Commit graph

9332 commits

Author SHA1 Message Date
Glenn Strauss
fcabc28cfc use MPI_ECP_* macros in mbedtls_ecp_sw_derive_y()
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-12-19 21:24:50 -05:00
Glenn Strauss
cbfd5e9db7 comment
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-12-16 11:03:41 -05:00
Glenn Strauss
369bfb94c5 comments and whitespace
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-12-16 10:49:04 -05:00
Glenn Strauss
2ff77119df mbedtls_ecp_point_read_binary from compressed fmt
mbedtls_ecp_point_read_binary from MBEDTLS_ECP_PF_COMPRESSED format

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-10-03 05:43:27 -04:00
Manuel Pégourié-Gonnard
409a620dea
Merge pull request #6255 from mprse/md_tls13
Driver-only hashes: TLS 1.3
2022-09-15 10:37:46 +02:00
Manuel Pégourié-Gonnard
18dff1f226
Merge pull request #5871 from superna9999/4153-psa-expose-ec-j-pake
Expose ECJPAKE through the PSA Crypto API
2022-09-15 09:25:55 +02:00
Ronald Cron
208257b39f
Merge pull request #6259 from yuhaoth/pr/add-psk_ephemeral-possible-group-tests
TLS 1.3: PSK: Add possible group tests for psk with ECDHE
2022-09-14 14:21:46 +02:00
Przemyslaw Stekiel
ab9b9d4669 ssl_tls13_keys.h: use PSA max hash size
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-14 13:51:07 +02:00
Przemyslaw Stekiel
da6452578f ssl_tls13_generic.c: fix hash buffer sizes (use PSA_HASH_MAX_SIZE)
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-14 12:50:51 +02:00
Neil Armstrong
6a12a7704d Fix typo in comment
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-14 12:17:42 +02:00
Przemyslaw Stekiel
004c2181f0 ssl_misc.h: hash guards adaptations
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-14 11:00:57 +02:00
Przemek Stekiel
0852ef8b96 mbedtls_ssl_reset_transcript_for_hrr: remove redundant 'else' statement
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
9dfbf3a006 ssl_tls13_generic.c: optimize code to save memory
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
153b442cc3 mbedtls_ssl_tls13_sig_alg_is_supported: adapt guards
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Przemek Stekiel
47e3cb1875 ssl_tls13_generic.c: adapt guards for MBEDTLS_SHAxxx_C
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 18:08:54 +02:00
Neil Armstrong
fa84962296 Add comment explaining PSA PAKE vs Mbedtls J-PAKE API matching strategy
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-13 15:19:56 +02:00
Neil Armstrong
3d4966a5cb Move possible input/output steps check inside PSA_ALG_JPAKE handling
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-13 15:19:56 +02:00
Neil Armstrong
017db4cdda Drop calls to mbedtls_ecjpake_check()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-13 15:19:56 +02:00
Neil Armstrong
1d0294f6ed Clarify sequence length calculation comment
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-13 15:19:56 +02:00
Neil Armstrong
cb679f23bc Replace 0s with proper defines when possible
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-13 14:43:07 +02:00
Przemek Stekiel
5166954d14 Make more use of MBEDTLS_MAX_HASH_SIZE macro
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-13 12:57:05 +02:00
Neil Armstrong
ecb221b1ff Move operation buffer in operation struct and remove dynamic allocation
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-08 11:21:07 +02:00
Przemek Stekiel
40afdd2791 Make use of MBEDTLS_MAX_HASH_SIZE macro
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-06 14:18:45 +02:00
Przemek Stekiel
c3f2767c25 hash_info.h: add MBEDTLS_MAX_HASH_SIZE macro
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-06 14:18:39 +02:00
Neil Armstrong
9720b881f5 Remove doxygen markup outside doxygen block in psa_pake_sequence comment
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-06 11:39:21 +02:00
Neil Armstrong
b39833cff2 Fix typo in psa_pake_sequence comment
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-06 11:36:02 +02:00
Jerry Yu
58af2335d9 Add possible group tests for psk with ECDHE
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-06 14:49:39 +08:00
Neil Armstrong
bcd5bd933e Add a comment expliciting usage of internal PAKE step/state/sequence enums
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-05 18:34:12 +02:00
Neil Armstrong
5bbdb70131 Fix style in psa_pake_input()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-05 17:54:15 +02:00
Andrzej Kurek
216baca131 pkcs5: improve error handling
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:15:34 -04:00
Andrzej Kurek
e3d544c58f Minor PKCS5 improvements
Add consts, more elegant size calculation and 
variable initialization.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
3d0dfb99c9 Change the pkcs5_pbkdf2_hmac deprecation approach
The shared part has now been extracted and will
be used regardless of the deprecation define.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
f000471c66 Add missing MD dependency for pkcs5_pbkdf2_hmac
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
ed98e95c81 Adjust pkcs5 test dependencies
Hashing via PSA is now supported 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
890e78ae66 Deprecate mbedtls_pkcs5_pbkdf2_hmac
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
dd36c76f09 Provide a version of pkcs5_pbkdf2_hmac without MD usage
Use the new implementation locally
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Manuel Pégourié-Gonnard
97fc247d6a
Merge pull request #6232 from AndrzejKurek/pkcs12-no-md
Remove MD dependency from pkcs12 module
2022-09-02 09:43:13 +02:00
Andrzej Kurek
e16e6edfce Remove the dependency on MD_MAX_SIZE from PKCS12
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-01 08:57:59 -04:00
Andrzej Kurek
7bd12c5d5e Remove MD dependency from pkcs12 module
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-01 08:57:41 -04:00
Ronald Cron
e00d6d6b55
Merge pull request #6135 from yuhaoth/pr/tls13-finalize-external-psk-negotiation
TLS 1.3: SRV: Finalize external PSK negotiation
2022-08-31 17:21:57 +02:00
Neil Armstrong
f19a3cb613 Use the mbedtls_ecjpake_write_shared_key() to input raw shared key material as derivation secret
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
12663092bc Introduce mbedtls_ecjpake_write_shared_key() to export the EC J-PAKE shared key material before the KDF()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
db05cbfb86 Introduce and use mbedtls_ecjpake_to_psa_error() to translate various ECP/MPI errors to expected PSA errors
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
1e855601ca Fix psa_pake_get_implicit_key() state & add corresponding tests in ecjpake_rounds()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
e92311176a Add missing parentheses on return statements
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
5fb07c6a96 No need to check for state in psa_pake_setup()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
a557cb8c8b Fixing XXX_ALG_ECJPAKE to XXX_ALG_JPAKE to match specification
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
fbc4b4aa8e Fix psa_pake_abort() order to correctly free memory when alg is PSA_ALG_JPAKE
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
0d001ef3da Check more parameters of psa_pake_output/psa_pake_input
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
4efd7a463d Check for PSA_ALG_ECJPAKE alg for the ECJPAKE builtin implementation
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00