Commit graph

18476 commits

Author SHA1 Message Date
Jerry Yu
388bd0d53c fix various issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-15 22:06:11 +08:00
Gilles Peskine
d337fbc4cb x86_64 MULADDC assembly: add missing constraints about memory
MULADDC_CORE reads from (%%rsi) and writes to (%%rdi). This fragment is
repeated up to 16 times, and %%rsi and %%rdi are s and d on entry
respectively. Hence the complete asm statement reads 16 64-bit words
from memory starting at s, and writes 16 64-bit words starting at d.

Without any declaration of modified memory, Clang 12 and Clang 13 generated
non-working code for mbedtls_mpi_mod_exp. The constraints make the unit
tests pass with Clang 12.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-15 15:51:43 +02:00
Jerry Yu
dd1fb9e37e add mbedtls_ecdh_setup_no_everest
Setup ecdh without everest for TLS1.3

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-15 11:10:15 +08:00
Jerry Yu
bdc71888fc Remove restartable and everest from tls1.3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-14 19:33:31 +08:00
Janos Follath
cacec723c8
Merge pull request #4938 from gilles-peskine-arm/psa_cipher_update_ecp-unused_parameter
Fix parameter set but unused on psa_cipher_update_ecb
2021-09-13 13:55:38 +01:00
Gilles Peskine
d87d87371f Fix the size in bytes
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-13 12:21:22 +02:00
Gilles Peskine
1716f32864 psa_cipher_update_ecb: remove parameter output_size
This parameter was set but not used, which was pointless. Clang 14 detects
this and legitimately complains.

Remove the parameter. This is an internal function, only called once. The
caller already has a sufficient check on the output buffer size which
applies in more cases, so there is no real gain in robustness in adding the
same check inside the internal function.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-13 09:46:41 +02:00
Gilles Peskine
55dffe58a0 Document the internal function psa_cipher_update_ecb
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-13 09:33:28 +02:00
Jerry Yu
335aca9c52 fix format issue
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-12 20:18:56 +08:00
Gilles Peskine
78e84e860d
Merge pull request #4766 from SiliconLabs/silabs_import_copy_key_opaque
Add partial support to import/copy opaque keys
2021-09-10 09:13:40 +02:00
Jerry Yu
72fc69bd40 fix typo error
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-10 10:23:37 +08:00
Archana
9d17bf4215
Styling and refactoring
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-10 07:16:08 +05:30
Archana
9a2b6ff8f2
Fix test vector dependency
Fix opaque key test vector dependency to PSA_CRYPTO_DRIVER_TEST
instead of MBEDTLS_PSA_CRYPTO_DRIVERS while validating with
test drivers.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-09 12:32:16 +05:30
Archana
a316b7e42b
Rebase and update signature for curve448 tests
Also include the opaque test cases for curve448 vectors.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-09 10:11:02 +05:30
Archana
74d99c6bfc
Add a test to validate copy to read only lifetime
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-09 10:11:02 +05:30
Archana
374fe5b8d2
Handle zeroed attributes key bits and type in copy
The target attributes for key copy could have key bits and
type zeroed. If so, they need to be overwritten/ inherited
from the source key.
This is now forcefully overwritten after validating the
optional attributes. As a result assigning attributes type
and bits after copy are no longer necessary.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-09 10:09:19 +05:30
Archana
449608bc61
Code style improvements
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-08 22:04:13 +05:30
Archana
8a180368fb
Add opaque test driver support for copy key
A minimal test driver extension is added to support
copy of opaque keys within the same location.
Test vector support is extended to cover opaque keys.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-08 22:04:07 +05:30
Archana
6ed4bda2c6
pre-existing validation extended
The validation against key width and max key bits is extended to
all key types from the existing validation for only symmetric keys.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-08 22:04:00 +05:30
Archana
4d7ae1d8cf
Add test driver support for opaque key import
-Add test driver support to import/export while wrapping keys
 meant to be stored in the PSA core as opaque( emulating an
 SE without storage ).
-Export validate_unstructured_key_bit_size as
 psa_validate_unstructured_key_bit_size, thereby changing its scope.
-Improve the import/export test cases in test_suite_psa_crypto to also
 cover opaque keys, thereby avoiding duplication.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-08 22:03:54 +05:30
Archana
d8a83dc172
Sizing of key buffer for opaque keys
Create a new sizing function for determining the size required for key
storage based on the input key data.
This is required for key imports where the key length might need to be
derived from the data.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-09-08 22:03:48 +05:30
Ronald Cron
3b097eb68f
psa: Remove psa_key_slot_is_external()
Remove psa_key_slot_is_external() that is not used anymore.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-08 22:03:41 +05:30
Ronald Cron
9b8b69c30a
psa: Remove buggy report of RSA public exponent for opaque keys
The report of RSA public exponent for opaque keys is not
supported. Do not attempt to compute the RSA public
exponent of an RSA opaque key associated to a driver
implementing the new driver interface when
MBEDTLS_PSA_CRYPTO_SE_C is disabled.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-08 22:03:32 +05:30
Ronald Cron
512ad81318
psa: Fix slot number key attribute
Slot number key attribute is specific of dynamically
registered drivers and should thus not be computed/
returned in case of keys associated to drivers
implementing the new unified driver interface.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-08 22:03:26 +05:30
Ronald Cron
ddae0f5642
Clarify psa_get_and_lock_transparent_key_slot_with_policy() purpose
Clarify the purpose of
psa_get_and_lock_transparent_key_slot_with_policy() and
define it even when MBEDTLS_PSA_CRYPTO_SE_C is disabled
for the purpose of static drivers.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-08 22:03:20 +05:30
Jerry Yu
7c522d4941 Remove ecp_c undefine routines
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-08 17:55:09 +08:00
Jerry Yu
b60e3cf424 fix various issues
- format problems
- name conversion issues

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-08 16:41:02 +08:00
Jerry Yu
ed2ef2d9e0 add client hello msg test
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-08 10:37:20 +08:00
Jerry Yu
56fc07f7ae add key_share extension
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-08 10:37:20 +08:00
Jerry Yu
7236994aa9 add signature algorithms extension
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-08 09:52:15 +08:00
Jerry Yu
6b64fe31ce add supported groups extension
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-08 09:52:15 +08:00
Jerry Yu
e226cef124 Add NamedGroup IANA values and helper functions
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-08 09:52:15 +08:00
Jerry Yu
26f4d15d13 Add key exchange modes helper functions
Add helper functions for `tls13_kex_modes`

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-08 09:52:15 +08:00
Jerry Yu
7533635e5a Change dummy extension return
With error return, server can not receive
Client Hello message.

If received , we can test current status.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-08 09:52:15 +08:00
Ronald Cron
3c28fd3393
Merge pull request #4882 from yuhaoth/pr/add-tls13-client-hello-process
TLS 1.3 : add tls13 client hello msg -- part 1
When running the ssl-opt.sh "TLS1.3: Test client hello msg work" test with the library compiled in default configuration plus MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL, the openssl server responds with a ServerHello which is the validation we were looking for the work in this PR. Thus, merging.
2021-09-07 17:39:08 +02:00
Jerry Yu
fec982eacc fix coding style issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-07 17:26:06 +08:00
Jerry Yu
4e388286af fix usage of iteration
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-06 21:28:08 +08:00
Jerry Yu
bbe09526b7 fix name conversion issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-06 21:17:54 +08:00
Mateusz Starzyk
83e4c1270a Add CCM tests for passing unexpected input.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-09-06 12:09:34 +02:00
Mateusz Starzyk
efec38bb29 Extend CCM corner cases tests.
Add tests covering skipped update() or update_ad()
for empty plaintext/ciphertext and empty auth data.

Test vector for P=0, A=0 generated using python's
cryptography.hazmat library.

Python script used for test vector generation:
```
import os
from cryptography.hazmat.primitives.ciphers.aead import AESCCM

def encrypt(key, iv, plaintext, associated_data):

    key = bytes.fromhex(key)
    iv = bytes.fromhex(iv)
    plaintext = bytes.fromhex(plaintext)
    associated_data = bytes.fromhex(associated_data)

    aesccm = AESCCM(key)
    ct = aesccm.encrypt(iv, plaintext, associated_data)
    return ct.hex()

def decrypt(key, associated_data, iv, ciphertext):

    key = bytes.fromhex(key)
    associated_data = bytes.fromhex(associated_data)
    iv = bytes.fromhex(iv)
    ciphertext = bytes.fromhex(ciphertext)

    aesccm = AESCCM(key)
    pt = aesccm.decrypt(iv, ciphertext, associated_data)
    return pt.hex()

key = "54caf96ef6d448734700aadab50faf7a"
plaintext = ""
iv = "a3803e752ae849c910d8da36af"
aad = ""

encrypted = encrypt(key, iv, plaintext, aad)

print(f"key: {key}")
print(f"iv: {iv}")
print(f"encrypted: {encrypted}")

print("--------------------------------------")

decrypted = decrypt(
    key,
    aad,
    iv,
    encrypted
)

print(f"decrypted: {decrypted}")
```

Results:
```
key: 54caf96ef6d448734700aadab50faf7a
iv: a3803e752ae849c910d8da36af
encrypted: eba8347baa6d61f87b67c2dd7c6d2053
--------------------------------------
decrypted:
```

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-09-06 12:09:34 +02:00
Mateusz Starzyk
5d7f6b1fd5 Remove rendundat ctx->add_len check.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-09-06 12:09:34 +02:00
Mateusz Starzyk
cd975e4645 Extend CCM corner cases tests.
Add tests for passing incomplete input data in
the first call and too much data in the second call.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-09-06 12:09:33 +02:00
Jerry Yu
dbfb7bd873 fix various issues
- wrong cipher suite filter condition
- name conversion
- format issue

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-04 10:00:02 +08:00
Jerry Yu
8c02bb4b71 fix various comment issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2021-09-03 21:52:26 +08:00
Joe Subbiani
e5d6106071 Extend test in translate_ciphers.py
The list was trimmed previously according to code coverage, however
this did not really evalute all test cases, e.g in the case of re.sub
or m_cipher.replace. These lines are executed no matter what, so code
coverage is not suitable.

I have gone through each step in the translate functions and made sure
there is at least one ciphersuite per step

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-09-03 13:30:44 +01:00
Joe Subbiani
49d57bcf19 Improve indentation according to pylint
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-09-03 13:19:58 +01:00
Joe Subbiani
54110b3b6f Reduce translate_ciphers.py test list
Having a list of every ciphersuite suggests that it should be maintained with
any new ciphersuites that are added in the future. This in turn almost defeats
the purpose of having translation functions to begin with
Instead, the unit test now only test a much smaller subset of ciphersuite names
that exercise each stage in the OpenSSL and GnuTLS translate functions.
In the future, if a new cipersuite is added that requires an extra stage in
translation, then that cipher can be added to the test suite, otherwise it
should not be necessary.

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-09-03 13:19:57 +01:00
Joe Subbiani
b0aba9a46e Improve comments to be more accurate
Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-09-03 13:19:57 +01:00
Joe Subbiani
1d592cba5c Remove NULL-SHA256 specific to OpenSSL
Instead add TLS-RSA-WITH-NULL-SHA256 to list of common ciphersuites.
It therefore has to be removed from GnuTLS as it could then duplicate.

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-09-03 13:19:56 +01:00
Joe Subbiani
79f5790370 Remove test_translate_format()
As test_translate_ciphers_format.sh was made as a testing ground before
utilising translate_ciphers.py in compat.sh, once it was translated to
python code - as a unit test, it became redundant.

Signed-off-by: Joe Subbiani <joe.subbiani@arm.com>
2021-09-03 13:19:56 +01:00