Neil Armstrong
7624a5ae5e
Allow RSA PK Opaque keys for RSA-PSS signing
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-12 10:09:26 +02:00
Dave Rodgman
ed35887fc8
Merge pull request #2104 from hanno-arm/iotssl-2071
...
Check that integer types don't use padding bits in selftest
2022-04-11 17:26:08 +01:00
Hanno Becker
53b3c607a0
Move const
keyword prior to type name
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 13:46:30 +01:00
Hanno Becker
dfcb2d084b
Fix Doxygen for mbedtls_mpi_core_mla()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 13:44:15 +01:00
Hanno Becker
99ba4cc6d5
Remove Doxygen from mbedtls_mpi_core_mla() implementation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 13:44:03 +01:00
Dave Rodgman
8f5a29ae40
Improve fix for printf specifier
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-11 12:59:45 +01:00
Hanno Becker
efdc519864
Reintroduce though-to-be unused variable in correct place
...
The variable is a local variable for the i386 bignum assembly only;
introduce it as part of the start/finish macros.
It can be noted that the variable is initialize to 0 within MULADDC_INIT,
so there are no data dependencies across blocks of MULADDC_INIT/CORE/STOP.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 10:44:02 +01:00
Dave Rodgman
eaba723139
Fix printf specifier
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-11 10:07:38 +01:00
Dave Rodgman
c4a514aefa
Merge pull request #2479 from jacobschloss/patch-1
...
Fix typo in config-no-entropy.h
2022-04-11 09:50:26 +01:00
Dave Rodgman
e5a7ba684f
Merge pull request #5719 from tom-cosgrove-arm/adamwolf-reasonable
...
Fix spelling of 'reasonable' in comments
2022-04-11 09:47:20 +01:00
Hanno Becker
5d4ceeb25c
Remove const qualifier for mutable local variable in mpi_mul_hlp()
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 09:46:47 +01:00
Hanno Becker
284d778d28
Address review comments
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 09:19:24 +01:00
Hanno Becker
e9dd9a1f31
Use size_t for number of limbs
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 09:06:27 +01:00
Manuel Pégourié-Gonnard
eaf3086831
Merge pull request #1133 from RonEld/1805
...
Fix Shared Library compilation issue with Cmake
2022-04-11 09:31:59 +02:00
Hanno Becker
6454993e2e
Safeguard against calling p255 reduction with single-width MPI
...
(In this case, there's nothing to do anyway since we only do a
quasi-reduction to N+1 limbs)
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 07:35:58 +01:00
Hanno Becker
25bb732ea7
Simplify x25519 reduction using internal bignum MLA helper
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 07:03:48 +01:00
Hanno Becker
aef9cc4f96
Rename mpi_mul_hlp -> mbedtls_mpi_core_mla and expose internally
...
This paves the way for the helper to be used from the ECP module
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2022-04-11 07:03:43 +01:00
Andrzej Kurek
57f58b0e65
Prefer TEST_EQUAL over TEST_ASSERT in test suites
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-04-08 16:51:03 -04:00
Gilles Peskine
b4f874d1da
raw_key_agreement_fail: Add a nominal run
...
Ensure that the nominal run works properly, so that it's apparent that the
injected failure is responsible for the failure of the handshake.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-08 16:50:38 -04:00
Gilles Peskine
6cbc9986fb
Remove redundant empty slot count check
...
USE_PSA_DONE() already checks that there are no used key slots.
The call to TEST_ASSERT() wouldn't have worked properly on failure anyway,
since it would jump back to the exit label.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-04-08 16:47:19 -04:00
Andrzej Kurek
28f883eba5
Remove RSA & DTLS dependency in raw key agreement test
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-04-08 16:46:57 -04:00
Gilles Peskine
e1730e492d
Merge pull request #5708 from AndrzejKurek/timeless-struggles
...
Remove the dependency on MBEDTLS_TIME_H from the timing module
2022-04-08 18:43:16 +02:00
Adam Wolf
039080fba7
Fix spelling of 'reasonable' in comments
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-04-08 16:49:04 +01:00
Paul Elliott
ed334d2e2f
Merge pull request #5623 from gstrauss/inline-cert_cb
...
Introduce mbedtls_ssl_hs_cb_t typedef
2022-04-08 16:04:31 +01:00
Neil Armstrong
cb87403560
Use 1024 bits RSA key size for RSA PK Opaque tests
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-08 15:14:40 +02:00
Neil Armstrong
95a892311d
Comment decrypt & encrypt callback entries of mbedtls_pk_ecdsa_opaque_info as not relevant
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-08 15:13:51 +02:00
Neil Armstrong
7df6677c34
Remove now invalid comment in pk_opaque_ecdsa_can_do()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-08 15:13:06 +02:00
Neil Armstrong
56e71d4d1a
Update documentation of mbedtls_pk_setup_opaque()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-08 15:12:42 +02:00
Neil Armstrong
eccf88fa48
Only accept RSA key pair in mbedtls_pk_setup_opaque()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-08 15:11:50 +02:00
Dave Rodgman
f945e0a475
Update ChangeLog.d/alert_reentrant.txt
...
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:59:30 +01:00
Dave Rodgman
e2e7e9400b
Fail for types not of size 2, 4 or 8
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:46:30 +01:00
Hanno Becker
baae59cd49
Improve documentation of absence-of-padding check
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:46:29 +01:00
Hanno Becker
0d7dd3cd43
Check that size_t and ptrdiff_t don't have padding
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:46:26 +01:00
Hanno Becker
4ab3850605
Check that integer types don't use padding bits in selftest
...
This commit modifies programs/test/selftest to include a check that
none of the standard integer types (unsigned) [short, int, long, long]
uses padding bits, which we currently don't support.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:45:05 +01:00
Hanno Becker
8813c03cb0
Add ChangeLog entry
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:16:55 +01:00
Hanno Becker
5e18f74abb
Make alert sending function re-entrant
...
Fixes #1916
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-04-08 12:16:43 +01:00
Jacob Schloss
d8a573b9d9
Fix spelling of 'features' in comment
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-04-08 10:23:14 +01:00
Gilles Peskine
e756f642cd
Seed the PRNG even if time() isn't available
...
time() is only needed to seed the PRNG non-deterministically. If it isn't
available, do seed it, but pick a static seed.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-04-08 04:46:41 -04:00
Andrzej Kurek
5735369f4a
Remove the dependency on MBEDTLS_HAVE_TIME from MBEDTLS_TIMING_C
...
The timing module might include time.h on its own when on
a suitable platform, even if MBEDTLS_HAVE_TIME is disabled.
Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-04-08 04:41:42 -04:00
Glenn Strauss
236e17ec26
Introduce mbedtls_ssl_hs_cb_t typedef
...
Inline func for mbedtls_ssl_conf_cert_cb()
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-07 14:18:30 -04:00
Gilles Peskine
a91b68564c
Merge pull request #5429 from yuhaoth/pr/fix-parallel-build-fail-of-cmake_out_source
...
fix parallel build fail of cmake out source
2022-04-07 16:21:43 +02:00
Gilles Peskine
8e5e8d73db
Merge pull request #5686 from AndrzejKurek/off-by-one-ssl-opt
...
Fix an off-by-one error in ssl-opt.sh
2022-04-07 16:20:55 +02:00
Przemek Stekiel
e3ee221893
Free other secret in tls12_prf context
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:41:56 +02:00
Przemek Stekiel
23650286ac
Add psa_tls12_prf_set_other_key() function to store other secret input
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:41:46 +02:00
Przemek Stekiel
c4b814a9c2
psa_tls12_prf_key_derivation_state_t: add optional step to set other key
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:01:50 +02:00
Przemek Stekiel
f4e8f01964
psa_tls12_prf_key_derivation_t: add other_secret and other_secret_length fields to handle mixed PSK
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:01:50 +02:00
Przemek Stekiel
37c81c4f05
Extend PSA_ALG_TLS12_PSK_TO_MS alg (add #PSA_KEY_DERIVATION_INPUT_OTHER_SECRET input)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:01:50 +02:00
Neil Armstrong
c1152e4a0f
Handle and return translated PSA errors in mbedtls_pk_wrap_as_opaque()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-07 15:01:24 +02:00
Neil Armstrong
7e1b4a45fa
Use PSA_BITS_TO_BYTES instead of open-coded calculation in mbedtls_pk_wrap_as_opaque()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-07 15:01:24 +02:00
Neil Armstrong
b354742371
Update documentation of mbedtls_pk_setup_opaque()
...
The function now accepts a RSA key pair in addition to an ECC
key pair.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-07 15:01:24 +02:00