Commit graph

24171 commits

Author SHA1 Message Date
Gilles Peskine
8c2830a06a Document what "TLS 1.3 depends on PSA" entails
Explicitly document that when using TLS 1.3, you must initialize PSA crypto
before starting a handshake.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 20:06:35 +01:00
Gilles Peskine
cc29bfd92a Bug fixes from the split of ssl_handle_hs_message_post_handshake
The split of ssl_handle_hs_message_post_handshake() into
ssl_tls12_handle_hs_message_post_handshake() and
ssl_tls13_handle_hs_message_post_handshake() fixed some user-visible bugs.
Add a changelog entry for those bugs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 19:49:58 +01:00
Gilles Peskine
136d25c416 Explicitly disable all DTLS options in tls13-only.h
This makes no difference when starting from the default configuration. It
allows tls13-only.h to be used with other base configurations such as `full`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 19:49:58 +01:00
Gilles Peskine
7d3186d18a Disable MBEDTLS_SSL_RENEGOTIATION in tls13-only configuration
There's no renegotiation in TLS 1.3, so this option should have no effect.
Insist on having it disabled, to avoid the risk of accidentally having
different behavior in TLS 1.3 if the option is enabled (as happened in
https://github.com/Mbed-TLS/mbedtls/issues/6200).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-01 19:47:23 +01:00
Dave Rodgman
f4385faa6f
Merge pull request #7188 from paul-elliott-arm/interruptible_sign_hash_complete_after_start_fail
Interruptible {sign|verify} hash - Call complete() after start() failure.
2023-03-01 17:18:08 +00:00
Gabor Mezei
aeadc2d731
Apply naming convention
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-01 16:53:03 +01:00
Gabor Mezei
931fd646ff
Use lower case hex number
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-03-01 16:50:00 +01:00
Dave Rodgman
6d6a720603 Protect against possible macro redefinition warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-01 15:09:40 +00:00
Paul Elliott
42585f678b
Merge pull request #7176 from paul-elliott-arm/interruptible_sign_hash_verify_test_improvements
Interruptible {sign|verify} hash verification test improvements
2023-03-01 15:00:45 +00:00
Paul Elliott
ebf2e38662
Merge pull request #7177 from paul-elliott-arm/interruptible_sign_hash_improve_num_ops_testing
Interruptible sign hash improve num ops testing
2023-03-01 14:59:44 +00:00
Paul Elliott
de7c31e082 Improve comment wording
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-01 14:43:52 +00:00
Paul Elliott
d1cddff71a
Merge pull request #7189 from daverodgman/armcc-fix
Fix macro redefinition warning from armclang
2023-03-01 11:59:26 +00:00
Przemek Stekiel
f5dcb8886a Rework pake input getters tests
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-01 12:28:21 +01:00
Gilles Peskine
1eae11565d
Merge pull request #6949 from bensze01/replace_pkcs7_fuzzer_tests
Replace fuzzer-generated PKCS #7 memory management tests
2023-03-01 10:46:22 +01:00
Gilles Peskine
802ff1b116
Merge pull request #7147 from paul-elliott-arm/interruptible_sign_hash_codestyle_drivers
Remove driver entry points for psa_{get|set}_max_ops()
2023-03-01 10:46:09 +01:00
Dave Rodgman
914c632646 Whitespace
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-03-01 09:30:14 +00:00
Pengyu Lv
c6298ad46a Use parentheses to avoid executing the output
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-03-01 10:31:29 +08:00
Pengyu Lv
c2b1864ceb Revert "Check if the license server is available for armcc"
This reverts commit 55c4fa4f41.

After discussion, We decided not to check the availability
of the license server for the impacts on CI and user usages.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-03-01 10:25:08 +08:00
Gabor Mezei
620f0dc850
Fix for 32-bit
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-28 18:42:33 +01:00
Gabor Mezei
08a94953e1
Apply naming convention for p224
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-28 18:40:57 +01:00
Dave Rodgman
e47899df20 Fix macro redefinition warning from armcc
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-28 17:39:03 +00:00
Paul Elliott
7c17308253 Add num_ops tests to sign and verify interruptible hash
This is the only test usable for non-deterministic ECDSA, thus needs this
code path testing as well.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:23:29 +00:00
Paul Elliott
8359c14c14 Add hash corruption test to interruptible verify test
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:23:29 +00:00
Paul Elliott
c1e0400bac Add test to check not calling get_num_ops()
Make sure that not calling get_num_ops() inbetweeen calls to complete() does
not mean that ops get lost (Regression test for previous fix).

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:20:14 +00:00
Paul Elliott
9e8819f356 Move 'change max_ops' test into ops tests
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:20:14 +00:00
Paul Elliott
5770224ef3 Rename max ops tests to ops tests
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:20:14 +00:00
Gilles Peskine
7e677fa2c5
Merge pull request #6389 from gilles-peskine-arm/ecdsa-use-psa-without-pkwrite
Remove pkwrite dependency in pk using PSA for ECDSA
2023-02-28 18:17:16 +01:00
Gilles Peskine
b52b788e55
Merge pull request #6895 from yuhaoth/pr/add-aes-with-armv8-crypto-extension
Add AES with armv8 crypto extension
2023-02-28 18:16:37 +01:00
Paul Elliott
587e780812 Test calling complete() after {sign|verify}_hash_start fails
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-28 17:13:39 +00:00
Gilles Peskine
e4616830b3
Merge pull request #7137 from lpy4105/issue/1785/ssl-test-script-fail
compat.sh: Skip static ECDH cases if unsupported in openssl
2023-02-28 18:11:39 +01:00
Dave Rodgman
17152df58d
Merge pull request #7175 from paul-elliott-arm/interruptible_sign_hash_test_comments
Interruptible sign hash test comments
2023-02-28 17:09:43 +00:00
Gilles Peskine
ebb63420cc
Merge pull request #7124 from oberon-microsystems/fix-test-output-length-on-success-only
Fix test to check output length on PSA_SUCCESS only
2023-02-28 18:09:33 +01:00
Bence Szépkúti
35d674a6ee Replace usage of echo -e in pkcs7 data Makefile
This use of the shell builtin is not portable.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-02-28 17:01:21 +01:00
Dave Rodgman
ffb4dc38c8
Merge pull request #7183 from paul-elliott-arm/interruptible_sign_hash_test_max_ops_0
Interruptible {sign|verify} hash : Change max_ops=min tests to use a value of zero.
2023-02-28 15:56:01 +00:00
Bence Szépkúti
4a2fff6369 Fix expected error code
This was overlooked during the rebase.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-02-28 16:40:27 +01:00
Paul Elliott
6a459f5de5
Merge pull request #7143 from paul-elliott-arm/interruptible_sign_hash_codestyle_wipeout
Update psa_wipe_output_buffer() and change name to psa_wipe_tag_output_buffer()
2023-02-28 15:34:06 +00:00
Paul Elliott
148903ca7d
Merge pull request #7185 from paul-elliott-arm/interruptible_sign_hash_pacify_clang
Interruptible {sign|verify} hash - Pacify Clang 15
2023-02-28 15:31:15 +00:00
Jerry Yu
608e1093de Improve comment about conflicts between aesce and sha512-crypto
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-02-28 12:50:00 +08:00
Paul Elliott
15d7d43904 Pacify Clang 15
Changes for interruptible {sign|verify} hash were not merged at the time of the
previous clang 15 /retval fixes, thus this fixes code added at that time.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-27 17:25:57 +00:00
Dave Rodgman
dd4427cc5b
Merge pull request #7169 from AndrzejKurek/mpi-window-size
Reduce the default MBEDTLS_ECP_WINDOW_SIZE value from 6 to 2
2023-02-27 17:12:38 +00:00
Gabor Mezei
5afb80e00a
Fix coding style issues
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-27 17:00:34 +01:00
Gabor Mezei
804cfd32ea
Follow the naming convention
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-27 16:50:09 +01:00
Gabor Mezei
bf506361c4
Revert the illustration and remove unnecessary code
This reverts commit 73e8553273.
Removes the second round of carry reduction from p224.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-27 16:37:32 +01:00
Gabor Mezei
73e8553273
Add comments to illustrate the second round of carry reduction is unnecessary
The first round of carry reduction can not generate a carry thus the
secound round is not needed. The comments illustrating when the
carry is 1. The reduction is simmetric so the case when the carry is
-1 is similar.
The illustration is trying to calculate the input value starting with
setting the carry to 1 before the second round of the carry reduction.
It calculates backwords and tries to determine the value range of
each word. It ends up with a contradiction that A10 must have the
value of 0 and UINT32_MAX.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-27 16:32:42 +01:00
Gabor Mezei
98791e7781
Add more test cases for P224 testing
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-27 15:59:34 +01:00
Gabor Mezei
a835d20cde
Add documentation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2023-02-27 15:58:30 +01:00
Paul Elliott
ac2251dad1
Merge pull request #7076 from mprse/parse_RFC822_name
Add parsing of x509 RFC822 name + test
2023-02-27 14:16:13 +00:00
Paul Elliott
cd7e8bce03 Change max_ops=min tests to use zero
Zero is the minimum value defined by the spec, just because the internal
implementation treats zero and one as the same thing does not mean that other
implementations will also do so.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-02-27 12:21:36 +00:00
Stephan Koch
5819d2c141 Feedback from Arm: guarantee that output_length <= output_size even on error, to reduce the risk that a missing error check
escalates into a buffer overflow in the application code

Signed-off-by: Stephan Koch <koch@oberon.ch>
2023-02-27 11:49:13 +01:00
oberon-sk
10c0f770ce asymmetric_encrypt: check output length only if return code is PSA_SUCCESS.
Signed-off-by: Stephan Koch <koch@oberon.ch>
2023-02-27 11:48:51 +01:00