Commit graph

29768 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
e33b349c90
Merge pull request #8864 from valeriosetti/issue8848
Deprecate or remove mbedtls_pk_wrap_as_opaque
2024-03-01 15:54:32 +00:00
Valerio Setti
d32dd08934 changelog: fix description
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-29 16:28:03 +01:00
Ronald Cron
9b4e964c2c
Merge pull request #8760 from ronald-cron-arm/tls13-write-early-data
TLS 1.3: Add mbedtls_ssl_write_early_data() API
2024-02-29 14:31:55 +00:00
Valerio Setti
4ee6f81195 add changelog
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-29 15:01:21 +01:00
Manuel Pégourié-Gonnard
7f523bf9eb
Merge pull request #8845 from gilles-peskine-arm/ecp-write-doc-3.6
Document ECP write functions
2024-02-28 11:04:38 +00:00
Valerio Setti
90eca2adb0 ssl_test_lib: add guards for pk_wrap_as_opaque()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-28 10:45:43 +01:00
Valerio Setti
b484e37d91 pk: fix alg selection in mbedtls_pk_sign_ext() for opaque keys
This commit also fixes pk_psa_wrap_sign_ext() setting the RSA padding
mode so that mbedtls_pk_get_psa_attributes() correctly guesses
the PSA alg to be used.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-28 09:44:35 +01:00
Dave Rodgman
09e6fb42eb
Merge pull request #8865 from daverodgman/iar-fixes-feb27
Add missing casts to fix IAR warnings
2024-02-27 14:41:53 +00:00
Valerio Setti
23e637a7c7 test_suite_pk: initialize all PSA key IDs and attributes
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-27 13:56:57 +01:00
Valerio Setti
a9de9445b1 ssl_helpers: minor fix in mbedtls_test_ssl_endpoint_certificate_init()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-27 13:56:09 +01:00
Valerio Setti
88ae0ef286 pk: completely remove mbedtls_pk_wrap_as_opaque
Remove instead of deprecating it.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-27 13:49:42 +01:00
Manuel Pégourié-Gonnard
5b5faf0898
Merge pull request #8844 from davidhorstmann-arm/restore-x509-functions-to-public
Restore some X509 functions to public headers
2024-02-27 10:55:16 +00:00
Dave Rodgman
6a3da2d5ed Add missing casts
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-27 10:41:53 +00:00
Tom Cosgrove
ca21b241bd
Merge pull request #8840 from gilles-peskine-arm/domain_parameters-remove
Remove domain parameters
2024-02-27 10:36:51 +00:00
Valerio Setti
4c6cea549c pk: deprecate mbedtls_pk_wrap_as_opaque()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-27 10:51:03 +01:00
Valerio Setti
7541ebea52 programs: remove usage of mbedtls_pk_wrap_as_opaque() from tests
This is replaced with: mbedtls_pk_get_psa_attributes() +
mbedtls_pk_import_into_psa() + mbedtls_pk_setup_opaque().

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-27 10:44:33 +01:00
Valerio Setti
1fa2f6e9af test: remove usage of mbedtls_pk_wrap_as_opaque() from tests
This is replaced with: mbedtls_pk_get_psa_attributes() +
mbedtls_pk_import_into_psa() + mbedtls_pk_setup_opaque().

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-27 09:23:35 +01:00
Gilles Peskine
e22f6a9610 Finish cleaning up override that's no longer needed
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-26 16:57:31 +01:00
Gilles Peskine
97c0b2f393 Remove domain parameters from psa_key_attributes_t
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-26 16:57:30 +01:00
David Horstmann
ef950ccb1d Un-unrestore mbedtls_x509_string_to_names()
Re-restore mbedtls_x509_string_to_names() to public as our example
programs use it, and it is the reverse of mbedtls_x509_dn_gets().

Add a docstring, so that it is a properly documented public function.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2024-02-26 13:59:43 +00:00
Tom Cosgrove
f4a200f106
Merge pull request #8838 from paul-elliott-arm/improve_test_data_accessors
Improve test info data accessors
2024-02-26 11:22:20 +00:00
Gilles Peskine
ae5eb64705 Remove domain parameters from the public API
Only leave deprecated, minimal non-linkable functions.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-26 08:50:53 +01:00
Gilles Peskine
bb6f3ff394 Rename variables
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-26 08:50:53 +01:00
Gilles Peskine
4c32b69f37 Ignore domain parameters in RSA key generation
Remove the ability to select a custom public exponent via domain parameters
in RSA key generation. The only way to select a custom public exponent is
now to pass custom production parameters to psa_generate_key_ext().

A subsequent commit will remove domain parameters altogether from the API,
thus this commit does not bother to update the documentation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-26 08:50:38 +01:00
Gilles Peskine
6a2c400b8c typo
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-26 08:34:06 +01:00
Gilles Peskine
0f63028809
Merge pull request #8815 from gilles-peskine-arm/psa_generate_key_ext-prototype
Introduce psa_generate_key_ext
2024-02-26 07:16:49 +00:00
Paul Elliott
9011dae0c1 Improve documentation / comments
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-02-24 10:57:22 +00:00
Paul Elliott
665cf928d9
Merge pull request #8856 from Ryan-Everett-arm/threadsafe-openkey
Make psa_open_key threadsafe
2024-02-24 10:29:57 +00:00
Paul Elliott
5a4a6e44ef
Merge pull request #8833 from Ryan-Everett-arm/threadsafe-multiparts
Make multi-part operations thread-safe
2024-02-24 10:29:20 +00:00
Tom Cosgrove
817772a6ca
Merge pull request #8716 from mschulz-at-hilscher/feature/gcm_largetable
Use large GCM tables
2024-02-23 16:25:38 +00:00
Manuel Pégourié-Gonnard
81c322329e
Merge pull request #8855 from gilles-peskine-arm/benchmark-ecdh-no-legacy
Remove most uses of MBEDTLS_ALLOW_PRIVATE_ACCESS in test programs
2024-02-23 09:16:46 +00:00
Gilles Peskine
7f72a06e02 Remove cruft
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-22 18:41:25 +01:00
Gilles Peskine
f6eb0b8ab0 Changelog entry for benchmark improvement
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-22 18:40:10 +01:00
Manuel Pégourié-Gonnard
dd9cbf99c2 Benchmark only one side of ECDH, both static and ephemeral
Static ECDH is of interest to us as developers because it's a generic
scalar multiplication (as opposed to using the standard base point) and
it's useful to have that handy.

For reference the other operations of interest to developers are:
- multiplication of the conventional base point: ECDSA signing is almost
exactly that (just a few field ops on top, notably 1 inversion);
- linear combination: ECDSA verification is almost exactly that too.

Including ephemeral as well, because it's hopefully what's of interest
to most users.

Compared to the previous version, include only one side of the
operations. I don't think including both sides is of interest to anyone.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-22 12:29:06 +01:00
Ronald Cron
dcb09ca6df tests: write early data: Improve get_early_data_status testing
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-22 12:22:59 +01:00
Ronald Cron
f19989da31 tls13: Improve sanity check in get_early_data_status
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-22 12:22:53 +01:00
Gilles Peskine
74589ba31c ssl_context_info: explicitly note accesses to private fields
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-22 12:12:01 +01:00
Gilles Peskine
72da8b3521 Don't authorize private access to fields where not actually needed
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-22 12:07:29 +01:00
Gilles Peskine
abf0be392a fuzz_dtlsserver: explicitly note the one access to a private field
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-22 12:07:09 +01:00
Gilles Peskine
d5f68976e8 fuzz_pubkey, fuzz_privkey: no real need to access private fields
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-22 12:05:35 +01:00
Ronald Cron
8f1de7e029 tls13: Improve documentation
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-22 12:02:39 +01:00
Ronald Cron
7d158f41ca tests: read early data: Use write API to send early data
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-22 11:46:08 +01:00
Ronald Cron
110303fbe5 tests: read early data: Add no early data indication sent scenario
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-22 11:46:02 +01:00
Ryan Everett
e110a4c900 Make psa_open_key threadsafe
This is a simple case of register then unregister

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-22 10:43:24 +00:00
Ronald Cron
86d288c0d4 tests: ssl: Rename tls13_early_data to tls13_read_early_data
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-22 11:28:29 +01:00
Ryan Everett
9af70e51c1 Make multi-part AEAD operations thread-safe
The setup calls are the only calls to use a key ID.
The key is then copied into the operation object,
all future API calls use the copy instead of the key in the slot.

Simultaneous API calls on the same operation object are not thread-safe.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-22 10:27:52 +00:00
Ryan Everett
bbedfcec2e Make multi-part PAKE operations thread-safe
The only interaction with key IDs here is in the changed function.

Simultaneous API calls on the same operation object are not thread-safe.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-22 10:27:52 +00:00
Ryan Everett
5ac6fa7aae Make multi-part key derivation operations thread-safe
One can input a key using a key identifier through the two changed functions.
Inputted keys are copied into the operation object.
Any material inputted in byte form is separate to the key slot system.
Outputting a key is threadsafe as per the key loading work.
The verification API is yet to be implemented.

Simultaneous API calls on the same operation object are not thread-safe.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-22 10:27:52 +00:00
Ryan Everett
c0053cc499 Make multi-part cipher operations thread-safe
Within setup we create a copy of the key and put it in the operation field.
After setup, we only ever use the new copy,
and do not interact with any key slots.
Therefore we need only register as a reader of the key during setup,
then unregister after we stop accessing the key.

Simultaneous API calls on the same operation object are not thread-safe.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-22 10:27:52 +00:00
Ryan Everett
291267f486 Make restartable signature verifications thread-safe
We copy the key from a slot to the operation object in _start.
_complete and _abort do not access any key slots, instead using
the local copy.

Concurrently using the same operation object is not thread-safe.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-22 10:27:52 +00:00