Gilles Peskine
e108d987ea
Simplify mbedtls_ssl_get_mode
...
Reduce the imbrications between preprocessor directives and C instructions.
Handle encrypt-then-mac separately.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-27 10:28:55 +02:00
Jerry Yu
4d3841a4d1
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-25 19:41:47 +08:00
Xiaofei Bai
cba64af50d
TLS1.3: add writing encrypted extensions
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2022-04-25 19:41:47 +08:00
Ronald Cron
eecd0d2fc3
Merge pull request #5679 from yuhaoth/pr/add-tls13-write-server-hello
2022-04-25 09:28:40 +02:00
Jerry Yu
e65d801580
fix undeclare error
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-23 10:34:35 +08:00
Gilles Peskine
2f8c2a5fc5
Merge pull request #5753 from tom-cosgrove-arm/fix-missing-prototypes-warnings-a64-sha256-sha512
...
Hide unnecessarily public functions in SHA-256 and SHA-512 A64 acceleration
2022-04-22 16:45:23 +02:00
Gilles Peskine
72b99edf31
Merge pull request #5381 from mpg/benchmark-ecc-heap
...
Improve benchmarking of ECC heap usage
2022-04-22 16:43:11 +02:00
Jerry Yu
955ddd75a3
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 22:27:33 +08:00
Przemek Stekiel
99114f3084
Fix build flags for opaque/raw psk checks
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:54:34 +02:00
Przemek Stekiel
cb322eac6b
Enable support for psa opaque DHE-PSK key exchange on the server side
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:54:33 +02:00
Przemek Stekiel
b293aaa61b
Enable support for psa opaque DHE-PSK key exchange on the client side
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:54:33 +02:00
Przemek Stekiel
14d11b0877
Enable support for psa opaque ECDHE-PSK key exchange on the server side
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:53:55 +02:00
Przemek Stekiel
19b80f8151
Enable support for psa opaque ECDHE-PSK key exchange on the client side
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:52:28 +02:00
Przemek Stekiel
51a1f36be0
setup_psa_key_derivation(): change salt parameter to other_secret
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:52:28 +02:00
Przemek Stekiel
aeb710fec5
Enable support for psa opaque RSA-PSK key exchange on the server side
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:52:28 +02:00
Przemek Stekiel
f2534ba69b
tls12_client: skip PMS generation for opaque RSA-PSK
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:52:27 +02:00
Przemek Stekiel
c2033409e3
Add support for psa rsa-psk key exchange
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:52:27 +02:00
Przemek Stekiel
ae4ed30435
Fix naming: random bytes are the seed (not salt) in derivation process
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:52:27 +02:00
Przemek Stekiel
1f02703e53
setup_psa_key_derivation(): add optional salt parameter
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-22 14:52:27 +02:00
Manuel Pégourié-Gonnard
55132c6a9a
Merge pull request #5703 from superna9999/5322-ecdh-remove-legacy-context
...
TLS ECDH 4: remove legacy context
2022-04-22 14:27:06 +02:00
Neil Armstrong
76b7407bd7
Use MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM to enable ssl_write_encrypt_then_mac_ext()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
f2c82f0a3b
Introduce MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM macro to determine if Encrypt-then-MAC with CBC is used in a ciphersuite
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
ccc074e44d
Use correct condition to use encrypt_then_mac in ssl_tls.c
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
d1be7674a4
Use PSA_BLOCK_CIPHER_BLOCK_LENGTH instead of PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE in ssl_tls12_populate_transform()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
6b27c97a91
Rename mbedtls_get_mode() to mbedtls_ssl_get_mode()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
ab555e0a6c
Rename mbedtls_get_mode_from_XXX to mbedtls_ssl_get_mode_from_XXX
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
858581e81a
Remove cipher_info in mbedtls_ssl_ticket_setup() when USE_PSA_CRYPTO is defined
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
a0eeb7f470
Remove cipher_info in ssl_tls12_populate_transform() when USE_PSA_CRYPTO is defined
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
7fea33ea4d
Use mbedtls_get_mode_from_ciphersuite() in ssl_tls12_populate_transform()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
fe635e42c9
Use mbedtls_get_mode_from_ciphersuite() in server-side ssl_write_encrypt_then_mac_ext()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
4bf4c8675f
Introduce mbedtls_get_mode_from_ciphersuite() by reusing mbedtls_get_mode_from_transform() logic
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
136f8409df
Replace PSA/Cipher logic with mbedtls_get_mode_from_transform()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:26 +02:00
Neil Armstrong
8a0f3e8cf0
Introduce mbedtls_ssl_mode_t & mbedtls_get_mode_from_transform()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:26 +02:00
Jerry Yu
a09f5e98ef
fix build fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:46:03 +08:00
Jerry Yu
cfc04b3541
Update comments in write server hello
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:02 +08:00
Jerry Yu
e74e04af1a
Rename write supported_versions ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:02 +08:00
Jerry Yu
d9436a1baa
remove guards for write_key_share
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:02 +08:00
Jerry Yu
57d4841eda
fix write key_share issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:02 +08:00
Jerry Yu
637a3f1090
fix various issues
...
typo issue, variable `ret` init value
and remove finalize_server_hello
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:01 +08:00
Jerry Yu
1c3e688df1
fix comments issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:01 +08:00
Jerry Yu
349a61388b
fix write selected_version fail
...
And rename write_supported_versions to
write selected_version
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:01 +08:00
Jerry Yu
fb9f54db8c
fix comments issue
...
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:01 +08:00
Jerry Yu
89e103c54c
tls13: Share write ecdh_key_exchange function
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:01 +08:00
Jerry Yu
3bf2c6449d
tls13: write server hello compile pass
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:01 +08:00
Jerry Yu
56404d70c4
tls13:server:Add finalize write_server_hello and dummy body
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:01 +08:00
Jerry Yu
f4b27e4351
tls13:server:Add prepare write_server_hello
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:01 +08:00
Jerry Yu
5b64ae9bad
tls13:server:Add base framework for serverhello
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-04-22 16:45:01 +08:00
Ronald Cron
38b8aa4f63
Merge pull request #5539 from xkqian/add_client_hello_to_server
...
Add client hello into server side
2022-04-22 10:26:00 +02:00
XiaokangQian
e8ff350698
Update code to align with tls13 coding standard
...
Change-Id: I3c98b7d0db63aecc712a67f4e8da2cb9945c8f17
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-22 02:34:40 +00:00
Manuel Pégourié-Gonnard
70701e39b5
Merge pull request #5726 from mprse/mixed_psk_1_v2
...
Mixed PSK 1: Extend PSK-to-MS algorithm in PSA (v.2)
2022-04-21 17:11:52 +02:00
Manuel Pégourié-Gonnard
90c70146b5
Merge pull request #5728 from superna9999/5711-pk-opaque-rsa-pss-sign
...
RSA-PSS sign 1: PK
2022-04-21 17:11:18 +02:00
XiaokangQian
4d3a60475c
Change default config version to development style
...
Change-Id: I9c1088f235524211e727d03b96de8d82e60bd426
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-21 13:46:17 +00:00
XiaokangQian
4e8cd7b903
Remove useless selected_group
...
Change-Id: I5fb76b5bf4b22d0231c17314783781f9e7c309a3
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-21 13:30:18 +00:00
Neil Armstrong
13e76be02b
Reorganize & simplify mbedtls_pk_sign_ext() handling of wrapped RSA-PSS
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-21 12:08:52 +02:00
Przemek Stekiel
4e47a91d2e
Fix indentation issues
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:53:57 +02:00
Przemek Stekiel
03faf5d2c1
psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:53:57 +02:00
Przemek Stekiel
937b90febf
Add null check for pms allocation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:53:57 +02:00
Przemek Stekiel
e47201b34a
rename: psa_tls12_prf_set_other_key->psa_tls12_prf_psk_to_ms_set_other_key and adapt code
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:53:57 +02:00
Przemek Stekiel
2503f7e4cb
Handle empty other secret when passed with input bytes
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:53:57 +02:00
XiaokangQian
060d867598
Update parse_key_share in server side and version config
...
Change-Id: Ic91c061027d0ee4dca2055df21809cbb4388f3ef
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-21 09:24:56 +00:00
XiaokangQian
0a1b54ed73
Minor change the place of some functions
...
Change-Id: I2626e68cf837d8ca4086cb35a8482cee315cde97
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-21 03:01:38 +00:00
XiaokangQian
75d40ef8cb
Refine code base on review
...
Remove useless hrr code
Share validate_cipher_suit between client and server
Fix test failure when tls13 only in server side
Change-Id: I5d6a7932bd8448ebf542bc86cdcab8862bc28e9b
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 11:05:24 +00:00
XiaokangQian
318dc763a6
Fix test failure issue and update code styles
...
Change-Id: I0b08da1b083abdb19dc383e6f4b210f66659c109
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 09:43:51 +00:00
XiaokangQian
de33391fa0
Rebase and solve conflicts
...
Change-Id: I7f838ff5b607fe5e6b68d74d0edc1def8fc9a744
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 08:49:42 +00:00
XiaokangQian
0803755347
Update code base on review comments
...
Refine named_group parsing
Refine cipher_suites parsing
Remove hrr related part
Share code between client and server side
Some code style changes
Change-Id: Ia9ffd5ef9c0b64325f633241e0ea1669049fe33a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:50:14 +00:00
XiaokangQian
17f974c63e
Re-order the ciphersuite matching code in parse_client_hello
...
Change-Id: I16d11bca42993d4abc2a1b19fa087366c591927c
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:45:50 +00:00
XiaokangQian
84823779ce
Only store the first group in ssl_tls13_parse_supported_groups_ext()
...
Change-Id: I4427149aeb6eb453150e522e4c7b11187e2e3825
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:45:50 +00:00
XiaokangQian
3f84d5d0cd
Update test cases and fix the test failure
...
Change-Id: If93506fc3764d49836b229d51e4ad5b008cc3343
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:45:50 +00:00
XiaokangQian
b67384d05c
Fix coding style and comments styles
...
Change-Id: Ifa37a3288fbb6b5206fc0640fa11fa36cb3189ff
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:45:50 +00:00
XiaokangQian
f8ceb94fe7
Fix the parse_sig_alg_ext fail issue
...
Change-Id: Ib31e0929c5b6868ab6c3023b20472321fc07ba3c
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:45:50 +00:00
XiaokangQian
8f9dfe41c0
Fix comments about coding styles and test cases
...
Change-Id: I70ebc05e9dd9fa084d7b0ce724a25464c3425e22
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:45:50 +00:00
XiaokangQian
cfd925f3e8
Fix comments and remove hrr related code
...
Change-Id: Iab1fc5415b3b7f7b5bcb0a41a01f4234cc3497d6
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:45:50 +00:00
XiaokangQian
ed582dd023
Update based on comments
...
Remove cookie support from server side
Change code to align with coding styles
Re-order functions of client_hello
Change-Id: If31509ece402f8276e6cac37f261e0b166d05e18
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
XiaokangQian
4080a7f687
Change code style and some share functions
...
Change variables and functions name style
Refine supported_version
Refine client hello parse
Change-Id: Iabc1db51e791588f999c60db464326e2bdf7b2c4
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
XiaokangQian
9b5d04b078
Share parse_key_share() between client and server
...
Change-Id: I3fd2604296dc0e1e8380f5405429a6b0feb6e981
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
XiaokangQian
c4b8c99a38
Rebase and solve conflicts and issues
...
Change-Id: I17246c5b2f8a8ec4989c8b0b83b55cad0491b78a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
XiaokangQian
8840888fbc
Fix some CI issues
...
Change-Id: I68ee024f29b7b8dd586f2c45e91950657e76bad8
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
XiaokangQian
c5763b5efd
Change some code style
...
Change-Id: I67bb642e81693489345867ca87d7e9daa22f83ea
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
XiaokangQian
3207a32b1e
Fix unused parameter issue and not defined cookie issue
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
XiaokangQian
7ac3ab3404
Add hello retry request count for server
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
XiaokangQian
a9c58419f2
Fix compile and test issues
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
XiaokangQian
7807f9f5c9
Add client hello into server side
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
Ronald Cron
fd8cbda3ec
Remove ECDH code specific to TLS 1.3
...
ECDH operations in TLS 1.3 are now done through PSA.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-04-19 18:31:24 +02:00
Ronald Cron
fd6193c285
ssl_tls13_client: Add downgrade attack protection
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-04-19 18:31:24 +02:00
Ronald Cron
217d699d85
Fix Doxygen marks
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-04-19 18:28:51 +02:00
Paul Elliott
a2da9c7e45
Merge pull request #5631 from gstrauss/enum-tls-vers
...
Unify internal/external TLS protocol version enums
2022-04-19 17:05:26 +01:00
Tom Cosgrove
c144ca6473
Hide unnecessarily public functions in SHA-256 and SHA-512 A64 acceleration
...
Fixes #5752
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-04-19 13:52:24 +01:00
Hanno Becker
606cb1626f
Add comment explaining structure of UMAAL assembly
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-17 06:59:33 +01:00
Hanno Becker
d46d96cc3f
Add 2-fold unrolled assembly for umaal based multiplication
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-17 06:19:55 +01:00
Hanno Becker
63eb28c728
Use separate counters for 8-fold and single multiplication steps
...
Compilers are likely to generate shorter assembly for loops of the
form `while( cnt-- ) { ... }` rather than
`for( ; count >= X; count -= X ) { ... }`. (E.g. the latter needs
a subtract+compare+branch after each loop, while the former only
needs decrement+branch).
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-17 06:16:03 +01:00
Hanno Becker
eacf3b9eb4
Simplify organization of inline assembly for bignum
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-17 06:16:03 +01:00
Gilles Peskine
09dc05b880
Merge pull request #5635 from gilles-peskine-arm/psa-test-op-fail
...
PSA: systematically test operation failure
2022-04-15 10:52:47 +02:00
Manuel Pégourié-Gonnard
63ed7cbf36
Merge pull request #5701 from hanno-arm/mpi_mul_hlp
...
Make size of output in mpi_mul_hlp() explicit
2022-04-15 10:09:06 +02:00
Glenn Strauss
8315811ea7
Remove restrictive proto ver negotiation checks
...
Overly restrictive protocol version negotiation checks might be
"version intolerant". TLS 1.3 and DTLS 1.3 move the version to
the "supported_versions" ClientHello extension.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:14 -04:00
Glenn Strauss
bbdc83b55b
Use mbedtls_ssl_protocol_version in public structs
...
Use mbedtls_ssl_protocol_version in public structs, even when doing
so results in a binary-incompatible change to the public structure
(PR feedback from @ronald-cron-arm)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:14 -04:00
Glenn Strauss
cd78df6aa4
handshake->min_minor_ver to ->min_tls_version
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:14 -04:00
Glenn Strauss
041a37635b
Remove some tls_ver < MBEDTLS_SSL_VERSION_TLS1_2 checks
...
mbedtls no longer supports earlier TLS protocol versions
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:14 -04:00
Glenn Strauss
e3af4cb72a
mbedtls_ssl_(read|write)_version using tls_version
...
remove use of MBEDTLS_SSL_MINOR_VERSION_*
remove use of MBEDTLS_SSL_MAJOR_VERSION_*
(only remaining use is in tests/suites/test_suite_ssl.data)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:14 -04:00
Glenn Strauss
60bfe60d0f
mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version
...
Store the TLS version in tls_version instead of major, minor version num
Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller.
Reduce size of mbedtls_ssl_ciphersuite_t
members are defined using integral types instead of enums in
order to pack structure and reduce memory usage by internal
ciphersuite_definitions[]
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:12 -04:00
Glenn Strauss
2dfcea2b9d
mbedtls_ssl_config min_tls_version, max_tls_version
...
Store the TLS version in tls_version instead of major, minor version num
Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible on little-endian platforms,
but is compatible on big-endian platforms. For systems supporting
only TLSv1.2, the underlying values are the same (=> 3).
New setter functions are more type-safe,
taking argument as enum mbedtls_ssl_protocol_version:
mbedtls_ssl_conf_max_tls_version()
mbedtls_ssl_conf_min_tls_version()
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:39:43 -04:00
Glenn Strauss
da7851c825
Rename mbedtls_ssl_session minor_ver to tls_version
...
Store the TLS version instead of minor version number in tls_version.
Note: struct member size changed from unsigned char to uint16_t
Due to standard structure padding, the structure size does not change
unless alignment is 1-byte (instead of 2-byte or more)
Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is compatible on little-endian platforms,
but not compatible on big-endian platforms. The enum values for
the lower byte of MBEDTLS_SSL_VERSION_TLS1_2 and of
MBEDTLS_SSL_VERSION_TLS1_3 matches MBEDTLS_SSL_MINOR_VERSION_3 and
MBEDTLS_SSL_MINOR_VERSION_4, respectively.
Note: care has been taken to preserve serialized session format,
which uses only the lower byte of the TLS version.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:23:57 -04:00
Glenn Strauss
07c641605e
Rename mbedtls_ssl_transform minor_ver to tls_version
...
Store the TLS version in tls_version instead of minor version number.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:23:54 -04:00
Glenn Strauss
dff84620a0
Unify internal/external TLS protocol version enums
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 13:45:20 -04:00
Hanno Becker
3577131bb4
Reintroduce trimming of input in mbedtls_mpi_mul_int()
...
Removing the trimming has significant memory impact. While it is clearly what
we want to do eventually for constant-time'ness, it should be fixed alongside
a strategy to contain the ramifications on memory usage.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-14 11:52:11 +01:00
Neil Armstrong
769dc05597
Remove bad dependency on MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED for ecdh_ctx guard
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-14 09:56:24 +02:00
Neil Armstrong
282750215c
Remove PSA only code from non-PSA code block code in ssl_write_client_key_exchange()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-13 15:05:11 +02:00
Neil Armstrong
11d4945248
Simplify compile-time PSA/non-PSA ECDH(E) code in ssl_write_client_key_exchange()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-13 15:03:43 +02:00
Neil Armstrong
1f198d8dee
Simplify by moving ssl_check_server_ecdh_params in the ECDHE non-PSA compile-time block
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-13 15:02:30 +02:00
Neil Armstrong
913b364a52
Simplify compile-time PSA/non-PSA ECDH(E) code in ssl_parse_client_key_exchange()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-13 14:59:48 +02:00
Manuel Pégourié-Gonnard
6c242a01f7
Merge pull request #5634 from superna9999/5625-pk-opaque-rsa-basics
...
PK Opaque RSA sign
2022-04-13 09:55:42 +02:00
Hanno Becker
0dbf04a9a6
Remove unnecessary memory operations in p25519 quasireduction
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-13 07:26:53 +01:00
Hanno Becker
1772e05fca
Reduce the scope of local variable in mbedtls_mpi_mul_mpi()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-13 07:26:53 +01:00
Hanno Becker
da763de7d0
Revert "Don't trim MPIs to minimal size in mbedtls_mpi_mul_mpi()"
...
This reverts commit 808e666eee
.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-13 07:26:42 +01:00
Hanno Becker
127fcabb21
Fail gracefully upon unexpectedly large input to p25519 reduction
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-12 22:18:36 +01:00
Neil Armstrong
62d452baac
Implement PK Opaque RSA PSS signature
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-12 15:11:49 +02:00
Neil Armstrong
f3f46416e3
Remove ecdh_ctx variable, init & free when USE_PSA_CRYPTO isn't selected
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-12 14:43:39 +02:00
Neil Armstrong
3ea01498d8
Store TLS1.2 ECDH point format only when USE_PSA_CRYPTO isn't selected
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-12 14:41:50 +02:00
Neil Armstrong
a33a255dcf
Disable non-PSA ECDHE code in mbedtls_ssl_psk_derive_premaster() when USE_PSA_CRYPTO is selected
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-12 14:40:47 +02:00
Neil Armstrong
d8419ff390
Refactor to make PSA and non-PSA ECDH(E) client code exclusive
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-12 14:39:16 +02:00
Neil Armstrong
d91526c17f
Refactor to make PSA and non-PSA ECDH(E) server code exclusive
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-12 14:38:52 +02:00
Manuel Pégourié-Gonnard
927410ded3
Merge pull request #5611 from superna9999/5318-tls-ecdhe-psk
...
TLS ECDH 3a: ECDHE-PSK (both sides, 1.2)
2022-04-12 13:28:02 +02:00
Hanno Becker
bb04cb992f
Fix check in p25519 quasi-reduction
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-12 11:18:11 +01:00
Hanno Becker
d830feb256
Simplify check in p25519 quasi-reduction
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-12 11:10:19 +01:00
Hanno Becker
2ef0cff6c3
Fix size check in p25519 modular reduction
...
The check was meant to precisely catch an underflow.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-12 11:02:05 +01:00
Hanno Becker
0235f7512f
Reduce scope of local variables in mpi_montmul()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-12 11:02:03 +01:00
Hanno Becker
9137b9c587
Note alternative implementation strategy in mbedtls_mpi_mul_int()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-12 11:01:58 +01:00
Hanno Becker
808e666eee
Don't trim MPIs to minimal size in mbedtls_mpi_mul_mpi()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-12 11:01:57 +01:00
Przemek Stekiel
d7a28646bc
psa_tls12_prf_set_key(): add PSA_TLS12_PRF_STATE_OTHER_KEY_SET as a valid state
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-12 11:27:00 +02:00
Przemek Stekiel
a7695a2d76
psa_key_derivation_check_input_type(): handle PSA_KEY_DERIVATION_INPUT_OTHER_SECRET
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-12 11:27:00 +02:00
Przemek Stekiel
c8fa5a1bdd
psa_tls12_prf_psk_to_ms_set_key(): add support for other secret input
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-12 11:26:47 +02:00
Gilles Peskine
43b0943736
Merge pull request #1946 from hanno-arm/alert_reentrant
...
Make mbedtls_ssl_send_alert_message() reentrant
2022-04-12 11:05:20 +02:00
Neil Armstrong
7624a5ae5e
Allow RSA PK Opaque keys for RSA-PSS signing
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-12 10:09:26 +02:00
Hanno Becker
53b3c607a0
Move const
keyword prior to type name
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 13:46:30 +01:00
Hanno Becker
dfcb2d084b
Fix Doxygen for mbedtls_mpi_core_mla()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 13:44:15 +01:00
Hanno Becker
99ba4cc6d5
Remove Doxygen from mbedtls_mpi_core_mla() implementation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 13:44:03 +01:00
Hanno Becker
efdc519864
Reintroduce though-to-be unused variable in correct place
...
The variable is a local variable for the i386 bignum assembly only;
introduce it as part of the start/finish macros.
It can be noted that the variable is initialize to 0 within MULADDC_INIT,
so there are no data dependencies across blocks of MULADDC_INIT/CORE/STOP.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 10:44:02 +01:00
Hanno Becker
5d4ceeb25c
Remove const qualifier for mutable local variable in mpi_mul_hlp()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 09:46:47 +01:00
Hanno Becker
284d778d28
Address review comments
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 09:19:24 +01:00
Hanno Becker
e9dd9a1f31
Use size_t for number of limbs
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 09:06:27 +01:00
Manuel Pégourié-Gonnard
eaf3086831
Merge pull request #1133 from RonEld/1805
...
Fix Shared Library compilation issue with Cmake
2022-04-11 09:31:59 +02:00
Hanno Becker
6454993e2e
Safeguard against calling p255 reduction with single-width MPI
...
(In this case, there's nothing to do anyway since we only do a
quasi-reduction to N+1 limbs)
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 07:35:58 +01:00
Hanno Becker
25bb732ea7
Simplify x25519 reduction using internal bignum MLA helper
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 07:03:48 +01:00
Hanno Becker
aef9cc4f96
Rename mpi_mul_hlp -> mbedtls_mpi_core_mla and expose internally
...
This paves the way for the helper to be used from the ECP module
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 07:03:43 +01:00
Gilles Peskine
e1730e492d
Merge pull request #5708 from AndrzejKurek/timeless-struggles
...
Remove the dependency on MBEDTLS_TIME_H from the timing module
2022-04-08 18:43:16 +02:00
Neil Armstrong
95a892311d
Comment decrypt & encrypt callback entries of mbedtls_pk_ecdsa_opaque_info as not relevant
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-08 15:13:51 +02:00
Neil Armstrong
7df6677c34
Remove now invalid comment in pk_opaque_ecdsa_can_do()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-08 15:13:06 +02:00
Neil Armstrong
56e71d4d1a
Update documentation of mbedtls_pk_setup_opaque()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-08 15:12:42 +02:00
Neil Armstrong
eccf88fa48
Only accept RSA key pair in mbedtls_pk_setup_opaque()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-08 15:11:50 +02:00
Hanno Becker
5e18f74abb
Make alert sending function re-entrant
...
Fixes #1916
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:16:43 +01:00
Andrzej Kurek
5735369f4a
Remove the dependency on MBEDTLS_HAVE_TIME from MBEDTLS_TIMING_C
...
The timing module might include time.h on its own when on
a suitable platform, even if MBEDTLS_HAVE_TIME is disabled.
Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-04-08 04:41:42 -04:00