mbedtls

Author	SHA1	Message	Date
Paul Elliott	9fe12f666b	PSA level initial implementation Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 12:13:17 +00:00
Paul Elliott	2d247923e5	Initial empty driver wrapper implementation Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 12:13:17 +00:00
David Horstmann	9c1887c4c7	Disallow overlong encoding when parsing OIDs OID subidentifiers are encoded as follow. For every byte: * The top bit is 1 if there is another byte to come, 0 if this is the last byte. * The other 7 bits form 7 bits of the number. These groups of 7 are concatenated together in big-endian order. Overlong encodings are explicitly disallowed by the BER/DER/X690 specification. For example, the number 1 cannot be encoded as: 0x80 0x80 0x01 It must be encoded as: 0x01 Enforce this in Mbed TLS' OID DER-to-string parser. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-15 12:02:27 +00:00
Gilles Peskine	edc6ae9578	Merge pull request #7090 from paul-elliott-arm/fix_iar_warnings_dev Fix IAR Warnings	2023-02-14 20:01:00 +01:00
Gilles Peskine	ed73355d2e	Make \retval commands non-empty Pacify Clang >=15 which complained: ``` include/psa/crypto.h:91:23: error: empty paragraph passed to '\retval' command [-Werror,-Wdocumentation] * \retval #PSA_SUCCESS ~~~~~~~~~~~~~~~~~~~^ ``` This commit performs the following systematic replacement: ``` perl -i -0777 -p -e 's/([\\@])(retval +\S+)\n(?! \? ([^\n \\\/]\|\\[cp]\b))/$1$2 ${1}emptydescription\n/g' $(git ls-files '.[hc]' '.function' '*.jinja') ``` i.e. add an `\emptydescription` argument to `\retval` commands (or `@retval`, which we don't normally used) that are followed by a single word, unless the next line looks like it contains text which would be the description. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-14 19:21:09 +01:00
David Horstmann	c7f700c795	Fix incorrect printing of OIDs The first 2 components of an OID are combined together into the same subidentifier via the formula: subidentifier = (component1 * 40) + component2 The current code extracts component1 and component2 using division and modulo as one would expect. However, there is a subtlety in the specification[1]: >This packing of the first two object identifier components recognizes >that only three values are allocated from the root node, and at most >39 subsequent values from nodes reached by X = 0 and X = 1. If the root node (component1) is 2, the subsequent node (component2) may be greater than 38. For example, the following are real OIDs: * 2.40.0.25, UPU standard S25 * 2.49.0.0.826.0, Met Office * 2.999, Allocated example OID This has 2 implications that the current parsing code does not take account of: 1. The second component may be > 39, so (subidentifier % 40) is not correct in all circumstances. 2. The first subidentifier (containing the first 2 components) may be more than one byte long. Currently we assume it is just 1 byte. Improve parsing code to deal with these cases correctly. [1] Rec. ITU-T X.690 (02/2021), 8.19.4 Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-14 17:00:25 +00:00
Gabor Mezei	0b4b8e3c5e	Update documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-14 16:36:38 +01:00
Dave Rodgman	319a5675db	Merge pull request #7084 from daverodgman/sizemax-uintmax Assume SIZE_MAX >= INT_MAX, UINT_MAX	2023-02-14 10:06:22 +00:00
Ronald Cron	70341c17b7	Merge pull request #6773 from yanrayw/6675-change-early_secrets-to-local TLS 1.3: Key Generation: Change tls13_early_secrets to local variable	2023-02-14 09:03:32 +01:00
Paul Elliott	1748de160a	Fix IAR Warnings IAR was warning that conditional execution could bypass initialisation of variables, although those same variables were not used uninitialised. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-13 15:35:35 +00:00
Gabor Mezei	a264831cff	Update documentation and add comments Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-13 16:29:05 +01:00
Andrzej Kurek	7a05fab716	Added the uniformResourceIdentifier subtype for the subjectAltName. Co-authored-by: Hannes Tschofenig <hannes.tschofenig@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-13 10:03:07 -05:00
Manuel Pégourié-Gonnard	d3d8c852a0	Merge pull request #6997 from valeriosetti/issue6858 driver-only ECDSA: get testing parity in X.509	2023-02-13 15:30:06 +01:00
Valerio Setti	178b5bdddf	pk: move MBEDTLS_PK_CAN_ECDSA_SOME macro to pk.h and fix tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-13 11:15:06 +01:00
Jerry Yu	b2783f66b5	fix typo issue The error message is wrong Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-13 18:03:25 +08:00
Dave Rodgman	ab1f3c153a	Merge pull request #7081 from tom-cosgrove-arm/dont-use-lstrlenW	2023-02-10 20:50:07 +00:00
Dave Rodgman	4a5c9ee7f2	Remove redundant SIZE_MAX guards Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 16:03:44 +00:00
Gilles Peskine	b8531c4b0b	Merge pull request #6882 from AndrzejKurek/x509_san_parsing_testing-dev X.509: Fix bug in SAN parsing and enhance negative testing	2023-02-10 15:05:32 +01:00
Dave Rodgman	f691268ee9	Add missing initialisers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	35598adb78	pkcs7: Check that hash algs are in digestAlgorithms Since only a single hash algorithm is currenlty supported, this avoids having to perform hashing more than once. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	6cfc469296	pkcs7: reject signatures with internal data A CMS signature can have internal data, but mbedTLS does not support verifying such signatures. Reject them during parsing. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	e373a254c4	pkcs7: do not store content type OIDs They will always be constant. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	55d9df25ef	Simple cleanup No change in behavior. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	4ec8355795	Check for junk after SignedData There must not be any. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	aaf3c0028d	pkcs7: do not store content type OID Since only one content type (signed data) is supported, storing the content type just wastes memory. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-02-10 12:56:10 +00:00
Demi Marie Obenour	512818b1d2	pkcs7: check that content lengths fill whole buffer Otherwise invalid data could be accepted. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 12:56:10 +00:00
Dave Rodgman	a22749e749	Merge pull request #6816 from nick-child-ibm/pkcs7_coverage Pkcs7 coverage	2023-02-10 12:55:29 +00:00
Tom Cosgrove	b96c309395	Don't use lstrlenW() on Windows The lstrlenW() function isn't available to UWP apps, and isn't necessary, since when given -1, WideCharToMultiByte() will process the terminating null character itself (and the length returned by the function includes this character). Resolves #2994 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-02-10 12:52:13 +00:00
Ronald Cron	834e65d47f	Merge pull request #6499 from xkqian/tls13_write_end_of_early_data Tls13 write end of early data	2023-02-10 11:08:22 +01:00
Dave Rodgman	78c6f40736	Fix code-style Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-09 09:21:14 +00:00
Nick Child	14f255f332	pkcs7: Remove unnecessary dependencies stdio, stdlib and string header files are not used. Remove them. Signed-off-by: Nick Child <nick.child@ibm.com>	2023-02-08 15:38:48 +00:00
Valerio Setti	ce0caa3384	oid: fix comment in #endif Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:52:31 +01:00
Valerio Setti	f972ce8d69	oid: replace ECDSA_C with new macros for ECDSA capabilities Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:52:31 +01:00
Valerio Setti	80d0798ae8	pk_wrap: use new macros for ECDSA capabilities Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:49:17 +01:00
Valerio Setti	5c032b5e1b	pk_wrap: fix comment in ecdsa_verify_wrap Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:39:10 +01:00
Valerio Setti	b761b15f06	fix code style Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:39:10 +01:00
Valerio Setti	1337a4f334	pk_wrap: use specific lengths for EC's private key and key-pair Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:39:10 +01:00
Valerio Setti	5bc52248ef	pk_wrap: fix for DETERMINISTIC_ECDSA case in ecdsa_sign_wrap() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:39:10 +01:00
Gilles Peskine	8a6022e948	Clean up header inclusions in pk_wrap.c To better reflect what the code relies on, limit the headers that are included when MBEDTLS_USE_PSA_CRYPTO is disabled. Also stop including "pkwrite.h" when it is no longer needed. Include "mbedlts/platform_util.h" unconditionally. It was only included for RSA ALT but was also used for MBEDTLS_USE_PSA_CRYPTO (the code worked because other headers include "mbedtls/platform_util.h"). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 13:39:10 +01:00
Gilles Peskine	13caa94746	Don't use pk_write in ecdsa_sign_wrap with USE_PSA_CRYPTO Under MBEDTLS_USE_PSA_CRYPTO, ecdsa_sign_wrap() was calling mbedtls_pk_write_key_der() to write a private key in SEC1 format, only to then extract the part that represents the private value which is what psa_import_key() actually wants. Instead, call an mpi function to directly get the private key in the desired format. This slightly reduces the code size and stack usage, and removes a dependency on pk_write. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 13:39:10 +01:00
Gilles Peskine	b4a87b07f8	Don't use pk_write in ecdsa_verify_wrap with USE_PSA_CRYPTO Under MBEDTLS_USE_PSA_CRYPTO, ecdsa_verify_wrap() was calling mbedtls_pk_write_pubkey() to write a public key in the form of a subjectPublicKey, only to then extract the part that represents the EC point which psa_import_key() actually wants. Instead, call an ecp function to directly get the public key in the desired format (just the point). This slightly reduces the code size and stack usage, and removes a dependency on pk_write. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 13:39:10 +01:00
Xiaokang Qian	0de0d863b6	Rebase code to restore reco-delay and fix some style issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 07:41:42 +00:00
Xiaokang Qian	8dc4ce76c7	Fix various coding style and comment issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	6b980011e5	Replace session_negotiate->ciphersuite with handshake->ciphersuite_info->id Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	53c4c27d35	Update the comment of ciphersuite check for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	64bc9bc33d	Add comments to describe the early data behavior-encrypt/rejected... Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	e04afdc44f	Refine the condition of whether re-generate early keys Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	eb31cbc791	Share the hash check code between ticket and external psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	4ef8ba2938	Assign the ciphersuite in finalize_hrr{server_hello} Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	bb883244aa	Remove useless comments of outbound switch Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	02f5e14073	Combine the alert check of selected_id and ciphercuite Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	934ce6f6a9	Rename the finalize_client{server}_hello() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	ac4c625dea	Add hash check of ciphersuite for ticket psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	6be8290aba	Change to CCS after client hello only if we offer early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	7179f810f1	Restore the empty lines Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	b58462157e	Refine the ciphersuite and select id check for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	44051f6376	Refine the state change after write client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	7892b6caad	Refine the comment about generating early secrects in post server hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	bd0ab06d50	Skip CCS once we proposed early data even it is rejected Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	f6d8fd3d6b	Improve the coding style of new lines Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	79f77528f5	Move state change to finalize client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	3f616c2493	Move selected_identity zero check to post_server_hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	1d8e86ce00	Get hash_alg by mbedtls_psa_translate_md Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	ea28a78384	Revert new field and check ciphersuite match when resume by exist info_id Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	4224244883	Improve coding styles and add comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	33ff868dca	Fix various errors Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	43a83f247c	Move the place where call set_outbound_transform to switch handshake key Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	907461319a	Fix compile error and warnings Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	f10f474981	Check server selected cipher suite indicating a Hash associated with the PSK Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	592021aceb	Add CCS after client hello in case of early data and comp mode Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	303f82c5b9	Skip generating early secrets in some cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	b46275c7ec	Add TLS1_3 guard to finalize_write_client_hello() to fix compile issue Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:43 +00:00
Xiaokang Qian	2a674937dd	Pend a illeagal allert when selected_identity isn't 0 Handshake should abort will illeagal parameter allert when receiving early data extentions but the selected_identity parsed from pre-share key isn't equal to 0. Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:46:48 +00:00
Xiaokang Qian	126929f825	Move early keys generation into mbedtls_ssl_tls13_finalize_write_client_hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:46:45 +00:00
Xiaokang Qian	19d4416a45	Refine code to remove finalize_write_end_of_early_data() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	7094f66879	Remove useless duplicted mbedtls_ssl_tls13_ticket_get_psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	854db28bb7	Set hs_psk,ciphercuit_info and kex mode when writing pre-share key Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	57a138d5c3	Update message log for end of early data test cases Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	742578ca2c	Remove end_of_early_data_coordinate() to align with exist style Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	bc75bc0c3a	Switch to MBEDTLS_SSL_END_OF_EARLY_DATA as needed Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	c81a15a019	Change the comment format of end_of_early_data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	7ed30e59af	Fix the issue that gnutls server doesn't support packet Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:44:00 +00:00
Xiaokang Qian	8804e6d0ac	Put kex_exchange_mode in the guard of TLS13 Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	da8402dde6	Switch outbound back to handshake key after end_of_early_data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	bf09376bda	Remove useless prepare_write_end_of_early_data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	df6f52e2b2	Generate early key and switch outbound key to it after write client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	d05ac5dfce	Add extern apis mbedtls_ticket_get_psk. Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	32af4fbbdb	Set ciphersuite info and kex mode in set_session in re-connection Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:59 +00:00
Xiaokang Qian	34aab55aa7	Add prepare function to switch transform to early keys Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:58 +00:00
Xiaokang Qian	125afcb060	Add end-of-early-data write Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:43:58 +00:00
Nick Child	3dafc6c3b3	pkcs7: Drop support for signature in contentInfo of signed data The contentInfo field of PKCS7 Signed Data structures can optionally contain the content of the signature. Per RFC 2315 it can also contain any of the PKCS7 data types. Add test and comments making it clear that the current implementation only supports the DATA content type and the data must be empty. Return codes should be clear whether content was invalid or unsupported. Identification and fix provided by: - Demi Marie Obenour <demiobenour@gmail.com> - Dave Rodgman <dave.rodgman@arm.com> Signed-off-by: Nick Child <nick.child@ibm.com>	2023-02-07 20:04:52 +00:00
Valerio Setti	5b16e9eabc	pk_wrap: keep ECDSA_C for ECP_RESTARTABLE contexts Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 16:21:36 +01:00
Hanno Becker	dae916b05f	X.509: Add length consistency checks to x509_get_other_name() Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-07 05:24:32 -05:00
Hanno Becker	2a15a0c868	X.509: Remove red'n bounds checks and zeroiz'n in OtherName parsing - ASN.1 parsing functions check that length don't exceed buffer bounds, so checks `p + len > end` are redundant. - If `p + len == end`, this is erroneous because we expect further fields, which is automatically caught by the next ASN.1 parsing call. Hence, the two branches handling `p + len >= end` in x509_get_other_name() can be removed. Further, zeroization of the `other_name` structure isn't necessary because it's not confidential (and it's also not performed on other error conditions in this function). Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-07 05:15:27 -05:00
Hanno Becker	ae8f8c435c	Fix X.509 SAN parsing Fixes #2838. See the issue description for more information. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-07 05:10:27 -05:00
Jerry Yu	2bb3d8101f	Add en(de)crypt routine Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-07 17:11:53 +08:00
Jerry Yu	e096da1af6	Add inverse key function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-07 17:11:52 +08:00
Jerry Yu	3f2fb71072	Add key expansion for encrypt Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-07 17:11:52 +08:00
Jerry Yu	b95c776c43	Add linux runtime detection Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-07 17:11:52 +08:00
Jerry Yu	49231319fd	Add empty aesce files For time being, we only support gcc and clang Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-07 17:11:52 +08:00
Valerio Setti	1cdddacc62	pk_wrap: use proper macros for sign and verify Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Valerio Setti	5c593af271	pk_wrap: fix comment on closing #endif Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Valerio Setti	24138d9f83	pk_wrap: re-use identical functions for eckey and ecdsa when possible Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Valerio Setti	7ca1318256	pk: add new symbol for generic ECDSA capability Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Valerio Setti	9e30dd882d	removing a leftover printf from debug Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Valerio Setti	ab363d9fe1	pk/pk_wrap: replace ECDSA_C with generic ECDSA capabilities' defines Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-07 08:02:23 +01:00
Gabor Mezei	63aae68b8f	Fix documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-06 16:24:08 +01:00
Gilles Peskine	0cfb08ddf1	Merge pull request #6922 from mprse/csr_v3 Parsing v3 extensions from a CSR - v.2	2023-02-03 16:41:11 +01:00
Gilles Peskine	80c552556a	Merge pull request #6791 from yanrayw/6675-change-some-key-generation-funcs-to-static TLS 1.3: Key Generation: change some key generation functions to static	2023-02-03 11:56:35 +01:00
Yanray Wang	f206c1493b	Remove duplicate mbedtls_platform_zeroize for tls13_early_secrets Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-02-03 13:55:47 +08:00
Dave Rodgman	6dd757a8ba	Fix use of sizeof without brackets Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-02 12:40:50 +00:00
Nick Child	282d50493a	pkcs7: Remove duplicate oid condition MBEDTLS_OID_PKCS7_ENCRYPTED_DATA was listed twice in the oid conditional. Remove one of them. Signed-off-by: Nick Child <nick.child@ibm.com>	2023-02-01 18:32:55 +00:00
Gilles Peskine	24c6f49530	Merge pull request #7005 from tom-cosgrove-arm/fix-doxygen-typos-in-new-bignum Fix typos in doxygen commands in new bignum modules	2023-02-01 19:05:04 +01:00
Gilles Peskine	a193986aab	Merge pull request #6942 from ucko/2023a-bignum mbedtls_mpi_sub_abs: Skip memcpy when redundant (#6701).	2023-02-01 11:36:25 +01:00
Tom Cosgrove	8a1f784ece	Fix typos in doxygen commands in new bignum modules Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-02-01 08:43:54 +00:00
Yanray Wang	a12cecbe47	Modify some comments in ssl_tls13_keys.c Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-02-01 14:29:51 +08:00
Nick Child	3bd17f2f58	pkcs7: Use end_issuer_and_sn where appropriate There were some areas where `end_signer` were being used when it makes more sense to use `end_issuer_and_sn`, as pointed out by demiobenour@gmail.com. Signed-off-by: Nick Child <nick.child@ibm.com>	2023-01-31 20:42:26 +00:00
Gabor Mezei	2038ce976e	Rename function to follow naming convention Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-31 14:40:05 +01:00
Gabor Mezei	9b290b33e4	Add documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-31 14:40:05 +01:00
Gabor Mezei	deece2bb65	Change the ecp_mod_p192_raw to be testable Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-31 14:40:05 +01:00
Gabor Mezei	b5bba497fe	Extract Secp192r1 from the prototype Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-31 14:40:05 +01:00
Gilles Peskine	f6b9823422	Merge pull request #6979 from daverodgman/const-time-asm-vol Inhibit compiler from optimising out const-time asm	2023-01-31 11:28:45 +01:00
Gilles Peskine	470f10cfc5	Merge pull request #6941 from gabor-mezei-arm/6375_quasi-reduction_function Add function to fix quasi-reduction	2023-01-31 11:25:25 +01:00
Nick Child	ec81709516	pkcs7: Ensure all data in asn1 structure is accounted for Several PKCS7 invalid ASN1 Tests were failing due to extra data bytes or incorrect content lengths going unnoticed. Make the parser aware of possible malformed ASN1 data. Signed-off-by: Nick Child <nick.child@ibm.com>	2023-01-30 16:44:58 +00:00
Gabor Mezei	db1607fa69	Remove unneeded include Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-30 16:27:48 +01:00
Manuel Pégourié-Gonnard	aae61257d1	Merge pull request #6883 from valeriosetti/issue6843 Improve X.509 cert writing serial number management	2023-01-30 13:08:57 +01:00
Dave Rodgman	4610d4b7a6	Inhibit compiler from optimising out const-time asm Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-30 09:26:48 +00:00
Manuel Pégourié-Gonnard	169d9e6eb4	Merge pull request #6802 from gilles-peskine-arm/test_suite_psa_crypto_metadata-20221215 Add metadata tests for CCM* and TLS1.2-ECJPAKE-to-PMS	2023-01-27 10:05:00 +01:00
Przemek Stekiel	36ad5e7ab5	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-26 22:30:45 +01:00
Valerio Setti	af4815c6a4	x509: replace/fix name of new function for setting serial Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-01-26 17:43:09 +01:00
Janos Follath	803638c023	Merge pull request #6939 from minosgalanakis/bignum/6027_hardcode_montgomery_moduli Bignum: hardcode montgomery moduli	2023-01-25 16:51:11 +00:00
Przemek Stekiel	32e20919ac	Remove redundant check and add comment to inform about processing of empty extensions Netscape Certificate Management System Administrator's Guide: Extension-Specific Policy Modules, Chapter 18: Extension-Specific Policy Modules, Netscape Certificate Type Extension Policy: > The extension has no default value. A bitstring with no flags set is still technically valid, as it will mean that the certificate has no designated purpose at the time of creation. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-25 16:20:25 +01:00
Gabor Mezei	9a66ab180c	Fix missing declarration Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-25 13:23:38 +01:00
Przemek Stekiel	94e21e153f	Skip unsupported extensions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-25 11:08:32 +01:00
Gilles Peskine	8296eabed6	Merge pull request #6957 from tom-cosgrove-arm/fix-spelling-of-doxygen-return Fix doxygen return parameter spelling	2023-01-24 21:56:45 +01:00
Gilles Peskine	3b8623fe2c	Merge pull request #6903 from Mihir-Raj-Singh/Bignum_rename_mtoN Rename modulus input argument from m to N	2023-01-24 21:48:54 +01:00
Gabor Mezei	627e5b1f91	Only enable fix_quasi_reduction when testing Avoid compiler error due to the fix_quasi_reduction function is static and has not been used. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-24 18:13:24 +01:00
Przemek Stekiel	a468768000	Dealocate memory for subject alt names Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 15:19:47 +01:00
Przemek Stekiel	86d1946164	Fix error codes returned on failures Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 11:20:10 +01:00
Przemek Stekiel	cf6ff0fb43	Move common functions for crt/csr parsing to x509.c Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 10:57:19 +01:00
Przemek Stekiel	db128f518c	Allow empty ns_cert_type, key_usage while parsing certificates Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 10:57:19 +01:00
Przemek Stekiel	21c37288e5	Adapt function names Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 10:57:19 +01:00
Przemek Stekiel	cbaf3167dd	mbedtls_x509_csr_info: Add parsing code for v3 csr extensions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 10:57:19 +01:00
Jens Alfke	2d9e359275	Parsing v3 extensions from a CSR A parsed CSR struct (`mbedtls_x509_csr`) now includes some of the X.509v3 extensions included in the CSR -- the key usage, Netscape cert-type, and Subject Alternative Names. Author: Jens Alfke <jens@couchbase.com> Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-01-24 10:56:55 +01:00
Gabor Mezei	a24fd06451	Update documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-23 19:10:26 +01:00
Gabor Mezei	9073f7dd3b	Remove unneeded check The fix_quasi_reduction function changed to static so checking the invalid arguments are not needed anymore. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-23 19:05:37 +01:00
Gabor Mezei	e81a2b85c9	Change the fix_quasi_reduction function to static Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-23 18:58:20 +01:00
Gabor Mezei	aaa1d2a276	Move the quasi reduction fixing function to bignum_mod_raw Rename the function to 'fix_quasi_reduction' to better suite its functionality. Also changed the name prefix to suite for the new module. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-01-23 18:55:57 +01:00
Tom Cosgrove	37dabd540b	Fix doxygen return parameter spelling Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-01-23 16:57:26 +00:00
Minos Galanakis	8692ec8bc0	pkarse: Added `pk_group_id_from_specified()` documentation. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-01-23 10:33:06 +00:00

1 2 3 4 5 ...

10453 commits