Commit graph

23763 commits

Author SHA1 Message Date
Valerio Setti
73a218513b psa_crypto_rsa: add comment/explanation for residual PK_WRITE_C guard
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 11:03:09 +01:00
Valerio Setti
f9bc5b75f1 test: remove dependencies on PK_WRITE and PK_PARSE from test_suite_psa_crypto suites
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-08 11:03:09 +01:00
Gilles Peskine
ed7b5978cd
Merge pull request #6172 from gilles-peskine-arm/doc-tls13-psa_crypto_init
Document the need to call psa_crypto_init for TLS 1.3
2023-03-07 20:13:53 +01:00
Gilles Peskine
a2fc399f57
Merge pull request #6829 from AndrzejKurek/unify-psa-errors
Unify PSA to Mbed TLS error translation
2023-03-07 19:55:44 +01:00
Gilles Peskine
12e3c8e019
Merge pull request #7168 from mpg/use-md
Use MD (not low-level hash interface) in X.509 and TLS
2023-03-07 19:55:12 +01:00
Gilles Peskine
30fc999f43
Merge pull request #7164 from oberon-microsystems/fix-test-exported-length-edwards
Fix expected export length for Edwards curves in test suite.
2023-03-07 19:53:48 +01:00
Dave Rodgman
06554e6b08
Merge pull request #7220 from tom-cosgrove-arm/enable-explicit_bzero-on-openbsd
Enable explicit_bzero() on OpenBSD
2023-03-07 17:59:45 +00:00
Tom Cosgrove
503d71769c Enable explicit_bzero() on OpenBSD
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-03-07 12:51:11 +00:00
Janos Follath
fe780a3c4b
Merge pull request #7184 from gabor-mezei-arm/6349_Secp224r1_fast_reduction
Extract Secp224r1 fast reduction from the prototype
2023-03-07 10:57:58 +00:00
Manuel Pégourié-Gonnard
a5ffa93e43
Merge pull request #7142 from mpg/driver-only-ecdh-starter
Driver-only ECDH starter
2023-03-07 09:14:38 +01:00
Gabor Mezei
a2ef6a8e38
The is_valid() function is needed to not filter out test cases
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-06 16:57:25 +01:00
Gabor Mezei
61ef3603eb
Correct the maximum canonical value in tests
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-06 16:32:16 +01:00
Gabor Mezei
97803abd2a
Update comment
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-06 16:32:16 +01:00
Gabor Mezei
d034b3d0d2
Code style: have two empty lines before and after class definitions
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-06 16:32:15 +01:00
Gabor Mezei
5e33e6f5d4
Remove unnecessary function override
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-06 16:32:12 +01:00
Manuel Pégourié-Gonnard
86393db84d Revert local experiment.
This was never meant to be committed here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-06 16:19:05 +01:00
Manuel Pégourié-Gonnard
07d92620d4 Fix some message strings and comments in all.sh
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-06 13:38:55 +01:00
Manuel Pégourié-Gonnard
0d1f5be688 Add comment about shared config function
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-06 13:35:21 +01:00
Manuel Pégourié-Gonnard
947cee18a1 Fix memory leak.
The function reset_checksum() can be called more than once with the same
handshake context (this happens with DTLS clients, and perhaps in other
cases as well). When that happens, we need to free the old MD contexts
before setting them up again.

Note: the PSA path was already doing the right thing by calling abort,
we just needed to do the same on the MD path.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-06 11:59:59 +01:00
Manuel Pégourié-Gonnard
228a30d16c
Merge pull request #7120 from mpg/md-light
Define "MD light" subset of MD
2023-03-06 11:02:19 +01:00
Dave Rodgman
4693fd9e9e
Merge pull request #7173 from daverodgman/zeroize-platform
Use platform-provided secure zeroization
2023-03-06 09:16:12 +00:00
Dave Rodgman
b0d96a23a9 Remove not-needed EABI exclusion
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-03 17:06:09 +00:00
Stephan Koch
6eb73113b1 Fix codestyle with uncrustify.
Signed-off-by: Stephan Koch <koch@oberon.ch>
2023-03-03 17:48:40 +01:00
Dave Rodgman
45cef61fa4
Merge branch 'development' into md-light
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-03 14:28:13 +00:00
Dave Rodgman
1f39a62ce6
Merge pull request #7151 from gilles-peskine-arm/psa-headers-alt
Allow alternative names for overridable PSA headers
2023-03-03 12:37:51 +00:00
Dave Rodgman
e11c1ceac9
Merge pull request #7200 from paul-elliott-arm/interruptible_sign_hash_fail_tests
Enable all keys for interruptible op fail tests
2023-03-03 11:51:57 +00:00
Andrzej Kurek
270b3f9790 Rename error_pair_t to mbedtls_error_pair_t
Required by our coding standards.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:54:13 -05:00
Andrzej Kurek
daf5b56b02 Translate to MD errors in ssl-tls.c
With the introduction of #7047, ssl_tls.c uses 
mbedtls_md_error_from_psa. This complicates
the dependencies for compiling in psa_to_md_errors,
since now these should be ifdeffed also by
MBEDTLS_USE_PSA_CRYPTO followed by a series of or'ed
MBEDTLS_HAS_ALG_SHA_XXX_VIA_MD_OR_PSA_BASED_ON_USE_PSA.
Since this mechanism will be removed soon, we can simplify it to
just MBEDTLS_USE_PSA_CRYPTO.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:52:28 -05:00
Andrzej Kurek
747ab4ea5e Introduce error_pair_t to psa utils
This way error handling can be written in a cleaner way.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:23:45 -05:00
Andrzej Kurek
138b30ac62 Add missing const qualifiers
Also improve documentation
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:23:45 -05:00
Andrzej Kurek
ba24138e0f Duplicate error logic in pk_wrap deprecated functions
GCC 4.6+ complains if a deprecated function calls another.
Working around this universally would require a lot of
preprocessing, this seems to be an easier solution.
Copy mbedtls_pk_error_from_psa code without duplicates
instead of calling the function.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:23:45 -05:00
Andrzej Kurek
8a045ce5e6 Unify PSA to Mbed TLS error translation
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:23:44 -05:00
Dave Rodgman
05b80a4eee
Merge pull request #6201 from gilles-peskine-arm/tls13_only-renegotiation
Disable MBEDTLS_SSL_RENEGOTIATION in TLS-1.3-only builds
2023-03-03 09:56:51 +00:00
Dave Rodgman
e965c3c4bd
Merge pull request #7197 from daverodgman/armclang-sha-warning
Enable -Werror in all.sh for armclang
2023-03-03 09:01:41 +00:00
Paul Elliott
ddbc6ed6cd Enable all keys for interruptible op fail tests
Due to a misunderstanding about the purpose of the test, I had limited this to
ECC keys only, however this defeats the purpose of the test, and left gaps in
test coverage.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-02 16:03:43 +00:00
Dave Rodgman
0fddf829d5 Add more detailed comment
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-02 15:32:12 +00:00
Gilles Peskine
57897b8d6a
Merge pull request #6493 from AndrzejKurek/pymod
Use `config.py` as a module in `depends.py`
2023-03-02 15:38:47 +01:00
Gilles Peskine
6def41b146
Merge pull request #6932 from yuhaoth/pr/fix-arm64-host-build-and-illegal_instrucion-fail
Replace CPU modifier check with file scope target cpu modifiers
2023-03-02 15:36:41 +01:00
Dave Rodgman
528bfa640c Whitespace fix
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-02 13:54:43 +00:00
Dave Rodgman
1c232a8311 Enable -Werror for armclang
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-02 13:39:04 +00:00
Dave Rodgman
2f386c55ff Disable MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT for armclang
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-02 13:38:33 +00:00
Gilles Peskine
5b7e1644a7 Document the need to call psa_crypto_init() with USE_PSA_CRYPTO
When MBEDTLS_USE_PSA_CRYPTO is enabled, the application must call
psa_crypto_init() before directly or indirectly calling cipher or PK code
that will use PSA under the hood. Document this explicitly for some
functions.

To avoid clutter, this commit only documents the need to call
psa_crypto_init() in common, non-obvious cases: parsing a public key
directly or via X.509, or setting up an SSL context. Functions that are
normally only called after such a function (for example, using an already
constructed PK object), or where the need for PSA is obvious because they
take a key ID as argument, do not need more explicit documentaion.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 20:10:29 +01:00
Gilles Peskine
a8d7e438e6 Move non-boolean config options to the proper section
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 20:10:20 +01:00
Gilles Peskine
8c2830a06a Document what "TLS 1.3 depends on PSA" entails
Explicitly document that when using TLS 1.3, you must initialize PSA crypto
before starting a handshake.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 20:06:35 +01:00
Gilles Peskine
cc29bfd92a Bug fixes from the split of ssl_handle_hs_message_post_handshake
The split of ssl_handle_hs_message_post_handshake() into
ssl_tls12_handle_hs_message_post_handshake() and
ssl_tls13_handle_hs_message_post_handshake() fixed some user-visible bugs.
Add a changelog entry for those bugs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 19:49:58 +01:00
Gilles Peskine
136d25c416 Explicitly disable all DTLS options in tls13-only.h
This makes no difference when starting from the default configuration. It
allows tls13-only.h to be used with other base configurations such as `full`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 19:49:58 +01:00
Gilles Peskine
7d3186d18a Disable MBEDTLS_SSL_RENEGOTIATION in tls13-only configuration
There's no renegotiation in TLS 1.3, so this option should have no effect.
Insist on having it disabled, to avoid the risk of accidentally having
different behavior in TLS 1.3 if the option is enabled (as happened in
https://github.com/Mbed-TLS/mbedtls/issues/6200).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 19:47:23 +01:00
Dave Rodgman
f4385faa6f
Merge pull request #7188 from paul-elliott-arm/interruptible_sign_hash_complete_after_start_fail
Interruptible {sign|verify} hash - Call complete() after start() failure.
2023-03-01 17:18:08 +00:00
Gabor Mezei
aeadc2d731
Apply naming convention
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-01 16:53:03 +01:00
Gabor Mezei
931fd646ff
Use lower case hex number
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-01 16:50:00 +01:00