Commit graph

6482 commits

Author SHA1 Message Date
Gilles Peskine
2aff17b8c5
Merge pull request #4098 from gstrauss/remove-redundant-condition
remove ssl_parse_client_hello redundant conditions
2021-03-27 22:47:13 +01:00
Ronald Cron
51a3b7d79c psa: config: Add CAMELLIA to the list of possible CMAC ciphers
Camellia-CMAC is valid PSA configuration.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-25 14:25:46 +01:00
Ronald Cron
9e3926a295 psa: config: Remove check on ARIA in GCM prerequisites
ARIA is not supported yet through the PSA API.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-24 15:57:21 +01:00
Ronald Cron
4501c98fc2 psa: sign: Return INVALID_ARGUMENT instead of NOT_SUPPORTED
To run succesfully the test
"PSA sign: invalid algorithm for ECC key" of
test_suite_psa_crypto when ECDSA support is not included
in the library, always return INVALID_ARGUMENT
in case of an ECC key not used for ECDSA, whether
ECDSA support is present or not.

Then apply the same logic to RSA sign RSA and RSA/ECC
verify for the sake of consistency.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-24 12:05:51 +01:00
Ronald Cron
3d471814bc psa: Add missing PSA configs
Add missing PSA_WANT_CCM/GCM/CMAC. This completes
the set of PSA_WANT config options given the
current support of PSA crypto in Mbed TLS.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-03-23 16:47:46 +01:00
Gilles Peskine
71f45ba0e8 Fix unused parameter warning in some configurations
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-23 14:17:55 +01:00
Gilles Peskine
a1684f42d3 PSA: Reject curves that are not enabled in the PSA configuration
If an elliptic curve was enabled in the Mbed TLS classic API (#define
MBEDTLS_ECP_DP_xxx), but not enabled in the PSA configuration (#define
PSA_WANT_ECC_xxx), it would still work if you tried to use it through
PSA.

This is generally benign, but could be a security issue if you want to
disable a curve in PSA for some security reason (such as a known bug
in its implementation, which may not matter in the classic API if Mbed
TLS is running in a secure enclave and is only reachable from
untrusted callers through the PSA API). More urgently, this broke
test_suite_psa_crypto_not_supported.generated.

So if a curve is not enabled in the PSA configuration, ensure that
it's treated as unsupported through the PSA software implementation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-03-23 13:12:34 +01:00
Gilles Peskine
d08e538fa5
Merge pull request #4157 from stevew817/dispatch_hash_operations
Dispatch hash operations through the driver wrapper layer
2021-03-17 21:50:00 +01:00
Steven Cooreman
f8e45a4e98 Simplify compilation guards around hash driver testing
The hash driver entry points (and consequentially the hash driver core)
are now always compiled on when PSA_CRYPTO_DRIVER_TEST is turned on.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-16 11:07:55 +01:00
Steven Cooreman
b6bf4bbf95 Clear up language on zeroizing driver context at setup
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 19:00:14 +01:00
Steven Cooreman
aa87fd0012 Make driver IDs always visible
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 18:54:03 +01:00
Steven Cooreman
61bb8fc693 remove superfluous calls to hash_abort
The PSA Core is already calling psa_hash_abort, so the driver doesn't
have to do that explicitly.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:35:17 +01:00
Steven Cooreman
5e4c18f6d9 Reorder the driver wrapper switch-case content
Reordered the cases to be in numeric order.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:26:07 +01:00
Steven Cooreman
893232fbde Ensure the full driver structure is zeroized at setup
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:23:37 +01:00
Steven Cooreman
fa952958a5 Don't void actually used arguments
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:16:25 +01:00
Steven Cooreman
0f8ffa806b Rename and retype hash test driver context structure
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:14:40 +01:00
Steven Cooreman
5f88e776c3 Move mbedtls_md_info_from_psa into the mbedtls hash driver
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:14:40 +01:00
Steven Cooreman
a85e2f835e Guard hash test functions as a block
Replicate the way the internal hash functions are guarded

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:14:40 +01:00
Steven Cooreman
830aff2a98 Restructure the way driver contexts are declared
Drivers (both built-in and external) need to declare their context
structures in a way such that they are accessible by the
to-be-autogenerated crypto_driver_contexts.h file. That file lives in
include/psa, which means all builtin driver context structure
declarations also need to live in include/psa.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 12:14:32 +01:00
Steven Cooreman
0d58666395 Reuse already-defined MBEDTLS_PSA_BUILTIN_HASH
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 10:36:55 +01:00
Steven Cooreman
fbe09284cf Set output length to 0 at start of function
This behaviour was present previously, and is depended on by the
test suites.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 10:34:56 +01:00
Steven Cooreman
f66d5fd2bd Apply same argument checking as in psa_hash_setup
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-15 10:34:56 +01:00
Dave Rodgman
e483a77c85
Merge pull request #816 from ARMmbed/development
Merge recent commits from development into 2.26.0-rc
2021-03-12 16:55:26 +00:00
Paul Elliott
b744990717 Fix missed size_t printf
Code was missed due to rework moving duplicated code into a function

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 18:17:12 +00:00
Paul Elliott
d48d5c6615 Fix size_t and longlong specifiers for MinGW
MinGW and older windows compilers cannot cope with %zu or %lld (there is
a workaround for MinGW, but it involves linking more code, there is no
workaround for Windows compilers prior to 2013). Attempt to work around
this by defining printf specifiers for size_t per platform for the
compilers that cannot use the C99 specifiers.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
3891caf1ce Misc review requested fixes
Style fixes and cast certain defines to size_t

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
3a5a107fa7 Correct fix for potential truncation
This was a false positive caused by the compiler seeing the %08lx
specifiers and judging the output on that, rather than the numbers being
fed in. Given these are going to be maximum 32 bit numbers, then better
to use %08x, which keeps -Wformat-truncation=2 happy as well.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
9e3256aead Adding printf format warning flags to makefiles
Add printf format warning flags that are supported by GCC 3.0 or later
to the makefiles

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
9f35211774 Fixes for invalid printf format specifiers
Fixes for printf format specifiers, where they have been flagged as
invalid sizes by coverity, and new build flags to enable catching these
errors when building using CMake. Note that this patch uses %zu, which
requires C99 or later.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
dd9e8f6dd0 Fix potential buffer overflow in printf
Printf could potentially produce 2 64 bit numbers here when there is
only space for one, thus causing a buffer overflow. This was caught by
the new warning flags.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Paul Elliott
4e589701d8 Declare mbedtls_debug_print_msg as printf-like
We were not getting any warnings on printf format errors, as we do not
explicitly use printf anywhere in the code. Thankfully there is a way
to mark a function as having printf behaviour so that its inputs can be
checked in the same way as printf would be.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-03-10 17:00:32 +00:00
Steven Cooreman
83f300e2f7 Restructure the hash driver content
Apply the right define guards for the right purpose. The 'core' hash
driver is included if any hash algorithm is either to be tested through
the test driver, or if it is requested by a user and not accelerated
(i.e. 'fallback'/'software' driver requested for the algorithm).

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
25555227e5 Rename hash test driver functions to match auto-naming scheme
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
d029b60770 Move test driver hash function declarations to software driver
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
4f7d0586e1 Setup internal dependency macros for software hash driver
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
0eeb794a2e Initialize status with CORRUPTION_DETECTED and update fallthrough
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
5adf52c72d Correctly void potentially unused arguments
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
b1777312da Make the driver context union a defined type
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
f763810e58 Add test driver for hash operations
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
c8288354a2 move hash update zero-length-input check back into the core
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
dbf8ceda54 Change the way driver context structures are used
Apparently there's a goal to make the PSA Crypto core free from
dynamic memory allocations. Therefore, all driver context structures
need to be known at compile time in order for the core to know their
final size.

This change defines & implements for hashing operations how the context
structures get defined.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
8e9e407fed Clarify documentation of internal hash software driver interface
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
1e58235d8b Dispatch hashing calls through the driver wrapper layer
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
84d670d20c Make psa_hash_compare go through hash_compute
It's more efficient when dealing with hardware drivers.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Steven Cooreman
0e307647e6 Split hashing operations out into an mbedTLS hash driver
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-03-10 13:00:25 +01:00
Manuel Pégourié-Gonnard
17605f072b
Merge pull request #4151 from ronald-cron-arm/psa-sign_verify-hash
PSA sign and verify hash rework
2021-03-10 10:08:50 +01:00
paul-elliott-arm
0135516d55
Merge pull request #4203 from paul-elliott-arm/memsan_fix_build
Fix memsan build with Clang 11
2021-03-09 16:31:31 +00:00
Dave Rodgman
bfe754947c Bump version to 2.26.0
Executed ./scripts/bump_version.sh --version 2.26.0

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-03-09 16:09:18 +00:00
Dave Rodgman
5cce6a24d0 Merge branch 'development-restricted' into mbedtls-2.26.0-rc 2021-03-08 17:01:24 +00:00
Gilles Peskine
e252868be4
Merge pull request #4067 from stevew817/feature/allow_multilength_aead
Add support for key policies (MAC & AEAD)
2021-03-08 15:04:17 +01:00