Commit graph

16866 commits

Author SHA1 Message Date
gabor-mezei-arm
b2dbf2c113
Move mbedtls_cf_uint_if function to the constant-time module
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:21:10 +02:00
gabor-mezei-arm
3f90fd540a
Move mbedtls_cf_mpi_uint_lt function to the constant-time module
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:21:10 +02:00
gabor-mezei-arm
84dc02c8f5
Remove module dependency
Elinimate macros defined by modules locally in the functions that are
moving to the new constant-time module.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:21:10 +02:00
gabor-mezei-arm
5a85442604
Move mbedtls_cf_size_gt function to the constant-time module
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:21:09 +02:00
gabor-mezei-arm
8d1d5fd204 Move mbedtls_cf_size_bool_eq function to the constant-time module
There were multiple functions called mbedtls_cf_size_bool_eq. They had exactly
the same behavior, so move the one in bignum.c and remove the other.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:20:07 +02:00
gabor-mezei-arm
16fc57bcc4
Move mbedtls_cf_size_mask_ge function to the constant-time module
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:16:14 +02:00
gabor-mezei-arm
c76227d808
Move mbedtls_cf_size_mask_lt function to the constant-time module
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:16:14 +02:00
gabor-mezei-arm
3733bf805a
Move mbedtls_cf_size_mask function to the constant-time module
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:16:14 +02:00
gabor-mezei-arm
340948e4a5
Move mbedtls_cf_uint_mask function to the constant-time module
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:16:14 +02:00
gabor-mezei-arm
db9a38c672
Move contatnt-time memcmp functions to the contant-time module
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:16:14 +02:00
gabor-mezei-arm
9fa43ce238
Rename function to have suitable name
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-09-28 16:14:47 +02:00
gabor-mezei-arm
d112534585 Add a new file for constant-time functions
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-08-11 15:35:28 +02:00
Manuel Pégourié-Gonnard
448c80727d
Merge pull request #4853 from yuhaoth/pr/add-tls13-config-check-and-dummy-handshake
TLS1_3:add tls13 config check and dummy handshake
2021-08-10 12:59:09 +02:00
Jerry Yu
b9930e7d70 Add dummy tls1.3 handshake dispatch functions
Base on version config, `handshack_{clinet,server}_step`
will call different step function. TLS1.3 features will
be gradully added base on it.

And a new test cases is added to make sure it reports
`feature is not available`.

Change-Id: I4f0e36cb610f5aa59f97910fb8204bfbf2825949
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-10 13:34:32 +08:00
Jerry Yu
3cc4c2a506 Add dummy ssl_tls13_{client,server}.c
Change-Id: Ic1cd1d55b097f5a31c9f48e9d55733d75ab49982
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-10 13:34:32 +08:00
Jerry Yu
b19ccc3998 fix test_suite_debug test fail
Before `mbedtls_ssl_setup`, config functions should
be called. Without it, `mbedtls_ssl_setup` will raise
invalid value error.

Change-Id: I46fdaa5e8eb83d06c620087a9e1e7e14e1c5d9b5
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-10 13:34:32 +08:00
Jerry Yu
c46e9b4091 tests: Add negative version config tests.
tls1.3 and tls1.2 can not be enabled at same
time before #4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-10 13:34:32 +08:00
Jerry Yu
60835a88c3 Add config check utils functions
Check configuration parameter in structure setup
function to make sure the config data is available
and valid.

Current implementation checks the version config.
Available version configs are
- tls1_3 only
- tls1_2 only

issues: #4844

Change-Id: Ia762bd3d817440ae130b45f19b80a2868afae924
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-10 13:34:32 +08:00
Janos Follath
f8f88d6b00
Merge pull request #4746 from gilles-peskine-arm/bump-version-3.0
Fix release scripts for 3.0
2021-08-09 15:28:28 +01:00
Jerry Yu
2a572cf376 Move socket setup behind ssl structure setup.
If socket setup fail, ssl structure setup won't be called.
And the order of them do not affect final result, but it
will break ssl setup negative tests.

Change the order can fix that.

issue: #4844

Change-Id: I2488ed5f74773421eb1eac0cfd7f1ce4fbb0b32d
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-09 18:57:24 +08:00
Jerry Yu
b1dc59a125 Add tls1.3 parameters to ssl_{client,server2}
To support tls1.3 relative tests, add `tls1_3`
parameter for `{min,max}_version` and `force_version`

issues: #4844

Change-Id: I1b22a076582374b8aabc733086562e9d03a94a2a
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-08-09 18:57:24 +08:00
Gilles Peskine
78f6f05778
Merge pull request #4695 from yutotakano/fix-ssl-opt.sh-hard-abort
ssl-opt.sh: Skip tests instead of conditional hard abort
2021-08-04 10:16:19 +02:00
Gilles Peskine
3fbc5d3cf2
Merge pull request #4815 from gilles-peskine-arm/generate_errors-multiline-3.0
Move MBEDTLS_ERR_xxx Doxygen comments before the definition
2021-08-03 13:46:21 +02:00
Gilles Peskine
cfb5d393ed
Merge pull request #4659 from spencer-burke/fixing_4222
Remove duplicated check in `check_config.h`
2021-08-03 12:53:34 +02:00
Gilles Peskine
58887bab12 Show warnings if something looks wrong
This makes no difference to the output.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-08-02 22:53:40 +02:00
Gilles Peskine
7f8e2770fa Document the big regex
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-08-02 22:51:03 +02:00
Gilles Peskine
d297157fe8 Move MBEDTLS_ERR_xxx Doxygen comments before the definition
Now that descriptions of error codes no longer have to be on the same line
for the sake of generate_errors.pl, move them to their own line before the
definition. This aligns them with what we do for other definitions, and
means that we no longer need to have very long lines containing both the C
definition and the comment.

```
perl -i -pe 's~^(#define +MBEDTLS_ERR_\w+ +-\w+) */\*[*!]<(.*)\*/~/**$2*/\n$1~' include/mbedtls/*.h
```

This commit does not change the output of generate_errors.pl.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-08-02 22:51:03 +02:00
Gilles Peskine
05aa543b73 Better support multiline comments for MBEDTLS_ERR_xxx
They were recognized by a prior commit. In this commit, replace line
breaks (with optional comment continuation marker) by spaces.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-08-02 22:51:03 +02:00
Gilles Peskine
47b09567ab More flexible parsing of Doxygen comments for MBEDTLS_ERR_xxx
Before this commit, definitions of error codes must match a strict pattern,
with a Doxygen comment following the definition on the same line and
starting with "/**<". Change how generate_errors.pl so that the Doxygen
comment can be before the definition instead of after, and doesn't have to
be on the same line.

Also allow spaces between "#" and "define", and allow Doxygen comments to
start with "/*!" rather than "/**". Starting with "///" or "//!" is not
supported.

This commit does not change the output of generate_errors.pl.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-08-02 22:51:00 +02:00
Gilles Peskine
8bb9b80d18
Merge pull request #4806 from hanno-arm/ssl_session_serialization_version
Store TLS version in SSL session structure
2021-08-02 12:45:55 +02:00
Hanno Becker
fa0d61e559 Fix typo
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-02 08:56:14 +01:00
Hanno Becker
57723135b3 Document temporary overlap of TLS version in SSL context and session
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-01 19:40:44 +01:00
Hanno Becker
dce50974bf Prefix "version" with "library" or "protocol" to avoid ambiguity
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-01 05:39:23 +01:00
Hanno Becker
37bdbe6c4d Remove mentions of truncated HMAC from ssl_tls.c
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-08-01 05:38:58 +01:00
Gilles Peskine
69813477b0
Merge pull request #4758 from paul-elliott-arm/fix_cipher_output_size
Fix divide by zero if macro used with wrong key type
2021-07-30 18:56:18 +02:00
Dave Rodgman
677c6c4cac
Merge pull request #4801 from hanno-arm/ssl_session_exported_private
Explicitly mark fields as private via MBEDTLS_PRIVATE(...)
2021-07-30 14:39:07 +01:00
Manuel Pégourié-Gonnard
8da9dc05e8
Merge pull request #4748 from TRodziewicz/re-introduce_ext_checks_for_psa_unlock-wipe_key_slot
Re-introduction of key slot checks
2021-07-29 13:45:57 +02:00
Manuel Pégourié-Gonnard
1a515d1bc2
Merge pull request #4777 from gilles-peskine-arm/save-coverage-summary-3.0
Save the basic-build-test.sh test report summary to coverage-summary.txt
2021-07-29 10:52:35 +02:00
Manuel Pégourié-Gonnard
06672ef771
Merge pull request #4776 from gilles-peskine-arm/generate_psa_tests-robutness-202107
Fix bugs around generate_psa_tests.py invocation from tests/Makefile
2021-07-29 09:58:19 +02:00
Manuel Pégourié-Gonnard
b637150dfe
Merge pull request #4730 from TRodziewicz/finish_removing_tls_1.0_and_1.1
Remove all TLS 1.0 and 1.1 instances and add some compatibility tests
2021-07-27 09:42:53 +02:00
Gilles Peskine
b4b184a6f8 Remove reference to compat-1.2.h
This has been irrelevant since Mbed TLS 2.0.0.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-26 18:39:24 +02:00
Ronald Cron
3c62693c99
Merge pull request #4701 from gilles-peskine-arm/make_generated_files-non_english-3.0
psa_generate_test: tweak MSVC detection to work with non-English Visual Studio
2021-07-23 14:05:08 +02:00
Hanno Becker
fadbdbb576 Store TLS version in SSL session structure
Instances of `mbedtls_ssl_session` represent data enabling session resumption.

With the introduction of TLS 1.3, the format of this data changes. We therefore
need TLS-version field as part of `mbedtlsl_ssl_session` which allows distinguish
1.2 and 1.3 sessions.

This commit introduces such a TLS-version field to mbedtls_ssl_session.

The change has a few ramifications:

- Session serialization/deserialization routines need to be adjusted.

  This is achieved by adding the TLS-version after the header of
  Mbed TLS version+config, and by having the subsequent structure
  of the serialized data depend on the value of this field.

  The details are described in terms of the RFC 8446 presentation language.

  The 1.2 session (de)serialization are moved into static helper functions,
  while the top-level session (de)serialization only parses the Mbed TLS
  version+config header and the TLS-version field, and dispatches according
  to the found version.

  This way, it will be easy to add support for TLS 1.3 sessions in the future.

- Tests for session serialization need to be adjusted

- Once we add support for TLS 1.3, with runtime negotiation of 1.2 vs. 1.3,
  we will need to have some logic comparing the TLS version of the proposed session
  to the negotiated TLS version. For now, however, we only support TLS 1.2,
  and no such logic is needed. Instead, we just store the TLS version in the
  session structure at the same point when we populate mbedtls_ssl_context.minor_ver.

The change introduces some overlap between `mbedtls_ssl_session.minor_ver` and
`mbedtls_ssl_context.minor_ver`, which should be studied and potentially resolved.
However, with both fields being private and explicitly marked so, this can happen
in a later change.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-07-23 06:25:48 +01:00
Gilles Peskine
3b9bea0757
Merge pull request #4750 from yutotakano/fix-reserved-identifier-clash
Replace reserved identifier clashes with suitable replacements
2021-07-22 16:20:56 +02:00
Hanno Becker
5d26efdea3 Add ChangeLog entry
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-07-22 11:37:05 +01:00
Hanno Becker
0379942744 Explicitly mark mbedtls_ssl_config.respect_cli_pref as private
This was always intended to be explicitly marked private.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-07-22 11:37:05 +01:00
Hanno Becker
95832d8872 Explicitly mark mbedtls_ssl_session.exported as private
This was an oversight during concurrent merging
in the run-up to Mbed TLS 3.0.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-07-22 11:37:01 +01:00
Gilles Peskine
d8d19327d5 Fix mixup about the directory containing the success indicator file
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-22 12:30:14 +02:00
Ronald Cron
dfce58f32d
Merge pull request #4753 from JoeSubbiani/TestBlockSizes_dev
Test block sizes are powers of 2
2021-07-22 11:19:18 +02:00
Gilles Peskine
6ee3b7ed1f More robust failure detection for the coverage report generation
The previous implementation was hard to understand and could in principle
fail to notice if there was a test case failure and the writing of the
line "Note: $TOTAL_FAIL failures." failed. KISS.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-07-22 11:08:30 +02:00