Commit graph

6718 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
dc848955d6
Merge pull request #8519 from mpg/block-cipher
[G2] Add internal module block_cipher
2023-11-15 11:53:22 +00:00
Manuel Pégourié-Gonnard
9e80a91f27
Merge pull request #8164 from yanrayw/adjust_tfm_configs
Adjust how we handle TF-M config files
2023-11-15 08:21:27 +00:00
Valerio Setti
a56eb46ce6 adjust_legacy_from_psa: fix comment
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:18:14 +01:00
Valerio Setti
c2d68f5611 adjust_legacy_from_psa: treat CCM and CCM* separately
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:16:37 +01:00
Valerio Setti
cab5eff98c adjust_config_synonyms: make CCM and CCM* indipendent
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:16:37 +01:00
Jerry Yu
fedaeb21b3 improve document
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-15 13:59:07 +08:00
Jerry Yu
6c485dad44 improve document
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-15 10:18:47 +08:00
Manuel Pégourié-Gonnard
752dd39a69
Merge pull request #8508 from valeriosetti/issue6323
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
2023-11-14 11:39:06 +00:00
Jerry Yu
1b23bce4a2 improve brief description of conf_sig_algs
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-13 13:45:14 +08:00
Tom Cosgrove
08ea9bfa1f
Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data
TLS 1.3: Rename early_data and max_early_data_size configuration function
2023-11-10 19:35:46 +00:00
Manuel Pégourié-Gonnard
5f3361c0c6 Temporary hack to pacify check_names.py
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 12:24:11 +01:00
Manuel Pégourié-Gonnard
21718769d1 Start adding internal module block_cipher.c
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 11:21:17 +01:00
Valerio Setti
01c4fa3e88 ssl: move MBEDTLS_SSL_HAVE internal symbols to ssl.h
This is useful to properly define MBEDTLS_PSK_MAX_LEN when
it is not defined explicitly in mbedtls_config.h

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
Yanray Wang
111159b89c BLOCK_CIPHER_NO_DECRYPT: call encrypt direction unconditionally
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-10 15:03:23 +08:00
Matthias Schulz
5a39c4ecf2 Fixes https://github.com/Mbed-TLS/mbedtls/issues/6910 as proposed in https://github.com/Mbed-TLS/mbedtls/issues/6910#issuecomment-1573301661
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-09 15:53:01 +01:00
Jerry Yu
53c4a0da07 Improve documents
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-09 10:38:17 +08:00
Gilles Peskine
4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377
Fixes "CSR parsing with critical fields fails"
2023-11-08 18:07:04 +00:00
Dave Rodgman
9eb2abd1e0 Add docs re Everest license
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:17 +00:00
Dave Rodgman
28d40930ae Restore bump version
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:08 +00:00
Dave Rodgman
edb8fec988 Add docs re Everest license
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:36:00 +00:00
Yanray Wang
d137da5a93 check_config: make error message in BLOCK_CIPHER_NO_DECRYPT clearer
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-08 19:17:44 +08:00
Yanray Wang
30769696e7 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-11-08 10:00:24 +08:00
Matthias Schulz
c55b500343 Changed notes in x509_csr.h to better describe the behavior of mbedtls_x509_csr_parse_der and mbedtls_x509_csr_parse_der_with_ext_cb.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-07 16:47:37 +01:00
Yanray Wang
0751761b49 max_early_data_size: rename configuration function
Rename mbedtls_ssl_tls13_conf_max_early_data_size as
mbedtls_ssl_conf_max_early_data_size since in the future
this may not be specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 11:49:34 +08:00
Yanray Wang
d5ed36ff24 early data: rename configuration function
Rename mbedtls_ssl_tls13_conf_early_data as
mbedtls_ssl_conf_early_data since in the future this may not be
specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 11:49:24 +08:00
Yanray Wang
0d76b6ef76 Return an error if asking for decrypt under BLOCK_CIPHER_NO_DECRYPT
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is enabled, but decryption is
still requested in some incompatible modes, we return an error of
FEATURE_UNAVAILABLE as additional indication.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Yanray Wang
956aa00202 check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT with PSA
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Gilles Peskine
8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407
[G2] Make TLS work without Cipher
2023-11-04 15:05:00 +00:00
Dave Rodgman
bb5a18344a Bump version
./scripts/bump_version.sh --version 3.5.1 --so-crypto 15 --so-x509 6 --so-tls 20

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:31:30 +00:00
Dave Rodgman
e3c05853d6 Header updates
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:21:36 +00:00
Dave Rodgman
16799db69a update headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Yanray Wang
b799eea123 check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-02 12:38:01 +08:00
Yanray Wang
e367e47be0 mbedtls_config: add new config option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
With the introduction of negative option
MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we don't need to implicitly enable
it through PSA.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-02 12:36:41 +08:00
Dave Rodgman
b351d60e99 Merge remote-tracking branch 'origin/development' into msft-aarch64 2023-11-01 13:20:53 +00:00
Yanray Wang
b67b47425e Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-31 17:22:06 +08:00
Yanray Wang
5779096753 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-10-31 13:39:07 +08:00
Valerio Setti
d531dab4f6 check_config: let SSL_TLS depend on either CIPHER_C or USE_PSA_CRYPTO
TLS code already implements proper dispatching to either
builtin or PSA implementations based on USE_PSA guards, so we can
improve the check_config guards to reflect this.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:36:32 +01:00
Jerry Yu
2c46ca3474 fix various issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-30 17:32:20 +08:00
Jerry Yu
83536c23f3 Add translation ruler into document
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-30 16:18:21 +08:00
Jerry Yu
01c7356944 Add deprecated flag in document for sig_hashes
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-27 17:03:20 +08:00
Valerio Setti
c5d9dd262b adjust_psa_from_legacy: enable ALG_STREAM_CIPHER on when CIPHER_C is defined
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Valerio Setti
c1d50b6314 check_config: fix dependency of PSA_CRYPTO_C on CIPHER_C
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Ronald Cron
95b735530c
Merge pull request #6719 from yuhaoth/pr/tls13-early-data-add-early-data-of-client-hello
TLS 1.3: EarlyData SRV: Add early data extension parser.
2023-10-26 08:31:53 +00:00
Dave Rodgman
6e51abf11d Merge remote-tracking branch 'origin/development' into msft-aarch64
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 15:17:11 +01:00
Dave Rodgman
48b965d941 Update clang version requirements
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
4b8e8dc043 Improve compiler version checking + docs + testing for armclang
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
18838f6c1a Fix docs for MBEDTLS_AESCE_C
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
d69d3cda34
Merge pull request #8298 from daverodgman/sha-armce-thumb2
Support SHA256 acceleration on Armv8 thumb2 and arm
2023-10-24 21:23:15 +00:00
Dave Rodgman
514590210b Merge remote-tracking branch 'origin/development' into sha-armce-thumb2
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-23 15:35:07 +01:00
Valerio Setti
bd24d95c27 legacy_from_psa: fix support for PSA_ACCEL_ALG_[STREAM_CIPHER/ECB_NO_PADDING]
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-23 15:01:52 +02:00
Matthias Schulz
edc32eaf1a Uncrustified
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-19 16:09:08 +02:00
Yanray Wang
08e9423f14 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-10-19 17:44:47 +08:00
Yanray Wang
893623fb28 PBKDF2-AES-CMAC: remove not needed preprocessor directive
PBKDF2-AES-CMAC works if we provide the driver of AES-CMAC or
KEY-TYPE-AES or both. So if PBKDF2-AES-CMAC is requested via PSA,
we don't need to additionally enable builtin AES-CMAC or builtin
KEY-TYPE-AES.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-19 16:13:34 +08:00
Gilles Peskine
6407f8fc54
Merge pull request #8322 from valeriosetti/issue8257
Improve location of MD_CAN macros
2023-10-18 14:31:28 +00:00
Matthias Schulz
ab4082290e Added parameters to add callback function to handle unsupported extensions. Similar to how the callback functions work when parsing certificates. Also added new test cases.
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-18 13:20:59 +02:00
Manuel Pégourié-Gonnard
c6d633ffbc
Merge pull request #8297 from valeriosetti/issue8064
Change accel_aead component to full config
2023-10-18 07:15:59 +00:00
Valerio Setti
2f00b7a5da cipher: reset MBEDTLS_CIPHER_HAVE_AEAD to MBEDTLS_CIPHER_MODE_AEAD
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-17 11:43:34 +02:00
Manuel Pégourié-Gonnard
6d42921633 Require at least on curve for ECP_LIGHT
ECP_LIGHT is not usable without any curve, just the same as ECP_C.

We forgot to update this check when introducing the ECP_LIGHT subset.

Note: the message doesn't mention ECP_LIGHT as that's not a public
config knob, hence the message with "ECP_C or a subset" (that's how it's
referred to in user-facing documentation such as
docs/driver-only-builds.md).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-17 10:01:33 +02:00
Valerio Setti
9fc1f24331 md: restore md.h includes in source files directly using its elements
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 14:39:38 +02:00
Yanray Wang
aa01ee303a Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-10-16 17:38:32 +08:00
Valerio Setti
596ef6c0b1 cipher: reset MBEDTLS_CIPHER_HAVE_AEAD_LEGACY to previous naming
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 11:26:08 +02:00
Dave Rodgman
3e52184923 Make macro definition more consistent with similar defns
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
0a48717b83 Simplify Windows-on-Arm macros
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Valerio Setti
5f5573fa90 cipher: reintroduce symbol for legacy AEAD support
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-13 17:29:27 +02:00
Dave Rodgman
7821df3e8b Adjust use of deprecated in Doxygen
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-13 09:39:11 +01:00
Dave Rodgman
d85277c62e Doxygen fixes
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-13 09:22:54 +01:00
Valerio Setti
193e383686 check_config: fix typo causing build issues with only CCM enabled
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-13 09:37:24 +02:00
Maciej Zwoliński
720c638717 Add AES encrypted keys support for PKCS5 PBES2
Signed-off-by: Maciej Zwoliński <mac.zwolinski@gmail.com>
2023-10-12 12:00:01 +01:00
Valerio Setti
db1ca8fc33 cipher: keep MBEDTLS_CIPHER_HAVE symbols private
This commit also improve the usage of these new symbols in
cipher_wrap code

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-12 10:39:54 +02:00
Valerio Setti
e570704f1f ssl: use MBEDTLS_SSL_HAVE_[CCM/GCM/CHACHAPOLY/AEAD] macros for ssl code
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-12 10:39:37 +02:00
Jerry Yu
7a799ccacd Share early_data_status between server and client
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-12 15:02:01 +08:00
Jerry Yu
02e3a074a3 Add max_early_data_size into ticket
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-12 15:00:26 +08:00
Bence Szépkúti
9b0c8164eb
Merge pull request #8330 from KloolK/extern-c
Fix C++ build issue when MBEDTLS_ASN1_PARSE_C is not enabled
2023-10-11 16:19:39 +00:00
Dave Rodgman
b0d9830373
Merge branch 'development' into sha-armce-thumb2
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-11 13:53:41 +01:00
Valerio Setti
02a634decd md: remove unnecessary inclusions of mbedtls/md.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:15:58 +02:00
Valerio Setti
6bd3d9b166 cipher: fix missing spaces
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:10:34 +02:00
Valerio Setti
d0411defa2 cipher: add internal symbols for AEAD capabilities
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:10:34 +02:00
Valerio Setti
e7bac17b5d test: keep SSL_TICKET_C and SSL_CONTEXT_SERIALIZATION enabled
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:10:34 +02:00
Dave Rodgman
be7915aa6c Revert renaming of SHA512 options
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-11 10:59:05 +01:00
Bence Szépkúti
cffd7135c6
Merge pull request #8328 from yanrayw/sha256_context_guard
sha256_context: guard is224 by MBEDTLS_SHA224_C
2023-10-11 09:13:33 +00:00
Ronald Cron
a89d2ba132
Merge pull request #8327 from ronald-cron-arm/adapt-psa-crypto-repo-name
Adapt to new PSA Crypto repo name
2023-10-11 06:45:30 +00:00
Dave Rodgman
5b89c55bb8 Rename MBEDTLS_SHAxxx_USE_ARMV8_yyy to MBEDTLS_SHAxxx_USE_ARMV8_A_yyy
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 15:14:57 +01:00
Dave Rodgman
fe9fda81aa Rename MBEDTLS_ARCH_IS_ARMV8 to MBEDTLS_ARCH_IS_ARMV8_A
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 15:14:56 +01:00
Dave Rodgman
f097bef6ea Refer to Armv8-A (not Armv8) in docs
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 15:14:30 +01:00
Dave Rodgman
c5861d5bf2 Code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 14:01:54 +01:00
Dave Rodgman
6ab314f71d More config option renaming
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 14:00:17 +01:00
Dave Rodgman
94a634db96 Rename A64 config options
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 12:59:29 +01:00
Ronald Cron
7871cb14a7 Include psa/build_info.h instead of mbedtls/build_info.h
In PSA headers include psa/build_info.h instead
of mbedtls/build_info.h. In Mbed TLS, both are
equivalent but not in TF-PSA-Crypto where
psa/build_info.h is the correct one.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-10-10 09:35:22 +02:00
Jan Bruckner
946720aac5 Fix C++ build issue when MBEDTLS_ASN1_PARSE_C is not enabled
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-10-09 16:53:41 +02:00
Yanray Wang
29db8b061d sha256.h: add guard for is224 in sha256 context
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-09 18:09:47 +08:00
Ronald Cron
070e8652d5 Adapt to new PSA Crypto repo name
Patterns I looked for:
grep -i "psa-crypto"
grep -i "psa.*crypto.*repo"
grep -i "psa.*crypto.*root"

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-10-09 10:26:18 +02:00
Thomas Daubney
540324cd21 Correct styling of Mbed TLS in documentation
Several bits of documentation were incorrectly styling Mbed TLS
as MbedTLS.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-06 17:07:24 +01:00
Valerio Setti
85d2a98549 md: move definitions of MBEDTLS_MD_CAN to config_adjust_legacy_crypto.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-06 16:04:49 +02:00
Dave Rodgman
7ed619d3fa Enable run-time detection for Thumb and Arm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 09:39:56 +01:00
Dave Rodgman
bfe6021e85 Improve docs
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 08:31:22 +01:00
Dave Rodgman
ca92f50e12 Update docs for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 08:24:55 +01:00
Dave Rodgman
8690859097 Improve docs
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 17:40:25 +01:00
Minos Galanakis
31ca313efa Bump version to 3.5.0
```
./scripts/bump_version.sh --version 3.5.0
```

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 22:02:18 +01:00
Minos Galanakis
1a3ad265cc Merge branch 'development-restricted' into mbedtls-3.5.0rc0-pr
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 21:57:51 +01:00
Dave Rodgman
cc5bf4946f Make SHA256 depend on Armv8, not aarch64
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-03 18:02:56 +01:00
Dave Rodgman
5ed7b2dec2 Introduce MBEDTLS_ARCH_IS_ARMV8
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-03 18:02:31 +01:00
Dave Rodgman
b51f3da354
Merge pull request #8264 from mpg/follow-up-8075
Follow up to 8075
2023-09-28 17:32:12 +00:00
Manuel Pégourié-Gonnard
140c08e325 Minor clarifications.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 11:02:37 +02:00
Manuel Pégourié-Gonnard
7f22f3478d Add check for unsupported partial curves acceleration
Manual test: run test_psa_crypto_config_accel_ecc_non_weierstrass_curves
or test_psa_crypto_config_accel_ecc_weierstrass_curves as they are now,
observe it failing with the expected #error.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:18 +02:00
Manuel Pégourié-Gonnard
842d3552b6 Add check for unsupported partial key type acceleration
Tested manually as follows: in
component_test_psa_crypto_config_accel_ecc_some_key_types, modify
loc_accel_list to remove one of the key types between
helper_libtestdriver1_make_drivers and helper_libtestdriver1_make_main,
and observe that the 2nd build fails with the expected #error.

Note: removing one of the key types before
helper_libtestdriver1_make_drivers causes the build of libtestdriver1 to
fail, which is quite acceptable, just not what we're trying to observe.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:16 +02:00
Manuel Pégourié-Gonnard
822870bd5d Adjust handling of special case for DERIVE
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:15 +02:00
Manuel Pégourié-Gonnard
e662736f4c Rename macros for consistency
It's spelled KEY_TYPE everywhere else.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:14 +02:00
Manuel Pégourié-Gonnard
dfa42b34ab Improve documentation about driver-only p256-m.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 08:53:05 +02:00
Manuel Pégourié-Gonnard
eda7086bdd Auto-enable ACCEL macros for p256-m driver
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 08:53:05 +02:00
Manuel Pégourié-Gonnard
f07ce3b8ff Don't extend support for deprecated functions
Restore guards from the previous release, instead of the new, more
permissive guards.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 08:51:51 +02:00
Gilles Peskine
7f288566c3
Merge pull request #8260 from gilles-peskine-arm/crypto_spe-include-fix
Fix include path to psa/crypto_spe.h
2023-09-27 18:10:16 +00:00
Dave Rodgman
0fc86b2ddf
Merge pull request #8075 from valeriosetti/issue8016
driver-only ECC: curve acceleration macros
2023-09-27 14:39:02 +00:00
Gilles Peskine
7a6836b9f2 Document that MBEDTLS_PSA_CRYPTO_SPM needs crypto_spe.h
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-27 15:48:47 +02:00
Gilles Peskine
3529285308 Fix include path to psa/crypto_spe.h
We can't have a public header or library file reference our test
environment (except possibly under test-only options, and even so, it would
be with great reluctance). This breaks the build for other people.
Fix #8259.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-27 15:45:16 +02:00
Manuel Pégourié-Gonnard
561bce6b16 Add build with some curves accelerated but not all
I chose to divide along the lines of Weierstrass vs other curve shapes
(currently just Montgomery), mainly because it's the first thing that
came to mind.

It happened to reveal an issue in the logic for when (deterministic)
ECDSA and ECJPAKE are built-in, which this commit is also fixing.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-26 11:36:13 +02:00
Yanray Wang
145bb2946e check_config: add check of ASN1_[WRITE/PARSE]_C
This commit adds dependency check when PK_CAN_ECDSA_SIGN or
PK_CAN_ECDSA_VERIFY is enabled but no corresponding ASN1_WRITE_C
or ASN1_PARSE_C is enabled under PSA.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-26 17:15:52 +08:00
Xiaokang Qian
845693c513 Change comments to psa_crypto_driver_wrappers.h
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-09-26 09:09:20 +00:00
Dave Rodgman
6da7872aa2
Merge pull request #1083 from gilles-peskine-arm/development-restricted-merge-20230925
Merge development into development-restricted
2023-09-25 18:16:01 +01:00
Manuel Pégourié-Gonnard
702b645dce Rename new header file
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Manuel Pégourié-Gonnard
8e82654ec4 Be more subtle about key_type -> alg interaction
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Manuel Pégourié-Gonnard
3bc4d26f20 Special-case KEYPAIR_DERIVE (no driver support yet)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Manuel Pégourié-Gonnard
c2b12b17a4 Fix dependencies of built-in ECC keypair types
More key management operations only require ECP_LIGHT, except:
- generate (scalar multiplication)
- export (exporting public from private also needs scalar
multiplication).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Manuel Pégourié-Gonnard
b4b13ccff4 Fix deterministic ECDSA built-in dependencies
They're a superset of the dependencies for randomized ECDSA.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Manuel Pégourié-Gonnard
3ccda15d8f Use consistent ordering for built-in activation
The usual order is:
- MBEDTLS_PSA_BUILTIN_xxx macro
- MBEDTLS_xxx legacy macros

But curves had it the other way round for some reason.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Manuel Pégourié-Gonnard
2d04d78561 Fix logic of ECC built-in activation again
The previous fix was enabling more than needed in some circumstances,
for example:

- requested: (`PSA_WANT`): all ECC algs, all ECC key types, all curves;
- we have acceleration (`MBEDTLS_PSA_ACCEL`) for: ECDH, all ECC key types, all curves;
- as a consequence, we need built-in: all algs except ECDH, all ECC key types, all curves.

This is what's happening in test_psa_crypto_config_accel_ecdh which,
before this commit, was failing as built-in ECDH was enabled contrary to
the component's (rightful) expectations.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Manuel Pégourié-Gonnard
1db44dd68d Remove useless instances of MBEDTLS_SOME_BUILTIN_EC
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Manuel Pégourié-Gonnard
1a0a4d60d9 Implement new strategy for ECC accel/built-in
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Manuel Pégourié-Gonnard
0d99271d14 Group all ECC-related things in legacy_from_psa.h
Just moving things, no change.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Manuel Pégourié-Gonnard
bfc6ef7a5c Improve PSA config adjustment relate to keypair types
Centralize it in a new file psa/config_adjust_keypair_types.h. I think
this file indeed belongs in include/psa (as opposed to include/mbedtls)
because it only touches PSA_WANT symbols (no MBEDTLS_PSA symbols), and
implements things that are described in psa-conditional-inclusion.md.

The code is not new, just moved from config_psa.h and
config_adjust_legacy_from_psa.h where is was intermingled with handling
of ACCEL/BUILTIN symbols. (git's --color-moved option will hardly help
in checking that assertion, due to the way things were intermixed.)

Note: the parts about BUILTIN in config_psa.h were not moved, just
removed for now. They belong to
include/mbedtls/config_adjust_legacy_from_psa.h and will be
re-added there in a future commit which will completely re-organize the
handling or ACCEL/BUILTIN for ECC.

See comments inside the commit about placement of this file relative to
others.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Manuel Pégourié-Gonnard
7af9d07c05 Remove unnecessary block
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-25 17:39:41 +02:00
Valerio Setti
bf206b8f41 adjust_legacy_from_psa: undef SOME_BUILTIN_EC when builtin curves are used
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:41 +02:00
Valerio Setti
19d92108c1 config_psa: resolve symbol redefinition issue
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:41 +02:00
Valerio Setti
ea167c39d0 check_config: remove unnecessary check about builtin curve usage
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:41 +02:00
Valerio Setti
db6b4db7a0 Renaming all MBEDTLS_HAVE for curves to MBEDTLS_ECP_HAVE
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:41 +02:00
Valerio Setti
b2219f633d config_psa: moving PSA_WANT auto-enabling code
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:41 +02:00
Valerio Setti
e6f65a951f config_psa: fix comment
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:41 +02:00
Valerio Setti
67d82e742b build_info: add helpers to signal some support for a specific curve
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:41 +02:00
Valerio Setti
4b75a764c7 check_config: include also ECJPAKE_C as usage for builtin curves
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:40 +02:00
Valerio Setti
dca8492043 check_config: request at least 1 builtin EC alg if there is at least 1 builtin curve
This slightly changes the previous requirement. Instead of enabling
ALL builtin EC algs when there is at least 1 built in curve, we ask
for at least one built alg if there is at least one builtin curve.

This relaxes the previous check while still keeping the base idea:
there must be a reason for which builtin curves are included into
the build.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:40 +02:00
Valerio Setti
29837c7301 config_psa: include builtin algs if there is at least 1 builtin curve
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:40 +02:00
Valerio Setti
9aed893fb0 config_psa: check curves' support before EC ALGs
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:40 +02:00
Valerio Setti
d6b473adcd config_psa: add internal helper to signal that some curve is builtin
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:40 +02:00
Valerio Setti
87076abbfb config_psa: ensure PSA_WANT_ECC is enabled for each MBEDTLS_ECP_DP
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:40 +02:00
Valerio Setti
8ec212098e check_config: fix comment
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:40 +02:00
Valerio Setti
8600de818c check_config: perform checks only when config_psa.h is evaluated
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:40 +02:00
Valerio Setti
3b69e3ed12 check_config: skip check on SECP224K1 because the PSA is never enabled
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:40 +02:00
Valerio Setti
a7a18313a6 check_config: verify that each ECP_DP has the corresponding PSA_WANT_ECC
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-09-25 17:39:40 +02:00
Gilles Peskine
ffe590d197
Merge pull request #1058 from waleed-elmelegy-arm/check-set_padding-is-called
Check set_padding has been called in mbedtls_cipher_finish
2023-09-25 17:12:36 +02:00
Gilles Peskine
ca1e605b9c Merge remote-tracking branch 'upstream-public/development' into development-restricted-merge-20230925
Conflicts:
* `include/mbedtls/build_info.h`: a new fragment to auto-enable
  `MBEDTLS_CIPHER_PADDING_PKCS7` was added in
  c9f4040f7f in `development-restricted`.
  In `development`, this section of the file has moved to
  `include/mbedtls/config_adjust_legacy_crypto.h`.
* `library/bignum.c`: function name change in `development-restricted` vs
  comment change in development. The comment change in `development` is not
  really relevant, so just take the line from `development-restricted`.
2023-09-25 16:16:26 +02:00
Waleed Elmelegy
a86b776f94 Remove invalid comment from mbedtls_cipher_set_padding_mode()
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-22 17:44:58 +01:00
Dave Rodgman
aaebc9be51
Merge pull request #8235 from daverodgman/misc-size 2023-09-21 18:42:37 +01:00
Dave Rodgman
d3450da98d Re-order mbedtls_ccm_context
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 10:34:45 +01:00
Gilles Peskine
67cf66b427 Add a note about the code size benefits
We don't normally make promises related to code size, but this one is vague
enough (just "to benefit"), and it's what a lot of users of this option
care about.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-20 23:19:46 +02:00
Gilles Peskine
3aa79691fc Add a note about p256m near the option to enable secp256r1
Only document it with the PSA configuration, not for
MBEDTLS_ECP_DP_SECP256R1_ENABLED, since p256m can't be used with the classic
API.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-20 20:54:50 +02:00
Gilles Peskine
08b66cd7d7 Move MBEDTLS_PSA_P256M_DRIVER_ENABLED to keep alphabetical order
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-20 20:51:47 +02:00
Gilles Peskine
efaee9a299 Give a production-sounding name to the p256m option
Now that p256-m is officially a production feature and not just an example,
give it a more suitable name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-20 20:49:47 +02:00
Waleed Elmelegy
5e48cad7f0 Fix codestyle issues in pkcs12.h & pkparse.c
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-20 19:29:02 +01:00
Waleed Elmelegy
d527896b7e Switch pkparse to use new mbedtls_pkcs12_pbe_ext function
Switch pkparse to use new mbedtls_pkcs12_pbe_ext function
and deprecate mbedtls_pkcs12_pbe function.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-20 19:29:02 +01:00
Waleed Elmelegy
c9f4040f7f Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function
Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function
and deprecate mbedtls_pkcs5_pbes2 function.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-20 19:28:28 +01:00
Manuel Pégourié-Gonnard
5edb942708
Merge pull request #8041 from mpg/tfm-p256m
Test TF-M config with p256-m driver
2023-09-20 16:09:56 +00:00
Gilles Peskine
eda1b1f744
Merge pull request #7921 from valeriosetti/issue7613
TLS: Clean up ECDSA dependencies
2023-09-20 12:47:55 +00:00
Gilles Peskine
452beb9076
Merge pull request #8203 from gilles-peskine-arm/p256-m-production
Declare p256-m as ready for production
2023-09-20 09:36:05 +00:00
Manuel Pégourié-Gonnard
97bb726e2d Add clarifying comment
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-18 11:28:32 +02:00
Gilles Peskine
67c86e626b
Merge pull request #7961 from gilles-peskine-arm/psa_crypto_config-in-full
Enable MBEDTLS_PSA_CRYPTO_CONFIG in the full config
2023-09-18 08:13:12 +00:00
Manuel Pégourié-Gonnard
4f119b8f21 Remove extra copies of a block of comment/define
Not sure how it happened, but this block was not just duplicated, but
triplicated. Keep only the first copy: the one before the code that uses
the macro being defined.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-18 09:57:04 +02:00
Manuel Pégourié-Gonnard
f7298cd397 Fix some issues in comments
Ranging from typos to outdated comment contradicting the code.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-18 09:55:24 +02:00
jnmeurisse
83f0a65d71
Fix issue #8215 : add missing requires documentation in mbedtls_config.h
Add missing requirements MBEDTLS_SSL_PROTO_TLS1_2 to option MBEDTLS_SSL_RENEGOTIATION documentation.

Signed-off-by: jnmeurisse <88129653+jnmeurisse@users.noreply.github.com>
2023-09-16 18:12:18 +02:00
Gilles Peskine
865730ec67
Merge pull request #8212 from tom-cosgrove-arm/mbedtls_ssl_max_early_data_size-default-value
MBEDTLS_SSL_MAX_EARLY_DATA_SIZE: default value should be commented out in config
2023-09-15 05:51:59 +00:00
Tom Cosgrove
a63775b168 Move MBEDTLS_SSL_MAX_EARLY_DATA_SIZE to the correct section
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-09-14 13:31:19 +01:00
Tom Cosgrove
3b4471ef87 MBEDTLS_SSL_MAX_EARLY_DATA_SIZE: default value should be commented out in config
Numeric options should be commented out with their default values in the config
file, and a separate header file should set the default value if necessary.
This was done for most other options in #8161; do it here for
MBEDTLS_SSL_MAX_EARLY_DATA_SIZE.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-09-14 13:18:50 +01:00
Gilles Peskine
016db89107 Update p256-m to state that it's ready for production
Add some guidance as to whether and how to enable it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-13 14:34:40 +02:00
Gilles Peskine
3cea3efc25
Merge pull request #8025 from AgathiyanB/accept-numericoid-hexstring-x509
Accept numericoid hexstring x509
2023-09-13 08:54:33 +00:00
Gilles Peskine
f22999e99f
Merge pull request #8093 from yuhaoth/pr/add-target-architecture-macros
Add architecture detection macros
2023-09-13 08:53:47 +00:00
Gilles Peskine
2e38a0d603 More spelling corrections
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-12 19:19:31 +02:00
Gilles Peskine
e820c0abc8 Update spelling "mbed TLS" to "Mbed TLS"
The official spelling of the trade mark changed from all-lowercase "mbed"
to normal proper noun capitalization "Mbed" a few years ago. We've been
using the new spelling in new text but still have the old spelling in a
lot of text. This commit updates most occurrences of "mbed TLS":

```
sed -i -e 's/mbed TLS/Mbed TLS/g' $(git ls-files ':!ChangeLog' ':!tests/data_files/**' ':!tests/suites/*.data' ':!programs/x509/*' ':!configs/tfm*')
```

Justification for the omissions:

* `ChangeLog`: historical text.
* `test/data_files/**`, `tests/suites/*.data`, `programs/x509/*`: many
  occurrences are significant names in certificates and such. Changing
  the spelling would invalidate many signatures and tests.
* `configs/tfm*`: this is an imported file. We'll follow the upstream
  updates.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-12 19:18:17 +02:00
Ronald Cron
ad2f351c6b
Merge pull request #8171 from ronald-cron-arm/misc-minor-fixes
One minor fix
2023-09-12 06:00:48 +00:00
Dave Rodgman
7fda906a68
Merge pull request #8161 from gilles-peskine-arm/config-boolean-options-wrong-section-202309
Fix module configuration options in mbedtls_config.h
2023-09-11 15:08:56 +00:00
Yanray Wang
3caaf0c61e Enable CIPHER_ENCRYPT_ONLY when DES is disabled
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-11 10:10:44 +08:00
Waleed Elmelegy
e1cb35b719 Add new mbedtls_pkcs12_pbe_ext function to replace old function
Add new mbedtls_pkcs12_pbe_ext function to replace
old mbedtls_pkcs12_pbe function that have security
issues.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-09-08 16:51:26 +01:00
Gilles Peskine
31d49cd57f
Merge pull request #1053 from waleed-elmelegy-arm/Improve-and-test-mbedtls_pkcs12_pbe
Improve & test legacy mbedtls_pkcs12_pbe
2023-09-08 13:08:05 +02:00
Agathiyan Bragadeesh
d34c4262da Move conditionals to keep doxygen with function
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-09-08 11:09:50 +01:00
Gilles Peskine
86733834bc Modernize documentation of MBEDTLS_PLATFORM_ZEROIZE_ALT
The documentation was not updated when we started detecting memset_s() and
such.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-07 17:29:15 +02:00
Ronald Cron
d3d566f1d8 PSA config: Add comment about HKDF
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-09-07 15:25:53 +02:00
Yanray Wang
56e27b9938 des: don't consider DES for CIPHER_ENCRYPT_ONLY
We only support ECB and CBC modes for DES. Those two modes require
both encrypt and decrypt directions, so we don't consider DES with
CIPHER_ENCRYPT_ONLY.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-07 18:00:35 +08:00
Yanray Wang
9b811658a8 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-09-07 16:18:00 +08:00
Gilles Peskine
58590983c5
Merge pull request #8160 from daverodgman/warn-unreachable
Fix clang warnings about unreachable code
2023-09-06 09:47:03 +00:00
Dave Rodgman
85061b97b5 Improve sanity checking of MBEDTLS_HAVE_INTxx
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-06 08:41:05 +01:00
Gilles Peskine
f9e4caf388 Comment out default definition
This is not required (it's ok to define the default in mbedtls_config and
skip the definition in rsa.h), but comment it out for uniformity with all
the other options in this section.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 21:11:27 +02:00
Gilles Peskine
d65ea42262 Fix some TLS 1.3 settings that were required in mbedtls_config.h
Mbed TLS can be configured by writing a configuration file from scratch,
without copying mbedtls_config.h. As a consequence, all the macro
definitions in mbedtls_config.h must be optional. This was not the case for
some MBEDTLS_SSL_TLS1_3_xxx macros with numerical values related to session
tickets. Fix that.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 21:10:35 +02:00
Gilles Peskine
da69eaa366 TLS 1.3 support is mostly complete
In particular, pre-shared keys are supported.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 20:54:17 +02:00
Gilles Peskine
a8861e086e Fix boolean options in the wrong section
Boolean options that modify the behavior of a module are supposed to be in
the "feature support" section, not in the "configuration options" support:
that section is documented to contain commented-out definitions with a
value, for which the comment contains the default version. In particular,
merely uncommenting a definition in the "configuration options" section is
not supposed to change anything.

Move the offending boolean options to the proper section.

This causes those options to be enabled by `config.py full` unless
explicitly excluded. For all the offending options, this is undesirable, so
make sure those options are indeed excluded.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 20:20:51 +02:00
Waleed Elmelegy
255db80910 Improve & test legacy mbedtls_pkcs12_pbe
* Prevent pkcs12_pbe encryption when PKCS7 padding has been
  disabled since this not part of the specs.
* Allow decryption when PKCS7 padding is disabled for legacy
  reasons, However, invalid padding is not checked.
* Document new behaviour, known limitations and possible
  security concerns.
* Add tests to check these scenarios. Test data has been
  generated by the below code using OpenSSL as a reference:

#include <openssl/pkcs12.h>
#include <openssl/evp.h>
#include <openssl/des.h>
#include <openssl/asn1.h>
#include "crypto/asn1.h"
#include <string.h>

int main()
{
    char pass[] = "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB";
    unsigned char salt[] = "\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC\xCC";
    unsigned char plaintext[] = "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA";
    unsigned char *ciphertext = NULL;
    int iter = 10;
    X509_ALGOR *alg =  X509_ALGOR_new();
    int ciphertext_len = 0;
    int alg_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
    alg->parameter = ASN1_TYPE_new();
    struct asn1_object_st * aobj;
    PKCS5_pbe_set0_algor(alg, alg_nid, iter,
                         salt, sizeof(salt)-1);

    aobj = alg->algorithm;
    printf("\"30%.2X", 2 + aobj->length + alg->parameter->value.asn1_string->length);
    printf("06%.2X", aobj->length);
    for (int i = 0; i < aobj->length; i++) {
        printf("%.2X", aobj->data[i]);
    }

    for (int i = 0; i < alg->parameter->value.asn1_string->length; i++) {
        printf("%.2X", alg->parameter->value.asn1_string->data[i]);
    }
    printf("\":\"");

    for (int i = 0; i < sizeof(pass)-1; i++) {
        printf("%.2X", pass[i] & 0xFF);
    }
    printf("\":\"");
    for (int i = 0; i < sizeof(plaintext)-1; i++) {
        printf("%.2X", plaintext[i]);
    }
    printf("\":");
    printf("0");
    printf(":\"");

    unsigned char * res = PKCS12_pbe_crypt(alg, pass, sizeof(pass)-1, plaintext, sizeof(plaintext)-1, &ciphertext, &ciphertext_len, 1);

    if (res == NULL)
        printf("Encryption failed!\n");
    for (int i = 0; i < ciphertext_len; i++) {
        printf("%.2X", res[i]);
    }
    printf("\"\n");

    return 0;
}

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
#
2023-09-05 15:45:55 +01:00
Gilles Peskine
edc237938a Split build_info.h: create and populate mbedtls/config_adjust_ssl.h
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 12:03:10 +02:00
Gilles Peskine
dc720b0a70 Split build_info.h: create mbedtls/config_adjust_x509.h
There isn't anything to put in this file. Create it anyway for consistency
with crypto and TLS.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 12:03:10 +02:00
Gilles Peskine
9d6a63b4fb Split build_info.h: create and populate mbedtls/config_adjust_legacy_crypto.h
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 12:03:10 +02:00
Gilles Peskine
4fb1542354 Split config_psa.h: create and populate mbedtls/config_adjust_legacy_from_psa.h
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 12:03:08 +02:00
Gilles Peskine
10c6f07963 Split config_psa.h: create and populate mbedtls/config_adjust_psa_from_legacy.h
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 12:02:13 +02:00
Gilles Peskine
eca0178cfa Split config_psa.h: create and populate mbedtls/config_adjust_psa_superset_legacy.h
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 11:57:14 +02:00
Gilles Peskine
5823977981 Split config_psa.h: create and populate psa/crypto_adjust_auto_enabled.h
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 11:57:14 +02:00
Gilles Peskine
7b7d903cac Split config_psa.h: create and populate psa/crypto_adjust_config_synonyms.h
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-05 11:57:14 +02:00
Tom Cosgrove
8bd8a462d2
Merge pull request #8141 from tom-cosgrove-arm/define-psa-macros-to-1
Define all PSA_xxx macros to 1 rather than have them empty, for consistency
2023-09-04 21:27:01 +00:00
Agathiyan Bragadeesh
fca0861e8e Add asn1 get tag and len to x509 create config
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-09-04 15:45:37 +01:00
Agathiyan Bragadeesh
86dc08599b Add asn1 write tag and len to x509 use c config
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-09-04 15:40:41 +01:00
Gilles Peskine
1a7d387072
Merge pull request #1041 from waleed-elmelegy-arm/add-new-pkcs5-pbe2-ext-fun
Add new pkcs5 pbe2 ext fun
2023-09-04 15:33:42 +02:00
Tom Cosgrove
d9572c0270 Move the description of MBEDTLS_TEST_DEFINES_ZEROIZE to before its use
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-09-02 19:22:45 +01:00
Tom Cosgrove
7eced7d1d2 Move zeroize-as-memset into a config file under tests/
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-09-02 19:22:45 +01:00
Tom Cosgrove
42b02a909c Add the ability to verify mbedtls_platform_zeroize() calls with -Wsizeof-pointer-memaccess
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-09-02 19:22:45 +01:00
Yanray Wang
72d7bb4bca check_config.h: add checks for CIPHER_ENCRYPT_ONLY
MBEDTLS_CIPHER_ENCRYPT_ONLY is an internal configuration which is
automatically enabled via the PSA. Typically,
once MBEDTLS_CIPHER_ENCRYPT_ONLY is enabled,
MBEDTLS_PSA_CRYPTO_CONFIG must be enabled. This check is only used
to prevent user explicitly enabling MBEDTLS_CIPHER_ENCRYPT_ONLY.

In addition, we shouldn't enable MBEDTLS_CIPHER_ENCRYPT_ONLY if
either CIPHER_MODE_CBC, CIPHER_MODE_XTS or NIST_KW_C is enabled.
Since three of them always need AES-decrypt.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-01 17:35:58 +08:00
Yanray Wang
9141ad1223 aria/camellia/des: guard setkey_dec by CIPHER_ENCRYPT_ONLY
This is a pre-step to remove *setkey_dec_func in cipher_wrap ctx
when CIPHER_ENCRYPT_ONLY is enabled.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-01 17:06:38 +08:00
Yanray Wang
67208fdba8 PSA: auto-enable CIPHER_ENCRYPT_ONLY if cipher-decrypt is not needed
Some cipher modes use cipher-encrypt to encrypt and decrypt.
(E.g: ECB, CBC). This commit adds support to automatically
enable CIPHER_ENCRYPT_ONLY by PSA when requested cipher modes don't
need cipher_decrypt.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-01 16:40:11 +08:00
Yanray Wang
78ee0c9e4f aes.c: add config option to support cipher_encrypt_only
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-01 16:35:33 +08:00
Tom Cosgrove
c43c3aaf02 Define all PSA_xxx macros to 1 rather than have them empty, for consistency
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-08-31 17:06:58 +01:00
Dave Rodgman
a9a53a05f0 Merge remote-tracking branch 'origin/development' into misc-code-size 2023-08-31 11:53:46 +01:00
Gilles Peskine
03e9dea30b Merge remote-tracking branch 'development' into psa_crypto_config-in-full
Conflicts:
* `include/psa/crypto_sizes.h`: the addition of the `u` suffix in this branch
  conflicts with the rework of the calculation of `PSA_HASH_MAX_SIZE` and
  `PSA_HMAC_MAX_HASH_BLOCK_SIZE` in `development`. Use the new definitions
  from `development`, and add the `u` suffix to the relevant constants.
2023-08-30 18:32:57 +02:00
Agathiyan Bragadeesh
52af0d08b4 Fix unsafe behaviour in MBEDTLS_ASN1_IS_STRING_TAG
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-30 16:24:15 +01:00
Dave Rodgman
730bbee226 Merge remote-tracking branch 'origin/development' into update-restricted-2023-08-30 2023-08-30 11:22:00 +01:00
Dave Rodgman
29bf911058
Merge pull request #7839 from daverodgman/psa-sha3
SHA-3 via PSA
2023-08-30 08:51:36 +00:00
Waleed Elmelegy
79b6e26b1b Improve mbedtls_pkcs5_pbes2_ext function test data
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-08-29 14:55:03 +01:00
Jerry Yu
f65f71eef3 improve various issues
- duplicate definition
- wrong comments
- redundant include statement

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-28 10:58:24 +08:00
Jerry Yu
926221a26e Add target platform detection macros
Now we have arm/x86 32/64 detection

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-23 17:15:34 +08:00
Agathiyan Bragadeesh
af3e548c77 Make MBEDTLS_ASN1_IS_STRING_TAG to take signed int
Since mbedtls_asn1_buf uses a signed int for tags.

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh
bdf20a0d55 Alter MBEDTLS_ASN1_IS_STRING_TAG macro
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-08-22 10:39:56 +01:00
Tom Cosgrove
17d5081ffb
Merge pull request #8099 from gilles-peskine-arm/split-config_psa-prepare
Prepare to split config_psa.h
2023-08-22 07:30:46 +00:00
Gilles Peskine
d50562c33c
Merge pull request #7827 from davidhorstmann-arm/reword-net-free-description-2544
Reword the description of `mbedtls_net_free()`
2023-08-21 22:23:08 +00:00
Gilles Peskine
796bc2b8f9
Merge pull request #7486 from AndrzejKurek/calloc-also-zeroizes
Document mbedtls_calloc zeroization
2023-08-21 15:47:21 +00:00
Gilles Peskine
ea4fc97cd0 Restore a comment and fix it
aca31654e6 removed a sentence with copypasta
refering to PBKDF2 instead of XTS. Restore that comment but fix the
copypasta.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-21 16:16:24 +02:00
Gilles Peskine
7b7ecf5e0d Fix condition to include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
Don't try to include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE when
MBEDTLS_PSA_CRYPTO_CONFIG is disabled. This didn't make sense and was an
editorial mistake when adding it: it's meant as an addition to
MBEDTLS_PSA_CRYPTO_CONFIG_FILE, so it should be included under the same
conditions.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-21 16:09:14 +02:00
Gilles Peskine
a458d48e7f Move the inclusion of the PSA config file(s) into build_info.h
They belong here, next to the inclusion of the mbedtls config file. We only
put them in config_psa.h in Mbed TLS 2.x because there was no build_info.h
we could use.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-21 16:06:12 +02:00
Gilles Peskine
8cd1da4b73 Remove spurious extern "C"
This header only contains preprocessor definitions. They are not affected by
extern "C".

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-21 16:03:41 +02:00
Valerio Setti
568799fe22 ssl_ciphersuites: fix typo
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-21 07:36:54 +02:00
Dave Rodgman
1fdc884ed8
Merge pull request #7384 from yuhaoth/pr/add-aes-accelerator-only-mode
AES: Add accelerator only mode
2023-08-18 20:55:44 +00:00
Gilles Peskine
73936868b8 Merge remote-tracking branch 'development' into psa_crypto_config-in-full
Conflicts:
* tests/scripts/all.sh: component_test_crypto_full_no_cipher was removed
  in the development branch.
2023-08-17 19:46:34 +02:00
Waleed Elmelegy
12dd040374 Improve mbedtls_pkcs5_pbes2_ext function signature comments
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-08-17 15:08:03 +01:00
Waleed Elmelegy
5d3f315478 Add new mbedtls_pkcs5_pbe2_ext function
Add new mbedtls_pkcs5_pbe2_ext function to replace old
function with possible security issues.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-08-17 14:20:58 +01:00
Gilles Peskine
294be94922
Merge pull request #7818 from silabs-Kusumit/PBKDF2_cmac_implementation
PBKDF2 CMAC implementation
2023-08-17 11:15:16 +00:00
Jerry Yu
6c6b9f602c Change document to match real status
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-17 16:53:01 +08:00
Dave Rodgman
f4efd19dd0 Reduce code size in ccm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 22:37:32 +01:00
Dave Rodgman
2aaf888e0b Adjust struct layout for small size win
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 22:37:31 +01:00
Dave Rodgman
864f594acc Adjust layout of some stucts
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-16 18:04:44 +01:00
Gilles Peskine
d370f93898
Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn
OPC UA - add support for RFC822 and DirectoryName SubjectAltNames when generating CSR's
2023-08-16 09:19:46 +00:00
Kusumit Ghoderao
9928ca1875 Code styling
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-08-16 11:48:27 +05:30
Valerio Setti
d1fba7cdf0 pk: return PK_USE_PSA_EC_DATA to pk.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-11 08:33:27 +02:00
Manuel Pégourié-Gonnard
26b7c93d9d
Merge pull request #7992 from valeriosetti/issue7755
driver-only ECC: BN.x509 testing
2023-08-10 19:41:09 +00:00
Manuel Pégourié-Gonnard
54da1a69a2
Merge pull request #7578 from daverodgman/safer-ct5
Improve constant-time interface
2023-08-10 16:57:39 +00:00
Valerio Setti
efe848f430 pk: fix some comments
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 15:48:18 +02:00
Valerio Setti
c6aeb0dc1d check_config: remove unnecessary BIGNUM_C requirements
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 14:50:03 +02:00
Manuel Pégourié-Gonnard
6beec7ca5e
Merge pull request #7989 from valeriosetti/issue7754
driver-only ECC: BN.PK testing
2023-08-10 09:43:56 +00:00
Manuel Pégourié-Gonnard
91c8372c01
Merge pull request #6999 from ivq/ecp_doc
Doc: Add note on special use of A in ecp group structure
2023-08-10 08:24:05 +00:00
Jerry Yu
13696bb07b improve check config option for i386
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-10 13:36:32 +08:00
Valerio Setti
0f6d565d26 pk: return PK_USE_PSA_EC_DATA to pk.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 07:05:47 +02:00