7866 Commits

Author	SHA1	Message	Date
Hanno Becker	30319f1f88	Remove misplaced comment in TLS 1.3 ciphersuite definitions ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-12 06:31:14 +01:00
Hanno Becker	71f1ed66c2	Add identifiers and API for configuration of TLS 1.3 key exchanges ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-12 06:28:45 +01:00
Hanno Becker	e2defad0bb	Fix indentation of pre-existing code-block in ssl_tls.c ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-12 06:28:45 +01:00
Hanno Becker	8ca26923eb	Add TLS 1.3 ciphersuites ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-12 06:28:45 +01:00
Hanno Becker	e043d15d75	Turn comments of 1.3 record transforms into Doxygen documentation ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-12 06:22:52 +01:00
Dave Rodgman	2aec149e13	Merge pull request #4248 from hanno-arm/tls13_populate_transform ... Fix and test compliance of TLS 1.3 record protection	2021-08-11 16:41:51 +01:00
gabor-mezei-arm	d112534585	Add a new file for constant-time functions ... Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>	2021-08-11 15:35:28 +02:00
Hanno Becker	deb68ce2d1	Fix guard around TLS 1.3 SigAlg configuration ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-10 16:04:05 +01:00
Hanno Becker	9c6aa7bb9a	Add default values for TLS 1.3 SigAlg configuration ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-10 13:55:49 +01:00
Hanno Becker	1cd6e0021f	Add experimental API for configuration of TLS 1.3 sig algs ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-10 13:55:43 +01:00
Mateusz Starzyk	2f1754916c	Improve comment on local_output. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 14:00:14 +02:00
Mateusz Starzyk	b73c3ec1bc	Restore MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED as default ret. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 14:00:14 +02:00
Mateusz Starzyk	62d22f9782	Use additional state in CCM to track auth data input. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 14:00:14 +02:00
Mateusz Starzyk	4f2dd8aada	Fix errors returned by CCM functions. ... Add new error code for calling functions in wrong order. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 14:00:14 +02:00
Mateusz Starzyk	f337850738	Use const size buffer for local output in CCM decryption. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:59:36 +02:00
Mateusz Starzyk	c562788068	Fix local buffer allocation conditions. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	c8bdf36a72	Validate tag pointer in ccm function. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	1bda9451ef	Factor out common code from ccm decrypt functions. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	eb395c00c9	Move 'Authenticated decryption' comment. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	22f7a35ca4	Do not use output buffer for internal XOR during decryption. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:58:39 +02:00
Mateusz Starzyk	36d3b89c84	Verify input data lengths. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	2d5652acee	Move ccm error state handling. ... Remove error clearing from ccm_starts() and ccm_set_lengths(). Add error check in ccm_update_ad(), ccm_update() and ccm_finish(). Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	5d97601e81	Remove ccm input validation. ... VALIDATE and VALIDATE_RET macros are obsolete. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	ca9dc8d1d7	Rename ccm_calculate_first_block function. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	c52220d775	Clear temporary buffer after block crypt operation. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	a9cbdfbb34	Replace ccm status flags with bitshifts. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	663055f784	Remove UPDATE_CBC macro and working b buffer. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	20bac2fbe4	Fix chunked ccm update. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	05e92d67bb	Fix crypt mode configuration. Validate parameters in chunked input functions. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	6a15bcf61b	Add support for chunked plaintext/cyphertext input. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	2ad7d8e1ff	Replace CCM_CRYPT macro with a more versatile static function. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	33392450b7	Add chunked auth data support ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	eb2ca96d69	Store set lenghts in ccm context. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	88c4d624f8	Clear context state if previous operation failed. ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	793692cbcb	Split ccm_auth function. ... Move logic to ccm_starts, ccm_set_lengths, ccm_update_ad, ccm_update and ccm_finish Use separate variable to track context state. Encode first block only if both mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() were called. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Mateusz Starzyk	89d469cdb4	Move working variables to ccm context structure ... Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-08-10 13:56:37 +02:00
Hanno Becker	3aa186f946	Add transforms to be used for TLS 1.3 ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-10 09:24:19 +01:00
Jerry Yu	b9930e7d70	Add dummy tls1.3 handshake dispatch functions ... Base on version config, `handshack_{clinet,server}_step` will call different step function. TLS1.3 features will be gradully added base on it. And a new test cases is added to make sure it reports `feature is not available`. Change-Id: I4f0e36cb610f5aa59f97910fb8204bfbf2825949 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-08-10 13:34:32 +08:00
Jerry Yu	3cc4c2a506	Add dummy ssl_tls13_{client,server}.c ... Change-Id: Ic1cd1d55b097f5a31c9f48e9d55733d75ab49982 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-08-10 13:34:32 +08:00
Jerry Yu	60835a88c3	Add config check utils functions ... Check configuration parameter in structure setup function to make sure the config data is available and valid. Current implementation checks the version config. Available version configs are - tls1_3 only - tls1_2 only issues: #4844 Change-Id: Ia762bd3d817440ae130b45f19b80a2868afae924 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2021-08-10 13:34:32 +08:00
Hanno Becker	41934dd20a	Share preparatory code between client and server handshake steps ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-07 19:13:43 +01:00
Hanno Becker	f3cce8b0e1	Add handshake message writing variant that doesn't update checksum ... The helper `mbedtls_ssl_write_handshake_msg` writes a handshake message and updates the handshake transcript. With TLS 1.3, we need finer control over the checksum: updating at message granularity is not sufficient. To allow for manual maintenance of the checksum in those cases, refine `mbedtls_ssl_write_handshake_msg()` into `mbedtls_ssl_write_handshake_msg_ext()` which takes a parameter determining whether the checksum should be updated. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-07 14:29:49 +01:00
Hanno Becker	b0302c4c7b	Move messaging related session reset into separate helper function ... - Improves readability - Will be useful when we introduce MPS as an alternative msg layer. - Will be useful when we need to reset the messaging layer upon receipt of a HelloRetryRequest in TLS 1.3. Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-03 09:41:34 +01:00
Gilles Peskine	8bb9b80d18	Merge pull request #4806 from hanno-arm/ssl_session_serialization_version ... Store TLS version in SSL session structure	2021-08-02 12:45:55 +02:00
Hanno Becker	fa0d61e559	Fix typo ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-02 08:56:14 +01:00
Hanno Becker	dfba065d80	Adjust ssl_tls13_keys.c to consolidated CID/1.3 padding granularity ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-02 04:54:03 +01:00
Hanno Becker	c0da10dc3a	Remove TLS 1.3 specific code from TLS <= 1.2 transform generator ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-02 04:54:03 +01:00
Hanno Becker	f62a730e80	Add missing semicolon in TLS 1.3 transform generation code ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-02 04:54:03 +01:00
Hanno Becker	edd5bf0a95	Fix and document minimum length of record ciphertext in TLS 1.3 ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-02 04:54:03 +01:00
Hanno Becker	7887a77c25	Match parameter check in TLS 1.3 populate transform to 1.2 version ... Signed-off-by: Hanno Becker <hanno.becker@arm.com>	2021-08-02 04:54:03 +01:00