Commit graph

148 commits

Author SHA1 Message Date
Valerio Setti
97b28f81d8 pkparse: remove unnecessary header
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 06:43:23 +02:00
Manuel Pégourié-Gonnard
7dccb66d49 test: disable RSA support on the test ecc_no_bignum component
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 06:43:23 +02:00
Tom Cosgrove
ca8c61b815 Provide and use internal function mbedtls_zeroize_and_free()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-17 15:17:40 +01:00
Valerio Setti
21d42417f9 pkparse: always check all private keys on import
This allows to remove explicit calls to mbedtls_ecp_check_privkey()
in pkparse.c.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
6b062eeed0 pkparse: parse also Weierstrass private keys using ecp_read_key()
This is to hanlde more uniformly Weierstrass and Montgomery curves.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
805e4a0378 pkparse: use ecp_read_key() for parsing private key of Montgomery curves
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Manuel Pégourié-Gonnard
2be8c63af7 Create psa_util_internal.h
Most functions in psa_util.h are going to end up there (except those
that can be static in one file), but I wanted to have separate commits
for file creation and moving code around, so for now the new file's
pretty empty but that will change in the next few commits.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-07-06 12:42:33 +02:00
Valerio Setti
81d75127ba library: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-19 19:24:05 +02:00
Valerio Setti
addeee4531 mbedtls_config: add new MBEDTLS_PK_PARSE_EC_COMPRESSED symbol
This includes also:
- auto enabling ECP_LIGHT when MBEDTLS_PK_PARSE_EC_COMPRESSED is
  defined
- replacing ECP_LIGHT guards with PK_PARSE_EC_COMPRESSED in pkparse
- disabling PK_PARSE_EC_COMPRESSED in tests with accelarated EC curves
  (it get disabled also in the reference components because we want
  to achieve test parity)
- remove skipped checks in analyze_outcomes.py

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-06-16 16:03:46 +02:00
Valerio Setti
a541e0108b pkparse: avoid creating extra copy of the private key
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-24 16:02:36 +02:00
Valerio Setti
51aa52eba4 pk: fix key properties when importing private key
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-24 14:00:09 +02:00
Valerio Setti
00e8dd15d2 pk: manage parse and write for the new format
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-23 15:12:07 +02:00
Valerio Setti
e0e6311b64 pk: change location of Montgomery helpers
This is to have them available only where they are really required.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-23 15:12:07 +02:00
Valerio Setti
016264b6cb pk: fix a return value and a typo in comment
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-22 18:40:35 +02:00
Valerio Setti
4064dbbdb2 pk: update pkparse and pkwrite to use the new public key storing solution
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-17 15:33:07 +02:00
Valerio Setti
77a75685ed pk: align library and tests code to the new internal functions
Note = programs are not aligned to this change because:
- the original mbedtls_pk_ec is not ufficially deprecated
- that function is used in tests when ECP_C is defined, so
  the legacy version of that function is available in that
  case

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-15 11:18:46 +02:00
Jethro Beekman
2e662c6f97 Add comment about version 1 PKCS8 keys not containing a public key
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
2023-05-04 13:01:47 +02:00
Jethro Beekman
0167244be4 Read and write X25519 and X448 private keys
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
Co-authored-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
Signed-off-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
2023-05-04 13:01:47 +02:00
Valerio Setti
0d2980f117 pk: adapt to new ECP_LIGHT symbol
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 11:33:50 +02:00
Valerio Setti
520c0384e7 pkparse: fix return value
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-07 11:38:09 +02:00
Valerio Setti
1df94f841b pk: fix return codes' precedence and code style
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-07 11:04:32 +02:00
Valerio Setti
aad6306212 pkparse: fix guards position
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-07 08:45:34 +02:00
Valerio Setti
4bf73ad83f pkparse: use proper sizing for buffer
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-07 08:45:34 +02:00
Valerio Setti
34f6755b34 pkparse: add new function for deriving public key from private using PSA
Instead of using the legacy mbedtls_ecp_mul() function which makes use of
ECP's math, this commit adds a new function named pk_derive_public_key()
which implements the same behavior using PSA functions.
The flow is simple:
- import the private key into PSA
- export its public part

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-07 08:45:34 +02:00
Minos Galanakis
8692ec8bc0 pkarse: Added pk_group_id_from_specified() documentation.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-01-23 10:33:06 +00:00
Minos Galanakis
c8e381ab1c pkarse: Update pk_group_id_from_specified() clean-up.
This path updates the clean-up logic of to individually
free each of the the group's structure members
rather than invoke `mbedtls_ecp_group_free()`.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-01-19 16:15:11 +00:00
Gilles Peskine
449bd8303e Switch to the new code style
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-11 14:50:10 +01:00
Gilles Peskine
0fe6631486
Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2
Include platform.h unconditionally
2022-10-13 10:19:22 +02:00
Gilles Peskine
945b23c46f Include platform.h unconditionally: automatic part
We used to include platform.h only when MBEDTLS_PLATFORM_C was enabled, and
to define ad hoc replacements for mbedtls_xxx functions on a case-by-case
basis when MBEDTLS_PLATFORM_C was disabled. The only reason for this
complication was to allow building individual source modules without copying
platform.h. This is not something we support or recommend anymore, so get
rid of the complication: include platform.h unconditionally.

There should be no change in behavior since just including the header should
not change the behavior of a program.

This commit replaces most occurrences of conditional inclusion of
platform.h, using the following code:

```
perl -i -0777 -pe 's!#if.*\n#include "mbedtls/platform.h"\n(#else.*\n(#define (mbedtls|MBEDTLS)_.*\n|#include <(stdarg|stddef|stdio|stdlib|string|time)\.h>\n)*)?#endif.*!#include "mbedtls/platform.h"!mg' $(git grep -l '#include "mbedtls/platform.h"')
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-15 20:33:07 +02:00
Tuvshinzaya Erdenekhuu
c388af63e4 Remove extra spacings
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-08-31 10:14:25 +01:00
Tuvshinzaya Erdenekhuu
dcf9c96274 Remove NULL pointer validation in pkparse.c
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
2022-08-31 10:14:25 +01:00
Ronald Cron
ce7d76e2ee Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr 2022-07-11 10:22:37 +02:00
Andrzej Kurek
92d7417d89 Formatting fixes
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-07-04 10:21:59 -04:00
Paul Elliott
072d2b094d Add pem_free() to other error paths in pk_parse_public_key()
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-07-04 06:49:26 -04:00
Leonid Rozenboim
116f50cd96 Fix resource leaks
These potential leaks were flagged by the Coverity static analyzer.

Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>
2022-07-04 06:49:26 -04:00
Paul Elliott
41aa808a56
Merge pull request #952 from gilles-peskine-arm/stdio_buffering-setbuf
Turn off stdio buffering with setbuf()
2022-07-04 10:12:22 +01:00
Gilles Peskine
da0913ba6b Call setbuf when reading or writing files: library
After opening a file containing sensitive data, call mbedtls_setbuf() to
disable buffering. This way, we don't expose sensitive data to a memory
disclosure vulnerability in a buffer outside our control.

This commit adds a call to mbedtls_setbuf() after each call to fopen(),
except:
* In ctr_drbg.c, in load_file(), because this is only used for DH parameters
  and they are not confidential data.
* In psa_its_file.c, in psa_its_remove(), because the file is only opened
  to check its existence, we don't read data from it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-30 17:03:40 +02:00
Dave Rodgman
2a045325f9
Merge pull request #5766 from leorosen/fix-var-init
Add missing local variable initialization
2022-05-16 14:47:00 +01:00
Leonid Rozenboim
a3008e7e2e Add missing local variable initialization
These issues were flagged by Coverity as instances where a local
variable may be used prior to being initialized. Please note that
none of these changes fixes any particular bug, this is just an attempt
to add more robustness.

Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>
2022-05-13 18:08:11 +01:00
Shaun Case
8b0ecbccf4 Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.
Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 21:25:51 +01:00
Gilles Peskine
0ca219575a mbedtls_pk_parse_key: don't allocate if not needed
mbedtls_pk_parse_key() makes a temporary copy of the key when it calls
pk_parse_key_pkcs8_encrypted_der(), because that function requires a
writable buffer. pk_parse_key_pkcs8_encrypted_der() always rejects an
empty password, so skip calling it in that case, which allows us to
skip the allocation as well.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-12-10 17:36:37 +01:00
Kenneth Soerensen
e28d49b3b6 Remove compiler warning if only MBEDTLS_PK_PARSE_C is defined
Warning reported with IAR compiler:
"mbedtls\library\pkparse.c",1167  Warning[Pe550]: variable "ret" was set but never used

Signed-off-by: Kenneth Soerensen <knnthsrnsn@gmail.com>
2021-08-31 13:05:12 +02:00
Manuel Pégourié-Gonnard
a805d57261
Merge pull request #4588 from TRodziewicz/remove_MD2_MD4_RC4_Blowfish_and_XTEA
Remove MD2, MD4, RC4, Blowfish and XTEA
2021-06-22 09:27:41 +02:00
Manuel Pégourié-Gonnard
609ab6478b Fix warning in some configurations
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-06-17 09:41:01 +02:00
Manuel Pégourié-Gonnard
84dea01f36 Add RNG params to private key parsing
This is necessary for the case where the public part of an EC keypair
needs to be computed from the private part - either because it was not
included (it's an optional component) or because it was compressed (a
format we can't parse).

This changes the API of two public functions: mbedtls_pk_parse_key() and
mbedtls_pk_parse_keyfile().

Tests and programs have been adapted. Some programs use a non-secure RNG
(from the test library) just to get things to compile and run; in a
future commit this should be improved in order to demonstrate best
practice.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-06-17 09:38:38 +02:00
TRodziewicz
10e8cf5fef Remove MD2, MD4, RC4, Blowfish and XTEA
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-06-16 10:34:25 +02:00
Chris Jones
4d01c5b5c3 Remove dead code from pk_parse_key_pkcs8_unencrypted_der
pk_get_pk_alg will either return 0 or a pk error code. This means that
the error code will always be a high level module ID and so we just
return ret.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-04-28 14:12:07 +01:00
Chris Jones
fdb588b3a7 Fix an incorrect error code addition in pk_parse_key_pkcs8_unencrypted_der
An incorrect error code addition was spotted by the new invasive testing
infrastructure whereby pk_get_pk_alg will always return a high level
error or zero and pk_parse_key_pkcs8_unencrypted_der will try to add
another high level error, resulting in a garbage error code.

Apply the same fix from ae3741e8a to fix the bug.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-04-15 11:19:56 +01:00
Chris Jones
9f7a693f2c Apply MBEDTLS_ERROR_ADD to library
Replace all occurences of error code addition in the library with the new
MBEDTLS_ERROR_ADD macro.

Signed-off-by: Chris Jones <christopher.jones@arm.com>
2021-04-15 11:19:47 +01:00
Jens Reimann
9ad4a33a54 fix return code
Signed-off-by: Jens Reimann <jreimann@redhat.com>
2020-09-22 11:57:16 +02:00