Raef Coles
9b0daf60fb
Improve LMS private function warning
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:29:38 +01:00
Raef Coles
370cc43630
Make LMS public key export part of public key api
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:29:28 +01:00
Raef Coles
be3bdd8240
Rename LMS and LMOTS init/free functions
...
To match convention
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:29:18 +01:00
Raef Coles
2ac352a322
Make LMS functions args const where required
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:29:14 +01:00
Raef Coles
f6ddd51bfd
Sanitize LMS and LMOTS macros
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:29:13 +01:00
Raef Coles
5127e859d7
Update LMS and LMOTS dependency macros
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:29:11 +01:00
Raef Coles
56fe20a473
Move MBEDTLS_PRIVATE required defines into lms.h
...
From lmots.h, as it is a private header
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:29:10 +01:00
Raef Coles
ab300f15e8
Move public header content from lmots.h to lms.h
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:29:08 +01:00
Raef Coles
403558c1c9
Fix LMS function documentation
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:57 +01:00
Raef Coles
9b88ee5d5d
Fix LMS and LMOTS coding style violations
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:40 +01:00
Raef Coles
366d67d9af
Shorted LMS and LMOTS line-lengths
...
To attempt to comply with the 80-char suggestion
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:38 +01:00
Raef Coles
e9479a0264
Update LMS API to support multiple parameter sets
...
Parameterise macros to allow variation of sizes
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:36 +01:00
Raef Coles
ab4f87413a
Add MBEDTLS_LMS_PRIVATE define
...
To enable private key operations
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:35 +01:00
Raef Coles
01c71a17b3
Update LMS and LMOTS api
...
Fix function names and parameters. Move macros to be more private.
Update implementation.
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:25 +01:00
Raef Coles
c8f9604d7b
Use PSA hashing for LMS and LMOTS
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:23 +01:00
Raef Coles
7dce69a27a
Make LMOTS a private api
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:22 +01:00
Raef Coles
2ad6e611f0
Update LMS/LMOTS documentation
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:20 +01:00
Raef Coles
0aa18e041f
Note that LMS sign function is for testing only
...
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:18 +01:00
Raef Coles
c464746d45
Document LMS and LMOTS contexts
...
And add some comments about the source of their type IDs
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:17 +01:00
Raef Coles
8ff6df538c
Add LMS implementation
...
Also an LM-OTS implementation as one is required for LMS.
Signed-off-by: Raef Coles <raef.coles@arm.com>
2022-10-13 14:28:15 +01:00
Gilles Peskine
0fe6631486
Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2
...
Include platform.h unconditionally
2022-10-13 10:19:22 +02:00
Dave Rodgman
b319684bca
Additional updates to docs links
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-10-12 16:47:08 +01:00
Xiaokang Qian
baa4764d77
Fix typo issues
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-10-12 11:06:51 +00:00
Xiaokang Qian
ed3afcd6c3
Fix various typo and macro guards issues
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-10-12 11:06:51 +00:00
Xiaokang Qian
03409290d2
Add MBEDTLS_SSL_SESSION_TICKETS guard to server name check
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-10-12 11:06:51 +00:00
Xiaokang Qian
2f9efd3038
Address comments base on review
...
Change function name to ssl_session_set_hostname()
Remove hostname_len
Change hostname to c_string
Update test cases to multi session tickets
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-10-12 11:06:49 +00:00
Xiaokang Qian
bc663a0461
Refine code based on commnets
...
Change code layout
Change hostname_len type to size_t
Fix various issues
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-10-12 11:06:01 +00:00
Xiaokang Qian
adf84a4a8c
Remove public api mbedtls_ssl_reset_hostname()
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-10-12 11:05:11 +00:00
Xiaokang Qian
281fd1bdd8
Add server name check when proposeing pre-share key
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-10-12 11:03:41 +00:00
Gilles Peskine
8fd3254cfc
Merge pull request #6374 from mprse/enc_types
...
Test TLS 1.2 builds with each encryption type
2022-10-12 12:45:50 +02:00
Ronald Cron
78317c832b
Merge pull request #6327 from yuhaoth/pr/tls13-psk-after-session-tickets
...
TLS 1.3: PSK and NewSessionTicket: Add support for sending PSK and Ticket together.
2022-10-12 12:39:51 +02:00
Gilles Peskine
fcee740b83
Automatically enable PK_PARSE for RSA in PSA
...
PSA crypto currently needs MBEDTLS_PK_PARSE_C to parse RSA keys to do almost
anything with them (import, get attributes, export public from private, any
cryptographic operations). Force it on, for symmetry with what we're doing
for MBEDTLS_PK_WRITE_C. Fixes #6409 .
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-11 21:15:24 +02:00
Gilles Peskine
fd94304f9d
PSA RSA needs pk_write
...
The PSA crypto code needs mbedtls_pk_write_key_der() and
mbedtls_pk_write_pubkey() when using RSA without drivers. We were already
forcing MBEDTLS_PK_WRITE_C when MBEDTLS_USE_PSA_CRYPTO is enabled. Do so
also when MBEDTLS_PSA_CRYPTO_C is enabled as well as MBEDTLS_RSA_C, even
without MBEDTLS_USE_PSA_CRYPTO. Fixes #6408 .
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-10-11 21:09:12 +02:00
Przemek Stekiel
d61a4d3d1a
Fix missing guard and double-space
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-11 09:40:40 +02:00
Przemek Stekiel
52a428b824
Fix MBEDTLS_SSL_TICKET_C, MBEDTLS_SSL_SESSION_TICKETS dependencies
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-10 11:23:18 +02:00
Jerry Yu
8897c07075
Add server only guards for psk callback
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-10-07 10:11:05 +08:00
Jan Bruckner
b33f6e5ee2
Fix typo
...
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2022-10-06 11:23:49 +02:00
Manuel Pégourié-Gonnard
79617d99ae
Fix namespacing issue
...
This macro is specific to the Mbed TLS implementation and not part of
the public API, so it shouldn't used the PSA_ namespace.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-10-05 12:55:50 +02:00
Manuel Pégourié-Gonnard
ec7012dbc7
Fix I/O format of PSA EC J-PAKE for compliance
...
The format used by the mbedtls_ecjpake_xxx() APIs and that defined by
the PSA Crypto PAKE extension are quite different; the former is
tailored to the needs of TLS while the later is quite generic and plain.
Previously we only addressed some part of this impedance mismatch: the
different number of I/O rounds, but failed to address the part where the
legacy API adds some extras (length bytes, ECParameters) that shouldn't
be present in the PSA Crypto version. See comments in the code.
Add some length testing as well; would have caught the issue.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-10-05 12:52:48 +02:00
Przemek Stekiel
0957e7bfc5
Rmove MBEDTLS_NIST_KW_C dependency from MBEDTLS_SSL_TICKET_C
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-03 11:39:02 +02:00
Przemek Stekiel
460192ee19
Fix and sync configuration file and configuration verifiation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-10-03 08:55:29 +02:00
Nick Child
7dbe8528f3
pkcs7: Import header files with included directory path not relative path
...
In #include statements, rely on -I paths instead of relative paths.
Signed-off-by: Nick Child <nick.child@ibm.com>
2022-09-30 17:28:16 -05:00
Przemek Stekiel
ce5b68c7a3
Revert "Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions"
...
This reverts commit a82290b727
.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-29 15:29:18 +02:00
Manuel Pégourié-Gonnard
f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2
...
Ad-hoc KDF for EC J-PAKE in TLS 1.2
2022-09-28 09:47:32 +02:00
Przemek Stekiel
e31ba83675
Use basic symbols instead MBEDTLS_CIPHER_MODE_AEAD in check config
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-28 09:44:58 +02:00
Przemek Stekiel
d582a01073
Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-28 07:59:01 +02:00
Przemek Stekiel
a82290b727
Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions
...
Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C flags - make it consistent.
As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available).
Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-27 15:04:14 +02:00
Andrzej Kurek
e09aff8f5a
Add information about ECJPAKE_TO_PMS output size expectations
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-26 10:59:31 -04:00
Andrzej Kurek
96b9f23853
Adjust ECJPAKE_TO_PMS macro value
...
This way the low 8 bits of the identifier indicate that this algorithm is used
with SHA-256.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-26 10:30:46 -04:00
Paul Elliott
2c282c9bd0
Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets
...
TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.
2022-09-23 15:48:33 +01:00
Jerry Yu
ba627bfd0d
improve document about session tickets
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-23 09:58:22 +08:00
Jerry Yu
40b4a01388
Improve documents
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 23:48:38 +08:00
Jerry Yu
f3bdf9dd51
fix various issues
...
- improve document about configuration item.
- format issue
- variable type issue.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 23:47:14 +08:00
Jerry Yu
d0766eca58
fix various issues
...
- Improve comments
- Align count variable name to `new_session_tickets_count`
- move tickets_count init to handshake init
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-22 13:21:29 +08:00
Manuel Pégourié-Gonnard
d433cd7d07
Merge pull request #6283 from mpg/driver-only-hashes-wrap-up
...
Driver only hashes wrap-up
2022-09-21 08:29:46 +02:00
Manuel Pégourié-Gonnard
b4e28aa2f7
Fix two typos
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-19 11:55:00 +02:00
Manuel Pégourié-Gonnard
3c16abebd4
Fix dependencies of KEY_EXCHANGE_ECJPAKE
...
The EC J-PAKE module the ability to "fall back" to PSA when MD is not
present a few PRs ago, but the dependency of this key exchange on
SHA-256 wasn't updated at the time.
(Note: the crypto primitive doesn't depend on SHA-256, only its use in
the TLS key exchange does.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-19 10:47:05 +02:00
Jerry Yu
1ad7ace6b7
Add conf new session tickets
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-19 14:22:21 +08:00
Ronald Cron
be0224aef3
Merge pull request #6167 from yuhaoth/pr/finalize-tls13-session-tickets
2022-09-18 21:18:13 +02:00
Gilles Peskine
ef843f2b0c
MBEDTLS_PLATFORM_VSNPRINTF_ALT requires MBEDTLS_PLATFORM_C
...
mbedtls_vsnprintf replacement works like mbedtls_snprintf replacement, so
copy the requirements for MBEDTLS_PLATFORM_VSNPRINTF_ALT.
(MBEDTLS_PLATFORM_xxx_MACRO shouldn't require MBEDTLS_PLATFORM_C, but that's
a separate preexisting problem which I do not try address at this time.)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-18 14:05:23 +02:00
Nick Child
9512bde5c3
pkcs7: Fix pkcs7 error code values
...
Mbed TLS uses a two layer system for error codes. The least significant
7 bits should be used to signal low-level module errors. Since PKCS7 is
a high level module, it should leave these bits unassigned. To do this,
the least significant byte of PKCS7 error codes must either be 0x00 or
0x80.
Signed-off-by: Nick Child <nick.child@ibm.com>
2022-09-16 09:49:06 -05:00
Andrzej Kurek
3c4c514302
Remove PSA_ALG_IS_TLS12_ECJPAKE_TO_PMS
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-16 07:24:14 -04:00
Andrzej Kurek
1fafb1f778
Documentation clarifications for ECJPAKE-to-PMS
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-16 07:19:49 -04:00
Manuel Pégourié-Gonnard
1be45825ab
Remove useless guard around include
...
Including a header is harmless, so we can include do it unconditionally.
The condition was wrong, should have been USE_PSA || PROTO_TLS1_3. If we
just fixed to condition, then we would need to make sure things like:
#define MBEDTLS_TLS1_3_MD_MAX_SIZE PSA_HASH_MAX_SIZE
are also guarded, which is useless (extra defines are harmless) and
annoying, so just remove the condition altogether.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 13:18:36 +02:00
Manuel Pégourié-Gonnard
138387fc8c
Fix some typos, improve wording & formatting
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
72687b76ca
Clarify dependencies in mbedtls_config.h
...
- One module was missing the warning on psa_crypto_init().
- For modules that are affected by USE_PSA_CRYPTO, it makes more sense
to mention that in the warning.
- Attempt to improve the description of the TLS 1.3 situation.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
f17f85ef0c
Simplify definition of TLS 1.3 MD max size.
...
Actually this macro is never used in parts that depend on USE_PSA, so
it's always using PSA.
Currently the macro seems a bit redundant, but:
- since it's public we can't remove it;
- and there are plans in the future to make it more precise (actually
the largest hash that matters for TLS 1.3 is SHA-384 now).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
e896705c1a
Take advantage of legacy_or_psa.h being public
...
Opportunities for using the macros were spotted using:
git grep -E -n -A2 'MBEDTLS_(MD|SHA)[0-9]+_C' | egrep 'PSA_WANT_ALG_(MD|SHA)'
then manually filtering the results.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
07018f97d2
Make legacy_or_psa.h public.
...
As a public header, it should no longer include common.h, just use
build_info.h which is what we actually need anyway.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-09-16 12:02:48 +02:00
Gilles Peskine
04e4c19ee3
Document the base state of platform abstraction
...
It's `#define mbedtls_xxx xxx` unless some option to override `mbedtls_xxx`
is enabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-15 20:34:50 +02:00
Manuel Pégourié-Gonnard
409a620dea
Merge pull request #6255 from mprse/md_tls13
...
Driver-only hashes: TLS 1.3
2022-09-15 10:37:46 +02:00
Manuel Pégourié-Gonnard
18dff1f226
Merge pull request #5871 from superna9999/4153-psa-expose-ec-j-pake
...
Expose ECJPAKE through the PSA Crypto API
2022-09-15 09:25:55 +02:00
Nick Child
8ce1b1afc8
pkcs7: Correct various syntatical mistakes
...
Resond to feedback from the following comments:
- use correct spacing [1-7]
- remove unnecessary parenthesis [8]
- fixup comments [9-11]
- remove unnecessary init work [12]
- use var instead of type for sizeof [13]
[1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953655691
[2] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953661514
[3] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953689929
[4] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953696384
[5] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697558
[6] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697793
[7] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953697951
[8] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953699102
[9] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r971223775
[10] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967133905
[11] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967135932
[12] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967151430
[13] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967154159
Signed-off-by: Nick Child <nick.child@ibm.com>
2022-09-14 15:13:52 -05:00
Andrzej Kurek
d60907b85d
Define ECJPAKE_TO_PMS in config_psa only if SHA_256 is available
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-14 14:57:51 -04:00
Przemyslaw Stekiel
67ffab5600
ssl.h: use PSA hash buffer size when PSA is used
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-14 14:51:14 +02:00
Andrzej Kurek
18f8e8d62c
Document the input size restriction for EC J-PAKE to PMS
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-14 08:44:34 -04:00
Andrzej Kurek
08d34b8693
Add an EC J-PAKE KDF to transform K -> SHA256(K.X) for TLS 1.2
...
TLS uses it to derive the session secret. The algorithm takes a serialized
point in an uncompressed form, extracts the X coordinate and computes
SHA256 of it. It is only expected to work with P-256.
Fixes #5978 .
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-14 08:39:26 -04:00
Przemyslaw Stekiel
034492bd56
ssl.h: Fix hash guards
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-14 11:09:20 +02:00
Przemek Stekiel
ce0aa58fd9
check_config.h: make TLS1.3 requirements verification more readable
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
8a2f2b0bd6
check_config.h: fix TLS 1.3 requirements (add HKDF_EXTRACT/EXPAND) and comments
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
9408b70513
check_config.h: revert HKDF requirements
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
a06787a629
build_info.h: include config_psa.h also when MBEDTLS_PSA_CRYPTO_C
...
This is done to have PSA_WANT_xxx symbols available in check_config.h when MBEDTLS_PSA_CRYPTO_C.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
cf9d972a9a
Fix config for MBEDTLS_SSL_PROTO_TLS1_3
...
Remove MBEDTLS_HKDF_C as it is not needed since #5838
Reasoning: we need SHA-256 or SHA-384 via PSA because they're used by HKDF which is now always done via PSA. If in addition to that USE_PSA is enabled, then everything is done via PSA so that's enough. Otherwise, we need the software implementation of SHA-256 or SHA-384, plus MD_C because we're using a VIA_MD_OR_PSA_BASED_ON_USE_PSA as discussed above.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
a9a8816107
ssl.h: adapt guards for MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Jerry Yu
6cf85a4bb0
update document abourt maximum ticket_age_tolerance
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-13 14:28:15 +08:00
Neil Armstrong
fb3093a9cb
Use PSA_PAKE_ROLE_NONE in PSA_PAKE_OPERATION_INIT macro instead of 0
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-08 14:59:32 +02:00
Neil Armstrong
7cd4eacbd4
Fix typo in mbedtls_ecjpake_write_shared_key() comment
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-08 14:57:55 +02:00
Neil Armstrong
ecb221b1ff
Move operation buffer in operation struct and remove dynamic allocation
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-08 11:21:07 +02:00
Hannes Tschofenig
fd6cca4448
CID update to RFC 9146
...
The DTLS 1.2 CID specification has been published as RFC 9146. This PR updates the implementation to match the RFC content.
Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
2022-09-07 17:15:05 +02:00
Andrzej Kurek
f000471c66
Add missing MD dependency for pkcs5_pbkdf2_hmac
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
345a92b321
Adjust PKCS5 dependencies in check_config
...
It's possible to build PKCS5 with PSA instead of MD
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
65bf73ed6a
Enable HMAC in config_psa.h regardless of MD availability
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
890e78ae66
Deprecate mbedtls_pkcs5_pbkdf2_hmac
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
dd36c76f09
Provide a version of pkcs5_pbkdf2_hmac without MD usage
...
Use the new implementation locally
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Manuel Pégourié-Gonnard
97fc247d6a
Merge pull request #6232 from AndrzejKurek/pkcs12-no-md
...
Remove MD dependency from pkcs12 module
2022-09-02 09:43:13 +02:00
Nick Child
5d881c36ea
pkcs7: Change copyright
...
Signed-off-by: Nick Child <nick.child@ibm.com>
2022-09-01 19:45:41 -05:00
Nick Child
390e61a47a
pkcs7.h: Make pkcs7 fields private
...
All fields in the mbedtls_pkcs7 struct have been made private with MBEDTLS_PRIVATE.
Signed-off-by: Nick Child <nick.child@ibm.com>
2022-09-01 19:45:41 -05:00
Nayna Jain
673a226698
pkcs7: add support for signed data
...
OpenSSL provides APIs to generate only the signted data
format PKCS7 i.e. without content type OID. This patch
adds support to parse the data correctly even if formatted
only as signed data
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
2022-09-01 19:45:41 -05:00
Nayna Jain
c9deb184b0
mbedtls: add support for pkcs7
...
PKCS7 signing format is used by OpenPOWER Key Management, which is
using mbedtls as its crypto library.
This patch adds the limited support of pkcs7 parser and verification
to the mbedtls. The limitations are:
* Only signed data is supported.
* CRLs are not currently handled.
* Single signer is supported.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Eric Richter <erichte@linux.ibm.com>
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
2022-09-01 19:45:33 -05:00
Andrzej Kurek
7bd12c5d5e
Remove MD dependency from pkcs12 module
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-01 08:57:41 -04:00
Jerry Yu
89eb95a221
Add ticket age tolerance config option
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-08-31 23:24:25 +08:00
Neil Armstrong
b764fb60aa
Remove MBEDTLS_MD_C dep in config_psa.h when ECJPAJE is wanted
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
12663092bc
Introduce mbedtls_ecjpake_write_shared_key() to export the EC J-PAKE shared key material before the KDF()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
ed40782628
Fix SECP256R1 enable when PSA_WANT_ALG_JPAKE is defined
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
a557cb8c8b
Fixing XXX_ALG_ECJPAKE to XXX_ALG_JPAKE to match specification
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
7616ad28e3
Fix guard of ecjpake.h include in crypto_extra.h
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
63212ddf2f
Fix formatting of PSA_PAKE_OPERATION_INIT macro
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
7aaa34a1ba
Fix formatting of PSA_PAKE_OUTPUT_SIZE & PSA_PAKE_INPUT_SIZE macros
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
637d0a0290
Enable buildin PSA PAKE implementation when ECJPAKE_C is selected
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
35269d93da
Fill psa_pake_operation and INPUT/OUTPUT min/max sizes for PSA PAKE builtin implementation
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Manuel Pégourié-Gonnard
bf22a2500b
Merge pull request #6208 from AndrzejKurek/tls-tests-no-md-structured
...
Remove the dependency on MD from TLS 1.2 tests
2022-08-30 12:34:37 +02:00
Nicholas Wilson
8e5bdfbbcf
Improve programs/cert_write with a way to set extended key usages
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-08-30 10:08:43 +01:00
Dave Rodgman
0edfa9dd26
Merge pull request #6207 from daverodgman/ticket_time
...
Fix type used for capturing TLS ticket generation time
2022-08-30 10:03:06 +01:00
Andrzej Kurek
cccb044804
Style & formatting fixes
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-23 05:26:02 -04:00
Janos Follath
645ff5b8ff
Merge pull request #6095 from gabor-mezei-arm/6016_add_new_modulus_and_residue_structures
...
Add the new modulus and the residue structures with low level I/O operations
2022-08-23 09:02:43 +01:00
Andrzej Kurek
e02da81086
Update TLS1.2 dependencies description in mbedtls_config.h
...
It is possible to use it without MBEDTLS_SHAXXX defines and USE_PSA_CRYPTO
instead.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-22 17:46:50 -04:00
Andrzej Kurek
7e16ce3a72
Clarify TLS 1.2 dependencies with and without PSA crypto
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-08-22 17:46:50 -04:00
Dave Rodgman
0ce93933e8
Merge pull request #6219 from KloolK/development
...
Fix minor typos
2022-08-22 21:47:21 +01:00
Gilles Peskine
e5018c97f9
Merge pull request #6195 from superna9999/6149-driver-only-hashes-ec-j-pake
...
Driver-only hashes: EC J-PAKE
2022-08-22 17:28:15 +02:00
Gilles Peskine
20ebaac85e
Merge pull request #6211 from tom-cosgrove-arm/explicit-warning-re-ct-conditions-not-0-or-1
...
Be explicit about constant time bignum functions that must take a 0 or 1 condition value
2022-08-22 17:24:04 +02:00
Jan Bruckner
9ff6f8cdbd
Fix minor typos
...
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2022-08-22 16:05:58 +02:00
Dave Rodgman
34ff6a7a31
Correct documentation for mbedtls_ecdsa_verify
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-08-19 11:17:36 +01:00
Neil Armstrong
ecaba1c9b2
Make use of PSA crypto hash if MBEDTLS_MD_C isn't defined
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-19 11:49:22 +02:00
Neil Armstrong
0d76341eac
Remove md_info by md_type in ecjpake context, use mbedtls_hash_info_get_size() to get hash length
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-19 11:49:22 +02:00
Przemek Stekiel
10836a04a9
config: Fix requirements for MBEDTLS_X509_USE_C and MBEDTLS_X509_CREATE_C
...
Restore MBEDTLS_PK_PARSE_C as it was removed by mistake.
Fix module name in added warnings.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
12e69cb806
oid.h: remove MBEDTLS_MD_C guard
...
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing reference -> drivers ***
x509parse: total 723; skipped 89 -> 89
x509write: total 41; skipped 3 -> 3
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
55c17430be
oid.h: remove redundant MBEDTLS_MD_C dependency
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
278b6674bd
check_config.h: Adjust x509 dependencies (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Przemek Stekiel
fd18366965
Adjust declared dependencies in library/x509*
...
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-08-19 10:15:56 +02:00
Tom Cosgrove
583816caaf
Be explicit about constant time bignum functions that must take a 0 or 1 condition value
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-08-18 14:09:18 +01:00
Dave Rodgman
536f28c892
Respect MBEDTLS_HAVE_TIME in ssl_ticket
...
Make use of ticket generation time and associated fields
conditional on MBEDTLS_HAVE_TIME, to avoid compile errors
on baremetal.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-08-17 14:20:36 +01:00
Dave Rodgman
392f714153
Fix type used for capturing TLS ticket generation time
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-08-17 12:38:24 +01:00
Gabor Mezei
d41f627650
Order the file names
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-08-12 15:20:21 +02:00
Manuel Pégourié-Gonnard
077ba8489d
PKCS#1 v2.1 now builds with PSA if no MD_C
...
Test coverage not there yet, as the entire test_suite_pkcs1_v21 is
skipped so far - dependencies to be adjusted in a future commit.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-08-11 12:47:02 +02:00
Janos Follath
d1baedb786
Bignum: extract bignum_mod.h functions
...
Extract functions declared in bignum_mod.h into a source file with a
matching name.
We are doing this because:
- This is a general best practice/convention
- We hope that this will make resolving merge conflicts in the future
easier
- Having them in a unified source file is a premature optimisation at
this point
This makes library/bignum_new.c empty and therefore it is deleted.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-09 13:44:53 +01:00
Janos Follath
0ded631879
Bignum: extract bignum_mod_raw.h functions
...
Extract functions declared in bignum_mod_raw.h into a source file with a
matching name.
We are doing this because:
- This is a general best practice/convention
- We hope that this will make resolving merge conflicts in the future
easier
- Having them in a unified source file is a premature optimisation at
this point
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-09 13:34:54 +01:00
Janos Follath
3ca0775e59
Bignum: extract bignum_core.h functions
...
Extract functions declared in bignum_core.h into a source file with a
matching name.
We are doing this because:
- This is a general best practice/convention
- We hope that this will make resolving merge conflicts in the future
easier
- Having them in a unified source file is a premature optimisation at
this point
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-08-09 11:45:47 +01:00
Gabor Mezei
0c655572dc
Build the new bignum_new.c file
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-08-05 17:03:56 +01:00
Gilles Peskine
5740ff5f1f
Merge pull request #5949 from Summer-ARM/mbedtls-psa-crypto-config
...
MBEDTLS_POLY1305_C and MBEDTLS_CHACHA20_C are needed when PSA_WANT_ALG_CHACHA20_POLY1305 is defined
2022-08-05 11:03:45 +02:00
Dave Rodgman
27036c9e28
Merge pull request #6142 from tom-cosgrove-arm/fix-comments-in-docs-and-comments
...
Fix a/an typos in doxygen and other comments
2022-07-29 12:59:05 +01:00
Dave Rodgman
aba26d0099
Merge pull request #5963 from tom-daubney-arm/remove_ssl_compression_new
...
Remove use of SSL session compression
2022-07-28 10:28:23 +01:00
Manuel Pégourié-Gonnard
f6b8c3297a
Merge pull request #6065 from mpg/explore2
...
Driver-only hashes: RSA 1.5 and PK + strategy doc
2022-07-28 10:43:38 +02:00
Tom Cosgrove
ce7f18c00b
Fix a/an typos in doxygen and other comments
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-07-28 05:50:56 +01:00
Thomas Daubney
20f89a9605
Remove uses of SSL compression
...
Remove or modify current uses of session compression.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-07-26 16:13:03 +01:00
Jan Bruckner
25fdc2addb
Fix minor typos
...
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2022-07-26 10:52:46 +02:00
Ronald Cron
e579ece305
Merge pull request #6087 from yuhaoth/pr/add-tls13-serialize_session_save_load
...
TLS 1.3: Add serialize session save load
I can see that https://github.com/Mbed-TLS/mbedtls/pull/6087#discussion_r927935696 and https://github.com/Mbed-TLS/mbedtls/pull/6087#discussion_r924252403 are addressed in #6123 . Thus I am ok to merge it as it is.
2022-07-23 08:57:11 +02:00
Ronald Cron
340c559cb3
Merge pull request #6079 from yuhaoth/pr/add-tls13-parse-pre_shared_key_offered_psks
...
TLS 1.3: PSK: Add parser/writer of pre_shared_key extension on server side.
2022-07-23 08:50:45 +02:00
Jerry Yu
a66fecebe7
Add endpoint/ticket_flag field for session
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-22 23:08:43 +08:00
Jerry Yu
77f0148e11
Add psk/psk_ephemeral key exchange check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-07-21 23:27:22 +08:00
Ronald Cron
32578b3bd0
Merge pull request #6069 from yuhaoth/pr/add-tls13-write-new-session-ticket
...
TLS 1.3:add tls13 write new session ticket
Validated by the internal CI and Travis.
2022-07-21 16:17:35 +02:00