Ronald Cron
ce7d76e2ee
Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr
2022-07-11 10:22:37 +02:00
Manuel Pégourié-Gonnard
8b8a1610f7
Merge pull request #936 from paul-elliott-arm/fix_tls_record_size_check
...
Fix the wrong variable being used for TLS record size checks
2022-07-01 12:29:48 +02:00
Gabor Mezei
96ae926572
Typo
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-06-28 11:56:26 +02:00
Gabor Mezei
05ebf3be74
Revert "Do not encrypt CCS records"
...
This reverts commit 96ec831385
.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-06-28 11:55:35 +02:00
Paul Elliott
668b31f210
Fix the wrong variable being used for TLS record size checks
...
Fix an issue whereby a variable was used to check the size of incoming
TLS records against the configured maximum prior to it being set to the
right value.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-06-24 20:09:37 +01:00
Gabor Mezei
96ec831385
Do not encrypt CCS records
...
According to the TLS 1.3 standard the CCS records must be unencrypted.
When a record is not encrypted the counter, used in the dynamic IV
creation, is not incremented.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-06-22 17:07:21 +02:00
Manuel Pégourié-Gonnard
a3115dc0e6
Mark static int SSL functions CHECK_RETURN_CRITICAL
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-06-20 21:12:52 +02:00
Gilles Peskine
e0469b5908
Merge pull request #931 from AndrzejKurek/clihlo_cookie_pxy_fix
...
Add a client hello cookie_len overflow test
2022-06-20 19:35:54 +02:00
Andrzej Kurek
cbe14ec967
Improve variable extracting operations by using MBEDTLS_GET macros
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-06-15 07:17:28 -04:00
Andrzej Kurek
078e9bcda6
Add the mbedtls prefix to ssl_check_dtls_clihlo_cookie
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-06-08 11:47:33 -04:00
Andrzej Kurek
cfb01948c8
Add cookie parsing tests to test_suite_ssl
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-06-06 15:29:15 -04:00
Andrzej Kurek
c8183cc492
Add missing sid_len in calculations of cookie sizes
...
This could lead to a potential buffer overread with small
MBEDTLS_SSL_IN_CONTENT_LEN.
Change the bound calculations so that it is apparent
what lengths and sizes are used.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-06-06 15:28:56 -04:00
Gilles Peskine
364fd8bb71
More SSL debug messages for ClientHello parsing
...
In particular, be verbose when checking the ClientHello cookie in a possible
DTLS reconnection.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-06 14:25:41 -04:00
Gilles Peskine
8399cccd2e
Merge pull request #5829 from paul-elliott-arm/fix_ct_uninit_memory_access
...
Fix uninitialised memory access in constant time functions
2022-06-01 11:42:51 +02:00
Paul Elliott
5260ce27ed
Fix uninitialised memory access in constant time functions
...
Fix an issue reported by Coverity whereby some constant time functions
called from the ssl decrypt code could potentially access uninitialised
memory.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-05-19 18:23:24 +01:00
Shaun Case
8b0ecbccf4
Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.
...
Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 21:25:51 +01:00
Neil Armstrong
ab555e0a6c
Rename mbedtls_get_mode_from_XXX to mbedtls_ssl_get_mode_from_XXX
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:59 +02:00
Neil Armstrong
136f8409df
Replace PSA/Cipher logic with mbedtls_get_mode_from_transform()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-22 14:25:26 +02:00
Paul Elliott
a2da9c7e45
Merge pull request #5631 from gstrauss/enum-tls-vers
...
Unify internal/external TLS protocol version enums
2022-04-19 17:05:26 +01:00
Glenn Strauss
041a37635b
Remove some tls_ver < MBEDTLS_SSL_VERSION_TLS1_2 checks
...
mbedtls no longer supports earlier TLS protocol versions
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:14 -04:00
Glenn Strauss
e3af4cb72a
mbedtls_ssl_(read|write)_version using tls_version
...
remove use of MBEDTLS_SSL_MINOR_VERSION_*
remove use of MBEDTLS_SSL_MAJOR_VERSION_*
(only remaining use is in tests/suites/test_suite_ssl.data)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:14 -04:00
Glenn Strauss
60bfe60d0f
mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version
...
Store the TLS version in tls_version instead of major, minor version num
Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller.
Reduce size of mbedtls_ssl_ciphersuite_t
members are defined using integral types instead of enums in
order to pack structure and reduce memory usage by internal
ciphersuite_definitions[]
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:12 -04:00
Glenn Strauss
2dfcea2b9d
mbedtls_ssl_config min_tls_version, max_tls_version
...
Store the TLS version in tls_version instead of major, minor version num
Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible on little-endian platforms,
but is compatible on big-endian platforms. For systems supporting
only TLSv1.2, the underlying values are the same (=> 3).
New setter functions are more type-safe,
taking argument as enum mbedtls_ssl_protocol_version:
mbedtls_ssl_conf_max_tls_version()
mbedtls_ssl_conf_min_tls_version()
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:39:43 -04:00
Glenn Strauss
07c641605e
Rename mbedtls_ssl_transform minor_ver to tls_version
...
Store the TLS version in tls_version instead of minor version number.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:23:54 -04:00
Hanno Becker
5e18f74abb
Make alert sending function re-entrant
...
Fixes #1916
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:16:43 +01:00
Ronald Cron
a980adf4ce
Merge pull request #5637 from ronald-cron-arm/version-negotiation-1
...
TLS 1.2/1.3 version negotiation - 1
2022-03-31 11:47:16 +02:00
Manuel Pégourié-Gonnard
3304f253d7
Merge pull request #5653 from paul-elliott-arm/handshake_over
...
Add mbedtls_ssl_is_handshake_over()
2022-03-30 12:16:40 +02:00
Ronald Cron
8f6d39a81d
Make some handshake TLS 1.3 utility routines available for TLS 1.2
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-29 14:42:17 +02:00
Paul Elliott
27b0d94e25
Use mbedtls_ssl_is_handshake_over()
...
Switch over to using the new function both internally and in tests.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-24 14:43:52 +00:00
Manuel Pégourié-Gonnard
f4042f076b
Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac
...
TLS record HMAC
2022-03-21 11:36:44 +01:00
Ronald Cron
00d012f2be
Fix type of force_flush parameter
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-09 07:51:52 +01:00
Ronald Cron
66dbf9118e
TLS 1.3: Do not send handshake data in handshake step handlers
...
Send data (call to mbedtls_ssl_flush_output()) only from
the loop over the handshake steps. That way, we do not
have to take care of the partial writings (MBEDTLS_ERR_SSL_WANT_WRITE
error code) on the network in handshake step handlers.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-03-09 07:51:52 +01:00
Neil Armstrong
4313f55a13
Simplify error handling of PSA mac operationsg in ssl_msg.c
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-02 15:37:04 +01:00
Neil Armstrong
e858996413
Use PSA version of mbedtls_ct_hmac() in mbedtls_ssl_decrypt_buf()
...
Due to mbedtls_ct_hmac() implementation the decryption MAC key
must be exportable.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:17:50 +01:00
Neil Armstrong
cf8841a076
Remove non-PSA MAC keys in mbedtls_ssl_transform when MBEDTLS_USE_PSA_CRYPTO is defined
...
Also remove last usage of non-PSA MAC keys in ssl_decrypt_non_etm_cbc() SSL test.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:16:49 +01:00
Neil Armstrong
26e6d6764e
Use PSA MAC API in mbedtls_ssl_encrypt/decrypt_buf()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:16:49 +01:00
Neil Armstrong
39b8e7dde4
Add, Initialize & Free HMAC keys in mbedtls_ssl_transform
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-23 09:24:57 +01:00
Przemyslaw Stekiel
c499e33ed0
ssl_msg.c: Change message in MBEDTLS_SSL_DEBUG_RET() to be the failed function name instead current function name
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-07 15:12:05 +01:00
Przemyslaw Stekiel
c8a06feae6
ssl_msg.c: Optimize null/stream cipher decryption/encryption
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-07 10:52:47 +01:00
Przemyslaw Stekiel
98ef6dca68
Remove redundant new lines
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-07 08:04:39 +01:00
Przemyslaw Stekiel
8c010eb467
Fix comments, code style, remove debug code
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 14:55:24 +01:00
Przemyslaw Stekiel
6b2eedd25f
ssl_msg.c: add debug code for psa failures
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 14:55:14 +01:00
Przemyslaw Stekiel
d66387f8fa
Init psa status to PSA_ERROR_CORRUPTION_DETECTED
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 09:16:41 +01:00
Przemyslaw Stekiel
b97556e8d1
mbedtls_ssl_encrypt/decrypt_buf: remove dead code
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-03 09:16:29 +01:00
Przemyslaw Stekiel
77aec8d181
Rename ssl_psa_status_to_mbedtls->psa_ssl_status_to_mbedtls
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 20:22:53 +01:00
Przemyslaw Stekiel
be47ecf5e2
mbedtls_ssl_get_record_expansion: use same condidion set as for non-psa build
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 17:50:00 +01:00
Przemyslaw Stekiel
89dad93a78
Rename psa_status_to_mbedtls->ssl_psa_status_to_mbedtls and add conversion for PSA_ERROR_INVALID_SIGNATURE
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel
399ed51185
Fix condition in mbedtls_ssl_get_record_expansion
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel
1d714479a3
mbedtls_ssl_get_record_expansion: rework switch statement for psa
...
As PSA_ALG_IS_AEAD( transform->psa_alg ) can't be used as switch labels (switch labels must be constant expressions, they have to be evaluated at compile time) refactor switch to "if else" statement.
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel
e88477844c
Adapt the mbed tls mode: ccm or gcm or cachapoly to psa version
...
mode == MBEDTLS_MODE_CCM || mode == MBEDTLS_GCM || mode == MBEDTLS_CHACHAPOLY is equivalent to PSA_ALG_IS_AEAD( alg ).
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-01-31 15:38:29 +01:00