Step 2/x in moving the driver. Separate commits should make for easier
review.
Additional changes on top of code movement:
* Early-return success on input with zero-length to mac_update, to
avoid NULL pointers getting passed into the driver dispatch
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Step 1/x in moving the driver. Separate commits should make for easier
review.
Additional changes on top of just moving code:
* Added a sanity check on the key buffer size for CMAC.
* Transfered responsibility for resetting the core members of the
PSA MAC operation structure back to the core (from the driver
wrapper layer)
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This is a temporary measure. Other operations in the PSA Core which rely
on this internal HMAC API should be rewritten to use the MAC API instead,
since they can then leverage accelerated HMAC should a platform provide
such acceleration support.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Zephyr's native posix port define _POSIX_C_SOURCE with a higher value
during the build, so when mbedTLS defines it with a different value
breaks the build.
As Zephyr is already defining a higher value is guaranteed that mbedTLS
required features will be available. So, just define it in case it was
not defined before.
[taken from Zephyr mbedtls module:
76dcd6eeca]
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Signed-off-by: David Brown <david.brown@linaro.org>
Move the key buffer size calculation code under
tests to avoid check-names.sh to complain about
"likely macros with typos".
This removes the calculation of key buffer
sizes for the test driver from the wrapper based on
static size data. But the code is still there in test
code to be used when we go back to work on the
generation of the driver wrapper.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Handling the receipt of a handshake record after the initial handshake
requires non-trivial logic depending on the protocol version and the
endpoint. This logic is currently embedded in mbedtls_ssl_read().
With the introduction of support for [D]TLS 1.3, the logic will become
even more complex, since [D]TLS 1.3 drops support for renegotiation --
which in [D]TLS 1.2 is the main purpose of post-handshake handshake
messages -- but instead introduces numerous other post-handshake
handshake messages.
In order to pave the way for those changes, this commit improves
readability and maintainability of mbedtls_ssl_read() by moving
the TLS <=1.2 logic for handling post-handshake handshake messages
into a separate helper function ssl_handle_hs_message_post_handshake().
The logic of the code is entirely unchanged.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
The server-side `Certificate` handshake message writer checks
whether a certificate is present, and if not fails with:
```
MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED
```
This should never happen, since the library checks the presence
of a suitable certificate before picking a ciphersuite. It is
therefore more suitable to convert this check into an assertion,
and fail with MBEDTLS_ERR_SSL_INTERNAL_ERROR upon failure.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This commit removes the unused error code
```
MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH
```
from the public API for Mbed TLS 3.0.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
The error code MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH is only
returned from the internal function
```
mbedtls_ssl_set_calc_verify_md()
```
Moreover, at every call-site of this function, it is only
checked whether the return value is 0 or not, while the
exact return value is irrelevant.
The behavior the library is therefore unchanged if we return 1
instead of MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH in
`mbedtls_ssl_set_calc_verify_md()`. This commit makes this change.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This error is used when the output buffer isn't large enough
to hold our own certificate.
In the interest of cleaning up the error space for 3.0, this commit
removes MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE and replaces its single
use by MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
The SSL error code MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED is unused.
Remove it for Mbed TLS 3.0.
The code being unused comes as a surprise, at is seems to be
reasonable to report it to the user upon peer CRT verification
failure. However, this study (can potentially re-introduction
of the code) can be left for 3.x, while the error code removal
can only happen in 3.0.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
The SSL error code MBEDTLS_ERR_SSL_UNKNOWN_CIPHER is unused.
Remove it for Mbed TLS 3.0 and leave a comment indicating the
gap in the error code space it creates.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
pk_get_pk_alg will either return 0 or a pk error code. This means that
the error code will always be a high level module ID and so we just
return ret.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
Although SHA512 is currently required to enable SHA384, this
is expected to change in the future. This commit is an
intermediate step towards fully separating SHA384 and SHA512.
check_config is the only module which enforces that SHA512 is
enabled together with SHA384.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
The new compile-time option MBEDTLS_X509_REMOVE_INFO removes various
X.509 debugging strings and functionality, including
```
mbedtls_x509_crt_verify_info()
```
which ssl_client2.c and ssl_server2.c use to print human readable
descriptions of X.509 verification failure conditions. Those
conditions are also grepped for in numerous ssl-opt.sh tests.
Instead of disabling those tests if MBEDTLS_X509_REMOVE_INFO is set,
this commit essentially moves mbedtls_x509_crt_verify_info() to
ssl_client2.c and ssl_server2.c. However, instead of just copy-pasting
the code from x509_crt.c, the following approach is used:
A macro MBEDTLS_X509_CRT_ERROR_INFO_LIST is introduced which for each
verification failure condition invokes a user-defined macro X509_CRT_ERROR_INFO
with (a) the numerical error code, (b) the string presentation of the
corresponding error macro, (c) the info string for the error condition.
This macro can thus be used to generate code which somehow iterates over
the verifiation failure conditions, but the list of error conditions and
information strings is nowhere duplicated.
This is then used to re-implement mbedtls_x509_crt_verify_info() in
x509_crt.c and to provide a functionally equivalent (yet slightly different)
version in ssl_client2.c and ssl_server2.c in case MBEDTLS_X509_REMOVE_INFO
is set.
This way, little changes to ssl-opt.sh will be necessary in case
MBEDTLS_X509_REMOVE_INFO is set because the info strings for the
verification failure conditions will be printed regardless of whether
MBEDTLS_X509_REMOVE_INFO is set or not.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
The introduction of positive options to control the presence
of pre-existing functionality breaks the build for users of
handwritten configurations.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
Introduce MBEDTLS_X509_INFO to indicate the availability of the
mbedtls_x509_*_info() function and closely related APIs. When this is
not defined, also omit name and description from
mbedtls_oid_descriptor_t, and omit OID arrays, macros, and types that
are entirely unused. This saves several KB of code space.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
Signed-off-by: Chris Jones <christopher.jones@arm.com>
Add implementation for MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
Merging as it has been ready for four days now and I prefer not having to go through other rebases especially given the coming change of scope of development (3.0 rather than 2.2x).
Improve comments explaining error code checking, fix incorrect comments
and make a small formatting fix.
Signed-off-by: Chris Jones <christopher.jones@arm.com>
