Commit graph

5005 commits

Author SHA1 Message Date
XiaokangQian
647719a172 Add hello retry request in client side
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-01-26 10:50:06 +00:00
Ronald Cron
f51b79c297
Merge pull request #5355 from yuhaoth/pr/remove-duplicate-sig-alg-ext
Remove duplicate write signature algorithms extension
The failure of ABI-API-checking is expected.
2022-01-26 10:05:26 +01:00
Gilles Peskine
cfb151889f
Merge pull request #5457 from AndrzejKurek/key-id-encodes-owner-psa-fixes-follow-up
Remove incorrect incompatibility information about `MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER` from mbedtls_config.h
2022-01-25 17:02:35 +01:00
Andrzej Kurek
cfc920a960 Remove incorrect incompatibility information from mbedtls_config.h
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-25 06:33:08 -05:00
Jerry Yu
7ddc38cedb fix various issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-01-25 12:46:17 +08:00
Jerry Yu
713013fa80 fix various issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-01-25 12:46:17 +08:00
Jerry Yu
6106fdc085 fix build fail without TLS13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-01-25 12:46:17 +08:00
Jerry Yu
f017ee4203 merge write sig_alg of tls12 and tls13
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

# Conflicts:
#	library/ssl_misc.h
2022-01-25 12:46:17 +08:00
Gilles Peskine
a5c1bf0b8d
Merge pull request #5367 from AndrzejKurek/doxygen-closure-fixes
doxygen: add missing asterisk to group closures
2022-01-24 21:40:39 +01:00
Andrzej Kurek
cead70dbe5 doxygen: fix missing asterisk in ecp.h
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-24 10:48:10 -05:00
Manuel Pégourié-Gonnard
fcca7cfa97
Merge pull request #5428 from gstrauss/mbedtls_ssl_ciphersuite
Add accessors for ciphersuite info
2022-01-24 11:13:31 +01:00
Gilles Peskine
6249603e7c
Merge pull request #5438 from SebastianBoe/check_config
Add missing config check for PKCS5.
2022-01-22 00:52:07 +01:00
Sebastian Bøe
24e88018d2 Add missing config check for PKCS5.
PKCS5 depends on MD, but is missing a config check resulting in
obscure errors on invalid configurations.

Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
2022-01-19 12:04:35 +01:00
Glenn Strauss
8f52690956 Add accessors for ciphersuite info
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-01-13 00:05:48 -05:00
Andrzej Kurek
03e01461ad Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO
Fix library references, tests and programs.
Testing is performed in the already present all.sh test.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-01-03 12:53:24 +01:00
Andrzej Kurek
01404dfaa2 doxygen: remove empty platform_time configuration section
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2021-12-30 12:34:00 +01:00
Andrzej Kurek
a0defed667 doxygen: move addtogroup closures to include more elements
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2021-12-30 12:33:31 +01:00
Andrzej Kurek
38d4fddcd8 Add missing asterisk to doxygen closures
Clarify section names next to closing braces
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2021-12-28 16:22:52 +01:00
Ronald Cron
17b1e2f6c3 Bump version to 3.1.0
Executed ./scripts/bump_version.sh --version 3.1.0 --so-crypto 11 --so-tls 17
+ fix of build_info.h

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-15 09:02:53 +01:00
Gilles Peskine
a5c18512b9
Merge pull request #5155 from paul-elliott-arm/pcks12_fix
Fixes for pkcs12 with NULL and/or zero length password
2021-12-13 14:52:36 +01:00
Dave Rodgman
050ad4bb50
Merge pull request #5313 from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac
Check HMAC return values
2021-12-13 10:51:27 +00:00
Gilles Peskine
ecf6bebb9c Catch failures of md_hmac operations
Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that
their return values should be checked.

Do check the return values in our code. We were already doing that
everywhere for hash calculations, but not for HMAC calculations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-12-11 15:00:57 +01:00
Ronald Cron
bb27b43013 build: Fix TLS 1.3 prerequisites
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 14:22:52 +01:00
Ronald Cron
6f135e1148 Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3
As we have now a minimal viable implementation of TLS 1.3,
let's remove EXPERIMENTAL from the config option enabling
it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:47:55 +01:00
Ronald Cron
0abf07ca2c Make PSA crypto mandatory for TLS 1.3
As we want to move to PSA for cryptographic operations
let's mandate PSA crypto from the start.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:22:21 +01:00
Ronald Cron
6b07916e40
Merge pull request #5230 from ronald-cron-arm/tls13_ccs_client
Add initial support for "Middlebox Compatibility Mode"
2021-12-10 11:58:05 +01:00
Gilles Peskine
d31da1c673
Merge pull request #5270 from davidhorstmann-arm/improve-cmac-docs
Reword documentation of CMAC operations
2021-12-09 23:28:36 +01:00
Ronald Cron
49ad6197ca Add injection of dummy's ChangeCipherSpec for middlebox compatibility
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-09 13:40:22 +01:00
Ronald Cron
ab65c52944 Add MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE config option
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-09 13:40:22 +01:00
Manuel Pégourié-Gonnard
c38c1f2411
Merge pull request #5268 from gilles-peskine-arm/struct_reordering_3.0
Reorder structure fields to maximize usage of immediate offset access
2021-12-09 12:54:09 +01:00
Gilles Peskine
b3ec69dba5 mbedtls_ssl_config: better document former bit-fields
Ensure that the documentation of fields affected by
"mbedtls_ssl_config: Replace bit-fields by separate bytes"
conveys information that may have been lost by removing the exact size of
the type. Extend the preexisting pattern "do this?" for formerly 1-bit
boolean fields. Indicate the possible values for non-boolean fields.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-12-08 18:32:12 +01:00
Gilles Peskine
392113434a
Merge pull request #5263 from ronald-cron-arm/psa-test-driver_3.x
Forward port to 3.x: Introduce PSA test driver library to test PSA configuration
2021-12-07 12:52:20 +01:00
David Horstmann
3d5dfa598b Reword documentation of CMAC operations
Change the wording of the documentation for some CMAC functions,
as the existing wording, while technically correct, can be
easy to misunderstand. The reworded docs explain the flow of
a CMAC computation a little more fully.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2021-12-06 18:58:02 +00:00
Dave Rodgman
351c71b7f2 Fix builds when config.h only defines MBEDTLS_BIGNUM_C
Fixes #4929

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-12-06 17:50:53 +00:00
Ronald Cron
8c8cea25c7
Merge pull request #5166 from xffbai/code-align
Align the TLS 1.3 code with coding rules
2021-12-06 10:54:00 +01:00
Ronald Cron
d4c2c9bf94 psa: Fix some dependencies in config_psa.h
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-06 07:50:27 +01:00
Ronald Cron
ef6ffe3033 psa: Fix Mbed TLS hash operation definition
Use PSA_BUILTIN macros instead of the Mbed TLS ones
as in the hash operation contexts the context for a
given hash is needed only if the support for it
through PSA is enabled.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-06 07:50:27 +01:00
Ronald Cron
7975fae6bd Move to separately compiled PSA test driver library
This commit removes the test_psa_crypto_config_basic
all.sh component that can no longer work without
adapting it to the separately compiled test driver
library. This component is replaced by several
components in the following commits to test various
type of acceleration independently.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-06 07:50:27 +01:00
Ronald Cron
fcaba24697 psa: Fix hash max sizes
The PSA max hash size has to be 64 if SHA512 or
SHA384 is supported by the library or an
accelerator, not just in case of the library.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-03 18:55:33 +01:00
Gilles Peskine
28de59c50a
Merge pull request #5246 from adeaarm/development
Align function parameter names for mbedtls_set_key_owner_id
2021-12-03 17:24:46 +01:00
Gilles Peskine
1bbf6d645b
Merge pull request #5149 from mfil/feature/additional_cipher_info_getters
Additional cipher_info getters
2021-12-03 17:21:51 +01:00
Paul Elliott
ad7e8a7092 Documentation fixes
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-11-30 15:37:49 +00:00
Antonio de Angelis
e2b6866e0b Align function parameter names for mbedtls_set_key_owner_id in PSA headers
static function mbedtls_set_key_owner() is declared in psa/crypto.h
and defined in psa/crypto_struct.h with different parameter name for
the  mbedtls_key_owner_id_t parameter and that may trigger errors
from static code analysis tool as cppcheck.

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2021-11-30 12:26:58 +00:00
Gilles Peskine
533a728392 mbedtls_ssl_config: Replace bit-fields by separate bytes
This slightly increases the RAM consumption per context, but saves code
size on architectures with an instruction for direct byte access (which is
most of them).

Although this is technically an API break, in practice, a realistic
application won't break: it would have had to bypass API functions and rely
on the field size (e.g. relying on -1 == 1 in a 1-bit field).

Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build):
library/ssl_cli.o: 19543 -> 19559 (diff: -16)
library/ssl_msg.o: 24726 -> 24690 (diff: 36)
library/ssl_srv.o: 20462 -> 20418 (diff: 44)
library/ssl_tls.o: 20707 -> 20555 (diff: 152)
library/ssl_tls13_client.o: 7252 -> 7244 (diff: 8)
library/ssl_tls13_generic.o: 4705 -> 4693 (diff: 12)

Results (same architecture, config-suite-b.h + MBEDTLS_ECDH_LEGACY_CONTEXT +
MBEDTLS_ECP_RESTARTABLE):
library/ssl_cli.o: 2876 -> 2864 (diff: 12)
library/ssl_msg.o: 3068 -> 3080 (diff: -12)
library/ssl_srv.o: 3372 -> 3340 (diff: 32)
library/ssl_tls.o: 6658 -> 6566 (diff: 92)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-11-29 12:44:49 +01:00
Gilles Peskine
8834d87ef6 mbedtls_ssl_config, mbedtls_ssl_session: reorder fields
Move small fields first so that more fields can be within the Arm Thumb
128-element direct access window.

Keep the int section after the pointer section: moving int fields first cost
a few bytes on the reference baremetal-m0plus build.

The ordering in this commit is not based on field access frequency.

Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build):
library/ssl_cli.o: 19687 -> 19543 (diff: 144)
library/ssl_msg.o: 24834 -> 24726 (diff: 108)
library/ssl_srv.o: 20562 -> 20462 (diff: 100)
library/ssl_tls.o: 20907 -> 20707 (diff: 200)
library/ssl_tls13_client.o: 7272 -> 7252 (diff: 20)
library/ssl_tls13_generic.o: 4721 -> 4705 (diff: 16)

Results (same architecture, config-suite-b.h + MBEDTLS_ECDH_LEGACY_CONTEXT +
MBEDTLS_ECP_RESTARTABLE):
library/ssl_cli.o: 2936 -> 2876 (diff: 60)
library/ssl_msg.o: 3080 -> 3068 (diff: 12)
library/ssl_srv.o: 3400 -> 3372 (diff: 28)
library/ssl_tls.o: 6730 -> 6658 (diff: 72)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-11-29 12:39:29 +01:00
Max Fillinger
c3cffae420 Document return value for IV size getter on NULL
Signed-off-by: Max Fillinger <max@max-fillinger.net>
2021-11-28 14:13:43 +01:00
Gilles Peskine
e3d9c9d99b PSA operation structures: move less-used fields to the end
Move fields around to have fewer accesses outside the 128-element Thumb
direct access window.

In psa_hkdf_key_derivation_t, move the large fields (output_block, prk,
hmac) after the state bit-fields. Experimentally, it's slightly better
to put hmac last.

Other operations structures don't go outside the window, at least when not
considering nested structures.

Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build):
library/psa_crypto.o: 16510 -> 16434 (diff: 76)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-11-26 12:44:08 +01:00
Xiaofei Bai
746f9481ea Fix 1_3/13 usages in macros and function names
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2021-11-26 08:08:36 +00:00
Gilles Peskine
09c02ee95f Make PSA headers more self-contained
Several files among include/psa/crypto_*.h are not meant to be included
directly, and are not guaranteed to be valid if included directly. This
makes it harder to perform some static analyses. So make these files more
self-contained so that at least, if included on their own, there is no
missing macro or type definition (excluding the deliberate use of forward
declarations of structs and unions).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-11-25 20:49:09 +01:00
Gabor Mezei
be7b21da22
Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module 2021-11-24 10:44:13 +01:00