mbedtls

Author	SHA1	Message	Date
Janos Follath	ba5c139e4c	Add more validation to modulus life cycle Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-08-05 17:03:56 +01:00
Janos Follath	281ccda8a5	Clean up mpi_mod_init/free Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-08-05 17:03:56 +01:00
Janos Follath	5005edb36c	Fix typos Signed-off-by: Janos Follath <janos.follath@arm.com>	2022-08-05 17:03:56 +01:00
Gabor Mezei	c5328cf9a6	Add a set of I/O functions for the modulus structure Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-08-05 17:03:56 +01:00
Gabor Mezei	b903070cec	Add a set of I/O functions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-08-05 17:03:56 +01:00
Gabor Mezei	0c655572dc	Build the new bignum_new.c file Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-08-05 17:03:56 +01:00
Gabor Mezei	f049dbfe94	Add the new modulus and the residue structures Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-08-05 17:03:56 +01:00
Gilles Peskine	b3edc1576c	Merge pull request #2602 from edsiper/crt-symlink x509_crt: handle properly broken links when looking for certificates	2022-08-03 13:05:29 +02:00
Gilles Peskine	07e7fe516b	Merge pull request #6088 from tuvshinzayaArm/validation_remove_change_curve Validation remove and change in files related to curve in library	2022-08-03 13:05:16 +02:00
Gilles Peskine	7e1ee0f04b	Merge pull request #6114 from mman/development Use double quotes to include private header file psa_crypto_cipher.h	2022-08-03 13:04:57 +02:00
Martin Man	4741e0b56c	Use double quotes to include private header file psa_crypto_cipher.h Signed-off-by: Martin Man <mman@martinman.net> Co-authored-by: Tom Cosgrove <81633263+tom-cosgrove-arm@users.noreply.github.com>	2022-08-02 12:44:35 +02:00
Aditya Patwardhan	3096f331ee	Fix missing prototype warning when `MBEDTLS_DEPRECATED_REMOVED` is enabled Added the changelog.d entry Signed-off-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>	2022-08-02 11:15:18 +05:30
Dave Rodgman	919ff15ecf	Merge pull request #4686 from Kazuyuki-Kimura/patch_#2020 Fixed a bug that the little-endian Microblaze does not work when MBEDTLS_HAVE_ASM is defined	2022-07-29 17:08:11 +01:00
Dave Rodgman	27036c9e28	Merge pull request #6142 from tom-cosgrove-arm/fix-comments-in-docs-and-comments Fix a/an typos in doxygen and other comments	2022-07-29 12:59:05 +01:00
Jerry Yu	c3bf748dc7	fix vertical alignment Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-29 10:27:17 +08:00
Jerry Yu	09a99fcf8a	Add rsa_pss_rsae_* sig algos for tls12 default Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-28 23:08:00 +08:00
Jerry Yu	379b1ff3a5	remove useless comment Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-28 23:08:00 +08:00
Jerry Yu	95b743ca17	Rename get_pk_type_and_md_alg The function is for both tls12 and tls13 now. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-28 23:08:00 +08:00
Jerry Yu	693a47ab1d	add rsa_pss_rsae_* support in tls12 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-28 23:08:00 +08:00
Tuvshinzaya Erdenekhuu	86669de348	Broke 2 long lines Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-07-28 10:31:16 +01:00
Dave Rodgman	aba26d0099	Merge pull request #5963 from tom-daubney-arm/remove_ssl_compression_new Remove use of SSL session compression	2022-07-28 10:28:23 +01:00
Manuel Pégourié-Gonnard	f6b8c3297a	Merge pull request #6065 from mpg/explore2 Driver-only hashes: RSA 1.5 and PK + strategy doc	2022-07-28 10:43:38 +02:00
Tom Cosgrove	ce7f18c00b	Fix a/an typos in doxygen and other comments Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-07-28 05:50:56 +01:00
Manuel Pégourié-Gonnard	68429fc44d	Fix a few more typos Update link while at it. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-27 20:44:02 +02:00
Tuvshinzaya Erdenekhuu	22f3654324	Remove NULL pointer validation in ecp.c Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-07-27 15:21:48 +01:00
Tuvshinzaya Erdenekhuu	a891f83803	Re-introduce ENUM validation in ecjpake.c Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-07-27 15:20:08 +01:00
Tuvshinzaya Erdenekhuu	2b1ecdaf4e	Remove NULL pointer validation in ecjpake.c Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-07-27 15:20:08 +01:00
Tuvshinzaya Erdenekhuu	f69cac784a	Reintroduce enum validation ecdh.c Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-07-27 14:43:38 +01:00
Tuvshinzaya Erdenekhuu	7857caadcd	Remove NULL pointer validation in ecdh.c Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-07-27 14:40:47 +01:00
Tuvshinzaya Erdenekhuu	375950f119	Remove NULL pointer validations in ecdsa.c Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>	2022-07-27 14:28:20 +01:00
Thomas Daubney	31e03a8e15	Replace hard-coded zeroes for constant Replace two occurances of hard-coded zero for MBEDTLS_SSL_COMPRESS_NULL in TLS 1.3 code. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2022-07-26 16:13:23 +01:00
Thomas Daubney	54e38ea9cd	Remove remaining references to compression in docs Some references to compression exist in the docs. This commit removes those instances. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2022-07-26 16:13:23 +01:00
Thomas Daubney	20f89a9605	Remove uses of SSL compression Remove or modify current uses of session compression. Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>	2022-07-26 16:13:03 +01:00
Manuel Pégourié-Gonnard	de9ffe37ab	Fix typos in hash_info.[ch] Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-26 10:20:52 +02:00
Ronald Cron	e579ece305	Merge pull request #6087 from yuhaoth/pr/add-tls13-serialize_session_save_load TLS 1.3: Add serialize session save load I can see that https://github.com/Mbed-TLS/mbedtls/pull/6087#discussion_r927935696 and https://github.com/Mbed-TLS/mbedtls/pull/6087#discussion_r924252403 are addressed in #6123. Thus I am ok to merge it as it is.	2022-07-23 08:57:11 +02:00
Ronald Cron	340c559cb3	Merge pull request #6079 from yuhaoth/pr/add-tls13-parse-pre_shared_key_offered_psks TLS 1.3: PSK: Add parser/writer of pre_shared_key extension on server side.	2022-07-23 08:50:45 +02:00
Jerry Yu	13ab81d5ac	Add handshake failure in pre_shared_key withou psk_kex_modes Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:17:11 +08:00
Jerry Yu	bc7c1a4260	fix typo/format/name issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:09:40 +08:00
Jerry Yu	438ddd835b	Add tls13 session save/load Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:08:43 +08:00
Jerry Yu	a66fecebe7	Add endpoint/ticket_flag field for session Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:08:43 +08:00
Jerry Yu	6f1db3fc92	fix format and potential non-PSK fail issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 23:05:59 +08:00
Jerry Yu	ce6ed7076a	Change the order of key_exchange determine Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 21:49:53 +08:00
Jerry Yu	ba9b6e9e53	fix unkown identity case Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 21:45:05 +08:00
Jerry Yu	568ec2502a	fix format/name issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 21:27:34 +08:00
Jerry Yu	2f0abc94d8	fix typo/type/format issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-22 19:34:48 +08:00
Ronald Cron	4beb870fa8	Merge pull request #6064 from xkqian/tls13_add_psk Add psk code to tls13 client side	2022-07-22 11:35:05 +02:00
Dave Rodgman	a948f0588c	Merge pull request #1986 from jacmet/bn_mul-fix-x86-pic-compilation-for-gcc-4 bn_mul.h: fix x86 PIC inline ASM compilation with GCC < 5	2022-07-21 17:34:48 +01:00
Jerry Yu	77f0148e11	Add psk/psk_ephemeral key exchange check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 23:27:22 +08:00
Ronald Cron	32578b3bd0	Merge pull request #6069 from yuhaoth/pr/add-tls13-write-new-session-ticket TLS 1.3:add tls13 write new session ticket Validated by the internal CI and Travis.	2022-07-21 16:17:35 +02:00
XiaokangQian	bee71453b2	Improve the buffer pointer check in write pre_shared key Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-07-21 15:30:04 +02:00
XiaokangQian	3ad67bf4e3	Rename functions and add test messages Change-Id: Iab51b031ae82d7b2d384de708858be64be75f9ed Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-07-21 15:30:04 +02:00
XiaokangQian	7c12d31813	Refine comments for psk related code Change-Id: Iff5c176bb902919abc8d4fb78a185aa68704a791 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-07-21 15:30:04 +02:00
XiaokangQian	8698195566	Address comments of various issues Improve comments Change coding style Rename functions Change-Id: Ia111aef303932cfeee693431c3d48f90342b32e5 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-07-21 15:30:04 +02:00
XiaokangQian	adab9a6440	Fix transcript issues and add cases against openssl Change-Id: I496674bdb79f074368f11beaa604ce17a3062bc3 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-07-21 15:30:04 +02:00
XiaokangQian	008d2bf80b	Address comments in psk client review Improve comments Refine cipher suite related code in psk Refine get_psk_offered() Change-Id: Ic3b0b5f86eb1e71f11bb499961aa8494284f1840 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-07-21 15:30:04 +02:00
XiaokangQian	eb69aee6af	Add psk code to tls13 client side Change-Id: I222b2c9d393889448e5e6ad06638536b54edb703 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-07-21 15:30:04 +02:00
Manuel Pégourié-Gonnard	73692b7537	Rework macros expressing dependencies Fix usage with sed: s/MBEDTLS_OR_PSA_WANT_\([A-Z_0-9]\)/MBEDTLS_HAS_\1_VIA_LOWLEVEL_OR_PSA/ s/MBEDTLS_USE_PSA_WANT_\([A-Z_0-9]\)/MBEDTLS_HAS_\1_VIA_MD_OR_PSA_BASED_ON_USE_PSA/ Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-21 12:11:53 +02:00
Jerry Yu	96a2e368dc	TLS 1.3: Add pre-shared-key multiple psk parser Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 18:00:13 +08:00
Jerry Yu	6119715e05	Change type cast to size_t Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 16:28:02 +08:00
Jerry Yu	1c9247cff4	TLS 1.3: Add pre_share_key last ext check From RFC, pre_share_key must be the last one. Add check for it. And with/without psk, it should be check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 16:19:50 +08:00
Jerry Yu	352cd7db59	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 16:19:50 +08:00
Jerry Yu	daf375aa8b	fix issues of check_binder_match Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 16:19:50 +08:00
Jerry Yu	bb852029f4	fix naming issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 16:19:50 +08:00
Jerry Yu	6e74a7e3c7	Add check return flags Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 16:19:50 +08:00
Jerry Yu	997549353e	fix various code format issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 16:19:50 +08:00
Jerry Yu	032b15ce5e	Add write selected_identity Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 16:19:50 +08:00
Jerry Yu	1c105560b4	add offered psks parser Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 16:19:50 +08:00
Jerry Yu	6dcd18d55b	export hdr checksum function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 16:19:50 +08:00
Ronald Cron	bc817bac76	TLS 1.3: Limit scope of tls13_kex_modes handshake field Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-07-21 09:43:53 +02:00
Jerry Yu	fca4d579a4	fix various issues - unnecessary comments - format issue - improve readability Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-21 10:37:48 +08:00
Ronald Cron	799077177b	TLS 1.3: Use selected key exchange mode field Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-07-20 17:49:58 +02:00
Ronald Cron	853854958f	TLS 1.3: Add selected key exchange mode field Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-07-20 17:49:22 +02:00
Ronald Cron	7f9ccfeccc	TLS 1.3: Remove unnecessary key exchange mode check If there is a PSK involved in the key exchange and thus no certificate we do not go through the MBEDTLS_SSL_CERTIFICATE_REQUEST state thus there is no reason to check that in the coordination function of that state. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-07-20 17:47:23 +02:00
Ronald Cron	2d8b7ac898	TLS 1.3: Fix selected key exchange mode check ECDHE operations have to be done in ephemeral and PSK-ephemeral key exchange mode, not just ephemeral key exhange mode. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-07-20 17:46:58 +02:00
Dave Rodgman	fa40b02da3	Remove use of lstat lstat is not available on some platforms (e.g. Ubuntu 16.04). In this particular case stat is sufficient. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-07-20 16:10:33 +01:00
Jerry Yu	6cb4fcd1a5	Remove key exchange mode check. This change does not meet RFC requirements. It should be revert after key exchange mode issue fixed Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 22:41:00 +08:00
Jerry Yu	e67bef4aba	Add tls13 write new session ticket Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 22:41:00 +08:00
Jerry Yu	251a12e942	Add dummy session save Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 22:40:59 +08:00
Dave Rodgman	7085aa42ee	Merge pull request #5896 from wernerlewis/aes_shallow_copy Refactor AES context to be shallow-copyable	2022-07-20 15:16:37 +01:00
Dave Rodgman	103f8b6506	Spelling and grammar improvements Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-07-20 14:37:08 +01:00
Dave Rodgman	935154ef04	Don't increase failure count for dangling symlinks Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-07-20 14:37:07 +01:00
Eduardo Silva	e1bfffc4f6	x509_crt: handle properly broken links when looking for certificates On non-windows environments, when loading certificates from a given path through mbedtls_x509_crt_parse_path() function, if a symbolic link is found and is broken (meaning the target file don't exists), the function is returning MBEDTLS_ERR_X509_FILE_IO_ERROR which is not honoring the default behavior of just skip the bad certificate file and increase the counter of wrong files. The problem have been raised many times in our open source project called Fluent Bit which depends on MbedTLS: https://github.com/fluent/fluent-bit/issues/843#issuecomment-486388209 The expected behavior is that if a simple certificate cannot be processed, it should just be skipped. This patch implements a workaround with lstat(2) and stat(2) to determinate first if the entry found in the directory is a symbolic link or not, if is a simbolic link, do a proper stat(2) for the target file, otherwise process normally. Upon find a broken symbolic link it will increase the counter of not processed certificates. Signed-off-by: Eduardo Silva <eduardo@treaure-data.com>	2022-07-20 14:36:12 +01:00
Jerry Yu	3afdf36de7	Add hash length check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 18:12:08 +08:00
Jerry Yu	0a430c8aaf	Rename resumption_key and the hardcode len `resumption_key` is better name. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Jerry Yu	b14413804a	Remove ticket_flags It should be added later. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Jerry Yu	08aed4def9	fix comments and time_t type issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Jerry Yu	a0446a0344	Add check_return flag Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Jerry Yu	4e6c42a533	fix various issues - wrong typo - unnecessary comments/debug code - wrong location Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Jerry Yu	cb3b1396f3	move resume psk ticket computation to end Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Jerry Yu	af2c0c8dd6	fix various comment/format issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Jerry Yu	a357cf4d4c	Rename new_session_ticket state Both client and server side use `MBEDTLS_SSL_NEW_SESSION_TICKET` now Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Jerry Yu	f8a4994ec7	Add tls13 new session ticket parser Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Jerry Yu	c62ae5f539	Add new session ticket message check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Jerry Yu	a270f67340	Add tls13 session fields Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Manuel Pégourié-Gonnard	d82a9edc63	Rm now-duplicate helper function Again, the guards are slightly different, let's see in the CI if this causes any trouble. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-18 21:28:38 +02:00
Manuel Pégourié-Gonnard	130fa4d376	Rm local helper now that a global one is available There is a small difference: the global function only works for hashes that are included in the build, while the old one worked for all hashes regardless of whether they were enabled or not. We'll see in the CI is this causes any issues. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-18 21:28:38 +02:00
Manuel Pégourié-Gonnard	abac037a7b	Migrate from old inline to new actual function. This is mostly: sed -i 's/mbedtls_psa_translate_md/mbedtls_hash_info_psa_from_md/' \ library/.c tests/suites/.function This should be good for code size as the old inline function was used from 10 translation units inside the library, so we have 10 copies at least. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-18 21:28:38 +02:00
Manuel Pégourié-Gonnard	4772884133	New internal module for managing hash information Using static inline functions is bad for code size; the function from md_internal.h was already used from 3 different C files, so already was copied at least 3 times in the library, and this would only get worse over time. Use actual functions, and also share the actual data between them. Provide a consistent set of operations. Conversion to/from human-readable string was omitted for now but could be added later if needed. In the future, this can be used to replace other similar (inline) functions that are currently scattered, including (but perhaps not limited to): - mbedtls_psa_translate_md() from psa_util.h - mbedtls_md_info_from_psa() (indirectly) from psa_crypto_hash.h - get_md_alg_from_psa() from psa_crypto_rsa.c Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-18 21:28:38 +02:00
Peter Korsgaard	c0546e351f	bn_mul.h: fix x86 PIC inline ASM compilation with GCC < 5 Fixes #1910 With ebx added to the MULADDC_STOP clobber list to fix #1550, the inline assembly fails to build with GCC < 5 in PIC mode with the following error: include/mbedtls/bn_mul.h:46:13: error: PIC register clobbered by ‘ebx’ in ‘asm’ This is because older GCC versions treated the x86 ebx register (which is used for the GOT) as a fixed reserved register when building as PIC. This is fixed by an improved register allocator in GCC 5+. From the release notes: Register allocation improvements: Reuse of the PIC hard register, instead of using a fixed register, was implemented on x86/x86-64 targets. This improves generated PIC code performance as more hard registers can be used. https://www.gnu.org/software/gcc/gcc-5/changes.html As a workaround, detect this situation and disable the inline assembly, similar to the MULADDC_CANNOT_USE_R7 logic. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2022-07-18 17:31:13 +01:00
Manuel Pégourié-Gonnard	1c402a4217	Remove macro that's no longer used It was only used in test_suite_pk which was fixed to no longer compute hashes in a temporary buffer. Also, it's not entirely clear is this macro was really a good idea: perhaps it's better for each user to have an explicit #if defined(MBEDTSL_USE_PSA_CRYPTO) and use either MBEDTLS_MD_MAX_SIZE or PSA_HASH_MAX_SIZE in each branch of that #if. So, removing it for the time being. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-18 12:49:19 +02:00
Ronald Cron	d5b1eb51db	Merge pull request #6078 from yuhaoth/pr/add-tls13-paser-psk-kex-mode-ext TLS 1.3: PSK: Add parser of psk kex mode ext on server side	2022-07-18 11:34:24 +02:00
Hanno Becker	907a367b50	Remove explicit width suffixes from Arm bignum assembly Within the M-profile of the Arm architecture, some instructions admit both a 16-bit and a 32-bit encoding. For those instructions, some assemblers support the use of the .n (narrow) and .w (wide) suffixes to force a choice of instruction encoding width. Forcing the size of encodings may be useful to ensure alignment of code, which can have a significant performance impact on some microarchitectures. It is for this reason that a previous commit introduced explicit .w suffixes into what was believed to be M-profile only assembly in library/bn_mul.h. This change, however, introduced two issues: - First, the assembly block in question is used also for Armv7-A systems, on which the .n/.w distinction is not meaningful (all instructions are 32-bit). - Second, compiler support for .n/.w suffixes appears patchy, leading to compilation failures even when building for M-profile targets. This commit removes the .w annotations in order to restore working code, deferring controlled re-introduction for the sake of performance. Fixes #6089. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-07-15 12:00:58 +01:00
Manuel Pégourié-Gonnard	f88b1b5375	Introduce MBEDTLS_OR_PSA_WANT_xxx helper macros Currently just replacing existing uses, but the real point of having these conditions as a single macro is that we'll be able to use them in tests case dependencies, see next commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-15 12:08:14 +02:00
Jerry Yu	854dd9e23f	fix comment issue Co-authored-by: Xiaokang Qian <53458466+xkqian@users.noreply.github.com> Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-15 14:38:38 +08:00
Jerry Yu	299e31f10e	fix various issue - remove unused test case - add alert message - improve readabitlity Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-13 23:06:36 +08:00
Paul Elliott	af4b90db3f	Revert "Add missing library/psa_crypto_driver_wrappers.c" This reverts commit `c2a9387110` Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-12 11:30:17 +01:00
Paul Elliott	81c69b547a	Revert "Revert "Revert "Add generated files for 3.2.0 release""" This reverts commit `185d24ba0e`. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-12 11:29:34 +01:00
Jerry Yu	e19e3b9eb8	Add psk_key_exchange_modes parser Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-12 09:53:35 +00:00
Paul Elliott	cd08ba0326	Bump version to 3.2.1 Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-12 10:51:55 +01:00
Dave Rodgman	c2a9387110	Add missing library/psa_crypto_driver_wrappers.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-07-12 10:51:55 +01:00
Dave Rodgman	185d24ba0e	Revert "Revert "Add generated files for 3.2.0 release"" This reverts commit `7adb8cbc0e`. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-12 10:51:44 +01:00
Manuel Pégourié-Gonnard	043c8c5de8	Add USE_PSA version of PK test functions While at it, also fix buffer size for functions that already depend on USE_PSA: it should be PSA_HASH_MAX_SIZE for functions that always use PSA, and the new macro MBEDTLS_USE_PSA_MD_MAX_SIZE for functions that use it or not depending on USE_PSA. The only case where MBEDTLS_MD_MAX_SIZE is OK is when the function always uses MD - currently this is the case with pk_sign_verify_restart() as it is incompatible with USE_PSA anyway. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-12 11:11:20 +02:00
Manuel Pégourié-Gonnard	5508673832	Add helper macros for dependencies based on USE_PSA For now in an internal header as it's the safest option and that way we can change whenever we want. Later on if we think the macros can be useful to applications as well then we can move them to a public location. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard	3f4778995e	Rm dependency on MD in psa_crypto_rsa.c The previous commit made the PKCS#1v1.5 part of rsa.c independent from md.c, but there was still a dependency in the corresponding part in PSA. This commit removes it. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard	fe2b9b5397	Make mbedtls_oid_get_md_alg() always available This is a step towards building with RSA PKCS#1v1.5 without MD. Also loosen guards around oid data: the OID definitions clearly don't depend on our software implementation. We could simply have no dependency as this is just data. But for the sake of code size, let's have some guards so that people who don't use MD5, SHA1 or RIPEMD160 don't have to pay the price for them. Note: this is used for RSA (PKCS#v1.5) signatures among other things, an area that is not influenced by USE_PSA, so the guards should not depend on it either. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard	f493f2ad1d	Use md_internal_get_size() in rsa.c Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-12 11:11:18 +02:00
Manuel Pégourié-Gonnard	3356b89b64	Add missing guard around call to MD PKCS#1 v1.5 mostly does not need hash operations. This is a first step towards allowing builds with PKCS#1 v1.5 only (no v2.1) without MD. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-12 11:11:18 +02:00
Manuel Pégourié-Gonnard	a370e06e30	Avoid dependency of PK on MD Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-12 11:11:18 +02:00
Manuel Pégourié-Gonnard	d8a298e1fc	Add internal MD size getter Modules / tests that only need to get the size of a hash from its type, without actually computing a hash, need not depend on MD_C. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-12 11:11:18 +02:00
Paul Elliott	7adb8cbc0e	Revert "Add generated files for 3.2.0 release" This reverts commit `cb21f2eab3`. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 18:18:30 +01:00
Paul Elliott	cb21f2eab3	Add generated files for 3.2.0 release Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 13:56:01 +01:00
Paul Elliott	20362cd1ca	Bump library and so versions for 3.2.0 release Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 13:56:01 +01:00
Paul Elliott	f518f81d41	Ensure return for mbedtls_ssl_write_alpn_ext() is checked Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 12:37:47 +01:00
Ronald Cron	ce7d76e2ee	Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr	2022-07-11 10:22:37 +02:00
Paul Elliott	6e80e09bd1	Merge pull request #5915 from AndrzejKurek/cid-resumption-clash Fix DTLS 1.2 session resumption	2022-07-06 15:03:36 +01:00
Andrzej Kurek	21b50808cd	Clarify the need for calling mbedtls_ssl_derive_keys after extension parsing Use a more straightforward condition to note that session resumption is happening. Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-06 03:26:55 -04:00
Werner Lewis	c1999d5746	Add fallback when rk unaligned with padlock Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-07-05 11:55:15 +01:00
Andrzej Kurek	92d7417d89	Formatting fixes Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00
Paul Elliott	072d2b094d	Add pem_free() to other error paths in pk_parse_public_key() Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-04 06:49:26 -04:00
Leonid Rozenboim	116f50cd96	Fix resource leaks These potential leaks were flagged by the Coverity static analyzer. Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>	2022-07-04 06:49:26 -04:00
Manuel Pégourié-Gonnard	4d7af2aee0	Merge pull request #5835 from superna9999/5831-tls-1-2-ciphersuite-selection Permissions 2a: TLS 1.2 ciphersuite selection	2022-07-04 12:37:02 +02:00
Paul Elliott	41aa808a56	Merge pull request #952 from gilles-peskine-arm/stdio_buffering-setbuf Turn off stdio buffering with setbuf()	2022-07-04 10:12:22 +01:00
Ronald Cron	0e39ece23f	Merge pull request #5916 from yuhaoth/pr/tls13-refactor-get-sig-alg-from-pk Refactor signature algorithm chooser	2022-07-04 09:10:08 +02:00
Paul Elliott	bae7a1a5a6	Merge pull request #5620 from gstrauss/dn_hints Add accessors to config DN hints for cert request	2022-07-01 17:23:14 +01:00
Paul Elliott	c466ec2e73	Fix code formatting Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-01 16:43:25 +01:00
Neil Armstrong	971f30d917	Fix mbedtls_ssl_get_ciphersuite_sig_alg() by returning MBEDTLS_PK_NONE for MBEDTLS_KEY_EXCHANGE_RSA Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-07-01 16:23:50 +02:00
Manuel Pégourié-Gonnard	8b8a1610f7	Merge pull request #936 from paul-elliott-arm/fix_tls_record_size_check Fix the wrong variable being used for TLS record size checks	2022-07-01 12:29:48 +02:00
Jerry Yu	52b7d923fe	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-01 18:12:44 +08:00
Neil Armstrong	96eceb8022	Refine mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg() when USE_PSA_CRYPTO is selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-06-30 18:05:05 +02:00
Gilles Peskine	da0913ba6b	Call setbuf when reading or writing files: library After opening a file containing sensitive data, call mbedtls_setbuf() to disable buffering. This way, we don't expose sensitive data to a memory disclosure vulnerability in a buffer outside our control. This commit adds a call to mbedtls_setbuf() after each call to fopen(), except: * In ctr_drbg.c, in load_file(), because this is only used for DH parameters and they are not confidential data. * In psa_its_file.c, in psa_its_remove(), because the file is only opened to check its existence, we don't read data from it. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 17:03:40 +02:00
Gilles Peskine	6497b5a1d1	Add setbuf platform function Add a platform function mbedtls_setbuf(), defaulting to setbuf(). The intent is to allow disabling stdio buffering when reading or writing files with sensitive data, because this exposes the sensitive data to a subsequent memory disclosure vulnerability. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 17:01:40 +02:00
Ronald Cron	cb67e1a890	Merge pull request #5917 from gilles-peskine-arm/asn1write-0-fix Improve ASN.1 write tests	2022-06-30 15:42:16 +02:00
Paul Elliott	f6a56cf5ff	Merge pull request #939 from ronald-cron-arm/tls13-add-missing-overread-check TLS 1.3: Add missing overread check	2022-06-29 17:01:14 +01:00
Werner Lewis	7656a373b6	Reformat AES changes for readability Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-29 16:17:50 +01:00
Werner Lewis	dd76ef359d	Refactor AES context to be shallow-copyable Replace RK pointer in AES context with a buffer offset, to allow shallow copying. Fixes #2147. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-29 16:17:50 +01:00
Dave Rodgman	5b50f38f92	Merge pull request #934 from gilles-peskine-arm/mpi-0-mod-2 Fix null pointer dereference in mpi_mod_int(0, 2)	2022-06-29 15:02:59 +01:00
Jerry Yu	2fe6c638e2	remove supported check from parse sig algs Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:20:17 +08:00
Jerry Yu	959e5e030b	fix format issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:20:17 +08:00
Jerry Yu	660cb4209c	Remove pkcs1 from key cert and sig alg map Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:20:17 +08:00
Jerry Yu	71b18844ff	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:19:49 +08:00
Jerry Yu	9d3e2fa372	Add negative tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:19:06 +08:00
Manuel Pégourié-Gonnard	2f244c43b4	Merge pull request #5980 from mprse/md_dep_fix Remove MD dependencies from mbedtls_x509_sig_alg_gets(), ssl_tls13_parse_certificate_verify()	2022-06-29 10:18:41 +02:00
Jerry Yu	c2e0493e6e	Add rsa_pkcs1 for cert sig match Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:18:31 +08:00
Jerry Yu	cc5391048e	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:18:30 +08:00
Jerry Yu	ee28e7a21d	add tests for select sig alg Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:17:06 +08:00
Jerry Yu	aebaaaf527	add debug messages Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:09 +08:00
Jerry Yu	430db6b6ff	Remove hack fix for server hybrid issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:09 +08:00
Jerry Yu	a1255e6b8c	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:09 +08:00
Jerry Yu	9bb3ee436b	Revert rsa_pss_rsae_* support for tls12 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:08 +08:00
Jerry Yu	53f5c15155	Add debug message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:08 +08:00
Jerry Yu	80dd5db808	Remove pkcs1 from certificate verify. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:08 +08:00
Jerry Yu	d4a71a57a8	Add tls12 algorithms in hybrid mode client hello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:08 +08:00
Jerry Yu	5ef71f2723	remove rsa_pkcs1_* from tls13 support list Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:08 +08:00
Jerry Yu	f085678879	remove unnecessary check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:07 +08:00
Jerry Yu	6272c4d4aa	Revert unnecessary space change Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:07 +08:00
Jerry Yu	96ee23eb88	fix tls12 openssl/gnutls server fail To test version negotiation with tls12 OpenSSL/GnuTLS server, If `rsa_pss_rsae_` were sent to server before `rsa_pkcs_`, server will return `rsa_pss_rsae_` as key exchange sig alg. OpenSSL/GnuTLS can work with this case. mbedTLS will fail due to `rsa_pss_rsae_` unsupported. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:07 +08:00
Jerry Yu	ba5e379697	Revert order of default sig_algs Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:07 +08:00
Jerry Yu	3f71ca0941	Remove rsa_pss_rsae_* from tls12 sig_algs Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:07 +08:00
Jerry Yu	0c6be8f863	move big function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:07 +08:00
Jerry Yu	3896ac6e5b	fix ordered sig algs fail for openssl Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:06 +08:00
Jerry Yu	f3b46b5082	Add debug message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:16:05 +08:00
Jerry Yu	d099cf0325	fix unused variable issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:13:47 +08:00
Jerry Yu	f55886a217	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:13:46 +08:00
Jerry Yu	6babfee178	remove out of scope codes Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:13:46 +08:00
Jerry Yu	fb526693c1	Rename sig_alg cert_key check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:13:45 +08:00
Jerry Yu	f0cda410a4	remove default sig_hashes And add pss_rsae_* sig_algs to fix `Handshake TLS 1.3` test fails, which is part of `test_suite_ssl` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:13:45 +08:00
Jerry Yu	7ab7f2b184	Remove pkcs1 from certificate_verify Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:13:44 +08:00
Jerry Yu	08524c55f9	remove pkcs1_* support Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:13:44 +08:00
Jerry Yu	0ebce95785	create tls12/tls13 sig alg support check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:13:43 +08:00
Jerry Yu	f249ef7821	refactor get sig algo from pk Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:13:40 +08:00
Ronald Cron	7898fd456a	Merge pull request #5970 from gabor-mezei-arm/5229_Send_dummy_change_cipher_spec_records_from_server TLS 1.3 server: Send dummy change_cipher_spec records The internal CI PR-merge job ran successfully thus good to go.	2022-06-29 09:47:49 +02:00
Glenn Strauss	bd10c4e2af	Test accessors to config DN hints for cert request Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-06-29 02:54:28 -04:00
Gilles Peskine	d86abf2392	Merge pull request #5861 from wernerlewis/csr_subject_comma Fix output of commas and other special characters in X509 DN values	2022-06-28 21:00:49 +02:00
Glenn Strauss	999ef70b27	Add accessors to config DN hints for cert request mbedtls_ssl_conf_dn_hints() mbedtls_ssl_set_hs_dn_hints() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-06-28 12:43:59 -04:00
Neil Armstrong	9f1176a793	Move preferred_hash_for_sig_alg() check after ssl_pick_cert() and check if hash alg is supported with mbedtls_pk_can_do_ext() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-06-28 18:12:17 +02:00
Neil Armstrong	9f4606e6d2	Rename mbedtls_ssl_get_ciphersuite_sig_pk_ext_XXX in mbedtls_ssl_get_ciphersuite_sig_pk_ext_XXX() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-06-28 18:12:17 +02:00
Neil Armstrong	0c9c10a401	Introduce mbedtls_ssl_get_ciphersuite_sig_pk_ext_alg() and use it in ssl_pick_cert() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-06-28 18:10:48 +02:00
Gabor Mezei	f7044eaec8	Fix name Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-06-28 16:01:49 +02:00
Ronald Cron	e99ec7cb6a	Merge pull request #5908 from ronald-cron-arm/tls13-fixes-doc TLS 1.3: Fixes and add documentation Validated by the internal CI, no need to wait for the Open CI.	2022-06-28 12:16:17 +02:00
Gabor Mezei	96ae926572	Typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-06-28 11:56:26 +02:00
Gabor Mezei	5471912269	Move switching to handshake transform after sending CCS record Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-06-28 11:56:26 +02:00
Gabor Mezei	05ebf3be74	Revert "Do not encrypt CCS records" This reverts commit `96ec831385`. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-06-28 11:55:35 +02:00
Przemek Stekiel	4dc874453e	ssl_tls13_parse_certificate_verify(): optimize the code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-28 11:05:42 +02:00
Manuel Pégourié-Gonnard	273453f126	Merge pull request #5983 from gstrauss/inline-mbedtls_x509_dn_get_next Inline mbedtls_x509_dn_get_next() in x509.h	2022-06-28 10:13:58 +02:00
Ronald Cron	11b5332ffc	tls13: Fix certificate extension size write Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:21:13 +02:00
Ronald Cron	81a334fc02	tls13: Fix buffer overread checks in ssl_tls13_parse_alpn_ext() Some coding style alignement as well. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:21:13 +02:00
Ronald Cron	7b8404608a	tls13: Rename ssl_tls13_write_hello_retry_request_coordinate Rename ssl_tls13_write_hello_retry_request_coordinate to ssl_tls13_prepare_hello_retry_request as it is more aligned with what the function does. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:21:13 +02:00
Ronald Cron	fb508b8f21	tls13: Move state changes up to state main handler Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:21:13 +02:00
Ronald Cron	63dc463ed6	tls13: Simplify switch to the inbound handshake keys on server side Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:21:13 +02:00
Ronald Cron	5afb904022	tls13: Move out of place handshake field reset Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:18:42 +02:00
Ronald Cron	828aff6ead	tls13: Rename server_hello_coordinate to preprocess_server_hello Rename server_hello_coordinate to preprocess_server_hello as it is more aligned with what the function does. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:18:42 +02:00
Ronald Cron	db5dfa1f1c	tls13: Move ServerHello fetch to the ServerHello top handler Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:18:42 +02:00
Ronald Cron	9d6a545714	tls13: Re-organize EncryptedExtensions message parsing code Align the organization of the EncryptedExtensions message parsing code with the organization of the other message parsing codes. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:18:42 +02:00
Ronald Cron	154d1b68d6	tls13: Fix wrong usage of MBEDTLS_SSL_CHK_BUF(_READ)_PTR macros Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:18:42 +02:00
Ronald Cron	c80835943c	tls13: Fix pointer calculation before space check Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:18:42 +02:00
Ronald Cron	2827106199	tls13: Add missing buffer overread check Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:18:42 +02:00
Ronald Cron	b94854f8e3	Merge pull request #5973 from ronald-cron-arm/tls13-misc-tests TLS 1.3: Enable and add tests	2022-06-28 09:15:17 +02:00
Glenn Strauss	01d2f52a32	Inline mbedtls_x509_dn_get_next() in x509.h Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-06-27 14:20:07 -04:00
Dave Rodgman	f5b7082f6e	Merge pull request #5811 from polhenarejos/bug_x448 Fix order value for curve x448	2022-06-27 13:47:24 +01:00
Werner Lewis	9b0e940135	Fix case where final special char exceeds buffer Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-27 12:01:22 +01:00
Przemek Stekiel	9e30fc94f3	Remove redundant spaces Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-27 12:48:35 +02:00
Werner Lewis	b33dacdb50	Fix parsing of special chars in X509 DN values Use escape mechanism defined in RFC 1779 when parsing commas and other special characters in X509 DN values. Resolves failures when generating a certificate with a CSR containing a comma in subject value. Fixes #769. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-27 11:19:50 +01:00
Przemek Stekiel	6a5e01858f	ssl_tls13_parse_certificate_verify(): remove md dependency Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-27 11:53:13 +02:00
Przemek Stekiel	6230d0d398	mbedtls_x509_sig_alg_gets(): remove md dependency Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-27 11:19:04 +02:00
Ronald Cron	cf600bc07c	Comment fixes Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-27 09:28:49 +02:00
Ronald Cron	2b1a43c101	tls13: Add missing overread check in Certificate msg parsing. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-27 09:28:49 +02:00
Ronald Cron	ad8c17b9c6	tls: Add overread/overwrite check failure tracking Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-27 09:28:49 +02:00
Ronald Cron	e3dac4aaa1	tls13: Add Certificate msg parsing tests with invalid vector lengths Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-27 09:28:42 +02:00
Ronald Cron	07040bb179	Merge pull request #5951 from xkqian/tls13_add_alpn Add ALPN extension to the server side	2022-06-27 08:33:03 +02:00
Ronald Cron	9738a8d0fd	Merge pull request #943 from ronald-cron-arm/tls13-fix-key-usage-checks TLS 1.3: Fix certificate key usage checks	2022-06-27 08:32:17 +02:00
Paul Elliott	668b31f210	Fix the wrong variable being used for TLS record size checks Fix an issue whereby a variable was used to check the size of incoming TLS records against the configured maximum prior to it being set to the right value. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-06-24 20:09:37 +01:00
Ronald Cron	1938588e80	tls13: Align some debug messages with TLS 1.2 ones Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-24 12:06:46 +02:00
XiaokangQian	0b776e282a	Change some comments for alpn Change-Id: Idf066e94cede9d26aa41d632c3a81dafcee38587 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-24 09:04:59 +00:00
Manuel Pégourié-Gonnard	93a7f7d7f8	Merge pull request #5954 from wernerlewis/x509_next_merged Add mbedtls_x509_dn_get_next function	2022-06-24 09:59:22 +02:00
XiaokangQian	95d5f549f1	Fix coding styles Change-Id: I0ac8ddab13767b0188112dfbbdb2264d36ed230a Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-24 05:42:15 +00:00
Przemek Stekiel	1b0ebdf363	Zeroize hkdf_label buffer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-23 09:22:49 +02:00
Przemek Stekiel	38ab400dc4	Adapt code to be consistent with the existing code - init status to error - use simple assignment to status - fix code style (spaces) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-23 09:05:40 +02:00
XiaokangQian	c740345c5b	Adress review comments Change Code styles Add test cases Change-Id: I022bfc66fe509fe767319c4fe5f2541ee05e96fd Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-23 03:24:12 +00:00
Gabor Mezei	96ec831385	Do not encrypt CCS records According to the TLS 1.3 standard the CCS records must be unencrypted. When a record is not encrypted the counter, used in the dynamic IV creation, is not incremented. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-06-22 17:07:21 +02:00
Gabor Mezei	7b39bf178e	Send dummy change_cipher_spec records from TLS 1.3 server Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-06-22 17:07:21 +02:00
XiaokangQian	acb3992251	Add ALPN extension to the server side CustomizedGitHooks: yes Change-Id: I6fe1516963e7b5727710872ee91fea7fc51d2776 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-22 06:34:58 +00:00
Przemek Stekiel	d5ae365b97	Use PSA HKDF-Extrat/Expand algs instead mbedtls_psa_hkdf_extract(), mbedtls_psa_hkdf_xpand() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-21 07:22:33 +02:00
Przemek Stekiel	88e7101d03	Remove mbedtls_psa_hkdf_extract(), mbedtls_psa_hkdf_expand() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-21 07:22:33 +02:00
Manuel Pégourié-Gonnard	a82a8b9f4b	Mark internal int SSL functions CHECK_RETURN_CRITICAL Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-06-20 21:12:55 +02:00
Manuel Pégourié-Gonnard	a3115dc0e6	Mark static int SSL functions CHECK_RETURN_CRITICAL Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-06-20 21:12:52 +02:00
Manuel Pégourié-Gonnard	66b0d61718	Add comments when can_do() is safe to use Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-06-20 21:12:29 +02:00
Manuel Pégourié-Gonnard	b64fb62ead	Fix unchecked return value from internal function Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-06-20 21:12:29 +02:00
Gilles Peskine	e0469b5908	Merge pull request #931 from AndrzejKurek/clihlo_cookie_pxy_fix Add a client hello cookie_len overflow test	2022-06-20 19:35:54 +02:00
Gilles Peskine	36aeb7f163	Merge pull request #5834 from mprse/HKDF_1 HKDF 1: PSA: implement HKDF_Expand and HKDF_Extract algorithms	2022-06-20 15:27:46 +02:00
Werner Lewis	b3acb053fb	Add mbedtls_x509_dn_get_next function Allow iteration through relative DNs when X509 name contains multi- value RDNs. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-17 16:40:55 +01:00
Ronald Cron	30c5a2520e	tls13: Fix certificate key usage checks Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-17 08:49:52 +02:00
Ronald Cron	ca3c6a5698	Merge pull request #5817 from xkqian/tls13_add_server_name Tls13 add server name	2022-06-16 08:30:09 +02:00
Andrzej Kurek	755ddff25c	Fix print format in a debug message Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-06-15 07:32:02 -04:00
Andrzej Kurek	cbe14ec967	Improve variable extracting operations by using MBEDTLS_GET macros Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-06-15 07:17:28 -04:00
XiaokangQian	75fe8c7e54	Change place of ssl_tls13_check_ephemeral_key_exchange Change-Id: Id49172f7375e2a0771ad1216fb7eead808f0db3e Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-15 09:42:45 +00:00
XiaokangQian	fb665a8452	Adress the comments about styles and pick_cert Change-Id: Iee89a27aaea6ebc8eb01c6c9985487f081ef7343 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-15 03:57:21 +00:00
Andrzej Kurek	7cf872557a	Rearrange the session resumption code Previously, the transforms were populated before extension parsing, which resulted in the client rejecting a server hello that contained a connection ID. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-06-14 08:26:19 -04:00
Przemek Stekiel	69c4679b22	Adapt macro name to meet requested criteria: MBEDTLS_PSA_BUILTIN_ALG_ANY_HKDF->BUILTIN_ALG_ANY_HKDF Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-14 11:13:32 +02:00
XiaokangQian	07aad0710c	Refine function name ssl_tls13_pick_key_cert Change-Id: I821e1485d9cfcca88fa3e18d345766ea48c64250 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-14 05:35:09 +00:00
XiaokangQian	81802f43a2	Select certificate base on the received signature list Change-Id: Ife707db7fcfdb1e761ba86804cbf5dd766a5ee33 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-13 03:58:06 +00:00
Gilles Peskine	321a08944b	Fix bug whereby 0 was written as 0200 rather than 020100 0200 is not just non-DER, it's completely invalid, since there has to be a sign bit. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-10 20:13:33 +02:00
Gilles Peskine	ae25bb043c	Fix null pointer dereference in mpi_mod_int(0, 2) Fix a null pointer dereference when performing some operations on zero represented with 0 limbs: mbedtls_mpi_mod_int() dividing by 2, or mbedtls_mpi_write_string() in base 2. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-09 19:32:46 +02:00
Przemek Stekiel	75fe3fb1d7	psa_crypto.c: add MBEDTLS_PSA_BUILTIN_ALG_ANY_HKDF macro to limit number of #if conditions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-09 14:44:55 +02:00
Andrzej Kurek	b58cf0d172	Split a debug message into two - for clarity Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-06-08 11:53:59 -04:00
Andrzej Kurek	078e9bcda6	Add the mbedtls prefix to ssl_check_dtls_clihlo_cookie Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-06-08 11:47:33 -04:00
Dave Rodgman	11930699f1	Merge pull request #5827 from wernerlewis/time_utc Use ASN1 UTC tags for dates before 2000	2022-06-08 13:54:19 +01:00
Paul Elliott	5f2bc754d6	Merge pull request #5792 from yuhaoth/pr/add-tls13-moving-state-tests Pr/add-tls13-moving-state-tests	2022-06-08 13:39:52 +01:00
Manuel Pégourié-Gonnard	3a833271aa	Merge pull request #5727 from SiliconLabs/feature/PSEC-3207-TLS13-hashing-HMAC-to-PSA Feature psec-3207 move TLS13 hashing and hmac to psa	2022-06-08 11:53:35 +02:00
XiaokangQian	96287d98d8	Remove the certificate key check against the received signature Change-Id: I07d8d46c58dec499f96cb7307fc0af15149d9df7 CustomizedGitHooks: yes Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-08 08:37:53 +00:00
pespacek	d9aaf768b5	Fixing CI complains. Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-06-08 09:44:11 +02:00
XiaokangQian	9850fa8e8d	Refine ssl_tls13_pick_cert() Change-Id: I5448095e280d8968b20ade8b304d139e399e54f1 CustomizedGitHooks: yes Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-08 07:02:41 +00:00
pespacek	b06acd734b	Fixing PSA return status Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-06-07 13:07:21 +02:00
XiaokangQian	23c5be6b94	Enable SNI test for both tls12 and tls13 Change-Id: Iae5c39668db7caa1a59d7e67f226a5286d91db22 CustomizedGitHooks: yes Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-07 09:43:13 +00:00
Ronald Cron	209cae9c42	tls13: server: Fix state update in CLIENT_CERTIFICATE The state should be updated only if the handler returns in success. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-07 10:58:22 +02:00
pespacek	670913f4dc	Fixing return value for ssl_tls13_write_certificate_body() Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-06-07 10:53:39 +02:00
Andrzej Kurek	cfb01948c8	Add cookie parsing tests to test_suite_ssl Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-06-06 15:29:15 -04:00
Andrzej Kurek	c8183cc492	Add missing sid_len in calculations of cookie sizes This could lead to a potential buffer overread with small MBEDTLS_SSL_IN_CONTENT_LEN. Change the bound calculations so that it is apparent what lengths and sizes are used. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-06-06 15:28:56 -04:00
Gilles Peskine	364fd8bb71	More SSL debug messages for ClientHello parsing In particular, be verbose when checking the ClientHello cookie in a possible DTLS reconnection. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-06 14:25:41 -04:00
Dave Rodgman	5e03d9e601	Merge pull request #5837 from robert-shade/robert-shade/add_subdirectory_support Allow building as a subdir	2022-06-06 14:11:06 +01:00
Przemek Stekiel	b57a44bf9b	is_kdf_alg_supported: Adapt impl to new build flags for HKDF EXTRACT/EXPAND Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-06 11:26:43 +02:00
Przemek Stekiel	cde3f783f5	Make info valid only after secret for HKDF-EXPAND + adapt tests Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-06 11:26:02 +02:00
Przemek Stekiel	0586f4c4ea	Make salt mandatory for HKDF-EXTRACT + adapt tests Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-06 11:25:43 +02:00
Przemek Stekiel	3e8249cde0	Add PSA_WANT_ALG_HKDF_EXPAND, PSA_WANT_ALG_HKDF_EXTRACT, adapt code and dependencies Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-03 16:18:15 +02:00
Przemek Stekiel	a29b488296	Optimize code by adding PSA_ALG_IS_ANY_HKDF macro Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-03 16:18:09 +02:00
XiaokangQian	129aeb9b0e	Update test cases and support sni ca override Change-Id: I6052acde0b0ec1c25537f8dd81a35562da05a393 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-06-02 09:29:18 +00:00
Przemek Stekiel	459ee35062	Fix typo and style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-06-02 11:16:52 +02:00
Werner Lewis	acd01e58a3	Use ASN1 UTC tags for dates before 2000 Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-01 16:24:28 +01:00
Gilles Peskine	8399cccd2e	Merge pull request #5829 from paul-elliott-arm/fix_ct_uninit_memory_access Fix uninitialised memory access in constant time functions	2022-06-01 11:42:51 +02:00
Gilles Peskine	09858ae664	Merge pull request #5813 from mprse/deprecate_mbedtls_cipher_setup_psa Deprecate mbedtls_cipher_setup_psa()	2022-05-31 10:56:52 +02:00
Jerry Yu	0a92d6c8eb	fix move state to handshake over fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-31 15:06:04 +08:00
Kazuyuki Kimura	b88dbdded6	fix issue #2020 Fixed a bug that the little-endian Microblaze does not work when MBEDTLS_HAVE_ASM is defined. Signed-off-by: Kazuyuki Kimura <kim@wing.ocn.ne.jp> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-30 17:55:07 +01:00
Dave Rodgman	a3344f7bac	Merge pull request #5767 from leorosen/avoid-null-args Avoid potentially passing NULL arguments	2022-05-30 11:40:21 +01:00
XiaokangQian	0557c94fef	Add back SNI related code to validate_certificate Change-Id: I75883858016d4163cd7c64c3418eb3ca24fa46ea Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-30 08:10:53 +00:00
XiaokangQian	f2a942073e	Fix SNI test failure Change-Id: Id3fce36af9bc52cac858b473168451945aa974f4 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-30 08:07:16 +00:00
XiaokangQian	9b2b7716b0	Change mbedtls_ssl_parse_server_name_ext base on comments Change-Id: I4ae831925cb1899afafb7dc626bfad9be24a5c8c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-30 08:07:16 +00:00
XiaokangQian	40a3523eb7	Add support of server name extension to server side Change-Id: Iccf5017e306ba6ead2e1026a29f397ead084cc4d Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-30 08:07:16 +00:00
XiaokangQian	e7a5da597f	Remove SNI related code Change-Id: Ic44bdb27b1bdc5c9057078dfed936fc36bddebbe Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-30 00:59:29 +00:00
XiaokangQian	aca9048b5f	Change base on review Fix comments Add test cases for client authentication with empty certificate Change-Id: Id8a741ddd997ca92e36832f26088eb0e67830ad8 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-26 00:47:11 +00:00
XiaokangQian	989f06d52d	Change some comments base on review Change-Id: I3db2b8ca8162eb368d2f17dfeffee8b25f9edf6f Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-26 00:47:11 +00:00
XiaokangQian	63e713e8ab	Fix comments Change-Id: Ib741f876f4d296df79565a2b8a2971918db1a77f Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-26 00:47:11 +00:00
XiaokangQian	c3017f620f	Remove useless guards and refine checking Change-Id: I9cd3073826fc65c203e479d83bed72331ff8963d Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-26 00:47:10 +00:00
XiaokangQian	189ded2b07	Remove coordinate functions and change state machine in server side Change-Id: Id4abf78f493e77afc289409db691c9c61acde1d2 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-26 00:46:13 +00:00
XiaokangQian	6b916b1616	Add client certificate parse and certificate verify Change-Id: I638db78922a03db6f8bd70c6c5f56fb60365547d Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-26 00:40:53 +00:00
Dave Rodgman	a636d1f192	Merge pull request #5714 from daverodgman/k-stachowiak_static-runtime-option-msvc Enable static linking of the common runtime in MSVC	2022-05-25 14:47:58 +01:00
Dave Rodgman	32c995afa3	Merge pull request #5724 from Biswa96/cmake-mingw cmake: Fix runtime library install location in mingw	2022-05-25 13:34:43 +01:00
Paul Elliott	8fba70f66c	Merge pull request #5749 from yuhaoth/pr/add-tls13-finished-message-and-wrapup TLS 1.3: Add Finished Message and wrapup	2022-05-25 12:02:06 +01:00
pespacek	3493587e05	FEATURE: mbedtls_md() in ssl_tls13_write_certificate_verify_body() replaced withpsa_hash_compute() Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-05-23 13:10:48 +02:00
pespacek	a1378105cf	FEATURE: use psa_hash_xxx rather than mbedtls_md_xxx for TLS 1.3. ssl_tls13_parse_certificate_verify() Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-05-23 13:10:47 +02:00
Manuel Pégourié-Gonnard	69e348db85	Merge pull request #5833 from superna9999/5826-create-mbedtls-pk-can-do-psa Permissions 1: create `mbedtls_pk_can_do_ext()`	2022-05-23 10:58:32 +02:00
Robert Shade	591e729b54	Allow building as a subdir Fixes #5688 Signed-off-by: Robert Shade <robert.shade@gmail.com>	2022-05-21 12:55:12 -04:00
Neil Armstrong	81d391f773	Check when usage == 0 in mbedtls_pk_can_do_ext() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-20 09:26:16 +02:00
Neil Armstrong	b80785f1a4	Comment typo fix in mbedtls_pk_can_do_ext() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-20 09:25:55 +02:00
Gilles Peskine	e4d3a6a4e8	Merge pull request #5804 from superna9999/5797-remove-cipher-deps-tls Remove Cipher dependencies in TLS	2022-05-19 21:02:12 +02:00
Paul Elliott	5260ce27ed	Fix uninitialised memory access in constant time functions Fix an issue reported by Coverity whereby some constant time functions called from the ssl decrypt code could potentially access uninitialised memory. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-05-19 18:23:24 +01:00
Dave Rodgman	afe149d76e	Merge pull request #5846 from bootstrap-prime/development Fix typos in documentation and constants with typo finding tool	2022-05-19 16:53:32 +01:00
Paul Elliott	4283a6b121	Merge pull request #5736 from gilles-peskine-arm/psa-raw_key_agreement-buffer_too_small Make psa_raw_key_agreement return BUFFER_TOO_SMALL	2022-05-19 16:06:02 +01:00
Neil Armstrong	084338d336	Change mbedtls_pk_can_do_ext() usage test logic for opaque keys Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-19 16:22:40 +02:00
Przemek Stekiel	03d948c47f	Refacor code for HKDF-Extract algorithm Solution provided by @mpg. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-19 11:45:20 +02:00
Przemek Stekiel	2fb0dcd403	psa_hkdf_input: use more suitable condition and add comments Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-19 10:34:37 +02:00
Jerry Yu	e3d67cb263	Improve readability Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-19 15:33:10 +08:00
Jerry Yu	fd5ea0458f	add compute application transform Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-19 14:29:48 +08:00
Jerry Yu	545432310d	remove zeorize from keys Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-19 11:23:25 +08:00
Jerry Yu	cc0a13fcf8	remove unnecessary empty line Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-19 10:14:24 +08:00
bootstrap-prime	6dbbf44d78	Fix typos in documentation and constants with typo finding tool Signed-off-by: bootstrap-prime <bootstrap.prime@gmail.com>	2022-05-18 14:15:33 -04:00
Przemek Stekiel	b398d8693f	Update descryption of HKDF-Extract/Expand algs and fix comment Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-18 15:43:54 +02:00
Neil Armstrong	8395d7a37d	Change guard of mbedtls_ssl_cipher_to_psa() with USE_PSA_CRYPTO \|\| SSL_PROTO_TLS1_3 Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-18 13:24:34 +02:00
Neil Armstrong	0fa8ce3498	TLS 1.3 only have AEAD ciphers, drop the PSA_ALG_IS_AEAD() check in mbedtls_ssl_tls13_get_cipher_key_info() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-18 13:19:29 +02:00
Neil Armstrong	b818e16b29	Move out common PSA code from mbedtls_ssl_tls13_generate_handshake_keys/mbedtls_ssl_tls13_generate_application_keys Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-18 13:19:29 +02:00
Neil Armstrong	e3b0b8ab67	Remove non-PSA code in mbedtls_ssl_tls13_generate_handshake_keys/mbedtls_ssl_tls13_generate_application_keys Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-18 13:19:29 +02:00
Neil Armstrong	93617245c3	Code style fixes Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-18 13:19:29 +02:00
Neil Armstrong	689557ca12	Make CIPHER_C guard code as alternate of USE_PSA_CRYPTO in mbedtls_ssl_ciphersuite_get_cipher_key_bitlen() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-18 13:19:29 +02:00
Neil Armstrong	4f4f271850	In mbedtls_ssl_tls13_generate_handshake_keys() and mbedtls_ssl_tls13_generate_application_keys(), avoid calling mbedtls_cipher_info_from_type() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-18 13:19:29 +02:00
Neil Armstrong	a8093f5c48	In mbedtls_ssl_tls13_populate_transform() make sure mbedtls_cipher_info_from_type() is only called when USE_PSA is disabled Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-18 13:19:29 +02:00
Neil Armstrong	801abb69a5	Provide a PSA definition of mbedtls_ssl_ciphersuite_get_cipher_key_bitlen() when MBEDTLS_USE_PSA_CRYPTO is defined Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-18 13:19:29 +02:00
Jerry Yu	bb2d47d956	Remove not used state Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-18 16:57:45 +08:00
Jerry Yu	e8c1fca67c	move trafic set to generic Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-18 16:57:45 +08:00
Jerry Yu	d6e253ded9	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-18 16:57:45 +08:00
Jerry Yu	4d8567fa9e	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-18 09:58:48 +08:00
Jerry Yu	03ed50ba6a	Add handshake wrapup Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-18 09:58:48 +08:00
Jerry Yu	ff2269889d	Add client finished Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-18 09:58:48 +08:00
Jerry Yu	27bdc7c6b6	Implement write server finish Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-18 09:58:48 +08:00
Jerry Yu	69dd8d4091	tls13:finished:add dummy frame work Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-18 09:58:48 +08:00
Ronald Cron	9edf51d8cd	Merge pull request #5785 from gabor-mezei-arm/5460_unify_parsing_sig_alg_ext Unify parsing of the signature algorithms extension in TLS 1.2 and TLS 1.3 CI ABI API check job failure is expected as the PR do some changes in ssl_misc.h. @RcColes if you eventually want to request some changes, they can be done in a follow-up PR.	2022-05-17 17:01:55 +02:00
Paul Elliott	a478441517	Merge pull request #5748 from yuhaoth/pr/add-tls13-write-certificate-and-verify TLS1.3:Add Certificate and CertificateVerify message on Server Side	2022-05-17 15:47:36 +01:00
Paul Elliott	114203814a	Better check for NULL pointer Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-05-17 15:01:20 +01:00
Neil Armstrong	bbb8b75f20	Fixup comment of mbedtls_pk_can_do_ext() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-17 14:58:27 +02:00
Neil Armstrong	408f6a60a3	Add usage parameter to mbedtls_pk_can_do_ext() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-17 14:23:20 +02:00
Neil Armstrong	dab56ba2bd	Fix typo in mbedtls_pk_can_do_ext() code documentation Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-17 11:56:55 +02:00
Aurelien Jarno	c79ce88152	Fix a timing leak in ecp_mul_mxz() The bit length of m is leaked through through timing in ecp_mul_mxz(). Initially found by Manuel Pégourié-Gonnard on ecp_mul_edxyz(), which has been inspired from ecp_mul_mxz(), during initial review of the EdDSA PR. See: https://github.com/Mbed-TLS/mbedtls/pull/3245#discussion_r490827996 Fix that by using grp->nbits + 1 instead, which anyway is very close to the length of m, which means there is no significant performance impact. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>	2022-05-16 23:15:07 +02:00
Gilles Peskine	3e56130fb9	psa_raw_key_agreement: return BUFFER_TOO_SMALL when warranted psa_raw_key_agreement() returned PSA_ERROR_INVALID_ARGUMENT instead of PSA_ERROR_BUFFER_TOO_SMALL when the output buffer was too small for ECDH, the only algorithm that is currently implemented. Make it return the correct error code. The reason for the wrong error code is that ecdh.c returns MBEDTLS_ERR_ECP_BAD_INPUT_DATA, presumably for similarith with dhm.c. It might make sense to change ecdh.c to use MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL, but dhm.c doesn't have an existing BUFFER_TOO_SMALL error. To minimize the impact of the fix, handle this in the PSA layer. Fixes #5735. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-05-16 19:37:54 +02:00
Dave Rodgman	2a045325f9	Merge pull request #5766 from leorosen/fix-var-init Add missing local variable initialization	2022-05-16 14:47:00 +01:00
Gilles Peskine	9b7e29663f	Merge pull request #4211 from ccawley2011/mingw Fix compilation with MinGW32	2022-05-16 12:30:37 +02:00
Leonid Rozenboim	a3008e7e2e	Add missing local variable initialization These issues were flagged by Coverity as instances where a local variable may be used prior to being initialized. Please note that none of these changes fixes any particular bug, this is just an attempt to add more robustness. Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>	2022-05-13 18:08:11 +01:00
Paul Elliott	dd428d3650	Fix incorrect error message Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-05-13 17:43:16 +01:00
Gabor Mezei	696956da24	Typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-13 17:02:19 +02:00
Gabor Mezei	0a4298bbe9	Remove unnecessary duble conversion Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-13 17:02:18 +02:00
Jerry Yu	b89125b81a	Add test without server certificate Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-13 15:50:04 +08:00
Jerry Yu	23d1a256ec	fix hrr handler undefine fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-12 20:11:16 +08:00
Neil Armstrong	a88b15897d	Add implementation of mbedtls_pk_can_do_ext() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-12 11:53:02 +02:00
Dave Rodgman	8b65420f42	Add comment Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-12 09:45:03 +01:00
Jerry Yu	5a26f3000d	Refactor cert exchange states Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-12 14:44:59 +08:00
Jerry Yu	f1c3c4e77c	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-12 14:44:59 +08:00
Jerry Yu	c6e6dbf2e7	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-12 14:44:59 +08:00
Jerry Yu	4ff9e14356	Add server certificate verfiy Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-12 14:44:14 +08:00
Jerry Yu	1bff711a36	tls13:server:add server certificate writing Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-12 14:44:14 +08:00
Jerry Yu	83da34eb59	tls13:server:add dummy write certificate Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-12 14:44:14 +08:00
Andrzej Kurek	5c65c5781f	Fix additional misspellings found by codespell Remaining hits seem to be hex data, certificates, and other miscellaneous exceptions. List generated by running codespell -w -L keypair,Keypair,KeyPair,keyPair,ciph,nd Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-05-11 21:25:54 +01:00
Shaun Case	8b0ecbccf4	Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell. Signed-off-by: Shaun Case <warmsocks@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-11 21:25:51 +01:00
Gabor Mezei	86acf05b1e	Update signiture algorithm handling Rename local variables and to simplify things use static_assert to determine if the default signiture algorithms are not fit into the SSL handshake structure. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:19 +02:00
Gabor Mezei	53a3b14823	Update documntation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:19 +02:00
Gabor Mezei	c1051b62aa	Remove `MBEDTLS_SSL_SIG_ALG_SET` macro Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:19 +02:00
Gabor Mezei	3631cf693a	Rename signiture algorithm macros to better suite with TLS 1.2 Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:19 +02:00
Gabor Mezei	24c7c2be08	Unify `MBEDTLS_TLS_SIG_NONE` macro definition for TLS 1.2 and 1.3 Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	a3d016ce41	Rename and rewrite `mbedtls_ssl_sig_hash_set_find` function Rename `mbedtls_ssl_sig_hash_set_find` function to a suitable name and rewrite to operate TLS signature algorithm identifiers. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	1226590c88	Explicitly set invalid value for the end of the signiture algorithm set Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	15b95a6c52	Use common macro for the invalid signiture algorithm botn in TLS 1.2 and 1.3 Introduce a new macro MBEDTLS_TLS_SIG_NONE for invalid signiture algorithm. It is intended to use in common code of TLS 1.2 and 1.3. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	1a3be088bf	Reorder defines to use previous definitions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	078e803d2c	Unify parsing of the signature algorithms extension Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:08 +02:00
Przemek Stekiel	17520fe2c5	PSA: Add support for HKDF-Extend and HKDF-Expand algs Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-11 12:17:03 +02:00
Manuel Pégourié-Gonnard	5479f5321a	Merge pull request #5772 from superna9999/5762-rsa-decrypt-pk RSA decrypt 1a: PK	2022-05-11 11:01:01 +02:00
Paul Elliott	d1a954d243	Merge pull request #5707 from yuhaoth/pr/add-tls13-write-hello-retry-request TLS1.3: Add HelloRetryRequest Write	2022-05-10 17:25:33 +01:00
Dave Rodgman	4bfb007dcb	Handle platform differences in gmtime_s MSVC and C11 specify different arguments and return value meaning for gmtime_s. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-10 13:46:09 +01:00
Dave Rodgman	ad8dc480d4	Remove redundant comment Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-10 13:46:09 +01:00
Cameron Cawley	ea5496ceb3	Fix compilation with MinGW32 Signed-off-by: Cameron Cawley <ccawley2011@gmail.com>	2022-05-10 13:46:09 +01:00
Manuel Pégourié-Gonnard	42650260a9	Merge pull request #5783 from mprse/md_dep_v3 Fix undeclared dependencies: MD	2022-05-10 10:41:32 +02:00
Jerry Yu	f41553b662	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 22:20:30 +08:00
Manuel Pégourié-Gonnard	9bbb7bacae	Merge pull request #5791 from superna9999/5788-unify-non-opaque-and-opaque-psks Unify non-opaque and opaque PSKs	2022-05-09 10:15:16 +02:00
Jerry Yu	ead5cce22c	improve readability Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:58:50 +08:00
Jerry Yu	4ca9140d43	fix coding style issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:55:39 +08:00
Jerry Yu	66d9e6f405	refactor next state of client hello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:11 +08:00
Jerry Yu	4833056833	fix ci test fails Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:11 +08:00
Jerry Yu	7f157eb31f	Change alert message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:11 +08:00
Jerry Yu	b8ac19a296	send alert when second hrr needed Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:09 +08:00
Jerry Yu	6a2cd9ebf5	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:08 +08:00
Jerry Yu	b0ac10b4a8	Refactor hrr key_share Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:06 +08:00
Jerry Yu	49ca92892d	refactor HRR routine Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:05 +08:00
Jerry Yu	086edc2807	refactor parse key_share ext Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:04 +08:00
Jerry Yu	fbe3e64b76	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:03 +08:00
Jerry Yu	c1be19f226	misc:minor improvement Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:01 +08:00
Jerry Yu	23f7a6fc5c	share write_body between HRR and ServerHello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:01 +08:00
Jerry Yu	582dd069b7	Add HRR handler Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:01 +08:00
Jerry Yu	fe24d1c9f5	add named group debug helper Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:49:00 +08:00
Jerry Yu	93a13f2c38	Share magic word of HRR Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:48:59 +08:00
Jerry Yu	67a2c37039	tls13:hrr:add empty frame work Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-09 15:48:59 +08:00
XiaokangQian	aad9b0a286	Update code base on comments Change-Id: Ibc5043154515d2801565a2b99741dfda1344211c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-09 01:11:21 +00:00
XiaokangQian	a987e1d2f8	Change state machine after encrypted extension and update cases Change-Id: Ie84a2d52a08538afb8f6096af0c054bd55ed66cb Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	ec6efb98bc	Change variable name to output_len Change-Id: I0f8a40da9782b2ec7af7e6f1faf1ac5c7e589418 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	cec9ae6259	Change the code places of CERTIFICATE_REQUEST Change-Id: I3aa293184fea4f960782675bdd520256c808bd4e Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	45c22201b3	Update test cases and encrypted extension state set Change-Id: Ie1acd10b61cefa9414169b276a0c5c5ff2f9eb79 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	2f150e184f	Update status and add test cases for client certificate request Change-Id: If9b9672540d2b427496b7297aa484b8bcfeb75c5 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	1f1f1e3372	Temp change to align with client/server hello style Change-Id: I8befbbcb5d6f7fdb230022825dcb856e19d9bec0 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	9dc4450647	Fix commets issue about coding styles Change-Id: I930a062e137562e0b129b9b9b191e5c864f8104d Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
XiaokangQian	eaf3651e31	Rebase and solve conflicts Change handshake_msg related functions Share the ssl_write_sig_alg_ext Change-Id: I3d342baac302aa1d87c6f3ef75d85c7dc030070c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
Xiaofei Bai	5ee73d84a9	Address review comments Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-05-07 01:37:04 +00:00
Xiaofei Bai	9ca09d497f	Add writing CertificateRequest msg on server side Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-05-07 01:37:04 +00:00
Pol Henarejos	b101cb6111	Since the group is unloaded for all curves, it is better to initialize the group also for all curves. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-06 18:43:58 +02:00
Ronald Cron	25b1f5d2b7	Merge pull request #5545 from xffbai/tls13-write-enc-ext TLS1.3: add writing encrypted extensions on server side.	2022-05-06 13:54:45 +02:00
Przemek Stekiel	c1e41bb2b5	rsa.c: remove redundant include of md.h rsa.c includes rsa.h that includes md.h Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-06 11:42:18 +02:00
Przemek Stekiel	ef1fb4a3d3	Deprecate mbedtls_cipher_setup_psa() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-06 10:55:10 +02:00
Jerry Yu	ef2b98a246	fix coding style issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-06 16:40:05 +08:00
Jerry Yu	f86eb75c58	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-06 11:16:55 +08:00
Pol Henarejos	aa68d36234	Fix order value for curve x448. Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2022-05-05 19:22:29 +02:00
Neil Armstrong	8ecd66884f	Keep raw PSK when set via mbedtls_ssl_conf_psk() and feed as input_bytes Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-05 14:01:49 +02:00
Jerry Yu	e110d258d9	Add set outbound transform Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-05 19:59:59 +08:00
Werner Lewis	e59a531455	Fix memcpy() UB in mbedtls_asn1_named_data() Removes a case in mbedtls_asn1_named_data() where memcpy() could be called with a null pointer and zero length. A test case is added for this code path, to catch the undefined behavior when running tests with UBSan. Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-05-04 11:45:06 +01:00
Neil Armstrong	80f6f32495	Make mbedtls_ssl_psk_derive_premaster() only for when MBEDTLS_USE_PSA_CRYPTO is not selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	044a32c4c6	Remove mbedtls_ssl_get_psk() and it's usage when MBEDTLS_USE_PSA_CRYPTO is selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	cd05f0b9e5	Drop skip PMS generation for opaque XXX-PSK now Opaque PSA key is always present when MBEDTLS_USE_PSA_CRYPTO selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	e952a30d47	Remove RAW PSK when MBEDTLS_USE_PSA_CRYPTO is selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	61f237afb7	Remove PSA-only code dealing with non-opaque PSA key Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	501c93220d	Import PSK as opaque PSA key for mbedtls_ssl_conf_psk() & mbedtls_ssl_set_hs_psk() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	b743d95051	Do not erase input key in psa_tls12_prf_psk_to_ms_set_key() When ALG_TLS12_PSK_TO_MS() is used, first derivation is correct but the following derivations output data is incorrect. This is because input key is erased in psa_tls12_prf_psk_to_ms_set_key() since commit `03faf5d2c1`. Fixes: `03faf5d2c1` ("psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage") Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:06:22 +02:00
Neil Armstrong	30beca35f1	Guard pk_opaque_rsa_decrypt() with PSA_WANT_KEY_TYPE_RSA_KEY_PAIR Then mbedtls_pk_error_from_psa_rsa() also needs to be guarded with PSA_WANT_KEY_TYPE_RSA_KEY_PAIR to be used by pk_opaque_rsa_decrypt() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:02:37 +02:00
Jerry Yu	9da5e5a2f2	fix coding style issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-03 15:46:09 +08:00
Jerry Yu	de66d12afc	remove out couter reset Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-03 12:15:19 +08:00
Jerry Yu	39730a70cd	remove variable initial Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-03 12:14:04 +08:00
Jerry Yu	8937eb491a	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-05-03 12:12:14 +08:00
Neil Armstrong	6c26adc900	Do not make pk_opaque_rsa_decrypt() depend on MBEDTLS_RSA_C Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-02 14:43:04 +02:00
Neil Armstrong	1082818003	Implement PK Opaque RSA decrypt Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-02 09:14:58 +02:00
Manuel Pégourié-Gonnard	068a13d909	Merge pull request #5771 from superna9999/5761-rsa-decrypt-rework-pk-wrap-as-opaque RSA decrypt 0: Rework `mbedtls_pk_wrap_as_opaque()`	2022-05-02 09:06:49 +02:00
Manuel Pégourié-Gonnard	67397fa4fd	Merge pull request #5704 from mprse/mixed_psk_2cx Mixed PSK 2a, 2b, 2c: enable client/server support opaque RSA-PSK, ECDHE-PSK, DHE-PSK	2022-04-29 10:47:16 +02:00
Przemek Stekiel	169bf0b8b0	Fix comments (#endif flags) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-29 07:53:29 +02:00
Neil Armstrong	a1fc18fa55	Change mbedtls_pk_wrap_as_opaque() signature to specify alg, usage and key_enrollment_algorithm Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-28 13:27:59 +02:00
Gilles Peskine	8855e36030	Merge pull request #5674 from superna9999/5668-abstract-tls-mode-cleanup Cipher cleanup: abstract TLS mode	2022-04-28 12:33:38 +02:00
Przemek Stekiel	8a4b7fd7c3	Optimize code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-28 10:21:03 +02:00
Jerry Yu	ab452cc257	fix name issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-28 15:27:08 +08:00
Przemek Stekiel	8abcee9290	Fix typos Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-28 09:16:28 +02:00
Neil Armstrong	2230e6c06d	Simplify PSA transform->ivlen set in ssl_tls12_populate_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-27 10:36:14 +02:00
Neil Armstrong	3bf040ed70	Reorganize PSA/!PSA code in mbedtls_ssl_ticket_setup() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-27 10:35:28 +02:00
Gilles Peskine	301711e96e	Simplify mbedtls_ssl_get_base_mode Reduce the amount of ifdef's by making the USE_PSA_CRYPTO and non-USE_PSA_CRYPTO definitions independent. No behavior change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-27 10:28:55 +02:00
Gilles Peskine	e108d987ea	Simplify mbedtls_ssl_get_mode Reduce the imbrications between preprocessor directives and C instructions. Handle encrypt-then-mac separately. No behavior change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-27 10:28:55 +02:00
Jerry Yu	4d3841a4d1	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-25 19:41:47 +08:00
Xiaofei Bai	cba64af50d	TLS1.3: add writing encrypted extensions Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-04-25 19:41:47 +08:00
Ronald Cron	eecd0d2fc3	Merge pull request #5679 from yuhaoth/pr/add-tls13-write-server-hello	2022-04-25 09:28:40 +02:00
Jerry Yu	e65d801580	fix undeclare error Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-23 10:34:35 +08:00
Biswapriyo Nath	d7e0ee42b8	cmake: Fix runtime library install location in mingw This install DLLs in bin directory instead of lib. Signed-off-by: Biswapriyo Nath <nathbappai@gmail.com>	2022-04-22 20:59:50 +05:30
Biswapriyo Nath	0f2e87bdf5	cmake: Use GnuInstallDirs to customize install directories Replace custom LIB_INSTALL_DIR with standard CMAKE_INSTALL_LIBDIR variable. For backward compatibility, set CMAKE_INSTALL_LIBDIR if LIB_INSTALL_DIR is set. Signed-off-by: Biswapriyo Nath <nathbappai@gmail.com>	2022-04-22 20:59:28 +05:30
Gilles Peskine	2f8c2a5fc5	Merge pull request #5753 from tom-cosgrove-arm/fix-missing-prototypes-warnings-a64-sha256-sha512 Hide unnecessarily public functions in SHA-256 and SHA-512 A64 acceleration	2022-04-22 16:45:23 +02:00
Gilles Peskine	72b99edf31	Merge pull request #5381 from mpg/benchmark-ecc-heap Improve benchmarking of ECC heap usage	2022-04-22 16:43:11 +02:00
Jerry Yu	955ddd75a3	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 22:27:33 +08:00
Przemek Stekiel	99114f3084	Fix build flags for opaque/raw psk checks Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:34 +02:00
Przemek Stekiel	cb322eac6b	Enable support for psa opaque DHE-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:33 +02:00
Przemek Stekiel	b293aaa61b	Enable support for psa opaque DHE-PSK key exchange on the client side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:33 +02:00
Przemek Stekiel	14d11b0877	Enable support for psa opaque ECDHE-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:53:55 +02:00
Przemek Stekiel	19b80f8151	Enable support for psa opaque ECDHE-PSK key exchange on the client side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	51a1f36be0	setup_psa_key_derivation(): change salt parameter to other_secret Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	aeb710fec5	Enable support for psa opaque RSA-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	f2534ba69b	tls12_client: skip PMS generation for opaque RSA-PSK Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Przemek Stekiel	c2033409e3	Add support for psa rsa-psk key exchange Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Przemek Stekiel	ae4ed30435	Fix naming: random bytes are the seed (not salt) in derivation process Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Przemek Stekiel	1f02703e53	setup_psa_key_derivation(): add optional salt parameter Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Manuel Pégourié-Gonnard	55132c6a9a	Merge pull request #5703 from superna9999/5322-ecdh-remove-legacy-context TLS ECDH 4: remove legacy context	2022-04-22 14:27:06 +02:00
Neil Armstrong	76b7407bd7	Use MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM to enable ssl_write_encrypt_then_mac_ext() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	f2c82f0a3b	Introduce MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM macro to determine if Encrypt-then-MAC with CBC is used in a ciphersuite Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	ccc074e44d	Use correct condition to use encrypt_then_mac in ssl_tls.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	d1be7674a4	Use PSA_BLOCK_CIPHER_BLOCK_LENGTH instead of PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE in ssl_tls12_populate_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	6b27c97a91	Rename mbedtls_get_mode() to mbedtls_ssl_get_mode() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	ab555e0a6c	Rename mbedtls_get_mode_from_XXX to mbedtls_ssl_get_mode_from_XXX Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	858581e81a	Remove cipher_info in mbedtls_ssl_ticket_setup() when USE_PSA_CRYPTO is defined Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	a0eeb7f470	Remove cipher_info in ssl_tls12_populate_transform() when USE_PSA_CRYPTO is defined Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	7fea33ea4d	Use mbedtls_get_mode_from_ciphersuite() in ssl_tls12_populate_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	fe635e42c9	Use mbedtls_get_mode_from_ciphersuite() in server-side ssl_write_encrypt_then_mac_ext() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	4bf4c8675f	Introduce mbedtls_get_mode_from_ciphersuite() by reusing mbedtls_get_mode_from_transform() logic Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	136f8409df	Replace PSA/Cipher logic with mbedtls_get_mode_from_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:26 +02:00
Neil Armstrong	8a0f3e8cf0	Introduce mbedtls_ssl_mode_t & mbedtls_get_mode_from_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:26 +02:00
Jerry Yu	a09f5e98ef	fix build fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:46:03 +08:00
Jerry Yu	cfc04b3541	Update comments in write server hello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:02 +08:00
Jerry Yu	e74e04af1a	Rename write supported_versions ext Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:02 +08:00
Jerry Yu	d9436a1baa	remove guards for write_key_share Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:02 +08:00
Jerry Yu	57d4841eda	fix write key_share issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:02 +08:00
Jerry Yu	637a3f1090	fix various issues typo issue, variable `ret` init value and remove finalize_server_hello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	1c3e688df1	fix comments issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	349a61388b	fix write selected_version fail And rename write_supported_versions to write selected_version Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	fb9f54db8c	fix comments issue Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	89e103c54c	tls13: Share write ecdh_key_exchange function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	3bf2c6449d	tls13: write server hello compile pass Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	56404d70c4	tls13:server:Add finalize write_server_hello and dummy body Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	f4b27e4351	tls13:server:Add prepare write_server_hello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Jerry Yu	5b64ae9bad	tls13:server:Add base framework for serverhello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-04-22 16:45:01 +08:00
Ronald Cron	38b8aa4f63	Merge pull request #5539 from xkqian/add_client_hello_to_server Add client hello into server side	2022-04-22 10:26:00 +02:00
XiaokangQian	e8ff350698	Update code to align with tls13 coding standard Change-Id: I3c98b7d0db63aecc712a67f4e8da2cb9945c8f17 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-22 02:34:40 +00:00
Leonid Rozenboim	287527042b	Avoid potentially passing NULL arguments Several call sites flagged by Coverity that may potentially cause a pointer argument to be NULL. In two cases the issue is using a function call as a parameter to a second function, where the first function may return NULL, while the second function does not check for the NULL argument value. Remaining case is when static configuration is mixed with run-time decision, that could result in a data buffer argument being NULL. Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>	2022-04-21 18:00:52 -07:00
Manuel Pégourié-Gonnard	70701e39b5	Merge pull request #5726 from mprse/mixed_psk_1_v2 Mixed PSK 1: Extend PSK-to-MS algorithm in PSA (v.2)	2022-04-21 17:11:52 +02:00
Manuel Pégourié-Gonnard	90c70146b5	Merge pull request #5728 from superna9999/5711-pk-opaque-rsa-pss-sign RSA-PSS sign 1: PK	2022-04-21 17:11:18 +02:00
XiaokangQian	4d3a60475c	Change default config version to development style Change-Id: I9c1088f235524211e727d03b96de8d82e60bd426 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-21 13:46:17 +00:00
XiaokangQian	4e8cd7b903	Remove useless selected_group Change-Id: I5fb76b5bf4b22d0231c17314783781f9e7c309a3 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-21 13:30:18 +00:00
Neil Armstrong	13e76be02b	Reorganize & simplify mbedtls_pk_sign_ext() handling of wrapped RSA-PSS Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-21 12:08:52 +02:00
Przemek Stekiel	4e47a91d2e	Fix indentation issues Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-21 11:53:57 +02:00
Przemek Stekiel	03faf5d2c1	psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-21 11:53:57 +02:00
Przemek Stekiel	937b90febf	Add null check for pms allocation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-21 11:53:57 +02:00
Przemek Stekiel	e47201b34a	rename: psa_tls12_prf_set_other_key->psa_tls12_prf_psk_to_ms_set_other_key and adapt code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-21 11:53:57 +02:00
Przemek Stekiel	2503f7e4cb	Handle empty other secret when passed with input bytes Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-21 11:53:57 +02:00
XiaokangQian	060d867598	Update parse_key_share in server side and version config Change-Id: Ic91c061027d0ee4dca2055df21809cbb4388f3ef Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-21 09:24:56 +00:00
XiaokangQian	0a1b54ed73	Minor change the place of some functions Change-Id: I2626e68cf837d8ca4086cb35a8482cee315cde97 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-21 03:01:38 +00:00
XiaokangQian	75d40ef8cb	Refine code base on review Remove useless hrr code Share validate_cipher_suit between client and server Fix test failure when tls13 only in server side Change-Id: I5d6a7932bd8448ebf542bc86cdcab8862bc28e9b Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 11:05:24 +00:00
XiaokangQian	318dc763a6	Fix test failure issue and update code styles Change-Id: I0b08da1b083abdb19dc383e6f4b210f66659c109 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 09:43:51 +00:00
XiaokangQian	de33391fa0	Rebase and solve conflicts Change-Id: I7f838ff5b607fe5e6b68d74d0edc1def8fc9a744 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 08:49:42 +00:00
XiaokangQian	0803755347	Update code base on review comments Refine named_group parsing Refine cipher_suites parsing Remove hrr related part Share code between client and server side Some code style changes Change-Id: Ia9ffd5ef9c0b64325f633241e0ea1669049fe33a Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:50:14 +00:00
XiaokangQian	17f974c63e	Re-order the ciphersuite matching code in parse_client_hello Change-Id: I16d11bca42993d4abc2a1b19fa087366c591927c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	84823779ce	Only store the first group in ssl_tls13_parse_supported_groups_ext() Change-Id: I4427149aeb6eb453150e522e4c7b11187e2e3825 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	3f84d5d0cd	Update test cases and fix the test failure Change-Id: If93506fc3764d49836b229d51e4ad5b008cc3343 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	b67384d05c	Fix coding style and comments styles Change-Id: Ifa37a3288fbb6b5206fc0640fa11fa36cb3189ff Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	f8ceb94fe7	Fix the parse_sig_alg_ext fail issue Change-Id: Ib31e0929c5b6868ab6c3023b20472321fc07ba3c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	8f9dfe41c0	Fix comments about coding styles and test cases Change-Id: I70ebc05e9dd9fa084d7b0ce724a25464c3425e22 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	cfd925f3e8	Fix comments and remove hrr related code Change-Id: Iab1fc5415b3b7f7b5bcb0a41a01f4234cc3497d6 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	ed582dd023	Update based on comments Remove cookie support from server side Change code to align with coding styles Re-order functions of client_hello Change-Id: If31509ece402f8276e6cac37f261e0b166d05e18 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	4080a7f687	Change code style and some share functions Change variables and functions name style Refine supported_version Refine client hello parse Change-Id: Iabc1db51e791588f999c60db464326e2bdf7b2c4 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	9b5d04b078	Share parse_key_share() between client and server Change-Id: I3fd2604296dc0e1e8380f5405429a6b0feb6e981 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	c4b8c99a38	Rebase and solve conflicts and issues Change-Id: I17246c5b2f8a8ec4989c8b0b83b55cad0491b78a Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	8840888fbc	Fix some CI issues Change-Id: I68ee024f29b7b8dd586f2c45e91950657e76bad8 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	c5763b5efd	Change some code style Change-Id: I67bb642e81693489345867ca87d7e9daa22f83ea Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	3207a32b1e	Fix unused parameter issue and not defined cookie issue Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	7ac3ab3404	Add hello retry request count for server Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	a9c58419f2	Fix compile and test issues Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	7807f9f5c9	Add client hello into server side Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
Ronald Cron	fd8cbda3ec	Remove ECDH code specific to TLS 1.3 ECDH operations in TLS 1.3 are now done through PSA. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-04-19 18:31:24 +02:00
Ronald Cron	fd6193c285	ssl_tls13_client: Add downgrade attack protection Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-04-19 18:31:24 +02:00
Ronald Cron	217d699d85	Fix Doxygen marks Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-04-19 18:28:51 +02:00
Paul Elliott	a2da9c7e45	Merge pull request #5631 from gstrauss/enum-tls-vers Unify internal/external TLS protocol version enums	2022-04-19 17:05:26 +01:00
Tom Cosgrove	c144ca6473	Hide unnecessarily public functions in SHA-256 and SHA-512 A64 acceleration Fixes #5752 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-04-19 13:52:24 +01:00
Hanno Becker	606cb1626f	Add comment explaining structure of UMAAL assembly Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-17 06:59:33 +01:00
Hanno Becker	d46d96cc3f	Add 2-fold unrolled assembly for umaal based multiplication Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-17 06:19:55 +01:00
Hanno Becker	63eb28c728	Use separate counters for 8-fold and single multiplication steps Compilers are likely to generate shorter assembly for loops of the form `while( cnt-- ) { ... }` rather than `for( ; count >= X; count -= X ) { ... }`. (E.g. the latter needs a subtract+compare+branch after each loop, while the former only needs decrement+branch). Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-17 06:16:03 +01:00
Hanno Becker	eacf3b9eb4	Simplify organization of inline assembly for bignum Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-17 06:16:03 +01:00
Gilles Peskine	09dc05b880	Merge pull request #5635 from gilles-peskine-arm/psa-test-op-fail PSA: systematically test operation failure	2022-04-15 10:52:47 +02:00
Manuel Pégourié-Gonnard	63ed7cbf36	Merge pull request #5701 from hanno-arm/mpi_mul_hlp Make size of output in mpi_mul_hlp() explicit	2022-04-15 10:09:06 +02:00
Glenn Strauss	8315811ea7	Remove restrictive proto ver negotiation checks Overly restrictive protocol version negotiation checks might be "version intolerant". TLS 1.3 and DTLS 1.3 move the version to the "supported_versions" ClientHello extension. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	bbdc83b55b	Use mbedtls_ssl_protocol_version in public structs Use mbedtls_ssl_protocol_version in public structs, even when doing so results in a binary-incompatible change to the public structure (PR feedback from @ronald-cron-arm) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	cd78df6aa4	handshake->min_minor_ver to ->min_tls_version Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	041a37635b	Remove some tls_ver < MBEDTLS_SSL_VERSION_TLS1_2 checks mbedtls no longer supports earlier TLS protocol versions Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	e3af4cb72a	mbedtls_ssl_(read\|write)_version using tls_version remove use of MBEDTLS_SSL_MINOR_VERSION_* remove use of MBEDTLS_SSL_MAJOR_VERSION_* (only remaining use is in tests/suites/test_suite_ssl.data) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	60bfe60d0f	mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version Store the TLS version in tls_version instead of major, minor version num Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller. Reduce size of mbedtls_ssl_ciphersuite_t members are defined using integral types instead of enums in order to pack structure and reduce memory usage by internal ciphersuite_definitions[] Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:12 -04:00
Glenn Strauss	2dfcea2b9d	mbedtls_ssl_config min_tls_version, max_tls_version Store the TLS version in tls_version instead of major, minor version num Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is not compatible on little-endian platforms, but is compatible on big-endian platforms. For systems supporting only TLSv1.2, the underlying values are the same (=> 3). New setter functions are more type-safe, taking argument as enum mbedtls_ssl_protocol_version: mbedtls_ssl_conf_max_tls_version() mbedtls_ssl_conf_min_tls_version() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:39:43 -04:00
Glenn Strauss	da7851c825	Rename mbedtls_ssl_session minor_ver to tls_version Store the TLS version instead of minor version number in tls_version. Note: struct member size changed from unsigned char to uint16_t Due to standard structure padding, the structure size does not change unless alignment is 1-byte (instead of 2-byte or more) Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is compatible on little-endian platforms, but not compatible on big-endian platforms. The enum values for the lower byte of MBEDTLS_SSL_VERSION_TLS1_2 and of MBEDTLS_SSL_VERSION_TLS1_3 matches MBEDTLS_SSL_MINOR_VERSION_3 and MBEDTLS_SSL_MINOR_VERSION_4, respectively. Note: care has been taken to preserve serialized session format, which uses only the lower byte of the TLS version. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:23:57 -04:00
Glenn Strauss	07c641605e	Rename mbedtls_ssl_transform minor_ver to tls_version Store the TLS version in tls_version instead of minor version number. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:23:54 -04:00
Glenn Strauss	dff84620a0	Unify internal/external TLS protocol version enums Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 13:45:20 -04:00
Hanno Becker	3577131bb4	Reintroduce trimming of input in mbedtls_mpi_mul_int() Removing the trimming has significant memory impact. While it is clearly what we want to do eventually for constant-time'ness, it should be fixed alongside a strategy to contain the ramifications on memory usage. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-14 11:52:11 +01:00
Neil Armstrong	769dc05597	Remove bad dependency on MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED for ecdh_ctx guard Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-14 09:56:24 +02:00
Neil Armstrong	282750215c	Remove PSA only code from non-PSA code block code in ssl_write_client_key_exchange() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 15:05:11 +02:00
Neil Armstrong	11d4945248	Simplify compile-time PSA/non-PSA ECDH(E) code in ssl_write_client_key_exchange() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 15:03:43 +02:00
Neil Armstrong	1f198d8dee	Simplify by moving ssl_check_server_ecdh_params in the ECDHE non-PSA compile-time block Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 15:02:30 +02:00
Neil Armstrong	913b364a52	Simplify compile-time PSA/non-PSA ECDH(E) code in ssl_parse_client_key_exchange() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 14:59:48 +02:00
Manuel Pégourié-Gonnard	6c242a01f7	Merge pull request #5634 from superna9999/5625-pk-opaque-rsa-basics PK Opaque RSA sign	2022-04-13 09:55:42 +02:00
Hanno Becker	0dbf04a9a6	Remove unnecessary memory operations in p25519 quasireduction Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-13 07:26:53 +01:00
Hanno Becker	1772e05fca	Reduce the scope of local variable in mbedtls_mpi_mul_mpi() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-13 07:26:53 +01:00
Hanno Becker	da763de7d0	Revert "Don't trim MPIs to minimal size in mbedtls_mpi_mul_mpi()" This reverts commit `808e666eee`. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-13 07:26:42 +01:00
Hanno Becker	127fcabb21	Fail gracefully upon unexpectedly large input to p25519 reduction Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 22:18:36 +01:00
Neil Armstrong	62d452baac	Implement PK Opaque RSA PSS signature Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 15:11:49 +02:00
Neil Armstrong	f3f46416e3	Remove ecdh_ctx variable, init & free when USE_PSA_CRYPTO isn't selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 14:43:39 +02:00
Neil Armstrong	3ea01498d8	Store TLS1.2 ECDH point format only when USE_PSA_CRYPTO isn't selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 14:41:50 +02:00
Neil Armstrong	a33a255dcf	Disable non-PSA ECDHE code in mbedtls_ssl_psk_derive_premaster() when USE_PSA_CRYPTO is selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 14:40:47 +02:00
Neil Armstrong	d8419ff390	Refactor to make PSA and non-PSA ECDH(E) client code exclusive Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 14:39:16 +02:00
Neil Armstrong	d91526c17f	Refactor to make PSA and non-PSA ECDH(E) server code exclusive Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 14:38:52 +02:00
Manuel Pégourié-Gonnard	927410ded3	Merge pull request #5611 from superna9999/5318-tls-ecdhe-psk TLS ECDH 3a: ECDHE-PSK (both sides, 1.2)	2022-04-12 13:28:02 +02:00
Hanno Becker	bb04cb992f	Fix check in p25519 quasi-reduction Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:18:11 +01:00
Hanno Becker	d830feb256	Simplify check in p25519 quasi-reduction Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:10:19 +01:00
Hanno Becker	2ef0cff6c3	Fix size check in p25519 modular reduction The check was meant to precisely catch an underflow. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:02:05 +01:00
Hanno Becker	0235f7512f	Reduce scope of local variables in mpi_montmul() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:02:03 +01:00
Hanno Becker	9137b9c587	Note alternative implementation strategy in mbedtls_mpi_mul_int() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:01:58 +01:00
Hanno Becker	808e666eee	Don't trim MPIs to minimal size in mbedtls_mpi_mul_mpi() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-12 11:01:57 +01:00
Przemek Stekiel	d7a28646bc	psa_tls12_prf_set_key(): add PSA_TLS12_PRF_STATE_OTHER_KEY_SET as a valid state Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-12 11:27:00 +02:00
Przemek Stekiel	a7695a2d76	psa_key_derivation_check_input_type(): handle PSA_KEY_DERIVATION_INPUT_OTHER_SECRET Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-12 11:27:00 +02:00
Przemek Stekiel	c8fa5a1bdd	psa_tls12_prf_psk_to_ms_set_key(): add support for other secret input Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-12 11:26:47 +02:00
Gilles Peskine	43b0943736	Merge pull request #1946 from hanno-arm/alert_reentrant Make mbedtls_ssl_send_alert_message() reentrant	2022-04-12 11:05:20 +02:00
Neil Armstrong	7624a5ae5e	Allow RSA PK Opaque keys for RSA-PSS signing Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-12 10:09:26 +02:00
Hanno Becker	53b3c607a0	Move `const` keyword prior to type name Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 13:46:30 +01:00
Hanno Becker	dfcb2d084b	Fix Doxygen for mbedtls_mpi_core_mla() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 13:44:15 +01:00
Hanno Becker	99ba4cc6d5	Remove Doxygen from mbedtls_mpi_core_mla() implementation Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 13:44:03 +01:00
Hanno Becker	efdc519864	Reintroduce though-to-be unused variable in correct place The variable is a local variable for the i386 bignum assembly only; introduce it as part of the start/finish macros. It can be noted that the variable is initialize to 0 within MULADDC_INIT, so there are no data dependencies across blocks of MULADDC_INIT/CORE/STOP. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 10:44:02 +01:00
Hanno Becker	5d4ceeb25c	Remove const qualifier for mutable local variable in mpi_mul_hlp() Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 09:46:47 +01:00
Hanno Becker	284d778d28	Address review comments Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 09:19:24 +01:00
Hanno Becker	e9dd9a1f31	Use size_t for number of limbs Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 09:06:27 +01:00
Manuel Pégourié-Gonnard	eaf3086831	Merge pull request #1133 from RonEld/1805 Fix Shared Library compilation issue with Cmake	2022-04-11 09:31:59 +02:00
Hanno Becker	6454993e2e	Safeguard against calling p255 reduction with single-width MPI (In this case, there's nothing to do anyway since we only do a quasi-reduction to N+1 limbs) Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 07:35:58 +01:00
Hanno Becker	25bb732ea7	Simplify x25519 reduction using internal bignum MLA helper Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 07:03:48 +01:00
Hanno Becker	aef9cc4f96	Rename mpi_mul_hlp -> mbedtls_mpi_core_mla and expose internally This paves the way for the helper to be used from the ECP module Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-04-11 07:03:43 +01:00
Gilles Peskine	e1730e492d	Merge pull request #5708 from AndrzejKurek/timeless-struggles Remove the dependency on MBEDTLS_TIME_H from the timing module	2022-04-08 18:43:16 +02:00
Krzysztof Stachowiak	de6effa645	Change the MSVC static runtime CMake option name and moved it into the library directory Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-04-08 15:17:32 +01:00
Neil Armstrong	95a892311d	Comment decrypt & encrypt callback entries of mbedtls_pk_ecdsa_opaque_info as not relevant Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-08 15:13:51 +02:00
Neil Armstrong	7df6677c34	Remove now invalid comment in pk_opaque_ecdsa_can_do() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-08 15:13:06 +02:00
Neil Armstrong	56e71d4d1a	Update documentation of mbedtls_pk_setup_opaque() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-08 15:12:42 +02:00
Neil Armstrong	eccf88fa48	Only accept RSA key pair in mbedtls_pk_setup_opaque() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-08 15:11:50 +02:00
Hanno Becker	5e18f74abb	Make alert sending function re-entrant Fixes #1916 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-04-08 12:16:43 +01:00
Andrzej Kurek	5735369f4a	Remove the dependency on MBEDTLS_HAVE_TIME from MBEDTLS_TIMING_C The timing module might include time.h on its own when on a suitable platform, even if MBEDTLS_HAVE_TIME is disabled. Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-04-08 04:41:42 -04:00
Glenn Strauss	236e17ec26	Introduce mbedtls_ssl_hs_cb_t typedef Inline func for mbedtls_ssl_conf_cert_cb() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-07 14:18:30 -04:00
Przemek Stekiel	e3ee221893	Free other secret in tls12_prf context Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-07 15:41:56 +02:00
Przemek Stekiel	23650286ac	Add psa_tls12_prf_set_other_key() function to store other secret input Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-07 15:41:46 +02:00
Neil Armstrong	c1152e4a0f	Handle and return translated PSA errors in mbedtls_pk_wrap_as_opaque() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-07 15:01:24 +02:00
Neil Armstrong	7e1b4a45fa	Use PSA_BITS_TO_BYTES instead of open-coded calculation in mbedtls_pk_wrap_as_opaque() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-07 15:01:24 +02:00
Neil Armstrong	295aeb17e6	Add support for RSA Opaque PK key in mbedtls_pk_write_pubkey_der() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-07 15:01:24 +02:00

... 10 11 12 13 14 ...

9698 commits