As usual, just a search-and-replace plus:
1. Removing things from hash_info.[ch]
2. Adding new auto-enable MD_LIGHT in build-info.h
3. Including md_psa.h where needed
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Issue 7529 uncovered an unrequired check in a for loop
condition in ssl_tls.c. This commit removes said check.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
Note = programs are not aligned to this change because:
- the original mbedtls_pk_ec is not ufficially deprecated
- that function is used in tests when ECP_C is defined, so
the legacy version of that function is available in that
case
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Set hybrid TLS 1.2/1.3 as default server
configuration if both TLS 1.2 and TLS 1.3
are enabled at build time.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The function reset_checksum() can be called more than once with the same
handshake context (this happens with DTLS clients, and perhaps in other
cases as well). When that happens, we need to free the old MD contexts
before setting them up again.
Note: the PSA path was already doing the right thing by calling abort,
we just needed to do the same on the MD path.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
With the introduction of #7047, ssl_tls.c uses
mbedtls_md_error_from_psa. This complicates
the dependencies for compiling in psa_to_md_errors,
since now these should be ifdeffed also by
MBEDTLS_USE_PSA_CRYPTO followed by a series of or'ed
MBEDTLS_HAS_ALG_SHA_XXX_VIA_MD_OR_PSA_BASED_ON_USE_PSA.
Since this mechanism will be removed soon, we can simplify it to
just MBEDTLS_USE_PSA_CRYPTO.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
The name sha512 might have made sense when it was an
mbedtls_sha512_context, but now it's weird to see things like
mbedtls_md_setup(&sha512, ...MBEDTLS_MD_SHA384...);
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
There's little reason for accessing the hash implementation's internal
state, its output contains most of the same information.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Found by depends.py MBEDTLS_SHA512_C
In principle, the case where neither SHA-256 nor SHA-384 are available
should never occur, as both TLS 1.2 and TLS 1.3 depend on one of those
being defined. However for now dependencies for TLS 1.2 are not as tight
as they should be; this will be fixed later and is tracked as #6441.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
That's the last family of functions. All calls to mbedtls_sha* and
psa_hash_* in library/ssl_tls.c are now checked for errors.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
On top on some calls not being checked, the PSA path was missing a call
to abort() on errors.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
A few functions were changed from returning void to returning int three
commits ago. Make sure their callers check the return values.
This commits was basically a matter of declaring newly-int-returning
functions MBEDTLS_CHECK_RETURN_CRITICAL and then fixing the resulting
warnings. A few functions had to be made int in the process; they were
applied the same process as well.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This part can fail, so it shouldn't be intermixed with the part that
can't fail and is there to ensure all structures are in a clean state,
should any error happen.
Fortunately, the part that should be split out already had a function
doing it: reset_checksum. Also, handshake_params_init had only one
calling site to update.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
There are three family of functions: update_checksum, calc_verify,
calc_finished, that perform hashing operations and were returning void
so far. This is not correct, as hashing functions can return errors (for
example, on hardware failure when accelerated). Change them to return
int.
This commit just changes the types: for now the functions always return
0, and their return value is not checked; this will be fixed in the
next few commits.
There is a related function in TLS 1.3,
mbedtls_ssl_reset_transcript_for_hrr, which also handles hashes, and
already returns int but does not correctly check for errors from hashing
functions so far, it will also be handled in the next few commits.
There's a special case with handshake_params_init: _init functions
should return void, so we'll need to split out the part that can return
errors, see the next commit.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
When ticket_flags used as parameter, use unsigned int,
instead of uint8_t or mbedtls_ssl_tls13_ticket_flags.Also
remove the definition of mbedtls_ssl_tls13_ticket_flags.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Some PSA curves' symbols (PSA_WANT_) were not matching the corresponding
MBEDTLS_ECP_DP_. This was fixed together with the removal of extra code
when DEBUG_C is not enabled.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
- disable reuse of max_early_data_size.
- make conf_early_data available for server.
- various comment issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
It might happen that the psa_pake_output() function returns
elements which are not exactly 32 or 65 bytes as expected, but
1 bytes less.
As a consequence, insted of hardcoding the expected value for
the length in the output buffer, we write the correct one as
obtained from psa_pake_output()
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
NEW_SESSION_TICKETS* are processed in handshake_step.
Change the stop condition from `mbedtls_ssl_is_handshake_over`
to directly check.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Inlined functions might cause the compiled code to have different sizes
depending on the usage and this not acceptable in some cases.
Therefore read/write functions used in the initial key exchange are
moved to a standard C file.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Mark unused variables when compiling without
SHA256 and SHA384. In future a proper dependency
will be added to TLS 1.2 to enforce either of these hashes
to be on.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
One version was already surrounded by the USE_PSA define,
so the VIA_XX_OR_XX macros were removed;
Second version is when USE_PSA is undefined, so MBEDTLS_
macros can be used.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Introduce and use
MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED to
guard TLS code (both 1.2 and 1.3) specific
to handshakes involving PSKs.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Introduce and use
MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to
guard TLS code (both TLS 1.2 and 1.3) specific
to handshakes involving certificates.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED
instead of MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED to guard
code specific to one of the TLS 1.3 key exchange mode with
PSK.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard
code specific to the TLS 1.3 ephemeral key exchange mode.
Use it also for the dependencies of TLS 1.3 only tests
relying on ephemeral key exchange mode, but for
tests in tls13-kex-modes.sh where the change is done
later using all
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Check that the identity length is not
zero in ssl_conf_set_psk_identity()
as it is done in
mbedtls_ssl_conf_has_static_psk().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
When building SHA512 without SHA384,
there are some code paths that resulted
in unused variables or usage of undefined code.
This commit fixes that.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Rename function name to mbedtls_ssl_session_set_hostname
Add two extra check cases for server name
Fix some coding styles
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
Change function name to ssl_session_set_hostname()
Remove hostname_len
Change hostname to c_string
Update test cases to multi session tickets
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
