mbedtls

Author	SHA1	Message	Date
Jerry Yu	2eaa76044b	Add extension check for Certificate Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	c55a6af9eb	Add extensions check for CertificateRequest Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	cbd082f396	Add extension check for EncryptedExtensions Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	e18dc7eb9a	Add forbidden extensions check for ClientHello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	471dee5a12	Add debug helpers to track extensions Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	def7ae4404	Add auth mode check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-30 17:57:06 +08:00
Glenn Strauss	7db3124c00	Skip asn1 zeroize if freeing shallow pointers This skips zeroizing additional pointers to data. (Note: actual sensitive data should still be zeroized when freed.) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-10-28 12:51:35 -04:00
Glenn Strauss	a4b4041219	Shared code to free x509 structs Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-10-28 12:51:35 -04:00
Ronald Cron	04e2133f45	Merge pull request #6482 from ronald-cron-arm/tls13-misc TLS 1.3: Update documentation for the coming release and misc	2022-10-28 11:09:03 +02:00
Gilles Peskine	75c4eaf1f8	Merge pull request #5841 from aurel32/ecp_mul_mxz-timing-leak Fix a timing leak in ecp_mul_mxz()	2022-10-27 19:46:48 +02:00
Minos Galanakis	4d4c98b1b9	bignum_mod: `mbedtls_mpi_mod_modulus_setup()` refactoring. This patch addresses more review comments, and fixes a circular depedency in the `mbedtls_mpi_mod_modulus_setup()`. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-27 17:47:26 +01:00
Minos Galanakis	771c47055f	bignum_mod: Style changes This patch addresses review comments with regards to style of `mbedtls_mpi_mod_modulus_setup/free()`. It also removes a test check which was triggering a use-after-free. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-27 12:36:24 +01:00
Minos Galanakis	8b33363315	bignum_mod: Updated modulus lifecycle with mm and rr. This patch updates the `mbedtls_mpi_mod_modulus_setup/free()` methods to precalculate mm and rr(Montgomery const squared) during setup and zeroize it during free. A static `set_mont_const_square()` is added to manage the memory allocation and parameter checking before invoking the `mbedtls_mpi_core_get_mont_r2_unsafe()` Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-27 11:43:54 +01:00
Minos Galanakis	760f5d6b6b	bignum_mod: Updated mbedtls_mpi_mod_modulus_setup/free with new fields At the current state, those fields are initialised to 0, NULL. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-27 11:43:54 +01:00
Hanno Becker	cd860dfe02	bignum_mod: Added Montgomery constants This patch adds the Montgomery constants to the `mbedtls_mpi_mont_struct`. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-27 11:43:54 +01:00
Gilles Peskine	9603daddaa	Merge pull request #6230 from tom-cosgrove-arm/issue-6223-core-add Bignum: extract core_add from the prototype	2022-10-27 11:25:27 +02:00
Ronald Cron	77e15e8a2c	Merge pull request #6460 from xkqian/tls13_add_early_data_preparatory Internal and Open CI merge job ran successfully. Good to go.	2022-10-27 10:40:56 +02:00
Gilles Peskine	88f5fd9099	Merge pull request #6479 from AndrzejKurek/depends-py-no-psa Enable running depends.py in a configuration without MBEDTLS_USE_PSA_CRYPTO and remove perl dependency scripts	2022-10-26 20:02:57 +02:00
Gilles Peskine	d4d080b41b	Merge pull request #6407 from minosgalanakis/minos/6017_add_montgomery_constant_squared Bignum: Added pre-calculation of Montgomery constants	2022-10-26 14:28:16 +02:00
Ronald Cron	4f7feca0dc	Merge pull request #6391 from davidhorstmann-arm/fix-x509-get-name-cleanup The Open CI ran successfully thus I think we can ignore the internal CI.	2022-10-26 14:27:54 +02:00
Xiaokang Qian	72dbfef6e4	Improve coding styles Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-26 06:33:57 +00:00
Ronald Cron	eac00ad2a6	tls13: server: Note down client not being authenticated in SSL context Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-25 20:02:03 +02:00
Gilles Peskine	744fd37d23	Merge pull request #6467 from davidhorstmann-arm/fix-unusual-macros-0 Fix unusual macros	2022-10-25 19:55:29 +02:00
Ronald Cron	a709a0f2c6	tls13: Declare PSK ephemeral key exchange mode first In the PSK exchange modes extension declare first PSK ephemeral if we support both PSK ephemeral and PSK. This is aligned with our implementation giving precedence to PSK ephemeral over pure PSK and improve compatibility with GnuTLS. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-25 19:05:26 +02:00
Tom Cosgrove	6469fdfb0a	Fix whitespace issue spotted in review Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-10-25 16:29:58 +01:00
Tom Cosgrove	82f131063a	Update documentation following review comment Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-10-25 16:29:58 +01:00
Tom Cosgrove	af7d44b4d2	Tidy up, remove MPI_CORE(), apply the naming convention, and use the new mbedtls_mpi_core_add() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-10-25 16:29:58 +01:00
Hanno Becker	c98871339d	Extract MPI_CORE(add) from the prototype Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-10-25 16:29:58 +01:00
Minos Galanakis	a081c51cd3	Renamed mpi_core_get_mont_R2_unsafe_neg -> mpi_core_get_mont_r2_unsafe_neg Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:38 +01:00
Minos Galanakis	51d638baf6	bignum_core: Style update 'mbedtls_mpi_core_get_mont_R2_unsafe' aligns const keyword to match the style of the rest of the module. Documentation is also updated to remove `MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED`. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:38 +01:00
Minos Galanakis	ae4fb671b4	mbedtls_mpi_core_get_mont_R2_unsafe: Removed NULL input checking Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:38 +01:00
Minos Galanakis	b85506e250	bignum_core.h: Comment update for mbedtls_mpi_core_get_mont_R2_unsafe Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:23 +01:00
Minos Galanakis	4f43f61c6a	Renamed mbedtls_mpi_get_montgomery_constant_unsafe to mpi_core_get_mont_R2_unsafe Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:12:23 +01:00
Hanno Becker	ec440f2397	bignum_mod_raw: Ported mbedtls_mpi_get_montgomery_constant_unsafe from prototype Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2022-10-25 15:08:08 +01:00
David Horstmann	3a334c2edc	Minor improvements to ssl_tls12_server.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-25 10:53:44 +01:00
David Horstmann	7aee0ec0ba	Minor improvements in ssl_client.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-25 10:38:25 +01:00
David Horstmann	6e11687ba5	Minor improvements to ecp.c changes Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-25 10:32:08 +01:00
David Horstmann	9b0eb90131	Rename ARIA_SELF_TEST_IF_FAIL Change to ARIA_SELF_TEST_ASSERT Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-25 10:23:34 +01:00
David Horstmann	059848ff23	Minor changes to asn1write.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-25 10:16:45 +01:00
Gilles Peskine	e5a715e8c0	Merge pull request #6449 from gilles-peskine-arm/bignum-core-shift_r Bignum core: shift_r	2022-10-25 10:40:39 +02:00
Xiaokang Qian	72de95dcf5	Move function mbedtls_ssl_tls13_conf_early_data to ssl_tls.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 05:34:25 +00:00
Xiaokang Qian	600804b0e7	Remove useless early data related macros for the time being Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 03:00:18 +00:00
Xiaokang Qian	54413b10c2	Add early data support preparatory work Add MBEDTLS_SSL_EARLY_DATA configuration option Define early_data_enabled field in mbedtls_ssl_config Add function mbedtls_ssl_conf_early_data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 03:00:18 +00:00
Andrzej Kurek	409248a73a	mbedtls_ssl_get_handshake_transcript is unusable without hashes Mark unused variables when compiling without SHA256 and SHA384. In future a proper dependency will be added to TLS 1.2 to enforce either of these hashes to be on. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-24 15:56:10 -04:00
Andrzej Kurek	57d1063db9	Fix tls_prf generic dependencies One version was already surrounded by the USE_PSA define, so the VIA_XX_OR_XX macros were removed; Second version is when USE_PSA is undefined, so MBEDTLS_ macros can be used. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-24 15:56:10 -04:00
Andrzej Kurek	468c50656e	Fix key exchange dependencies for ssl_parse_server_ecdh_params Resulting from particular configs in which this code is used. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-24 15:55:18 -04:00
Ronald Cron	083da8eb53	tls13: client: Improve coding style Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	a2900bcd1e	tls13: keys: Simplify code guard Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	766c0cdb1f	tls13: Add missing kex guards Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	82be0d4b4d	tls13: Do not use MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	de08cf3543	tls13: Do not use MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED instead. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	73fe8df922	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED to guard TLS code (both 1.2 and 1.3) specific to handshakes involving PSKs. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	e68ab4f55e	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to guard TLS code (both TLS 1.2 and 1.3) specific to handshakes involving certificates. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	41a443a68d	tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK.*ENABLED Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED instead of MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED to guard code specific to one of the TLS 1.3 key exchange mode with PSK. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	928cbd34e7	tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard code specific to the TLS 1.3 ephemeral key exchange mode. Use it also for the dependencies of TLS 1.3 only tests relying on ephemeral key exchange mode, but for tests in tls13-kex-modes.sh where the change is done later using all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Gilles Peskine	abc6fbb8d7	Fix brief description Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-21 18:36:31 +02:00
Ronald Cron	d29e13eb1b	tls: Use the same function in TLS 1.2 and 1.3 to check PSK conf Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	2a87e9bf83	tls: Align set and usage check for PSK Check that the identity length is not zero in ssl_conf_set_psk_identity() as it is done in mbedtls_ssl_conf_has_static_psk(). Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	fa1e04a7c4	tls13: keys: Fix PSK build only case When deriving the handshake stage master secret, in the case of a PSK only build, the only possible key exchange mode is PSK and there is no ephemeral key exchange shared secret in that case. Thus do not error out in that case in the first phae of the derivation dedicated to the shared secret. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	9a6a49c7cb	tls13: keys: Fail if the group type is not ECDHE or DHE Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	b15d4d8966	tls13: keys: Fix error code Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	3b056202d3	tls13: keys: Do not use `handshake->premaster` `handshake->premaster` was used to store the (EC)DHE shared secret but in TLS 1.3 there is no need to store it in a context. Futhermore, `handshake->premaster` and more specifically its sizing is TLS 1.2 specific thus better to not use it in TLS 1.3. Allocate a buffer to store the shared secret instead. Allocation instead of a stack buffer as the maintenance of the size of such buffer is harder (new elliptic curve for ECDHE, support for FFDHE ... ). Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	4c7edb2b9b	tls13: keys: Fix indentation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	831fee68c3	tls13: keys: Avoid input buffer copy In mbedtls_ssl_tls13_evolve_secret() avoid to copy the input buffer into a local buffer as the copy is avoidable. This also fixes a potential overflow as the size of the local buffer was not checked when copying into it. With the current calls to mbedtls_ssl_tls13_evolve_secret() no buffer overflow was expected to happen though. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Manuel Pégourié-Gonnard	45c6792faf	Merge pull request #6385 from AndrzejKurek/depends-py-reloaded Unified tests/scripts/depends.py - reloaded	2022-10-21 10:17:58 +02:00
Gilles Peskine	c279b2fa4a	Move mbedtls_mpi_core_shift_r to the proper source file Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-20 11:40:15 +02:00
Gilles Peskine	6641420951	Bignum core: Break shift_r function out of the classic shift_r This commit contains the function prototype for mbedtls_mpi_core_shift_r, and the implementation minimally modified from mbedtls_mpi_shift_r. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-20 11:40:15 +02:00
Gilles Peskine	4281ae0bd2	Merge pull request #6373 from gilles-peskine-arm/bignum-core-conventions Spell out bignum core conventions	2022-10-19 15:53:33 +02:00
Gilles Peskine	db2996357c	Merge pull request #6289 from gabor-mezei-arm/6237_Add_conditional_assign_and_swap_for_bignum Bignum: Add safe conditional assign and swap for the new MPI types	2022-10-19 15:51:19 +02:00
Andrzej Kurek	9387b7b34e	Add a temporary solution to create a seedfile This caused problems if a config with SHA512 was compiled after a config without it and the seedfile did not contain enough data. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	c610e7402e	Formatting & unnecessary (void) fixes Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	ecb630925f	Fix constant name in ssl_tls13_keys Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	e5a5cc1944	Remove the dependency of tls1_3 key evolution tests on curve25519 Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	eabeb30c65	Fix SHA512 vs SHA384 dependencies When building SHA512 without SHA384, there are some code paths that resulted in unused variables or usage of undefined code. This commit fixes that. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	c19fb08dd3	Add missing ECDH dependency in tls 1.3 client Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	68327748d3	Add missing dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	46a987367c	Formatting fix Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	084334c8f2	Compile constant time masking and hmac if there are suites using MAC This is used in TLS 1.2 authentication with NULL cipher, when there are no TLS_CBC suites. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	2d59dbc032	Use TLS prf only if TLS 1.2 is compiled in Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	894edde991	Add tls prf handling when there's no SHA256 or SHA384 Return a null prf function pointer and check for it when populating transform. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	252283f2aa	Fix missing cipher mode dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
David Horstmann	078250eb56	Fix incorrect return style Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-18 18:11:13 +01:00
David Horstmann	178ec96c89	Remove unnecessary NULL assignments Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-18 18:09:30 +01:00
David Horstmann	11307a1933	Clarify wording on allocation Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-17 18:10:23 +01:00
Gilles Peskine	8874cd570e	Merge pull request #4826 from RcColes/development Add LMS implementation	2022-10-14 18:33:01 +02:00
Gilles Peskine	dcd1717f5f	Forbid aliasing outputs Aliasing between two outputs is hardly ever useful. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-14 17:15:21 +02:00
Gabor Mezei	4086de667d	Fix documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-14 16:29:42 +02:00
Manuel Pégourié-Gonnard	b3c30907d6	Merge pull request #6383 from mprse/aead_driver_test Enable testing of AEAD drivers with libtestdriver1	2022-10-14 11:11:01 +02:00
Raef Coles	1951259a10	Update how lms.c imports platform.h Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 16:47:13 +01:00
Ronald Cron	49e4184812	Merge pull request #6299 from xkqian/tls13_add_servername_check Add server name check when proposing pre-share key	2022-10-13 16:00:59 +02:00
Raef Coles	cbd02adc6e	Simplify LMS context freeing Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:32 +01:00
Raef Coles	45c4ff93c9	Fix windows requiring explicit cast in LMS calloc Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:14 +01:00
Raef Coles	142e577c34	Add extra zeroization to LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:03 +01:00
Raef Coles	9fc303a99a	Add extra LMOTS import negative tests And fix failures that are related to the new tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:01 +01:00
Raef Coles	4829459c90	Validate LMOTS sig length before parsing type Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:47 +01:00
Raef Coles	285d44b180	Capitalize "Merkle" in LMS and LMOTS code As it is a proper noun Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:43 +01:00
Raef Coles	faf59babe8	Make LMS verification return VERIFY_FAILED more To align with PSA error code rules on when VERIFY_FAILED is returned vs INVALID_ARGUMENT Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:42 +01:00
Raef Coles	fbd60ec775	Change LMS and LMOTS init functions to use memset Instead of zeroize Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:40 +01:00
Raef Coles	9b0daf60fb	Improve LMS private function warning Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:38 +01:00
Raef Coles	f6cb5a4826	Fix LMS return statements having incorrect style Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:35 +01:00
Raef Coles	75b4c7790e	Fix LMS internal function documentation Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:34 +01:00
Raef Coles	d48f7e90bb	Allocate LMS C_RANDOM_VALUE as hash size Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:32 +01:00
Raef Coles	1fb2f32ef5	Check LMS offsets are sane at runtime Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:31 +01:00
Raef Coles	e34e3c0e59	Remove unneeded cast in LMS calloc Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:30 +01:00
Raef Coles	370cc43630	Make LMS public key export part of public key api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:28 +01:00
Raef Coles	e89488debf	Fix bug in LMS public key loading To avoid using the type before it is parsed from the signature Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:27 +01:00
Raef Coles	3f6cdd7aab	Fix LMS not checking RNG function return value Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:24 +01:00
Raef Coles	02cf8234b4	Fix ots sig length check in LMS validate function Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:22 +01:00
Raef Coles	f36874a535	Fix error type of lms_import_public_key Was returning an incorrect error when bad public key sizes were input Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:21 +01:00
Raef Coles	dc8fb79e09	Simplify LMS private key generation error handling Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:20 +01:00
Raef Coles	be3bdd8240	Rename LMS and LMOTS init/free functions To match convention Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:18 +01:00
Raef Coles	29117d2e4e	Update LMS PSA error conversion Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:17 +01:00
Raef Coles	be0c2f9183	Update LMS local variable allocation To use a default failure value, and to avoid a call to psa_hash_operation_init() Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:15 +01:00
Raef Coles	2ac352a322	Make LMS functions args const where required Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:14 +01:00
Raef Coles	5127e859d7	Update LMS and LMOTS dependency macros Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:11 +01:00
Raef Coles	56fe20a473	Move MBEDTLS_PRIVATE required defines into lms.h From lmots.h, as it is a private header Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:10 +01:00
Raef Coles	ab300f15e8	Move public header content from lmots.h to lms.h Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:08 +01:00
Raef Coles	0b7da1b787	Fix overflow in LMS context init Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:03 +01:00
Raef Coles	57d5328ad5	Remove MBEDTLS_LM(OT)S prefix from internal macros Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:00 +01:00
Raef Coles	ad05425ab7	Update naming of internal LMS functions To comply with the mbedtls_ requirement Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:59 +01:00
Raef Coles	40158e11fc	Add LMOTS test hook to header Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:58 +01:00
Raef Coles	3982040232	Fix LMS zeroization using wrong sizeof type Causing a buffer write out of bounds Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:55 +01:00
Raef Coles	98d6e22050	Remove doxygen markup from internal LMS functions Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:54 +01:00
Raef Coles	40f184c83e	Cast LMS allocation sizes to size_t To prevent implict casting errors on 64-bit platforms Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:52 +01:00
Raef Coles	1310ecb389	Update LMOTS function documentation To avoid CI failure Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:51 +01:00
Raef Coles	9c9027b1a4	Add extra LMS and LMOTS tests NULL-message and LMOTS signature leak tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:50 +01:00
Raef Coles	fa24f9d6ea	Minor fixes to LMS and LMOTS macros Update some names, use the correct macro in certain places. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:48 +01:00
Raef Coles	0a967ccf9a	Document LMS and LMOTS internal functions Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:47 +01:00
Raef Coles	8738a49d0c	Fix iterator types in LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:45 +01:00
Raef Coles	e0a17610d1	Fix LMS/LMOTS if-statement style Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:41 +01:00
Raef Coles	9b88ee5d5d	Fix LMS and LMOTS coding style violations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:40 +01:00
Raef Coles	366d67d9af	Shorted LMS and LMOTS line-lengths To attempt to comply with the 80-char suggestion Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:38 +01:00
Raef Coles	e9479a0264	Update LMS API to support multiple parameter sets Parameterise macros to allow variation of sizes Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:36 +01:00
Raef Coles	ab4f87413a	Add MBEDTLS_LMS_PRIVATE define To enable private key operations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:35 +01:00
Raef Coles	ebd35b5b80	Rename LMS internal tree-manipulation functions Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:31 +01:00
Raef Coles	891c613f31	Update LMOTS signature use of temporary variables Document them properly, and move random value to a temporary variable Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:29 +01:00
Raef Coles	0c88d4e447	Remove superfluous casts in LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:28 +01:00
Raef Coles	f5632d3efc	Remove MBEDTLS_PRIVATE usage from LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:27 +01:00
Raef Coles	01c71a17b3	Update LMS and LMOTS api Fix function names and parameters. Move macros to be more private. Update implementation. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:25 +01:00
Raef Coles	c8f9604d7b	Use PSA hashing for LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:23 +01:00
Raef Coles	7dce69a27a	Make LMOTS a private api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:22 +01:00
Raef Coles	8ff6df538c	Add LMS implementation Also an LM-OTS implementation as one is required for LMS. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:15 +01:00
Manuel Pégourié-Gonnard	02f82bbfa9	Fix MSVC warning Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-13 13:32:02 +02:00
Manuel Pégourié-Gonnard	f155ab9a91	Abort on errors when we should We're not strictly required to abort, but at least to leave the context is an invalid state. For "late" functions like input() and output(), calling abort() is the easiest way to do that. Do it systematically for input() and output() by using a wrapper. psa_pake_get_implicit_key() was already doing it. For "early" function, we can just leave the operation in its current state which is already invalid. Restore previous tests about that. Not adding systematic tests, though, just test the two functions that are the most important, and more likely to return errors. Since we now abort in more cases, we need to make sure we don't invalidate the operation that's going to be re-used later in the test. For that reason, use a copy of the operation for calls to input() and output() that are expected to return errors. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-13 13:20:31 +02:00
Gilles Peskine	0fe6631486	Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 Include platform.h unconditionally	2022-10-13 10:19:22 +02:00
Xiaokang Qian	28af501cae	Fix the ticket_lifetime equal to 0 issue Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-13 08:18:19 +00:00
Xiaokang Qian	126bf8e4d7	Address some comments Delete reference immediately after shallow copy Fix format issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-13 02:57:15 +00:00
Xiaokang Qian	997669aeeb	Fix heap use-after-free corruption issue Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 14:30:27 +00:00
Xiaokang Qian	307a7303fd	Rebase and replace session_negotiate Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:14:32 +00:00
Xiaokang Qian	baa4764d77	Fix typo issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00

1 2 3 4 5 ...

9799 commits