mbedtls

mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00

Author	SHA1	Message	Date
Przemek Stekiel	c829816fb6	psa_export_public_key_internal: add missing check for FFDH key type Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	a9ca13136c	Move check of the key type to mbedtls_psa_key_agreement_ffdh Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	0dd746d998	Add psa_crypto_ffdh to build Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	359f4625a3	Move FFDH layer to separate file Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	fedd134300	Add key generation for FFDH keys Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:04:32 +02:00
Przemek Stekiel	fb3dd54b24	Add key agreement for FFDH keys Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:04:32 +02:00
Przemek Stekiel	472b3f33b9	Add import/export of FFDH keys Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:04:32 +02:00
Przemek Stekiel	f5b8f78ad7	authorityCertIssuer and authorityCertSerialNumber MUST both be present or absent Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 08:57:32 +02:00
Tom Cosgrove	10f40916eb	Merge pull request #7462 from daverodgman/clz_size_opt clz size/perf optimisation	2023-04-26 07:06:30 +01:00
Jerry Yu	61c4cfa2a7	Add compiler version checks. When `MBEDTLS_AESCE_C` enabled and the compiler is not expected, we should raise error to user. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-26 13:06:01 +08:00
Dave Rodgman	2e863ecde9	Remove unnecessary if to save 16 bytes Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-25 17:40:49 +01:00
Paul Elliott	d3fbbe55f7	Merge pull request #7448 from gabor-mezei-arm/7261_roll_loop_in_ecp_mod_koblitz Roll up the loop in ecp_mod_koblitz()	2023-04-25 15:27:21 +01:00
Minos Galanakis	9c2c81f996	ecp_curves: Renamed `ecp_mod_p256k1` -> `mbedtls_ecp_mod_p256k1` Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-25 13:30:59 +01:00
Minos Galanakis	d6751dcd8b	ecp_curves: Added unit-tests for `secp256k1` This patch introduces basic unit-testing for the `ecp_mod_p256k1()`. The method is exposed through the ecp_invasive interface, and the standard testing data is being provided by the python framework. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-25 13:30:59 +01:00
Przemek Stekiel	aede2ad554	Optimize code (pake role type, freeing buffers) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-25 14:30:34 +02:00
Minos Galanakis	ec09e25251	bignum_core: Aligned `xxx_core_shift_l` to `xxx_core_shift_r` This patch modifies the left-shift implementation to closely align in interface and behaviour to the existing right-shift method. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-25 12:23:34 +01:00
Minos Galanakis	ad808dd5f1	bignum_core: Extracted mbedtls_mpi_shift_l from prototype Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-25 12:23:33 +01:00
Przemek Stekiel	6e628a4e7b	Add undfined role for ec j-pake Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-25 13:11:36 +02:00
Jerry Yu	f015a93f98	Add msvc version document Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-25 10:38:03 +08:00
Jerry Yu	8f0e3d4c22	fix wrong compiler checks - Add msc version check - remove HAVE_ASM due to conflict with check_config Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-25 10:24:53 +08:00
Gilles Peskine	ad450d5a92	Merge pull request #7463 from valeriosetti/issue7460-part2 Pass pk_context pointer to PK wrappers instead of void pointer	2023-04-24 17:41:39 +02:00
Janos Follath	53c6553deb	Merge pull request #7450 from xkqian/bignumber_ecp_update Update gen_prvkey_mx paras to align with comments and c code	2023-04-24 13:44:39 +01:00
Dave Rodgman	0f16d560aa	Fix documentation Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-24 12:53:45 +01:00
Przemek Stekiel	f4194944e8	Use do-while(0) format in macros Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-24 09:52:17 +02:00
Gilles Peskine	935a987b2b	Merge pull request #7436 from AndrzejKurek/x509-verify-san-ip x509 SAN IP parsing	2023-04-21 22:00:58 +02:00
Gabor Mezei	f921f4d228	Use loop for two passes in the reduction Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-21 14:09:06 +02:00
Dave Rodgman	bbf881053d	Document undefined case. Clarify test code. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-21 12:54:40 +01:00
Dave Rodgman	880a6b34c2	Further size optimisation Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-20 11:52:55 +01:00
valerio	38992cb833	pk: pass pk_context pointer to wrappers intead of void one Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-04-20 12:02:34 +02:00
Jerry Yu	8b6df3fd76	fix msvc fail on embed assembly code Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-20 10:32:37 +08:00
Jerry Yu	9db4b1f455	fix msvc type cast fail. GCC needs the `cast` due to incompatible type error Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-20 10:32:36 +08:00
Jerry Yu	07d28d8598	Add msvc build for aesce module Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-20 10:32:36 +08:00
David Horstmann	861e5d2742	Change to using an alloc-realloc strategy Allocate enough memory to guarantee we can store the OID, encode into the buffer, then realloc and copy into a buffer of exactly the right size. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-04-19 18:37:45 +01:00
Dave Rodgman	fe8a8cd100	Size/perf optimisation for mbedtls_mpi_core_clz Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-04-19 17:59:12 +01:00
Kusumit Ghoderao	a14ae5a0c9	Fix input_integer testing Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-04-19 14:16:26 +05:30
Xiaokang Qian	b92a2f6e7a	Remove trailing whitespace from ecdsa.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-19 02:59:15 +00:00
Andrzej Kurek	90117db5dc	Split a complex condition into separate ones Make it more readable Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-18 10:43:35 -04:00
Minos Galanakis	9d80879f90	ecp_curves: Introduced `mbedtls_ecp_mod_p224k1()` This patch introduces a `MBEDTLS_STATIC_TESTABLE` helper method which exposes `ecp_mod_p256k1()` to the test-framework Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-18 14:13:20 +01:00
Minos Galanakis	e5dab975c6	ecp_curves: Added unit-tests for `secp224k1` This patch introduces basic unit-testing for the `ecp_mod_p224k1()`. The method is exposed through the ecp_invasive interface, and the standard testing data is being provided by the python framework. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-18 14:13:20 +01:00
Andrzej Kurek	8bc2cc92b5	Refactor IPv6 parsing Make it more readable Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-18 07:26:27 -04:00
Janos Follath	3c3b94a31b	Merge pull request #7424 from gabor-mezei-arm/7256_unit_tests_for_p192k1 Add unit tests for ecp_mod_p192k1()	2023-04-18 12:19:40 +01:00
Andrzej Kurek	ea3e71fa37	Further refactor IPv4 parsing Make it more readable Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-18 05:54:50 -04:00
Xiaokang Qian	a089614cdf	Update gen_prvkey_mx paras to align with comments and c code Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-18 06:49:55 +00:00
Paul Elliott	4359badbb2	Merge pull request #7331 from mprse/ec-jpake-fix2 PSA PAKE: Check input_length against PSA_PAKE_INPUT_SIZE() in psa_pake_input	2023-04-17 16:31:09 +01:00
Przemek Stekiel	9a7a725ee7	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-17 16:06:57 +02:00
Przemek Stekiel	7921a03425	Add claryfication for PSA_PAKE_INPUT/OUTPUT_MAX_SIZE macros Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-17 12:32:06 +02:00
Andrzej Kurek	6cbca6dd42	Rename a variable in ipv4 and ipv6 parsing Character was too elaborate. p is used in other x509 code to step through data. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:25:00 -04:00
Andrzej Kurek	0d57896f7e	Refactor ipv6 parsing Introduce new variables to make it more readable. Clarify the calculations a bit. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:20:31 -04:00
Andrzej Kurek	7f5a1a4525	Rename ipv6 parsing variables, introduce one new one This way the names are more descriptive. j was reused later on for calculation, num_zero_groups is used instead. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:20:23 -04:00
Andrzej Kurek	06969fc3a0	Introduce a test for a sw implementation of inet_pton Create a bypass define to simulate platforms without AF_INET6. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:20:15 -04:00
Andrzej Kurek	13b8b780fe	Improve x509_inet_pton_ipv4 readability Introduce descriptive variable names. Drop the table of tens. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:19:50 -04:00
Gabor Mezei	0a11ee6da8	Fix function declaration Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-13 12:48:06 +02:00
Gabor Mezei	1237a349ed	Use macro guard for function declaration Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-13 12:48:06 +02:00
Gabor Mezei	83669d910e	Add a testable function for ecp_mod_p192k1 Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-13 12:44:37 +02:00
Xiaokang Qian	50fe36317a	Update links in ecp.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-12 06:08:45 +00:00
Xiaokang Qian	637a2fe62c	Update SEC1 link in ecdsa.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-12 06:07:51 +00:00
Xiaokang Qian	4704147717	Update SEC1 link in ecdh.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-12 06:07:23 +00:00
Glenn Strauss	b255e21e48	Handle endianness in x509_inet_pton_ipv6() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:43 -04:00
Glenn Strauss	6f545acfaf	Add mbedtls_x509_crt_parse_cn_inet_pton() tests Extended from https://github.com/Mbed-TLS/mbedtls/pull/2906 contributed by Eugene K <eugene.kobyakov@netfoundry.io> Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:42 -04:00
Glenn Strauss	416c295078	x509 crt verify local implementation to parse IP x509 crt verify local implementation to parse IP if inet_pton() is not portably available Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:42 -04:00
Glenn Strauss	c26bd76020	x509 crt verify SAN iPAddress Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:42 -04:00
Valerio Setti	0c477d32e2	test: include also test_suite_ecp for the coverage analysis Only some test cases are skipped for which ECP_C is mandatory, but the other ones are included. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	6c496a1553	solve disparities for ECP_LIGHT between ref/accel Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	5278986d2d	psa: fix ECP guards for key derivation Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	3f8d23eaef	pk_wrap: fix guards in eckey_check_pair to only include 1 option at build time Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	d4a5d461de	library: add remaining changes for the new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	0d2980f117	pk: adapt to new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	fd122f4e95	ecp: introduce new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Dave Rodgman	22d9ff6d3c	Merge pull request #7353 from xkqian/tls13_fix_code_style Improve code styles for tls13 related files	2023-04-11 09:18:22 +01:00
Gilles Peskine	5634f87d68	Merge pull request #7418 from xkqian/big_number_ecc_update_comment Update SEC1 link in ecp.c	2023-04-11 09:34:07 +02:00
Gilles Peskine	c9e8a65d06	Merge pull request #7298 from lpy4105/issue/6840/add-cache-entry-removal-api ssl_cache: misc improvements	2023-04-11 09:30:40 +02:00
Manuel Pégourié-Gonnard	b16a50eeab	Merge pull request #7392 from valeriosetti/issue7388 PK: use PSA to complete public key when USE_PSA is enabled	2023-04-11 09:09:06 +02:00
Xiaokang Qian	49f39c1e91	Fix the wrong debug _message function to _ret Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	09c3cccf97	Update the todo comment of record size limits Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	8bce0e6f5e	Update group ext debug message in ssl_tls13_server.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	91bb3f0665	Wrap lines in library/ssl_tls13_client.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	9f1747bb1f	Wrap lines which exceed 80 chars in ssl_tls13_server.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:14 +00:00
Xiaokang Qian	958b6ffe98	Wrap lines which exceed 80 chars in ssl_tls13_client.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:27:52 +00:00
Xiaokang Qian	7343738695	Wrap lines which exceed 80 chars in ssl_tls13_generic.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:27:51 +00:00
Xiaokang Qian	123cde824c	Improve code styles(line numbers) for tls13_key.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:27:51 +00:00
Xiaokang Qian	669c7c35f0	Update SEC1 link in ecp.c Old link doesn't work any more, update it to one new link to refer version 2 Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 07:36:35 +00:00
Pengyu Lv	e3746d7ce6	ssl_cache: Error renaming and document improvement Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-04-10 14:40:03 +08:00
Kusumit Ghoderao	3a18dee1e8	Fix unused variable warning Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-04-07 16:16:27 +05:30
Valerio Setti	520c0384e7	pkparse: fix return value Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 11:38:09 +02:00
Valerio Setti	1df94f841b	pk: fix return codes' precedence and code style Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 11:04:32 +02:00
Manuel Pégourié-Gonnard	f740767c00	Merge pull request #7391 from valeriosetti/issue7387 PK: don't use mbedtls_ecp_check_pub_priv() when USE_PSA is enabled	2023-04-07 10:17:18 +02:00
Valerio Setti	9d65f0ef12	pk_wrap: simplify prototype of eckey_check_pair_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 08:53:17 +02:00
Valerio Setti	aad6306212	pkparse: fix guards position Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 08:45:34 +02:00
Valerio Setti	4bf73ad83f	pkparse: use proper sizing for buffer Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 08:45:34 +02:00
Valerio Setti	34f6755b34	pkparse: add new function for deriving public key from private using PSA Instead of using the legacy mbedtls_ecp_mul() function which makes use of ECP's math, this commit adds a new function named pk_derive_public_key() which implements the same behavior using PSA functions. The flow is simple: - import the private key into PSA - export its public part Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 08:45:34 +02:00
Valerio Setti	f286664069	pk_wrap: minor code optimizations Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-07 08:37:46 +02:00
Dave Rodgman	0b3de6fcec	Merge pull request #7288 from ronald-cron-arm/tls13-server-version-negotiation TLS: TLS 1.2 / 1.3 version negotiation on server side	2023-04-06 16:26:19 +01:00
Janos Follath	3615be65f8	Merge pull request #7342 from gabor-mezei-arm/6679_prevent_mpi_mod_write_from_corrupting_the_input Prevent mpi_mod_write from corrupting the input	2023-04-06 15:56:28 +01:00
Janos Follath	44c6694be7	Merge pull request #7351 from gabor-mezei-arm/7109_ecp_fast_reduction_testing Test unlikely cases of ECC modular reduction	2023-04-06 15:55:19 +01:00
Kusumit Ghoderao	50e0e11213	Add key_derivation_input_integer function Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-04-06 17:47:25 +05:30
Ronald Cron	dad02b2bec	tls13: srv: Fix comment Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:32:05 +02:00
Ronald Cron	fe01ec2d57	tls12: srv: Use sizeof() instead of constant Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:32:05 +02:00
Ronald Cron	c564938180	Add downgrade protection mechanism Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:32:05 +02:00
Ronald Cron	e45afd760d	Use specific pointer to loop over proposed cipher suites Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:32:01 +02:00
Ronald Cron	eff5673e09	Improve and align variable names for supported versions data Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	3bd2b02486	Check for TLS 1.3 version first Check for TLS 1.3 version first when parsing the supported versions extension as it is the most likely version. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	b828c7d3de	Fix, improve and add comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	097ba146e7	tls: srv: Set hybrid TLS 1.2/1.3 as default configuration Set hybrid TLS 1.2/1.3 as default server configuration if both TLS 1.2 and TLS 1.3 are enabled at build time. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	3b35455a69	tls: srv: Allow server hybrid TLS 1.2 and 1.3 configuration Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	6291b23080	tls: Add logic in handshake step to enable server version negotiation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	8a12aeec93	tls: Initialize SSL context tls_version in mbedtls_ssl_setup() Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	5af4c7f0e2	tls13: srv: Add detection to negotiate TLS 1.2 Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	8c527d0be8	tls13: srv: Parse supported versions extension early Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	2f16b4ec66	tls13: srv: Postpone cipher suite selection Postpone TLS 1.3 cipher suite selection when we are sure we negotiate the version 1.3 of the protocol. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	cada410365	tls13: srv: Postpone legacy session id copy To avoid doing it twice in case we eventually negotiate the version 1.2 of the protocol, postpone the copy of the legacy session id. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	d540d995b2	tls13: srv: Postpone client random copy To avoid doing it twice in case we eventually negotiate the version 1.2 of the protocol, postpone the copy of the client random bytes. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	6458239b36	tls13: srv: Move TLS version setting When parsing the ClientHello message, move the setting of the TLS version to TLS 1.3 after the computation of the end of the list of cipher suites. At that point we are able to compute the address and end address of the list of extensions and thus able to search and parse the supported_versions extension to select which version of the TLS protocol we are going to negotiate. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	47dce630f4	tls13: Add function to search for a supported_versions extension Move in a dedicated function the search for the supported_versions extension in a list of extensions, to be able to use it on server side as well. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:17 +02:00
Minos Galanakis	00bd8925a7	bignum: Removed merge scaffolding. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-04-05 16:13:11 +01:00
Przemek Stekiel	725688b143	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 22:49:44 +02:00
Przemek Stekiel	294ec1274d	Remove redundant memory relase for authorityCertIssuer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	21903ec860	Fix after rebase Handle manually functions that have been moved to different locations. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	4f3e7b934e	Fix parsing of authorityCertIssuer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	75653b1df0	Add indication of extension error while parsing authority/subject key id Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	6ec839a1f9	x509_get_authority_key_id: add length check + test Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	3520fe6fda	Use MBEDTLS_ERROR_ADD() and tag macros Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	8a13866f65	Remove parsing of rfc822Name Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	a2939e8728	Remove duplicated function Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	9a511c5bdf	Rename back mbedtls_x509_parse_general_name->mbedtls_x509_parse_subject_alt_name Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	db323aa241	Fix Subject Key Identifier, Authority Key Identifier entries in oid_x509_ext Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	62d8f84be2	Adapt mbedtls_x509_crt_free after rebase Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
toth92g	9232e0ad84	Adding some comments for easier understand Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:28 +02:00
toth92g	8d435a0c8b	Renaming x509_get_subject_alt_name to x509_get_general_names and mbedtls_x509_parse_subject_alt_name to mbedtls_x509_parse_general_name so they can be used not only to collect subject alt name, but the V3 authority cert issuer that is also GeneralName type. Also updated the x509_get_general_names function to be able to parse rfc822Names Test are also updated according these changes. Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:28 +02:00
toth92g	d96027acd2	Correcting documentation issues: - Changelog entry is Feature instead of API Change - Correcting whitespaces around braces - Also adding defensive mechanism to x509_get_subject_key_id to avoid malfunction in case of trailing garbage Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:27 +02:00
toth92g	a41954d0cf	Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions. Updating mbedtls_x509_crt_free function to also free the new dynamic elements (issuer field of AuthorityKeyId). A few tests are also added which test the feature with a correct certificate and multiple ones with erroneous ASN1 tags. Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:27 +02:00
Janos Follath	13c73de6de	Merge pull request #6233 from tom-cosgrove-arm/issue-6226-core-mul Bignum: extract core_mul from the prototype	2023-04-04 13:36:22 +01:00
Ronald Cron	219f978097	Merge pull request #7059 from ronald-cron-arm/psa-crypto-misc PSA cryptography miscellaneous	2023-04-04 10:54:03 +02:00
Valerio Setti	98680fc2ed	ecp: revert changes to ECP module and test suite Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-04 10:22:59 +02:00
Valerio Setti	8eb552647f	pk_wrap: fix sizing for private key buffer Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-04 10:20:53 +02:00
Gabor Mezei	d62605126d	Fix documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-04-03 17:32:55 +02:00
Valerio Setti	0fe1ee27e5	pk: add an alternative function for checking private/public key pairs Instead of using the legacy mbedtls_ecp_check_pub_priv() function which was based on ECP math, we add a new option named eckey_check_pair_psa() which takes advantage of PSA. Of course, this is available when MBEDTLS_USE_PSA_CRYPTO in enabled. Tests were also fixed accordingly. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-03 15:00:21 +02:00
Gabor Mezei	6f182c33a8	Fix documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-31 16:17:06 +02:00
Tom Cosgrove	6af26f3838	Tidy up, remove MPI_CORE(), apply the naming convention, and use the new mbedtls_mpi_core_mul() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-31 16:16:00 +02:00
Hanno Becker	4ae890bbd0	Extract MPI_CORE(mul) from the prototype Signed-off-by: Hanno Becker <hanno.becker@arm.com> Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-31 16:10:34 +02:00
Dave Rodgman	b8f5ba826b	Merge pull request #6891 from yuhaoth/pr/add-milliseconds-platform-function Add milliseconds platform time function	2023-03-31 11:47:37 +01:00
Ronald Cron	afbc7eda65	psa: Introduce PSA crypto core common symbols When compiling some PSA core files of the PSA cryptography repository, both the Mbed TLS library and the PSA cryptography core common.h are included and if they define the same inline functions (same name), the compilation fails. Thus, inline functions prefixed by psa_crypto_ instead of mbedtls_ are defined in the PSA cryptography core common.h header. To ease the maintenance of the PSA cryptography repository, introduce those symbols in Mbed TLS as well and use them in PSA crypto core code files instead of their Mbed TLS equivalent. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:07:57 +02:00
Ronald Cron	e6e6b75ad3	psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option The support for the PSA crypto driver interface is not optional anymore as the implementation of the PSA cryptography interface has been restructured around the PSA crypto driver interface (see psa-crypto-implementation-structure.md). There is thus no purpose for the configuration options MBEDTLS_PSA_CRYPTO_DRIVERS anymore. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:07:54 +02:00
Ronald Cron	fe8e135816	psa: Remove unnecessary headers Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:01:45 +02:00
Paul Elliott	03d557db35	Merge pull request #6900 from AndrzejKurek/san-dirname Add support for directoryName subjectAltName	2023-03-30 18:37:26 +01:00
Janos Follath	54118a1720	Merge pull request #7352 from gabor-mezei-arm/6349_fix_merge Remove obsolete ecp_fix_negative function	2023-03-30 14:48:13 +01:00
Andrzej Kurek	5f0c6e82fb	Add missing deallocation of subject alt name Since mbedtls_x509_get_name allocates memory when parsing a directoryName, deallocation has to be performed if anything fails in the meantime. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:40:38 -04:00
Andrzej Kurek	bf8ccd8109	Adjust error reporting in x509 SAN parsing Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:03:01 -04:00
Andrzej Kurek	d40c2b65a6	Introduce proper memory management for SANs DirectoryName parsing performs allocation that has to be handled. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:03:01 -04:00
Andrzej Kurek	e12b01d31b	Add support for directoryName subjectAltName Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:03:01 -04:00
Gabor Mezei	df9c029dd5	Remove obsolete ecp_fix_negative function Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-28 18:43:07 +02:00
Valerio Setti	46423164c1	tls12_client: remove unnecessary parentheses Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:48 +02:00
Valerio Setti	77a904c761	ssl: remove useless guard Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:48 +02:00
Valerio Setti	9affb73e44	psa_crypto: fix guard for mbedtls_ecc_group_of_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:47 +02:00
Valerio Setti	1fa5c56863	ssl_tls: fix guard symbols for EC accelerated tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:47 +02:00
Gabor Mezei	514806bbe9	Add a second round of carry reduction for P192 fast reduction The first round of carry reduction can generate a carry so a second round is needed. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-28 15:09:34 +02:00
Paul Elliott	f04848cc3b	Revert "Add generated files" This reverts commit `df2b5da57f`. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-27 21:20:52 +01:00
Paul Elliott	d01a3bca05	Merge tag 'v3.4.0' into mbedtls-3.4.0_mergeback Mbed TLS 3.4.0	2023-03-27 18:09:49 +01:00
Janos Follath	445c3bfcac	Merge pull request #7222 from minosgalanakis/bignum/6851_extract_Secp384r1_fast_reduction Bignum: Extract secp384r1 fast reduction from the prototype	2023-03-27 16:56:30 +01:00
Valerio Setti	ab9dc667ff	psa_util: fix for correctly computing elements in array Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-27 11:25:10 -04:00
Gabor Mezei	2f73edbbc4	Prevent mpi_mod_write from corrupting the input Allocate a working buffer to store the converted value needed for the mpi_mod_write function. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-27 15:53:14 +02:00
Manuel Pégourié-Gonnard	93302422fd	Fix instances of old feature macros being used sed -i -f md.sed include/mbedtls/ssl.h library/hmac_drbg.c programs/pkey/.c programs/x509/.c tests/scripts/generate_pkcs7_tests.py tests/suites/test_suite_random.data Then manually revert programs/pkey/ecdsa.c as it's using a low-level hash API. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	4011eb49dc	Fix entropy-related feature macros Was causing testing disparities picked by analyze_outcomes.py Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	5cd4b6403b	Use MD-light in entropy.c Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Przemek Stekiel	256c75df90	Fix signed/unsigned comparison (windows compilation failure) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-23 14:09:34 +01:00
Przemek Stekiel	b175b146a2	Remove driver_pake_get_role function Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-23 13:37:18 +01:00
Przemek Stekiel	e80ec0a9af	Adapt J-PAKE built-in impl to use user/peer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-23 13:37:12 +01:00
Minos Galanakis	f9fca53cb4	ecp_curves: Updated ecp_mod_p384_raw documentation Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-03-23 12:17:17 +00:00
Paul Elliott	df2b5da57f	Add generated files Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-23 10:58:43 +00:00
Paul Elliott	db67e99bbf	Bump library, libcrypto and libx509 versions Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-23 10:57:39 +00:00
Valerio Setti	226f9b903f	ssl_tls: fix guard in ssl_misc.h Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-23 09:28:51 +01:00
Pengyu Lv	5038a38695	ssl_cache: Return standard mbedtls error code Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-23 15:53:43 +08:00
Przemek Stekiel	656b2595fb	psa_pake_input: validate buffer size using PSA_PAKE_INPUT_SIZE Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-23 08:05:52 +01:00
Minos Galanakis	68d64a10b6	ecp_curves: Re-introduced `mbedtls_ecp_fix_negative()` This patch re-introduces `mbedtls_ecp_fix_negative` and appropriately adjusts its' define guards. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-03-22 11:28:15 +00:00
Valerio Setti	080a22ba75	ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	0c8ec3983e	ssl_tls: fix proper guards for accelerated ECDH Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	90df310d89	ssl_tls13: fix guards for accel ECDH These changes fix all failures found in test_suite_ssl Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Przemek Stekiel	1f778bcfd8	EC-JPAKE: remove limitation for user/peer (alow any value) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-22 09:52:08 +01:00
Minos Galanakis	37f4cb6d0e	ecp_curves: Minor rework for p384 This patch adjusts formatting, documentation and testing. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-03-21 15:46:50 +00:00
Minos Galanakis	6fb105fb2e	ecp_curves: Ported prototypes Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-03-21 15:41:26 +00:00
Paul Elliott	f1eb5e2a04	Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-21 15:35:17 +00:00
Manuel Pégourié-Gonnard	7224086ebc	Remove legacy_or_psa.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Manuel Pégourié-Gonnard	bef824d394	SSL: use MD_CAN macros Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Manuel Pégourié-Gonnard	a946489efd	X.509: use MD_CAN macros Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	ebef58d301	OID + misc crypto: use MD_CAN and fix failures After this, only PK, X.509 and TLS remain to be done. Deterministic uses HMAC-DRBG which uses MD, so it needs crypto_init() when using a driver-only hash. Also, remove a special-purpose macro that's no longer needed. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	a5f04621bd	PKCS5: use MD_CAN macros sed -i -f md.sed library/pkcs5.c tests/suites/test_suite_pkcs5* include/mbedtls/pkcs5.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	49e67f814f	PKCS5: always use MD As a consequence, MD_C is now enabled in component accel_hash_use_psa. Fix guards in X.509 info function to avoid this causing a failure now. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	c1f10441e0	RSA: use MD_CAN macros sed -i -f md.sed library/rsa.c tests/suites/test_suite_rsa* include/mbedtls/rsa.h tests/suites/test_suite_pkcs1_v* Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	fb8d90a2db	RSA: always use MD light Note: already auto-enabled in build_info.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	52d02a85d3	PEM: use MD_CAN macros sed -i -f md.sed library/pem.c tests/suites/test_suite_pem* include/mbedtls/pem.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	1c2008fa37	PEM: always use MD light Note: PEM_PARSE already auto-enables MD_LIGHT in build_info.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	be97afe5d4	PKCS12: always use MD light Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	b2eb1f7456	ECJPAKE: use MD_CAN macros sed -i -f md.sed \ library/ecjpake.c \ include/medtls/ecjpake.h \ tests/suites/test_suite_ecjpake.* With md.sed as follows: s/\bMBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_MD5_C\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_RIPEMD160_C\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_SHA1_C\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_SHA224_C\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_SHA256_C\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_SHA384_C\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_SHA512_C\b/MBEDTLS_MD_CAN_SHA512/g Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	41bc8b6b1e	ECJPAKE: always use MD light This enables access to all available hashes, instead of the previous situation where you had to choose by including MD_C or not. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	e0e161b54a	Merge pull request #7296 from valeriosetti/issue7253-part1 driver-only ECDH: enable ECDH-based TLS 1.2 key exchanges -- part 1	2023-03-21 16:09:02 +01:00
Dave Rodgman	3543806026	Merge pull request #7190 from yanrayw/6197_rsa_get_padding_hashID RSA: provide interface to retrieve padding mode and hash_id	2023-03-20 18:34:53 +00:00
Dave Rodgman	d3b6e92967	Merge pull request #997 from gilles-peskine-arm/aesni-intrinsics Implement AESNI with intrinsics	2023-03-20 18:20:51 +00:00
Dave Rodgman	c5807a6fa8	Merge pull request #6918 from yuhaoth/pr/add-gcm-with-armv8-crypto-extension Add GCM with armv8 crypto extension	2023-03-20 14:45:14 +00:00
Valerio Setti	5d1f29e700	ssl_tls: fix guards for accelerated ECDH Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-20 14:02:07 +01:00
Manuel Pégourié-Gonnard	c9ef476431	Merge pull request #7192 from joerchan/psa-update-mbedtls psa_crypto: Fix psa_key_derivation_output_key ECC without builtin keys	2023-03-20 09:47:07 +01:00
Manuel Pégourié-Gonnard	14c194aae9	Merge pull request #7271 from mpg/use-md-light Use md light	2023-03-20 09:01:16 +01:00
Dave Rodgman	f918d42332	Tidy up ARMCE terminology Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-17 17:52:23 +00:00
Gilles Peskine	36b9e47eed	Fix preprocessor conditional This was intended as an if-else-if chain. Make it so. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-17 17:31:18 +01:00
Gilles Peskine	30e9f2a293	Finish sentence in comment Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-17 17:29:58 +01:00
Manuel Pégourié-Gonnard	3831637e85	Handle dependency on ECP_C in ECC KDF Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-17 15:21:26 +01:00
Joakim Andersson	bb576febb2	psa_crypto: Fix psa_key_derivation_output_key ECC without builtin keys Fix psa_key_derivation_output_key not being able to derive ECC keys without MBEDTLS_BUILTIN ECC key types enabled. The PSA crypto drivers can generate these keys without requiring the builtin key types. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>	2023-03-17 15:21:26 +01:00
Yanray Wang	d41684e8bc	rsa.c: rename getter function of hash_id Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-03-17 18:57:42 +08:00
Dave Rodgman	0e2b06a1ce	Merge pull request #7083 from KloolK/record-size-limit/parsing Add parsing for Record Size Limit extension in TLS 1.3	2023-03-17 10:18:34 +00:00
Paul Elliott	9f02a4177b	Merge pull request #7009 from mprse/csr_write_san Added ability to include the SubjectAltName extension to a CSR - v.2	2023-03-17 10:07:27 +00:00
Manuel Pégourié-Gonnard	b33ef74d44	Use MD_LIGHT, not sha1.h, in RSA selftest Same note as previous commit regarding guards. Note that we could auto-enable MD_LIGHT only when SELF_TEST is defined, and even only when SHA1_C is defined too, but somewhere down the line we'll want to auto-enable it for the sake of other RSA function (not in selftest and could use any hash), so there's little point in optimizing the temporary condition, let's use the simple one upfront. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-17 09:43:28 +01:00
Manuel Pégourié-Gonnard	8316209c02	Use MD_LIGHT rather than md5.h in pem.c But, for now, still guard things with MBEDTLS_MD5_C, as md.c can only compute MD5 hashes when MBEDTLS_MD5_C is defined. We'll change the guards once that has changed. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-17 09:43:27 +01:00
Manuel Pégourié-Gonnard	ec000c1a00	Merge pull request #7242 from mpg/md-dispatch-psa Implement MD dispatch to PSA	2023-03-17 09:42:40 +01:00
Janos Follath	c18cd0c8e6	Merge pull request #7230 from gabor-mezei-arm/6850_Secp256r1_fast_reduction Extract Secp256r1 fast reduction from the prototype	2023-03-16 19:43:25 +00:00
Gilles Peskine	9c682e724a	AESNI: Overhaul implementation selection Have clearly separated code to: * determine whether the assembly-based implementation is available; * determine whether the intrinsics-based implementation is available; * select one of the available implementations if any. Now MBEDTLS_AESNI_HAVE_CODE can be the single interface for aes.c and aesni.c to determine which AESNI is built. Change the implementation selection: now, if both implementations are available, always prefer assembly. Before, the intrinsics were used if available. This preference is to minimize disruption, and will likely be revised in a later minor release. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 17:21:33 +01:00
Gilles Peskine	0de8f853f0	Clean up AES context alignment code Use a single auxiliary function to determine rk_offset, covering both setkey_enc and setkey_dec, covering both AESNI and PADLOCK. For AESNI, only build this when using the intrinsics-based implementation, since the assembly implementation supports unaligned access. Simplify "do we need to realign?" to "is the desired offset now equal to the current offset?". Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 17:14:59 +01:00
Dave Rodgman	3ac99fdf07	Merge pull request #7301 from gilles-peskine-arm/msan-explicit_bzero Fix Msan failure with explicit_bzero	2023-03-16 14:55:18 +00:00
Gilles Peskine	0f454e4642	Use consistent guards for padlock code The padlock feature is enabled if ``` defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) ``` with the second macro coming from `padlock.h`. The availability of the macro `MBEDTLS_PADLOCK_ALIGN16` is coincidentally equivalent to `MBEDTLS_HAVE_X86` but this is not meaningful. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 14:58:46 +01:00
Dave Rodgman	680dbd46ae	Merge pull request #7270 from DemiMarie/oid-fix Fix segfault in mbedtls_oid_get_numeric_string	2023-03-16 12:21:36 +00:00
Gilles Peskine	148cad134a	Fix unaligned access if the context is moved during operation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 13:08:42 +01:00
Gilles Peskine	d0185f78c0	Fix typo in comment Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 13:08:18 +01:00
Gilles Peskine	0cd9ab7107	Fix code style Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 13:06:14 +01:00
Gilles Peskine	a8d2ff3fdf	Fix Msan failure with explicit_bzero On some platforms, including modern Linux, Clang with Msan does not recognize that explicit_bzero() writes well-defined content to its output buffer. For us, this causes CMAC operations to fail in Msan builds when mbedtls_platform_zeroize() is implemented over explicit_bzero(). Fix this. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 10:53:46 +01:00
Manuel Pégourié-Gonnard	f48b1f810e	Rename internal function to something clearer Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:48:20 +01:00
Manuel Pégourié-Gonnard	39a376a417	Finish removing HMAC from MD-light Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard	9b14639342	Dispatch according to init status. We shouldn't dispatch to PSA when drivers have not been initialized yet. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard	7abdf7eee5	Add utility function to check for drivers init This will be used in the next commit. While at it, move driver initialization before RNG init - this will be handy when the entropy module wants to use drivers for hashes. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard	d8ea37f1a3	Add engine field to context structure For multi-part operations, we want to make the decision to use PSA or not only once, during setup(), and remember it afterwards. This supports the introduction, in the next few commits, of a dynamic component to that decision: has the PSA driver sub-system been initialized yet? Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:50 +01:00
Gilles Peskine	12612e5ab4	Implement md over PSA When MBEDTLS_MD_xxx_VIA_PSA is enabled (by mbdetls/md.h), route calls to xxx over PSA rather than through the built-in implementation. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com> Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:50 +01:00
Gilles Peskine	83d9e09b15	Switch metadata functions to the PSA-aware availability symbols Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com> Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:50 +01:00
Pengyu Lv	b1895899f1	ssl_cache: Improve some comments Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-16 14:33:28 +08:00
Demi Marie Obenour	889534a4d2	Fix segfault in mbedtls_oid_get_numeric_string When passed an empty OID, mbedtls_oid_get_numeric_string would read one byte from the zero-sized buffer and return an error code that depends on its value. This is demonstrated by the test suite changes, which check that an OID with length zero and an invalid buffer pointer does not cause Mbed TLS to segfault. Also check that second and subsequent subidentifiers are terminated, and add a test case for that. Furthermore, stop relying on integer division by 40, use the same loop for both the first and subsequent subidentifiers, and add additional tests. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-03-16 01:06:41 -04:00
Jerry Yu	f52078f5a1	fix win32 ms time fail `GetSystemTimeAsFileTime` returns 100 nano seconds elapsed time, not 100 micro seconds. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-16 11:23:19 +08:00
Gilles Peskine	dde3c6532e	Fix MSVC portability MSVC doesn't have _mm_storeu_si64. Fortunately it isn't really needed here. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 23:16:27 +01:00
Gilles Peskine	dafeee4814	Improve variable names To some extent anyway. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 21:47:40 +01:00
Tom Cosgrove	02edb7546f	Get aesni.c compiling with Visual Studio Clang is nice enough to support bitwise operators on __m128i, but MSVC isn't. Also, __cpuid() in MSVC comes from <intrin.h> (which is included via <emmintrin.h>), not <cpuid.h>. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-15 21:47:40 +01:00
Gilles Peskine	d671917d0d	AESNI: add implementation with intrinsics As of this commit, to use the intrinsics for MBEDTLS_AESNI_C: * With MSVC, this should be the default. * With Clang, build with `clang -maes -mpclmul` or equivalent. * With GCC, build with `gcc -mpclmul -msse2` or equivalent. In particular, for now, with a GCC-like compiler, when building specifically for a target that supports both the AES and GCM instructions, the old implementation using assembly is selected. This method for platform selection will likely be improved in the future. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 20:47:59 +01:00
Gilles Peskine	7e67bd516d	AES, GCM selftest: indicate which implementation is used Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 20:47:59 +01:00
Gilles Peskine	9af58cd7f8	New preprocessor symbol indicating that AESNI support is present The configuration symbol MBEDTLS_AESNI_C requests AESNI support, but it is ignored if the platform doesn't have AESNI. This allows keeping MBEDTLS_AESNI_C enabled (as it is in the default build) when building for platforms other than x86_64, or when MBEDTLS_HAVE_ASM is disabled. To facilitate maintenance, always use the symbol MBEDTLS_AESNI_HAVE_CODE to answer the question "can I call mbedtls_aesni_xxx functions?", rather than repeating the check `defined(MBEDTLS_AESNI_C) && ...`. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 19:38:37 +01:00
Gilles Peskine	4e20144882	Improve the presentation of assembly blocks Uncrustify indents ``` asm("foo" HELLO "bar" "wibble"); ``` but we would like ``` asm("foo" HELLO "bar" "wibble"); ``` Make "bar" an argument of the macro HELLO, which makes the indentation from uncrustify match the semantics (everything should be aligned to the same column). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-15 19:36:03 +01:00
Gilles Peskine	2a44ac245f	Merge pull request #7217 from lpy4105/issue/6840/add-cache-entry-removal-api ssl_cache: Add cache entry removal api	2023-03-15 15:38:06 +01:00
Jan Bruckner	1a38e54436	Changes from 2nd review Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-15 14:15:11 +01:00
Jerry Yu	205a741307	change the clock source to MONOTONIC We need a non-settable source to avoid security issues. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-15 18:59:19 +08:00
Jan Bruckner	a0589e75a0	Changes from review Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-15 11:04:45 +01:00
Yanray Wang	644b901a4c	rsa.c: remove MBEDTLS_PRIVATE Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-03-15 16:50:37 +08:00
Yanray Wang	83548b5c10	fix inappropriate description for function in RSA Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-03-15 16:49:52 +08:00
Yanray Wang	12cb39661c	rsa.c: provide interface to get hash_id of RSA context Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-03-15 16:42:48 +08:00
Yanray Wang	a730df6f86	rsa.c: provide interface to get padding mode of RSA context Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-03-15 16:42:26 +08:00
Manuel Pégourié-Gonnard	18336dace2	Merge pull request #7196 from mprse/ecjpake-driver-dispatch-peer-user EC J-PAKE: partial fix for role vs user+peer	2023-03-15 09:37:30 +01:00
Jerry Yu	be4fdef513	fix comment issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-15 14:50:42 +08:00
Pengyu Lv	0b9c012f21	ssl_cache: return the error code for mutex failure Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-15 14:37:32 +08:00
Pengyu Lv	744b507866	ssl_cache: use auxiliary function to zeroize cache entry This commit introduce a auxiliary function to zeroize the cache entry, especially the session structure. The function is called wherever we need to free the entry. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-15 12:17:14 +08:00
Jerry Yu	8f81060517	Replace `median` with `middle Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-15 09:58:34 +08:00
Jerry Yu	f0526a9ad0	fix grammar issue in comment Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-15 09:58:34 +08:00
Jerry Yu	49b4367eee	fix comment issue The algorithm is not karatsuba multiplication. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-15 09:58:33 +08:00
Jerry Yu	1ac7f6b09d	Improve readability Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-15 09:58:33 +08:00
Jerry Yu	132d0cb74d	Add miss intrinsic by gcc-5.x Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-15 09:58:29 +08:00
Jerry Yu	2c26651938	Improve comments for key expansion Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-15 09:57:37 +08:00
Jerry Yu	df87a12c81	Add GCM support Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-15 09:57:32 +08:00
Dave Rodgman	e59c46e161	Merge pull request #7278 from daverodgman/aesce-macro-name-tidyup	2023-03-14 20:33:31 +00:00
Dave Rodgman	4a1d3beaee	Merge pull request #7229 from tom-cosgrove-arm/static-assert	2023-03-14 16:57:38 +00:00
Dave Rodgman	db6ab247fc	Improve macro naming Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-14 16:03:57 +00:00
Dave Rodgman	023c8853ac	Merge pull request #7203 from yuhaoth/pr/add-cpu-modifier-for-aesce Add CPU modifier for AESCE	2023-03-14 15:58:57 +00:00
Tom Cosgrove	57f04b81a0	Have MBEDTLS_STATIC_ASSERT() match current development more closely Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-14 12:03:47 +00:00
Przemek Stekiel	c0e6250ff9	Fix documentation and tests Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-14 11:49:36 +01:00
Gilles Peskine	215ecd0439	Merge pull request #7252 from daverodgman/enable_pkcs7 Enable PKCS 7	2023-03-14 10:39:50 +01:00
Jan Bruckner	151f64283f	Add parsing for Record Size Limit extension in TLS 1.3 Fixes #7007 Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-14 08:41:25 +01:00
Jan Bruckner	5a3629b613	Fix debug print of encrypted extensions Perform debug print of encrypted extensions buffer only after the buffer length was checked successfully Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-14 08:41:25 +01:00
Jerry Yu	ec9be84ae6	skip pragma when cpu modifier has been set Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-14 10:42:47 +08:00
Jerry Yu	b28d55b242	fix wrong typo and indent issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-14 10:36:47 +08:00
Paul Elliott	e4622a3436	Merge remote-tracking branch 'development/development' into development-restricted Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-13 17:49:32 +00:00
Przemek Stekiel	fde112830f	Code optimizations and documentation fixes Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-13 16:28:27 +01:00
Dave Rodgman	efbc5f7322	Update wording in comments Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-13 12:15:49 +00:00
Dave Rodgman	756b028511	Merge pull request #7171 from daverodgman/pr5527 Fix undefined behavior in ssl_read if buf parameter is NULL	2023-03-13 10:46:29 +00:00
Jerry Yu	6f86c19d62	Improve readability for compiler version check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-13 11:03:40 +08:00
Jerry Yu	02487a2123	Rename target option flag macro Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-13 10:19:35 +08:00
Jerry Yu	77a010e3b3	Remove the max version limitation for clang workaround Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-13 10:19:35 +08:00
Jerry Yu	490bf08dd9	fix comment issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-13 10:19:34 +08:00
Jerry Yu	7b4d9da08c	fix wrong clang version check. Both inline assembly and intrinsic need pragma Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-13 10:19:34 +08:00
Jerry Yu	ae129c3a20	Add new feature test macros Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-13 10:19:34 +08:00
Jerry Yu	48b999cd6e	Add cpu modifiers for aesce.c Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-13 10:19:31 +08:00
Przemek Stekiel	f309d6b7fb	Fix peer user mismatch after rebase Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-12 16:59:28 +01:00
Przemek Stekiel	18cd6c908c	Use local macros for j-pake slient/server strings Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-12 16:59:28 +01:00
Przemek Stekiel	aa1834254e	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-12 16:59:28 +01:00
Przemek Stekiel	09104b8712	rework psa_pake_set_role to be consistent with requirements and adapt tests Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-12 16:59:28 +01:00
Przemek Stekiel	d7f6ad7bc8	Minor fixes (comments, cleanup) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-12 16:59:28 +01:00
Gilles Peskine	d0f9b0bacc	Don't warn about Msan/Valgrind if AESNI isn't actually built The warning is only correct if the assembly code for AESNI is built, not if MBEDTLS_AESNI_C is activated but MBEDTLS_HAVE_ASM is disabled or the target architecture isn't x86_64. This is a partial fix for #7236. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-10 22:28:25 +01:00
Gilles Peskine	d4f31c87d1	Update bibliographic references There are new versions of the Intel whitepapers and they've moved. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-10 22:21:47 +01:00
Przemek Stekiel	55ceff6d2f	Code optimization and style fixes Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-10 14:36:16 +01:00
Przemek Stekiel	4cd20313fe	Use user/peer instead role in jpake TLS code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-10 09:18:03 +01:00
Przemek Stekiel	1e7a927118	Add input getters for jpake user and peer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-10 09:18:03 +01:00
Przemek Stekiel	26c909d587	Enable support for user/peer for JPAKE This is only partial support. Only 'client' and 'server' values are accepted for peer and user. Remove support for role. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-10 09:18:02 +01:00
Gilles Peskine	4da92832b0	Merge pull request #7117 from valeriosetti/issue6862 driver-only ECDSA: enable ECDSA-based TLS 1.2 key exchanges	2023-03-09 20:49:44 +01:00
Dave Rodgman	bf4016e5d5	Merge pull request #6567 from mprse/ecjpake-driver-dispatch	2023-03-09 19:23:05 +00:00
Przemek Stekiel	42510a91c4	Use for loop instead while loop Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-09 14:04:17 +01:00
Gabor Mezei	e4710ae9ed	Add and fix comments Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-09 13:43:02 +01:00
Dave Rodgman	5e5aa4a4e6	Merge pull request #7218 from tom-cosgrove-arm/fix-typos-230307 Fix typos in development prior to release	2023-03-08 17:19:59 +00:00
Dave Rodgman	51b62ef23d	Merge pull request #7228 from tom-cosgrove-arm/fix-alignment.h-on-32-bit-systems Fix mbedtls_bswap64() on 32-bit systems	2023-03-08 17:19:29 +00:00
Manuel Pégourié-Gonnard	913d9bb921	Merge pull request #7162 from valeriosetti/issue7055 Legacy MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C dependencies in test_suite_psa_crypto	2023-03-08 17:07:19 +01:00
Valerio Setti	75fba32cb3	ssl: use new macros for ECDSA capabilities Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-08 16:47:28 +01:00
Manuel Pégourié-Gonnard	289e5baa83	Merge pull request #7082 from valeriosetti/issue6861 driver-only ECDSA: add ssl-opt.sh testing with testing parity	2023-03-08 16:45:38 +01:00
Gabor Mezei	d1f16b937e	Add documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-08 15:26:32 +01:00
Tom Cosgrove	6ef9bb3d74	Implement and use MBEDTLS_STATIC_ASSERT() Fixes #3693 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-08 14:19:51 +00:00
Tom Cosgrove	bbe166e721	Fix mbedtls_bswap64() on 32-bit systems Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-08 13:23:24 +00:00
Gabor Mezei	716447ff32	Fix limb size calculation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-08 14:09:51 +01:00
Gabor Mezei	ed1acf642c	Apply naming conventions Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-08 14:09:50 +01:00
Gabor Mezei	5221c04b92	Change the p256_raw fuction to be testable Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-08 14:09:50 +01:00
Gabor Mezei	ab6ac91a0a	Extract Secp256r1 from the prototype Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-08 14:09:50 +01:00
Tom Cosgrove	c15a2b949d	Update the text about gcc5 support for Armv8 CE Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-08 12:55:48 +00:00
Przemek Stekiel	07c5ea348c	Add check for buffer overflow and fix style. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-08 13:31:19 +01:00
Valerio Setti	733de595e3	psa_crypto_rsa: remove PK_WRITE_C in psa_rsa_export_key Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-08 11:03:09 +01:00
Valerio Setti	73a218513b	psa_crypto_rsa: add comment/explanation for residual PK_WRITE_C guard Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-08 11:03:09 +01:00
Przemek Stekiel	691e91adac	Further pake code optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-08 09:54:00 +01:00
Gilles Peskine	a2fc399f57	Merge pull request #6829 from AndrzejKurek/unify-psa-errors Unify PSA to Mbed TLS error translation	2023-03-07 19:55:44 +01:00
Gilles Peskine	12e3c8e019	Merge pull request #7168 from mpg/use-md Use MD (not low-level hash interface) in X.509 and TLS	2023-03-07 19:55:12 +01:00
Valerio Setti	2f1d967643	ssl: fix included pk header file Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-07 18:14:34 +01:00
Tom Cosgrove	503d71769c	Enable explicit_bzero() on OpenBSD Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-07 12:51:11 +00:00
Tom Cosgrove	5c8505f061	Fix typos Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-07 11:39:52 +00:00
Janos Follath	fe780a3c4b	Merge pull request #7184 from gabor-mezei-arm/6349_Secp224r1_fast_reduction Extract Secp224r1 fast reduction from the prototype	2023-03-07 10:57:58 +00:00
Przemek Stekiel	57580f2539	Use proper enum types for pake state/sequence/step Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-07 10:50:09 +01:00
Przemek Stekiel	4aa99403f4	Fix configuration for accelerated jpake Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-07 10:50:09 +01:00
Przemek Stekiel	4dc83d40af	Add check for pake operation buffer overflow Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-07 10:50:00 +01:00
Pengyu Lv	7b6299b49b	ssl_cache: Add an interface to remove cache entry by session id Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-07 15:00:22 +08:00
Przemek Stekiel	e3ef3a15cd	Further pake code optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-06 17:24:32 +01:00
Gabor Mezei	97803abd2a	Update comment Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-06 16:32:16 +01:00
Manuel Pégourié-Gonnard	947cee18a1	Fix memory leak. The function reset_checksum() can be called more than once with the same handshake context (this happens with DTLS clients, and perhaps in other cases as well). When that happens, we need to free the old MD contexts before setting them up again. Note: the PSA path was already doing the right thing by calling abort, we just needed to do the same on the MD path. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-06 11:59:59 +01:00
Manuel Pégourié-Gonnard	228a30d16c	Merge pull request #7120 from mpg/md-light Define "MD light" subset of MD	2023-03-06 11:02:19 +01:00
Dave Rodgman	4693fd9e9e	Merge pull request #7173 from daverodgman/zeroize-platform Use platform-provided secure zeroization	2023-03-06 09:16:12 +00:00
Pol Henarejos	f61d6c0a2b	Merge branch 'development' into sha3	2023-03-04 00:03:06 +01:00
Dave Rodgman	b0d96a23a9	Remove not-needed EABI exclusion Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-03 17:06:09 +00:00
Dave Rodgman	45cef61fa4	Merge branch 'development' into md-light Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-03 14:28:13 +00:00
Przemek Stekiel	57207711d8	Add MBEDTLS_ASN1_CHK_CLEANUP_ADD macro to be able to release memory on failure Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-03 12:58:29 +01:00
Przemek Stekiel	5a49d3cce3	Replace mbedtls_x509_san_node with mbedtls_x509_subject_alternative_name Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-03 12:58:11 +01:00
Przemek Stekiel	f40de93b1a	Remove redundant variable Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-03 12:58:10 +01:00
Andrzej Kurek	270b3f9790	Rename error_pair_t to mbedtls_error_pair_t Required by our coding standards. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:54:13 -05:00
Andrzej Kurek	daf5b56b02	Translate to MD errors in ssl-tls.c With the introduction of #7047, ssl_tls.c uses mbedtls_md_error_from_psa. This complicates the dependencies for compiling in psa_to_md_errors, since now these should be ifdeffed also by MBEDTLS_USE_PSA_CRYPTO followed by a series of or'ed MBEDTLS_HAS_ALG_SHA_XXX_VIA_MD_OR_PSA_BASED_ON_USE_PSA. Since this mechanism will be removed soon, we can simplify it to just MBEDTLS_USE_PSA_CRYPTO. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:52:28 -05:00
Andrzej Kurek	747ab4ea5e	Introduce error_pair_t to psa utils This way error handling can be written in a cleaner way. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:23:45 -05:00
Andrzej Kurek	138b30ac62	Add missing const qualifiers Also improve documentation Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:23:45 -05:00
Andrzej Kurek	ba24138e0f	Duplicate error logic in pk_wrap deprecated functions GCC 4.6+ complains if a deprecated function calls another. Working around this universally would require a lot of preprocessing, this seems to be an easier solution. Copy mbedtls_pk_error_from_psa code without duplicates instead of calling the function. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:23:45 -05:00
Andrzej Kurek	8a045ce5e6	Unify PSA to Mbed TLS error translation Move all error translation utilities to psa_util.c. Introduce macros and functions to avoid having a local copy of the error translating function in each place. Identify overlapping errors and introduce a generic function. Provide a single macro for all error translations (unless one file needs a couple of different ones). Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:23:44 -05:00
Gilles Peskine	6def41b146	Merge pull request #6932 from yuhaoth/pr/fix-arm64-host-build-and-illegal_instrucion-fail Replace CPU modifier check with file scope target cpu modifiers	2023-03-02 15:36:41 +01:00
Dave Rodgman	528bfa640c	Whitespace fix Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-02 13:54:43 +00:00
Gabor Mezei	aeadc2d731	Apply naming convention Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-03-01 16:53:03 +01:00
Dave Rodgman	6d6a720603	Protect against possible macro redefinition warning Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-01 15:09:40 +00:00
Paul Elliott	d1cddff71a	Merge pull request #7189 from daverodgman/armcc-fix Fix macro redefinition warning from armclang	2023-03-01 11:59:26 +00:00
Gilles Peskine	802ff1b116	Merge pull request #7147 from paul-elliott-arm/interruptible_sign_hash_codestyle_drivers Remove driver entry points for psa_{get\|set}_max_ops()	2023-03-01 10:46:09 +01:00
Dave Rodgman	914c632646	Whitespace Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-01 09:30:14 +00:00
Gabor Mezei	620f0dc850	Fix for 32-bit Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-28 18:42:33 +01:00
Gabor Mezei	08a94953e1	Apply naming convention for p224 Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-28 18:40:57 +01:00
Dave Rodgman	e47899df20	Fix macro redefinition warning from armcc Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-28 17:39:03 +00:00
Gilles Peskine	7e677fa2c5	Merge pull request #6389 from gilles-peskine-arm/ecdsa-use-psa-without-pkwrite Remove pkwrite dependency in pk using PSA for ECDSA	2023-02-28 18:17:16 +01:00
Gilles Peskine	b52b788e55	Merge pull request #6895 from yuhaoth/pr/add-aes-with-armv8-crypto-extension Add AES with armv8 crypto extension	2023-02-28 18:16:37 +01:00
Paul Elliott	6a459f5de5	Merge pull request #7143 from paul-elliott-arm/interruptible_sign_hash_codestyle_wipeout Update psa_wipe_output_buffer() and change name to psa_wipe_tag_output_buffer()	2023-02-28 15:34:06 +00:00
Jerry Yu	608e1093de	Improve comment about conflicts between aesce and sha512-crypto Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-28 12:50:00 +08:00
Paul Elliott	15d7d43904	Pacify Clang 15 Changes for interruptible {sign\|verify} hash were not merged at the time of the previous clang 15 /retval fixes, thus this fixes code added at that time. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-27 17:25:57 +00:00
Gabor Mezei	5afb80e00a	Fix coding style issues Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-27 17:00:34 +01:00
Gabor Mezei	804cfd32ea	Follow the naming convention Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-27 16:50:09 +01:00
Gabor Mezei	bf506361c4	Revert the illustration and remove unnecessary code This reverts commit `73e8553273`. Removes the second round of carry reduction from p224. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-27 16:37:32 +01:00
Gabor Mezei	73e8553273	Add comments to illustrate the second round of carry reduction is unnecessary The first round of carry reduction can not generate a carry thus the secound round is not needed. The comments illustrating when the carry is 1. The reduction is simmetric so the case when the carry is -1 is similar. The illustration is trying to calculate the input value starting with setting the carry to 1 before the second round of the carry reduction. It calculates backwords and tries to determine the value range of each word. It ends up with a contradiction that A10 must have the value of 0 and UINT32_MAX. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-27 16:32:42 +01:00
Gabor Mezei	a835d20cde	Add documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-27 15:58:30 +01:00
Paul Elliott	ac2251dad1	Merge pull request #7076 from mprse/parse_RFC822_name Add parsing of x509 RFC822 name + test	2023-02-27 14:16:13 +00:00
Jerry Yu	fc2e128fc9	Fix grammar issues and remove useless code Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-27 11:16:56 +08:00
Paul Elliott	7118d17df1	Pacify code style checker Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-26 16:57:05 +00:00
Dave Rodgman	096e72959b	Fix case of include header for mingw Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 17:17:35 +00:00
Dave Rodgman	f5e531a87b	Fix code style Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 17:17:15 +00:00
Dave Rodgman	703f805f09	Improve explicit_bzero detection Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 15:19:52 +00:00
Dave Rodgman	fe57a2e008	Remove newlib detection Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 14:16:34 +00:00
Dave Rodgman	82f3de55b2	tidy up brackets Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 14:08:22 +00:00
Dave Rodgman	828ec905db	Improve explicit_bzero detection Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-25 13:32:26 +00:00
Dave Rodgman	f0a0e43053	explicit_bzero is not available on arm-none-eabi Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 19:01:48 +00:00
Dave Rodgman	a6fda16a41	Fix re-definition of __STDC_WANT_LIB_EXT1__ Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 19:00:38 +00:00
Dave Rodgman	8a7d26f12c	Typo fix Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 18:19:24 +00:00
Paul Elliott	dc42ca8a7e	Use psa_wipe_tag_buffer() for MAC and aead code. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-24 18:11:59 +00:00
Dave Rodgman	8b6eded03d	Tidy-up comment Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 18:07:05 +00:00
Paul Elliott	7bc24cc512	Fix typos in documentation. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-24 18:04:16 +00:00
Dave Rodgman	4daca63734	Documentation Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 17:43:00 +00:00
Dave Rodgman	f55182d2bf	Use platform-provided secure zeroization call Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 17:42:43 +00:00
Dave Rodgman	f68402565a	Add corresponding fix for mbedtls_ssl_write Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 15:57:30 +00:00
ashesman	937d6d5eab	Update library/ssl_msg.c Co-authored-by: Gilles Peskine <gilles.peskine@arm.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 15:57:14 +00:00
Ashley Duncan	358f94a71c	Fixed undefined behavior in ssl_read if buf parameter is NULL. Signed-off-by: Ashley Duncan <ashes.man@gmail.com>	2023-02-24 15:53:07 +00:00
Paul Elliott	a16ce9f601	Remove driver entry points for {get\|set}_max_ops(). Move the global variable to the PSA layer, and just set that when calling PSA level functions. Move the internal ecp set to before each ecp call. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-24 14:44:18 +00:00
Manuel Pégourié-Gonnard	02d55d5825	Rename some local variables The name sha512 might have made sense when it was an mbedtls_sha512_context, but now it's weird to see things like mbedtls_md_setup(&sha512, ...MBEDTLS_MD_SHA384...); Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-24 13:31:33 +01:00
Manuel Pégourié-Gonnard	f057ecfedf	Use MD not low-level sha256/512 in TLS Same reasoning as in previous commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-24 13:30:55 +01:00
Manuel Pégourié-Gonnard	2cd751465c	Use MD, not low-level SHA1, in X.509 X.509 already depends on MD_C \|\| USE_PSA_CRYPTO, and this is for the !USE_PSA_CRYPTO branch, so we're free to use MD. This change supports our ability to use MBEDTLS_MD_CAN_xxx macros everywhere in the future, once they have been introduced. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-24 12:37:07 +01:00
Manuel Pégourié-Gonnard	0ac71c0d92	Make debug statement more portable There's little reason for accessing the hash implementation's internal state, its output contains most of the same information. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-24 12:13:55 +01:00
Paul Elliott	a3b625b0a1	Merge pull request #7098 from gilles-peskine-arm/retval-non-empty Pacify Clang 15 about empty \retval	2023-02-24 09:10:53 +00:00
Przemek Stekiel	d93de32267	Move to computation stage only on successfull setup Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-24 08:39:49 +01:00
Jerry Yu	ba1e78f1c2	fix code style and comment issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-24 11:18:16 +08:00
Manuel Pégourié-Gonnard	1e57abd3ec	Group MD_LIGHT and MD_C parts of md.c Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-23 20:45:26 +01:00
Przemek Stekiel	083745e097	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-23 17:28:23 +01:00
David Horstmann	ce16474d91	Correct INT_MAX overflow check to UINT_MAX Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-23 13:50:48 +00:00
Manuel Pégourié-Gonnard	0d4152186d	Make MBEDTLS_MD_LIGHT private for now. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-23 13:02:13 +01:00
Ronald Cron	1aa6e8d6e9	Restore same PSK length enforcement Restore same PSK length enforcement in conf_psk and set_hs_psk, whether the negotiated protocol is TLS 1.2 or TLS 1.3. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-02-23 09:48:50 +01:00
Manuel Pégourié-Gonnard	f78a10052c	Merge pull request #7047 from mpg/tls-hash-errors Handle errors from hash functions in TLS code	2023-02-23 08:49:55 +01:00
Valerio Setti	1ad9ef2132	ssl: use new macros for ECDSA capabilities Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-23 08:15:09 +01:00
Jerry Yu	029e659bbb	Return seconds when clock_gettime error Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-23 11:25:36 +08:00
Jerry Yu	947bf969e0	Improve readability of expansion size Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-23 11:07:57 +08:00
Jerry Yu	fac5a54f8a	fix code style issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-23 10:13:40 +08:00
David Horstmann	376e8df9d6	Clarify structure of parsing with comments: 1. Parse through to get the required buffer length. 2. Having allocated a buffer, parse into the buffer. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	89d67bd472	Remove superfluous sizeof(unsigned char) Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	7cdfda12da	Fixup: Correct signedness of val local variable Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	0f4ee418d8	Use return for errors only in oid_parse_number() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	59400ffed5	Improve header docs and rename parameter Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	03329970de	Correct error in processing of second component Root nodes 0 and 1 may have up to 40 children (0 - 39), not 39 children (0 - 38) as previously thought. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	18ec9d7da1	Change some error codes to be more accurate Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 18:27:59 +00:00
David Horstmann	92337c0e62	Add function to parse an OID from a string Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-22 16:34:26 +00:00
Paul Elliott	59200a22aa	Improve psa_wipe_output_buffer Change name and document to ensure suitability only for "tags" is explicit. Add support for output size of zero in PSA_SUCCESS case. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-22 14:15:31 +00:00
Janos Follath	406b9172ad	Merge pull request #7044 from minosgalanakis/bignum/6342_add_named_moduli_setup Bignum: Add named moduli setup	2023-02-22 12:14:33 +00:00
Przemek Stekiel	5eff1033b6	Remove redundant checks for jpake alg Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	ce131bf5c5	PAKE driver: fix password releasing Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	80a8849903	Adapt conditional compilation flags for jpake alg Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	a54dc69fe0	mbedtls_psa_pake_setup: move driver password and alg init to the common part Also in the core part change stage to computation after return from psa_driver_wrapper_pake_setup() regardless of the result. At this point driver context is active even if init has failed. Additionally handle deallocation of password on failure in mbedtls_psa_pake_setup(). The plan was to handle deallocation on core level by calling abort on failure. Unfortunately in this case when mbedtls_psa_pake_setup() fails with an unsupported result the built-in implementation is executed (if available) and it will reallocate the password leading to the memory leak. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	6b64862ef7	Documentation fixes and code adaptation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	251e86ae3f	Adapt names to more suitable and fix conditional compilation flags Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	6d77830c6a	Remove redundant code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	dff21d3429	Move jpake role check to psa_pake_complete_inputs() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	4fcc61eec0	Optimize psa_pake_ecjpake_setup() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	849c35f8b4	Remove pake abort on failure from driver (handled by core) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	e1d51bf3c9	Optimieze psa_pake_complete_inputs() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	3e784d8981	PSA crypto pake: call abort on each failure Adapt driver hook counters in pake driver test. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	d69dca9fc4	Rework psa_pake_abort - Fix potential issue with freeing password - Clean operation object even if psa_driver_wrapper_pake_abort fails - Remove redundant code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	f62b3bb087	Optimization of pake core functions Adapt pake test (passing NULL buffers is not allowed). Passing the null buffer to psa_pake_output results in a hard fault. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	9dd2440c95	Change pake input: key_lifetime -> key attributes In the future key attributes will be available for opaque driver via psa_crypto_driver_pake_get_password_key(). Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com> Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	d5d28a217f	Use operation alg for locking key slot Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	1c3cfb4fb0	Introduce PSA_PAKE_OPERATION_STAGE_SETUP to optimize out alg checks Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	ff01bc496c	Remove j-pake specific checks from psa_pake_setup mbedtls_psa_pake_setup has already check for PSA_PAKE_PRIMITIVE_TYPE_ECC primitive. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	dde6a910bb	Optimize out psa_pake_computation_stage_t Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	5cbca790f7	Make usage of pake input getters Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	18620a3b1c	Make copy of inputs on stack before passing to psa_driver_wrapper_pake_setup Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	ca8d2b2589	Add get-data functions for inputs + tests Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	7b730175b3	Simplify psa_pake_computation_stage_s structure Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	b09c487546	Combine core pake computation stage(step,sequence,state) into single driver step Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	9a5b812aa8	Cleanup the code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	2797d37424	Split handling of memory allocation for password between core and driver Driver is now responsible for creating its own copy of the password in the setup function. After calling pake setup driver entry point core frees memory for password. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	e12ed36a6c	Move JPAKE state machine logic from driver to core - Add `alg` and `computation_stage` to `psa_pake_operation_s`. Now when logic is moved to core information about `alg` is required. `computation_stage` is a structure that provides a union of computation stages for pake algorithms. - Move the jpake operation logic from driver to core. This requires changing driver entry points for `psa_pake_output`/`psa_pake_input` functions and adding a `computation_stage` parameter. I'm not sure if this solution is correct. Now the driver can check the current computation stage and perform some action. For jpake drivers `step` parameter is now not used, but I think it needs to stay as it might be needed for other pake algorithms. - Removed test that seems to be redundant as we can't be sure that operation is aborted after failure. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	be5e27b5ad	Remove redundant code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	ca67483b15	psa_crypto_pake.h: adapt function descriptions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	51eac53b93	Divide pake operation into two phases collecting inputs and computation. Functions that only set inputs do not have driver entry points. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:25:30 +01:00
Przemek Stekiel	061f6949fd	Make psa_get_and_lock_key_slot_with_policy() static function psa_get_and_lock_key_slot_with_policy() becomes public temporarily as part of: https://github.com/Mbed-TLS/mbedtls/pull/6608 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:25:30 +01:00
Przemek Stekiel	0c78180ee5	mbedtls_psa_pake_get_implicit_key: move psa_key_derivation_input_bytes call to upper layer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:25:30 +01:00
Przemek Stekiel	6c7644150a	Adapt pake impl for driver dispatch Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:25:30 +01:00
Przemek Stekiel	2e73649f9c	Add pake psa crypto driver wrappers implementation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:25:30 +01:00
Neil Armstrong	5ae609631e	Move the common parameters check code out of the wrapper Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2023-02-22 11:25:30 +01:00
Neil Armstrong	a7d08c3009	Add PSA PAKE api calling the PAKE wrappers Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2023-02-22 11:25:30 +01:00
Neil Armstrong	7da8c56b84	Add PSA PAKE wrappers Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2023-02-22 11:25:30 +01:00
Neil Armstrong	56b8d23ca1	Add mbedtls_ prefix to PSA PAKE over MbedTLS implementation Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2023-02-22 11:25:30 +01:00
Manuel Pégourié-Gonnard	63e33dd175	Fix unchecked return value Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-22 10:09:40 +01:00
Jerry Yu	3bfe133832	Improve readability Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-22 15:01:05 +08:00
Jerry Yu	3304c204ba	Improve readabilities - Add more comments - Adjust setkey_enc Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-22 14:37:11 +08:00
Jerry Yu	4d786a732b	Fix regression issue for clang workaround. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-22 11:01:07 +08:00
Gilles Peskine	ffb92b0789	Merge pull request #7105 from davidhorstmann-arm/fix-oid-printing-bug Fix bugs in OID to string conversion	2023-02-21 23:16:44 +01:00
Manuel Pégourié-Gonnard	da7979bb91	Restore debug message removed by mistake Also while at it, fix debug level for existing DEBUG_RET: errors should always be level 1. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	8e176f747c	Fix wrong return statement Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	626aaed213	Fix unused variable warnings in some builds Found by depends.py MBEDTLS_SHA512_C In principle, the case where neither SHA-256 nor SHA-384 are available should never occur, as both TLS 1.2 and TLS 1.3 depend on one of those being defined. However for now dependencies for TLS 1.2 are not as tight as they should be; this will be fixed later and is tracked as #6441. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	43cc127d3a	Fix code style Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	e1a4caa934	Handle hash errors in calc_finished That's the last family of functions. All calls to mbedtls_sha* and psa_hash_* in library/ssl_tls.c are now checked for errors. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	b9b564e64b	Handle hash errors in calc_verify On top on some calls not being checked, the PSA path was missing a call to abort() on errors. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	df94901566	Handle hash errors in update_checksum Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	b72ff498c9	Handle hash errors in reset_checksum Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	b8b07aa24a	Handle errors from functions that now return int A few functions were changed from returning void to returning int three commits ago. Make sure their callers check the return values. This commits was basically a matter of declaring newly-int-returning functions MBEDTLS_CHECK_RETURN_CRITICAL and then fixing the resulting warnings. A few functions had to be made int in the process; they were applied the same process as well. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	d7a7a23308	Use reset_checksum in reset_transcript_for_hrr This function was manually resetting just the hash that would be used; it's simpler to just call the function that resets all hashes. This also avoids calling low-level code from TLS 1.3. While at it, remove the guards about SHA-256 \|\| SHA-384 that were around update_checksum, as they are redundant: update_checksum already has appropriate guards (and TLS 1.3 already depends on one of those tow hashes being present anyway). Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	537f231fd9	Split hash start out of handshake_params_init This part can fail, so it shouldn't be intermixed with the part that can't fail and is there to ensure all structures are in a clean state, should any error happen. Fortunately, the part that should be split out already had a function doing it: reset_checksum. Also, handshake_params_init had only one calling site to update. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	226aa15702	Make handshake hashing functions return int There are three family of functions: update_checksum, calc_verify, calc_finished, that perform hashing operations and were returning void so far. This is not correct, as hashing functions can return errors (for example, on hardware failure when accelerated). Change them to return int. This commit just changes the types: for now the functions always return 0, and their return value is not checked; this will be fixed in the next few commits. There is a related function in TLS 1.3, mbedtls_ssl_reset_transcript_for_hrr, which also handles hashes, and already returns int but does not correctly check for errors from hashing functions so far, it will also be handled in the next few commits. There's a special case with handshake_params_init: _init functions should return void, so we'll need to split out the part that can return errors, see the next commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Gilles Peskine	250a5ac4cb	Merge pull request #7095 from paul-elliott-arm/interruptible_sign_hash_codestyle Implement PSA interruptible sign/verify hash	2023-02-21 15:13:34 +01:00
Ronald Cron	d89360b87b	Fix and improve documentation, comments and logs Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-02-21 14:57:25 +01:00
Przemek Stekiel	18904acc93	Adapt the code to support SAN types: uniformResourceIdentifier, dNSName and IPAddress According to documentation OPCUA requires: uniformResourceIdentifier, dNSName and IPAddress https://reference.opcfoundation.org/Core/Part6/v105/docs/6.2 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-21 13:42:39 +01:00
Hannes Tschofenig	6b108606fa	Added ability to include the SubjectAltName extension to a CSR Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>	2023-02-21 13:42:39 +01:00
Dave Rodgman	e42cedf256	Merge pull request #7077 from daverodgman/pkcs7-fixes-dm-rebased Pkcs7 fixes	2023-02-21 11:53:30 +00:00
Gabor Mezei	aef0f2de9f	Fix limb size calculation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-21 11:35:31 +01:00
Gabor Mezei	e14b5bdba7	Change the ecp_mod_p224_raw to be testable Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-21 11:35:26 +01:00
Gabor Mezei	66f88a9d22	Extract Secp224r1 from the prototype Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-21 11:32:29 +01:00
Jerry Yu	ba4ec24c79	fix code style failure Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-21 15:59:18 +08:00
Jerry Yu	baae4012bf	merge setkey_enc* functions Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-21 15:28:03 +08:00
Jerry Yu	c8bcdc8b91	fix various issues - Improve some function names - Improve comments - improve readability Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-21 15:16:20 +08:00
Dave Rodgman	a1b2bfff46	Add clarifying comments Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-20 14:45:09 +00:00
David Horstmann	5b5a0b618c	Change error codes to more appropriate codes The more precise error codes are borrowed from the ASN1 module. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-20 14:24:12 +00:00
Przemek Stekiel	82d250d8b0	Use const char for names and adapt style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-20 15:09:50 +01:00
Przemek Stekiel	5b9e4168cf	Add rfc822Name support in mbedtls_x509_info_subject_alt_name + adapt test Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-20 15:09:50 +01:00
Przemek Stekiel	ecee12f04f	Add parsing of SAN: rfc822Name Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-20 15:09:50 +01:00
Minos Galanakis	a30afe2216	ecp_curves: Minor refactoring. This patch introduces the following changes: * Documentation for `mbedtls_ecp_modulus_setup()` moved to `ecp_invasive.h`. * Added invalid modulus selector `MBEDTLS_ECP_MOD_NONE`. * Adjusted negative tests to use invalid selectors. * Reworded documentation. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-02-20 13:53:06 +00:00
Minos Galanakis	dd556921c9	ecp_curves: Exposed `mbedtls_ecp_modulus_setup()` through `ecp_invasive.h` Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-02-20 13:50:41 +00:00
Minos Galanakis	d2ca802329	ecp_curves: Added `mbedtls_ecp_modulus_setup()`. This patch introduces a new static method, responsible for automatically initialising an modulus structure, based on the curve id and a modulus type selector. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-02-20 13:49:46 +00:00
Janos Follath	ec718afb41	Merge pull request #7051 from gabor-mezei-arm/6376_Secp521r1_fast_reduction Add a raw entry point to Secp521r1 fast reduction	2023-02-20 13:03:12 +00:00
Ronald Cron	4bb6773640	tls13: Apply same preference rules for ciphersuites as for TLS 1.2 Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-02-20 11:42:19 +01:00
Ronald Cron	0a1c504156	tls13: Fix session resumption with 384 bits PSKs MBEDTLS_PSK_MAX_LEN main purpose is to determine a miximum size for the TLS 1.2 pre-master secret. This is not relevant to TLS 1.3 thus disable in TLS 1.3 case the check against MBEDTLS_PSK_MAX_LEN when setting during the handshake the PSK through mbedtls_ssl_set_hs_psk(). This fixes the session resumption with 384 bits PSKs when MBEDTLS_PSK_MAX_LEN is smaller than that. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-02-20 11:42:19 +01:00
Ronald Cron	25e9ec61f0	tls13: server: Select preferred cipher suite Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-02-20 11:42:19 +01:00
Ronald Cron	fc7ae87ad4	tls13: server: Check ciphersuite list length parity once Check ciphersuite list length parity once, mainly to enable the possibility of getting out of the loop of the ciphersuites whenever we want. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-02-20 11:42:19 +01:00
Ronald Cron	606671e06e	tls13: server: Check mbedtls_ssl_set_hs_psk returned value Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-02-20 11:42:19 +01:00
Manuel Pégourié-Gonnard	718eb4f190	Merge pull request #7025 from AndrzejKurek/uri_san Add the uniformResourceIdentifier subtype for the subjectAltName	2023-02-20 11:29:59 +01:00
Paul Elliott	f8e5b56ad8	Fix get_num_ops internal code. Previously calling get_num_ops more than once would have ended up with ops getting double counted, and not calling inbetween completes would have ended up with ops getting missed. Fix this by moving this to where the work is actually done, and add tests for double calls to get_num_ops(). Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-19 18:55:10 +00:00
Manuel Pégourié-Gonnard	b9b630d628	Define "light" subset of MD See docs/architecture/psa-migration/md-cipher-dispatch.md Regarding testing, the no_md component was never very useful, as that's not something people are likely to want to do: it was mostly useful as executable documentation of what depends on MD. It's going to be even less useful when more and more modules auto-enable MD_LIGHT or even MD_C. So, recycle it to test the build with only MD_LIGHT, which is something that might happen in practice, and is necessary to ensure that the division is consistent. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-16 22:30:06 +01:00
Gabor Mezei	ac70ad6576	Fix coding style Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-16 19:31:21 +01:00
Manuel Pégourié-Gonnard	ba2412fd21	Remove internal function md_process() It was already marked as internal use only, and no longer used internally. Also, it won't work when we dispatch to PSA. Remove it before the MD_LIGHT split to avoid a corner case: it's technically a hashing function, no HMAC or extra metadata, but we still don't want it in MD_LIGHT really. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-16 18:44:46 +01:00
Dave Rodgman	fc64352253	Adjust position of empty line Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-16 16:23:09 +00:00
Paul Elliott	ba70ad4944	Add safety for keys larger than we currently support. Prevent buffer overflow with keys whos grp.nbits is greater than PSA_VENDOR_ECC_MAX_CURVE_BITS. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-16 12:15:39 +00:00
Paul Elliott	93d9ca83ea	Move num_ops ECP abstraction fully into internal implementation Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-16 12:15:39 +00:00
Andrzej Kurek	81b0b89a34	Clarify comments on subjectAltName types Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-16 06:55:10 -05:00
Jerry Yu	a135deeece	Move clang bug workaround to the head of file Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-16 17:56:33 +08:00
Jerry Yu	383cbf42a0	Add minimum version of sha256 for clang Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-16 15:16:43 +08:00
Jerry Yu	8ae6a0193c	Add comments about gcc-5 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-16 15:16:20 +08:00
Jerry Yu	2f2c04956d	Add GCC options pop Reduce the scope of target pragma to meet behavior of clang. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-16 14:24:46 +08:00
Jerry Yu	92fc538a22	Add attribute popup Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-16 11:17:11 +08:00

... 8 9 10 11 12 ...

11366 commits