yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
18245 commits 89 branches 205 tags 114 MiB
Commit graph

7845 commits

Author SHA1 Message Date
Gilles Peskine a4174312da Initialize hash_len before using it 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-13 14:38:40 +01:00
Gilles Peskine 14d5fef6b7 PKCS#1v1.5 signature: better cleanup of temporary values 
Zeroize temporary buffers used to sanity-check the signature.

If there is an error, overwrite the tentative signature in the output
buffer.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-13 12:37:55 +01:00
Gilles Peskine f0fd4c3aee mbedtls_ssl_parse_finished: zeroize expected finished value on error 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-13 12:36:15 +01:00
Gilles Peskine c2f7b75a71 mbedtls_ssl_cookie_check: zeroize expected cookie on cookie mismatch 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-13 12:35:08 +01:00
Gilles Peskine 60aebec47e PSA hash verification: zeroize expected hash on hash mismatch 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-13 12:33:18 +01:00
Gilles Peskine e7835d92c1 mbedtls_cipher_check_tag: zeroize expected tag on tag mismatch 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-13 12:32:43 +01:00
Dave Rodgman 050ad4bb50
Merge pull request #5313 from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac 
Check HMAC return values
 2021-12-13 10:51:27 +00:00
Gilles Peskine ecf6bebb9c Catch failures of md_hmac operations 
Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that
their return values should be checked.

Do check the return values in our code. We were already doing that
everywhere for hash calculations, but not for HMAC calculations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-11 15:00:57 +01:00
Gilles Peskine d5ba50e239 Zeroize local MAC variables 
Zeroize local MAC variables used for CBC+HMAC cipher suites. In encryption,
this is just good hygiene but probably not needed for security since the
data protected by the MAC that could leak is about to be transmitted anyway.
In DTLS decryption, this could be a security issue since an adversary could
learn the MAC of data that they were trying to inject. At least with
encrypt-then-MAC, the adversary could then easily inject a datagram with
a corrected packet. TLS would still be safe since the receiver would close
the connection after the bad MAC.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-11 14:59:45 +01:00
Ronald Cron db6adc5aad ssl: Fix some compilation guards for TLS 1.3 signature algorithms 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-10 14:25:35 +01:00
Ronald Cron 6f135e1148 Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3 
As we have now a minimal viable implementation of TLS 1.3,
let's remove EXPERIMENTAL from the config option enabling
it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-10 13:47:55 +01:00
Dave Rodgman 76a2b306ac
Merge pull request #4981 from yuhaoth/pr/add-debug-helpers-generated 
Add debug helpers generated
 2021-12-10 11:56:55 +00:00
Manuel Pégourié-Gonnard 4525cce691
Merge pull request #5256 from yuhaoth/pr/clean-up-secrets-after-done 
TLS1.3 MVP: Erase secrets when they are not necessary anymore.
 2021-12-10 12:48:25 +01:00
Ronald Cron 6b07916e40
Merge pull request #5230 from ronald-cron-arm/tls13_ccs_client 
Add initial support for "Middlebox Compatibility Mode"
 2021-12-10 11:58:05 +01:00
Jerry Yu a5563f6115 move position of base_key init 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 18:14:36 +08:00
Jerry Yu b737f6a9be move base_key init 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 17:55:59 +08:00
Ronald Cron 574ace48d8 Remove unnecessary blank line 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-10 10:27:25 +01:00
Jerry Yu 9c07473ebc fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 17:12:43 +08:00
Jerry Yu 889b3b76da fix clang build fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 12:57:45 +08:00
Jerry Yu d05e1cec4b fix build fail on check_* 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 12:47:03 +08:00
Jerry Yu e6369b0061 fix test_cmake_as_package fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 12:47:03 +08:00
Jerry Yu eb96fb508e Add cmake generator 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 12:47:03 +08:00
Jerry Yu e3b3412bc4 Add tests for enum helper 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 12:45:52 +08:00
Jerry Yu e78ee99624 add enum value to string helpers 
Only add helpers for enum in `ssl.h`.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 12:43:30 +08:00
Jerry Yu 4a2fa5d0aa Move erase handshake secrets 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 10:37:14 +08:00
Jerry Yu 27224f58be fix coding style issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 10:33:27 +08:00
Jerry Yu 5132771f5f Revert "fix possible security leak for counter" 
This reverts commit 8aab77e11e2aebec09dc9d682b16373771471fe0.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 10:33:27 +08:00
Jerry Yu 7ca3054795 move zerioize tls13_hs_secrets 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 10:33:27 +08:00
Jerry Yu 23ab7a46a3 move zeroize master secrets 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 10:33:27 +08:00
Jerry Yu 2c70a39d97 move zeroize randbytes 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 10:33:27 +08:00
Jerry Yu bdfd01835a fix compile break after merge 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 10:33:27 +08:00
Jerry Yu a986e9faac Clean handshake secrets 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 10:33:27 +08:00
Jerry Yu d103bdb01d Clean randbytes 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 10:33:27 +08:00
Jerry Yu 745db226db fix possible security leak for counter 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-10 10:33:27 +08:00
Gilles Peskine d5b2a59826
Merge pull request #5047 from paul-elliott-arm/psa-m-aead-ccm 
PSA Multipart AEAD CCM Internal implementation and tests.
 2021-12-09 14:49:42 +01:00
Ronald Cron d4c64027a5 tls13: Move state transition after sending CCS to ssl_tls13_client.c 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-09 13:40:22 +01:00
Ronald Cron 49ad6197ca Add injection of dummy's ChangeCipherSpec for middlebox compatibility 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-09 13:40:22 +01:00
Ronald Cron 7e38cba993 Add incoming ChangeCipherSpec filtering in TLS 1.3 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-09 13:40:22 +01:00
Manuel Pégourié-Gonnard c38c1f2411
Merge pull request #5268 from gilles-peskine-arm/struct_reordering_3.0 
Reorder structure fields to maximize usage of immediate offset access
 2021-12-09 12:54:09 +01:00
Manuel Pégourié-Gonnard d7d740eb6e
Merge pull request #5236 from gabor-mezei-arm/4926_base64_move_constant-time_functions 
Move base64 constant-time functions to the new module
 2021-12-09 12:40:18 +01:00
Manuel Pégourié-Gonnard b873577fc3
Merge pull request #5240 from duckpowermb/development 
[session] fix a session copy bug
 2021-12-09 09:23:23 +01:00
Gilles Peskine cfe74a37b9 mbedtls_ssl_handshake_params: move ecrs_ctx back further 
"mbedtls_ssl_handshake_params: reorder fields to save code size" moved this
filed earlier along with byte-sized fields that should be in the 128-element
access window on Arm Thumb. This took away precious room in the 128-byte
window. Move it back further out.

Results (same architecture, config-suite-b.h + MBEDTLS_ECDH_LEGACY_CONTEXT +
MBEDTLS_ECP_RESTARTABLE):
library/ssl_cli.o: 2860 -> 2816 (diff: 44)
library/ssl_msg.o: 3080 -> 3076 (diff: 4)
library/ssl_srv.o: 3340 -> 3300 (diff: 40)
library/ssl_tls.o: 6546 -> 6478 (diff: 68)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-08 18:38:51 +01:00
Gilles Peskine 41139a2541 mbedtls_ssl_handshake_params: move group_list earlier to save code size 
Placing group_list earlier seems to help significantly, not just as a matter
of placing it in the 128-element (512-byte) access window.

Results (arm-none-eabi-gcc 7.3.1, build_arm_none_eabi_gcc_m0plus build):
library/ssl_cli.o: 19559 -> 19551 (diff: 8)
library/ssl_msg.o: 24690 -> 24674 (diff: 16)
library/ssl_srv.o: 20418 -> 20406 (diff: 12)
library/ssl_tls.o: 20555 -> 20519 (diff: 36)
library/ssl_tls13_client.o: 7244 -> 7240 (diff: 4)
library/ssl_tls13_generic.o: 4693 -> 4697 (diff: -4)

Results (same architecture, config-suite-b.h + MBEDTLS_ECDH_LEGACY_CONTEXT +
MBEDTLS_ECP_RESTARTABLE):
library/ssl_cli.o: 2864 -> 2860 (diff: 4)
library/ssl_tls.o: 6566 -> 6546 (diff: 20)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-08 18:26:55 +01:00
Ronald Cron 1865585eab
Merge pull request #5212 from yuhaoth/pr/add-tls13-compat-testcases 
TLS1.3 MVP:Add tls13 compat, not supported version , certificaterequest and HRR tests
 2021-12-08 14:56:39 +01:00
Gilles Peskine 392113434a
Merge pull request #5263 from ronald-cron-arm/psa-test-driver_3.x 
Forward port to 3.x: Introduce PSA test driver library to test PSA configuration
 2021-12-07 12:52:20 +01:00
Dave Rodgman 351c71b7f2 Fix builds when config.h only defines MBEDTLS_BIGNUM_C 
Fixes #4929

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-12-06 17:50:53 +00:00
Jerry Yu 6eaa41c15e Fix overflow error 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-06 18:16:30 +08:00
Ronald Cron f467d6306c psa: Fix obsolete code guard 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-06 07:50:27 +01:00
Ronald Cron fd25ddbf58 psa: Fix and improve comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-06 07:50:27 +01:00
Ronald Cron 0266cfed51 psa: Remove test code in the library 
The current testing of the PSA configuration is
based on test code located in the library itself.

Remove this code as we are moving to using a
test library instead.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-06 07:50:27 +01:00