eabeb30c65
Fix SHA512 vs SHA384 dependencies
...
When building SHA512 without SHA384,
there are some code paths that resulted
in unused variables or usage of undefined code.
This commit fixes that.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-19 08:35:09 -04:00
c19fb08dd3
Add missing ECDH dependency in tls 1.3 client
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-19 08:35:08 -04:00
68327748d3
Add missing dependencies
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-19 08:35:08 -04:00
46a987367c
Formatting fix
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-19 08:35:08 -04:00
084334c8f2
Compile constant time masking and hmac if there are suites using MAC
...
This is used in TLS 1.2 authentication with NULL cipher,
when there are no TLS_CBC suites.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-19 08:35:08 -04:00
2d59dbc032
Use TLS prf only if TLS 1.2 is compiled in
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-19 08:35:08 -04:00
894edde991
Add tls prf handling when there's no SHA256 or SHA384
...
Return a null prf function pointer and check for it when populating transform.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-19 08:35:08 -04:00
252283f2aa
Fix missing cipher mode dependencies
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-10-19 08:35:08 -04:00
078250eb56
Fix incorrect return style
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-10-18 18:11:13 +01:00
178ec96c89
Remove unnecessary NULL assignments
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-10-18 18:09:30 +01:00
11307a1933
Clarify wording on allocation
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2022-10-17 18:10:23 +01:00
8874cd570e
Merge pull request #4826 from RcColes/development
...
Add LMS implementation
2022-10-14 18:33:01 +02:00
dcd1717f5f
Forbid aliasing outputs
...
Aliasing between two outputs is hardly ever useful.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-10-14 17:15:21 +02:00
4086de667d
Fix documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2022-10-14 16:29:42 +02:00
b3c30907d6
Merge pull request #6383 from mprse/aead_driver_test
...
Enable testing of AEAD drivers with libtestdriver1
2022-10-14 11:11:01 +02:00
1951259a10
Update how lms.c imports platform.h
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 16:47:13 +01:00
49e4184812
Merge pull request #6299 from xkqian/tls13_add_servername_check
...
Add server name check when proposing pre-share key
2022-10-13 16:00:59 +02:00
cbd02adc6e
Simplify LMS context freeing
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:30:32 +01:00
45c4ff93c9
Fix windows requiring explicit cast in LMS calloc
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:30:14 +01:00
142e577c34
Add extra zeroization to LMS and LMOTS
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:30:03 +01:00
9fc303a99a
Add extra LMOTS import negative tests
...
And fix failures that are related to the new tests
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:30:01 +01:00
4829459c90
Validate LMOTS sig length before parsing type
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:47 +01:00
285d44b180
Capitalize "Merkle" in LMS and LMOTS code
...
As it is a proper noun
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:43 +01:00
faf59babe8
Make LMS verification return VERIFY_FAILED more
...
To align with PSA error code rules on when VERIFY_FAILED is returned vs
INVALID_ARGUMENT
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:42 +01:00
fbd60ec775
Change LMS and LMOTS init functions to use memset
...
Instead of zeroize
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:40 +01:00
9b0daf60fb
Improve LMS private function warning
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:38 +01:00
f6cb5a4826
Fix LMS return statements having incorrect style
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:35 +01:00
75b4c7790e
Fix LMS internal function documentation
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:34 +01:00
d48f7e90bb
Allocate LMS C_RANDOM_VALUE as hash size
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:32 +01:00
1fb2f32ef5
Check LMS offsets are sane at runtime
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:31 +01:00
e34e3c0e59
Remove unneeded cast in LMS calloc
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:30 +01:00
370cc43630
Make LMS public key export part of public key api
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:28 +01:00
e89488debf
Fix bug in LMS public key loading
...
To avoid using the type before it is parsed from the signature
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:27 +01:00
3f6cdd7aab
Fix LMS not checking RNG function return value
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:24 +01:00
02cf8234b4
Fix ots sig length check in LMS validate function
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:22 +01:00
f36874a535
Fix error type of lms_import_public_key
...
Was returning an incorrect error when bad public key sizes were input
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:21 +01:00
dc8fb79e09
Simplify LMS private key generation error handling
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:20 +01:00
be3bdd8240
Rename LMS and LMOTS init/free functions
...
To match convention
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:18 +01:00
29117d2e4e
Update LMS PSA error conversion
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:17 +01:00
be0c2f9183
Update LMS local variable allocation
...
To use a default failure value, and to avoid a call to
psa_hash_operation_init()
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:15 +01:00
2ac352a322
Make LMS functions args const where required
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:14 +01:00
5127e859d7
Update LMS and LMOTS dependency macros
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:11 +01:00
56fe20a473
Move MBEDTLS_PRIVATE required defines into lms.h
...
From lmots.h, as it is a private header
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:10 +01:00
ab300f15e8
Move public header content from lmots.h to lms.h
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:08 +01:00
0b7da1b787
Fix overflow in LMS context init
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:03 +01:00
57d5328ad5
Remove MBEDTLS_LM(OT)S prefix from internal macros
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:29:00 +01:00
ad05425ab7
Update naming of internal LMS functions
...
To comply with the mbedtls_ requirement
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:28:59 +01:00
40158e11fc
Add LMOTS test hook to header
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:28:58 +01:00
3982040232
Fix LMS zeroization using wrong sizeof type
...
Causing a buffer write out of bounds
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:28:55 +01:00
98d6e22050
Remove doxygen markup from internal LMS functions
...
Signed-off-by: Raef Coles <raef.coles@arm.com >
2022-10-13 14:28:54 +01:00
