lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-08 17:42:09 +03:00
Code Activity
24,020 Commits 174 Branches 272 Tags
sphinx-versioned-documentation
Commit Graph

10612 Commits

Author SHA1 Message Date
Nick Child
34d5e931cf pkcs7: Use better return code for unimplemented specifications 
In response to feedback [1] [2], use MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE
instead of MBEDTLS_ERR_PKCS7_INVALID_FORMAT for errors due to the
pkcs7 implemntation being incomplete.

[1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953649079
[2] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953658276

Signed-off-by: Nick Child <nick.child@ibm.com>
 2022-09-14 14:44:03 -05:00
Nick Child
7089ce8381 pkcs7: Handle md errors in multisigner pkcs7 verification 
In resonse to feedback [1], if `mbedtls_md_info_from_type` were to
fail then skip the signer and try the next one.

Additionally, use a for loop instead of a while loop when iterating
over signers because it simplifies the use of `continue`.

[1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r967198650
Signed-off-by: Nick Child <nick.child@ibm.com>
 2022-09-14 14:18:00 -05:00
Andrzej Kurek
d60907b85d Define ECJPAKE_TO_PMS in config_psa only if SHA_256 is available 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-14 14:57:51 -04:00
Jerry Yu
f7dad3cfbe fix various issues 
- Naming
- format
- Reduce negative tolerance window

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-14 22:31:39 +08:00
Andrzej Kurek
08d34b8693 Add an EC J-PAKE KDF to transform K -> SHA256(K.X) for TLS 1.2 
TLS uses it to derive the session secret. The algorithm takes a serialized
point in an uncompressed form, extracts the X coordinate and computes
SHA256 of it. It is only expected to work with P-256.
Fixes #5978.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-14 08:39:26 -04:00
Ronald Cron
208257b39f Merge pull request #6259 from yuhaoth/pr/add-psk_ephemeral-possible-group-tests 
TLS 1.3: PSK: Add possible group tests for psk with ECDHE
 2022-09-14 14:21:46 +02:00
Przemyslaw Stekiel
ab9b9d4669 ssl_tls13_keys.h: use PSA max hash size 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-14 13:51:07 +02:00
Przemyslaw Stekiel
da6452578f ssl_tls13_generic.c: fix hash buffer sizes (use PSA_HASH_MAX_SIZE) 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-14 12:50:51 +02:00
Neil Armstrong
6a12a7704d Fix typo in comment 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-14 12:17:42 +02:00
Przemyslaw Stekiel
004c2181f0 ssl_misc.h: hash guards adaptations 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-14 11:00:57 +02:00
Jerry Yu
acff823846 Add negative tolerance window 
If `now == session->start` or the timer of
client is faster than server, client age might
be bigger than server.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-14 14:50:44 +08:00
Jerry Yu
95db17ed5f fix various issues 
- improve obfuscated ticket age generator
- improve psk getter

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-14 10:37:58 +08:00
Przemek Stekiel
0852ef8b96 mbedtls_ssl_reset_transcript_for_hrr: remove redundant 'else' statement 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Przemek Stekiel
9dfbf3a006 ssl_tls13_generic.c: optimize code to save memory 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Przemek Stekiel
153b442cc3 mbedtls_ssl_tls13_sig_alg_is_supported: adapt guards 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Przemek Stekiel
47e3cb1875 ssl_tls13_generic.c: adapt guards for MBEDTLS_SHAxxx_C 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Neil Armstrong
fa84962296 Add comment explaining PSA PAKE vs Mbedtls J-PAKE API matching strategy 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-13 15:19:56 +02:00
Neil Armstrong
3d4966a5cb Move possible input/output steps check inside PSA_ALG_JPAKE handling 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-13 15:19:56 +02:00
Neil Armstrong
017db4cdda Drop calls to mbedtls_ecjpake_check() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-13 15:19:56 +02:00
Neil Armstrong
1d0294f6ed Clarify sequence length calculation comment 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-13 15:19:56 +02:00
Neil Armstrong
cb679f23bc Replace 0s with proper defines when possible 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-13 14:43:07 +02:00
Przemek Stekiel
5166954d14 Make more use of MBEDTLS_MAX_HASH_SIZE macro 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 12:57:05 +02:00
Jerry Yu
4746b10c2e fix various issues 
- Format issues
- Possible memory leak
- Improve naming and comment issues

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-13 15:37:46 +08:00
Jerry Yu
8d4bbbae4f fix ticket age check issues 
- Ticket age and ticket age add, obfuscated age
  use different unit. Align the units to million
  seconds.
- Add maximum ticket age check. Until now,
  ticket_lifetime is not recorded in server side.
  Check it with maximum ticket_lifetime.
- Free session when error found.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-13 15:37:46 +08:00
Jerry Yu
46bffe0e82 Refine rsumption master secret compute function 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-13 15:09:49 +08:00
Jerry Yu
466dda8553 Rename resumption master secret compute function 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-13 14:28:15 +08:00
Nick Child
9f4fb3e63f pkcs7: Unite function return style 
In response to feedback[1], standardize return variable
management across all pkcs7 functions.

Additionally, when adding return codes from two error values,
use `MBEDTLS_ERROR_ADD` as recommended [2].

[1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953634781
[2] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r953635128

Signed-off-by: Nick Child <nick.child@ibm.com>
 2022-09-12 16:32:36 -05:00
Neil Armstrong
ecb221b1ff Move operation buffer in operation struct and remove dynamic allocation 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-08 11:21:07 +02:00
Hannes Tschofenig
fd6cca4448 CID update to RFC 9146 
The DTLS 1.2 CID specification has been published as RFC 9146. This PR updates the implementation to match the RFC content.

Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
 2022-09-07 17:15:05 +02:00
Przemek Stekiel
40afdd2791 Make use of MBEDTLS_MAX_HASH_SIZE macro 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-06 14:18:45 +02:00
Przemek Stekiel
c3f2767c25 hash_info.h: add MBEDTLS_MAX_HASH_SIZE macro 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-06 14:18:39 +02:00
Neil Armstrong
9720b881f5 Remove doxygen markup outside doxygen block in psa_pake_sequence comment 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-06 11:39:21 +02:00
Neil Armstrong
b39833cff2 Fix typo in psa_pake_sequence comment 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-06 11:36:02 +02:00
Jerry Yu
58af2335d9 Add possible group tests for psk with ECDHE 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-06 14:49:39 +08:00
Jerry Yu
fd310ebf2d fix coding style issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-06 09:16:35 +08:00
Neil Armstrong
bcd5bd933e Add a comment expliciting usage of internal PAKE step/state/sequence enums 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-05 18:34:12 +02:00
Neil Armstrong
5bbdb70131 Fix style in psa_pake_input() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-05 17:54:15 +02:00
Tom Cosgrove
67c9247ed9 Move the T++ in mbedtls_mpi_core_montmul() to within the loop body 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-09-02 13:28:59 +01:00
Andrzej Kurek
216baca131 pkcs5: improve error handling 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:15:34 -04:00
Andrzej Kurek
e3d544c58f Minor PKCS5 improvements 
Add consts, more elegant size calculation and 
variable initialization.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:07:15 -04:00
Andrzej Kurek
3d0dfb99c9 Change the pkcs5_pbkdf2_hmac deprecation approach 
The shared part has now been extracted and will
be used regardless of the deprecation define.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:07:15 -04:00
Andrzej Kurek
f000471c66 Add missing MD dependency for pkcs5_pbkdf2_hmac 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:07:15 -04:00
Andrzej Kurek
ed98e95c81 Adjust pkcs5 test dependencies 
Hashing via PSA is now supported 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:03:25 -04:00
Andrzej Kurek
890e78ae66 Deprecate mbedtls_pkcs5_pbkdf2_hmac 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:03:25 -04:00
Andrzej Kurek
dd36c76f09 Provide a version of pkcs5_pbkdf2_hmac without MD usage 
Use the new implementation locally
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:03:25 -04:00
Manuel Pégourié-Gonnard
97fc247d6a Merge pull request #6232 from AndrzejKurek/pkcs12-no-md 
Remove MD dependency from pkcs12 module
 2022-09-02 09:43:13 +02:00
Nick Child
62b2d7e7d4 pkcs7: Support verification of hash with multiple signers 
Make `mbedtls_pkcs7_signed_hash_verify` loop over all signatures in the
PKCS7 structure and return success if any of them verify successfully.

Signed-off-by: Nick Child <nick.child@ibm.com>
 2022-09-01 19:45:41 -05:00
Daniel Axtens
3538479faa pkcs7: support multiple signers 
Rather than only parsing/verifying one SignerInfo in the SignerInfos
field of the PKCS7 stucture, allow the ability to parse and verify more
than one signature. Verification will return success if any of the signatures
produce a match.

Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Nick Child <nick.child@ibm.com>
 2022-09-01 19:45:41 -05:00
Nick Child
5d881c36ea pkcs7: Change copyright 
Signed-off-by: Nick Child <nick.child@ibm.com>
 2022-09-01 19:45:41 -05:00
Nick Child
6427b34dec pkcs7.c: Use pkcs7_get_version for signerInfo 
The function pkcs7_get_version can be used again
when parsing the version of the signerInfo. Both
require that the version be equal to 1. The
pkcs7_get_version function will return error
if the found value is not the expected version
as opposed to mbedtls_asn1_get_int which does not.

Signed-off-by: Nick Child <nick.child@ibm.com>
 2022-09-01 19:45:41 -05:00