yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
21101 commits 1 branch 0 tags 94 MiB
Commit graph

9332 commits

Author SHA1 Message Date
Neil Armstrong
df598abbd3 Fix key usage test in psa_pake_set_password_key() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
6b1f99f5f1 Use proper buffer size macro for allocation in psa_pake_ecjpake_setup() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
5282393091 Remove useless braces in psa_crypto_pake.c 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
c29f8477e2 Fix comments in psa_crypto_pake.c 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
a4cc7d6d6b Add PSA PAKE buildin implementation 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
4b5710f8a0 Allow KEY_TYPE_PASSWORD/KEY_TYPE_PASSWORD_HASH to be imported 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Jerry Yu
1e05b6dd6d fix coding style and unnecessary assignment 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-31 10:35:52 +08:00
Manuel Pégourié-Gonnard
bf22a2500b
Merge pull request #6208 from AndrzejKurek/tls-tests-no-md-structured 
Remove the dependency on MD from TLS 1.2 tests
 2022-08-30 12:34:37 +02:00
Dave Rodgman
0edfa9dd26
Merge pull request #6207 from daverodgman/ticket_time 
Fix type used for capturing TLS ticket generation time
 2022-08-30 10:03:06 +01:00
Jerry Yu
e5834fd0d7 remove unnecessary test 
also optimize check sum

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-29 20:33:33 +08:00
Jerry Yu
0baf907e11 remove select_ciphersuite 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-25 11:21:04 +08:00
Jerry Yu
c5a23a0f12 fix various issues 
- code style
- variable initialize
- update comments


Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-25 11:09:35 +08:00
Dave Rodgman
fac3ea5656
Merge pull request #6184 from leorosen/ssl_tls_curve_group_id_null_protect 
mbedtls_ssl_check_curve prevent potential NULL pointer dereferencing
 2022-08-24 15:16:45 +01:00
Tom Cosgrove
bcc13c943f
Add further missing whitespaces inside parentheses 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>

Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-24 15:08:16 +01:00
Tom Cosgrove
20c1137350
Fix coding style 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>

Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-24 15:06:13 +01:00
Dave Rodgman
5a28142410
Merge pull request #6189 from Kxuan/fix-ctr_drbg-uninit 
ctr_drbg: fix free uninitialized aes context
 2022-08-24 14:58:44 +01:00
Jerry Yu
f35ba384ff Add select ciphersuite entry function 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-23 22:01:58 +08:00
Jerry Yu
dd1bef788e Add ciphersuite_info check 
return null if no valid ciphersuite info

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-23 17:57:02 +08:00
Jerry Yu
29d9faa468 fix various issues. 
- comments issues
- code format style issues
- naming improvement.
- error return improvements

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-23 17:53:43 +08:00
Andrzej Kurek
299b1d6c93 Remove unnecessary psa/crypto.h include 
This is now included in `legacy_or_psa.h`.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-23 05:42:33 -04:00
Andrzej Kurek
cccb044804 Style & formatting fixes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-23 05:26:02 -04:00
Janos Follath
645ff5b8ff
Merge pull request #6095 from gabor-mezei-arm/6016_add_new_modulus_and_residue_structures 
Add the new modulus and the residue structures with low level I/O operations
 2022-08-23 09:02:43 +01:00
Andrzej Kurek
7e16ce3a72 Clarify TLS 1.2 dependencies with and without PSA crypto 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-22 17:46:50 -04:00
Andrzej Kurek
8c95ac4500 Add missing dependencies / alternatives 
A number of places lacked the necessary dependencies on one of
the used features: MD, key exchange with certificate, 
entropy, or ETM.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-22 17:46:50 -04:00
Andrzej Kurek
25f271557b Update SHA and MD5 dependencies in the SSL module 
The same elements are now also used when MBEDTLS_USE_PSA_CRYPTO
is defined and respective SHA / MD5 defines are missing.
A new set of macros added in #6065 is used to reflect these dependencies.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-22 17:46:50 -04:00
Andrzej Kurek
0ce592169e Use hash_info_get_size in ssl_tls12_client 
This way the code does not rely on the MBEDTLS_MD_C define
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-22 17:46:50 -04:00
Andrzej Kurek
a242e83b21 Rename the sha384 checksum context to reflect its purpose 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-22 17:02:04 -04:00
Gilles Peskine
e5018c97f9
Merge pull request #6195 from superna9999/6149-driver-only-hashes-ec-j-pake 
Driver-only hashes: EC J-PAKE
 2022-08-22 17:28:15 +02:00
Gilles Peskine
20ebaac85e
Merge pull request #6211 from tom-cosgrove-arm/explicit-warning-re-ct-conditions-not-0-or-1 
Be explicit about constant time bignum functions that must take a 0 or 1 condition value
 2022-08-22 17:24:04 +02:00
Gilles Peskine
03f1c39ac7
Merge pull request #6171 from mprse/md_x509_test 
Driver-only hashes: X.509
 2022-08-22 17:18:47 +02:00
Janos Follath
2e328c8591 Remove confusing const qualifier 
Since a is not a pointer, it is passed by value and declaring it const
doesn’t make any sense and on the first read can make me miss the fact
that a is not a pointer.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-22 11:19:10 +01:00
Janos Follath
c459641ad1 Bignum: add missing limb qualifiers 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-22 10:04:52 +01:00
Janos Follath
af3f39c01c Fix typos 
Co-authored-by: Tom Cosgrove <81633263+tom-cosgrove-arm@users.noreply.github.com>
Co-authored-by: Werner Lewis <Werner.Lewis@arm.com>

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-22 09:08:04 +01:00
Jerry Yu
5725f1cf3a Align ciphersuite with overwrite. 
Selected ciphersuite MUST be same with ciphsersuite of PSK.
Overwrite the old ciphersuite with the one of PSK.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-21 17:50:27 +08:00
Jerry Yu
01e42d2d4c fix issues in export handshake psk 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-21 13:00:07 +08:00
Jerry Yu
9f7f646b11 Revert "remove psk key when ephemeral selected" 
This reverts commit 5c28e7aa0e.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-21 12:59:17 +08:00
Jerry Yu
e9d4fc09a3 fix binder value security issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-21 12:59:17 +08:00
Jerry Yu
24b8c813c4 fix comments and wrong initial value issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-21 12:55:45 +08:00
Jerry Yu
5d01c05d93 fix various issues 
- wrong typo in comments
- replace psk null check with key_exchange_mode check
- set psk NULL when error return in export hs psk

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-21 12:55:01 +08:00
Jerry Yu
6cf6b47b5c fix format and comment issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-21 12:54:53 +08:00
Dave Rodgman
beb4fc0723
Merge pull request #6185 from leorosen/tls12_server_null_on_missing_key 
ssl_tls12_server: fix potential NULL-dereferencing if local certifica…
 2022-08-19 20:22:59 +01:00
Leonid Rozenboim
19e5973566 mbedtls_ssl_check_curve prevent potential NULL pointer dereferencing 
Avoid the shorthand practice of the form 'x = func(foo)->bar' which
exposes the code to NULL pointer de-referencing when the 'func()'
returns a NULL pointer.

The first chunk is for when the curve group code is not recognized by
the library, and is cleanly rejected if offered.

The second chunk addresses the unlikely case of an internal error:
if 'mbedtls_pk_can_do()' returns TRUE, it should rule out
'mbedtls_pk_ec()' returning a NULL, unless there is a regression.

Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>
 2022-08-19 11:49:22 -07:00
Janos Follath
a95f204cd3 Improve documentation 
Co-authored-by: Tom Cosgrove <81633263+tom-cosgrove-arm@users.noreply.github.com>
Co-authored-by: Werner Lewis <werner.wmlewis@gmail.com>
Co-authored-by: Minos Galanakis <minos.galanakis@arm.com>

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-19 13:11:22 +01:00
Janos Follath
ca5688e10c Improve coding style 
Co-authored-by: Tom Cosgrove <81633263+tom-cosgrove-arm@users.noreply.github.com>
Co-authored-by: Werner Lewis <werner.wmlewis@gmail.com>

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-19 13:11:22 +01:00
Janos Follath
b7a88eca42 Bignum: Apply naming conventions 
Numbers:

- A, B for mbedtls_mpi_uint* operands
- a, b for mbedtls_mpi_uint operands
- X or x for result
- HAC references where applicable

Lengths:

- Reserve size or length for length/size in bytes or byte buffers.
- For length of mbedtls_mpi_uint* buffers use limbs
- Length parameters are qualified if possible (eg. input_length or
  a_limbs)

Setup functions:

- The parameters match the corresponding structure member's name
- The structure to set up is a standard lower case name even if in other
  functions different naming conventions would apply

Scope of changes/conventions:

- bignum_core
- bignum_mod
- bignum_mod_raw

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-19 13:11:22 +01:00
Janos Follath
6b8a4ad0d8 Bignum: update const qualifiers 
While at it, mark parameters based on their role.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-19 13:11:22 +01:00
Neil Armstrong
ecaba1c9b2 Make use of PSA crypto hash if MBEDTLS_MD_C isn't defined 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-19 11:49:22 +02:00
Neil Armstrong
0d76341eac Remove md_info by md_type in ecjpake context, use mbedtls_hash_info_get_size() to get hash length 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-19 11:49:22 +02:00
Przemek Stekiel
bc3906c58f pem_pbkdf1(): optimize psa version 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:36:57 +02:00
Przemek Stekiel
bf01c64e9d oid.c: unify dependencies (VIA_MD_OR_PSA->VIA_LOWLEVEL_OR_PSA) 
*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing reference -> drivers ***
   x509parse: total 723; skipped  89 ->  89
   x509write: total  41; skipped   3 ->   3
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
4146525ce9 Fix compilation guard (comment) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
0cd6f08e6f pem.c: fix style issues (redundant spaces) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
d23a4efe2c pem.c: remove redundant compilation guard 
If MBEDTLS_MD5_C is not defined MBEDTLS_USE_PSA_CRYPTO must be defined due to PEM_RFC1421.

*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing reference -> drivers ***
   x509parse: total 723; skipped  89 ->  89
   x509write: total  41; skipped   3 ->   3
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
c410ccc528 Include psa/crypto.h in legacy_or_psa.h 
It is needed for PSA_WANT_ALG_xxxx symbols

*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing reference -> drivers ***
   x509parse: total 723; skipped  89 ->  89
   x509write: total  41; skipped   3 ->   3
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
4092ff9ba9 pem.c: add internal macro to increase code readability 
*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing reference -> drivers ***
   x509parse: total 723; skipped  89 ->  89
   x509write: total  41; skipped   3 ->   3
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
829e97d029 Fix include order 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
76b753bbb7 Change the dependencies in pem.c to xxx_BASED_ON_USE_PSA and related files 
This is done to be able to bild test_psa_crypto_config_accel_hash component where MD5 is only available accelerated (PSA_WANT_ALG_MD5 is enabled and MBEDTLS_MD5_C is disabled) but MBEDTLS_USE_PSA_CRYPTO is disabled.
So the build should not attempt to enable pem_pbkdf1.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
81799fd9d8 pem.c, test_suite_pem: fix dependency MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA->MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA 
*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing reference -> drivers ***
   x509parse: total 723; skipped  89 ->  89
   x509write: total  41; skipped   3 ->   3
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
be92bee58a pem.c: Fix conditional compilation flags 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
a68d08f7d1 pem.c: adjust for bulid without md 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
de81028f00 Adjust dependencies in library/oid.c 
*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
fd18366965 Adjust declared dependencies in library/x509* 
*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Ronald Cron
f3f6b0a5c3
Merge pull request #6123 from yuhaoth/pr/finialize-tls13-serialize_session_save_load 
TLS 1.3:finalize tls13 serialize session save and load
 2022-08-19 08:16:05 +02:00
Leonid Rozenboim
70dfd4c8ac ssl_tls12_server: fix potential NULL-dereferencing if local certificate was not set. 
Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>
 2022-08-18 14:39:37 -07:00
Tom Cosgrove
583816caaf Be explicit about constant time bignum functions that must take a 0 or 1 condition value 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-08-18 14:09:18 +01:00
Dave Rodgman
92cd8642fa
Merge pull request #6090 from hanno-arm/fix_bnmul_arm_v7a 
Remove encoding width suffix from Arm bignum assembly
 2022-08-18 08:48:03 +01:00
Jerry Yu
e28d9745a1 fix coding style issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-18 15:44:03 +08:00
Jerry Yu
3419107e8d Add checks for ticket and resumption_key fields 
From RFC 8446 and the definition of session, we
should check the length.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-18 11:28:41 +08:00
Dave Rodgman
86c333e79e Add explicit cast to satisfy compiler 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-17 16:57:26 +01:00
Jerry Yu
e36fdd676c Change signature of tls13_session_save 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-17 21:50:25 +08:00
Dave Rodgman
392f714153 Fix type used for capturing TLS ticket generation time 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-17 12:38:24 +01:00
Dave Rodgman
a7448bf19d
Merge pull request #6141 from mpg/driver-hashes-rsa-v21 
Driver hashes rsa v21
 2022-08-16 09:52:39 +01:00
Janos Follath
cc93908b88 Bignum: Declare loop variable in loop head 
In the new bignum files (bignum_core.c, bignum_mod_raw.c and
bignum_mod.c) the loop variables are declared in the loop head wherever
this change is beneficial.

There are loops where the loop variable is used after the end of the
loop (this might not be good practice, but that is out of scope for this
commit) and others where there are several loop variables and declaring
them there would hurt readability.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-15 12:08:49 +01:00
Janos Follath
620c58ced9 Bignum: make const placement consistent 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-15 11:58:42 +01:00
Janos Follath
ed5c8d3d1e Bignum: make modulus value const 
The modulus value won't change during normal operations, make this clear
in the struct and the function signatures.

This won't prevent the caller from modifying the passed buffer, but
might give a hint and reinforces the message of the documentation.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-15 11:50:22 +01:00
Janos Follath
138f51c5c8 Fix alphabetic order in makefiles 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-15 11:38:30 +01:00
Gabor Mezei
fd65e82753
Rename structure elements 
Use better names for structure elements and adopting the convention of
the other modules.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-12 18:09:12 +02:00
Gabor Mezei
c414ba3fc0
Simplify code 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-12 17:59:53 +02:00
Gabor Mezei
5a5c0c5f0a
Move the declaration of variables to their scope of usage 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-12 15:40:09 +02:00
Gabor Mezei
7f93264ab1
Change struct element order 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-12 15:37:27 +02:00
Gabor Mezei
89e31460db
Typo 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-12 15:36:56 +02:00
Dave Rodgman
7b1be55484
Merge pull request #5993 from eliteraspberries/android-soname 
Allow non-versioned library soname.
 2022-08-12 13:49:55 +01:00
Gabor Mezei
5f56df44f0
Remove redundant check 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-12 14:41:54 +02:00
Gabor Mezei
bf9da1dfb1
Do not read if output pointer is NULL 
Skip reading if output pointer is NULL even if the length of the input buffer is 0.
The memory sanitizer will mark this as an error.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-12 14:11:56 +02:00
Mansour Moufid
6a8673092f Allow non-versioned library soname. 
Signed-off-by: Mansour Moufid <mansourmoufid@gmail.com>
 2022-08-12 11:02:01 +01:00
Janos Follath
6318468183 Improve bignum documentation 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-11 17:42:59 +01:00
Janos Follath
a30b4e5692 Bignum: remove duplicate documentation from source 
These functions have full documentation in the header. Maintaing two
copies does not worth the effort and having an out of sync reduced
duplicate is not helpful.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-11 17:15:18 +01:00
Janos Follath
2ab2d3e3e9 Inline mpi_core_clear() 
This used to resize MPIs in the legacy interface, which is not
needed/possible as the new interface has fixed size MPIs.

Inlining this function makes the code easier to read and maintain, while
there is no obvious drawback to it.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-11 16:16:49 +01:00
Janos Follath
56a10f97ba Bignum: remove unnecessary NULL pointer checks 
A null pointer dereference, or null pointer plus small offset, is a
clean runtime error in most environments. So it's not particularly
useful to protect against this.

While at it make a null pointer check that is actually necessary more
robust.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-11 15:19:00 +01:00
Janos Follath
296ea66442 Bignum: clean up use of enums 
- Made use of enums in struct and function declaration
- All enums are handled by switch case now
- If the switch does nothing on default, omit the default case to make
  compiler warnings more powerful
- The two enums are now disjoint and the value 1 is skipped to make
  mistakes easier to detect

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-11 14:58:29 +01:00
Jerry Yu
5c28e7aa0e remove psk key when ephemeral selected 
ephemeral is selected, `handshake->psk` must be removed.
Otherwise the encrypt key will be caculate fail.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-11 21:25:35 +08:00
Jerry Yu
56acc9421c Write key_share base on key_exchange mode. 
In ServerHello, write key share should base on key_exchange mode, not
base on configuration.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-11 21:25:35 +08:00
Jerry Yu
f0bad2554a Continue check next psk key when binder mismatch 
with matched identity and mismatch binder, should check next psk key.
Exit with error will break multi-psk cases.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-11 21:25:35 +08:00
Jerry Yu
32e1370fbc Add config check for pre_shared_key parser 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-11 21:25:35 +08:00
Jerry Yu
e95c8af266 Align ciphersuite with psk key 
With OpenSSL and GnuTLS client, if the MAC of ciphersuite
does not match selected binder, client will reject connection.
This change is to select ciphersuite base on algo of psk binder.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-11 21:25:35 +08:00
Jerry Yu
ccc68a466e change handshake psk key type for tls13 
PSK key type of TLS1.3 must be HKDF_EXTRACT and the algo is
decided when create binder

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-11 21:25:35 +08:00
Ronald Cron
295d93ebe8 Add psk handshake with gnutls 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-11 21:25:35 +08:00
Jerry Yu
40f3771e18 Add handshake psk export function. 
Rename `ssl_tls13_get_psk` and export the
function.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-11 21:25:35 +08:00
Przemek Stekiel
71bf28bb34 Fix include file path 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-11 12:50:06 +02:00
Przemek Stekiel
f98b57f231 Initialize status/ret to error value 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-11 12:50:06 +02:00