b62732e1d6
tls13: cli: Add mbedtls_ssl_write_early_data() API
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-07 08:06:46 +01:00
447bbce8b4
rsa: remove unnecessary check in priv/pub key parsing
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-07 08:02:03 +01:00
f45589b492
Merge pull request #8198 from silabs-Kusumit/kdf_incorrect_initial_capacity
...
KDF incorrect initial capacity
2024-02-06 17:29:43 +00:00
137e0c1a02
Merge pull request #8761 from valeriosetti/issue4681
...
Re-introduce enum-like checks from CHECK_PARAMS
2024-02-06 17:29:38 +00:00
fb7001f15b
Merge pull request #8738 from gilles-peskine-arm/pk_import_into_psa-use_usage
...
Implement mbedtls_pk_get_psa_attributes
2024-02-06 17:28:54 +00:00
a76a0011ab
Remove mutex calls in psa_wipe_all_key_slots
...
Code size and code style improvement, these calls aren't needed.
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-02-06 16:45:54 +00:00
bb76f80218
pk_wrap: use proper raw buffer length in ecdsa_sign_psa()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-06 16:57:23 +01:00
cf81f69977
psa_util: smarter raw length check in mbedtls_ecdsa_raw_to_der()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-06 16:57:12 +01:00
6269f3baf4
Revert "psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()"
...
This reverts commit d4fc5d9d1c
.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-06 16:55:18 +01:00
90e223364c
tls13: cli: Refine early data status
...
The main purpose of the change is to
know from the status, at any point in
the handshake, if early data can be
sent or not and why.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-06 16:43:33 +01:00
fe59ff794d
tls13: Send dummy CCS only once
...
Fix cases where the client was sending
two CCS, no harm but better to send only one.
Prevent to send even more CCS when early data
are involved without having to add conditional
state transitions.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-06 16:43:33 +01:00
e093281a8b
Pacify check-names
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-06 15:00:58 +00:00
d09f96b829
Improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-06 13:51:58 +00:00
18dc032fb4
Prevent unused warnings in psa_aead_set_nonce()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-06 13:39:02 +00:00
e000a0aedf
Add buffer copying to psa_aead_verify()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-06 13:39:02 +00:00
6db0e73dc4
Add buffer copying to psa_aead_finish()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-06 13:39:02 +00:00
2914fac28a
Add buffer copying to psa_aead_update()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-06 13:39:02 +00:00
25dac6edc1
Add buffer copying to psa_aead_update_ad()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-06 13:39:02 +00:00
fed23777f3
Refactor: Use wrapper around internal set_nonce()
...
* Rename psa_aead_set_nonce() to psa_aead_set_nonce_internal()
* Recreate psa_aead_set_nonce() as a wrapper that copies buffers before
calling the internal function.
This is because psa_aead_set_nonce() is currently called by
psa_aead_generate_nonce(). Refactoring this to call the static internal
function avoids an extra set of buffer copies as well as simplifying
future memory poisoning testing.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-06 13:39:02 +00:00
8f0ef519d4
Add buffer copying to psa_aead_set_nonce()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-06 13:39:02 +00:00
d3cad8b017
Add buffer copying to psa_aead_generate_nonce()
...
Note that this is not strictly necessary as this function only copies to
the output buffer at the end. However, it simplifies testing for the
time being.
Future optimisation work could consider removing this copying.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-06 13:39:02 +00:00
7f2e040a9b
Add buffer copying to psa_aead_decrypt()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-06 13:39:00 +00:00
9d09a020c9
Copy buffers in psa_aead_encrypt()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-02-06 13:38:20 +00:00
22b934e6d2
Use struct not union
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-06 13:16:13 +00:00
f4e8234f93
Improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-06 13:16:13 +00:00
5c9cc0b30f
Merge pull request #8727 from ronald-cron-arm/tls13-ignore-early-data-when-rejected
...
TLS 1.3: SRV: Ignore early data when rejected
2024-02-06 13:16:03 +00:00
ec9936d122
Improve gcc guards
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-06 13:04:09 +00:00
b327a1e706
Change unaligned access method for old gcc
...
gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94662 shows
that __attribute__ aligned may be ignored.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-06 11:32:01 +00:00
4e9683e818
Reduce many unnecessary static memory consumption
...
.data section of ssl_client1 becomes 320 bytes smaller on AMD64.
Signed-off-by: Chien Wong <m@xv97.com >
2024-02-06 17:50:44 +08:00
8a85673a39
Merge remote-tracking branch 'development' into pk_import_into_psa-use_usage
2024-02-06 10:14:17 +01:00
d4fc5d9d1c
psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()
...
The only real contraint on the raw buffer is that it is large
enough to contain 2 coordinates. Larger buffers are therefore
allowed and the extra data will simply be ignored.
Note = trying to impose a strict sizing on the raw buffer causes
several failures in test suites. This suggests that it is
quite common to use larger buffer to store raw signatures.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-06 08:42:42 +01:00
fe329cea3f
rsa: handle buffer length similarly in private and public key parsing
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-06 08:00:18 +01:00
71c6e65d83
tls13: ssl_msg.c: Improve/add comments
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-05 16:54:37 +01:00
31e2d83eee
tls13: srv: Improve coding
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-05 16:45:57 +01:00
091bdc416d
psa_util: enhance checks on leading zeros in convert_der_to_raw_single_int()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-05 16:18:04 +01:00
32c28cebb4
Merge pull request #8715 from valeriosetti/issue7964
...
Remove all internal functions from public headers
2024-02-05 15:09:15 +00:00
05c256fb36
psa_util: minor performance improvement in mbedtls_ecdsa_der_to_raw()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-05 16:02:11 +01:00
bec1d842ac
psa_util: convert_der_to_raw_single_int() accepts also all zero integers
...
These values are not mathematically valid as signature, but as
for what it concerns with ECDSA conversion functions, 0 values
in DER format should be translated to 0 values in raw format.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-05 15:50:02 +01:00
8334d00772
psa_util: improve check of raw_len in mbedtls_ecdsa_raw_to_der()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-05 15:35:26 +01:00
2bd0ecdf45
psa_util: improve documentation for convert_raw_to_der_single_int()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-05 15:25:15 +01:00
747bedb0b0
Merge pull request #8733 from ivq/gcm_ad_len_check
...
Add back restriction on AD length of GCM
2024-02-05 13:33:58 +00:00
954ef4bbd5
psa_util: improve convert_raw_to_der_single_int()
...
Allow the function to support DER buffers than what it is nominally
required by the provided coordinates. In other words let's ignore
padding zeros in the raw number.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-05 12:06:46 +01:00
315e4afc0a
psa_util: change parameters order in ECDSA conversion functions
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-05 10:09:15 +01:00
13ab693c49
rsa_internal: fix documentation for mbedtls_rsa_parse_key()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-02-05 08:48:39 +01:00
e883870cc7
Merge branch 'development-restricted' into update-development-r
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2024-02-02 18:03:29 +00:00
f57d14bed4
Ignore early data app msg before 2nd client hello
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-02 17:31:20 +01:00
263dbf7167
tls13: srv: Do not allow early data indication in 2nd ClientHello
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-02 17:31:20 +01:00
1483dc3bde
tls13: cli: Indicate early data only in first ClientHello
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-02 17:31:20 +01:00
2995d35ac3
tls13: srv: Deprotect and discard early data records
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-02 17:31:20 +01:00
4caf3ca08c
tls13: srv: Add discard_early_data_record SSL field
...
Add discard_early_data_record in SSL context for
the record layer to know if it has to discard
some potential early data record and how.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-02-02 17:31:20 +01:00