Valerio Setti
9de84bd677
rsa: reject buffers with data outside main SEQUENCE when parsing keys
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-09 06:42:18 +01:00
Manuel Pégourié-Gonnard
7bf1e98f44
Merge pull request #8740 from valeriosetti/issue8647
...
Move RSA basic key parsing/writing to rsa.c
2024-02-08 08:35:42 +00:00
Valerio Setti
447bbce8b4
rsa: remove unnecessary check in priv/pub key parsing
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 08:02:03 +01:00
Valerio Setti
fe329cea3f
rsa: handle buffer length similarly in private and public key parsing
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 08:00:18 +01:00
Valerio Setti
201e643509
rsa: simplify mbedtls_rsa_parse_pubkey() input parameters
...
In this way mbedtls_rsa_parse_pubkey() and mbedtls_rsa_parse_key()
input parameter list is the same.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-01 17:19:37 +01:00
Valerio Setti
135ebde273
rsa: rename parse/write functions in order to follow the standard format
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-01 17:00:29 +01:00
Valerio Setti
44ff9506dd
rsa: set parse/write functions out of !RSA_ALT guard
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-01 16:58:36 +01:00
Valerio Setti
a5f36fcaae
rsa: write documentation of new functions for parse/writing RSA priv/pub keys
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-24 12:36:37 +01:00
Valerio Setti
dccfd3612d
rsa: update return values of priv/pub parse/write functions
...
The goal is to remove usage of PK return values in order to
completely eliminate that dependency.
This commit also updates pkparse and test_suite_x509parse to
align with this change in return values.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-24 12:36:34 +01:00
Dave Rodgman
13f2f4e7f1
Merge remote-tracking branch 'restricted/development' into mbedtls-3.5.2rc
2024-01-24 09:49:15 +00:00
Valerio Setti
b328c44932
pk/rsa: move RSA parse/write private/public key functions to rsa module
...
These functions are meant to be used internally, so their prototype
declaration is kept into rsa_internal.h.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-23 15:18:57 +01:00
Janos Follath
b4b8f3df3b
RSA: improve readability
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
47ee770812
RSA: remove unneeded temporaries
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
e6750b2a0b
RSA: document Montgomery trick in unblind
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
a62a554071
Fix style
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
100dcddfca
Make local function static
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
6bcbc925bf
Extend blinding to RSA result check
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
d6b096532c
Make RSA unblinding constant flow
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Tomi Fontanilles
573dc23141
rsa: introduce rsa_internal_rsassa_pss_sign_no_mode_check()
...
And use it in the non-PSA version of mbedtls_pk_sign_ext()
to bypass checks that didn't succeed when used by TLS 1.3.
That is because in the failing scenarios the padding of
the RSA context is not set to PKCS_V21.
See the discussion on PR #7930 for more details.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Dave Rodgman
e4a6f5a7ec
Use size_t cast for pointer subtractions
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-21 17:09:46 +00:00
Dave Rodgman
e3c05853d6
Header updates
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:21:36 +00:00
Dave Rodgman
16799db69a
update headers
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Valerio Setti
02a634decd
md: remove unnecessary inclusions of mbedtls/md.h
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:15:58 +02:00
Dave Rodgman
d03f483dbe
Use mbedtls_ct_error_if
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-22 10:01:47 +01:00
Dave Rodgman
7ad37e40a6
Remove use of mbedtls_ct_int_if
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 21:53:31 +01:00
Dave Rodgman
61f1beaccf
Update library to use mbedtls_ct_int_if
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 19:23:17 +01:00
Dave Rodgman
1a404e8f34
Use mbedtls_ct_error for CT error selection
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 13:12:28 +01:00
Dave Rodgman
c62f7fcce9
Use more meaningful variable name in mbedtls_rsa_rsaes_oaep_decrypt
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-20 19:09:51 +01:00
Dave Rodgman
e94cd0b99b
Correct use of mbedtls_ct_mpi_uint_if_else_0
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-20 19:09:51 +01:00
Dave Rodgman
b4e6b41aa0
Use const-time interface throughout mbedtls_rsa_rsaes_oaep_decrypt
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 18:34:06 +01:00
Dave Rodgman
66d6ac92e6
Use mbedtls_ct_memcmp in mbedtls_rsa_rsaes_oaep_decrypt
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-19 09:10:59 +01:00
Dave Rodgman
98ddc01a7c
Rename ...if0 to ...else_0
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-10 12:11:31 +01:00
Dave Rodgman
b7825ceb3e
Rename uint->bool operators to reflect input types
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-10 11:58:18 +01:00
Dave Rodgman
c98f8d996a
Merge branch 'development' into safer-ct5
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-07 11:47:35 +01:00
Dave Rodgman
6f80ac4979
Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size
...
Enforce minimum key size when generating RSA key size
2023-08-03 12:57:52 +00:00
Dave Rodgman
1d4d944e19
Merge pull request #7933 from tom-cosgrove-arm/add-mbedtls_zeroize_and_free
...
Provide and use internal function mbedtls_zeroize_and_free()
2023-08-03 12:56:21 +00:00
Waleed Elmelegy
d7bdbbeb0a
Improve naming of mimimum RSA key size generation configurations
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 14:50:09 +00:00
Waleed Elmelegy
76336c3e4d
Enforce minimum key size when generating RSA key size
...
Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 10:58:25 +00:00
Tom Cosgrove
ca8c61b815
Provide and use internal function mbedtls_zeroize_and_free()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-17 15:17:40 +01:00
Agathiyan Bragadeesh
01ed84a1f3
Add type casts in rsa.c
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 15:14:42 +01:00
Dave Rodgman
c216d94560
Merge remote-tracking branch 'origin/development' into safer-ct5
2023-06-13 10:36:37 +01:00
Manuel Pégourié-Gonnard
28f504e892
Use PSA-neutral function for availability check
...
We just want to check if this hash is available, and the check is
present in builds both with PSA and without it. The function we were
using is only present in builds with PSA, so it wasn't appropriate.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
6076f4124a
Remove hash_info.[ch]
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
2d6d993662
Use MD<->PSA functions from MD light
...
As usual, just a search-and-replace plus:
1. Removing things from hash_info.[ch]
2. Adding new auto-enable MD_LIGHT in build-info.h
3. Including md_psa.h where needed
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
8857984b2f
Replace hash_info macro with MD macro
...
Now the MD macro also accounts for PSA-only hashes.
Just a search-and-replace, plus manually removing the definition in
hash_info.h.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard
9b41eb8533
Replace hash_info_get_type with MD function
...
Mostly a search and replace with just two manual changes:
1. Now PK and TLS need MD light, so auto-enable it.
2. Remove the old function in hash_info.[ch]
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
Dave Rodgman
2b4486a014
Rename mbedtls_ct_uint_if_new to mbedtls_ct_uint_if
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-26 12:42:48 +01:00
Dave Rodgman
9f9c3b8c33
Use new CT interface in rsa.c
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-26 12:42:48 +01:00
Dave Rodgman
19e8cd06fe
Move mbedtls_ct_rsaes_pkcs1_v15_unpadding into rsa.c
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-26 12:42:48 +01:00
Manuel Pégourié-Gonnard
c1f10441e0
RSA: use MD_CAN macros
...
sed -i -f md.sed library/rsa.c tests/suites/test_suite_rsa* include/mbedtls/rsa.h tests/suites/test_suite_pkcs1_v*
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-21 16:28:00 +01:00