mbedtls

Author	SHA1	Message	Date
Gabor Mezei	3631cf693a	Rename signiture algorithm macros to better suite with TLS 1.2 Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:19 +02:00
Gabor Mezei	24c7c2be08	Unify `MBEDTLS_TLS_SIG_NONE` macro definition for TLS 1.2 and 1.3 Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	a3d016ce41	Rename and rewrite `mbedtls_ssl_sig_hash_set_find` function Rename `mbedtls_ssl_sig_hash_set_find` function to a suitable name and rewrite to operate TLS signature algorithm identifiers. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	1226590c88	Explicitly set invalid value for the end of the signiture algorithm set Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	15b95a6c52	Use common macro for the invalid signiture algorithm botn in TLS 1.2 and 1.3 Introduce a new macro MBEDTLS_TLS_SIG_NONE for invalid signiture algorithm. It is intended to use in common code of TLS 1.2 and 1.3. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	1a3be088bf	Reorder defines to use previous definitions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	078e803d2c	Unify parsing of the signature algorithms extension Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:08 +02:00
Przemek Stekiel	17520fe2c5	PSA: Add support for HKDF-Extend and HKDF-Expand algs Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-11 12:17:03 +02:00
Manuel Pégourié-Gonnard	5479f5321a	Merge pull request #5772 from superna9999/5762-rsa-decrypt-pk RSA decrypt 1a: PK	2022-05-11 11:01:01 +02:00
Paul Elliott	d1a954d243	Merge pull request #5707 from yuhaoth/pr/add-tls13-write-hello-retry-request TLS1.3: Add HelloRetryRequest Write	2022-05-10 17:25:33 +01:00
Dave Rodgman	4bfb007dcb	Handle platform differences in gmtime_s MSVC and C11 specify different arguments and return value meaning for gmtime_s. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-10 13:46:09 +01:00
Dave Rodgman	ad8dc480d4	Remove redundant comment Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-10 13:46:09 +01:00
Cameron Cawley	ea5496ceb3	Fix compilation with MinGW32 Signed-off-by: Cameron Cawley <ccawley2011@gmail.com>	2022-05-10 13:46:09 +01:00
Manuel Pégourié-Gonnard	42650260a9	Merge pull request #5783 from mprse/md_dep_v3 Fix undeclared dependencies: MD	2022-05-10 10:41:32 +02:00
Jerry Yu	f41553b662	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 22:20:30 +08:00
Manuel Pégourié-Gonnard	9bbb7bacae	Merge pull request #5791 from superna9999/5788-unify-non-opaque-and-opaque-psks Unify non-opaque and opaque PSKs	2022-05-09 10:15:16 +02:00
Jerry Yu	ead5cce22c	improve readability Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:58:50 +08:00
Jerry Yu	4ca9140d43	fix coding style issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:55:39 +08:00
Jerry Yu	66d9e6f405	refactor next state of client hello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:11 +08:00
Jerry Yu	4833056833	fix ci test fails Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:11 +08:00
Jerry Yu	7f157eb31f	Change alert message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:11 +08:00
Jerry Yu	b8ac19a296	send alert when second hrr needed Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:09 +08:00
Jerry Yu	6a2cd9ebf5	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:08 +08:00
Jerry Yu	b0ac10b4a8	Refactor hrr key_share Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:06 +08:00
Jerry Yu	49ca92892d	refactor HRR routine Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:05 +08:00
Jerry Yu	086edc2807	refactor parse key_share ext Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:04 +08:00
Jerry Yu	fbe3e64b76	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:03 +08:00
Jerry Yu	c1be19f226	misc:minor improvement Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:01 +08:00
Jerry Yu	23f7a6fc5c	share write_body between HRR and ServerHello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:01 +08:00
Jerry Yu	582dd069b7	Add HRR handler Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:01 +08:00
Jerry Yu	fe24d1c9f5	add named group debug helper Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:00 +08:00
Jerry Yu	93a13f2c38	Share magic word of HRR Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:48:59 +08:00
Jerry Yu	67a2c37039	tls13:hrr:add empty frame work Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:48:59 +08:00
XiaokangQian	aad9b0a286	Update code base on comments Change-Id: Ibc5043154515d2801565a2b99741dfda1344211c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-09 01:11:21 +00:00
XiaokangQian	a987e1d2f8	Change state machine after encrypted extension and update cases Change-Id: Ie84a2d52a08538afb8f6096af0c054bd55ed66cb Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	ec6efb98bc	Change variable name to output_len Change-Id: I0f8a40da9782b2ec7af7e6f1faf1ac5c7e589418 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	cec9ae6259	Change the code places of CERTIFICATE_REQUEST Change-Id: I3aa293184fea4f960782675bdd520256c808bd4e Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	45c22201b3	Update test cases and encrypted extension state set Change-Id: Ie1acd10b61cefa9414169b276a0c5c5ff2f9eb79 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	2f150e184f	Update status and add test cases for client certificate request Change-Id: If9b9672540d2b427496b7297aa484b8bcfeb75c5 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	1f1f1e3372	Temp change to align with client/server hello style Change-Id: I8befbbcb5d6f7fdb230022825dcb856e19d9bec0 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	9dc4450647	Fix commets issue about coding styles Change-Id: I930a062e137562e0b129b9b9b191e5c864f8104d Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	eaf3651e31	Rebase and solve conflicts Change handshake_msg related functions Share the ssl_write_sig_alg_ext Change-Id: I3d342baac302aa1d87c6f3ef75d85c7dc030070c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
Xiaofei Bai	5ee73d84a9	Address review comments Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-05-07 01:37:04 +00:00
Xiaofei Bai	9ca09d497f	Add writing CertificateRequest msg on server side Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-05-07 01:37:04 +00:00
Pol Henarejos	b101cb6111	Since the group is unloaded for all curves, it is better to initialize the group also for all curves. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-06 18:43:58 +02:00
Ronald Cron	25b1f5d2b7	Merge pull request #5545 from xffbai/tls13-write-enc-ext TLS1.3: add writing encrypted extensions on server side.	2022-05-06 13:54:45 +02:00
Przemek Stekiel	c1e41bb2b5	rsa.c: remove redundant include of md.h rsa.c includes rsa.h that includes md.h Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-06 11:42:18 +02:00
Przemek Stekiel	ef1fb4a3d3	Deprecate mbedtls_cipher_setup_psa() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-06 10:55:10 +02:00
Jerry Yu	ef2b98a246	fix coding style issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-06 16:40:05 +08:00
Jerry Yu	f86eb75c58	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-06 11:16:55 +08:00
Pol Henarejos	aa68d36234	Fix order value for curve x448. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-05 19:22:29 +02:00
Neil Armstrong	8ecd66884f	Keep raw PSK when set via mbedtls_ssl_conf_psk() and feed as input_bytes Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-05 14:01:49 +02:00
Jerry Yu	e110d258d9	Add set outbound transform Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-05 19:59:59 +08:00
Werner Lewis	e59a531455	Fix memcpy() UB in mbedtls_asn1_named_data() Removes a case in mbedtls_asn1_named_data() where memcpy() could be called with a null pointer and zero length. A test case is added for this code path, to catch the undefined behavior when running tests with UBSan. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-05-04 11:45:06 +01:00
Neil Armstrong	80f6f32495	Make mbedtls_ssl_psk_derive_premaster() only for when MBEDTLS_USE_PSA_CRYPTO is not selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	044a32c4c6	Remove mbedtls_ssl_get_psk() and it's usage when MBEDTLS_USE_PSA_CRYPTO is selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	cd05f0b9e5	Drop skip PMS generation for opaque XXX-PSK now Opaque PSA key is always present when MBEDTLS_USE_PSA_CRYPTO selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	e952a30d47	Remove RAW PSK when MBEDTLS_USE_PSA_CRYPTO is selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	61f237afb7	Remove PSA-only code dealing with non-opaque PSA key Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	501c93220d	Import PSK as opaque PSA key for mbedtls_ssl_conf_psk() & mbedtls_ssl_set_hs_psk() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	b743d95051	Do not erase input key in psa_tls12_prf_psk_to_ms_set_key() When ALG_TLS12_PSK_TO_MS() is used, first derivation is correct but the following derivations output data is incorrect. This is because input key is erased in psa_tls12_prf_psk_to_ms_set_key() since commit `03faf5d2c1`. Fixes: `03faf5d2c1` ("psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage") Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:06:22 +02:00
Neil Armstrong	30beca35f1	Guard pk_opaque_rsa_decrypt() with PSA_WANT_KEY_TYPE_RSA_KEY_PAIR Then mbedtls_pk_error_from_psa_rsa() also needs to be guarded with PSA_WANT_KEY_TYPE_RSA_KEY_PAIR to be used by pk_opaque_rsa_decrypt() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:02:37 +02:00
Jerry Yu	9da5e5a2f2	fix coding style issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-03 15:46:09 +08:00
Jerry Yu	de66d12afc	remove out couter reset Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-03 12:15:19 +08:00
Jerry Yu	39730a70cd	remove variable initial Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-03 12:14:04 +08:00
Jerry Yu	8937eb491a	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-03 12:12:14 +08:00
Neil Armstrong	6c26adc900	Do not make pk_opaque_rsa_decrypt() depend on MBEDTLS_RSA_C Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-02 14:43:04 +02:00
Neil Armstrong	1082818003	Implement PK Opaque RSA decrypt Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-02 09:14:58 +02:00
Manuel Pégourié-Gonnard	068a13d909	Merge pull request #5771 from superna9999/5761-rsa-decrypt-rework-pk-wrap-as-opaque RSA decrypt 0: Rework `mbedtls_pk_wrap_as_opaque()`	2022-05-02 09:06:49 +02:00
Manuel Pégourié-Gonnard	67397fa4fd	Merge pull request #5704 from mprse/mixed_psk_2cx Mixed PSK 2a, 2b, 2c: enable client/server support opaque RSA-PSK, ECDHE-PSK, DHE-PSK	2022-04-29 10:47:16 +02:00
Przemek Stekiel	169bf0b8b0	Fix comments (#endif flags) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-29 07:53:29 +02:00
Neil Armstrong	a1fc18fa55	Change mbedtls_pk_wrap_as_opaque() signature to specify alg, usage and key_enrollment_algorithm Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-28 13:27:59 +02:00
Gilles Peskine	8855e36030	Merge pull request #5674 from superna9999/5668-abstract-tls-mode-cleanup Cipher cleanup: abstract TLS mode	2022-04-28 12:33:38 +02:00
Przemek Stekiel	8a4b7fd7c3	Optimize code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-28 10:21:03 +02:00
Jerry Yu	ab452cc257	fix name issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-28 15:27:08 +08:00
Przemek Stekiel	8abcee9290	Fix typos Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-28 09:16:28 +02:00
Neil Armstrong	2230e6c06d	Simplify PSA transform->ivlen set in ssl_tls12_populate_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-27 10:36:14 +02:00
Neil Armstrong	3bf040ed70	Reorganize PSA/!PSA code in mbedtls_ssl_ticket_setup() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-27 10:35:28 +02:00
Gilles Peskine	301711e96e	Simplify mbedtls_ssl_get_base_mode Reduce the amount of ifdef's by making the USE_PSA_CRYPTO and non-USE_PSA_CRYPTO definitions independent. No behavior change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-27 10:28:55 +02:00
Gilles Peskine	e108d987ea	Simplify mbedtls_ssl_get_mode Reduce the imbrications between preprocessor directives and C instructions. Handle encrypt-then-mac separately. No behavior change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-27 10:28:55 +02:00
Jerry Yu	4d3841a4d1	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-25 19:41:47 +08:00
Xiaofei Bai	cba64af50d	TLS1.3: add writing encrypted extensions Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-04-25 19:41:47 +08:00
Ronald Cron	eecd0d2fc3	Merge pull request #5679 from yuhaoth/pr/add-tls13-write-server-hello	2022-04-25 09:28:40 +02:00
Jerry Yu	e65d801580	fix undeclare error Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-23 10:34:35 +08:00
Biswapriyo Nath	d7e0ee42b8	cmake: Fix runtime library install location in mingw This install DLLs in bin directory instead of lib. Signed-off-by: Biswapriyo Nath <nathbappai@gmail.com>	2022-04-22 20:59:50 +05:30
Biswapriyo Nath	0f2e87bdf5	cmake: Use GnuInstallDirs to customize install directories Replace custom LIB_INSTALL_DIR with standard CMAKE_INSTALL_LIBDIR variable. For backward compatibility, set CMAKE_INSTALL_LIBDIR if LIB_INSTALL_DIR is set. Signed-off-by: Biswapriyo Nath <nathbappai@gmail.com>	2022-04-22 20:59:28 +05:30
Gilles Peskine	2f8c2a5fc5	Merge pull request #5753 from tom-cosgrove-arm/fix-missing-prototypes-warnings-a64-sha256-sha512 Hide unnecessarily public functions in SHA-256 and SHA-512 A64 acceleration	2022-04-22 16:45:23 +02:00
Gilles Peskine	72b99edf31	Merge pull request #5381 from mpg/benchmark-ecc-heap Improve benchmarking of ECC heap usage	2022-04-22 16:43:11 +02:00
Jerry Yu	955ddd75a3	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 22:27:33 +08:00
Przemek Stekiel	99114f3084	Fix build flags for opaque/raw psk checks Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:34 +02:00
Przemek Stekiel	cb322eac6b	Enable support for psa opaque DHE-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:33 +02:00
Przemek Stekiel	b293aaa61b	Enable support for psa opaque DHE-PSK key exchange on the client side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:33 +02:00
Przemek Stekiel	14d11b0877	Enable support for psa opaque ECDHE-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:53:55 +02:00
Przemek Stekiel	19b80f8151	Enable support for psa opaque ECDHE-PSK key exchange on the client side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	51a1f36be0	setup_psa_key_derivation(): change salt parameter to other_secret Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	aeb710fec5	Enable support for psa opaque RSA-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	f2534ba69b	tls12_client: skip PMS generation for opaque RSA-PSK Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Przemek Stekiel	c2033409e3	Add support for psa rsa-psk key exchange Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Przemek Stekiel	ae4ed30435	Fix naming: random bytes are the seed (not salt) in derivation process Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Przemek Stekiel	1f02703e53	setup_psa_key_derivation(): add optional salt parameter Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Manuel Pégourié-Gonnard	55132c6a9a	Merge pull request #5703 from superna9999/5322-ecdh-remove-legacy-context TLS ECDH 4: remove legacy context	2022-04-22 14:27:06 +02:00
Neil Armstrong	76b7407bd7	Use MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM to enable ssl_write_encrypt_then_mac_ext() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	f2c82f0a3b	Introduce MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM macro to determine if Encrypt-then-MAC with CBC is used in a ciphersuite Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	ccc074e44d	Use correct condition to use encrypt_then_mac in ssl_tls.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	d1be7674a4	Use PSA_BLOCK_CIPHER_BLOCK_LENGTH instead of PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE in ssl_tls12_populate_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	6b27c97a91	Rename mbedtls_get_mode() to mbedtls_ssl_get_mode() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	ab555e0a6c	Rename mbedtls_get_mode_from_XXX to mbedtls_ssl_get_mode_from_XXX Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	858581e81a	Remove cipher_info in mbedtls_ssl_ticket_setup() when USE_PSA_CRYPTO is defined Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	a0eeb7f470	Remove cipher_info in ssl_tls12_populate_transform() when USE_PSA_CRYPTO is defined Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	7fea33ea4d	Use mbedtls_get_mode_from_ciphersuite() in ssl_tls12_populate_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	fe635e42c9	Use mbedtls_get_mode_from_ciphersuite() in server-side ssl_write_encrypt_then_mac_ext() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	4bf4c8675f	Introduce mbedtls_get_mode_from_ciphersuite() by reusing mbedtls_get_mode_from_transform() logic Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	136f8409df	Replace PSA/Cipher logic with mbedtls_get_mode_from_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:26 +02:00
Neil Armstrong	8a0f3e8cf0	Introduce mbedtls_ssl_mode_t & mbedtls_get_mode_from_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:26 +02:00
Jerry Yu	a09f5e98ef	fix build fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:46:03 +08:00
Jerry Yu	cfc04b3541	Update comments in write server hello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:02 +08:00
Jerry Yu	e74e04af1a	Rename write supported_versions ext Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:02 +08:00
Jerry Yu	d9436a1baa	remove guards for write_key_share Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:02 +08:00
Jerry Yu	57d4841eda	fix write key_share issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:02 +08:00
Jerry Yu	637a3f1090	fix various issues typo issue, variable `ret` init value and remove finalize_server_hello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	1c3e688df1	fix comments issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	349a61388b	fix write selected_version fail And rename write_supported_versions to write selected_version Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	fb9f54db8c	fix comments issue Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	89e103c54c	tls13: Share write ecdh_key_exchange function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	3bf2c6449d	tls13: write server hello compile pass Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	56404d70c4	tls13:server:Add finalize write_server_hello and dummy body Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	f4b27e4351	tls13:server:Add prepare write_server_hello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	5b64ae9bad	tls13:server:Add base framework for serverhello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Ronald Cron	38b8aa4f63	Merge pull request #5539 from xkqian/add_client_hello_to_server Add client hello into server side	2022-04-22 10:26:00 +02:00
XiaokangQian	e8ff350698	Update code to align with tls13 coding standard Change-Id: I3c98b7d0db63aecc712a67f4e8da2cb9945c8f17 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-22 02:34:40 +00:00
Leonid Rozenboim	287527042b	Avoid potentially passing NULL arguments Several call sites flagged by Coverity that may potentially cause a pointer argument to be NULL. In two cases the issue is using a function call as a parameter to a second function, where the first function may return NULL, while the second function does not check for the NULL argument value. Remaining case is when static configuration is mixed with run-time decision, that could result in a data buffer argument being NULL. Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>	2022-04-21 18:00:52 -07:00
Manuel Pégourié-Gonnard	70701e39b5	Merge pull request #5726 from mprse/mixed_psk_1_v2 Mixed PSK 1: Extend PSK-to-MS algorithm in PSA (v.2)	2022-04-21 17:11:52 +02:00
Manuel Pégourié-Gonnard	90c70146b5	Merge pull request #5728 from superna9999/5711-pk-opaque-rsa-pss-sign RSA-PSS sign 1: PK	2022-04-21 17:11:18 +02:00
XiaokangQian	4d3a60475c	Change default config version to development style Change-Id: I9c1088f235524211e727d03b96de8d82e60bd426 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-21 13:46:17 +00:00
XiaokangQian	4e8cd7b903	Remove useless selected_group Change-Id: I5fb76b5bf4b22d0231c17314783781f9e7c309a3 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-21 13:30:18 +00:00
Neil Armstrong	13e76be02b	Reorganize & simplify mbedtls_pk_sign_ext() handling of wrapped RSA-PSS Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-21 12:08:52 +02:00
Przemek Stekiel	4e47a91d2e	Fix indentation issues Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-21 11:53:57 +02:00
Przemek Stekiel	03faf5d2c1	psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-21 11:53:57 +02:00
Przemek Stekiel	937b90febf	Add null check for pms allocation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-21 11:53:57 +02:00
Przemek Stekiel	e47201b34a	rename: psa_tls12_prf_set_other_key->psa_tls12_prf_psk_to_ms_set_other_key and adapt code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-21 11:53:57 +02:00
Przemek Stekiel	2503f7e4cb	Handle empty other secret when passed with input bytes Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-21 11:53:57 +02:00
XiaokangQian	060d867598	Update parse_key_share in server side and version config Change-Id: Ic91c061027d0ee4dca2055df21809cbb4388f3ef Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-21 09:24:56 +00:00
XiaokangQian	0a1b54ed73	Minor change the place of some functions Change-Id: I2626e68cf837d8ca4086cb35a8482cee315cde97 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-21 03:01:38 +00:00
XiaokangQian	75d40ef8cb	Refine code base on review Remove useless hrr code Share validate_cipher_suit between client and server Fix test failure when tls13 only in server side Change-Id: I5d6a7932bd8448ebf542bc86cdcab8862bc28e9b Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 11:05:24 +00:00
XiaokangQian	318dc763a6	Fix test failure issue and update code styles Change-Id: I0b08da1b083abdb19dc383e6f4b210f66659c109 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 09:43:51 +00:00
XiaokangQian	de33391fa0	Rebase and solve conflicts Change-Id: I7f838ff5b607fe5e6b68d74d0edc1def8fc9a744 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 08:49:42 +00:00
XiaokangQian	0803755347	Update code base on review comments Refine named_group parsing Refine cipher_suites parsing Remove hrr related part Share code between client and server side Some code style changes Change-Id: Ia9ffd5ef9c0b64325f633241e0ea1669049fe33a Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:50:14 +00:00
XiaokangQian	17f974c63e	Re-order the ciphersuite matching code in parse_client_hello Change-Id: I16d11bca42993d4abc2a1b19fa087366c591927c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	84823779ce	Only store the first group in ssl_tls13_parse_supported_groups_ext() Change-Id: I4427149aeb6eb453150e522e4c7b11187e2e3825 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	3f84d5d0cd	Update test cases and fix the test failure Change-Id: If93506fc3764d49836b229d51e4ad5b008cc3343 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	b67384d05c	Fix coding style and comments styles Change-Id: Ifa37a3288fbb6b5206fc0640fa11fa36cb3189ff Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	f8ceb94fe7	Fix the parse_sig_alg_ext fail issue Change-Id: Ib31e0929c5b6868ab6c3023b20472321fc07ba3c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	8f9dfe41c0	Fix comments about coding styles and test cases Change-Id: I70ebc05e9dd9fa084d7b0ce724a25464c3425e22 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	cfd925f3e8	Fix comments and remove hrr related code Change-Id: Iab1fc5415b3b7f7b5bcb0a41a01f4234cc3497d6 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	ed582dd023	Update based on comments Remove cookie support from server side Change code to align with coding styles Re-order functions of client_hello Change-Id: If31509ece402f8276e6cac37f261e0b166d05e18 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	4080a7f687	Change code style and some share functions Change variables and functions name style Refine supported_version Refine client hello parse Change-Id: Iabc1db51e791588f999c60db464326e2bdf7b2c4 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	9b5d04b078	Share parse_key_share() between client and server Change-Id: I3fd2604296dc0e1e8380f5405429a6b0feb6e981 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	c4b8c99a38	Rebase and solve conflicts and issues Change-Id: I17246c5b2f8a8ec4989c8b0b83b55cad0491b78a Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	8840888fbc	Fix some CI issues Change-Id: I68ee024f29b7b8dd586f2c45e91950657e76bad8 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	c5763b5efd	Change some code style Change-Id: I67bb642e81693489345867ca87d7e9daa22f83ea Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	3207a32b1e	Fix unused parameter issue and not defined cookie issue Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	7ac3ab3404	Add hello retry request count for server Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	a9c58419f2	Fix compile and test issues Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	7807f9f5c9	Add client hello into server side Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
Ronald Cron	fd8cbda3ec	Remove ECDH code specific to TLS 1.3 ECDH operations in TLS 1.3 are now done through PSA. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-04-19 18:31:24 +02:00
Ronald Cron	fd6193c285	ssl_tls13_client: Add downgrade attack protection Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-04-19 18:31:24 +02:00
Ronald Cron	217d699d85	Fix Doxygen marks Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-04-19 18:28:51 +02:00
Paul Elliott	a2da9c7e45	Merge pull request #5631 from gstrauss/enum-tls-vers Unify internal/external TLS protocol version enums	2022-04-19 17:05:26 +01:00
Tom Cosgrove	c144ca6473	Hide unnecessarily public functions in SHA-256 and SHA-512 A64 acceleration Fixes #5752 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-04-19 13:52:24 +01:00
Hanno Becker	606cb1626f	Add comment explaining structure of UMAAL assembly Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-17 06:59:33 +01:00
Hanno Becker	d46d96cc3f	Add 2-fold unrolled assembly for umaal based multiplication Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-17 06:19:55 +01:00
Hanno Becker	63eb28c728	Use separate counters for 8-fold and single multiplication steps Compilers are likely to generate shorter assembly for loops of the form `while( cnt-- ) { ... }` rather than `for( ; count >= X; count -= X ) { ... }`. (E.g. the latter needs a subtract+compare+branch after each loop, while the former only needs decrement+branch). Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-17 06:16:03 +01:00
Hanno Becker	eacf3b9eb4	Simplify organization of inline assembly for bignum Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-17 06:16:03 +01:00
Gilles Peskine	09dc05b880	Merge pull request #5635 from gilles-peskine-arm/psa-test-op-fail PSA: systematically test operation failure	2022-04-15 10:52:47 +02:00
Manuel Pégourié-Gonnard	63ed7cbf36	Merge pull request #5701 from hanno-arm/mpi_mul_hlp Make size of output in mpi_mul_hlp() explicit	2022-04-15 10:09:06 +02:00
Glenn Strauss	8315811ea7	Remove restrictive proto ver negotiation checks Overly restrictive protocol version negotiation checks might be "version intolerant". TLS 1.3 and DTLS 1.3 move the version to the "supported_versions" ClientHello extension. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	bbdc83b55b	Use mbedtls_ssl_protocol_version in public structs Use mbedtls_ssl_protocol_version in public structs, even when doing so results in a binary-incompatible change to the public structure (PR feedback from @ronald-cron-arm) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	cd78df6aa4	handshake->min_minor_ver to ->min_tls_version Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	041a37635b	Remove some tls_ver < MBEDTLS_SSL_VERSION_TLS1_2 checks mbedtls no longer supports earlier TLS protocol versions Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	e3af4cb72a	mbedtls_ssl_(read\|write)_version using tls_version remove use of MBEDTLS_SSL_MINOR_VERSION_* remove use of MBEDTLS_SSL_MAJOR_VERSION_* (only remaining use is in tests/suites/test_suite_ssl.data) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	60bfe60d0f	mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version Store the TLS version in tls_version instead of major, minor version num Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller. Reduce size of mbedtls_ssl_ciphersuite_t members are defined using integral types instead of enums in order to pack structure and reduce memory usage by internal ciphersuite_definitions[] Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:12 -04:00
Glenn Strauss	2dfcea2b9d	mbedtls_ssl_config min_tls_version, max_tls_version Store the TLS version in tls_version instead of major, minor version num Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is not compatible on little-endian platforms, but is compatible on big-endian platforms. For systems supporting only TLSv1.2, the underlying values are the same (=> 3). New setter functions are more type-safe, taking argument as enum mbedtls_ssl_protocol_version: mbedtls_ssl_conf_max_tls_version() mbedtls_ssl_conf_min_tls_version() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:39:43 -04:00
Glenn Strauss	da7851c825	Rename mbedtls_ssl_session minor_ver to tls_version Store the TLS version instead of minor version number in tls_version. Note: struct member size changed from unsigned char to uint16_t Due to standard structure padding, the structure size does not change unless alignment is 1-byte (instead of 2-byte or more) Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is compatible on little-endian platforms, but not compatible on big-endian platforms. The enum values for the lower byte of MBEDTLS_SSL_VERSION_TLS1_2 and of MBEDTLS_SSL_VERSION_TLS1_3 matches MBEDTLS_SSL_MINOR_VERSION_3 and MBEDTLS_SSL_MINOR_VERSION_4, respectively. Note: care has been taken to preserve serialized session format, which uses only the lower byte of the TLS version. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:23:57 -04:00
Glenn Strauss	07c641605e	Rename mbedtls_ssl_transform minor_ver to tls_version Store the TLS version in tls_version instead of minor version number. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:23:54 -04:00
Glenn Strauss	dff84620a0	Unify internal/external TLS protocol version enums Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 13:45:20 -04:00
Hanno Becker	3577131bb4	Reintroduce trimming of input in mbedtls_mpi_mul_int() Removing the trimming has significant memory impact. While it is clearly what we want to do eventually for constant-time'ness, it should be fixed alongside a strategy to contain the ramifications on memory usage. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-14 11:52:11 +01:00
Neil Armstrong	769dc05597	Remove bad dependency on MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED for ecdh_ctx guard Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-14 09:56:24 +02:00
Neil Armstrong	282750215c	Remove PSA only code from non-PSA code block code in ssl_write_client_key_exchange() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 15:05:11 +02:00
Neil Armstrong	11d4945248	Simplify compile-time PSA/non-PSA ECDH(E) code in ssl_write_client_key_exchange() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 15:03:43 +02:00
Neil Armstrong	1f198d8dee	Simplify by moving ssl_check_server_ecdh_params in the ECDHE non-PSA compile-time block Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 15:02:30 +02:00
Neil Armstrong	913b364a52	Simplify compile-time PSA/non-PSA ECDH(E) code in ssl_parse_client_key_exchange() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 14:59:48 +02:00
Manuel Pégourié-Gonnard	6c242a01f7	Merge pull request #5634 from superna9999/5625-pk-opaque-rsa-basics PK Opaque RSA sign	2022-04-13 09:55:42 +02:00
Hanno Becker	0dbf04a9a6	Remove unnecessary memory operations in p25519 quasireduction Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-13 07:26:53 +01:00
Hanno Becker	1772e05fca	Reduce the scope of local variable in mbedtls_mpi_mul_mpi() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-13 07:26:53 +01:00
Hanno Becker	da763de7d0	Revert "Don't trim MPIs to minimal size in mbedtls_mpi_mul_mpi()" This reverts commit `808e666eee`. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-13 07:26:42 +01:00
Hanno Becker	127fcabb21	Fail gracefully upon unexpectedly large input to p25519 reduction Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 22:18:36 +01:00
Neil Armstrong	62d452baac	Implement PK Opaque RSA PSS signature Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 15:11:49 +02:00
Neil Armstrong	f3f46416e3	Remove ecdh_ctx variable, init & free when USE_PSA_CRYPTO isn't selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 14:43:39 +02:00
Neil Armstrong	3ea01498d8	Store TLS1.2 ECDH point format only when USE_PSA_CRYPTO isn't selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 14:41:50 +02:00
Neil Armstrong	a33a255dcf	Disable non-PSA ECDHE code in mbedtls_ssl_psk_derive_premaster() when USE_PSA_CRYPTO is selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 14:40:47 +02:00
Neil Armstrong	d8419ff390	Refactor to make PSA and non-PSA ECDH(E) client code exclusive Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 14:39:16 +02:00
Neil Armstrong	d91526c17f	Refactor to make PSA and non-PSA ECDH(E) server code exclusive Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 14:38:52 +02:00
Manuel Pégourié-Gonnard	927410ded3	Merge pull request #5611 from superna9999/5318-tls-ecdhe-psk TLS ECDH 3a: ECDHE-PSK (both sides, 1.2)	2022-04-12 13:28:02 +02:00
Hanno Becker	bb04cb992f	Fix check in p25519 quasi-reduction Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:18:11 +01:00
Hanno Becker	d830feb256	Simplify check in p25519 quasi-reduction Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:10:19 +01:00
Hanno Becker	2ef0cff6c3	Fix size check in p25519 modular reduction The check was meant to precisely catch an underflow. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:02:05 +01:00
Hanno Becker	0235f7512f	Reduce scope of local variables in mpi_montmul() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:02:03 +01:00
Hanno Becker	9137b9c587	Note alternative implementation strategy in mbedtls_mpi_mul_int() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:01:58 +01:00
Hanno Becker	808e666eee	Don't trim MPIs to minimal size in mbedtls_mpi_mul_mpi() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:01:57 +01:00
Przemek Stekiel	d7a28646bc	psa_tls12_prf_set_key(): add PSA_TLS12_PRF_STATE_OTHER_KEY_SET as a valid state Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-12 11:27:00 +02:00
Przemek Stekiel	a7695a2d76	psa_key_derivation_check_input_type(): handle PSA_KEY_DERIVATION_INPUT_OTHER_SECRET Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-12 11:27:00 +02:00
Przemek Stekiel	c8fa5a1bdd	psa_tls12_prf_psk_to_ms_set_key(): add support for other secret input Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-12 11:26:47 +02:00
Gilles Peskine	43b0943736	Merge pull request #1946 from hanno-arm/alert_reentrant Make mbedtls_ssl_send_alert_message() reentrant	2022-04-12 11:05:20 +02:00
Neil Armstrong	7624a5ae5e	Allow RSA PK Opaque keys for RSA-PSS signing Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 10:09:26 +02:00
Hanno Becker	53b3c607a0	Move `const` keyword prior to type name Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 13:46:30 +01:00
Hanno Becker	dfcb2d084b	Fix Doxygen for mbedtls_mpi_core_mla() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 13:44:15 +01:00
Hanno Becker	99ba4cc6d5	Remove Doxygen from mbedtls_mpi_core_mla() implementation Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 13:44:03 +01:00
Hanno Becker	efdc519864	Reintroduce though-to-be unused variable in correct place The variable is a local variable for the i386 bignum assembly only; introduce it as part of the start/finish macros. It can be noted that the variable is initialize to 0 within MULADDC_INIT, so there are no data dependencies across blocks of MULADDC_INIT/CORE/STOP. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 10:44:02 +01:00
Hanno Becker	5d4ceeb25c	Remove const qualifier for mutable local variable in mpi_mul_hlp() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 09:46:47 +01:00
Hanno Becker	284d778d28	Address review comments Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 09:19:24 +01:00
Hanno Becker	e9dd9a1f31	Use size_t for number of limbs Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 09:06:27 +01:00
Manuel Pégourié-Gonnard	eaf3086831	Merge pull request #1133 from RonEld/1805 Fix Shared Library compilation issue with Cmake	2022-04-11 09:31:59 +02:00
Hanno Becker	6454993e2e	Safeguard against calling p255 reduction with single-width MPI (In this case, there's nothing to do anyway since we only do a quasi-reduction to N+1 limbs) Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 07:35:58 +01:00
Hanno Becker	25bb732ea7	Simplify x25519 reduction using internal bignum MLA helper Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 07:03:48 +01:00
Hanno Becker	aef9cc4f96	Rename mpi_mul_hlp -> mbedtls_mpi_core_mla and expose internally This paves the way for the helper to be used from the ECP module Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 07:03:43 +01:00
Gilles Peskine	e1730e492d	Merge pull request #5708 from AndrzejKurek/timeless-struggles Remove the dependency on MBEDTLS_TIME_H from the timing module	2022-04-08 18:43:16 +02:00
Krzysztof Stachowiak	de6effa645	Change the MSVC static runtime CMake option name and moved it into the library directory Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-04-08 15:17:32 +01:00
Neil Armstrong	95a892311d	Comment decrypt & encrypt callback entries of mbedtls_pk_ecdsa_opaque_info as not relevant Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-08 15:13:51 +02:00
Neil Armstrong	7df6677c34	Remove now invalid comment in pk_opaque_ecdsa_can_do() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-08 15:13:06 +02:00
Neil Armstrong	56e71d4d1a	Update documentation of mbedtls_pk_setup_opaque() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-08 15:12:42 +02:00
Neil Armstrong	eccf88fa48	Only accept RSA key pair in mbedtls_pk_setup_opaque() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-08 15:11:50 +02:00
Hanno Becker	5e18f74abb	Make alert sending function re-entrant Fixes #1916 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-04-08 12:16:43 +01:00
Andrzej Kurek	5735369f4a	Remove the dependency on MBEDTLS_HAVE_TIME from MBEDTLS_TIMING_C The timing module might include time.h on its own when on a suitable platform, even if MBEDTLS_HAVE_TIME is disabled. Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-04-08 04:41:42 -04:00
Glenn Strauss	236e17ec26	Introduce mbedtls_ssl_hs_cb_t typedef Inline func for mbedtls_ssl_conf_cert_cb() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-07 14:18:30 -04:00
Przemek Stekiel	e3ee221893	Free other secret in tls12_prf context Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-07 15:41:56 +02:00
Przemek Stekiel	23650286ac	Add psa_tls12_prf_set_other_key() function to store other secret input Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-07 15:41:46 +02:00
Neil Armstrong	c1152e4a0f	Handle and return translated PSA errors in mbedtls_pk_wrap_as_opaque() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-07 15:01:24 +02:00
Neil Armstrong	7e1b4a45fa	Use PSA_BITS_TO_BYTES instead of open-coded calculation in mbedtls_pk_wrap_as_opaque() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-07 15:01:24 +02:00
Neil Armstrong	295aeb17e6	Add support for RSA Opaque PK key in mbedtls_pk_write_pubkey_der() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-07 15:01:24 +02:00
Neil Armstrong	b980c9b48c	Add support for RSA in pk_opaque_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-07 15:01:24 +02:00
Neil Armstrong	ca5b55f0d1	Add support for RSA in mbedtls_pk_wrap_as_opaque() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-07 15:01:24 +02:00
Neil Armstrong	eabbf9d907	Add support for RSA PK Opaque key Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-07 14:51:47 +02:00
Andrzej Kurek	714b6603e4	Remove dummy timing implementation Having such implementation might cause issues for those that expect to have a working implementation. Having a compile-time error is better in such case. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-04-07 07:44:04 -04:00
Manuel Pégourié-Gonnard	1b05aff3ad	Merge pull request #5624 from superna9999/5312-tls-server-ecdh TLS ECDH 3b: server-side static ECDH (1.2)	2022-04-07 11:46:25 +02:00
Hanno Becker	e141702551	Adjust mpi_montmul() to new signature of mpi_mul_hlp() A previous commit has changed the signature of mpi_mul_hlp, making the length of the output explicit. This commit adjusts mpi_montmul() accordingly. It also fixes a comment on the required size of the temporary value passed to mpi_montmul() (but does not change the call-sites). Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-06 06:59:34 +01:00
Hanno Becker	74a11a31cb	Adjust mbedtls_mpi_mul_int() to changed signature of mpi_mul_hlp() A previous commit has changed the signature of mpi_mul_hlp(), making the length of the output explicit. This commit adjusts mbedtls_mpi_mul_int() to this change. Along the way, we make the code simpler and more secure by not calculating the minimal limb-size of A. A previous comment indicated that this was functionally necessary because of the implementation of mpi_mul_hlp() -- if it ever was, it isn't anymore. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-06 06:59:34 +01:00
Hanno Becker	fee261a505	Adjust mbedtls_mpi_mul_mpi() to new signature of mpi_mul_hlp() The previous commit has changed the signature of mpi_mul_hlp(), making the length of the output explicit. This commit adjusts the call-site in mbedtls_mpi_mul_mpi() to this new signature. A notable change to the multiplication strategy had to be made: mbedtls_mpi_mul_mpi() performs a simple row-wise schoolbook multiplication, which however was so far computed iterating rows from top to bottom. This leads to the undesirable consequence that as lower rows are calculated and added to the temporary result, carry chains can grow. It is simpler and faster to iterate from bottom to top instead, as it is guaranteed that there will be no carry when adding the next row to the previous temporary result: The length of the output in each iteration can be fixed to len(B)+1. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-06 06:59:34 +01:00
Hanno Becker	defe56928e	Make length of output explicit in mpi_mul_hlp() The helper `mpi_mul_hlp()` performs a multiply-accumulate operation `d += s * b`, where `d,b` are MPIs and `b` is a scalar. Previously, only the length of `s` was specified, while `d` was assumed to be 0-terminated of unspecified length. This was leveraged at the end of the core multiplication steps computingg the first `limb(s)` limbs of `d + s*b`: Namely, the routine would keep on adding the current carry to `d` until none was left. This can, in theory, run for an arbitrarily long time if `d` has a tail of `0xFF`s, and hence the assumption of `0`-termination. This solution is both fragile and insecure -- the latter because the carry-loop depends on the result of the multiplication. This commit changes the signature of `mpi_mul_hlp()` to receive the length of the output buffer, which must be greater or equal to the length of the input buffer. It is _not_ assumed that the output buffer is strictly larger than the input buffer -- instead, the routine will simply return any carry that's left. This will be useful in some applications of this function. It is the responsibility of the caller to either size the output appropriately so that no carry will be left, or to handle the carry. NOTE: The commit leaves the library in a state where it cannot be compiled since the call-sites of mpi_mul_hlp() have not yet been adjusted. This will be done in the subsequent commits. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-06 06:59:29 +01:00
Hanno Becker	e7f14a3090	Remove unused variable in mpi_mul_hlp() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-06 06:11:26 +01:00
Gilles Peskine	a9b6c8074a	Fix psa_mac_verify() returning BUFFER_TOO_SMALL It doesn't make sense for psa_mac_verify() to return PSA_ERROR_BUFFER_TOO_SMALL since it doesn't have an output buffer. But this was happening when requesting the verification of an unsupported algorithm whose output size is larger than the maximum supported MAC size, e.g. HMAC-SHA-512 when building with only SHA-256 support. Arrange to return PSA_ERROR_NOT_SUPPORTED instead. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-05 15:03:39 +02:00

... 3 4 5 6 7 ...

8987 commits