9057 commits

Author	SHA1	Message	Date
Przemek Stekiel	0a60c129de	Add intermediate variables to increase code readability ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-14 09:54:51 +01:00
Przemek Stekiel	e9f00445bc	Destroy ecdh_psa_privkey on failure ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-14 09:42:32 +01:00
Przemek Stekiel	130c4b5567	Use PSA version of key agreement only for ECDHE keys ... This should be cleaned when server-side static ECDH (1.2) support is added (#5320). Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-14 09:18:24 +01:00
Manuel Pégourié-Gonnard	c11bffe989	Merge pull request #5139 from mprse/key_der_ecc ... PSA: implement key derivation for ECC keys	2022-03-14 09:17:13 +01:00
Gilles Peskine	81d903f5aa	Merge pull request #5510 from SiliconLabs/feature/PSEC-3269-MD-X.509-hashing ... feat: MD: X.509 hashing	2022-03-10 20:16:43 +01:00
Gilles Peskine	afb482897b	Merge pull request #5292 from mprse/asym_encrypt ... Driver dispatch for PSA asymmetric encryption + RSA tests	2022-03-10 20:07:38 +01:00
Gabor Mezei	49c8eb3a5a	Enable chachcapoly cipher for SSL tickets ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-10 17:09:59 +01:00
Gabor Mezei	2a02051286	Use PSA in TLS ticket handling ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-10 17:09:59 +01:00
Gabor Mezei	e6d867f476	Typo ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-10 15:04:58 +01:00
Ronald Cron	a8b38879e1	Move state change from CLIENT_CERTIFICATE_VERIFY to its main handler ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-10 13:58:17 +01:00
Ronald Cron	7a94aca81a	Move state change from CLIENT_CERTIFICATE to its main handler ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-10 13:58:04 +01:00
Manuel Pégourié-Gonnard	10e5cdbbbf	Merge pull request #5454 from gstrauss/cert_cb-user_data ... server certificate selection callback	2022-03-10 11:51:42 +01:00
Przemek Stekiel	fd32e9609b	ssl_parse_client_key_exchange(): read the curve identifier and the peer's public key and compute the shared secret using PSA ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-09 16:01:59 +01:00
Przemek Stekiel	b6ce0b6cd8	ssl_prepare_server_key_exchange(): generate a private/public key and write out the curve identifier and public key using PSA ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-09 16:01:50 +01:00
Ronald Cron	5bb8fc830a	Call Certificate writing generic handler only if necessary ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	3f20b77517	Improve comment ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	00d012f2be	Fix type of force_flush parameter ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	9f55f6316e	Move state change from CSS states to their main handler ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	3addfa4964	Move state change from WRITE_CLIENT_HELLO to its main handler ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	66dbf9118e	TLS 1.3: Do not send handshake data in handshake step handlers ... Send data (call to mbedtls_ssl_flush_output()) only from the loop over the handshake steps. That way, we do not have to take care of the partial writings (MBEDTLS_ERR_SSL_WANT_WRITE error code) on the network in handshake step handlers. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:51:52 +01:00
Ronald Cron	9df7c80c78	TLS 1.3: Always go through the CLIENT_CERTIFICATE state ... Even if certificate authentication is disabled at build time, go through the MBEDTLS_SSL_CLIENT_CERTIFICATE state. It simplifies overall the code for a small code size cost when certificate authentication is disabled at build time. Furthermore that way we have only one point in the code where we switch to the handshake keys for record encryption. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-09 07:50:08 +01:00
Paul Elliott	17f452aec4	Merge pull request #5448 from lhuang04/tls13_alpn ... Port ALPN support for tls13 client from tls13-prototype	2022-03-08 17:53:38 +00:00
Manuel Pégourié-Gonnard	d815114f93	Merge pull request #5524 from mprse/tls_ecdh_2c ... TLS ECDH 2c: ECHDE in TLS 1.3 (client-side)	2022-03-08 11:43:45 +01:00
Przemek Stekiel	c85f0912c4	psa_crypto.c, test_suite_psa_crypto.function: fix style ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-08 11:37:54 +01:00
Gilles Peskine	44311f5c98	Merge pull request #5571 from superna9999/5162-pk-rsa-signing ... PK: RSA signing	2022-03-07 17:09:14 +01:00
Gilles Peskine	15364ffb03	Merge pull request #5579 from SiliconLabs/erase_secret_before_free ... Erase secrets in allocated memory before freeing said memory	2022-03-07 17:04:04 +01:00
Neil Armstrong	6d5baf5f1e	Use PSA MAC verify API in mbedtls_ssl_cookie_check() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-07 14:33:21 +01:00
Neil Armstrong	be52f500c8	Use PSA_ALG_TRUNCATED_MAC() to limit to COOKIE_HMAC_LEN in mbedtls_ssl_cookie_setup() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-07 14:33:21 +01:00
Neil Armstrong	7cd0270d6c	Drop mutex in mbedtls_ssl_cookie_ctx when PSA is used ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-07 14:33:21 +01:00
Neil Armstrong	2217d6f825	Generate cookie MAC key with psa_generate_key ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-07 14:33:21 +01:00
pespacek	b9ca22dead	Improving readability of x509_crt and x509write_crt for PR ... Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-03-07 13:59:44 +01:00
pespacek	d924e55944	Improving readability of x509_crt and x509write_crt ... Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-03-07 13:31:54 +01:00
Przemek Stekiel	7fc0751f78	Restore build options for mbedtls_ecc_group_of_psa() and related functions ... Additional issue created to simplifiy usage of BUILTIN_KEY_TYPE_xxx && BUILTIN_ALG_yy macros https://github.com/ARMmbed/mbedtls/issues/5596 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-06 20:43:46 +01:00
Neil Armstrong	77b69ab971	Remove non-PSA MAC key in mbedtls_ssl_cookie_ctx ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-04 14:45:45 +01:00
Neil Armstrong	23d34ce372	Use PSA HMAC API in ssl_cookie_hmac() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-04 14:45:45 +01:00
Neil Armstrong	d633201279	Import PSA HMAC key in mbedtls_ssl_cookie_setup() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-04 14:45:18 +01:00
Andrzej Kurek	09e803ce0d	Provide a dummy implementation of timing.c ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Andrzej Kurek	108bf520e0	Add a missing guard for time.h in net_sockets.c ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Daniel Axtens	f071024bf8	Do not include time.h without MBEDTLS_HAVE_TIME ... MBEDTLS_HAVE_TIME is documented as: "System has time.h and time()." If that is not defined, do not attempt to include time.h. A particular problem is platform-time.h, which should only be included if MBEDTLS_HAVE_TIME is defined, which makes everything messier. Maybe it should be refactored to have the check inside the header. Signed-off-by: Daniel Axtens <dja@axtens.net>	2022-03-04 05:07:45 -05:00
Neil Armstrong	bca99ee0ac	Add PSA key in mbedtls_ssl_cookie_ctx ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-04 10:20:20 +01:00
Neil Armstrong	e87804920a	Use new PSA to mbedtls PK error mapping functions in rsa_decrypt_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:54:16 +01:00
Neil Armstrong	b556a42656	Use now shared RSA_PRV_DER_MAX_BYTES define in pk_wrap.c ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:52:47 +01:00
Neil Armstrong	f47135756c	Map INVALID_PADDING from PSA to MbedTLS error in rsa_decrypt_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:52:47 +01:00
Neil Armstrong	0d46786034	Fix style issue in rsa_decrypt_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:52:47 +01:00
Neil Armstrong	f1b564bb8d	Check psa_destroy_key() return in rsa_decrypt_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:52:47 +01:00
Neil Armstrong	18f43c7304	PK: RSA decrypt PSA wrap implementation ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:52:47 +01:00
Neil Armstrong	e4edcf761d	Use new PSA to mbedtls PK error mapping functions in ecdsa_sign_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:46:41 +01:00
Neil Armstrong	ff70f0bf77	Check psa_destroy_key() return in rsa_sign_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	edcc73c992	Fix 80 characters indentation in ecdsa_sign_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	dab14de96a	Use now shared ECP_PRV_DER_MAX_BYTES define in pk_wrap.c ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	15021659d1	Move pk_ecdsa_sig_asn1_from_psa() before ecdsa_sign_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	5874aa38f7	Fix style issue in find_ecdsa_private_key() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	cf5a215a43	Check psa_destroy_key() return in rsa_verify_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	e960690b89	PK: ECDSA signing PSA wrap implementation ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:44:06 +01:00
Neil Armstrong	db69c5213f	Use new PSA to mbedtls PK error mapping functions in rsa_sign_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:41:23 +01:00
Neil Armstrong	66fa769ae8	Fix 80 characters indentation in rsa_sign_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	4b1a059f7d	Use now shared RSA_PRV_DER_MAX_BYTES define in pk_wrap.c ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	48a9833cdf	Check psa_destroy_key() return in rsa_sign_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	e4f28688fd	Fix comment typo in rsa_sign_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	9854568204	PK: RSA signing PSA wrap implementation ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	3770e2483f	Use new PSA to mbedtls PK error mapping functions in pk_wrap.c ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:37:33 +01:00
Neil Armstrong	deb4bfb2b9	Use now shared RSA_PUB_DER_MAX_BYTES define in pk_wrap.c ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	9dccd866c3	Check psa_destroy_key() return in ecdsa_verify_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	7dd3b20d36	Check psa_destroy_key() return in rsa_encrypt_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	ac014ca5d9	Fix comment typos in rsa_encrypt_wrap() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Neil Armstrong	96a16a429b	PK: RSA encrypt PSA wrap implementation ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:33:39 +01:00
Gilles Peskine	1f13e984ad	Merge pull request #5529 from superna9999/5514-translate-psa-errs-to-mbedtls ... Rename, move and refine PSA to mbedtls PK errors mappings	2022-03-03 13:30:29 +01:00
Gilles Peskine	d929dbbb25	Merge pull request #5368 from mfil/feature/additional_md_getters ... Add function to get message digest info from context	2022-03-02 16:44:26 +01:00
Gilles Peskine	e8c8300190	Merge pull request #5581 from superna9999/pk-move-rename-rsa-ec-key-sizes ... Move max sizes of RSA & EC DER keys into public header	2022-03-02 16:41:53 +01:00
Neil Armstrong	6828d8fdc4	Return MBEDTLS_ERR_SSL_BAD_INPUT_DATA if MAC algorithm isn't supported in ssl_tls.c ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-02 15:37:11 +01:00
Neil Armstrong	6958bd0206	Clean aux_out in PSA version of mbedtls_ct_hmac() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-02 15:37:11 +01:00
Neil Armstrong	4313f55a13	Simplify error handling of PSA mac operationsg in ssl_msg.c ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-02 15:37:04 +01:00
Neil Armstrong	321116c755	Remove spurious debug in ssl_tls12_populate_transform() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-02 15:06:15 +01:00
Przemek Stekiel	e894c5c4a5	Fix code style (indentation) in ssl_tls13_generate_and_write_ecdh_key_exchange() ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-02 08:45:56 +01:00
Paul Elliott	06898650f9	Merge pull request #5471 from yuhaoth/pr/add-tls13-client-certificate-verify ... TLS1.3: Add write client Certificate and CertificateVerify	2022-03-01 18:42:00 +00:00
Przemek Stekiel	15565eeb59	Move publick key check out of MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 17:01:39 +01:00
Neil Armstrong	19915c2c00	Rename error translation functions and move them to library/pk_wrap.* ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 15:21:02 +01:00
Przemek Stekiel	a81aed2dae	Clean up init values of psa crypto status and fix switch default case ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 15:13:30 +01:00
Przemek Stekiel	f110dc05be	Clenup conditional compilation flags. ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 14:48:05 +01:00
Przemek Stekiel	dcab6ccb3b	Return PSA_ERROR_INVALID_ARGUMENT for a public key, and PSA_ERROR_NOT_SUPPORTED for a type that is not handled. ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 14:29:49 +01:00
Neil Armstrong	0f49f83625	Use now shared ECP_PUB_DER_MAX_BYTES define in pk_wrap.c ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 10:05:33 +01:00
Neil Armstrong	e9ecd27890	Rename max sizes of RSA & EC DER keys defines ... Rename to match the required pattern of defines: '^(MBEDTLS|PSA)_[0-9A-Z_]*[0-9A-Z]$' Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 10:03:21 +01:00
Neil Armstrong	e0326a6acc	Move max sizes of RSA & EC DER keys into private pkwrite.h ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 09:58:58 +01:00
Glenn Strauss	6989407261	Add accessor to retrieve SNI during handshake ... Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 19:55:53 -05:00
Glenn Strauss	36872dbd0b	Provide means to reset handshake cert list ... Extend mbedtls_ssl_set_hs_own_cert() to reset handshake cert list if cert provided is null. Previously, mbedtls_ssl_set_hs_own_cert() only provided a way to append to the handshake certificate list, without providing a way to replace the handshake certificate list. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 19:55:48 -05:00
Glenn Strauss	2ed95279c0	Add server certificate selection callback ... https://github.com/ARMmbed/mbedtls/issues/5430 Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 17:31:49 -05:00
Neil Armstrong	e858996413	Use PSA version of mbedtls_ct_hmac() in mbedtls_ssl_decrypt_buf() ... Due to mbedtls_ct_hmac() implementation the decryption MAC key must be exportable. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:17:50 +01:00
Neil Armstrong	2968d306e4	Implement mbedtls_ct_hmac() using PSA hash API ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:50 +01:00
Neil Armstrong	cf8841a076	Remove non-PSA MAC keys in mbedtls_ssl_transform when MBEDTLS_USE_PSA_CRYPTO is defined ... Also remove last usage of non-PSA MAC keys in ssl_decrypt_non_etm_cbc() SSL test. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Neil Armstrong	26e6d6764e	Use PSA MAC API in mbedtls_ssl_encrypt/decrypt_buf() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Neil Armstrong	0760ade761	Setup & Import HMAC keys in ssl_tls12_populate_transform() ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-25 15:16:49 +01:00
Steven Cooreman	cd5be32191	Erase secrets in allocated memory before freeing said memory ... Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2022-02-25 11:14:59 +01:00
Andrzej Kurek	a0237f86d3	Add missing key destruction calls in ssl_write_client_key_exchange ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-25 04:36:40 -05:00
Tom Cosgrove	7e7aba8c9d	Rename mbedtls_a64_crypto_sha256_check_support() to mbedtls_a64_crypto_sha256_determine_support() ... The Mbed TLS coding standard specifies that "check" functions must return 0 for success (i.e. feature present), while "has" functions should return 1 for true. Since we were using "check" to do the actual check, and "has" to get the cached value, having inverted values here would be confusing. Therefore, rename "check" to "determine", as that's what those functions are doing. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-02-24 08:33:11 +00:00
Jerry Yu	71f36f1d2e	change alert message type ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-23 17:34:29 +08:00
Neil Armstrong	39b8e7dde4	Add, Initialize & Free HMAC keys in mbedtls_ssl_transform ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-23 09:24:57 +01:00
Jerry Yu	0b7b101b3b	fix warnings ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-23 12:26:48 +08:00
Jerry Yu	2ff6ba1df0	Remove rsa_pss_rsae_sha256 support. ... Sign rsa is not thread safe. Remove it from current code. And a thread-safe version should be re-introduce in future. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-23 10:38:25 +08:00
Przemyslaw Stekiel	91ebfc0402	Adapt compilation flags for ECC key derivation ... Use conditional compilation flags for building ECC key derivation code consistent with flags used for mbedtls_ecc_group_of_psa(). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 15:50:30 +01:00
Neil Armstrong	3f9cef4547	Remove actual and use new PSA to mbedtls PK errors mapping functions ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 15:44:39 +01:00
Neil Armstrong	ea761963c5	Add specialized PSA to mbedtls PK/RSA error mapping function ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 14:37:00 +01:00
Neil Armstrong	cd501f406e	Add specialized PSA to mbedtls PK/ECDSA error mapping function ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 14:37:00 +01:00
Neil Armstrong	a3fdfb4925	Introduce new PSA to mbedtls PK error mapping function ... Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 14:37:00 +01:00
Przemyslaw Stekiel	76960a7217	mbedtls_mpi_read_binary() document that function guarantees to return an MPI with exactly the necessary number of limbs and remove redundant call to mbedtls_mpi_grow() ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	aeaa4f0651	Code optimization ... - fix codding style - fix comments and descriptions - add helper function for montgomery curve - move N-2 calculation outside the loop - fix access to <data> bytes: *data[x] -> (*data)[x] Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	6d3d18b2dc	psa_generate_derived_key_internal, psa_generate_derived_ecc_key_weierstrass_helper: optimize the code ... Perform the following optimizations: - fix used flags for conditional compilation - remove redundant N variable - move loop used to generate valid k value to helper function - fix initial value of status - fix comments Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	924815982a	Workaround for VS compiler build error ... The following error was reported by CI for win32/release builds: 37>Done Building Project "C:\builds\workspace\mbed-tls-pr-head_PR-5139-head\worktrees\tmp_nn5muy8\visualc\VS2010\gen_entropy.vcxproj.metaproj" (Rebuild target(s)). 67>c:\builds\workspace\mbed-tls-pr-head_pr-5139-head\worktrees\tmp_nn5muy8\library\psa_crypto.c(4840): fatal error C1001: An internal error has occurred in the compiler. [C:\builds\workspace\mbed-tls-pr-head_PR-5139-head\worktrees\tmp_nn5muy8\visualc\VS2010\key_ladder_demo.vcxproj] (compiler file 'f:\dd\vctools\compiler\utc\src\p2\main.c', line 228) To work around this problem, try simplifying or changing the program near the locations listed above. Please choose the Technical Support command on the Visual C++ Help menu, or open the Technical Support help file for more information Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	e33ae7186e	psa_crypto.c: adapt macros ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	dc215f4b97	Simplify calculations for clear mask ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	d80b6ed46d	Use loop instead goto and fix misleading variable name ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	dc8d7d9211	fix mbedtls/psa status code mismatch ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	871a336028	Remove redundant psa_generate_derived_ecc_key_weierstrass_check_config() ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	aaa1ada086	psa_generate_derived_ecc_key_weierstrass_check_config: Build only when ECC enabled ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel	50fcc535e5	Add Weierstrass curve/bits consistancy check + negative test vectors ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel	58ce8d8fb6	Add support for Montgomery curves ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel	705fb0f918	Only Weierstrass curves supported ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:35:26 +01:00
Przemyslaw Stekiel	c6e4c512af	psa_crypto.c: fix warning on windows compiler ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel	1dfd1224dc	psa_generate_derived_ecc_key_helper: compile only when ECC is supported ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel	653481632e	psa_generate_derived_ecc_key_helper: fix bugs found during testing ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel	d8cdcba970	Move derivation of ECC private key to helper function and refactor code ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:26:46 +01:00
Przemyslaw Stekiel	1608e33606	PSA: implement key derivation for ECC keys ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 13:26:46 +01:00
Jerry Yu	782720787f	Refactor write_certificate_verify ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:28:13 +08:00
Jerry Yu	2124d05e06	Add sha384 and sha512 case ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	d66409ae92	Add non support sig alg check and test ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	c8d8d4e01a	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	7db5b8f68c	add rsa_pss_rsae_sha256 write support ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	3391ac00d3	fix various issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	ca133a34c5	Change state machine ... Skip CertificateVerfiy if empty certificate or no CertificateRequest received. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	537530d57a	Add certificate request echo ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	3e536442f5	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	a23b9d954c	fix undefine error ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	7399d0d806	refactor write certificate ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	1bb5a1ffe3	Implement received sig_algs check ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	32e0c2d526	fix server only build fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	90f152dfac	fix psk only build fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	72637c734b	fix write certificate fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	8511f125af	Add certificteVerify ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	5cc3506c9f	Add write certificate and client handler ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	566c781290	Add dummy state for client_certifiate ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Ronald Cron	4579a972bf	Merge pull request #5426 from gilles-peskine-arm/ssl-get-version-3.1 ... Add accessors to mbedtls_ssl_context: user data, version ABI-API-checking fails which was expected as this PR adds a new field in mbedtls_ssl_context and mbedtls_ssl_config.	2022-02-21 17:03:24 +01:00
Manuel Pégourié-Gonnard	e3a2dd787e	Merge pull request #5521 from AndrzejKurek/rsa-pss-use-psa ... Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO	2022-02-21 16:58:57 +01:00
Gabor Mezei	d860e0f18b	Add comment ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	0e7c6f4961	Check return value of psa_destroy_key ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	26c6741c58	Add better name for variable. ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	320d21cecf	Update documentation ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	c5efb8e58b	Use PSA error code ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:38 +01:00
Gabor Mezei	89c1a95f8f	Delete leftover code ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:42:59 +01:00
Gabor Mezei	b1f53976ee	Add documentation for mbedtls_psa_hkdf_extract ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:42:59 +01:00
Gabor Mezei	62bf024025	Make the mbedtls_psa_hkdf_extract function more PSA compatible ... Change the return value to `psa_status_t`. Add `prk_size` and `prk_len` parameters. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:42:57 +01:00
Gabor Mezei	9f4bb319c9	Implement HKDF extract in TLS 1.3 based on PSA HMAC ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:23:29 +01:00
Gilles Peskine	66971f8ab1	Add prototype for automatically generated debug helper ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	c63a1e0e15	Fix mbedtls_ssl_get_version() for TLSv1.3 ... Test it in ssl-opt.sh. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	e1a0c25f71	New function to access the TLS version from a context as an enum ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Tom Cosgrove	b9987fc344	Handle MBEDTLS_SHA256_USE_A64_* on Windows on ARM64 too ... Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-02-21 12:26:11 +00:00
Paul Elliott	436b72690d	Merge pull request #5362 from yuhaoth/pr/enable-tls13-only-build ... TLS1.3:Enable tls13 only build	2022-02-21 11:22:37 +00:00
Tom Cosgrove	f3ebd90a1c	SECLIB-667: Accelerate SHA-256 with A64 crypto extensions ... Provide an additional pair of #defines, MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT and MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. At most one of them may be specified. If used, it is necessary to compile with -march=armv8-a+crypto. The MBEDTLS_SHA256_PROCESS_ALT and MBEDTLS_SHA256_ALT mechanisms continue to work, and are mutually exclusive with A64_CRYPTO. There should be minimal code size impact if no A64_CRYPTO option is set. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-02-21 08:37:26 +00:00
Manuel Pégourié-Gonnard	9b545c04f7	Merge pull request #5520 from gabor-mezei-arm/5402_implement_hkdf_expand_based_on_psa_hmac ... HKDF 1b: Implement Expand in TLS 1.3 based on PSA HMAC	2022-02-21 09:30:31 +01:00
Jerry Yu	f1b23caa4e	move wrong comments ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	18621dfd23	remove extra empty line ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	50f2f703a7	remove extra guards ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	840fbb2817	guards populate_transform reference ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	4f9e3efbeb	move session_save/load_tls12 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	d9d91da7c7	move sig_hash_* ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	ee40f9d4b3	move get_key_exchange_md_tls12 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	9bccc4c63f	move populate_transform ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	e93ffcd2c7	move tls_prf_get_type ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	392112c058	move tls12prf_from_cs ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	0b3d7c1ea1	move parse_finished ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	3c8e47bbbf	move write_finished ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	2a9fff571d	move wrapup ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	aef0015ba0	move wrapup_free_hs_transform ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	b7ba49ef74	move calc_finished_tls_sha384 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	615bd6f5b9	move calc_finished_tls_sha256 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	d952669ad8	move write_certificate ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	c2c673da59	move resend_hello_request ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	ce3dca4175	move psk_derive_premaster ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	c1cb384708	move calc_verify_tls_sha384 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	8392e0dae4	move calc_verify_tls_sha256 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	d62f87e151	move derive_keys ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	2a7b5ac791	move compute_master ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	d6ab235972	move use_opaque_psk ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	f009d86186	move set_handshake_prfs ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	dc7bd17d11	move tls_prf_sha256/384 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	ed14c93008	add static prototypes ... prepare for moving functions Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:01 +08:00
Jerry Yu	53d23e2c95	Guards tls_prf functions with TLS1_2 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	c73c618094	Wrap function not used by test_tls13_only ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> # Conflicts: # library/ssl_tls13_generic.c	2022-02-21 09:06:00 +08:00
Jerry Yu	bef175db96	Wrap derive_keys with TLS1_2 option ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	cc43c6bee5	fix coding style issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	e754193e87	Remove guard inside ssl_srv.c ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	fb4b6478ee	tls13_only: improve guards of files. ... To improve readability of the preprocess guards. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	db8c48aaff	tls13_only:Remove unnecessary functions ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	7d2396332d	fix wrong setting of max_minor version ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	c5aef88be6	tls13_only: guard ssl_{cli,srv}.c with TLS1_2 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	c10f6b4735	tls13_only: simple test pass ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	c3091b1c8c	tls13_only: compile pass ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Andrzej Kurek	d70fa0e327	Restructure error handling in mbedtls_pk_verify_ext ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-17 10:51:15 -05:00
pespacek	3015148ae6	Improving readability ... Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-17 16:08:23 +01:00
Gabor Mezei	8e3602569b	Typo ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-17 11:50:02 +01:00
Manuel Pégourié-Gonnard	4fa604cc3b	Merge pull request #5511 from SiliconLabs/feature/PSEC-3195-PSA-test-suites-NOT-using-UID-0 ... feat: Update test_suite_psa_its to NOT use UID=0	2022-02-17 11:49:33 +01:00
Gilles Peskine	57b1ff39c2	Merge pull request #5377 from hanno-arm/ecp_add_mixed_fewer_mpis ... Minor improvements to ECC arithmetic subroutines	2022-02-17 10:27:18 +01:00
Manuel Pégourié-Gonnard	3d1f8b9c00	Merge pull request #5532 from ronald-cron-arm/tls13_and_use_psa_crypto ... Make TLS 1.3 compatible with MBEDTLS_USE_PSA_CRYPTO	2022-02-16 17:33:47 +01:00
Andrzej Kurek	59550537f0	Change signature_length type to size_t ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-16 07:46:42 -05:00
Andrzej Kurek	4a953cdd9f	pk: properly handle signatures in larger buffers when using PSA ... As stated in function documentation. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-16 06:13:35 -05:00
Gabor Mezei	8d5a4cbfdb	Check return value of psa_destroy_key ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-15 16:23:17 +01:00
Gabor Mezei	833713c35c	Add better name for variable ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-15 16:16:08 +01:00
Andrzej Kurek	8666df6f18	Add signature length mismatch handling when using PSA in pk_verify_ext ... Introduce a regression test for that too. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-15 08:23:02 -05:00
Andrzej Kurek	90ba2cbd0a	Cosmetic changes to return placement and variable naming ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-15 08:18:44 -05:00
Manuel Pégourié-Gonnard	a1b506996d	Merge pull request #5526 from paul-elliott-arm/fix_fuzzer_null_ref ... Ensure ctr_drbg is initialised every time in fuzz_server	2022-02-15 10:31:03 +01:00
Ronald Cron	b788c044b7	Use PSA status to Mbed TLS error code conversion function ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-02-15 09:14:15 +01:00
Manuel Pégourié-Gonnard	e14b644f4d	Merge pull request #5456 from mpg/cleanup-ecdh-psa ... Cleanup PSA-based ECDHE in TLS 1.2	2022-02-15 09:09:07 +01:00
Przemyslaw Stekiel	0f5ecefbe9	Clean up the code ... - remove redundant local buffer - fix code style Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-15 08:53:36 +01:00
Przemyslaw Stekiel	4b3fff43a8	Destroy ecdh_psa_privkey on HRR ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-15 08:53:26 +01:00
Przemyslaw Stekiel	169f115bf0	ssl_client2: init psa crypto for TLS 1.3 build ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-14 17:15:04 +01:00
lhuang04	86cacac91a	Port ALPN support for tls13 client from tls13-prototype ... Summary: Port ALPN implementation of tls13 client from [tls13-prototype](https://github.com/hannestschofenig/mbedtls/blob/tls13-prototype/library/ssl_tls13_client.c#L1124). Test Plan: Reviewers: Subscribers: Tasks: Tags: Signed-off-by: lhuang04 <lhuang04@fb.com>	2022-02-14 08:03:32 -08:00
pespacek	a6e955e729	X.509: x509write_crt_set_key_identifier created ... Function mbedtls_x509write_crt_set_key_identifier was implemented to provide functionality of both mbedtls_x509write_crt_set_authority_key_identifier and mbedtls_x509write_crt_set_subject_key_identifier. Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-14 15:20:57 +01:00
pespacek	a7a646986f	Improving readability ... Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-14 15:18:43 +01:00
pespacek	b9f07a79a7	Changing buffer size checks. ... Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-14 15:13:26 +01:00
pespacek	3110c7b340	Changing error codes. ... Change from MBEDTLS_ERR_ERROR_GENERIC_ERROR to MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED where PSA crypto is used. Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-14 15:07:41 +01:00
PeterSpace	c2774a3ad4	Update library/psa_its_file.c ... Signed-off-by: pespacek <peter.spacek@silabs.com> Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>	2022-02-14 12:24:56 +01:00
Przemyslaw Stekiel	4f419e55a1	ssl_tls13_write_key_share_ext: initialize key_exchange_len (compiler warning) ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-14 10:19:53 +01:00
Przemyslaw Stekiel	c0824bfb11	Change mbedtls_ssl_tls13_key_schedule_stage_handshake() to use psa_raw_key_agreement() ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-14 10:19:45 +01:00
Przemyslaw Stekiel	6d6aabdb0d	Remove unused function: ssl_tls13_check_ecdh_params() ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-14 10:13:10 +01:00
Przemyslaw Stekiel	9e23ddb09d	Change ssl_tls13_read_public_ecdhe_share() to use PSA-specific parsing code. ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-14 10:13:00 +01:00
Ronald Cron	f6893e11c7	Finalize PSA hash operations in TLS 1.3 ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-02-11 16:10:34 +01:00
Przemyslaw Stekiel	ea859c24b7	Change ssl_tls13_generate_and_write_ecdh_key_exchange() to use PSA ... Generate ECDH private key using psa_generate_key() Export the public part of the ECDH private key using psa_export_public_key() Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-11 15:17:05 +01:00
Paul Elliott	00738bf65e	Ensure ctr_drbg is initialised every time ... ctr_drbg is a local variable and thus needs initialisation every time LLVMFuzzerTestOneInput() is called, the rest of the variables inside the if(initialised) block are all static. Add extra validation to attempt to catch this issue in future. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-02-10 18:38:53 +00:00
Przemyslaw Stekiel	b15f33d496	Enable ecdh_psa_xxx fields in struct mbedtls_ssl_handshake_params for TLS 1.3 ... These fields need to be enabled for 1.3 even if MBEDTLS_USE_PSA_CRYPTO isn't (1.3 should always use PSA). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-10 15:24:27 +01:00
Gabor Mezei	9607ab4dbd	Prevent function not used compilation error ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-10 10:57:24 +01:00
Gabor Mezei	a3eecd242c	Implement HKDF expand in TLS 1.3 based on PSA HMAC ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-10 10:57:23 +01:00
Glenn Strauss	a941b62985	Create public macros for ssl_ticket key,name sizes ... Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 15:28:28 -05:00
Glenn Strauss	a950938ff0	Add mbedtls_ssl_ticket_rotate for ticket rotation. ... Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 14:33:15 -05:00
Andrzej Kurek	7db1b78fff	Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO ... Duplicate a test case but with a different expected error due to error translation to and from PSA. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-09 14:13:44 -05:00
Jerry Yu	7840f81303	fix client_auth fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-09 19:43:22 +08:00
Manuel Pégourié-Gonnard	62b49cd06a	Merge pull request #5472 from yuhaoth/pr/move-client-auth ... Move client_auth to handshake	2022-02-09 10:57:00 +01:00
Ronald Cron	6ca6faa67e	Merge pull request #5080 from xffbai/add-tls13-read-certificate-request ... add tls1_3 read certificate request	2022-02-09 09:51:55 +01:00
Xiaofei Bai	7c8b6a97b9	Update CertificateRequest skip condition ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-02-08 15:21:13 +00:00
Jerry Yu	5c7d1cce97	fix typo error ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-08 21:08:29 +08:00
Jerry Yu	2d9a694088	change type of client_auth ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-08 21:07:10 +08:00
pespacek	e990100ddb	BUGFIX: psa_its_set now rejects UID = 0 ... Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-08 14:05:41 +01:00
pespacek	7599a7744e	X.509: use PSA for hashing under USE_PSA_CRYPTO ... When MBEDTLS_USE_PSA_CRYPTO is enabled, use psa_hash_xxx rather than mbedtls_md_xxx. Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-02-08 11:27:42 +01:00
Xiaofei Bai	c234ecf695	Update mbedtls_ssl_handshake_free() and address review comments. ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-02-08 10:26:42 +00:00
Manuel Pégourié-Gonnard	45c5768a74	Merge pull request #5434 from mprse/tls_use_psa ... TLS Cipher: use PSA crypto	2022-02-08 10:27:25 +01:00
Manuel Pégourié-Gonnard	5d6053f548	Fix a typo ... Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-08 10:26:19 +01:00
Xiaofei Bai	51f515a503	update based on comments ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-02-08 07:28:04 +00:00
Jerry Yu	0ff8ac89f5	fix comments issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-08 10:10:48 +08:00
Przemyslaw Stekiel	c499e33ed0	ssl_msg.c: Change message in MBEDTLS_SSL_DEBUG_RET() to be the failed function name instead current function name ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-07 15:12:05 +01:00
Manuel Pégourié-Gonnard	ff229cf639	Add debug message for wrong curve ... The non-PSA path has a debug message here, so let's have a similar one in the PSA case - just add the curve ID to be a bit more informative. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-07 12:00:32 +01:00
Manuel Pégourié-Gonnard	422370d633	Improve a comment and fix some whitespace ... Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-07 11:55:21 +01:00
Przemyslaw Stekiel	c8a06feae6	ssl_msg.c: Optimize null/stream cipher decryption/encryption ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-07 10:52:47 +01:00
Przemyslaw Stekiel	98ef6dca68	Remove redundant new lines ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-07 08:04:39 +01:00
Przemyslaw Stekiel	6928a5164d	Compile mbedtls_ssl_cipher_to_psa() conditionally under MBEDTLS_USE_PSA_CRYPTO only ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 14:55:24 +01:00
Przemyslaw Stekiel	8c010eb467	Fix comments, code style, remove debug code ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 14:55:24 +01:00
Przemyslaw Stekiel	6b2eedd25f	ssl_msg.c: add debug code for psa failures ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 14:55:14 +01:00
Manuel Pégourié-Gonnard	141be6cc7f	Fix missing check on server-chosen curve ... We had this check in the non-PSA case, but it was missing in the PSA case. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:15 +01:00
Manuel Pégourié-Gonnard	0d63b84fa4	Add mbedtls_ssl_check_curve_tls_id() (internal) ... This can be used to validate the server's choice of group in the PSA case (this will be done in the next commit). Note that new function doesn't depend on ECP_C, as it only requires mbedtls_ssl_get_groups(), which is always available. As a general rule, functions for defining and enforcing policy in the TLS module should not depend on low-level modules but work with TLS-level identifiers are much as possible, and this new function follows that principle. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:15 +01:00
Manuel Pégourié-Gonnard	3caa0edb9b	Remove dead preprocessor code ... There's no way currently (see below regarding the future) that ECC-based key exchanges are enabled without ECP_C being defined. So, the #if was fully redundant with the checks surrounding the function, as it always evaluated to true. The situation arose as, in the old days (before Mbed TLS 2.0), mbedtls_ssl_conf_curves() (or ssl_set_curves() as it was called back then) was optional, controlled by its own compile-time option POLARSSL_SSL_SET_CURVES. So, in turn mbedtls_ssl_check_curve() depended on POLARSSL_SSL_SET_CURVES too, and all calls to it were guarded by that. When it was made non-optional, a blind s/POLARSSL_SSL_SET_CURVES/MBEDTLS_ECP_C/ was done, which resulted in stupid situations like this with redundant checks for ECP_C. Note regarding the future: at some point it will be possible to compile with ECC-based key exchanges but without ECP_C. This doesn't change anything to the reasoning above: mbedtls_ssl_check_curve() will be available in all builds where ECC is used; it will just need a new definition (with new guards), but that doesn't change anything for its callers. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:15 +01:00
Manuel Pégourié-Gonnard	4a0ac1f160	Remove mbedtls_psa_tls_ecpoint_to_psa_ec() ... Same reasons as for the previous commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:15 +01:00
Manuel Pégourié-Gonnard	58d2383ef4	Remove mbedtls_psa_tls_psa_ec_to_ecpoint() ... Initially this function was doing something because the output format of psa_export_public() didn't match the ECPoint format that TLS wants. Then it became a no-op then the output format of psa_export_public() changed, but it made sense to still keep the function in case the format changed again. Now that the PSA Crypto API has reached 1.0 status, this is unlikely to happen, so the no-op function is no longer useful. Removing it de-clutters the code a bit; while at it we can remove a temporary stack buffer (that was up to 133 bytes). It's OK to remove this function even if it was declared in a public header, as there's a warning at the top of the file saying it's not part of the public API. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:14 +01:00
Manuel Pégourié-Gonnard	e5119898e4	Improve a comment ... Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-03 11:08:13 +01:00
Przemyslaw Stekiel	d66387f8fa	Init psa status to PSA_ERROR_CORRUPTION_DETECTED ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 09:16:41 +01:00
Przemyslaw Stekiel	b97556e8d1	mbedtls_ssl_encrypt/decrypt_buf: remove dead code ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-03 09:16:29 +01:00
Przemyslaw Stekiel	f9cd60853f	ssl_tls1X_populate_transform(): import psa keys only if alg is not MBEDTLS_SSL_NULL_CIPHER ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-01 11:25:55 +01:00
Manuel Pégourié-Gonnard	9cb7b8d263	Merge pull request #5469 from Unity-Technologies/windows-arm64-workaround ... Don't inline mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to avoid a compiler bug	2022-02-01 09:21:27 +01:00
Tautvydas Žilys	40fc7da101	Cap the workaround for mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to MSVC versions prior to 17.1. ... Signed-off-by: Tautvydas Žilys <tautvydas.zilys@gmail.com>	2022-01-31 13:34:01 -08:00
Przemyslaw Stekiel	77aec8d181	Rename ssl_psa_status_to_mbedtls->psa_ssl_status_to_mbedtls ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 20:22:53 +01:00
Przemyslaw Stekiel	be47ecf5e2	mbedtls_ssl_get_record_expansion: use same condidion set as for non-psa build ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 17:50:00 +01:00
Przemyslaw Stekiel	2c87a200a3	ssl_write_encrypt_then_mac_ext(): adapt to psa crypto ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel	89dad93a78	Rename psa_status_to_mbedtls->ssl_psa_status_to_mbedtls and add conversion for PSA_ERROR_INVALID_SIGNATURE ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel	399ed51185	Fix condition in mbedtls_ssl_get_record_expansion ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel	e5c2238a99	Move mbedtls_ssl_cipher_to_psa() and psa_status_to_mbedtls() defs out of MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED build flag ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:39:24 +01:00
Przemyslaw Stekiel	f57b45660d	Rename tls_mbedtls_cipher_to_psa() to be consistent with function naming convention. ... New function name: mbedtls_ssl_cipher_to_psa(). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	1d714479a3	mbedtls_ssl_get_record_expansion: rework switch statement for psa ... As PSA_ALG_IS_AEAD( transform->psa_alg ) can't be used as switch labels (switch labels must be constant expressions, they have to be evaluated at compile time) refactor switch to "if else" statement. Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	e88477844c	Adapt the mbed tls mode: ccm or gcm or cachapoly to psa version ... mode == MBEDTLS_MODE_CCM || mode == MBEDTLS_GCM || mode == MBEDTLS_CHACHAPOLY is equivalent to PSA_ALG_IS_AEAD( alg ). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	221b52791e	ssl_msg.c: fix parm in call to mbedtls_ssl_decrypt_buf() ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	9b22c2b1e6	Rename: mbedtls_cipher_to_psa -> tls_mbedtls_cipher_to_psa ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	6be9cf542f	Cleanup the code ... Use conditional compilation for psa and mbedtls code (MBEDTLS_USE_PSA_CRYPTO). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	d4eab57933	Skip psa encryption/decryption for null cipher ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	ce09e7d868	Use psa_status_to_mbedtls() for psa error case ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	fe7397d8a7	Fix key attributes encrypt or decrypt only (not both) ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	dd7b501c92	Move PSA init after taglen is set ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	e87475d834	Move psa_status_to_mbedtls to ssl_misc.h ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	8398a67e31	Fix description of the translation function ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	1fe065b235	Fix conditional compilation (MBEDTLS_USE_PSA_CRYPTO) ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	2e9711f766	mbedtls_ssl_decrypt_buf(): replace mbedtls_cipher_crypt() and mbedtls_cipher_auth_decrypt_ext() with PSA calls ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:29 +01:00
Przemyslaw Stekiel	b37fae122c	mbedtls_ssl_encrypt_buf(): replace mbedtls_cipher_crypt() and mbedtls_cipher_auth_encrypt_ext() with PSA calls ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	76e1583483	Convert psa status to mbedtls ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	11a33e6d90	Use PSA_BITS_TO_BYTES macro to convert key bits to bytes ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	ae77b0ab28	mbedtls_ssl_tls13_populate_transform: store the en/decryption keys and alg in the new fields ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	ffccda45df	ssl_tls12_populate_transform: store the en/decryption keys and alg in the new fields ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	ce37d11c67	mbedtls_ssl_transform_free(): fix destruction of psa keys ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	8f80fb9b1d	Adapt in mbedtls_ssl_transform_init() and mbedtls_ssl_transform_free() after extending mbedtls_ssl_transform struct ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	44187d7a3e	Extend mbedtls_ssl_transform struct for psa keys and alg ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Przemyslaw Stekiel	430f337b49	Add helper function to translate mbedtls cipher type/mode pair to psa: algorithm, key type and key size. ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-31 15:38:28 +01:00
Paul Elliott	a9f32fbb21	Merge pull request #5382 from lhuang04/tls13_f_export_keys ... Swap the client and server random for TLS 1.3 f_export_keys	2022-01-28 12:09:19 +00:00
Xiaofei Bai	6d42bb430c	Update mbedtls_ssl_handshake_free() ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-28 10:05:51 +00:00
Manuel Pégourié-Gonnard	f7d704dbd2	Avoid dead code in some configurations ... Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-01-28 10:05:56 +01:00
Xiaofei Bai	f5b4d25cfa	Add received_sig_algs member to struct mbedtls_ssl_handshake_params ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-28 06:37:15 +00:00
Jerry Yu	fb28b88e26	move client_auth to handshake ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-28 11:05:58 +08:00
lhuang04	a3890a3427	Swap the client and server random for TLS 1.3 ... Summary: Test Plan: Reviewers: Subscribers: Tasks: Tags: Signed-off-by: lhuang04 <lhuang04@fb.com>	2022-01-27 06:00:43 -08:00
XiaokangQian	8499b6ce25	Only free verify_cookie in tls 1.3 case. ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-27 09:00:11 +00:00
Xiaofei Bai	82f0a9a1db	Rebase and address review comments ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-27 07:53:52 +00:00
XiaokangQian	a909061c2a	Refine HRR parse successfully message in test cases ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-27 03:48:27 +00:00
XiaokangQian	34909746df	Change cookie free code and some comments ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-27 02:25:04 +00:00
Tautvydas Žilys	60165d7708	Don't inline mbedtls_mpi_safe_cond_assign on MSVC/ARM64 to avoid a compiler bug. ... Signed-off-by: Tautvydas Žilys <tautvydas.zilys@gmail.com>	2022-01-26 15:44:10 -08:00
XiaokangQian	52da558103	Change code base on comments ... Align the alert type in parse_server_hello Remove MBEDTLS_SSL_COOKIE_C guard Enable cookie for both DTLS and TLS1.3 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	aec1f3e913	Cookie fields are used only by DTLS 1.3 ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	b119a35d07	Refine fatal alert in parse_server_hello ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	d59be77ce7	Refine code based on comments ... Add comments for parse hrr key share and cookie Change variable names based on RFC8466 Refine fatal allerts in parse server hello and hrr Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	0ece998287	Refine code in mbedtls_ssl_reset_transcript_for_hrr ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	f1e7d12cb6	Fix compile issues in mbedtls_ssl_session_reset_msg_layer ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	43550bd761	Prepare function to parse hrr cookie extension ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	2b01dc30cb	Add hrr no change check and allign mbedtls_ssl_session_reset_msg_layer ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	355e09ae9d	Change code base on comments ... Change functions name Change some comments Improve hrr test case for gnutls Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	78b1fa7e81	Update code base on comments ... Move reset transcript for hrr to generic Reset SHA256 or SHA384 other than both Rename message layer reset Add check log for hrr parse successfully Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:53:15 +00:00
XiaokangQian	53f20b71c5	Improve ssl_tls13_parse_server_hello ... Avoid coping random bytes in hrr Send illegal parameter alert when cipher suite mismatch Send illegal parameter alert when supported_version not exist Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	d9e068e10b	Change code based on comments ... Align coding styles Add hrr parameter for ssl_tls13_parse_server_hello Add reset steps for SHA384 in HRR Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	8945db36ab	Reduce paramter hrr from ssl_tls13_parse_server_hello ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	b48894eca4	Add buffer check for named group ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	16acd4b3e4	Reject the second HRR earlier and align naming styles ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	b851da8a44	Re-construct the code to merge hello and hrr based on comments ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	0b56a8f85c	Replace curve_list with group_list and add update test scripts ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	51eff22c9b	Align oode style with server hello parse ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:51:13 +00:00
XiaokangQian	647719a172	Add hello retry request in client side ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:50:06 +00:00
Xiaofei Bai	69fcd39774	Update CertificateRequest tests and the parsing function ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-26 09:32:29 +00:00
Xiaofei Bai	de3f13e0b8	update based on comments ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-26 09:31:54 +00:00
Xiaofei Bai	f6d3696eda	fix test failures ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-26 09:31:54 +00:00
Xiaofei Bai	a0ab777cfc	update based on comments. ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-26 09:31:54 +00:00
Xiaofei Bai	e1e344213a	Add TLS1.3 process certificate request ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2022-01-26 09:31:52 +00:00
Ronald Cron	f51b79c297	Merge pull request #5355 from yuhaoth/pr/remove-duplicate-sig-alg-ext ... Remove duplicate write signature algorithms extension The failure of ABI-API-checking is expected.	2022-01-26 10:05:26 +01:00
Jerry Yu	ed5e9f431d	Change ecdsa sig_algs order for tls1.3 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-26 12:41:12 +08:00
Manuel Pégourié-Gonnard	9d95d81eae	Merge pull request #5359 from hanno-arm/mpi_montmul_remove_dead_code ... Remove redundant write operation in Montgomery multiplication	2022-01-25 13:00:19 +01:00
Jerry Yu	0b994b8061	fix typo error ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 17:22:12 +08:00
Jerry Yu	53037894ab	change the defaut sig_algs order ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 14:38:01 +08:00
Jerry Yu	18c833e2eb	fix tls1_2 only sig_algs order issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 14:38:01 +08:00
Jerry Yu	f377d644f5	Refactor duplicate check ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 14:38:01 +08:00
Jerry Yu	6ade743a43	Add mbedtls_printf alias for !PLATFORM_C ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 14:38:01 +08:00
Jerry Yu	370e146acb	fix comments issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	909df7b17b	Refactor *_sig_algs tables ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	b476a44fc6	Add static assert check ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	971988528d	fix coding style issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	941e07ff02	fix test_no_platform fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	1a8b481ce6	Remove duplicated signature algorithm in default settings ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	600ded7ea5	Reserve end tag space at sig_algs_len init. ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	a68dca24ee	move overflow inside loop ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	8afd6e4308	fix typo issues in comments ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	eb821c6916	remove check_sig_hash ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	24811fb2e0	replace check_sig_hash with is_offered ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	1bab301c0d	Add signature algorithm supported check ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	7ddc38cedb	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	4131ec1260	Add signature algorithm length check ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	a69269a711	change sig_algs_len unit to byte ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	713013fa80	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	e12f1ddcfa	fix check names fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	11f0a9c2c4	fix deprecated-declarations error ... replace sig_hashes with sig_alg Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	6106fdc085	fix build fail without TLS13 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	f017ee4203	merge write sig_alg of tls12 and tls13 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> # Conflicts: # library/ssl_misc.h	2022-01-25 12:46:17 +08:00
Jerry Yu	1abd1bc22f	Change write_sig_alg_ext of tls12 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	2d0bd32982	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	0e5bcb6bf5	Replace directly access for sig_hashes ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:16 +08:00
Jerry Yu	08e2ceae18	Remove directly access for tls13_sig_algs ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:16 +08:00
Jerry Yu	afdfed16d0	add get sig_algs helper function ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:16 +08:00
Jerry Yu	18cd43909b	Align signature_algorithms extension name ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:16 +08:00
Manuel Pégourié-Gonnard	fcca7cfa97	Merge pull request #5428 from gstrauss/mbedtls_ssl_ciphersuite ... Add accessors for ciphersuite info	2022-01-24 11:13:31 +01:00
Dave Rodgman	b032685543	Merge pull request #5309 from gilles-peskine-arm/pkparse-pkcs8-unencrypted-no-alloc ... mbedtls_pk_parse_key: don't allocate if not needed	2022-01-24 10:03:48 +00:00
Gilles Peskine	6d6d93ea4a	Merge pull request #5350 from AndrzejKurek/psa-aead-invalid-tag-lengths-setup ... Detect invalid tag lengths in psa_aead_setup	2022-01-21 21:46:37 +01:00
Gilles Peskine	fe271b9c92	Merge pull request #5253 from AndrzejKurek/chacha-iv-len-16-fixes ... Return an error from `mbedtls_cipher_set_iv` for an invalid IV length with ChaCha20 and ChaCha20+Poly	2022-01-21 21:46:08 +01:00
Andrzej Kurek	f881601c91	Detect invalid tag lengths in psa_aead_setup ... Read tag lengths from the driver and validate against preset values. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-20 07:40:12 -05:00
Manuel Pégourié-Gonnard	d2da19b8eb	Merge pull request #5380 from AndrzejKurek/key-id-encodes-owner-psa-fixes ... Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO	2022-01-18 09:16:25 +01:00
Ronald Cron	188ed19456	Merge pull request #5351 from yuhaoth/pr/remove-duplicate-supported_group_ext ... Remove duplicate function for writing supported_groups extension	2022-01-17 09:13:14 +01:00
Andrzej Kurek	63439eda62	Return an error for IV lengths other than 12 with ChaCha20+Poly1305 ... The implementation was silently overwriting the IV length to 12 even though the caller passed a different value. Change the behavior to signal that a different length is not supported. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-14 16:31:54 +01:00
Andrzej Kurek	33ca6af8a3	Return an error for IV lengths other than 12 with ChaCha20 ... The implementation was silently overwriting the IV length to 12 even though the caller passed a different value. Change the behavior to signal that a different length is not supported. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-14 16:31:54 +01:00
Manuel Pégourié-Gonnard	73839e02a7	Merge pull request #5353 from gstrauss/mbedtls_ssl_config_defaults-repeat ... Reset dhm_P and dhm_G if config call repeated; avoid memory leak	2022-01-14 10:41:06 +01:00
Bence Szépkúti	aa3a6e4ea7	Fix brace placement ... Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2022-01-13 16:26:03 +01:00
Bence Szépkúti	39fb9d170b	Rename helper function to psa_aead_check_algorithm ... Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2022-01-13 14:33:45 +01:00
Jerry Yu	d491ea4f18	fix comment issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-13 16:15:25 +08:00
Glenn Strauss	8f52690956	Add accessors for ciphersuite info ... Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-01-13 00:05:48 -05:00
Jerry Yu	b925f21806	fix comment issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-12 11:17:02 +08:00
Jerry Yu	f0fede56a6	minor performance improvement ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-12 10:57:47 +08:00
Jerry Yu	1510cea0f3	fix coding style issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-12 10:56:49 +08:00
Jerry Yu	3ad14ac9e9	Add named group IANA value check ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-11 17:13:16 +08:00
Jerry Yu	f46b016058	skip some extensions if ephemeral not enabled ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-11 16:28:00 +08:00
Jerry Yu	63282b4321	Refactor write supported group ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-11 15:43:53 +08:00
Hanno Becker	bae3023576	Make more use of helper function for init/free of MPI array ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-11 05:06:54 +00:00
Jerry Yu	7f029d8a94	fix coding style issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-11 11:08:53 +08:00
Przemyslaw Stekiel	2ecfd57b93	psa_asymmetric_decrypt: move build-in impl to mbedtls_psa_asymmetric_decrypt ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:06 +01:00
Przemyslaw Stekiel	71284eabdb	psa_asymmetric_decrypt: add test driver impl ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:06 +01:00
Przemyslaw Stekiel	8d45c00759	psa_asymmetric_decrypt: access the key store and call driver dispatch ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:05 +01:00
Przemyslaw Stekiel	234f318bd7	psa_asymmetric_encrypt: move build-in impl to mbedtls_psa_asymmetric_encrypt ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:05 +01:00
Przemyslaw Stekiel	b6a6650a64	psa_asymmetric_encrypt: add test driver impl ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:05 +01:00
Przemyslaw Stekiel	19e6142214	psa_asymmetric_encrypt: access the key store and call driver dispatch ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-01-10 12:55:05 +01:00
Hanno Becker	466df6e713	Introduce helper function for init/free of MPI array ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-10 11:24:42 +00:00
Hanno Becker	ac4d4bc97c	Improve documentation of ECP module ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-09 06:34:04 +00:00
Hanno Becker	ee95f6c4c9	Don't allow Z coordinate being unset in ecp_add_mixed() ... Previously, ecp_add_mixed(), commputing say P+Q, would allow for the Q parameter to have an unset Z coordinate as a shortcut for Z == 1. This was leveraged during computation and usage of the T-table (storing low multiples of the to-be-multiplied point on the curve). It is a potentially error-prone corner case, though, since an MPIs with unset data pointer coordinate and limb size 0 is also a valid representation of the number 0. As a first step towards removing ECP points with unset Z coordinate, the constant time T-array getter ecp_select_comb() has previously been modified to return 'full' mbedtls_ecp_point structures, including a 1-initialized Z-coordinate. Similarly, this commit ... - Modifies ecp_normalize_jac_many() to set the Z coordinates of the points it operates on to 1 instead of freeing them. - Frees the Z-coordinates of the T[]-array explicitly once the computation and normalization of the T-table has finished. As a minimal functional difference between old and new code, the new code also frees the Z-coordinate of T[0]=P, which the old code did not. - Modifies ecp_add_mixed() to no longer allow unset Z coordinates. Except for the post-precomputation storage form of the T[] array, the code does therefore no longer use EC points with unset Z coordinate. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-09 05:52:40 +00:00
Bence Szépkúti	08f34656cb	Return the same error in multipart and single shot AEAD ... psa_aead_encrypt_setup() and psa_aead_decrypt_setup() were returning PSA_ERROR_INVALID_ARGUMENT, while the same failed checks were producing PSA_ERROR_NOT_SUPPORTED if they happened in psa_aead_encrypt() or psa_aead_decrypt(). The PSA Crypto API 1.1 spec will specify PSA_ERROR_INVALID_ARGUMENT in the case that the supplied algorithm is not an AEAD one. Also move these shared checks to a helper function, to reduce code duplication and ensure that the functions remain in sync. Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2022-01-07 19:36:07 +01:00
Hanno Becker	c27a0e0093	Add more wrappers for ECP MPI operations ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-06 09:21:50 +00:00
Hanno Becker	595616e5cd	Add more wrappers for internal ECP coordinate operations ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-06 05:12:02 +00:00
Hanno Becker	6a28870b1e	Make ecp_select_comb() create valid EC point with Z coordinate set ... ecp_select_comb() did previously not set the Z coordinate of the target point. Instead, callers would either set it explicitly or leave it uninitialized, relying on the (only partly upheld) convention that sometimes an uninitialized Z value represents 1. This commit modifies ecp_select_comb() to always set the Z coordinate to 1. This comes at the cost of memory for a single coordinate, which seems worth it for the increased robustness. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-06 04:46:45 +00:00
Manuel Pégourié-Gonnard	6ced002a69	Count allocs without side-effects ... At the end of the benchmark program, heap stats are printed, and these stats will be wrong if we reset counters in the middle. Also remove the function to reset counters, in order to encourage other programs to behave correctly as well. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-01-05 10:08:59 +01:00
Hanno Becker	30838868ac	Keep temporaries across iterations of ecp_double_add_mxz() ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-05 06:09:42 +00:00
Manuel Pégourié-Gonnard	35415a0c46	Add counter access to memory debug API ... Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-01-04 10:23:34 +01:00
Hanno Becker	3b29f2194b	Keep temporaries across iterations of ecp_add_mixed() ... This saves heap operations Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 07:34:14 +00:00
Hanno Becker	a7f8edd709	Keep temporaries across iterated invocations of ecp_double_jac() ... This reduces the number of heap operations. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 07:29:46 +00:00
Hanno Becker	28ccb1cc90	Reduce number of local MPIs from 9 to 4 in ecp_double_add_mxz() ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 07:15:14 +00:00
Hanno Becker	376dc89519	Reorder ops in ecp_double_add_mxz() to indicate redundant local MPIs ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 07:14:07 +00:00
Hanno Becker	0d629791e9	Remove local MPI from ecp_randomize_jac() ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:45:49 +00:00
Hanno Becker	885ed403c9	Introduce wrapper for modular squaring ... This paves the way for dedicated squaring implementations. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:43:50 +00:00
Hanno Becker	b8442cd9c6	Remove another local MPI from ecp_normalize_jac_many() ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:32:42 +00:00
Hanno Becker	02a999b91a	Remove local MPI from ecp_normalize_jac_many() ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:32:42 +00:00
Hanno Becker	838b715fcc	Add comment on input/output aliasing in ecp_add_mixed() ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:32:42 +00:00
Hanno Becker	ce29ae84dd	Introduce macro wrappers for ECC modular arithmetic ... This improves readibility and prepares for further changes like the introduction of a single double-width temporary for ECP arithmetic. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-04 06:32:39 +00:00
Andrzej Kurek	03e01461ad	Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO ... Fix library references, tests and programs. Testing is performed in the already present all.sh test. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-03 12:53:24 +01:00
Hanno Becker	76f897d699	Reduce number of temporary MPIs in ECP normalization ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-02 12:47:34 +00:00
Hanno Becker	02b35bd00a	Introduce wrapper for modular multiplication with single-width const ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-01 06:54:25 +00:00
Hanno Becker	5c8ea307b8	Reduce number of local MPIs in ECP mixed point addition ... `ecp_add_mixed()` and `ecp_double_jac()` are the core subroutines for elliptic curve arithmetic, and as such crucial for the performance of ECP primitives like ECDHE and ECDSA. This commit provides a very slight simplification and performance and memory usage improvement to `ecp_add_mixed()` by removing the use of three temporary MPIs used for coordinate calculations. Where those variables were used, the code now writes directly to the coordinate MPIs of the target elliptic curve point. This is a valid change even if there is aliasing between input and output, since at the time any of the coordinate MPIs in question is written, the corresponding coordinates of both inputs are no longer read. (The analogous change in `ecp_double_jac()` can not be made since this property does not hold for `ecp_double_jac()`.) Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2022-01-01 06:16:16 +00:00
Max Fillinger	0bb38336a5	Add function to get md info from md context ... Signed-off-by: Max Fillinger <max@max-fillinger.net>	2021-12-28 16:32:00 +01:00
Jerry Yu	ffef9c52d4	fix alignment issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-24 22:31:08 +08:00
Hanno Becker	9a83443af2	Remove redundant write operation in Montgomery multiplication ... This commit removes code from the Montgomery multiplication routine `mpi_montmul()` which seems to serve no purpose. Details: `mpi_montmul()` uses a temporary storage `T` for intermediate results which is assumed to be of twice the size as the inputs to be multiplied, and which is used as follows: After the i-th (i=0,1,...) iteration, the n-limb word starting at `T->p + i + 1` contains the Montgomery multiplication of B with the limbs 0,..,i of A, and the variable `d` points to `T->p + i + 1`. In particular, after `n` iterations, `T->p + n` holds the full multiplication (subject to conditional subtraction). As a consequence of this way of using the temporary `T`, the contents of `{T->p, ..., T->p + i}` are irrelevant after the i-th iteration. Nonetheless, the code copies `A[i]` to `T->p[i]` at the end of the i-th iterations, which is redundant and can be removed. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-12-22 11:23:27 +00:00
Jerry Yu	136320ba0b	fix ci fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-21 17:09:00 +08:00
Jerry Yu	1ea9d10687	fix test_ref_configs build fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-21 14:52:38 +08:00
Glenn Strauss	cee11296aa	Reset dhm_P and dhm_G if config call repeated ... Reset dhm_P and dhm_G if call to mbedtls_ssl_config_defaults() repeated to avoid leaking memory. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2021-12-20 20:24:56 -05:00
Jerry Yu	1753261083	change write_supported_groups_ext prototype ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-20 22:32:09 +08:00
Jerry Yu	9d555ac003	Remove TLS12 version write_supported_group_ext ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-20 22:27:58 +08:00
Jerry Yu	7581c11fc7	Remove tls13_write_supported_groups_ext ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-20 22:25:41 +08:00
Jerry Yu	ba07342cd6	Add generic write_supported-groups_ext ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-20 22:22:15 +08:00
Jerry Yu	b47d0f893e	Replace SUPPORTED_ELLIPTIC_CURVES with SUPPORTED_GROUPS ... According to RFC7919 and RFC8442 , they are same. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-20 17:38:50 +08:00
Archana	4a9e02632a	Review comments addressed ... * Updated the default argument to create less noise with argument passing. * Reworded ChangeLog to match MbedTLS documentation/ announcement requirements Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-19 13:37:37 +05:30
Archana	c08248d650	Rename the template file from .conf to .jinja ... Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-19 10:35:15 +05:30
Archana	e03960e460	Restructure Python script to use argparse and main ... Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-19 10:34:59 +05:30
Archana	b32eafff51	Add psa_crypto_driver_wrappers.c to .gitignore ... Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-18 13:29:10 +05:30
Archana	6f21e45b78	Fix Pylint errors and improve Python script ... Pylint errors are fixed. The Python script is improved to take default arguments when not passed (eg invoked from root of the tree) check-generated-files.sh and CMakeLists.sh updated. Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-18 13:28:59 +05:30
Archana	a8939b6da3	Restructure scripts' folder alignment ... Moved python script generate_driver_wrappers.py under scripts and corresponding template file under script/data_files. Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-18 12:57:15 +05:30
Archana	1f1a34a226	Rev 1.0 of Driver Wrappers code gen ... The psa_crypto_driver_wrappers.c is merely rendered with no real templating in version 1.0. Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-18 12:22:06 +05:30
Archana	68eb2ac960	Deleted psa_crypto_driver_wrappers.c ... The file psa_crypto_driver_wrappers.c is deleted to be autogenerated. Updated psa_crypto_driver_wrappers.h, this file only contains the prototypes for the driver wrappers, we don't expect this to be auto generated. Signed-off-by: Archana <archana.madhavan@silabs.com>	2021-12-18 10:51:52 +05:30
Dave Rodgman	77d778eee2	Merge branch 'development' into mbedtls-3.1.0_merge_into_release	2021-12-17 10:01:53 +00:00
Dave Rodgman	b8c3301b80	Revert "Add generated files" ... This reverts commit 4e62cbc322.	2021-12-17 09:44:04 +00:00
Gilles Peskine	863b96a21b	Add copyright notice to ssl_debug_helpers* ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-16 10:04:58 +01:00
Gilles Peskine	1a1e78fa55	Remove comments indicating that the file was automatically generated ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-15 12:58:22 +01:00
Gilles Peskine	923d5c9e3c	Rename ssl_debug_helpers.h ... It's no longer generated, so rename it accordingly. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-15 12:56:54 +01:00
Gilles Peskine	ccbc318fc5	Remove generation of ssl_debug_helpers_generated.h ... It's now under version control and meant to be updated manually. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-15 12:55:37 +01:00
Gilles Peskine	09f1ee68b6	Commit header file ... Having an automatically generated header file makes it harder to have working build scripts. The content of ssl_debug_helpers_generated.h isn't likely to change often, so we can update it manually. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-15 12:55:33 +01:00
Ronald Cron	4e62cbc322	Add generated files ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-15 09:02:53 +01:00
Ronald Cron	17b1e2f6c3	Bump version to 3.1.0 ... Executed ./scripts/bump_version.sh --version 3.1.0 --so-crypto 11 --so-tls 17 + fix of build_info.h Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-15 09:02:53 +01:00
Ronald Cron	9ed3873905	psa: driver wrapper: cipher: Fix unused variable warning ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-14 18:11:06 +01:00
Ronald Cron	8188d19b0e	Merge branch 'development-restricted' into mbedtls-3.1.0rc-pr	2021-12-14 10:58:18 +01:00
Gilles Peskine	12e27d4c5b	List ssl_debug_helpers_generated.h in generated files ... Running `generate_ssl_debug_helpers.py` generates both `ssl_debug_helpers_generated.c` and `ssl_debug_helpers_generated.h`. List the `.h` file as well as the `.c` file in `check-generated-files.sh` so that `check-generated-files.sh -u` will complain if it isn't up to date. List it in `Makefile` and `CMakeLists.txt` so that parallel builds know when to wait until the `.h` file is present. In `Makefile`, declare the `.c` file as depending on the `.h` file for order. This way, a dependency for either will wait until the `.h` file is present, and since the `.h` file is generated after the `.c` file, this guarantees that the `.c` file is present. This fixes random failures of `make -j` from a fresh checkout. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-14 00:19:47 +01:00
Gilles Peskine	32d2a58cc2	Merge pull request #5325 from gilles-peskine-arm/zeroize-tag-3.1 ... Zeroize expected MAC/tag intermediate variables	2021-12-13 19:09:30 +01:00
Gilles Peskine	cd74298c83	mbedtls_cipher_check_tag: jump on error for more robustness to refactoring ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 17:01:25 +01:00
Gilles Peskine	a5c18512b9	Merge pull request #5155 from paul-elliott-arm/pcks12_fix ... Fixes for pkcs12 with NULL and/or zero length password	2021-12-13 14:52:36 +01:00
Gilles Peskine	a4174312da	Initialize hash_len before using it ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 14:38:40 +01:00
Gilles Peskine	14d5fef6b7	PKCS#1v1.5 signature: better cleanup of temporary values ... Zeroize temporary buffers used to sanity-check the signature. If there is an error, overwrite the tentative signature in the output buffer. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 12:37:55 +01:00
Gilles Peskine	f0fd4c3aee	mbedtls_ssl_parse_finished: zeroize expected finished value on error ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 12:36:15 +01:00
Gilles Peskine	c2f7b75a71	mbedtls_ssl_cookie_check: zeroize expected cookie on cookie mismatch ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 12:35:08 +01:00
Gilles Peskine	60aebec47e	PSA hash verification: zeroize expected hash on hash mismatch ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 12:33:18 +01:00
Gilles Peskine	e7835d92c1	mbedtls_cipher_check_tag: zeroize expected tag on tag mismatch ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-13 12:32:43 +01:00
Dave Rodgman	050ad4bb50	Merge pull request #5313 from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac ... Check HMAC return values	2021-12-13 10:51:27 +00:00
Gilles Peskine	ecf6bebb9c	Catch failures of md_hmac operations ... Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that their return values should be checked. Do check the return values in our code. We were already doing that everywhere for hash calculations, but not for HMAC calculations. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-11 15:00:57 +01:00
Gilles Peskine	d5ba50e239	Zeroize local MAC variables ... Zeroize local MAC variables used for CBC+HMAC cipher suites. In encryption, this is just good hygiene but probably not needed for security since the data protected by the MAC that could leak is about to be transmitted anyway. In DTLS decryption, this could be a security issue since an adversary could learn the MAC of data that they were trying to inject. At least with encrypt-then-MAC, the adversary could then easily inject a datagram with a corrected packet. TLS would still be safe since the receiver would close the connection after the bad MAC. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-11 14:59:45 +01:00
Gilles Peskine	0ca219575a	mbedtls_pk_parse_key: don't allocate if not needed ... mbedtls_pk_parse_key() makes a temporary copy of the key when it calls pk_parse_key_pkcs8_encrypted_der(), because that function requires a writable buffer. pk_parse_key_pkcs8_encrypted_der() always rejects an empty password, so skip calling it in that case, which allows us to skip the allocation as well. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-10 17:36:37 +01:00
Ronald Cron	db6adc5aad	ssl: Fix some compilation guards for TLS 1.3 signature algorithms ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-10 14:25:35 +01:00
Ronald Cron	6f135e1148	Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3 ... As we have now a minimal viable implementation of TLS 1.3, let's remove EXPERIMENTAL from the config option enabling it. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-10 13:47:55 +01:00
Dave Rodgman	76a2b306ac	Merge pull request #4981 from yuhaoth/pr/add-debug-helpers-generated ... Add debug helpers generated	2021-12-10 11:56:55 +00:00
Manuel Pégourié-Gonnard	4525cce691	Merge pull request #5256 from yuhaoth/pr/clean-up-secrets-after-done ... TLS1.3 MVP: Erase secrets when they are not necessary anymore.	2021-12-10 12:48:25 +01:00
Ronald Cron	6b07916e40	Merge pull request #5230 from ronald-cron-arm/tls13_ccs_client ... Add initial support for "Middlebox Compatibility Mode"	2021-12-10 11:58:05 +01:00
Jerry Yu	a5563f6115	move position of base_key init ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 18:14:36 +08:00
Jerry Yu	b737f6a9be	move base_key init ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 17:55:59 +08:00
Ronald Cron	574ace48d8	Remove unnecessary blank line ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-10 10:27:25 +01:00
Jerry Yu	9c07473ebc	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 17:12:43 +08:00
Jerry Yu	889b3b76da	fix clang build fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 12:57:45 +08:00
Jerry Yu	d05e1cec4b	fix build fail on check_* ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 12:47:03 +08:00
Jerry Yu	e6369b0061	fix test_cmake_as_package fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 12:47:03 +08:00
Jerry Yu	eb96fb508e	Add cmake generator ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 12:47:03 +08:00
Jerry Yu	e3b3412bc4	Add tests for enum helper ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 12:45:52 +08:00
Jerry Yu	e78ee99624	add enum value to string helpers ... Only add helpers for enum in `ssl.h`. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 12:43:30 +08:00
Jerry Yu	4a2fa5d0aa	Move erase handshake secrets ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 10:37:14 +08:00
Jerry Yu	27224f58be	fix coding style issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 10:33:27 +08:00
Jerry Yu	5132771f5f	Revert "fix possible security leak for counter" ... This reverts commit 8aab77e11e2aebec09dc9d682b16373771471fe0. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 10:33:27 +08:00
Jerry Yu	7ca3054795	move zerioize tls13_hs_secrets ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 10:33:27 +08:00
Jerry Yu	23ab7a46a3	move zeroize master secrets ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 10:33:27 +08:00
Jerry Yu	2c70a39d97	move zeroize randbytes ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 10:33:27 +08:00
Jerry Yu	bdfd01835a	fix compile break after merge ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 10:33:27 +08:00
Jerry Yu	a986e9faac	Clean handshake secrets ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 10:33:27 +08:00
Jerry Yu	d103bdb01d	Clean randbytes ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 10:33:27 +08:00
Jerry Yu	745db226db	fix possible security leak for counter ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-10 10:33:27 +08:00
Gilles Peskine	d5b2a59826	Merge pull request #5047 from paul-elliott-arm/psa-m-aead-ccm ... PSA Multipart AEAD CCM Internal implementation and tests.	2021-12-09 14:49:42 +01:00
Ronald Cron	d4c64027a5	tls13: Move state transition after sending CCS to ssl_tls13_client.c ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-09 13:40:22 +01:00
Ronald Cron	49ad6197ca	Add injection of dummy's ChangeCipherSpec for middlebox compatibility ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-09 13:40:22 +01:00
Ronald Cron	7e38cba993	Add incoming ChangeCipherSpec filtering in TLS 1.3 ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-09 13:40:22 +01:00
Manuel Pégourié-Gonnard	c38c1f2411	Merge pull request #5268 from gilles-peskine-arm/struct_reordering_3.0 ... Reorder structure fields to maximize usage of immediate offset access	2021-12-09 12:54:09 +01:00
Manuel Pégourié-Gonnard	d7d740eb6e	Merge pull request #5236 from gabor-mezei-arm/4926_base64_move_constant-time_functions ... Move base64 constant-time functions to the new module	2021-12-09 12:40:18 +01:00
Manuel Pégourié-Gonnard	b873577fc3	Merge pull request #5240 from duckpowermb/development ... [session] fix a session copy bug	2021-12-09 09:23:23 +01:00
Gilles Peskine	cfe74a37b9	mbedtls_ssl_handshake_params: move ecrs_ctx back further ... "mbedtls_ssl_handshake_params: reorder fields to save code size" moved this filed earlier along with byte-sized fields that should be in the 128-element access window on Arm Thumb. This took away precious room in the 128-byte window. Move it back further out. Results (same architecture, config-suite-b.h + MBEDTLS_ECDH_LEGACY_CONTEXT + MBEDTLS_ECP_RESTARTABLE): library/ssl_cli.o: 2860 -> 2816 (diff: 44) library/ssl_msg.o: 3080 -> 3076 (diff: 4) library/ssl_srv.o: 3340 -> 3300 (diff: 40) library/ssl_tls.o: 6546 -> 6478 (diff: 68) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-08 18:38:51 +01:00
Gilles Peskine	41139a2541	mbedtls_ssl_handshake_params: move group_list earlier to save code size ... Placing group_list earlier seems to help significantly, not just as a matter of placing it in the 128-element (512-byte) access window. Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build): library/ssl_cli.o: 19559 -> 19551 (diff: 8) library/ssl_msg.o: 24690 -> 24674 (diff: 16) library/ssl_srv.o: 20418 -> 20406 (diff: 12) library/ssl_tls.o: 20555 -> 20519 (diff: 36) library/ssl_tls13_client.o: 7244 -> 7240 (diff: 4) library/ssl_tls13_generic.o: 4693 -> 4697 (diff: -4) Results (same architecture, config-suite-b.h + MBEDTLS_ECDH_LEGACY_CONTEXT + MBEDTLS_ECP_RESTARTABLE): library/ssl_cli.o: 2864 -> 2860 (diff: 4) library/ssl_tls.o: 6566 -> 6546 (diff: 20) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-08 18:26:55 +01:00
Ronald Cron	1865585eab	Merge pull request #5212 from yuhaoth/pr/add-tls13-compat-testcases ... TLS1.3 MVP:Add tls13 compat, not supported version , certificaterequest and HRR tests	2021-12-08 14:56:39 +01:00
Manuel Pégourié-Gonnard	5d9f42200f	Merge pull request #861 from ronald-cron-arm/fix-aead-nonce ... psa: aead: Fix invalid output buffer usage in generate_nonce()	2021-12-08 13:30:21 +01:00
Manuel Pégourié-Gonnard	39c2aba920	Merge pull request #849 from ronald-cron-arm/fix-cipher-iv ... Avoid using encryption output buffer to pass generated IV to PSA driver	2021-12-08 13:30:06 +01:00
Gilles Peskine	392113434a	Merge pull request #5263 from ronald-cron-arm/psa-test-driver_3.x ... Forward port to 3.x: Introduce PSA test driver library to test PSA configuration	2021-12-07 12:52:20 +01:00
Ronald Cron	0b4d12313a	Remove assertion on local nonce buffer size ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-07 10:45:00 +01:00
Ronald Cron	a393619dc2	Change test on local nonce buffer size to an assertion ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-07 09:25:20 +01:00
Dave Rodgman	351c71b7f2	Fix builds when config.h only defines MBEDTLS_BIGNUM_C ... Fixes #4929 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2021-12-06 17:50:53 +00:00
Jerry Yu	6eaa41c15e	Fix overflow error ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-12-06 18:16:30 +08:00
Ronald Cron	f467d6306c	psa: Fix obsolete code guard ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:27 +01:00
Ronald Cron	fd25ddbf58	psa: Fix and improve comments ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:27 +01:00
Ronald Cron	0266cfed51	psa: Remove test code in the library ... The current testing of the PSA configuration is based on test code located in the library itself. Remove this code as we are moving to using a test library instead. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:27 +01:00
Ronald Cron	40170d9516	tests: Rename test driver entry points ... Rename test driver entry points to libtestdriver1_<name of the Mbed TLS entry point>. This aligns with the renaming of all Mbed TLS APIs for the test driver library (that will be put in place in the following commits) to avoid name conflicts when linking it with the Mbed TLS library. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:27 +01:00
Ronald Cron	5601cd2cf1	psa: test driver: Move driver test entry points prototypes ... In preparation of the driver test entry points to be provided by a test driver library, move their prototypes to tests directory. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:27 +01:00
Ronald Cron	9ba7691bf7	psa: Add driver initialization and termination ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:27 +01:00
Ronald Cron	7a55deb5a8	psa: Fix unused variable warnings ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:27 +01:00
Ronald Cron	89b4aa7efc	psa: asymmetric_encrypt/decrypt: Improve error code consistency ... In psa_asymmetric_encrypt/decrypt(), always return PSA_ERROR_INVALID_ARGUMENT if the key is a PSA key and the algorithm is not a PSA algorithm we know about, whether RSA is supported or not. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:27 +01:00
Ronald Cron	73c9d9e254	psa: driver: Reduce the scope of test driver entry points ... Define test driver entry points that provide an alternative to Mbed TLS driver entry points only when the PSA configuration is used. Their purpose is only to test the PSA configuration thus there is no good reason to use them out of this scope. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:18 +01:00
Ronald Cron	69a63426af	psa: Fix the size of hash buffers ... Fix the size of hash buffers for PSA hash operations. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-03 18:55:33 +01:00
Ronald Cron	56f7897e7d	psa: Fix hash and mac operation type ... The test entry points defined in psa_crypto_hash.c and psa_crypto_mac.c are supposed to be exact clones of the Mbed TLS driver entry points. Thus the operation type should be the Mbed TLS operation type not a test one. There was no compilation error as the hash and cipher operation test types are currently equal to the Mbed TLS ones. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-03 18:55:33 +01:00
Ronald Cron	81ca97e080	tests: psa driver: Align RSA/ECP sign/verify hash dispatch ... Align RSA/ECP sign/verify hash dispatch with the corresponding code of the library. The library code was modified recently but not the test code one and these modifications ease the following work. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-03 18:55:33 +01:00
Ronald Cron	a72b12defb	tests: psa: driver: mac: Remove opaque entry points in library ... Opaque test entry points will be implemented only in test code. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-03 18:55:33 +01:00
Ronald Cron	170067043f	psa: Fix unused variable warnings ... Fix unused variable warnings when no AEAD algorithm is enabled in the build. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-03 18:55:24 +01:00
Paul Elliott	2fd6b61420	Remove incorrect hashing ... Incorrect interpretation of 'empty' Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-12-02 18:03:12 +00:00
Paul Elliott	7298bef693	Add explanation for safety in function ... Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-12-02 17:51:34 +00:00
Xiaofei Bai	d25fab6f79	Update based on comments ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-12-02 06:36:27 +00:00
Gilles Peskine	ec45c1e174	mbedtls_ssl_handshake_params: reorder fields to save code size ... Reorder fields mbedtls_ssl_handshake_params in order to save code on Arm Thumb builds. The general idea is to put often-used fields in the direct access window of 128 elements from the beginning of the structure. The reordering is a human selection based on a report of field offset and use counts, and informed by measuring the code size with various arrangements. Some notes: * This is the same reordering as the corresponding commit in #5189 for 2.2x. * I moved most byte-sized fields at the beginning where they're sure to be in the direct access window. * I moved buffering earlier because it can be around the threshold depending on the configuration, and it's accessed in a lot of places. * I moved several fields, including update_checksum and friends, early so that they're guaranteed to be in the early access window. Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build): library/ssl_cli.o: 19763 -> 19687 (diff: 76) library/ssl_msg.o: 24874 -> 24834 (diff: 40) library/ssl_srv.o: 20754 -> 20562 (diff: 192) library/ssl_tls.o: 21003 -> 20907 (diff: 96) library/ssl_tls13_client.o: 7284 -> 7272 (diff: 12) library/ssl_tls13_generic.o: 4749 -> 4721 (diff: 28) library/ssl_tls13_keys.o: 5133 -> 5077 (diff: 56) Results (same architecture, config-suite-b.h + MBEDTLS_ECDH_LEGACY_CONTEXT + MBEDTLS_ECP_RESTARTABLE): library/ssl_cli.o: 3000 -> 2936 (diff: 64) library/ssl_msg.o: 3084 -> 3080 (diff: 4) library/ssl_srv.o: 3428 -> 3400 (diff: 28) library/ssl_tls.o: 6754 -> 6730 (diff: 24) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-11-29 12:18:09 +01:00
Gilles Peskine	55490d4e1f	mbedtls_ssl_handshake_params: use bytes for some small values ... Replace bitfields mbedtls_ssl_handshake_params by bytes. This saves some code size, and since the bitfields weren't group, this doesn't increase the RAM usage. Replace several ints that only store values in the range 0..255 by uint8_t. This can increase or decrease the code size depending on the architecture and on how the field is used. I chose changes that save code size on Arm Thumb builds and will save more after field reordering. Leave the bitfields in struct mbedtls_ssl_hs_buffer alone: replacing them by uint8_t slightly increases the code size. Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build): library/ssl_cli.o: 19759 -> 19763 (diff: -4) library/ssl_srv.o: 20790 -> 20754 (diff: 36) library/ssl_tls13_keys.o: 5153 -> 5133 (diff: 20) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-11-29 12:01:39 +01:00
Ronald Cron	cae5909053	psa: aead: Fix invalid output buffer usage in generate_nonce() ... Don't use the output buffer in psa_aead_generate_nonce() to pass the generated nonce to the driver as a local attacker could potentially control it. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-11-29 08:43:15 +01:00
吴敬辉	0b71611c80	[session] fix a session copy bug ... fix a possible double reference on 'ticket' when peer_cert/peer_cert_digest calloc failed. Signed-off-by: 吴敬辉 <11137405@vivo.com>	2021-11-29 10:50:04 +08:00
Gabor Mezei	a09697527b	Add documentation for the functions ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:25:14 +01:00
Gabor Mezei	14d5fac11d	Unify function parameters ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:23:26 +01:00
Gabor Mezei	c0d8dda60d	Make mbedtls_ct_uchar_mask_of_range function static ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:20:36 +01:00
Gabor Mezei	d77b86cc5b	Delete base64_invasive.h due to functions are moved to the constant-time module ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:20:02 +01:00
Gabor Mezei	358829abc9	Move mbedtls_ct_base64_dec_value function to the constant-time module ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:14:52 +01:00
Gabor Mezei	9a4074aa1e	Move mbedtls_ct_base64_enc_char function to the constant-time module ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:14:21 +01:00
Gabor Mezei	28d611559e	Move mbedtls_ct_uchar_mask_of_range function to the constant-time module ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 17:09:38 +01:00
Gabor Mezei	b8d78926eb	Rename functions to have suitable name ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-26 16:51:18 +01:00
Ronald Cron	c6e6f50d47	psa: cipher: Fix invalid output buffer usage in psa_cipher_encrypt() ... Don't use the output buffer in psa_cipher_encrypt() to pass the generated IV to the driver as local attacker could potentially control it. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-11-26 15:46:20 +01:00
Ronald Cron	9b67428e22	psa: cipher: Add IV parameters to cipher_encrypt entry point ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-11-26 15:46:20 +01:00
Ronald Cron	2391952a4c	psa: cipher: Align APIs execution flow ... Align the execution of cipher one-shot APIs with that of cipher multi-part APIs: always exit through the exit-labelled section. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-11-26 15:46:20 +01:00
Ronald Cron	2fb9052838	psa: cipher: Fix invalid output buffer usage in psa_cipher_generate_iv() ... Don't use the output buffer in psa_cipher_generate_iv() to pass the generated IV to the driver as local attacker could potentially control it. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-11-26 15:46:20 +01:00
Gilles Peskine	8716f17961	Tweak whitespace for readability ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-11-26 12:47:55 +01:00
Gilles Peskine	2d8a182407	PSA global data: move fields around to save code size ... Move fields around to have fewer accesses outside the 128-element Thumb direct access window. Make the same change as in 2.27+, for the same small benefit. Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build): library/psa_crypto.o: 16434 -> 16414 (diff: 20) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-11-26 12:46:28 +01:00
Xiaofei Bai	6dc90da740	Rebased on 74217ee and add fixes ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-26 08:12:43 +00:00
Xiaofei Bai	9539501120	Rebase and add fixes ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-26 08:09:26 +00:00
Xiaofei Bai	feecbbbb93	Fix some variable names in code comment ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-26 08:08:36 +00:00
Xiaofei Bai	89b526da3e	Fix some more variables names ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-26 08:08:36 +00:00
Xiaofei Bai	b7972840fd	Fix variable names in ssl_tls13_keys.* ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-26 08:08:36 +00:00
Xiaofei Bai	eef150418f	Fix variable names in ssl_tls13_generic/client.c ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-26 08:08:36 +00:00
Xiaofei Bai	746f9481ea	Fix 1_3/13 usages in macros and function names ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-26 08:08:36 +00:00
XiaokangQian	4d2329fd8a	Change code based on reviews ... Remove support signature PKCS1 v1.5 in CertificateVerify. Remove useless server states in test script Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-25 02:21:16 +00:00
XiaokangQian	a83014db4a	TLS1.3: Add signature scheme pkcs1 v1.5 ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-25 02:21:16 +00:00
Gilles Peskine	e2d707fea5	Merge pull request #4866 from gabor-mezei-arm/3649_move_constant_time_functions_into_separate_module ... Move constant-time functions into a separate module	2021-11-24 19:33:00 +01:00
Ronald Cron	b92b88cc4c	Merge pull request #5127 from xkqian/xkqian/pr/add_rsa_pss_rsae ... Xkqian/pr/add rsa pss rsae	2021-11-24 14:22:30 +01:00
Gabor Mezei	685472bfb6	Update function name ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-24 11:17:36 +01:00
Gabor Mezei	be7b21da22	Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module	2021-11-24 10:44:13 +01:00
Gilles Peskine	0c9f058504	Merge pull request #5213 from tom-cosgrove-arm/pr_4950 ... Fix GCM calculation with very long IV	2021-11-22 22:22:37 +01:00
XiaokangQian	4b82ca1b70	Refine test code and test scripts ... Change client test code to support rsa pss signatures Add test cases for rsa pss signature in ssl-opt.sh Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-22 05:50:12 +00:00
XiaokangQian	82d34ccf47	Add signature scheme rsa pss ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-22 05:50:12 +00:00
Paul Elliott	4086bdbe37	Better fix for empty password / salt ... Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-11-18 22:39:16 +00:00
Manuel Pégourié-Gonnard	146247de71	Merge pull request #5172 from bensze01/invalid_nonce_error ... PSA: Indicate in the error returned when we know that an AEAD nonce length is invalid, not just unsupported	2021-11-18 09:41:12 +01:00
Ronald Cron	ac00659480	Merge pull request #5121 from yuhaoth/pr/add-wrapup-and-hello-test ... TLS1.3 MVP: Add finialize states and simplest test	2021-11-18 09:11:53 +01:00
Bence Szépkúti	6d48e20d4b	Indicate nonce sizes invalid for ChaCha20-Poly1305 ... Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2021-11-17 18:06:11 +01:00
Bence Szépkúti	357b78e42c	Indicate if we know that a nonce length is invalid ... This restores the behaviour found in the previously released versions and development_2.x. Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2021-11-17 18:06:04 +01:00
Manuel Pégourié-Gonnard	5a57a51ea5	Merge pull request #5180 from daverodgman/key_derivation_output_key_error_code ... Improve PSA error return code for psa_key_derivation_output_key	2021-11-17 13:09:37 +01:00
Jerry Yu	a6e6c27bd3	Grouplize tls1_3 special functions ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-17 17:54:13 +08:00
Jerry Yu	cfe64f0b24	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-17 16:03:06 +08:00
Jerry Yu	378254d3e3	Implement handshake wrapup ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-17 16:03:06 +08:00
XiaokangQian	3ce4d51c11	Move set_outbound_transform to finalize server finished. ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-17 02:11:36 +00:00
Dave Rodgman	d69da6c3c3	Improve PSA error return code ... psa_key_derivation_output_key: prioritize BAD_STATE over NOT_PERMITTED If psa_key_derivation_output_key() is called on an operation which hasn't been set up or which has been aborted, return PSA_ERROR_BAD_STATE. Only return PSA_ERROR_NOT_PERMITTED if the operation state is ok for psa_key_derivation_input_bytes() or psa_key_derivation_output_bytes() but not ok to output a key. Ideally psa_key_derivation_output_key() would return PSA_ERROR_NOT_PERMITTED only when psa_key_derivation_output_bytes() is possible, but this is clumsier to implement. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2021-11-16 16:03:31 +00:00
XiaokangQian	a3087e881e	Fix finished message decryption fail issue ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-16 02:38:45 +00:00
XiaokangQian	9ec8fcfddd	Improve failure messag for calculating verify data ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 08:24:08 +00:00
XiaokangQian	dce82245ac	Fix the compile issue about prepare message ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 06:01:26 +00:00
XiaokangQian	0fa6643eb5	Align coding stles and remove useless code ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	35dc625e37	Move the location of functions ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	8773aa0da9	Align coding styles in generic for client finish ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	cc90c94413	Rebase and change code ... Solve conflicts. Rename functions Align coding style Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	e1655e4db8	Change naming styles and fix ci failure ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	c00ba81310	Remove MBEDTLS_SSL_NEW_SESSION_TICKET in TLS1.3 MVP ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	eab1023dbf	Fix some compiling errors for name mismatch ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
XiaokangQian	74af2a827e	TLS1.3: Add client finish processing in client side ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-15 03:37:11 +00:00
Ronald Cron	bb41a88f2e	Merge pull request #5120 from yuhaoth/pr/fix-memory-leak-and-version-header ... TLS1.3 :fix memory leak and version header	2021-11-12 13:49:26 +01:00
Ronald Cron	28777db226	Merge pull request #4952 from xkqian/add_server_finished ... Add server finished	2021-11-12 12:30:10 +01:00
Paul Elliott	853c0da8de	Fix for pkcs12 with NULL or zero length password ... Previously passing a NULL or zero length password into either mbedtls_pkcs12_pbe() or mbedtls_pkcs12_derive() could cause an infinate loop, and it was also possible to pass a NULL password, with a non-zero length, which would cause memory corruption. I have fixed these errors, and improved the documentation to reflect the changes and further explain what is expected of the inputs. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-11-11 19:26:37 +00:00
XiaokangQian	a4c99f2c2d	Remove useless blank line ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-11 06:46:35 +00:00
XiaokangQian	c13f935c05	Align code styles of indent and so on ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-11 06:13:22 +00:00
XiaokangQian	3306284776	Change code base on comments ... Remove client certificate verify in tests. Change the layout of structure to fix abi_api check issues. Add comments of Finished. Align with the coding styles. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-11 03:37:45 +00:00
Tom Cosgrove	0eedd36557	Serialise builds of the .a files on Windows ... This is a workaround for an issue with mkstemp() in older MinGW releases that causes simultaneous creation of .a files in the same directory to fail. Fixes #5146 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2021-11-10 11:15:46 +00:00
Manuel Pégourié-Gonnard	087f04783d	Merge pull request #5076 from mstarzyk-mobica/psa_ccm_no_tag ... PSA CCM*-no-tag	2021-11-10 10:18:55 +01:00
XiaokangQian	d0aa3e9307	Inprove code base on review comments ... Change debug messag for server finished. Change name of generate_application_keys. Remove the client vertificate tests from ssl-opt.sh. Add test strings for server finished in ssl-opt.sh. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 06:17:40 +00:00
XiaokangQian	57b2aff8a8	Align the union size ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 03:12:11 +00:00
XiaokangQian	aaa0e197a8	Change the alignment and names of functions and a macro ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 03:07:04 +00:00
XiaokangQian	c5c39d5800	Change code for styles and comments .etc ... Remove useless code in union. Rename functions and parameters. Move definitions into othe files. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	44c38f7e36	Chande debug message in finished and rename finalize functions ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	b51f8841c4	Change comments for export_keys callback ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	ac0385c08f	Change code based on comments ... Move set_state function into client Add back export_key callback function in generate application keys Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	8903bd97b0	Change some naming style issues and remove useless code ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	1aef02ee20	Fix initialized issues and remove useless code ... Fix the variable not inialized issue, remove the client certificate related code, remove early data related code. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	61bdbbc18b	Add cleanup in functions for secure reason ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	f26f6ade0c	Rebase and solve conflicts ... Remove the double definition and change name Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	f13c56032f	Revert some changes about tls13 and macros ... There is one PR #4988 to change it in the future Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	7c91705e21	Remove support for MBEDTLS_SSL_EXPORT_KEYS ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	46c6fc74f1	Fix compile issue about MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	a763498490	Change code based on commetns ... Focus on the code style, naming rule,etc. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	4cab0240c7	Change coding style ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:23 +00:00
XiaokangQian	aa5f5c1f5d	TLS1.3: Add server finish processing in client side ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-10 01:47:22 +00:00
Ronald Cron	91fe315c69	Merge pull request #5134 from xffbai/add-hostname-ext ... TLS1.3 Add hostname extension	2021-11-09 12:28:14 +01:00
Xiaofei Bai	f36e1677b1	Fix alignment ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-09 09:28:25 +00:00
Xiaofei Bai	6f435f07d2	Fix compile error ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-09 04:08:32 +00:00
Xiaofei Bai	58afdba887	Fix typo and remove wrapper ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-09 03:10:05 +00:00
Jerry Yu	a1a568c2f6	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-09 10:17:21 +08:00
Ronald Cron	260f5d9413	Merge pull request #4953 from yuhaoth/pr/add-tls13-read-certificate-verfify ... TLS1.3: CertificateVerify:add tls13 read certificate verfify	2021-11-08 09:36:35 +01:00
Jerry Yu	1ca80f7ca5	fix comment issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-08 10:45:16 +08:00
Gilles Peskine	c756b5f9fa	Merge pull request #5126 from haampie/fix/DT_NEEDED_for_shared_libraries ... DT_NEEDED for shared builds in makefile	2021-11-05 12:04:29 +01:00
Xiaofei Bai	15a56813a2	TLS1.3 Add hostname extention ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-05 10:52:12 +00:00
Manuel Pégourié-Gonnard	8a232d231a	Merge pull request #4966 from gilles-peskine-arm/missing-psa-macros ... Add missing PSA macros	2021-11-05 10:08:58 +01:00
Jerry Yu	5398c10b89	Add return value check for cerificate verify ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-11-05 13:32:38 +08:00
Harmen Stoppels	fcb4fb71e3	Reorder linker flags ... Signed-off-by: Harmen Stoppels <harmenstoppels@gmail.com>	2021-11-04 17:34:27 +01:00
Harmen Stoppels	70842950fd	Restore the whitespace ... Signed-off-by: Harmen Stoppels <harmenstoppels@gmail.com>	2021-11-04 13:09:02 +01:00
Gilles Peskine	f4ecf305fe	Fix copypasta in #endif comment ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-11-03 18:27:22 +01:00
Gabor Mezei	642eeb2879	Fix documentation and comments ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-11-03 16:13:32 +01:00
Gilles Peskine	f7b4137e69	Untangle PSA_ALG_IS_HASH_AND_SIGN and PSA_ALG_IS_SIGN_HASH ... The current definition of PSA_ALG_IS_HASH_AND_SIGN includes PSA_ALG_RSA_PKCS1V15_SIGN_RAW and PSA_ALG_ECDSA_ANY, which don't strictly follow the hash-and-sign paradigm: the algorithm does not encode a hash algorithm that is applied prior to the signature step. The definition in fact encompasses what can be used with psa_sign_hash/psa_verify_hash, so it's the correct definition for PSA_ALG_IS_SIGN_HASH. Therefore this commit moves definition of PSA_ALG_IS_HASH_AND_SIGN to PSA_ALG_IS_SIGN_HASH, and replace the definition of PSA_ALG_IS_HASH_AND_SIGN by a correct one (based on PSA_ALG_IS_SIGN_HASH, excluding the algorithms where the pre-signature step isn't to apply the hash encoded in the algorithm). In the definition of PSA_ALG_SIGN_GET_HASH, keep the condition for a nonzero output to be PSA_ALG_IS_HASH_AND_SIGN. Everywhere else in the code base (definition of PSA_ALG_IS_SIGN_MESSAGE, and every use of PSA_ALG_IS_HASH_AND_SIGN outside of crypto_values.h), we meant PSA_ALG_IS_SIGN_HASH where we wrote PSA_ALG_IS_HASH_AND_SIGN, so do a global replacement. ``` git grep -l IS_HASH_AND_SIGN ':!include/psa/crypto_values.h' | xargs perl -i -pe 's/ALG_IS_HASH_AND_SIGN/ALG_IS_SIGN_HASH/g' ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-11-03 15:48:15 +01:00
Gilles Peskine	e7be73d579	Use the new macro PSA_HASH_BLOCK_LENGTH ... Replace an equivalent internal function. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-11-03 15:47:03 +01:00
Mateusz Starzyk	e6d3edaf32	Add missing PSA_ALG_IS_SIGN_HASH macro. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-11-03 15:47:03 +01:00
Harmen Stoppels	01ef723bba	DT_NEEDED for shared builds in makefile ... The makefile build specifies -L. -lmbedx509 -lmbedcrypto flags first, and only then object files referencing symbols from those libraries. In this order the linker will not add the linked libraries to the DT_NEEDED section because they are not referenced yet (at least that happens for me on ubuntu 20.04 with the default gnu compiler tools). By first specifying the object files and then the linked libraries, we do end up with libmbedx509 and libmbedcrypto in the DT_NEEDED sections. This way running dlopen(...) on libmedtls.so just works. Note that the CMake build does this by default. Signed-off-by: Harmen Stoppels <harmenstoppels@gmail.com>	2021-11-03 01:06:11 +01:00
Manuel Pégourié-Gonnard	0dbe1dfa1c	Merge pull request #4859 from brett-warren-arm/supported_groups ... Add mbedtls_ssl_conf_groups to API	2021-11-02 10:49:09 +01:00
Jerry Yu	ba9c727e94	fix memory leak issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-30 20:23:45 +08:00
Jerry Yu	47413c2c8f	fix wrong version header for tls1.3 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-30 20:23:37 +08:00
Manuel Pégourié-Gonnard	4313d3ac87	Merge pull request #5010 from gilles-peskine-arm/psa-rsa-pss_any_salt ... PSA: fix salt length for PSS verification	2021-10-29 16:36:36 +02:00
Brett Warren	14efd33a6c	Convert TLS1.3 functions to get_supported_groups ... Signed-off-by: Brett Warren <brett.warren@arm.com>	2021-10-29 15:13:48 +01:00
Brett Warren	01f3dae3f3	Refactor elliptic curve extension for NamedGroups ... The refactoring is needed for the group api to work properly. Code is modified to use mbedtls_get_supported_groups instead of direct access so that both deprecated and new api are useable. Signed-off-by: Brett Warren <brett.warren@arm.com>	2021-10-29 14:07:46 +01:00
Jerry Yu	6f87f2521c	Refactor ssl_tls13_parse_certificate_verify ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 20:15:03 +08:00
Jerry Yu	d0fc585b7e	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	0b32c502a4	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	da8cdf2fa9	Remove certificate_verify_coordinate ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	982d9e5db2	Add ssl_tls13_sig_alg_is_offered ... To keep consistent with cipher_suite check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	133690ccef	Refactor hash computation ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	26c2d11802	Fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	30b071cb66	tls13:Add certificate verify ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Jerry Yu	0bbb39786d	tls13: add labels ... add client and server cv magic words Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 19:57:55 +08:00
Brett Warren	e0edc8407b	Add mbedtls_ssl_conf_groups to API ... mbedtls_ssl_conf_groups allows supported groups for key sharing to be configured via their IANA NamedGroup ID. This is added in anticipation of PQC and Hybrid key sharing algorithms being integrated into Mbed TLS. mbedtls_ssl_conf_curves is deprecated in favor of mbedtls_ssl_conf_groups. handshake_init has been modified to translate and copy curves configured via conf_curves into a heap allocatied array of NamedGroup IDs. This allows the refactoring of code interacting with conf_curve related variables (such as curve_list) to use NamedGroup IDs while retaining the deprecated API. Signed-off-by: Brett Warren <brett.warren@arm.com>	2021-10-29 11:27:00 +01:00
Ronald Cron	f660c7c923	Merge pull request #4993 from xffbai/add-tls13-read-certificate ... TLS1.3: add tls1_3 read certificate	2021-10-29 12:25:44 +02:00
Manuel Pégourié-Gonnard	136819fe6e	Merge pull request #4959 from gilles-peskine-arm/psa-add-aria ... Add ARIA to the PSA API	2021-10-29 09:38:06 +02:00
Xiaofei Bai	f93cbd2674	fix some format issues ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-10-29 02:39:30 +00:00
Jerry Yu	d2674314a3	Restore certificate_request state ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 10:14:29 +08:00
Jerry Yu	b640bf6c15	fix CI build fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-29 10:05:32 +08:00
Paul Elliott	82d2dc24bb	Remove redundant blank line ... Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-10-28 16:38:29 +01:00
Jerry Yu	83bb13101a	fix format warning ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-28 22:16:33 +08:00
Jerry Yu	7aa7186022	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-28 21:41:30 +08:00
Jerry Yu	a93ac116c8	Remove certificate_request state ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-28 21:36:03 +08:00
Xiaofei Bai	ff45602c74	Add local variable verify_result ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-10-28 21:28:08 +08:00
Xiaofei Bai	10aeec0685	Fix a build error ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-10-28 21:28:08 +08:00
Xiaofei Bai	79595acf3f	Update based on review comments. ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-10-28 21:28:08 +08:00
Xiaofei Bai	947571efff	add tls1_3 read certificate ... Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-10-28 21:28:08 +08:00
Ronald Cron	7cd24ded48	Merge pull request #5114 from yuhaoth/pr/add-get-uint24 ... Add GET/PUT_UINT24_BE/LE	2021-10-28 13:57:57 +02:00
Ronald Cron	cf1f376b24	Merge pull request #4937 from xkqian/add_tls13_encrypted_extension ... The rebase after the two approvals was simple enough to need only one reviewer.	2021-10-28 09:34:56 +02:00
Manuel Pégourié-Gonnard	4c9313fcd9	Merge pull request #4514 from mpg/generated-files-cmake ... Generated files cmake	2021-10-28 09:23:41 +02:00
Jerry Yu	29287a46d2	fix wrong para name in doxygen comments ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-28 10:26:13 +08:00
XiaokangQian	ab7f50d638	Change macro names and add test script for extensions ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-10-28 01:54:39 +00:00
XiaokangQian	7b2d4efee8	Change the buffer boundary check and alert type ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-10-28 01:49:37 +00:00
XiaokangQian	8db25fffb4	Encrypted Extensions: Change extensions length check ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-10-28 01:49:37 +00:00
XiaokangQian	97799ac27b	Encrypted Extensions: Align code style and some check logic ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-10-28 01:49:37 +00:00
XiaokangQian	08da26c58f	Refine encrypted extensions parse function ... Change arguments of API. Send different messages base on extensions types. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-10-28 01:49:37 +00:00
XiaokangQian	140f0459ed	Encrypted Extension: Align the code style of buffer pointer ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-10-28 01:49:37 +00:00
XiaokangQian	e87e5924c9	Fix some issues such as naming mismatch based on comments. ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-10-28 01:49:37 +00:00
XiaokangQian	c1fe000cfd	TLS1.3: Solve check name issue-macro definition ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-10-28 01:49:37 +00:00
XiaokangQian	2d5c72be0b	TLS1.3: Add Encrypted Extensions ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-10-28 01:49:37 +00:00
Ronald Cron	5893246066	Merge pull request #4919 from yuhaoth/pr/add-tls13-server-hello-parser ... TLS1.3:ServerHello:Add parse server hello function	2021-10-27 18:27:27 +02:00
Jerry Yu	f3f5c210cb	fix comments issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-27 17:05:49 +08:00
Mateusz Starzyk	4cb9739038	Use separate MBEDTLS_MODE for the CCM*. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-10-27 10:42:31 +02:00
Jerry Yu	643d11606a	Add GET/PUT_UINT24_BE/LE ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-27 13:55:37 +08:00
Jerry Yu	e6d7e5cef6	move CLIENT/SERVER_HELLO_RANDOM_LEN to ssl_misc.h ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-26 11:10:15 +08:00
Gilles Peskine	ac253ea32b	Fix copypasta in comment ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-25 22:15:20 +02:00
Gilles Peskine	c1776a01d2	Move declarations of testing-only base64 functions to their own header ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-25 22:15:13 +02:00
Gilles Peskine	d7d3279fdf	Expose internal base64 functions for testing ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-25 22:09:12 +02:00
Gilles Peskine	8635e2301f	mask_of_range: simplify high comparison ... To test c <= high, instead of testing the sign of (high + 1) - c, negate the sign of high - c (as we're doing for c - low). This is a little easier to read and shaves 2 instructions off the arm thumb build with arm-none-eabi-gcc 7.3.1. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-25 22:09:12 +02:00
Gilles Peskine	67468e81a6	Base64 decode: simplify local variables (n) ... n was used for two different purposes. Give it a different name the second time. This does not seem to change the generated code when compiling with optimization for size or performance. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-25 22:09:12 +02:00
Gilles Peskine	2c4a3686bb	Base64 encoding: use ranges instead of tables ... Instead of doing constant-flow table lookup, which requires 64 memory loads for each lookup into a 64-entry table, do a range-based calculation, which requires more CPU instructions per range but there are only 5 ranges. I expect a significant performance gain (although smaller than for decoding since the encoding table is half the size), but I haven't measured. Code size is slightly smaller. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-25 22:09:12 +02:00
Gilles Peskine	1121cd29b6	Base64 decode: simplify local variables ... Document what each local variable does when it isn't obvious from the name. Don't reuse a variable for different purposes. This commit has very little impact on the generated code (same code size on a sample Thumb build), although it does fix a theoretical bug that 2^32 spaces inside a line would be ignored instead of treated as an error. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-25 22:09:12 +02:00
Gilles Peskine	ab04335052	Base64 decoding: use ranges instead of tables ... Instead of doing constant-flow table lookup, which requires 128 memory loads for each lookup into a 128-entry table, do a range-based calculation, which requires more CPU instructions per range but there are only 5 ranges. Experimentally, this is ~12x faster on my PC (based on programs/x509/load_roots). The code is slightly smaller, too. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-25 22:09:12 +02:00
Gilles Peskine	b553eaabea	Base64 decoding: don't use the table for '=' ... Base64 decoding uses equality comparison tests for characters that don't leak information about the content of the data other than its length, such as whitespace. Do this with '=' as well, since it only reveals information about the length. This way the table lookup can focus on character validity and decoding value. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-25 22:09:12 +02:00
Gilles Peskine	4fa0725936	Merge pull request #5002 from mstarzyk-mobica/psa_output_buffer_limitation ... Remove output buffer limitation for PSA with GCM.	2021-10-25 19:37:33 +02:00
David Horstmann	a8d1406107	Rename DEV_MODE to GEN_FILES ... GEN_FILES is a bit clearer as it describes what the setting does more precisely. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2021-10-25 13:16:04 +01:00
Manuel Pégourié-Gonnard	e90e405e15	Introduce "Dev mode" option ... When the option is On, CMake will have rules to generate the generated files using scripts etc. When the option is Off, CMake will assume the files are available from the source tree; in that mode, it won't require any extra tools (Perl for example) compared to when we committed the files to git. The intention is that users will never need to adjust this option: - in the development branch (and features branches etc.) the option is always On (development mode); - in released tarballs, which include the generated files, we'll switch the option to Off (release mode) in the same commit that re-adds the generated files. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2021-10-25 13:16:04 +01:00
Manuel Pégourié-Gonnard	65a7203119	Allow cmake to generate version_features.c ... Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2021-10-25 13:16:03 +01:00
Manuel Pégourié-Gonnard	cbdedc54b9	Allow cmake to generate error.c ... Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2021-10-25 13:16:03 +01:00
Jerry Yu	188468b5f4	Add reference link for Random definition ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:48:24 +08:00
Jerry Yu	ad3a113fc6	Remove MBEDTLS_SSL_EXPORT_KEYS ... It is always on now in `development` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:46:43 +08:00
Jerry Yu	7a186a0cbf	fix comment issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:29 +08:00
Jerry Yu	337d5318ae	replace md_max_size with tls13_md_max_size ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:29 +08:00
Jerry Yu	745bb616a4	Fix format issue and enhance test ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:29 +08:00
Jerry Yu	193f0e7449	fix build fail on tls1_3_md_max_size ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:29 +08:00
Jerry Yu	b85277e3af	Address various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:29 +08:00
Jerry Yu	435208a949	Improve generate_handshake_keys ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:29 +08:00
Jerry Yu	f532bb2577	Change MD size for tls13 keys ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:29 +08:00
Jerry Yu	c068b6671e	Rename tls13 prefix to fix coding issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	4a1733831e	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	f0ac2352d6	Refactor key_schedule_stage_handshake ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	5ccfcd4ca1	Add local variable to represent handshake ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	de4fb2cc34	Apply check read ptr macro ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	fd532e506b	fix set key exchange mode issue ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	0b17784932	Add finalize function ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	e1b9c297b9	Add read_server_hello ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	1efa815db7	tls13: add ecdh_read_public ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	a0650ebb9d	tls13: add handshake key schedule ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Jerry Yu	61e35e0047	tls13: add generate handshake keys ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-25 10:41:28 +08:00
Mateusz Starzyk	594215be6e	Add support for CCM*-no-tag to PSA. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-10-21 11:33:41 +02:00
Mateusz Starzyk	bb2ced33dd	Ignore plaintext length for CCM*-no-tag. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-10-21 11:33:37 +02:00
Gabor Mezei	22c9a6fccc	Rename internal header constant_time.h to constant_time_internal.h ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-20 12:15:20 +02:00
Gabor Mezei	90437e3762	Rename constant-time functions to have mbedtls_ct prefix ... Rename functions to better suite with the module name. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-20 11:59:27 +02:00
Gabor Mezei	116cd6a6b4	Fix documentation ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-20 11:18:37 +02:00
Gabor Mezei	6a426c9f9f	Bind functions' availability for config options ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-20 11:17:43 +02:00
Gilles Peskine	9202ba37b1	Merge pull request #4960 from mpg/cleanup-tls-cipher-psa-3.x ... Clean up some remnants of TLS pre-1.2 support	2021-10-19 21:59:15 +02:00
Gabor Mezei	765862c4f3	Move mbedtls_cf_memcmp to a new public header ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-19 12:22:25 +02:00
Gabor Mezei	291df7bbab	Add macro guard for header file ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-19 11:27:17 +02:00
Gabor Mezei	e212379810	Bind functions' availability for config options ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 19:38:02 +02:00
Gilles Peskine	6210320215	Merge pull request #4989 from AndrzejKurek/remove-ssl-export-keys ... Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on	2021-10-18 17:53:56 +02:00
Gilles Peskine	bf21c07923	Merge pull request #5072 from mprse/issue_5065 ... Use switch statement instead if-else in psa_aead_check_nonce_length() and psa_aead_set_lengths(). Fixes #5065	2021-10-18 17:51:50 +02:00
Gabor Mezei	949455892f	Remove unused function ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 17:02:29 +02:00
Gabor Mezei	a2d0f90c5a	Make functions static ... These functions are only used as an auxiliary function for constant-time functions. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:56:50 +02:00
Gabor Mezei	a316fc8eb0	Update documentation and comments ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	63bbba5c13	Rename and reorder function parameters ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	7013f62ee5	Use condition for not sensitive data ... Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	eab90bcc36	Move implementation specific comment ... This comment is about how the functions are implemented, not about their public interface, so it doesn't belong in the header file. It applies to everything in constant_time.c so moved there. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gabor Mezei	1e64261da5	Make mbedtls_cf_size_mask_lt function static ... The mbedtls_cf_size_mask_lt is solely used as an auxiliary function for mbedtls_cf_size_mask_ge. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2021-10-18 16:39:13 +02:00
Gilles Peskine	7637ab0d8b	Merge pull request #5037 from mprse/issue_4551 ... Fix psa_generate_key(): return PSA_ERROR_INVALID_ARGUMENT for public key	2021-10-18 10:39:21 +02:00
Gilles Peskine	2bb5e9c973	Merge pull request #4760 from gilles-peskine-arm/ecb-alt-ret-3.0 ... Catch failures of mbedtls_aes_crypt_ecb and its DES equivalents	2021-10-14 12:11:20 +02:00
Przemyslaw Stekiel	4cad4fc8a9	psa_crypto.c: use switch instead if-else in psa_aead_check_nonce_length and psa_aead_set_lengths (fixes #5065) ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2021-10-13 14:04:36 +02:00
Ronald Cron	e3e16d5d67	Merge pull request #4982 from yuhaoth/pr/add-read-ptr-and-handshake-kex-modes ... TLS1.3:add read ptr and handshake kex modes CI merge job: only "Session resume using tickets, DTLS: openssl client" failed in one component thus CI can be considered as passed.	2021-10-11 19:23:12 +02:00
Ronald Cron	e23bba04ee	Merge pull request #4927 from yuhaoth/pr/add-tls13-serverhello-utils ... TLS 1.3: ServerHello: add utils functions used by ServerHello Regarding the merge job, there was only one of the failure we currently encounter on almost all PR (Session resume using tickets, DTLS: openssl client test case see #5012) thus we can consider that this PR passed CI.	2021-10-11 11:01:11 +02:00
Jerry Yu	e4eefc716a	Improve document for chk_buf_read_ptr ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-09 10:40:40 +08:00
Gilles Peskine	f6892dec2a	Readability improvements ... Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-08 16:28:32 +02:00
Jerry Yu	fd320e9a6e	Replace zeroize with memset ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 21:52:41 +08:00
Jerry Yu	88b756bacb	move tls1_3 max md size ... It should be internal definition Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 18:41:38 +08:00
Jerry Yu	d1ab262844	define max md size for tls1_3 ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 16:19:24 +08:00
Jerry Yu	205fd82f7e	fix check_name fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 16:16:24 +08:00
Jerry Yu	ae0b2e2a2f	Rename counter_len ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 15:40:14 +08:00
Jerry Yu	c1ddeef53a	fix various issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 15:40:14 +08:00
Jerry Yu	dca3d5ddf9	fix document issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:19:29 +08:00
Jerry Yu	0cabad375b	fix doxygen parameter wrong ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:00:29 +08:00
Jerry Yu	adf861aad4	Address kex_modes check function ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:00:29 +08:00
Jerry Yu	e15e665cfb	fix comments and check return issues ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:00:29 +08:00
Jerry Yu	1b7c4a464c	tls13: add key exchange modes in handshake params ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:00:29 +08:00
Jerry Yu	34da3727d6	Add check read ptr macro ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-10-08 14:00:29 +08:00
Paul Elliott	e193ea8cb9	Add Multipart AEAD CCM internal implementation ... Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-10-07 18:06:03 +01:00
Przemyslaw Stekiel	c0fe820dc9	psa_generate_key(): return PSA_ERROR_INVALID_ARGUMENT for public key ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2021-10-07 11:08:56 +02:00
Gilles Peskine	b9b817e977	Fix PSA_ALG_RSA_PSS verification accepting an arbitrary salt length ... PSA_ALG_RSA_PSS algorithm now accepts only the same salt length for verification that it produces when signing, as documented. Fixes #4946. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-10-05 14:26:25 +02:00
Mateusz Starzyk	c48f43b44d	Fix PSA AEAD GCM's update output buffer length verification. ... Move GCM's update output buffer length verification from PSA AEAD to the built-in implementation of the GCM. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-10-04 13:54:55 +02:00
Mateusz Starzyk	f28261fc14	Remove output buffer limitation for PSA with GCM. ... The requirement of minimum 15 bytes for output buffer in psa_aead_finish() and psa_aead_verify() does not apply to the built-in implementation of the GCM. Alternative implementations are expected to verify the length of the provided output buffers and to return the MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL in case the buffer length is too small. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-10-04 13:54:54 +02:00
Gilles Peskine	023aa11760	Merge pull request #4996 from mprse/mbedtls_cipher_setup_psa_ECB ... Fix test gap: mbedtls_cipher_setup_psa() with ECB	2021-10-01 14:49:10 +02:00
openluopworld	eab65acca4	bugfix: if the len of iv is not 96-bit, y0 can be calculated incorrectly. ... An initialization vector IV can have any number of bits between 1 and 2^64. So it should be filled to the lower 64-bit in the last step when computing ghash. Signed-off-by: openluopworld <luopengxq@gmail.com>	2021-10-01 17:57:11 +08:00
LuoPeng	eb009232c0	Update library/gcm.c ... Co-authored-by: davidhorstmann-arm <70948878+davidhorstmann-arm@users.noreply.github.com> Signed-off-by: openluopworld <luopengxq@gmail.com>	2021-10-01 17:57:11 +08:00
XiaokangQian	05420b120b	TLS1.3: Add useful comments based on RFC8446 ... Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-09-30 06:15:18 +00:00
XiaokangQian	16c61aa738	TLS1.3: Alignment coding styles based on comments ... Fix kinds of alignment issues in fetch handshake messages. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-09-30 02:14:23 +00:00
XiaokangQian	6b226b0874	Add fetch_hand_message in generic ... This function is one common function in generic file, get it from the encrypted extension and submit one patch independently. Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-09-30 02:14:23 +00:00
Andrzej Kurek	a72fe641cc	Do not zeroize the ssl context if a key exporting function is set ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2021-09-29 17:08:31 -04:00
Ronald Cron	cd51e76583	Merge pull request #4338 from paul-elliott-arm/psa-m-aead ... Implement multipart PSA AEAD	2021-09-29 22:48:33 +02:00
Andrzej Kurek	324f72ec9c	Fix a bug where the ssl context is used after it's nullified ... When not using DEBUG_C, but using the DTLS CID feature - a null pointer was accessed in ssl_tls.c. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2021-09-29 10:15:52 -04:00
Andrzej Kurek	5902cd64e2	Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on ... This option only gated an ability to set a callback, but was deemed unnecessary as it was yet another define to remember when writing tests, or test configurations. Fixes #4653. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2021-09-29 10:15:42 -04:00
Paul Elliott	60116aee9e	Invert logic on nonce length tests ... Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-09-29 14:40:16 +01:00
Paul Elliott	355f59edbe	Fix formatting issues ... Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-09-29 14:40:16 +01:00
Paul Elliott	e716e6c00b	Switch cipher enabled macros ... Switch from using MBEDTLS_PSA_BUILTIN_ macros over to using PSA_WANT_ macros, as code was moved from the internal drivers to the PSA Core. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-09-29 14:40:16 +01:00
Przemyslaw Stekiel	80c6a8e1a6	Add PSA support for MBEDTLS_CIPHER_AES_128_ECB ... Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2021-09-29 12:39:21 +02:00
Gilles Peskine	bfe3d87f24	Merge pull request #4842 from gilles-peskine-arm/public_fields-3.0-info ... Make some structure fields public: key info, ASN.1 and X.509 parsing, socket fd	2021-09-29 12:37:09 +02:00
Jerry Yu	d96a5c2d86	Fix wrong usage of counter len macro ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-09-29 17:46:51 +08:00
gabor-mezei-arm	5b3a32d883	Fix missing includes ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-29 10:53:55 +02:00
Manuel Pégourié-Gonnard	1869377146	Merge pull request #4942 from yuhaoth/pr/add-tls13-client-dummy-state-handlers ... add tls13 client dummy state handlers and improve dispatch test	2021-09-29 10:45:16 +02:00
Paul Elliott	baff51c8b7	Make sure nonce length checks use base algorithm ... Nonce length checks are now being used in the oneshot AEAD code as well, which passes variant algorithms, not the base version, so need to convert to base if necessary. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-09-28 17:47:24 +01:00
gabor-mezei-arm	90d96cc741	Add documentation for the functions ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 17:07:51 +02:00
gabor-mezei-arm	b11a56e34c	Unify equality checker functions return value ... The equality checker functions always return 0 or 1 value, thus the type of return value can be the same dispite of the size of the parameters. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:42:19 +02:00
gabor-mezei-arm	9cb55698aa	Propagate usage of mask generation functions ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:42:19 +02:00
gabor-mezei-arm	396438c57b	Unify mask generation functions ... Generate all-bits 0 or all bits 1 mask from a value instead of from a bit. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:42:19 +02:00
gabor-mezei-arm	87ac5bef97	Unify function parameters ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:42:16 +02:00
gabor-mezei-arm	4602564d7a	Unify memcmp functions ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:33:47 +02:00
gabor-mezei-arm	2dcd7686ce	Typo: Unify indentation of function parameters ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:33:44 +02:00
gabor-mezei-arm	fdb71183f8	Move mbedtls_cf_rsaes_pkcs1_v15_unpadding function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:28:45 +02:00
gabor-mezei-arm	bef600f27e	Move the constant-time part of mbedtls_rsa_rsaes_pkcs1_v15_decrypt to a function ... Tne unpadding part of `mbedtls_rsa_rsaes_pkcs1_v15_decrypt` function is contant-time therefore it moved to a separate function to be prepared for moving to the contant-time module. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:28:44 +02:00
gabor-mezei-arm	65cefdbfcb	Create mbedtls_cf_size_if function ... Add a constant-time function with size_t parameter for choosing between two integer values, like the ?: ternary operator. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:28:44 +02:00
gabor-mezei-arm	c29a3da599	Move mbedtls_mpi_lt_mpi_ct function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:28:44 +02:00
gabor-mezei-arm	5c97621215	Move mbedtls_mpi_safe_cond_swap function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:28:44 +02:00
gabor-mezei-arm	40a4925128	Move mbedtls_mpi_safe_cond_assign function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:28:44 +02:00
gabor-mezei-arm	9c1203fd67	Delete ssl_invasive.h due to duplicated function declarations ... All function declaration provided by ssl_invasive.h is needed only for testing purposes and all of them are provided by constant_time.h as well. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:28:44 +02:00
gabor-mezei-arm	1349ffde84	Move mbedtls_cf_hmac function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:28:44 +02:00
gabor-mezei-arm	0e7f71e1a9	Move mbedtls_cf_memcpy_offset function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:28:44 +02:00
gabor-mezei-arm	dee0fd33f1	Move mbedtls_cf_memcpy_if_eq function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:28:43 +02:00
gabor-mezei-arm	394aeaaefb	Move mbedtls_cf_mem_move_to_left function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:28:41 +02:00
gabor-mezei-arm	be8d98b0be	Move mbedtls_cf_mpi_uint_cond_assign function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:23:57 +02:00
gabor-mezei-arm	d3230d533c	Move mbedtls_cf_cond_select_sign function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:21:10 +02:00
gabor-mezei-arm	b2dbf2c113	Move mbedtls_cf_uint_if function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:21:10 +02:00
gabor-mezei-arm	3f90fd540a	Move mbedtls_cf_mpi_uint_lt function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:21:10 +02:00
gabor-mezei-arm	84dc02c8f5	Remove module dependency ... Elinimate macros defined by modules locally in the functions that are moving to the new constant-time module. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:21:10 +02:00
gabor-mezei-arm	5a85442604	Move mbedtls_cf_size_gt function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:21:09 +02:00
gabor-mezei-arm	8d1d5fd204	Move mbedtls_cf_size_bool_eq function to the constant-time module ... There were multiple functions called mbedtls_cf_size_bool_eq. They had exactly the same behavior, so move the one in bignum.c and remove the other. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:20:07 +02:00
gabor-mezei-arm	16fc57bcc4	Move mbedtls_cf_size_mask_ge function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:16:14 +02:00
gabor-mezei-arm	c76227d808	Move mbedtls_cf_size_mask_lt function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:16:14 +02:00
gabor-mezei-arm	3733bf805a	Move mbedtls_cf_size_mask function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:16:14 +02:00
gabor-mezei-arm	340948e4a5	Move mbedtls_cf_uint_mask function to the constant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:16:14 +02:00
gabor-mezei-arm	db9a38c672	Move contatnt-time memcmp functions to the contant-time module ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:16:14 +02:00
gabor-mezei-arm	9fa43ce238	Rename function to have suitable name ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-09-28 16:14:47 +02:00
Paul Elliott	814f0c5fb1	Remove check for lack of supported ciphers ... Add comment explaining (currently) empty function. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-09-28 14:42:36 +01:00
Paul Elliott	946c920475	Add safety for nonce length to internal driver ... Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-09-28 14:42:36 +01:00
Jerry Yu	d9a94fe3d0	Add counter length macro ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-09-28 20:10:26 +08:00
Jerry Yu	6ca7c7fd6b	Remove useless variables ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-09-28 18:51:40 +08:00
Paul Elliott	bb0f9e1740	Move all nonce length checks to PSA Core ... Remove duplicated code from oneshot API Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-09-28 11:16:27 +01:00
Paul Elliott	dff6c5d963	Restore internal driver for aead_set_lengths ... Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-09-28 11:16:27 +01:00
Jerry Yu	ad8d0bad10	Keep consistency order. ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-09-28 17:58:26 +08:00
Jerry Yu	d52398d31f	fix double underscore fail ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-09-28 16:13:44 +08:00
Paul Elliott	4ed1ed18d2	Move nonce size checking to PSA Core ... Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-09-27 18:24:11 +01:00