mbedtls

Author	SHA1	Message	Date
Ronald Cron	d29e13eb1b	tls: Use the same function in TLS 1.2 and 1.3 to check PSK conf Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	2a87e9bf83	tls: Align set and usage check for PSK Check that the identity length is not zero in ssl_conf_set_psk_identity() as it is done in mbedtls_ssl_conf_has_static_psk(). Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	fa1e04a7c4	tls13: keys: Fix PSK build only case When deriving the handshake stage master secret, in the case of a PSK only build, the only possible key exchange mode is PSK and there is no ephemeral key exchange shared secret in that case. Thus do not error out in that case in the first phae of the derivation dedicated to the shared secret. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	9a6a49c7cb	tls13: keys: Fail if the group type is not ECDHE or DHE Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	b15d4d8966	tls13: keys: Fix error code Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	3b056202d3	tls13: keys: Do not use `handshake->premaster` `handshake->premaster` was used to store the (EC)DHE shared secret but in TLS 1.3 there is no need to store it in a context. Futhermore, `handshake->premaster` and more specifically its sizing is TLS 1.2 specific thus better to not use it in TLS 1.3. Allocate a buffer to store the shared secret instead. Allocation instead of a stack buffer as the maintenance of the size of such buffer is harder (new elliptic curve for ECDHE, support for FFDHE ... ). Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	4c7edb2b9b	tls13: keys: Fix indentation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	831fee68c3	tls13: keys: Avoid input buffer copy In mbedtls_ssl_tls13_evolve_secret() avoid to copy the input buffer into a local buffer as the copy is avoidable. This also fixes a potential overflow as the size of the local buffer was not checked when copying into it. With the current calls to mbedtls_ssl_tls13_evolve_secret() no buffer overflow was expected to happen though. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Manuel Pégourié-Gonnard	45c6792faf	Merge pull request #6385 from AndrzejKurek/depends-py-reloaded Unified tests/scripts/depends.py - reloaded	2022-10-21 10:17:58 +02:00
Gilles Peskine	4281ae0bd2	Merge pull request #6373 from gilles-peskine-arm/bignum-core-conventions Spell out bignum core conventions	2022-10-19 15:53:33 +02:00
Gilles Peskine	db2996357c	Merge pull request #6289 from gabor-mezei-arm/6237_Add_conditional_assign_and_swap_for_bignum Bignum: Add safe conditional assign and swap for the new MPI types	2022-10-19 15:51:19 +02:00
Andrzej Kurek	9387b7b34e	Add a temporary solution to create a seedfile This caused problems if a config with SHA512 was compiled after a config without it and the seedfile did not contain enough data. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	c610e7402e	Formatting & unnecessary (void) fixes Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	ecb630925f	Fix constant name in ssl_tls13_keys Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	e5a5cc1944	Remove the dependency of tls1_3 key evolution tests on curve25519 Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	eabeb30c65	Fix SHA512 vs SHA384 dependencies When building SHA512 without SHA384, there are some code paths that resulted in unused variables or usage of undefined code. This commit fixes that. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:09 -04:00
Andrzej Kurek	c19fb08dd3	Add missing ECDH dependency in tls 1.3 client Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	68327748d3	Add missing dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	46a987367c	Formatting fix Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	084334c8f2	Compile constant time masking and hmac if there are suites using MAC This is used in TLS 1.2 authentication with NULL cipher, when there are no TLS_CBC suites. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	2d59dbc032	Use TLS prf only if TLS 1.2 is compiled in Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	894edde991	Add tls prf handling when there's no SHA256 or SHA384 Return a null prf function pointer and check for it when populating transform. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Andrzej Kurek	252283f2aa	Fix missing cipher mode dependencies Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-10-19 08:35:08 -04:00
Gilles Peskine	8874cd570e	Merge pull request #4826 from RcColes/development Add LMS implementation	2022-10-14 18:33:01 +02:00
Gilles Peskine	dcd1717f5f	Forbid aliasing outputs Aliasing between two outputs is hardly ever useful. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-14 17:15:21 +02:00
Gabor Mezei	4086de667d	Fix documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-10-14 16:29:42 +02:00
Manuel Pégourié-Gonnard	b3c30907d6	Merge pull request #6383 from mprse/aead_driver_test Enable testing of AEAD drivers with libtestdriver1	2022-10-14 11:11:01 +02:00
Raef Coles	1951259a10	Update how lms.c imports platform.h Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 16:47:13 +01:00
Ronald Cron	49e4184812	Merge pull request #6299 from xkqian/tls13_add_servername_check Add server name check when proposing pre-share key	2022-10-13 16:00:59 +02:00
Raef Coles	cbd02adc6e	Simplify LMS context freeing Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:32 +01:00
Raef Coles	45c4ff93c9	Fix windows requiring explicit cast in LMS calloc Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:14 +01:00
Raef Coles	142e577c34	Add extra zeroization to LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:03 +01:00
Raef Coles	9fc303a99a	Add extra LMOTS import negative tests And fix failures that are related to the new tests Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:01 +01:00
Raef Coles	4829459c90	Validate LMOTS sig length before parsing type Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:47 +01:00
Raef Coles	285d44b180	Capitalize "Merkle" in LMS and LMOTS code As it is a proper noun Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:43 +01:00
Raef Coles	faf59babe8	Make LMS verification return VERIFY_FAILED more To align with PSA error code rules on when VERIFY_FAILED is returned vs INVALID_ARGUMENT Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:42 +01:00
Raef Coles	fbd60ec775	Change LMS and LMOTS init functions to use memset Instead of zeroize Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:40 +01:00
Raef Coles	9b0daf60fb	Improve LMS private function warning Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:38 +01:00
Raef Coles	f6cb5a4826	Fix LMS return statements having incorrect style Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:35 +01:00
Raef Coles	75b4c7790e	Fix LMS internal function documentation Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:34 +01:00
Raef Coles	d48f7e90bb	Allocate LMS C_RANDOM_VALUE as hash size Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:32 +01:00
Raef Coles	1fb2f32ef5	Check LMS offsets are sane at runtime Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:31 +01:00
Raef Coles	e34e3c0e59	Remove unneeded cast in LMS calloc Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:30 +01:00
Raef Coles	370cc43630	Make LMS public key export part of public key api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:28 +01:00
Raef Coles	e89488debf	Fix bug in LMS public key loading To avoid using the type before it is parsed from the signature Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:27 +01:00
Raef Coles	3f6cdd7aab	Fix LMS not checking RNG function return value Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:24 +01:00
Raef Coles	02cf8234b4	Fix ots sig length check in LMS validate function Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:22 +01:00
Raef Coles	f36874a535	Fix error type of lms_import_public_key Was returning an incorrect error when bad public key sizes were input Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:21 +01:00
Raef Coles	dc8fb79e09	Simplify LMS private key generation error handling Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:20 +01:00
Raef Coles	be3bdd8240	Rename LMS and LMOTS init/free functions To match convention Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:18 +01:00

1 2 3 4 5 ...

9611 commits