Commit graph

184 commits

Author SHA1 Message Date
Gilles Peskine
84b9f1b039 mbedtls_ecp_write_key_ext(): migrate internally
Stop using mbedtls_ecp_write_key() except to test it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-28 13:19:42 +01:00
Manuel Pégourié-Gonnard
0ecb5fd6f5
Merge pull request #8574 from ronald-cron-arm/ssl-tickets
Fix and align ticket age check in ssl_ticket.c for TLS 1.2 and TLS 1.3
2024-02-21 09:38:46 +00:00
Valerio Setti
b4f5076270 debug: move internal functions declarations to an internal header file
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-18 15:30:46 +01:00
Ronald Cron
3c0072b58e ssl_ticket.c: Base ticket age check on the ticket creation time
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 10:29:51 +01:00
Ronald Cron
17ef8dfddb ssl_session: Define unconditionally the endpoint field
The endpoint field is needed to serialize/deserialize
a session in TLS 1.2 the same way it is needed in the
TLS 1.3 case: client specific fields that should not
be in the serialized version on server side if both
TLS client and server are enabled in the TLS library.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 08:58:19 +01:00
Gilles Peskine
4bf4473ef0
Merge pull request #8633 from Wenxing-hou/clear_clienthello_comment
Make clienthello comment clear
2023-12-21 12:09:23 +00:00
Manuel Pégourié-Gonnard
a4b38f24fd
Merge pull request #8579 from valeriosetti/issue7995
PK: clean up pkwrite
2023-12-20 08:20:10 +00:00
Wenxing Hou
3b9de38208 Make clienthello comment clear
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
2023-12-14 22:44:08 +08:00
Valerio Setti
202bb71dcd ssl_tls12_server: do not export/import opaque keys
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 17:05:24 +01:00
Valerio Setti
bced8bc8d7 ssl_tls12_server: export/import PK parsed key in TLS side
Instead of setting both algorithm and enrollement algorithm in the
PK module when parsing the key:

- for Weierstrass keys we only set ECDSA algorithm,
- for Montgomery keys we don't set any algorithm.

Reasons:
- PK module can only do ECDSA and not ECDH
- ECDH is only used in TLS
- Montgomery keys cannot be used to do ECDSA, while Weierstrass ones
  can do both ECDSA and ECDH.

So the idea is that once TLS needs the key to do ECDH (either Weierstrass
and Montgomery), it exports the one parsed from the PK module and then
re-imports it setting proper algorithm and flags. In this way the TLS
module will own the new key so it will be its duty to clear it on
exit.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 10:40:47 +01:00
Valerio Setti
f9362b7324 pk_internal: small renaming for mbedtls_pk_get_group_id()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-29 08:42:27 +01:00
Dave Rodgman
c37ad4432b misc type fixes in ssl
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-21 17:09:46 +00:00
Dave Rodgman
a3d0f61aec Use MBEDTLS_GET_UINTxx_BE macro
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-21 17:09:46 +00:00
Dave Rodgman
e4a6f5a7ec Use size_t cast for pointer subtractions
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-21 17:09:46 +00:00
Dave Rodgman
16799db69a update headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Gilles Peskine
f6f4695824
Merge pull request #8320 from valeriosetti/issue8263
Fix dependencies of mbedtls_pk_ec_ro and mbedtls_pk_ec_rw
2023-10-18 10:03:46 +00:00
Valerio Setti
74cb404b0d ssl: improve ssl_check_key_curve()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 13:40:50 +02:00
Valerio Setti
4d0e84628c ssl: reorganize guards surrounding ssl_get_ecdh_params_from_cert()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:15:29 +02:00
Valerio Setti
e7cefae5f4 ssl: fix getting group id in ssl_check_key_curve()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-06 13:19:48 +02:00
Gilles Peskine
3713bee34c Remove leftover local debug line
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 18:43:18 +02:00
Gilles Peskine
530c423ad2 Improve some debug messages and error codes
On a parsing error in TLS, return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE, not a
crypto error code.

On error paths, emit a level-1 debug message. Report the offending sizes.

Downgrade an informational message's level to 3.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:42:11 +02:00
Gilles Peskine
c8df898204 Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing
Fix a buffer overflow in TLS 1.2 ClientKeyExchange parsing. When
MBEDTLS_USE_PSA_CRYPTO is enabled, the length of the public key in an ECDH
or ECDHE key exchange was not validated. This could result in an overflow of
handshake->xxdh_psa_peerkey, overwriting further data in the handshake
structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:02:33 +02:00
Gilles Peskine
eda1b1f744
Merge pull request #7921 from valeriosetti/issue7613
TLS: Clean up ECDSA dependencies
2023-09-20 12:47:55 +00:00
Dave Rodgman
b7825ceb3e Rename uint->bool operators to reflect input types
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-10 11:58:18 +01:00
Dave Rodgman
c98f8d996a
Merge branch 'development' into safer-ct5
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-07 11:47:35 +01:00
Valerio Setti
e9646ecd08 tls: fix guards for ECDSA support
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-03 09:15:28 +02:00
Valerio Setti
45d56f3d25 tls: replace ECDSA_C and PK_CAN_ECDSA_SOME with key exchange related ones
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-01 19:02:38 +02:00
Manuel Pégourié-Gonnard
de8f56e936
Merge pull request #7884 from valeriosetti/issue7612
TLS: Clean up (EC)DH dependencies
2023-08-01 07:13:36 +00:00
Gilles Peskine
bb07377458
Merge pull request #7935 from AgathiyanB/add-enum-casts
Add type casts for integer and enum types
2023-07-26 11:27:27 +02:00
Valerio Setti
ea59c43499 tls: fix a comment a rename a variable/symbol
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 11:14:03 +02:00
Valerio Setti
60d3b91eba tls: use TLS 1.2 macros in ssl_tls12_server.c
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 10:43:53 +02:00
Agathiyan Bragadeesh
8b52b88b6d Add type casts in ssl library
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 15:14:42 +01:00
Valerio Setti
c2232eadfb tls: replace PK_CAN_ECDH guards with new helpers
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-07 17:23:53 +02:00
Valerio Setti
7aeec54094 tls: replace ECDH_C guards with new helpers
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-07 17:23:53 +02:00
Przemek Stekiel
46b2d2b643 Fix code style
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-07 09:34:17 +02:00
Przemek Stekiel
615cbcdbdf Provide additional comments for claryfication
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-06 12:16:39 +02:00
Przemek Stekiel
7ac93bea8c Adapt names: dh -> xxdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:26:26 +02:00
Przemek Stekiel
6f199859b6 Adapt handshake fields to ffdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:25:00 +02:00
Manuel Pégourié-Gonnard
56b159a12a
Merge pull request #7627 from mprse/ffdh_tls13_v2
Make use of FFDH keys in TLS 1.3 v.2
2023-07-03 10:12:33 +02:00
Dave Rodgman
9fbb0cf08e Merge remote-tracking branch 'origin/development' into safer-ct5 2023-06-28 18:52:02 +01:00
Przemek Stekiel
7dda271c1d Fix description of functions
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-28 09:16:08 +02:00
Tom Cosgrove
db041cc82f
Merge pull request #7665 from AndrzejKurek/optimize-error-translation-code-size
Optimize error translation code size
2023-06-28 08:09:00 +01:00
Valerio Setti
6835b4a6ed tls: always zeroize buffer on exit
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-22 09:06:31 +02:00
Valerio Setti
3589a4c644 tls: keep buffer declaration in a single line
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-22 09:02:44 +02:00
Valerio Setti
b46217d5c1 tls: never destroy a priavte key that is not owned/created by TLS module
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-16 13:18:52 +02:00
Valerio Setti
0813b6f28d tls: optimize code in ssl_get_ecdh_params_from_cert()
When MBEDTLS_PK_USE_PSA_EC_DATA is defined, opaque and non-opaque keys
are basically stored in the same way (only a diffferent ownership for
the key itself), so they should be treated similarly in the code.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-16 12:18:53 +02:00
Andrzej Kurek
1e4a030b00 Fix wrong array size calculation in error translation code
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-13 05:46:47 -04:00
Andrzej Kurek
1c7a99856f Add missing ifdefs
Make sure that the error translating functions
are only defined when they're used.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-13 05:46:47 -04:00
Andrzej Kurek
0064484a70 Optimize error translation code size
Introducing an intermediate function
saves code size that's otherwise taken by excessive,
repeated arguments in each place that
was translating errors.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-13 05:46:46 -04:00
Dave Rodgman
c216d94560 Merge remote-tracking branch 'origin/development' into safer-ct5 2023-06-13 10:36:37 +01:00