Commit Graph

136 Commits

Author SHA1 Message Date
Andrzej Kurek
1175044156
Merge enc/dec cipher contexts in ssl transforms
Store the raw encryption and decryption keys in transforms
to set them before each cipher operation. Add a config option
for this - MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-09-17 23:51:58 +02:00
Andrzej Kurek
9539f831b2
Swap out CRC calculation in AES in favour of a simple hash
XOR the key bytes upon setting and re-check hash during each use.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-10 20:46:48 -04:00
Andrzej Kurek
fba5921186
aes: validate keys using crc before encryption/decryption
CRC is calculated when the key is set. This commit also adds new tests
for ecb encryption and decryption, simulating a fault injection after the key is set.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-08 19:06:44 -04:00
Andrzej Kurek
9df2b416b9
Add a CRC module to mbedtls and baremetal config
Add a new CRC module along with some tests for it.
The table and the CRC function body is generated using pycrc v0.9.2. 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-08-08 02:10:52 -04:00
Shelly Liberman
c6a7e6b0c4 Enhancement fixes
Co-authored-by: Andrzej Kurek <andrzej.kurek@arm.com>
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-08-05 15:40:15 +03:00
shelib01
4062d6ca68 Add user pointer and data size duplication to ssl context.
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-08-05 15:01:05 +03:00
Simon Butcher
282911eabf Merge remote-tracking branch 'public/pr/2978' into baremetal 2020-01-08 18:14:21 +00:00
Arto Kinnunen
0a8f87f5eb Remove entropy source overwrite in baremetal_test
-Do not overwrite MBEDTLS_ENTROPY_MAX_SOURCES in baremetal_test.h
-Skip tests that are not suitable for low number of entropy sources
2020-01-07 14:48:33 +02:00
Arto Kinnunen
be1bb06acd Enable AES countermeasures in baremetal config
Enable AES countermeasures in baremetal configuration.
2019-12-10 14:54:43 +02:00
Jarno Lamsa
5b944b5793 define MBEDTLS_FS_IO
This is needed for the tests using certificate-files.
2019-10-30 10:34:54 +02:00
Simon Butcher
9d36fa16f8 Merge remote-tracking branch 'public/pr/2891' into baremetal 2019-10-29 15:25:26 +00:00
Simon Butcher
a85b3e4dde Merge remote-tracking branch 'public/pr/2890' into baremetal 2019-10-29 14:41:13 +00:00
Teppo Järvelin
99082aeac7 Fixed CI tests by overriding value MBEDTLS_ENTROPY_MAX_SOURCES
Override define MBEDTLS_ENTROPY_MAX_SOURCES from 1 to 3 in baremetal_test.h

mbedtls_entropy_init adds 2 sources already so max must be 3 so that
one source can be added with mbedtls_entropy_add_source.
2019-10-24 15:03:33 +03:00
Arto Kinnunen
1480444e8e Add config option for AES encryption only
-Add config option for AES encyption only to config.h. Feature is
 disabled by default.
-Enable AES encrypt only feature in baremetal.h configuration
-Remove AES encypt only feature from full config
2019-10-24 12:19:33 +03:00
Arto Kinnunen
77b9cfcea9 AES: add config option for 128-bit keys
Add configuration options to support only 128-bit key lengths in AES
calculation.
2019-10-24 09:49:23 +03:00
Hanno Becker
ead3aae8d9 Reduce number of entropy sources to 1 in baremetal configuration 2019-10-10 11:47:28 +03:00
Manuel Pégourié-Gonnard
1c1cc0d373 Add config.h option MBEDTLS_PK_SINGLE_HASH
No effect for now, just declaring it here, implemented in subsequent commits.

The option requires MBEDTLS_USE_TINYCRYPT and is incompatible with
MBEDTLS_PK_RSA_ALT_SUPPORT and MBEDTLS_RSA_C.

Currently users (including the X.509 and SSL libraries) assume that if both PK
and RSA are enabled, then RSA is available through PK. If we allowed RSA to be
enabled together with PK_SINGLE_TYPE, we'd break that assumption. Going
through the code to find all place that rely on that assumption and fix them
would be cumbersome, and people who want PK_SINGLE_TYPE are unlikely to care
about RSA anyway, so let's just make them incompatible.

This is also consistent with what's done in the MD module: MD_SINGLE_HASH
requires that exactly one hash be enabled.
2019-09-19 10:45:14 +02:00
Simon Butcher
88b535a47e Merge remote-tracking branch 'origin/pr/654' into baremetal 2019-09-10 14:54:28 +01:00
Simon Butcher
303d399f42 Merge remote-tracking branch 'origin/pr/609' into baremetal 2019-09-10 14:50:04 +01:00
Hanno Becker
9ec3fe0d43 Introduce configuration option to remove CRT verification callbacks 2019-09-09 09:55:31 +01:00
Hanno Becker
d806d9da89 Use SHA-256 as single hardcoded hash in baremetal configuration 2019-09-09 09:45:57 +01:00
Manuel Pégourié-Gonnard
81ed9fb277 Exclude SHA-224 from some reduced config examples
Besides the value as an example, this is usefull for testing the option, via
test-ref-configs.pl (which is included in all.sh).
2019-09-09 10:21:30 +02:00
Manuel Pégourié-Gonnard
e06cc3109c Add MBEDTLS_SHA256_NO_SHA224 to baremetal.h 2019-09-09 10:21:30 +02:00
Simon Butcher
2da461e657 Merge remote-tracking branch 'origin/pr/655' into baremetal 2019-09-07 12:35:54 +01:00
Hanno Becker
d016e44e3c Baremetal config: Remove deprecated functions
This doesn't make a difference after link time optimization
because they aren't used, but it yields more accurate code-size
figures from baremetal.sh.
2019-09-05 13:37:03 +01:00
Hanno Becker
fceba69c25 Baremetal config: Remove MBEDTLS_SSL_TICKETS_C
This doesn't make a difference after link time optimization because
tickets aren't used, but it yields more accurate code-size figures
from baremetal.sh.
2019-09-05 13:36:49 +01:00
Hanno Becker
96d34d57ec TinyCrypt PK Wrap: Remove dependency on ASN.1 writing
The TinyCrypt PK signature wrapper uses ASN.1 writing functions
for length and tag, accounting for the only dependency of the
baremetal build on ASN.1 writing.

Since all lengths to be encoded are below 128 Bytes and are hence
ASN.1 encoded as single Bytes, the dependency on ASN.1 writing can
be removed at low complexity by writing the length and tags directly.
2019-09-04 16:19:49 +01:00
Hanno Becker
a007e0db47 baremetal.h: Use TinyCrypt curve identifier 2019-09-04 16:19:49 +01:00
Hanno Becker
b251e01a0f Remove legacy ECC from baremetal.h 2019-09-04 16:19:49 +01:00
Hanno Becker
bd52604f9a Remove PK and CSR writing functionality from baremetal.h 2019-09-04 16:19:49 +01:00
Hanno Becker
801de73ad6 Remove CTR DRBG from baremetal test configuration 2019-09-03 08:59:36 +01:00
Manuel Pégourié-Gonnard
d6fba18328
Merge pull request #643 from hanno-arm/secp256r1-baremetal
[Baremetal] Add Secp256r1 test certificates
2019-09-02 08:49:20 +02:00
Teppo Järvelin
4009d8f377 Make function mbedtls_ssl_set_hostname(...) as optional
Now function mbedtls_ssl_set_hostname is compile-time configurable
in config.h with define MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION.
This affects to many x509 API's. See config.h for details.
2019-08-27 10:47:08 +03:00
Hanno Becker
e7124b557d Remove Secp384r1 from baremetal_test config
Previously, configs/baremetal_test.h added MBEDTLS_ECP_DP_SECP384R1_ENABLED
because we didn't have sufficient test certificates using Secp256r1. Now that
these test certificates have been added, we can successfully run
ssl_client2 and ssl_server2 with just Secp256r1 enabled.
2019-08-23 11:33:20 +01:00
Hanno Becker
cdce332d8c Remove MBEDTLS_ECDH_C from baremetal configuration
Baremetal uses the tinyCrypt implementation of ECDHE.
2019-08-12 18:01:47 +01:00
Hanno Becker
c6c0fe6c5f Add MBEDTLS_USE_TINYCRYPT to baremetal configuration 2019-08-12 17:05:38 +01:00
Hanno Becker
572d448ab2 Enforce NULL context for hardcoded RNG 2019-08-12 17:05:03 +01:00
Manuel Pégourié-Gonnard
7c575d29dc
Merge pull request #605 from ARMmbed/x509_ondemand_remove_unneeded_fields
[Baremetal] Allow removal of unneeded fields in X.509 CRT structures
2019-07-29 11:58:58 +02:00
Hanno Becker
56595f4f7b Allow hardcoding single signature hash at compile-time
This commit introduces the option MBEDTLS_SSL_CONF_SINGLE_HASH
which can be used to register a single supported signature hash
algorithm at compile time. It replaces the runtime configuration
API mbedtls_ssl_conf_sig_hashes() which allows to register a _list_
of supported signature hash algorithms.

In contrast to other options used to hardcode configuration options,
MBEDTLS_SSL_CONF_SINGLE_HASH isn't a numeric option, but instead it's
only relevant if it's defined or not. To actually set the single
supported hash algorithm that should be supported, numeric options

MBEDTLS_SSL_CONF_SINGLE_HASH_TLS_ID
MBEDTLS_SSL_CONF_SINGLE_HASH_MD_ID

must both be defined and provide the TLS ID and the Mbed TLS internal
ID and the chosen hash algorithm, respectively.
2019-07-17 10:19:27 +01:00
Simon Butcher
feb1cee36e Merge remote-tracking branch 'origin/pr/602' into baremetal 2019-07-15 19:24:11 +01:00
Hanno Becker
c1096e7514 Allow hardcoding single supported elliptic curve
This commit introduces the option MBEDTLS_SSL_CONF_SINGLE_EC
which can be used to register a single supported elliptic curve
at compile time. It replaces the runtime configuration API
mbedtls_ssl_conf_curves() which allows to register a _list_
of supported elliptic curves.

In contrast to other options used to hardcode configuration options,
MBEDTLS_SSL_CONF_SINGLE_EC isn't a numeric option, but instead it's
only relevant if it's defined or not. To actually set the single
elliptic curve that should be supported, numeric options

MBEDTLS_SSL_CONF_SINGLE_EC_TLS_ID
MBEDTLS_SSL_CONF_SINGLE_EC_GRP_ID

must both be defined and provide the TLS ID and the Mbed TLS internal
ID and the chosen curve, respectively.
2019-07-12 15:25:03 +01:00
Hanno Becker
e965bd397e Allow hardcoding of min/max minor/major SSL version at compile-time
This commit introduces the numeric compile-time constants

- MBEDTLS_SSL_CONF_MIN_MINOR_VER
- MBEDTLS_SSL_CONF_MAX_MINOR_VER
- MBEDTLS_SSL_CONF_MIN_MAJOR_VER
- MBEDTLS_SSL_CONF_MAX_MAJOR_VER

which, when defined, overwrite the runtime configurable fields
mbedtls_ssl_config::min_major_ver etc. in the SSL configuration.

As for the preceding case of the ExtendedMasterSecret configuration,
it also introduces and puts to use getter functions for these variables
which evaluate to either a field access or the macro value, maintaining
readability of the code.

The runtime configuration API mbedtls_ssl_conf_{min|max}_version()
is kept for now but has no effect if MBEDTLS_SSL_CONF_XXX are set.
This is likely to be changed in a later commit but deliberately omitted
for now, in order to be able to study code-size benefits earlier in the
process.
2019-07-12 15:14:51 +01:00
Hanno Becker
73f4cb126d Rename XXX_SINGLE_CIPHERSUITE -> XXX_CONF_SINGLE_CIPHERSUITE
This is in line with the other configurations options used
to hardcoded aspects of the SSL configuration.
2019-07-08 11:23:24 +01:00
Hanno Becker
6ace4657b6 Remove ciphersuite from SSL config if single suite hardcoded
If MBEDTLS_SSL_SINGLE_CIPHERSUITE is enabled, it overwrites
the runtime configuration of supported ciphersuites, which
includes both the configuration API and the fields which are
used to store the configuration. Both are therefore no longer
needed and should be removed for the benefit of code-size,
memory usage, and API clarity (no accidental hiccup of runtime
vs. compile-time configuration possible).

The configuration API mbedtls_ssl_conf_ciphersuites() has
already been removed in case MBEDTLS_SSL_SINGLE_CIPHERSUITE,
and this commit removes the field

  mbedtls_ssl_config::ciphersuite_list

which it updates.
2019-07-08 11:23:24 +01:00
Hanno Becker
5cce936e62 Add compile-time option to hardcode choice of single ciphersuite 2019-07-08 11:17:53 +01:00
Hanno Becker
d07614c529 Introduce MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID removing IDs 2019-07-04 14:04:03 +01:00
Hanno Becker
843b71a1df Introduce MBEDTLS_X509_CRT_REMOVE_TIME removing time fields from CRT 2019-07-04 14:04:03 +01:00
Hanno Becker
0ae6b244c8 Allow compile-time configuration of timer callbacks
Introduces
- MBEDTLS_SSL_CONF_SET_TIMER
- MBEDTLS_SSL_CONF_GET_TIMER
which allows to configure timer callbacks at compile-time.

Impact on code-size:

|  | GCC 8.2.1 | ARMC5 5.06 | ARMC6 6.12 |
| --- | --- | --- | --- |
| `libmbedtls.a` before | 23379 | 23981 | 26941 |
| `libmbedtls.a` after | 23351 | 23953 | 26869 |
| gain in Bytes | 28 | 28 | 72 |
2019-07-04 10:29:44 +01:00
Hanno Becker
a58a896172 Allow compile-time configuration of I/O function pointers
Introduce the compile-time options
- MBEDTLS_SSL_CONF_RECV
- MBEDTLS_SSL_CONF_SEND
- MBEDTLS_SSL_CONF_RECV_TIMEOUT
which can be used to configure the callbacks for the underlying
transport at compile-time.

Code-size impact:

|  | GCC 8.2.1 | ARMC5 5.06 | ARMC6 6.12 |
| --- | --- | --- | --- |
| `libmbedtls.a` before | 23471 | 24077 | 27045 |
| `libmbedtls.a` before | 23379 | 23981 | 26941 |
| gain in Bytes | 92 | 96 | 104 |
2019-07-04 10:28:55 +01:00
Hanno Becker
ece325c8dd Allow compile-time configuration of PRNG in SSL module
Introduces MBEDTLS_SSL_CONF_RNG to allow configuring the
RNG to be used by the SSL module at compile-time.

Impact on code-size:

|  | GCC 8.2.1 | ARMC5 5.06 | ARMC6 6.12 |
| --- | --- | --- | --- |
| `libmbedtls.a` before | 23535 | 24089 | 27103 |
| `libmbedtls.a` after | 23471 | 24077 | 27045 |
| gain in Bytes | 64 | 12 | 58 |
2019-07-04 10:27:41 +01:00