yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
29158 commits 1 branch 0 tags 94 MiB
Commit graph

12716 commits

Author SHA1 Message Date
Ryan Everett
098c6659ad Update psa_get_and_lock_key_slot_X functions 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-04 16:57:48 +00:00
Ryan Everett
b69118ebd0 Update key creation functions to use the new key slot states 
Update psa_start_key_creation,
psa_finish_key_creation and psa_fail_key_creation.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-04 16:57:48 +00:00
Ryan Everett
2afb516011 Update and rename psa_get_empty_key_slot 
Rename to psa_reserve_free_key_slot, as this function reserves a slot which is
free (not always empty) for filling.
Implement necessary state transitions and state checks.
Rename unlocked_persistent_key_slot to unused_persistent_key_slot.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-04 16:57:48 +00:00
Ryan Everett
4a78277cb2 Implement psa_key_slot_state_transition 
This inline function is used in every case we want to change the state of a slot,
except for where we do not care about what the state of the slot was before.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-04 16:57:48 +00:00
Ryan Everett
39cc9d755e Implement psa_register_read and psa_unregister_read 
Replaces psa_lock_key_slot and psa_unlock_key_slot.
Future commits will remove the calls to locking/unlocking functions,
and add calls to registering/unregistering functions.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-04 16:57:48 +00:00
Ryan Everett
62aa79ac5c Implement psa_key_slot_has_readers and remove psa_is_key_slot_occupied 
Remove psa_is_key_slot_occupied, any function which calls this can just check
the state variable instead.
Replace psa_is_key_slot_locked with psa_key_slot_has_readers.
References to the now removed functions are changed in future commits.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-04 16:57:48 +00:00
Ryan Everett
aa33c512cc Update psa_wipe_key_slot 
Change psa_wipe_key_slot to use the new state system.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-04 16:57:48 +00:00
Ryan Everett
d7dc7ff91c Update psa_key_slot_t 
Remove the `status` field and replace with the `state` field.
Remove the `lock_count` field and replace with the `registered_readers` field.
Add documentation which describes how and why these fields are to be used.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-04 16:57:48 +00:00
Dave Rodgman
a021d63bf7
Merge pull request #8642 from daverodgman/default-compiler-all 
CI perf: Use clang by default in all.sh
 2024-01-04 12:58:54 +00:00
Manuel Pégourié-Gonnard
5bad043c06
Merge pull request #8641 from valeriosetti/issue8358 
G3-G4 wrap-up
 2024-01-04 10:48:00 +00:00
Gilles Peskine
39b7bba8a0 Make input parameter const 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 17:56:54 +01:00
Valerio Setti
c1c6858bfc cipher_wrap: fix guards for some CCM/GCM functions 
Legacy CCM and GCM can work even when AES_C is not defined thanks
to the block_cipher module, so we can relax guards in
cipher_wrap.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-02 17:20:58 +01:00
Valerio Setti
3d2e0f5f42 psa_util: add algorithm's availability checks for MD conversion functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-02 14:57:47 +01:00
Valerio Setti
384fbde49a library/tests: replace md_psa.h with psa_util.h as include file for MD conversion 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-02 13:27:32 +01:00
Valerio Setti
45c3cae8a5 md: move PSA conversion functions from md_psa.h to psa_util.h 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-02 13:26:04 +01:00
Dave Rodgman
84125a167e Merge remote-tracking branch 'origin/development' into default-compiler-all 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-02 11:42:38 +00:00
Valerio Setti
e581e140cc oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C 
This commit also updates test_suite_pkparse.data file adding
MBEDTLS_CIPHER_C dependencies whenever PKCS[5/12] is used.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-29 16:35:58 +01:00
Waleed Elmelegy
6a971fd61a Refactor and improve Record size limit handling 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-28 17:48:16 +00:00
Valerio Setti
1fff4f2012 psa: add key_type as input parameter of psa_can_do_cipher() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-28 18:33:17 +01:00
Valerio Setti
1994e72e18 check_config/block_cipher: minor improvements 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-28 18:33:04 +01:00
Gilles Peskine
62e33bcc64 New function mbedtls_ecp_write_public_key 
Directly export the public part of a key pair without having to go through
intermediate objects (using mbedtls_ecp_point_write_binary would require a
group object and a point object).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-24 15:23:19 +01:00
Gilles Peskine
7ea72026cd New function mbedtls_ecp_keypair_calc_public 
For when you calculate or import a private key, and then need to calculate
the public key.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Gilles Peskine
28240323d3 New function mbedtls_ecp_set_public_key 
Set the public key in a key pair. This complements mbedtls_ecp_read_key and
the functions can be used in either order.

Document the need to call check functions separately.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Gilles Peskine
ba5b5d67aa Support partial export from mbedtls_ecp_keypair 
Sometimes you don't need to have all the parts of a key pair object. Relax
the behavior of mbedtls_ecp_keypair so that you can extract just the parts
that you need.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Gilles Peskine
e6886102ef New function mbedtls_ecp_keypair_get_group_id 
Add a simple function to get the group id from a key object.

This information is available via mbedtls_ecp_export, but that function
consumes a lot of memory, which is a waste if all you need is to identify
the curve.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Valerio Setti
a69e872001 pkcs[5/12]: add CIPHER_C for [en/de]crypting functions 
This commit also updates corresponding test suites.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-21 16:39:04 +01:00
Dave Rodgman
3bc249959c
Merge branch 'development' into default-compiler-all 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-21 14:35:14 +00:00
Tom Cosgrove
c6088eceb4
Merge pull request #8384 from paul-elliott-arm/remove_ssl_null_tls12 
Remove NULLing of ssl context in TLS1.2 transform population
 2023-12-21 13:28:09 +00:00
Gilles Peskine
4bf4473ef0
Merge pull request #8633 from Wenxing-hou/clear_clienthello_comment 
Make clienthello comment clear
 2023-12-21 12:09:23 +00:00
Gilles Peskine
0e6fdc4f1d
Merge pull request #8342 from yanesca/threading_test_pc 
Threading test proof of concept and plan
 2023-12-21 12:08:41 +00:00
Waleed Elmelegy
65e3046e18 Fix code style in ssl_tls.c 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-20 17:55:10 +00:00
Waleed Elmelegy
049cd302ed Refactor record size limit extension handling 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-20 17:28:31 +00:00
Tomi Fontanilles
851d8df58d fix/work around dependency issues when !MBEDTLS_ECP_C 
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
 2023-12-20 13:09:27 +02:00
Tomi Fontanilles
9f41770313 pk_*: remove remaining references to MBEDTLS_PSA_CRYPTO_C 
For real this time.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 13:05:55 +02:00
Tomi Fontanilles
bad170e159 pk: remove last references to MBEDTLS_PSA_CRYPTO_C 
They are replaced by MBEDTLS_USE_PSA_CRYPTO.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
1941af087c pk_wrap: remove last references to MBEDTLS_PSA_CRYPTO_C 
Deprecated functions are removed and #ifdefs are updated accordingly.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
573dc23141 rsa: introduce rsa_internal_rsassa_pss_sign_no_mode_check() 
And use it in the non-PSA version of mbedtls_pk_sign_ext()
to bypass checks that didn't succeed when used by TLS 1.3.

That is because in the failing scenarios the padding of
the RSA context is not set to PKCS_V21.

See the discussion on PR #7930 for more details.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
8174662b64 pk: implement non-PSA mbedtls_pk_sign_ext() 
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.

Related dependencies and tests are updated as well.

Fixes #7583.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Valerio Setti
689c0f71cb tests: use new CCM/GCM capability macros in tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-20 09:54:18 +01:00
Manuel Pégourié-Gonnard
a4b38f24fd
Merge pull request #8579 from valeriosetti/issue7995 
PK: clean up pkwrite
 2023-12-20 08:20:10 +00:00
Valerio Setti
50333977c6 cipher_wrap: fix guards for alloc/free functions of CCM/GCM 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-20 07:36:05 +01:00
Dave Rodgman
a69c782351
Merge pull request #8634 from daverodgman/iar-fixes 
IAR warning fix & some improvements
 2023-12-19 16:26:23 +00:00
Dave Rodgman
d47186d6e3 Disable automatic setting of clang target flags on old clang 
Old versions of clang don't support this pragma, so we have to assume
that the user will have set the flags.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-19 13:11:47 +00:00
Valerio Setti
7f062a58fb pkwrite: add newlines when calling mbedtls_pem_write_buffer() 
New defines, which are shared with the pkparse module, lack the
new line so we manually add it when invoking
mbedtls_pem_write_buffer().

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-19 07:48:42 +01:00
Valerio Setti
4bb5740a7d Revert "pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()" 
This reverts commit 180915018d.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-19 07:48:38 +01:00
Paul Elliott
8860021abc Fix false claim of variables used unitialised 
GCC with TSan + O3 causes an error where it claims key_len and iv_len
may be used uninitialised. This is, as far as I can tell incorrect (the
only way it could not be set is in the error case, and then it is not
used), however the simplest option seemed to be just to fix it.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Dave Rodgman
af616d9123 Merge remote-tracking branch 'origin/development' into iar-fixes 2023-12-18 13:38:22 +00:00
Manuel Pégourié-Gonnard
8f1c36df00
Merge pull request #8607 from valeriosetti/issue8602 
Make enrollement "optional" in pk_can_do_ext()
 2023-12-18 11:30:04 +00:00
Bence Szépkúti
a085fa8ccf
Merge pull request #8627 from tom-cosgrove-arm/ip_len 
Avoid use of `ip_len` as it clashes with a macro in AIX system headers
 2023-12-18 02:03:17 +00:00
Valerio Setti
4ff405cf80 block_cipher: remove psa_key_type from mbedtls_block_cipher_context_t 
This information was redundant with the already existing mbedtls_block_cipher_id_t.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-15 16:10:52 +01:00
Dave Rodgman
543d275c68
Merge pull request #8635 from daverodgman/asan-opt 
CI perf - prefer clang for Asan
 2023-12-15 13:25:02 +00:00
Manuel Pégourié-Gonnard
cddab78612
Merge pull request #8630 from joerchan/mbedtls-tfm-compat 
Mbedtls tfm compat
 2023-12-15 09:31:27 +00:00
Dave Rodgman
815b240d72 Fix unused function/variable warnings from clang 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-14 23:20:48 +00:00
Valerio Setti
bd7528a592 ccm/gcm: use BLOCK_CIPHER whenever possible 
Prefer BLOCK_CIPHER instead of CIPHER_C whenever it's enabled.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Valerio Setti
785ec17795 block_cipher: use PSA_BITS_TO_BYTES() in mbedtls_block_cipher_setkey() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Valerio Setti
849a1abfdd block_cipher: remove useless use of psa_cipher_operation_t 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Valerio Setti
c6f004f0e2 psa_crypto: add internal helper to signal that cipher driver is ready 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Valerio Setti
8ceaa75b73 psa_util: add error translations from PSA to cipher 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Valerio Setti
c1db99d3f5 block_cipher: add PSA dispatch if possible 
"if possible" means:
- PSA has been initialized
- requested key type is available in PSA

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00
Waleed Elmelegy
26e3698357 Revert back checking on handshake messages length 
Revert back checking on handshake messages length due to
limitation on our fragmentation support of handshake
messages.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-14 16:23:25 +00:00
Waleed Elmelegy
05d670b711 Revert "Skip checking on maximum fragment length during handshake" 
This reverts commit 419f841511.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-14 16:23:10 +00:00
Wenxing Hou
3b9de38208 Make clienthello comment clear 
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
 2023-12-14 22:44:08 +08:00
Joakim Andersson
b349108b99 library: Move mbedtls_ecc helper functions to psa_util 
Move the mbedtls_ecc helper functions from psa_core to psa_util.
These files are not implemented as part of the PSA API and should not
be part of the PSA crypto implementation.

Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
 2023-12-14 13:55:11 +01:00
Dave Rodgman
69928dbe86 Fix compile warning from IAR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-14 12:09:18 +00:00
Dave Rodgman
650674bb41 Add MBEDTLS_BSWAPxx intrinsics for IAR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-14 12:08:57 +00:00
Dave Rodgman
f3c04f3f47 Better definition of MBEDTLS_IS_BIG_ENDIAN for IAR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-14 12:08:57 +00:00
Manuel Pégourié-Gonnard
1f67363d6a
Merge pull request #8616 from lpy4105/issue/8553/test-driver-only-rsa 
Add test for driver-only RSA (crypto only)
 2023-12-14 11:05:55 +00:00
Manuel Pégourié-Gonnard
001fb73131
Merge pull request #8612 from valeriosetti/issue8601 
Quit using enrollment in pkparse
 2023-12-13 14:55:34 +00:00
Manuel Pégourié-Gonnard
ea6b3c030d
Merge pull request #8605 from valeriosetti/issue8600 
Quit using enrollment alg in for ECDSA in PK
 2023-12-12 16:53:15 +00:00
Joakim Andersson
c5b7285da9 library: Remove unused psa_crypto_core.h include 
Remove unused psa_crypto_core.h include.
The PSA util file provides helper functions when using the PSA API.
It should not rely on PSA internal headers, and instead only use
public headers.

Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
 2023-12-11 21:25:44 +01:00
Tom Cosgrove
656d4b3c74 Avoid use of ip_len as it clashes with a macro in AIX system headers 
Fixes #8624

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-12-08 21:51:15 +00:00
Pengyu Lv
f75893bb36 Update comments 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 17:40:00 +08:00
Pengyu Lv
e9efbc2aa5 Error out when get domain_parameters is not supported 
From time being, domain_parameters could not be extracted
from driver. We need to return error to indicate this
situation. This is temporary and would be fixed after #6494.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 17:30:26 +08:00
Pengyu Lv
94a42ccb3e Add tls13 in ticket flags helper function names 
```
sed -i \
"s/\(mbedtls_ssl\)_\(session_\(\w*_\)\?ticket\)/\1_tls13_\2/g" \
library/*.[ch]
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 11:12:46 +08:00
Yanray Wang
90acdc65e5 tl13: srv: improve comment 
Improve comment when received version 1.2 of the protocol while TLS
1.2 is disabled on server side.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:38 +08:00
Yanray Wang
2bef917a3c tls13: srv: return BAD_PROTOCOL_VERSION if chosen unsupported version 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:35 +08:00
Yanray Wang
177e49ad7a tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:33 +08:00
Yanray Wang
408ba6f7b8 tls13: srv: replace with internal API to check is_tls12_enabled 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-08 11:00:30 +08:00
Pengyu Lv
abd844f379 Fix wrong format in the function doc 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
02e72f65da Reword return value description for mbedtls_ssl_tls13_is_kex_mode_supported 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
bc4aab7673 Add "_is_" to functions ssl_tls13_key_exchange_.*_available 
Done by command:

```
sed -i \
"s/ssl_tls13_key_exchange_\(.*\)_available/ssl_tls13_key_exchange_is_\1_available/g" \
library/*.[ch]
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
b2cfafbb9e Consistent renaming 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
2333b826f4 tls13: srv: rename mbedtls_ssl_tls13_check_kex_modes 
The function is renamed to
`mbedtls_ssl_tls13_is_kex_mode_supported` and
the behaviour is reversed.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
0a1ff2b969 Consistent renaming 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
4f537f73fa tls13: rename mbedtls_ssl_session_check_ticket_flags 
The function is renamed to mbedtls_ssl_session_ticket_has_flags.
Descriptions are added.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:58 +08:00
Pengyu Lv
d72e858fd1 tls13: srv: rename ssl_tls13_ticket_permission_check 
The function is renamed to
ssl_tls13_ticket_is_kex_mode_permitted

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Pengyu Lv
fc2cb9632b tls13: rename mbedtls_ssl_conf_tls13_check_kex_modes 
The function is renamed to
mbedtls_ssl_conf_tls13_is_kex_mode_enabled.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Pengyu Lv
60a22567e4 tls13: change return value of mbedtls_ssl_conf_tls13_check_kex_modes 
To keep the convention in TLS code, check functions should return 0
when check is successful.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Pengyu Lv
981ec14744 tls13: rename ssl_tls13_check_*_key_exchange functions 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-12-08 10:01:57 +08:00
Waleed Elmelegy
419f841511 Skip checking on maximum fragment length during handshake 
MbedTLS currently does not support maximum fragment length
during handshake so we skip it for now.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-07 18:33:42 +00:00
Ronald Cron
90d07118ad
Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst 
TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket
 2023-12-07 09:25:35 +00:00
Gilles Peskine
f3ccfddb45
Merge pull request #8615 from davidhorstmann-arm/fix-cast-potential-overflow 
Fix possible integer overflows
 2023-12-07 00:42:10 +00:00
Gilles Peskine
57e401b39f
Merge pull request #8521 from valeriosetti/issue8441 
[G4] Make CTR-DRBG fall back on PSA when AES not built in
 2023-12-06 18:25:44 +00:00
David Horstmann
4749007f64 Fix possible integer overflows before widening 
When calculating a result to go into an mbedtls_ms_time_t, make sure
that arithmetic is performed at the final size to prevent overflow.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-06 17:22:53 +00:00
Valerio Setti
202bb71dcd ssl_tls12_server: do not export/import opaque keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-06 17:05:24 +01:00
Waleed Elmelegy
9aec1c71f2 Add record size checking during handshake 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-06 15:18:15 +00:00
Jan Bruckner
f482dcc6c7 Comply with the received Record Size Limit extension 
Fixes #7010

Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2023-12-06 15:18:08 +00:00
Manuel Pégourié-Gonnard
ad4f0ada37
Merge pull request #8514 from mschulz-at-hilscher/fixes/uninitialized-variable-in-ssl_msg 
Fix uninitialized variable warnings in ssl_msg.c
 2023-12-06 11:06:03 +00:00
Valerio Setti
2bd53667d6 pk: guard key enrollment function with PSA_CRYPTO_CLIENT 
Use key enrollment function only when MBEDTLS_PSA_CRYPTO_CLIENT
is enabled, i.e. when the Mbed TLS implementation of PSA Crypto
is being used.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-06 11:24:50 +01:00
Jerry Yu
95648b0134 Some minor improvement 
- move early data check to `prepare`
- avoid `((void) output_len)
- replace check with `session_ticket_allow`  in 2nd place

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:21:16 +08:00
Jerry Yu
c59c586ac4 change prototype of write_early_data_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:21:15 +08:00
Jerry Yu
163e12f7ff remove assignment for session->max_early_data_size 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:21:09 +08:00
Jerry Yu
ebe1de62f9 fix various issue 
- rename connection time variable
- remove unnecessary comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:20:25 +08:00
Jerry Yu
9e7f9bc253 Add missing debug message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:20:22 +08:00
Jerry Yu
db97163ac7 add ticket max_early_data_size check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:20:13 +08:00
Jerry Yu
5233539d9f share write_early_data_ext function 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:18:50 +08:00
Jerry Yu
0069abc141 improve comments of new session ticket 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:18:46 +08:00
Jerry Yu
1a160703f8 set max_early_data_size of ticket to keep consistent 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:18:43 +08:00
Jerry Yu
f135bac89c Add max_early_data_size check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:18:39 +08:00
Jerry Yu
930ce4cfac Revert "change max_early_data_size source" 
This reverts commit 3d8d6a770f3a0f3045820970bc4a5d6ee7df8e10.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:18:36 +08:00
Jerry Yu
2f5d93b1c9 Revert "set init value for max_early_data_size in session" 
This reverts commit 8b02d75ed1af883e135979d24e38c0847e66fede.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:18:33 +08:00
Jerry Yu
d450fd25ae change max_early_data_size source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:18:31 +08:00
Jerry Yu
525990fb62 set init value for max_early_data_size in session 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:18:28 +08:00
Jerry Yu
db6fda71e5 improve early data comments 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:17:51 +08:00
Jerry Yu
10795a0c3b replace ticket permission set 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:17:48 +08:00
Jerry Yu
c2b1bc4fb6 replace early data permission check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:17:46 +08:00
Jerry Yu
4da7c22cd6 add early data flag check function 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:17:44 +08:00
Jerry Yu
ea96ac3da9 fix various issues 
- get ticket_flags with function.
- improve output message and check it.
- improve `ssl_server2` help message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:17:37 +08:00
Jerry Yu
3db60dfe5e rename nst early data write function 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:16:56 +08:00
Jerry Yu
fceddb310e Add early data permission check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:14:54 +08:00
Jerry Yu
01da35e2c8 add early data extension of NST 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-06 18:14:52 +08:00
Valerio Setti
bced8bc8d7 ssl_tls12_server: export/import PK parsed key in TLS side 
Instead of setting both algorithm and enrollement algorithm in the
PK module when parsing the key:

- for Weierstrass keys we only set ECDSA algorithm,
- for Montgomery keys we don't set any algorithm.

Reasons:
- PK module can only do ECDSA and not ECDH
- ECDH is only used in TLS
- Montgomery keys cannot be used to do ECDSA, while Weierstrass ones
  can do both ECDSA and ECDH.

So the idea is that once TLS needs the key to do ECDH (either Weierstrass
and Montgomery), it exports the one parsed from the PK module and then
re-imports it setting proper algorithm and flags. In this way the TLS
module will own the new key so it will be its duty to clear it on
exit.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-06 10:40:47 +01:00
Valerio Setti
fbbafa0d2d pkparse: do not set key algorithm for Montgomery keys in pk_ecc_set_key() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-06 10:07:34 +01:00
Ronald Cron
40f3f1c36f
Merge pull request #7058 from yuhaoth/pr/tls13-early-data-parsing-0-rtt-data 
TLS 1.3 EarlyData SRV: Parsing 0-RTT data
 2023-12-06 06:47:32 +00:00
Jerry Yu
42020fb186 revert output message which used by testing 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-05 17:35:53 +08:00
Ronald Cron
a1e867c676
Merge pull request #8576 from yanrayw/issue/fix-tls13-session_negotiate-assignment 
TLS13: CLI: EarlyData: Assign ciphersuite after associated verification in EE
 2023-12-05 08:31:24 +00:00
Valerio Setti
4ac2c18834 pk_wrap: try both ECDSA signature schemes in ecdsa_sign_psa() 
Instead of extracting key's properties in order to check whether it
supports deterministic or non-deterministic ECDSA, we try both.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-05 07:59:01 +01:00
Jerry Yu
ebb1b1d48f fix ci test failure 
"skip parse certificate verify" can not be changed.
It is used in `Authentication: client badcert, server none`
test.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-05 11:02:15 +08:00
Jerry Yu
b55f9eb5c5 fix various issues 
- remove unnecessary statements
- improve macro name
- improve output message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-05 10:27:17 +08:00
Valerio Setti
8aec84f3a7 pkwrite: minor code reshape 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 16:04:21 +01:00
Valerio Setti
83e0de8481 crypto_extra: revert changes to mbedtls_psa_random_free() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Valerio Setti
402cfba4dc psa: free RNG implementation before checking for remaining open key slots 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti
5f4b28defc ctr_drbg: add alternative PSA implementation when AES_C is not defined 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Dave Rodgman
9afc0200c7
Merge pull request #8563 from Oldes/issues-8562 
Fixed compilation for Haiku OS
 2023-12-04 09:53:08 +00:00
Yanray Wang
fb0f47b1f8 tls13: srv: check tls version in ClientHello with min_tls_version 
When server is configured as TLS 1.3 only and receives ClientHello
from a TLS 1.2 only client, it's expected to abort the handshake
instead of downgrading protocol to TLS 1.2 and continuing handshake.
This commit adds a check to make sure server min_tls_version always
larger than received version in ClientHello.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-04 17:50:36 +08:00
Jerry Yu
7bb40a3650 send unexpected alert when not received eoed or app during reading early data 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-04 10:04:15 +08:00
Jerry Yu
fbf039932a Send decode error alert when EOED parsing fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-04 10:00:37 +08:00
Jerry Yu
3be850782c fix various issues 
- improve comments
- rename function and macros name
- remove unnecessary comments
- remove extra empty lines
- remove unnecessary condition

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-04 09:58:54 +08:00
Yanray Wang
744577a429 tls13: early_data: cli: check a PSK has been selected in EE 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 23:03:37 +08:00
Dave Rodgman
f1be1f6740 Remove unused code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-01 13:53:45 +00:00
Oldes Huhuman
304fa091cf Shortening a comment line 
Related to: https://github.com/Mbed-TLS/mbedtls/issues/8562

Signed-off-by: Oldes Huhuman <oldes.huhuman@gmail.com>
 2023-12-01 12:23:26 +01:00
Yanray Wang
9ae6534c20 tls13: early_data: cli: improve comment 
This commit improves comment of why we assign the identifier of the
ciphersuite in handshake to `ssl->session_negotiate`.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 17:46:08 +08:00
Yanray Wang
03a00768c0 tls13: early_data: cli: improve comment 
This commit improves comment of the check for handshake parameters
in Encrypted Extension.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 17:40:21 +08:00
Jerry Yu
0af63dc263 improve comments and output message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 17:18:04 +08:00
Jerry Yu
ee4d729555 print received early application data 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:53:50 +08:00
Jerry Yu
e96551276a switch inbound transform to handshake 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:53:50 +08:00
Jerry Yu
75c9ab76b5 implement parser of eoed 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:53:50 +08:00
Jerry Yu
b4ed4602f2 implement coordinate of eoed 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:34:00 +08:00
Jerry Yu
d5c3496ce2 Add dummy framework of eoed state 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:32:31 +08:00
Jerry Yu
59d420f17b empty process_end_of_early_data 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:30:34 +08:00