset_msg_layer Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	43550bd761	Prepare function to parse hrr cookie extension Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	2b01dc30cb	Add hrr no change check and allign mbedtls_ssl_session_reset_msg_layer Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	355e09ae9d	Change code base on comments Change functions name Change some comments Improve hrr test case for gnutls Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	78b1fa7e81	Update code base on comments Move reset transcript for hrr to generic Reset SHA256 or SHA384 other than both Rename message layer reset Add check log for hrr parse successfully Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	53f20b71c5	Improve ssl_tls13_parse_server_hello Avoid coping random bytes in hrr Send illegal parameter alert when cipher suite mismatch Send illegal parameter alert when supported_version not exist Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	d9e068e10b	Change code based on comments Align coding styles Add hrr parameter for ssl_tls13_parse_server_hello Add reset steps for SHA384 in HRR Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	8945db36ab	Reduce paramter hrr from ssl_tls13_parse_server_hello Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	b48894eca4	Add buffer check for named group Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	16acd4b3e4	Reject the second HRR earlier and align naming styles Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	b851da8a44	Re-construct the code to merge hello and hrr based on comments Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	0b56a8f85c	Replace curve_list with group_list and add update test scripts Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	51eff22c9b	Align oode style with server hello parse Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	647719a172	Add hello retry request in client side Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:50:06 +00:00
Xiaofei Bai	69fcd39774	Update CertificateRequest tests and the parsing function Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-26 09:32:29 +00:00
Xiaofei Bai	de3f13e0b8	update based on comments Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-26 09:31:54 +00:00
Xiaofei Bai	f6d3696eda	fix test failures Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-26 09:31:54 +00:00
Xiaofei Bai	a0ab777cfc	update based on comments. Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-26 09:31:54 +00:00
Xiaofei Bai	e1e344213a	Add TLS1.3 process certificate request Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-26 09:31:52 +00:00
Ronald Cron	f51b79c297	Merge pull request #5355 from yuhaoth/pr/remove-duplicate-sig-alg-ext Remove duplicate write signature algorithms extension The failure of ABI-API-checking is expected.	2022-01-26 10:05:26 +01:00
Jerry Yu	ed5e9f431d	Change ecdsa sig_algs order for tls1.3 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-26 12:41:12 +08:00
Manuel Pégourié-Gonnard	9d95d81eae	Merge pull request #5359 from hanno-arm/mpi_montmul_remove_dead_code Remove redundant write operation in Montgomery multiplication	2022-01-25 13:00:19 +01:00
Jerry Yu	0b994b8061	fix typo error Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 17:22:12 +08:00
Jerry Yu	53037894ab	change the defaut sig_algs order Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 14:38:01 +08:00
Jerry Yu	18c833e2eb	fix tls1_2 only sig_algs order issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 14:38:01 +08:00
Jerry Yu	f377d644f5	Refactor duplicate check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 14:38:01 +08:00
Jerry Yu	6ade743a43	Add mbedtls_printf alias for !PLATFORM_C Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 14:38:01 +08:00
Jerry Yu	370e146acb	fix comments issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	909df7b17b	Refactor *_sig_algs tables Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	b476a44fc6	Add static assert check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	971988528d	fix coding style issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	941e07ff02	fix test_no_platform fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	1a8b481ce6	Remove duplicated signature algorithm in default settings Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	600ded7ea5	Reserve end tag space at sig_algs_len init. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	a68dca24ee	move overflow inside loop Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	8afd6e4308	fix typo issues in comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	eb821c6916	remove check_sig_hash Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	24811fb2e0	replace check_sig_hash with is_offered Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	1bab301c0d	Add signature algorithm supported check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	7ddc38cedb	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	4131ec1260	Add signature algorithm length check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	a69269a711	change sig_algs_len unit to byte Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	713013fa80	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	e12f1ddcfa	fix check names fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	11f0a9c2c4	fix deprecated-declarations error replace sig_hashes with sig_alg Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	6106fdc085	fix build fail without TLS13 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	f017ee4203	merge write sig_alg of tls12 and tls13 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> # Conflicts: # library/ssl_misc.h	2022-01-25 12:46:17 +08:00
Jerry Yu	1abd1bc22f	Change write_sig_alg_ext of tls12 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	2d0bd32982	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	0e5bcb6bf5	Replace directly access for sig_hashes Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:16 +08:00
Jerry Yu	08e2ceae18	Remove directly access for tls13_sig_algs Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:16 +08:00
Jerry Yu	afdfed16d0	add get sig_algs helper function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:16 +08:00
Jerry Yu	18cd43909b	Align signature_algorithms extension name Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:16 +08:00
Manuel Pégourié-Gonnard	fcca7cfa97	Merge pull request #5428 from gstrauss/mbedtls_ssl_ciphersuite Add accessors for ciphersuite info	2022-01-24 11:13:31 +01:00
Dave Rodgman	b032685543	Merge pull request #5309 from gilles-peskine-arm/pkparse-pkcs8-unencrypted-no-alloc mbedtls_pk_parse_key: don't allocate if not needed	2022-01-24 10:03:48 +00:00
Gilles Peskine	6d6d93ea4a	Merge pull request #5350 from AndrzejKurek/psa-aead-invalid-tag-lengths-setup Detect invalid tag lengths in psa_aead_setup	2022-01-21 21:46:37 +01:00
Gilles Peskine	fe271b9c92	Merge pull request #5253 from AndrzejKurek/chacha-iv-len-16-fixes Return an error from `mbedtls_cipher_set_iv` for an invalid IV length with ChaCha20 and ChaCha20+Poly	2022-01-21 21:46:08 +01:00
Andrzej Kurek	f881601c91	Detect invalid tag lengths in psa_aead_setup Read tag lengths from the driver and validate against preset values. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-20 07:40:12 -05:00
Manuel Pégourié-Gonnard	d2da19b8eb	Merge pull request #5380 from AndrzejKurek/key-id-encodes-owner-psa-fixes Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO	2022-01-18 09:16:25 +01:00
Ronald Cron	188ed19456	Merge pull request #5351 from yuhaoth/pr/remove-duplicate-supported_group_ext Remove duplicate function for writing supported_groups extension	2022-01-17 09:13:14 +01:00
Andrzej Kurek	63439eda62	Return an error for IV lengths other than 12 with ChaCha20+Poly1305 The implementation was silently overwriting the IV length to 12 even though the caller passed a different value. Change the behavior to signal that a different length is not supported. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-14 16:31:54 +01:00
Andrzej Kurek	33ca6af8a3	Return an error for IV lengths other than 12 with ChaCha20 The implementation was silently overwriting the IV length to 12 even though the caller passed a different value. Change the behavior to signal that a different length is not supported. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-14 16:31:54 +01:00
Manuel Pégourié-Gonnard	73839e02a7	Merge pull request #5353 from gstrauss/mbedtls_ssl_config_defaults-repeat Reset dhm_P and dhm_G if config call repeated; avoid memory leak	2022-01-14 10:41:06 +01:00
Bence Szépkúti	aa3a6e4ea7	Fix brace placement Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2022-01-13 16:26:03 +01:00
Bence Szépkúti	39fb9d170b	Rename helper function to psa_aead_check_algorithm Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2022-01-13 14:33:45 +01:00
Jerry Yu	d491ea4f18	fix comment issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-13 16:15:25 +08:00
Glenn Strauss	8f52690956	Add accessors for ciphersuite info Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-01-13 00:05:48 -05:00
Jerry Yu	b925f21806	fix comment issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-12 11:17:02 +08:00
Jerry Yu	f0fede56a6	minor performance improvement Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-12 10:57:47 +08:00
Jerry Yu	1510cea0f3	fix coding style issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-12 10:56:49 +08:00
Jerry Yu	3ad14ac9e9	Add named group IANA value check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-11 17:13:16 +08:00
Jerry Yu	f46b016058	skip some extensions if ephemeral not enabled Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-11 16:28:00 +08:00
Jerry Yu	63282b4321	Refactor write supported group Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-11 15:43:53 +08:00
Hanno Becker	bae3023576	Make more use of helper function for init/free of MPI array Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-11 05:06:54 +00:00
Jerry Yu	7f029d8a94	fix coding style issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-11 11:08:53 +08:00
Przemyslaw Stekiel	2ecfd57b93	psa_asymmetric_decrypt: move build-in impl to mbedtls_psa_asymmetric_decrypt Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:06 +01:00
Przemyslaw Stekiel	71284eabdb	psa_asymmetric_decrypt: add test driver impl Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:06 +01:00
Przemyslaw Stekiel	8d45c00759	psa_asymmetric_decrypt: access the key store and call driver dispatch Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:05 +01:00
Przemyslaw Stekiel	234f318bd7	psa_asymmetric_encrypt: move build-in impl to mbedtls_psa_asymmetric_encrypt Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:05 +01:00
Przemyslaw Stekiel	b6a6650a64	psa_asymmetric_encrypt: add test driver impl Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:05 +01:00
Przemyslaw Stekiel	19e6142214	psa_asymmetric_encrypt: access the key store and call driver dispatch Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:05 +01:00
Hanno Becker	466df6e713	Introduce helper function for init/free of MPI array Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-10 11:24:42 +00:00
Hanno Becker	ac4d4bc97c	Improve documentation of ECP module Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-09 06:34:04 +00:00
Hanno Becker	ee95f6c4c9	Don't allow Z coordinate being unset in ecp_add_mixed() Previously, ecp_add_mixed(), commputing say P+Q, would allow for the Q parameter to have an unset Z coordinate as a shortcut for Z == 1. This was leveraged during computation and usage of the T-table (storing low multiples of the to-be-multiplied point on the curve). It is a potentially error-prone corner case, though, since an MPIs with unset data pointer coordinate and limb size 0 is also a valid representation of the number 0. As a first step towards removing ECP points with unset Z coordinate, the constant time T-array getter ecp_select_comb() has previously been modified to return 'full' mbedtls_ecp_point structures, including a 1-initialized Z-coordinate. Similarly, this commit ... - Modifies ecp_normalize_jac_many() to set the Z coordinates of the points it operates on to 1 instead of freeing them. - Frees the Z-coordinates of the T[]-array explicitly once the computation and normalization of the T-table has finished. As a minimal functional difference between old and new code, the new code also frees the Z-coordinate of T[0]=P, which the old code did not. - Modifies ecp_add_mixed() to no longer allow unset Z coordinates. Except for the post-precomputation storage form of the T[] array, the code does therefore no longer use EC points with unset Z coordinate. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-09 05:52:40 +00:00
Bence Szépkúti	08f34656cb	Return the same error in multipart and single shot AEAD psa_aead_encrypt_setup() and psa_aead_decrypt_setup() were returning PSA_ERROR_INVALID_ARGUMENT, while the same failed checks were producing PSA_ERROR_NOT_SUPPORTED if they happened in psa_aead_encrypt() or psa_aead_decrypt(). The PSA Crypto API 1.1 spec will specify PSA_ERROR_INVALID_ARGUMENT in the case that the supplied algorithm is not an AEAD one. Also move these shared checks to a helper function, to reduce code duplication and ensure that the functions remain in sync. Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2022-01-07 19:36:07 +01:00
Hanno Becker	c27a0e0093	Add more wrappers for ECP MPI operations Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-06 09:21:50 +00:00
Hanno Becker	595616e5cd	Add more wrappers for internal ECP coordinate operations Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-06 05:12:02 +00:00
Hanno Becker	6a28870b1e	Make ecp_select_comb() create valid EC point with Z coordinate set ecp_select_comb() did previously not set the Z coordinate of the target point. Instead, callers would either set it explicitly or leave it uninitialized, relying on the (only partly upheld) convention that sometimes an uninitialized Z value represents 1. This commit modifies ecp_select_comb() to always set the Z coordinate to 1. This comes at the cost of memory for a single coordinate, which seems worth it for the increased robustness. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-06 04:46:45 +00:00
Manuel Pégourié-Gonnard	6ced002a69	Count allocs without side-effects At the end of the benchmark program, heap stats are printed, and these stats will be wrong if we reset counters in the middle. Also remove the function to reset counters, in order to encourage other programs to behave correctly as well. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-01-05 10:08:59 +01:00
Hanno Becker	30838868ac	Keep temporaries across iterations of ecp_double_add_mxz() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-05 06:09:42 +00:00
Manuel Pégourié-Gonnard	35415a0c46	Add counter access to memory debug API Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-01-04 10:23:34 +01:00
Hanno Becker	3b29f2194b	Keep temporaries across iterations of ecp_add_mixed() This saves heap operations Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 07:34:14 +00:00
Hanno Becker	a7f8edd709	Keep temporaries across iterated invocations of ecp_double_jac() This reduces the number of heap operations. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 07:29:46 +00:00
Hanno Becker	28ccb1cc90	Reduce number of local MPIs from 9 to 4 in ecp_double_add_mxz() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 07:15:14 +00:00
Hanno Becker	376dc89519	Reorder ops in ecp_double_add_mxz() to indicate redundant local MPIs Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 07:14:07 +00:00
Hanno Becker	0d629791e9	Remove local MPI from ecp_randomize_jac() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:45:49 +00:00
Hanno Becker	885ed403c9	Introduce wrapper for modular squaring This paves the way for dedicated squaring implementations. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:43:50 +00:00
Hanno Becker	b8442cd9c6	Remove another local MPI from ecp_normalize_jac_many() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:32:42 +00:00
Hanno Becker	02a999b91a	Remove local MPI from ecp_normalize_jac_many() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:32:42 +00:00
Hanno Becker	838b715fcc	Add comment on input/output aliasing in ecp_add_mixed() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:32:42 +00:00
Hanno Becker	ce29ae84dd	Introduce macro wrappers for ECC modular arithmetic This improves readibility and prepares for further changes like the introduction of a single double-width temporary for ECP arithmetic. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:32:39 +00:00
Andrzej Kurek	03e01461ad	Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO Fix library references, tests and programs. Testing is performed in the already present all.sh test. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-03 12:53:24 +01:00
Hanno Becker	76f897d699	Reduce number of temporary MPIs in ECP normalization Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-02 12:47:34 +00:00
Hanno Becker	02b35bd00a	Introduce wrapper for modular multiplication with single-width const Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-01 06:54:25 +00:00
Hanno Becker	5c8ea307b8	Reduce number of local MPIs in ECP mixed point addition `ecp_add_mixed()` and `ecp_double_jac()` are the core subroutines for elliptic curve arithmetic, and as such crucial for the performance of ECP primitives like ECDHE and ECDSA. This commit provides a very slight simplification and performance and memory usage improvement to `ecp_add_mixed()` by removing the use of three temporary MPIs used for coordinate calculations. Where those variables were used, the code now writes directly to the coordinate MPIs of the target elliptic curve point. This is a valid change even if there is aliasing between input and output, since at the time any of the coordinate MPIs in question is written, the corresponding coordinates of both inputs are no longer read. (The analogous change in `ecp_double_jac()` can not be made since this property does not hold for `ecp_double_jac()`.) Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-01 06:16:16 +00:00
Max Fillinger	0bb38336a5	Add function to get md info from md context Signed-off-by: Max Fillinger <max@max-fillinger.net>	2021-12-28 16:32:00 +01:00
Jerry Yu	ffef9c52d4	fix alignment issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-24 22:31:08 +08:00
Hanno Becker	9a83443af2	Remove redundant write operation in Montgomery multiplication This commit removes code from the Montgomery multiplication routine `mpi_montmul()` which seems to serve no purpose. Details: `mpi_montmul()` uses a temporary storage `T` for intermediate results which is assumed to be of twice the size as the inputs to be multiplied, and which is used as follows: After the i-th (i=0,1,...) iteration, the n-limb word starting at `T->p + i + 1` contains the Montgomery multiplication of B with the limbs 0,..,i of A, and the variable `d` points to `T->p + i + 1`. In particular, after `n` iterations, `T->p + n` holds the full multiplication (subject to conditional subtraction). As a consequence of this way of using the temporary `T`, the contents of `{T->p, ..., T->p + i}` are irrelevant after the i-th iteration. Nonetheless, the code copies `A[i]` to `T->p[i]` at the end of the i-th iterations, which is redundant and can be removed. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-12-22 11:23:27 +00:00
Jerry Yu	136320ba0b	fix ci fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-21 17:09:00 +08:00
Jerry Yu	1ea9d10687	fix test_ref_configs build fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-21 14:52:38 +08:00
Glenn Strauss	cee11296aa	Reset dhm_P and dhm_G if config call repeated Reset dhm_P and dhm_G if call to mbedtls_ssl_config_defaults() repeated to avoid leaking memory. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2021-12-20 20:24:56 -05:00
Jerry Yu	1753261083	change write_supported_groups_ext prototype Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-20 22:32:09 +08:00
Jerry Yu	9d555ac003	Remove TLS12 version write_supported_group_ext Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-20 22:27:58 +08:00
Jerry Yu	7581c11fc7	Remove tls13_write_supported_groups_ext Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-20 22:25:41 +08:00
Jerry Yu	ba07342cd6	Add generic write_supported-groups_ext Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-20 22:22:15 +08:00
Jerry Yu	b47d0f893e	Replace SUPPORTED_ELLIPTIC_CURVES with SUPPORTED_GROUPS According to RFC7919 and RFC8442 , they are same. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-20 17:38:50 +08:00
Archana	4a9e02632a	Review comments addressed * Updated the default argument to create less noise with argument passing. * Reworded ChangeLog to match MbedTLS documentation/ announcement requirements Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-19 13:37:37 +05:30
Archana	c08248d650	Rename the template file from .conf to .jinja Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-19 10:35:15 +05:30
Archana	e03960e460	Restructure Python script to use argparse and main Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-19 10:34:59 +05:30
Archana	b32eafff51	Add psa_crypto_driver_wrappers.c to .gitignore Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-18 13:29:10 +05:30
Archana	6f21e45b78	Fix Pylint errors and improve Python script Pylint errors are fixed. The Python script is improved to take default arguments when not passed (eg invoked from root of the tree) check-generated-files.sh and CMakeLists.sh updated. Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-18 13:28:59 +05:30
Archana	a8939b6da3	Restructure scripts' folder alignment Moved python script generate_driver_wrappers.py under scripts and corresponding template file under script/data_files. Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-18 12:57:15 +05:30
Archana	1f1a34a226	Rev 1.0 of Driver Wrappers code gen The psa_crypto_driver_wrappers.c is merely rendered with no real templating in version 1.0. Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-18 12:22:06 +05:30
Archana	68eb2ac960	Deleted psa_crypto_driver_wrappers.c The file psa_crypto_driver_wrappers.c is deleted to be autogenerated. Updated psa_crypto_driver_wrappers.h, this file only contains the prototypes for the driver wrappers, we don't expect this to be auto generated. Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-18 10:51:52 +05:30
Dave Rodgman	77d778eee2	Merge branch 'development' into mbedtls-3.1.0_merge_into_release	2021-12-17 10:01:53 +00:00
Dave Rodgman	b8c3301b80	Revert "Add generated files" This reverts commit `4e62cbc322`.	2021-12-17 09:44:04 +00:00
Gilles Peskine	863b96a21b	Add copyright notice to ssl_debug_helpers* Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-16 10:04:58 +01:00
Gilles Peskine	1a1e78fa55	Remove comments indicating that the file was automatically generated Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-15 12:58:22 +01:00
Gilles Peskine	923d5c9e3c	Rename ssl_debug_helpers.h It's no longer generated, so rename it accordingly. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-15 12:56:54 +01:00
Gilles Peskine	ccbc318fc5	Remove generation of ssl_debug_helpers_generated.h It's now under version control and meant to be updated manually. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-15 12:55:37 +01:00
Gilles Peskine	09f1ee68b6	Commit header file Having an automatically generated header file makes it harder to have working build scripts. The content of ssl_debug_helpers_generated.h isn't likely to change often, so we can update it manually. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-15 12:55:33 +01:00
Ronald Cron	4e62cbc322	Add generated files Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-15 09:02:53 +01:00
Ronald Cron	17b1e2f6c3	Bump version to 3.1.0 Executed ./scripts/bump_version.sh --version 3.1.0 --so-crypto 11 --so-tls 17 + fix of build_info.h Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-15 09:02:53 +01:00
Ronald Cron	9ed3873905	psa: driver wrapper: cipher: Fix unused variable warning Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-14 18:11:06 +01:00
Ronald Cron	8188d19b0e	Merge branch 'development-restricted' into mbedtls-3.1.0rc-pr	2021-12-14 10:58:18 +01:00
Gilles Peskine	12e27d4c5b	List ssl_debug_helpers_generated.h in generated files Running `generate_ssl_debug_helpers.py` generates both `ssl_debug_helpers_generated.c` and `ssl_debug_helpers_generated.h`. List the `.h` file as well as the `.c` file in `check-generated-files.sh` so that `check-generated-files.sh -u` will complain if it isn't up to date. List it in `Makefile` and `CMakeLists.txt` so that parallel builds know when to wait until the `.h` file is present. In `Makefile`, declare the `.c` file as depending on the `.h` file for order. This way, a dependency for either will wait until the `.h` file is present, and since the `.h` file is generated after the `.c` file, this guarantees that the `.c` file is present. This fixes random failures of `make -j` from a fresh checkout. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-14 00:19:47 +01:00
Gilles Peskine	32d2a58cc2	Merge pull request #5325 from gilles-peskine-arm/zeroize-tag-3.1 Zeroize expected MAC/tag intermediate variables	2021-12-13 19:09:30 +01:00
Gilles Peskine	cd74298c83	mbedtls_cipher_check_tag: jump on error for more robustness to refactoring Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 17:01:25 +01:00
Gilles Peskine	a5c18512b9	Merge pull request #5155 from paul-elliott-arm/pcks12_fix Fixes for pkcs12 with NULL and/or zero length password	2021-12-13 14:52:36 +01:00
Gilles Peskine	a4174312da	Initialize hash_len before using it Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 14:38:40 +01:00
Gilles Peskine	14d5fef6b7	PKCS#1v1.5 signature: better cleanup of temporary values Zeroize temporary buffers used to sanity-check the signature. If there is an error, overwrite the tentative signature in the output buffer. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 12:37:55 +01:00
Gilles Peskine	f0fd4c3aee	mbedtls_ssl_parse_finished: zeroize expected finished value on error Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 12:36:15 +01:00
Gilles Peskine	c2f7b75a71	mbedtls_ssl_cookie_check: zeroize expected cookie on cookie mismatch Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 12:35:08 +01:00
Gilles Peskine	60aebec47e	PSA hash verification: zeroize expected hash on hash mismatch Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 12:33:18 +01:00
Gilles Peskine	e7835d92c1	mbedtls_cipher_check_tag: zeroize expected tag on tag mismatch Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 12:32:43 +01:00

... 8 9 10 11 12 ...

8803 commits