Commit graph

314 commits

Author SHA1 Message Date
Dave Rodgman
2eab462a8c Fix IAR warnings
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 13:30:37 +01:00
Manuel Pégourié-Gonnard
de8f56e936
Merge pull request #7884 from valeriosetti/issue7612
TLS: Clean up (EC)DH dependencies
2023-08-01 07:13:36 +00:00
Valerio Setti
c9ae862225 tls: use TLS 1.3 guards in ssl_tls13 modules
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 11:23:50 +02:00
Valerio Setti
ea59c43499 tls: fix a comment a rename a variable/symbol
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 11:14:03 +02:00
Gilles Peskine
6aca2c9613
Merge pull request #7716 from mpg/psa-util-internal
Split psa_util.h between internal and public
2023-07-10 18:33:23 +02:00
Manuel Pégourié-Gonnard
5c41ae867b
Merge pull request #7887 from ronald-cron-arm/fix-hrr-in-psk-kem
tls13: server: Fix spurious HRR
2023-07-10 09:58:13 +02:00
Valerio Setti
3d237b5ff1 ssl_misc: fix guards for PSA data used in XXDH key exchanges
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-07 19:02:16 +02:00
Ronald Cron
8a74f07c2a tls13: server: Fix spurious HRR
If the server during a TLS 1.3 handshake selects
the PSK key exchange mode, it does not matter
if it did not find in the key share extension
a key share for a group it supports. Such a
key share is used and necessary only in the
case of the ephemeral or PSK ephemeral key
exchange mode. This is a possible scenario in
the case of a server that supports only the PSK
key exchange mode and a client that also
supports a key exchange mode with ephemeral keys.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-07-07 15:53:12 +02:00
Manuel Pégourié-Gonnard
d55d66f5ec Fix missing includes
Some files relied on psa_util.h to provide the includes they need.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-07-06 12:47:28 +02:00
Przemek Stekiel
408569f91a Adapt function name: mbedtls_ssl_tls13_generate_and_write_dh_key_exchange
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-06 12:16:44 +02:00
Przemek Stekiel
7ac93bea8c Adapt names: dh -> xxdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:26:26 +02:00
Przemek Stekiel
d5f79e7297 Adapt functions names for ffdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:26:26 +02:00
Manuel Pégourié-Gonnard
56b159a12a
Merge pull request #7627 from mprse/ffdh_tls13_v2
Make use of FFDH keys in TLS 1.3 v.2
2023-07-03 10:12:33 +02:00
Przemek Stekiel
8c0a95374f Adapt remaining guards to FFDH
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-15 17:07:10 +02:00
Przemek Stekiel
29c219c285 Combine mbedtls_ssl_tls13_generate_and_write_ecdh/ffdh_key_exchange functions
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-06 12:31:09 +02:00
Przemek Stekiel
63706628d0 Adapt guards for FFDH
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-06 12:31:08 +02:00
Przemek Stekiel
c89f3ea9f2 Add support for FFDH in TLS 1.3
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-06 12:31:08 +02:00
Manuel Pégourié-Gonnard
02b10d8266 Add missing include
Fix build failures with config full

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
1f2a587cdf Use actual function instead of static inline
Large static inline functions used from several translation units in the
library are bad for code size as we end up with multiple copies. Use the
actual function instead. There's already a comment that says so.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
2d6d993662 Use MD<->PSA functions from MD light
As usual, just a search-and-replace plus:

1. Removing things from hash_info.[ch]
2. Adding new auto-enable MD_LIGHT in build-info.h
3. Including md_psa.h where needed

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
YxC
da609130f3 fix: correct calling to time function in tls13 client&server
Call `mbedtls_time` to handle the case when MBEDTLS_PLATFORM_TIME_MACRO is defined

Signed-off-by: Yuxiang Cao <yuxiang.cao@fortanix.com>
2023-05-22 13:22:00 -07:00
Xiaokang Qian
49f39c1e91 Fix the wrong debug _message function to _ret
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-04-10 08:29:17 +00:00
Xiaokang Qian
09c3cccf97 Update the todo comment of record size limits
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-04-10 08:29:17 +00:00
Xiaokang Qian
8bce0e6f5e Update group ext debug message in ssl_tls13_server.c
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-04-10 08:29:17 +00:00
Xiaokang Qian
9f1747bb1f Wrap lines which exceed 80 chars in ssl_tls13_server.c
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-04-10 08:29:14 +00:00
Ronald Cron
dad02b2bec tls13: srv: Fix comment
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:32:05 +02:00
Ronald Cron
e45afd760d Use specific pointer to loop over proposed cipher suites
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:32:01 +02:00
Ronald Cron
eff5673e09 Improve and align variable names for supported versions data
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
3bd2b02486 Check for TLS 1.3 version first
Check for TLS 1.3 version first when parsing
the supported versions extension as it is
the most likely version.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
b828c7d3de Fix, improve and add comments
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
5af4c7f0e2 tls13: srv: Add detection to negotiate TLS 1.2
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
8c527d0be8 tls13: srv: Parse supported versions extension early
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
2f16b4ec66 tls13: srv: Postpone cipher suite selection
Postpone TLS 1.3 cipher suite selection
when we are sure we negotiate the version
1.3 of the protocol.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
cada410365 tls13: srv: Postpone legacy session id copy
To avoid doing it twice in case we eventually
negotiate the version 1.2 of the protocol,
postpone the copy of the legacy session id.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
d540d995b2 tls13: srv: Postpone client random copy
To avoid doing it twice in case we eventually
negotiate the version 1.2 of the protocol,
postpone the copy of the client random
bytes.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
6458239b36 tls13: srv: Move TLS version setting
When parsing the ClientHello message,
move the setting of the TLS version
to TLS 1.3 after the computation of
the end of the list of cipher suites.
At that point we are able to compute
the address and end address of the
list of extensions and thus able to
search and parse the supported_versions
extension to select which version
of the TLS protocol we are going to
negotiate.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Paul Elliott
d01a3bca05 Merge tag 'v3.4.0' into mbedtls-3.4.0_mergeback
Mbed TLS 3.4.0
2023-03-27 18:09:49 +01:00
Valerio Setti
080a22ba75 ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-22 10:48:34 +01:00
Valerio Setti
0c8ec3983e ssl_tls: fix proper guards for accelerated ECDH
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-22 10:48:34 +01:00
Paul Elliott
f1eb5e2a04 Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-21 15:35:17 +00:00
Jan Bruckner
1a38e54436 Changes from 2nd review
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-03-15 14:15:11 +01:00
Jan Bruckner
a0589e75a0 Changes from review
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-03-15 11:04:45 +01:00
Jan Bruckner
151f64283f Add parsing for Record Size Limit extension in TLS 1.3
Fixes #7007

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-03-14 08:41:25 +01:00
Paul Elliott
e4622a3436 Merge remote-tracking branch 'development/development' into development-restricted
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-13 17:49:32 +00:00
Manuel Pégourié-Gonnard
43cc127d3a Fix code style
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard
b8b07aa24a Handle errors from functions that now return int
A few functions were changed from returning void to returning int three
commits ago. Make sure their callers check the return values.

This commits was basically a matter of declaring newly-int-returning
functions MBEDTLS_CHECK_RETURN_CRITICAL and then fixing the resulting
warnings. A few functions had to be made int in the process; they were
applied the same process as well.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-02-21 15:39:12 +01:00
Ronald Cron
d89360b87b Fix and improve documentation, comments and logs
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-02-21 14:57:25 +01:00
Ronald Cron
25e9ec61f0 tls13: server: Select preferred cipher suite
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-02-20 11:42:19 +01:00
Ronald Cron
fc7ae87ad4 tls13: server: Check ciphersuite list length parity once
Check ciphersuite list length parity once,
mainly to enable the possibility of getting
out of the loop of the ciphersuites whenever
we want.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-02-20 11:42:19 +01:00
Ronald Cron
606671e06e tls13: server: Check mbedtls_ssl_set_hs_psk returned value
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-02-20 11:42:19 +01:00