Dave Rodgman
00b530e395
Limit compiler hint to compilers that are known to benefit from it
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-23 09:41:34 +00:00
Valerio Setti
429cd50ac8
pkwrite: split pk_write_rsa_der() with a dedicated function for non-opaque RSA key
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-23 09:10:22 +01:00
Valerio Setti
fd49a46a36
pkparse: rename RSA key and pubkey parsing functions
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-23 08:35:11 +01:00
Dave Rodgman
e23d6479cc
Bump version
...
./scripts/bump_version.sh --version 3.5.1
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-22 15:45:49 +00:00
Janos Follath
b4b8f3df3b
RSA: improve readability
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
47ee770812
RSA: remove unneeded temporaries
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
e6750b2a0b
RSA: document Montgomery trick in unblind
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
a62a554071
Fix style
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
100dcddfca
Make local function static
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
6bcbc925bf
Extend blinding to RSA result check
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Janos Follath
d6b096532c
Make RSA unblinding constant flow
...
Signed-off-by: Janos Follath <janos.follath@arm.com>
2024-01-22 15:33:19 +00:00
Jonathan Winzig
a0c9448bea
Update fix to be more platform-independent
...
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-22 15:31:05 +00:00
Jonathan Winzig
63b5e216f8
Fix Issue #8687
...
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-22 15:31:05 +00:00
Chien Wong
858bc65d74
Add comment on impossible overflows
...
Signed-off-by: Chien Wong <m@xv97.com>
2024-01-22 20:47:26 +08:00
Chien Wong
bf4b5ed7a4
Add back restriction on AD length of GCM
...
Fixes: bd513bb53d
Signed-off-by: Chien Wong <m@xv97.com>
2024-01-22 20:43:54 +08:00
v1gnesh
3c129dd6aa
Update entropy_poll.c
...
Signed-off-by: v1gnesh <v1gnesh@users.noreply.github.com>
2024-01-22 15:59:49 +05:30
Manuel Pégourié-Gonnard
34c6e8a770
Merge pull request #8700 from valeriosetti/issue8461
...
psa_asymmetric_encrypt() doesn't work with opaque driver
2024-01-22 08:43:08 +00:00
Ronald Cron
297c608915
tls13: cli: Fix setting of early data transform
...
Fix setting of early data transform when we
do not send dummy CCS for middlebox compatibility.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-22 09:37:45 +01:00
Janos Follath
fb12d9204d
Merge pull request #8693 from Ryan-Everett-arm/implement-key-slot-mutex
...
Implement the key slot mutex
2024-01-19 20:49:18 +00:00
Dave Rodgman
075f8797ac
Remove include of build_info.h
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 16:48:42 +00:00
Dave Rodgman
336efeec50
Move MBEDTLS_COMPILER_IS_GCC & MBEDTLS_GCC_VERSION into build_info
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 16:38:53 +00:00
Dave Rodgman
00b4eeb0b3
Improve comments
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 16:14:55 +00:00
Dave Rodgman
2143a4ad1f
Improve mbedtls_xor docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 15:25:33 +00:00
Dave Rodgman
18d90d7519
Make mbedtls_xor always inline
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 15:25:33 +00:00
Dave Rodgman
55b5dd2cfc
Make unaligned accessors always inline
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 15:25:33 +00:00
Dave Rodgman
c581264977
Fix unaligned access on old compilers
...
Add an alternative implementation of unaligned access that is efficient
for IAR and old versions of gcc.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 15:25:33 +00:00
Dave Rodgman
7d8c99abb0
Move MBEDTLS_COMPILER_IS_GCC defn into alignment.h
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 14:02:58 +00:00
Dave Rodgman
69b5a86064
Improve mbedtls_xor for IAR
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-19 14:02:08 +00:00
Ryan Everett
63952b7de5
Fix typo
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-19 13:45:19 +00:00
Ryan Everett
7aeacc1ec4
Add empty line in register_read comment
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-19 13:02:58 +00:00
Ryan Everett
558da2ffd3
Move key_slot_mutex to threading.h
...
Make this a global mutex so that we don't have to init and free it.
Also rename the mutex to follow the convention
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-19 12:59:28 +00:00
Valerio Setti
639d5678b5
pk: move mbedtls_pk_load_file to pk_internal
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-19 09:07:39 +01:00
Valerio Setti
25b282ebfe
x509: move internal functions declarations to a private header
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-19 09:07:35 +01:00
Valerio Setti
b4f5076270
debug: move internal functions declarations to an internal header file
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-18 15:30:46 +01:00
Valerio Setti
d929106f36
ssl_ciphersuites: move internal functions declarations to a private header
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-18 15:08:28 +01:00
Gilles Peskine
4d4891e18a
Merge pull request #8666 from valeriosetti/issue8340
...
Export the mbedtls_md_psa_alg_from_type function
2024-01-18 13:58:55 +00:00
Ryan Everett
fb02d57de7
Document the thread safety of the primitive key slot functions
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-18 10:54:42 +00:00
Ryan Everett
846889355c
Initialize and free the key slot mutex
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-18 10:47:05 +00:00
Gilles Peskine
b1f96c0354
Merge pull request #7815 from gilles-peskine-arm/ecp-export-partial
...
ECP keypair utility functions
2024-01-18 10:29:05 +00:00
Gilles Peskine
c9077cccd3
Merge pull request #8664 from valeriosetti/issue7764
...
Conversion function from ecp group to PSA curve
2024-01-18 10:28:55 +00:00
Ryan Everett
491f7e5ac3
Define key_slot_mutex
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-18 10:21:38 +00:00
Dave Rodgman
fb133513d6
Merge pull request #8705 from daverodgman/ctr-perf
...
Ctr perf
2024-01-17 20:25:41 +00:00
Paul Elliott
2728267ec4
Merge pull request #8672 from Ryan-Everett-arm/implement-new-key-slot-states
...
Implement the new key slot state system within the PSA subsystem.
2024-01-17 17:50:04 +00:00
Valerio Setti
504a10254c
psa_crypto: do not validate DH groups which are not enabled
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-17 15:57:03 +01:00
Valerio Setti
ecaf7c5690
ssl_tls: add guards for enabled DH key types
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-17 15:56:30 +01:00
Valerio Setti
4ed8daa929
psa_crypto_ffdh: add guards for enabled domain parameters
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-17 15:56:30 +01:00
Ryan Everett
4a0ba80bdb
Clarify psa_destroy_key documentation
...
Co-authored-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: Ryan Everett <144035422+Ryan-Everett-arm@users.noreply.github.com>
2024-01-17 14:12:33 +00:00
Ryan Everett
38a2b7a6a3
Extend psa_wipe_key_slot documentation
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-17 11:45:44 +00:00
Ryan Everett
7ed542e0f1
Implement delayed deletion in psa_destroy_key and some cleanup
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-17 11:40:29 +00:00
Dave Rodgman
885248c8ee
Add header guards
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-17 11:06:31 +00:00
Dave Rodgman
7e5b7f91ca
Fix error in ctr_drbg
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-16 17:28:25 +00:00
Dave Rodgman
46697da5b3
Make gcm counter increment more efficient
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-15 11:45:01 +00:00
Dave Rodgman
174eeff235
Save 14 bytes in CTR-DRBG
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-15 11:45:01 +00:00
Dave Rodgman
591ff05384
Use optimised counter increment in AES-CTR and CTR-DRBG
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-15 11:45:01 +00:00
Dave Rodgman
b49cf1019d
Introduce mbedtls_ctr_increment_counter
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-15 11:45:01 +00:00
Ryan Everett
1d32a57764
Revert change to psa_destroy_key documentation
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-15 11:27:58 +00:00
Ryan Everett
709120a9ce
Revert change to return behaviour in psa_reserve_free_key_slot
...
This change was a mistake, we still need to wipe the pointers here.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-15 11:20:50 +00:00
Ryan Everett
dfe8bf86a8
Return CORRUPTION_DETECTED instead of BAD_SLOT when the slot's state is wrong
...
These error codes are only returned if the program has been tampered with,
so they should be CORRUPTION_DETECTED.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-15 11:20:50 +00:00
Ryan Everett
4755e6bda4
Relax psa_wipe_key_slot to allow states other than SLOT_PENDING_DELETION
...
psa_wipe_key_slot can now be called on a slot in any state, if the slot's state
is PSA_SLOT_FULL or PSA_SLOT_PENDING_DELETION then there must be exactly 1 registered
reader.
Remove the state changing calls that are no longer necessary.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-15 11:20:35 +00:00
Dave Rodgman
c4f984f2a5
Iterate in 16-byte chunks
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-15 11:20:19 +00:00
Valerio Setti
5bb454aace
psa_crypto: allow asymmetric encryption/decryption also with opaque keys
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-15 10:43:16 +01:00
Ronald Cron
40a4ab0e0c
ssl_tls.c: Factorize save/load of endpoint and ciphersuite
...
Move the save/load of session endpoint and
ciphersuite that are common to TLS 1.2 and
TLS 1.3 serialized data from the
specialized ssl_{tls12,tls13}_session_{save,load}
functions to ssl__session_{save,load}.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 10:29:58 +01:00
Ronald Cron
3c0072b58e
ssl_ticket.c: Base ticket age check on the ticket creation time
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 10:29:51 +01:00
Ronald Cron
c57f86e132
Add ticket creation time to TLS 1.2 session serialization
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 08:58:19 +01:00
Ronald Cron
feb577a949
Fix TLS 1.2 session serialization on server side
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 08:58:19 +01:00
Ronald Cron
7b1921ac57
Add endpoint in TLS 1.2 session serialization data
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 08:58:19 +01:00
Ronald Cron
17ef8dfddb
ssl_session: Define unconditionally the endpoint field
...
The endpoint field is needed to serialize/deserialize
a session in TLS 1.2 the same way it is needed in the
TLS 1.3 case: client specific fields that should not
be in the serialized version on server side if both
TLS client and server are enabled in the TLS library.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 08:58:19 +01:00
Ronald Cron
ba5165e09a
ssl_ticket.c: Fix ticket lifetime enforcement
...
Take into account that the lifetime of
tickets can be changed through the
mbedtls_ssl_ticket_rotate() API.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 08:58:15 +01:00
Ronald Cron
e34f124ff1
ssl_ticket.c: Remove pedantic server endpoint check
...
When calculating the ticket age, remove the check
that the endpoint is a server. The module is
supposed to be used only server side. Furthermore,
if such check was necessary, it should be at the
beginning of all ssl_ticket.c APIs. As there is no
such protection in any API, just remove the check.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 08:56:40 +01:00
Ronald Cron
3c3e2e62f6
ssl_ticket.c: Remove TLS server guard
...
The ticket module is removed from the build
if the TLS server is not in the build now
thus no need for the guard.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 08:54:29 +01:00
Ronald Cron
ce72763f78
ssl_ticket.c: Remove client code
...
ssl_ticket.c is a server module.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-01-15 08:52:55 +01:00
Tom Cosgrove
bc5d9165ae
Merge pull request #8554 from yanrayw/issue/8221/fix-tls-suiteB-profile
...
TLS: remove RSA signature algorithms in `suite B` profile
2024-01-12 14:34:28 +00:00
Tom Cosgrove
f1ba1933cf
Merge pull request #8526 from yanrayw/issue/7011/send_record_size_limit_ext
...
TLS1.3: SRV/CLI: add support for sending Record Size Limit extension
2024-01-12 13:39:15 +00:00
Waleed Elmelegy
f0ccf46713
Add minor cosmetic changes to record size limit changelog and comments
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-12 10:52:45 +00:00
Ronald Cron
ae2213c307
Merge pull request #8414 from lpy4105/issue/uniform-ssl-check-function
...
Harmonise the names and return values of check functions in TLS code
2024-01-11 13:51:39 +00:00
Ronald Cron
7c14afcaaa
Merge pull request #8595 from yanrayw/issue/8593/srv-CH-fix-version-check
...
TLS1.3: SRV: check `min_tls_version` when parsing ClientHello
2024-01-11 13:34:09 +00:00
Valerio Setti
19ec9e4f66
psa_crypto_ecp: remove support for secp224k1
...
Since this curve is not supported in PSA (and it will not ever be
in the future), we save a few bytes.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-11 07:07:14 +01:00
Paul Elliott
f149cd1a3a
Merge pull request #8688 from jwinzig-at-hilscher/development
...
Fix bug in mbedtls_x509_set_extension
2024-01-10 16:57:16 +00:00
Kusumit Ghoderao
7d4db631cf
add depends on for capacity tests and fix code style
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
d3f70d321a
fix unused variable warning and other fixes
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
86e83dd4a7
Add kdf_set_max_capacity function
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
a0907f5750
Reorder and correct comment
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2024-01-10 21:49:09 +05:30
Kusumit Ghoderao
5f3a938d95
Fix psa_key_derivation_setup_kdf
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2024-01-10 21:49:09 +05:30
Waleed Elmelegy
3ff472441a
Fix warning in ssl_tls13_generic.c
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-10 16:17:28 +00:00
Waleed Elmelegy
f501790ff2
Improve comments across record size limit changes
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-10 16:17:28 +00:00
Waleed Elmelegy
fbe42743eb
Fix issue in checking in writing extensions
...
Fix issue in checking if server received
record size limit extension.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-10 16:17:27 +00:00
Waleed Elmelegy
e1ac98d888
remove mbedtls_ssl_is_record_size_limit_valid function
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-10 16:17:27 +00:00
Waleed Elmelegy
d2fc90e024
Stop sending record size limit extension if it's not sent from client
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-10 16:17:27 +00:00
Waleed Elmelegy
148dfb6457
Change record size limit writing function
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-10 16:17:27 +00:00
Waleed Elmelegy
47d2946943
tls13: server: write Record Size Limit ext in EncryptedExtensions
...
- add the support in library
- update corresponding test cases.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-10 16:17:27 +00:00
Yanray Wang
42017cd4c9
tls13: cli: write Record Size Limit ext in ClientHello
...
- add the support in library
- update corresponding test case
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2024-01-10 16:17:27 +00:00
Yanray Wang
faf70bdf9d
ssl_tls13_generic: check value of RecordSizeLimit in helper function
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2024-01-10 16:17:27 +00:00
Yanray Wang
a8b4291836
tls13: add generic function to write Record Size Limit ext
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2024-01-10 16:17:27 +00:00
Jonathan Winzig
5caf20ea80
Update fix to be more platform-independent
...
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-09 16:41:10 +01:00
Tom Cosgrove
3a6059beca
Merge pull request #7455 from KloolK/record-size-limit/comply-with-limit
...
Comply with the received Record Size Limit extension
2024-01-09 15:22:17 +00:00
Jonathan Winzig
05c722bfd0
Fix Issue #8687
...
Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>
2024-01-09 15:20:03 +01:00
Valerio Setti
39faa9cad4
psa_util: rename parameter of mbedtls_ecc_group_from_psa
...
The new name better reflects the fact that the 1st parameter
is just the EC family and not the curve.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:53 +01:00
Valerio Setti
0d438fa390
psa_crypto_ecp: fix comment for secp224k1 in check_ecc_parameters
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
7863627bd6
psa_util: remove support for secp224k1 in EC conversion functions
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
65df79303f
psa_crypto_ecp: return unsupported for secp224k1 in check_ecc_parameters()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
0bc8598d20
psa_util: properly handle secp224r1 private key size
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
0e608807e3
psa: let mbedtls_ecc_group_from_psa() accept only exact bit lengths
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
673868be5d
psa_crypto_ecp: add helper for checking EC parameters
...
This commit also updates "test_suite_psa_crypto.data" replacing
PSA_ERROR_NOT_SUPPORTED with PSA_ERROR_INVALID_ARGUMENT when
a wrong bit size is provided while importing key.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
d36c313b53
psa: remove bits_is_sloppy parameter from mbedtls_ecc_group_from_psa()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
ddba51e6c9
psa: rename "mbedtls_ecc_group_of_psa" to "mbedtls_ecc_group_from_psa"
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
dd2afcd881
Revert "psa_util: add algorithm's availability checks for MD conversion functions"
...
This reverts commit 3d2e0f5f42
.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 08:41:29 +01:00
Manuel Pégourié-Gonnard
4aad0ff510
Merge pull request #8632 from valeriosetti/issue8598
...
[G5] Make block_cipher work with PSA
2024-01-08 08:07:53 +00:00
Waleed-Ziad Maamoun-Elmelegy
e2d3db5cfc
Update mbedtls_ssl_get_output_record_size_limit signature
...
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: Waleed-Ziad Maamoun-Elmelegy <122474370+waleed-elmelegy-arm@users.noreply.github.com>
2024-01-05 14:19:16 +00:00
Ryan Everett
6a9c14b918
Update mbedtls_psa_get_stats
...
Uses readers to report "locked_slots",
and slot state empty to report "empty_slots".
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
6cd2b8db96
Update psa_wipe_all_key_slots
...
This will still wipe the slot regardless of state/readers.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
1b70a07eca
Replace psa_unlock_key_slot calls in operations which act on FULL slots
...
Replaces calls to psa_unlock_key_slot with calls to psa_unregister_read.
All instances follow a pattern of a call to psa_get_and_lock_key_slot_X,
followed by some code which reads from a slot, followed by a call to psa_unregister_read.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
eb27dc0f3a
Update psa_load_X_key_into_slot
...
These functions (on success) take a slot from PSA_SLOT_FILLING to PSA_SLOT_FULL.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
c70ce576bd
Update psa_destroy_key, psa_purge_key and psa_close_key
...
This does not yet implement destruction while a key is in use for psa_destroy_key;
that will be implemented in a separate pr.
(I am not sure if I am allowed to change the documentation in the include files.)
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
098c6659ad
Update psa_get_and_lock_key_slot_X functions
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
b69118ebd0
Update key creation functions to use the new key slot states
...
Update psa_start_key_creation,
psa_finish_key_creation and psa_fail_key_creation.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
2afb516011
Update and rename psa_get_empty_key_slot
...
Rename to psa_reserve_free_key_slot, as this function reserves a slot which is
free (not always empty) for filling.
Implement necessary state transitions and state checks.
Rename unlocked_persistent_key_slot to unused_persistent_key_slot.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
4a78277cb2
Implement psa_key_slot_state_transition
...
This inline function is used in every case we want to change the state of a slot,
except for where we do not care about what the state of the slot was before.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
39cc9d755e
Implement psa_register_read and psa_unregister_read
...
Replaces psa_lock_key_slot and psa_unlock_key_slot.
Future commits will remove the calls to locking/unlocking functions,
and add calls to registering/unregistering functions.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
62aa79ac5c
Implement psa_key_slot_has_readers and remove psa_is_key_slot_occupied
...
Remove psa_is_key_slot_occupied, any function which calls this can just check
the state variable instead.
Replace psa_is_key_slot_locked with psa_key_slot_has_readers.
References to the now removed functions are changed in future commits.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
aa33c512cc
Update psa_wipe_key_slot
...
Change psa_wipe_key_slot to use the new state system.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
d7dc7ff91c
Update psa_key_slot_t
...
Remove the `status` field and replace with the `state` field.
Remove the `lock_count` field and replace with the `registered_readers` field.
Add documentation which describes how and why these fields are to be used.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Dave Rodgman
a021d63bf7
Merge pull request #8642 from daverodgman/default-compiler-all
...
CI perf: Use clang by default in all.sh
2024-01-04 12:58:54 +00:00
Manuel Pégourié-Gonnard
5bad043c06
Merge pull request #8641 from valeriosetti/issue8358
...
G3-G4 wrap-up
2024-01-04 10:48:00 +00:00
Gilles Peskine
39b7bba8a0
Make input parameter const
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 17:56:54 +01:00
Valerio Setti
c1c6858bfc
cipher_wrap: fix guards for some CCM/GCM functions
...
Legacy CCM and GCM can work even when AES_C is not defined thanks
to the block_cipher module, so we can relax guards in
cipher_wrap.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 17:20:58 +01:00
Valerio Setti
3d2e0f5f42
psa_util: add algorithm's availability checks for MD conversion functions
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 14:57:47 +01:00
Valerio Setti
384fbde49a
library/tests: replace md_psa.h with psa_util.h as include file for MD conversion
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 13:27:32 +01:00
Valerio Setti
45c3cae8a5
md: move PSA conversion functions from md_psa.h to psa_util.h
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 13:26:04 +01:00
Dave Rodgman
84125a167e
Merge remote-tracking branch 'origin/development' into default-compiler-all
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-02 11:42:38 +00:00
Valerio Setti
e581e140cc
oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C
...
This commit also updates test_suite_pkparse.data file adding
MBEDTLS_CIPHER_C dependencies whenever PKCS[5/12] is used.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 16:35:58 +01:00
Waleed Elmelegy
6a971fd61a
Refactor and improve Record size limit handling
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-28 17:48:16 +00:00
Valerio Setti
1fff4f2012
psa: add key_type as input parameter of psa_can_do_cipher()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 18:33:17 +01:00
Valerio Setti
1994e72e18
check_config/block_cipher: minor improvements
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 18:33:04 +01:00
Gilles Peskine
62e33bcc64
New function mbedtls_ecp_write_public_key
...
Directly export the public part of a key pair without having to go through
intermediate objects (using mbedtls_ecp_point_write_binary would require a
group object and a point object).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-24 15:23:19 +01:00
Gilles Peskine
7ea72026cd
New function mbedtls_ecp_keypair_calc_public
...
For when you calculate or import a private key, and then need to calculate
the public key.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
28240323d3
New function mbedtls_ecp_set_public_key
...
Set the public key in a key pair. This complements mbedtls_ecp_read_key and
the functions can be used in either order.
Document the need to call check functions separately.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
ba5b5d67aa
Support partial export from mbedtls_ecp_keypair
...
Sometimes you don't need to have all the parts of a key pair object. Relax
the behavior of mbedtls_ecp_keypair so that you can extract just the parts
that you need.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
e6886102ef
New function mbedtls_ecp_keypair_get_group_id
...
Add a simple function to get the group id from a key object.
This information is available via mbedtls_ecp_export, but that function
consumes a lot of memory, which is a waste if all you need is to identify
the curve.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Valerio Setti
a69e872001
pkcs[5/12]: add CIPHER_C for [en/de]crypting functions
...
This commit also updates corresponding test suites.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-21 16:39:04 +01:00
Dave Rodgman
3bc249959c
Merge branch 'development' into default-compiler-all
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-21 14:35:14 +00:00
Tom Cosgrove
c6088eceb4
Merge pull request #8384 from paul-elliott-arm/remove_ssl_null_tls12
...
Remove NULLing of ssl context in TLS1.2 transform population
2023-12-21 13:28:09 +00:00
Gilles Peskine
4bf4473ef0
Merge pull request #8633 from Wenxing-hou/clear_clienthello_comment
...
Make clienthello comment clear
2023-12-21 12:09:23 +00:00
Gilles Peskine
0e6fdc4f1d
Merge pull request #8342 from yanesca/threading_test_pc
...
Threading test proof of concept and plan
2023-12-21 12:08:41 +00:00
Waleed Elmelegy
65e3046e18
Fix code style in ssl_tls.c
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-20 17:55:10 +00:00
Waleed Elmelegy
049cd302ed
Refactor record size limit extension handling
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-20 17:28:31 +00:00
Tomi Fontanilles
851d8df58d
fix/work around dependency issues when !MBEDTLS_ECP_C
...
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
2023-12-20 13:09:27 +02:00
Tomi Fontanilles
9f41770313
pk_*: remove remaining references to MBEDTLS_PSA_CRYPTO_C
...
For real this time.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 13:05:55 +02:00
Tomi Fontanilles
bad170e159
pk: remove last references to MBEDTLS_PSA_CRYPTO_C
...
They are replaced by MBEDTLS_USE_PSA_CRYPTO.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Tomi Fontanilles
1941af087c
pk_wrap: remove last references to MBEDTLS_PSA_CRYPTO_C
...
Deprecated functions are removed and #ifdefs are updated accordingly.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Tomi Fontanilles
573dc23141
rsa: introduce rsa_internal_rsassa_pss_sign_no_mode_check()
...
And use it in the non-PSA version of mbedtls_pk_sign_ext()
to bypass checks that didn't succeed when used by TLS 1.3.
That is because in the failing scenarios the padding of
the RSA context is not set to PKCS_V21.
See the discussion on PR #7930 for more details.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Tomi Fontanilles
8174662b64
pk: implement non-PSA mbedtls_pk_sign_ext()
...
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.
Related dependencies and tests are updated as well.
Fixes #7583 .
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Valerio Setti
689c0f71cb
tests: use new CCM/GCM capability macros in tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 09:54:18 +01:00
Manuel Pégourié-Gonnard
a4b38f24fd
Merge pull request #8579 from valeriosetti/issue7995
...
PK: clean up pkwrite
2023-12-20 08:20:10 +00:00
Valerio Setti
50333977c6
cipher_wrap: fix guards for alloc/free functions of CCM/GCM
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 07:36:05 +01:00
Dave Rodgman
a69c782351
Merge pull request #8634 from daverodgman/iar-fixes
...
IAR warning fix & some improvements
2023-12-19 16:26:23 +00:00
Dave Rodgman
d47186d6e3
Disable automatic setting of clang target flags on old clang
...
Old versions of clang don't support this pragma, so we have to assume
that the user will have set the flags.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-19 13:11:47 +00:00
Valerio Setti
7f062a58fb
pkwrite: add newlines when calling mbedtls_pem_write_buffer()
...
New defines, which are shared with the pkparse module, lack the
new line so we manually add it when invoking
mbedtls_pem_write_buffer().
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-19 07:48:42 +01:00
Valerio Setti
4bb5740a7d
Revert "pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()"
...
This reverts commit 180915018d
.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-19 07:48:38 +01:00
Paul Elliott
8860021abc
Fix false claim of variables used unitialised
...
GCC with TSan + O3 causes an error where it claims key_len and iv_len
may be used uninitialised. This is, as far as I can tell incorrect (the
only way it could not be set is in the error case, and then it is not
used), however the simplest option seemed to be just to fix it.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
Dave Rodgman
af616d9123
Merge remote-tracking branch 'origin/development' into iar-fixes
2023-12-18 13:38:22 +00:00
Manuel Pégourié-Gonnard
8f1c36df00
Merge pull request #8607 from valeriosetti/issue8602
...
Make enrollement "optional" in pk_can_do_ext()
2023-12-18 11:30:04 +00:00
Bence Szépkúti
a085fa8ccf
Merge pull request #8627 from tom-cosgrove-arm/ip_len
...
Avoid use of `ip_len` as it clashes with a macro in AIX system headers
2023-12-18 02:03:17 +00:00
Valerio Setti
4ff405cf80
block_cipher: remove psa_key_type from mbedtls_block_cipher_context_t
...
This information was redundant with the already existing mbedtls_block_cipher_id_t.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-15 16:10:52 +01:00
Dave Rodgman
543d275c68
Merge pull request #8635 from daverodgman/asan-opt
...
CI perf - prefer clang for Asan
2023-12-15 13:25:02 +00:00
Manuel Pégourié-Gonnard
cddab78612
Merge pull request #8630 from joerchan/mbedtls-tfm-compat
...
Mbedtls tfm compat
2023-12-15 09:31:27 +00:00
Dave Rodgman
815b240d72
Fix unused function/variable warnings from clang
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 23:20:48 +00:00
Valerio Setti
bd7528a592
ccm/gcm: use BLOCK_CIPHER whenever possible
...
Prefer BLOCK_CIPHER instead of CIPHER_C whenever it's enabled.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
785ec17795
block_cipher: use PSA_BITS_TO_BYTES() in mbedtls_block_cipher_setkey()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
849a1abfdd
block_cipher: remove useless use of psa_cipher_operation_t
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
c6f004f0e2
psa_crypto: add internal helper to signal that cipher driver is ready
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
8ceaa75b73
psa_util: add error translations from PSA to cipher
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
c1db99d3f5
block_cipher: add PSA dispatch if possible
...
"if possible" means:
- PSA has been initialized
- requested key type is available in PSA
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Waleed Elmelegy
26e3698357
Revert back checking on handshake messages length
...
Revert back checking on handshake messages length due to
limitation on our fragmentation support of handshake
messages.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-14 16:23:25 +00:00
Waleed Elmelegy
05d670b711
Revert "Skip checking on maximum fragment length during handshake"
...
This reverts commit 419f841511
.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-14 16:23:10 +00:00
Wenxing Hou
3b9de38208
Make clienthello comment clear
...
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
2023-12-14 22:44:08 +08:00
Joakim Andersson
b349108b99
library: Move mbedtls_ecc helper functions to psa_util
...
Move the mbedtls_ecc helper functions from psa_core to psa_util.
These files are not implemented as part of the PSA API and should not
be part of the PSA crypto implementation.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
2023-12-14 13:55:11 +01:00
Dave Rodgman
69928dbe86
Fix compile warning from IAR
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 12:09:18 +00:00
Dave Rodgman
650674bb41
Add MBEDTLS_BSWAPxx intrinsics for IAR
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 12:08:57 +00:00
Dave Rodgman
f3c04f3f47
Better definition of MBEDTLS_IS_BIG_ENDIAN for IAR
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-12-14 12:08:57 +00:00
Manuel Pégourié-Gonnard
1f67363d6a
Merge pull request #8616 from lpy4105/issue/8553/test-driver-only-rsa
...
Add test for driver-only RSA (crypto only)
2023-12-14 11:05:55 +00:00
Manuel Pégourié-Gonnard
001fb73131
Merge pull request #8612 from valeriosetti/issue8601
...
Quit using enrollment in pkparse
2023-12-13 14:55:34 +00:00
Manuel Pégourié-Gonnard
ea6b3c030d
Merge pull request #8605 from valeriosetti/issue8600
...
Quit using enrollment alg in for ECDSA in PK
2023-12-12 16:53:15 +00:00
Joakim Andersson
c5b7285da9
library: Remove unused psa_crypto_core.h include
...
Remove unused psa_crypto_core.h include.
The PSA util file provides helper functions when using the PSA API.
It should not rely on PSA internal headers, and instead only use
public headers.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
2023-12-11 21:25:44 +01:00
Tom Cosgrove
656d4b3c74
Avoid use of ip_len
as it clashes with a macro in AIX system headers
...
Fixes #8624
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-12-08 21:51:15 +00:00
Pengyu Lv
f75893bb36
Update comments
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 17:40:00 +08:00
Pengyu Lv
e9efbc2aa5
Error out when get domain_parameters is not supported
...
From time being, domain_parameters could not be extracted
from driver. We need to return error to indicate this
situation. This is temporary and would be fixed after #6494 .
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 17:30:26 +08:00
Pengyu Lv
94a42ccb3e
Add tls13 in ticket flags helper function names
...
```
sed -i \
"s/\(mbedtls_ssl\)_\(session_\(\w*_\)\?ticket\)/\1_tls13_\2/g" \
library/*.[ch]
```
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 11:12:46 +08:00
Yanray Wang
90acdc65e5
tl13: srv: improve comment
...
Improve comment when received version 1.2 of the protocol while TLS
1.2 is disabled on server side.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-12-08 11:00:38 +08:00
Yanray Wang
2bef917a3c
tls13: srv: return BAD_PROTOCOL_VERSION if chosen unsupported version
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-12-08 11:00:35 +08:00
Yanray Wang
177e49ad7a
tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-12-08 11:00:33 +08:00
Yanray Wang
408ba6f7b8
tls13: srv: replace with internal API to check is_tls12_enabled
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-12-08 11:00:30 +08:00
Pengyu Lv
abd844f379
Fix wrong format in the function doc
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 10:01:58 +08:00
Pengyu Lv
02e72f65da
Reword return value description for mbedtls_ssl_tls13_is_kex_mode_supported
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 10:01:58 +08:00
Pengyu Lv
bc4aab7673
Add "_is_" to functions ssl_tls13_key_exchange_.*_available
...
Done by command:
```
sed -i \
"s/ssl_tls13_key_exchange_\(.*\)_available/ssl_tls13_key_exchange_is_\1_available/g" \
library/*.[ch]
```
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 10:01:58 +08:00
Pengyu Lv
b2cfafbb9e
Consistent renaming
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 10:01:58 +08:00
Pengyu Lv
2333b826f4
tls13: srv: rename mbedtls_ssl_tls13_check_kex_modes
...
The function is renamed to
`mbedtls_ssl_tls13_is_kex_mode_supported` and
the behaviour is reversed.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 10:01:58 +08:00
Pengyu Lv
0a1ff2b969
Consistent renaming
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 10:01:58 +08:00
Pengyu Lv
4f537f73fa
tls13: rename mbedtls_ssl_session_check_ticket_flags
...
The function is renamed to mbedtls_ssl_session_ticket_has_flags.
Descriptions are added.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 10:01:58 +08:00
Pengyu Lv
d72e858fd1
tls13: srv: rename ssl_tls13_ticket_permission_check
...
The function is renamed to
ssl_tls13_ticket_is_kex_mode_permitted
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 10:01:57 +08:00
Pengyu Lv
fc2cb9632b
tls13: rename mbedtls_ssl_conf_tls13_check_kex_modes
...
The function is renamed to
mbedtls_ssl_conf_tls13_is_kex_mode_enabled.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 10:01:57 +08:00
Pengyu Lv
60a22567e4
tls13: change return value of mbedtls_ssl_conf_tls13_check_kex_modes
...
To keep the convention in TLS code, check functions should return 0
when check is successful.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 10:01:57 +08:00
Pengyu Lv
981ec14744
tls13: rename ssl_tls13_check_*_key_exchange functions
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 10:01:57 +08:00
Waleed Elmelegy
419f841511
Skip checking on maximum fragment length during handshake
...
MbedTLS currently does not support maximum fragment length
during handshake so we skip it for now.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-07 18:33:42 +00:00
Ronald Cron
90d07118ad
Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst
...
TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket
2023-12-07 09:25:35 +00:00
Gilles Peskine
f3ccfddb45
Merge pull request #8615 from davidhorstmann-arm/fix-cast-potential-overflow
...
Fix possible integer overflows
2023-12-07 00:42:10 +00:00
Gilles Peskine
57e401b39f
Merge pull request #8521 from valeriosetti/issue8441
...
[G4] Make CTR-DRBG fall back on PSA when AES not built in
2023-12-06 18:25:44 +00:00
David Horstmann
4749007f64
Fix possible integer overflows before widening
...
When calculating a result to go into an mbedtls_ms_time_t, make sure
that arithmetic is performed at the final size to prevent overflow.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-12-06 17:22:53 +00:00
Valerio Setti
202bb71dcd
ssl_tls12_server: do not export/import opaque keys
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 17:05:24 +01:00
Waleed Elmelegy
9aec1c71f2
Add record size checking during handshake
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-06 15:18:15 +00:00
Jan Bruckner
f482dcc6c7
Comply with the received Record Size Limit extension
...
Fixes #7010
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-12-06 15:18:08 +00:00
Manuel Pégourié-Gonnard
ad4f0ada37
Merge pull request #8514 from mschulz-at-hilscher/fixes/uninitialized-variable-in-ssl_msg
...
Fix uninitialized variable warnings in ssl_msg.c
2023-12-06 11:06:03 +00:00
Valerio Setti
2bd53667d6
pk: guard key enrollment function with PSA_CRYPTO_CLIENT
...
Use key enrollment function only when MBEDTLS_PSA_CRYPTO_CLIENT
is enabled, i.e. when the Mbed TLS implementation of PSA Crypto
is being used.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 11:24:50 +01:00
Jerry Yu
95648b0134
Some minor improvement
...
- move early data check to `prepare`
- avoid `((void) output_len)
- replace check with `session_ticket_allow` in 2nd place
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:21:16 +08:00
Jerry Yu
c59c586ac4
change prototype of write_early_data_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:21:15 +08:00
Jerry Yu
163e12f7ff
remove assignment for session->max_early_data_size
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:21:09 +08:00
Jerry Yu
ebe1de62f9
fix various issue
...
- rename connection time variable
- remove unnecessary comments
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:20:25 +08:00
Jerry Yu
9e7f9bc253
Add missing debug message
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:20:22 +08:00
Jerry Yu
db97163ac7
add ticket max_early_data_size check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:20:13 +08:00
Jerry Yu
5233539d9f
share write_early_data_ext function
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:18:50 +08:00
Jerry Yu
0069abc141
improve comments of new session ticket
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:18:46 +08:00
Jerry Yu
1a160703f8
set max_early_data_size of ticket to keep consistent
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:18:43 +08:00
Jerry Yu
f135bac89c
Add max_early_data_size check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:18:39 +08:00
Jerry Yu
930ce4cfac
Revert "change max_early_data_size source"
...
This reverts commit 3d8d6a770f3a0f3045820970bc4a5d6ee7df8e10.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:18:36 +08:00
Jerry Yu
2f5d93b1c9
Revert "set init value for max_early_data_size in session"
...
This reverts commit 8b02d75ed1af883e135979d24e38c0847e66fede.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:18:33 +08:00
Jerry Yu
d450fd25ae
change max_early_data_size source
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:18:31 +08:00
Jerry Yu
525990fb62
set init value for max_early_data_size in session
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:18:28 +08:00
Jerry Yu
db6fda71e5
improve early data comments
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:17:51 +08:00
Jerry Yu
10795a0c3b
replace ticket permission set
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:17:48 +08:00
Jerry Yu
c2b1bc4fb6
replace early data permission check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:17:46 +08:00
Jerry Yu
4da7c22cd6
add early data flag check function
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:17:44 +08:00
Jerry Yu
ea96ac3da9
fix various issues
...
- get ticket_flags with function.
- improve output message and check it.
- improve `ssl_server2` help message
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:17:37 +08:00
Jerry Yu
3db60dfe5e
rename nst early data write function
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:16:56 +08:00
Jerry Yu
fceddb310e
Add early data permission check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:14:54 +08:00
Jerry Yu
01da35e2c8
add early data extension of NST
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:14:52 +08:00
Valerio Setti
bced8bc8d7
ssl_tls12_server: export/import PK parsed key in TLS side
...
Instead of setting both algorithm and enrollement algorithm in the
PK module when parsing the key:
- for Weierstrass keys we only set ECDSA algorithm,
- for Montgomery keys we don't set any algorithm.
Reasons:
- PK module can only do ECDSA and not ECDH
- ECDH is only used in TLS
- Montgomery keys cannot be used to do ECDSA, while Weierstrass ones
can do both ECDSA and ECDH.
So the idea is that once TLS needs the key to do ECDH (either Weierstrass
and Montgomery), it exports the one parsed from the PK module and then
re-imports it setting proper algorithm and flags. In this way the TLS
module will own the new key so it will be its duty to clear it on
exit.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 10:40:47 +01:00
Valerio Setti
fbbafa0d2d
pkparse: do not set key algorithm for Montgomery keys in pk_ecc_set_key()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 10:07:34 +01:00
Ronald Cron
40f3f1c36f
Merge pull request #7058 from yuhaoth/pr/tls13-early-data-parsing-0-rtt-data
...
TLS 1.3 EarlyData SRV: Parsing 0-RTT data
2023-12-06 06:47:32 +00:00
Jerry Yu
42020fb186
revert output message which used by testing
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-05 17:35:53 +08:00
Ronald Cron
a1e867c676
Merge pull request #8576 from yanrayw/issue/fix-tls13-session_negotiate-assignment
...
TLS13: CLI: EarlyData: Assign ciphersuite after associated verification in EE
2023-12-05 08:31:24 +00:00
Valerio Setti
4ac2c18834
pk_wrap: try both ECDSA signature schemes in ecdsa_sign_psa()
...
Instead of extracting key's properties in order to check whether it
supports deterministic or non-deterministic ECDSA, we try both.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-05 07:59:01 +01:00
Jerry Yu
ebb1b1d48f
fix ci test failure
...
"skip parse certificate verify" can not be changed.
It is used in `Authentication: client badcert, server none`
test.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-05 11:02:15 +08:00
Jerry Yu
b55f9eb5c5
fix various issues
...
- remove unnecessary statements
- improve macro name
- improve output message
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-05 10:27:17 +08:00
Valerio Setti
8aec84f3a7
pkwrite: minor code reshape
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 16:04:21 +01:00
Valerio Setti
83e0de8481
crypto_extra: revert changes to mbedtls_psa_random_free()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
402cfba4dc
psa: free RNG implementation before checking for remaining open key slots
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:41 +01:00
Valerio Setti
5f4b28defc
ctr_drbg: add alternative PSA implementation when AES_C is not defined
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:41 +01:00
Dave Rodgman
9afc0200c7
Merge pull request #8563 from Oldes/issues-8562
...
Fixed compilation for Haiku OS
2023-12-04 09:53:08 +00:00
Yanray Wang
fb0f47b1f8
tls13: srv: check tls version in ClientHello with min_tls_version
...
When server is configured as TLS 1.3 only and receives ClientHello
from a TLS 1.2 only client, it's expected to abort the handshake
instead of downgrading protocol to TLS 1.2 and continuing handshake.
This commit adds a check to make sure server min_tls_version always
larger than received version in ClientHello.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-12-04 17:50:36 +08:00
Jerry Yu
7bb40a3650
send unexpected alert when not received eoed or app during reading early data
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-04 10:04:15 +08:00
Jerry Yu
fbf039932a
Send decode error alert when EOED parsing fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-04 10:00:37 +08:00