Commit graph

22472 commits

Author SHA1 Message Date
Dave Rodgman
bc5f03dabc Disable PKCS7 by default; improve docs
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-01 18:32:23 +00:00
Dave Rodgman
c3902ac661
Merge pull request #6698 from wernerlewis/bignum_mod_py
Bignum: Enable test generation from bignum_mod.py
2022-12-01 11:48:14 +00:00
Paul Elliott
266f79c136
Merge pull request #6426 from aditya-deshpande-arm/driver-wrapper-key-agreement
Add driver dispatch layer for raw key agreement, along with test call for transparent drivers.
2022-12-01 11:40:52 +00:00
Werner Lewis
cff7578822 Add imports to bignum_mod
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-30 16:34:07 +00:00
Aditya Deshpande
5484e96117 Add changelog entry
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2022-11-30 15:56:42 +00:00
Gilles Peskine
a942b370fe
Merge pull request #6694 from tom-cosgrove-arm/fix-name-of-basic-build-test.sh
Fix the name of basic-build-test.sh within the file
2022-11-30 16:19:55 +01:00
Werner Lewis
c84b731941 Enable test generation from bignum_mod.py
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
2022-11-30 14:43:31 +00:00
Tom Cosgrove
fc2ac75453 Fix the name of basic-build-test.sh within the file
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-11-30 11:13:00 +00:00
Ronald Cron
7df787c019
Merge pull request #6538 from yuhaoth/pr/tls13-add-early-data-transform-computation 2022-11-30 09:56:00 +01:00
Gilles Peskine
72bffe02b7
Merge pull request #6663 from davidhorstmann-arm/fix-typo-unsupported
Fix typo 'unsupoported' -> 'unsupported'
2022-11-29 21:44:27 +01:00
Gilles Peskine
edaa17b350
Merge pull request #6547 from yanesca/extract_mod_exp_from_prototype
Bignum: Extract mod exp from prototype
2022-11-29 21:40:07 +01:00
Aditya Deshpande
b6bc7524f9 Minor formatting fixes to address code review comments
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2022-11-29 16:53:29 +00:00
Gilles Peskine
bfec9d0df7
Merge pull request #6676 from davidhorstmann-arm/cmake-get-skip-test-from-env
Tell cmake to get SKIP_TEST_SUITES from ENV
2022-11-29 14:25:50 +01:00
Manuel Pégourié-Gonnard
7f5bc5c40f
Merge pull request #6681 from mpg/changelog-6264
Add ChangeLog entry for DTLS Connection ID
2022-11-29 11:34:11 +01:00
Manuel Pégourié-Gonnard
0b9b560770
Merge pull request #6601 from valeriosetti/issue6502
Avoid assumptions about implementation in EC J-PAKE tests
2022-11-29 11:21:23 +01:00
Manuel Pégourié-Gonnard
f9720cfa78
Merge pull request #6670 from gilles-peskine-arm/pkcs7-use-after-free-20221127
PKCS7: Fix some memory management errors
2022-11-29 11:17:27 +01:00
Manuel Pégourié-Gonnard
37d41c79b8 Add ChangeLog entry for DTLS Connection ID
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-11-29 10:20:15 +01:00
Manuel Pégourié-Gonnard
ffc330fafa
Merge pull request #6264 from hannestschofenig/rfc9146_2
CID update to RFC 9146
2022-11-29 09:25:14 +01:00
Jerry Yu
aec08b3f42 fix various format issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-29 15:19:27 +08:00
Gilles Peskine
a13f5eb7b8 Add missing dependency for the fuzzer-constructed test data
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-28 21:30:04 +01:00
Janos Follath
97915c8685
Merge pull request #6619 from minosgalanakis/bignum/add_high_lv_IO_methods
Bignum: Adding High level I/O methods
2022-11-28 17:27:48 +00:00
Janos Follath
1f8afa22a4 Bignum Mod: improve documentation and style
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-28 14:58:08 +00:00
Aditya Deshpande
1ac41dec09 Add test function for opaque driver (simply returns PSA_ERROR_NOT_SUPPORTED), and address other review comments.
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2022-11-28 14:46:30 +00:00
Manuel Pégourié-Gonnard
095c4756ee
Merge pull request #6674 from AndrzejKurek/ecjpake-changelog
Add a changelog entry explaining usage of PSA in TLS 1.2 EC J-PAKE
2022-11-28 12:44:38 +01:00
Valerio Setti
a34d0308cc test: psa_pake: fix dependency
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2022-11-28 11:46:36 +01:00
Janos Follath
84bee4c492 mbedtls_mpi_mod_write: improve readability
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-28 10:27:14 +00:00
David Horstmann
3861062f6b Tell cmake to get SKIP_TEST_SUITES from ENV
If the variable SKIP_TEST_SUITES is not defined with -D, but is defined
in an environment variable, tell cmake to get it from there.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-11-28 10:18:05 +00:00
Jerry Yu
3d78e08ac0 erase early secrets and transcripts
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-28 17:34:06 +08:00
Jerry Yu
a5db6c0ce3 fix coding style issues.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-28 17:34:06 +08:00
Jerry Yu
e31688b7fa fix comments issue
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-28 17:34:06 +08:00
Jerry Yu
a8771839e8 Refactor make_traffic_keys
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-28 17:34:06 +08:00
Jerry Yu
3ce61ffca6 fix comments and function name issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-28 17:34:06 +08:00
Jerry Yu
b094e124f2 fix various issues
- Alignments
- comment words in doxygen paragraph

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-28 17:34:06 +08:00
Jerry Yu
91b560f38d Add compute early transform
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-28 17:34:06 +08:00
Jerry Yu
3d9b590f02 guards transform_earlydata
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-28 17:34:06 +08:00
Jerry Yu
84a6edac10 change signature of get_cipher_key_info
- it is a static function. The name is not follow nameing ruler
- move the position.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-11-28 17:34:06 +08:00
Andrzej Kurek
a6ab9d8b12 Add a changelog entry explaining usage of PSA in TLS 1.2 EC J-PAKE
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-11-28 03:55:27 -05:00
Ronald Cron
13256ba65c
Merge pull request #6667 from gilles-peskine-arm/lib-crypto-modules-202211
Move SSL modules out of libmbedcrypto
2022-11-28 08:51:49 +01:00
Gilles Peskine
4f01121f6e Fix memory leak on error in pkcs7_get_signers_info_set
mbedtls_x509_name allocates memory, which must be freed if there is a
subsequent error.

Credit to OSS-Fuzz (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53811).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-27 22:02:10 +01:00
Gilles Peskine
e7f8c616d0 Fix dangling freed pointer in pkcs7_free_signer_info
This may have been a use-after-free, but I haven't worked out whether it was
a problem or not. Even if it turns out to have been ok, keeping invalid
pointers around is fragile.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-27 21:55:29 +01:00
Gilles Peskine
47a732635b Simplify control flow in PKCS7 functions
Remove useless goto in several functions.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-27 21:55:29 +01:00
Gilles Peskine
391005cb3b Fix structures initialized too late in tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-27 21:55:29 +01:00
Gilles Peskine
2336555444 Improve test failure reporting
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-27 21:55:29 +01:00
Gilles Peskine
290f01b3f5 Fix dangling freed pointer on error in pkcs7_get_signers_info_set
This fixes a use-after-free in PKCS#7 parsing when the signer data is
malformed.

Credit to OSS-Fuzz (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53798).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-27 21:55:29 +01:00
Janos Follath
e7190a2960 mpi_mod_io_neg: fix use of uninitialized value
Uninitialized values are invalid for the tested functions and we
shouldn't be testing that.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 18:46:54 +00:00
Janos Follath
6eb92c0410 Bignum Mod: improve documentation and style
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 17:34:37 +00:00
Janos Follath
0020df9cf9 mpi_mod_io: test with various buffer sizes
Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 17:23:16 +00:00
Janos Follath
8dfc8c41b7 mbedtls_mpi_mod_write: prevent data corruption
The function wasn't converting back data to internal representation when
writing it out.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 15:39:02 +00:00
Janos Follath
d7bb35257b mbedtls_mpi_mod_read/write: restrict pre-conditions
Require equality for the number of limbs in the modulus and the residue.
This makes these functions consistent with residue_setup().

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 14:59:27 +00:00
Janos Follath
75b9f0fd2e mbedtls_mpi_mod_read/write: remove redundant checks
The function isn't documented as accepting null pointer, and there's no
reason why it should be. Just let it dereference the pointer.

The null/zero checks are only marginally useful: they validate that m
and r are properly populated objects, not freshly initialized ones. For
that, it's enough to check that the pointers aren't null or that the
sizes aren't zero, we don't need to check both.

Also, use separate if statements for unrelated checks.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2022-11-26 14:28:50 +00:00