This algorithm replaces the pre-existing stream cipher algorithms.
The underlying stream cipher is determined by the key type.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
The driver interfaces described in crypto_accel_driver.h and
crypto_entropy_driver.h are no longer being worked on. We do not
intend to finish the design of these interfaces or to implement them
in Mbed TLS. They have been superseded by the unified driver
interface (docs/proposed/psa-driver-interface.md), which is being
actively worked on both to finalize the specification and to implement
it in Mbed TLS.
The partially implemented dynamic secure element interface is staying
for now.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
GCC 11 generated the warnings because the parameter `ret_buf`
was declared as `const char[10]`, but some of the arguments
provided in `run_test_snprintf` are shorter literals, like "".
Now the type of `ret_buf` is `const char *`.
Both implementations of `test_snprintf` were fixed.
Signed-off-by: Rodrigo Dias Correa <rodrigo@correas.us>
If the file is read correctly, but it contains data that isn't valid,
the crypto storage code returns PSA_ERROR_DATA_INVALID.
The PSA_ERROR_DATA_CORRUPT and PSA_ERROR_STORAGE_FAILURE error codes are
replaced with PSA_ERROR_DATA_INVALID, except in the ITS subsystem.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Allow the user to configure PSA to use HMAC_DRBG even if CTR_DRBG is
available, or to explicitly select the hash algorithm to use for
HMAC_DRBG, by setting MBEDTLS_PSA_HMAC_DRBG_MD_TYPE in config.h.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Create a configuration option for autonomous random drivers, i.e. PSA
crypto drivers that provide a random generator, that have their own
entropy source and do not support injecting entropy from another
source.
This commit only creates the configuration option. Subsequent commits
will add the implementation and tests.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In cmake version < 3.0, the SOURCES property on targets cannot be
modified after the target is defined. There are several instances in
the code that were using `target_properties()`, which is not available
in the older versions of cmake. Unfortunately, the workaround in #3801
(381c1078fc) assumes that this SOURCES property can be modified.
Work around this by building up any necessary sources before declaring
the target. This is more awkward, but needed to continue to be able to
support the old versions of cmake.
Fixes#3788.
Signed-off-by: David Brown <david.brown@linaro.org>
PSA and SSL programs are PSA clients thus should use
psa_key_id_t as the type for key identifiers, not
mbedtls_svc_key_id_t.
As a consequence, PSA, ssl_server2 and ssl_client2
programs cannot compile and must not be compiled if
MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is defined.
Thus, add MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
compilation guard to those programs.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Define psa_key_handle_t to be equal to
mbedtls_svc_key_id_t. Make the handle of a persistent
key be equal to its key identifier. For volatile keys,
make the key handle equal to the volatile key
identifier of the created volatile key.
The unit tests are modified just to make them compile
not to make them run successfully. They are fixed in
the subsequent commits.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
CMake versions less than 3.0 do not support the `target_sources`
command. In order to be able to support v2.8.12.2 of cmake, directly
set the SOURCES property instead of using the target_sources command.
A future patch could reverse this, if the project decides to forgo
support for cmake versions less than 3.0.
Fixes#3801
Signed-off-by: David Brown <david.brown@linaro.org>
Use the export keys functionality, to call the public API
`mbedtls_ssl_tls_prf()`, and remove the function
`mbedtls_ssl_get_dtls_srtp_key_material()`.
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
Fix compilation errors when `MBEDTLS_DTLS_SRTP` not set
1. Add file missed in previous commmit.
2. In sample applications, set `DFL_FORCE_SRTP_PROFILE` to 0.
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
1. Set correct mki from the `use_srtp` extension.
2. Use mki value received from the client as the mki used by server.
3. Use `mbedtls_ssl_dtls_srtp_set_mki_value()` as a client API only.
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
Add dtls-srtp to `ssl_client2` and `ssl_server2` examples,
for reference and for allowing in tests.
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
In `read_next_b64_code()`, the result of fgetc() is stored into a char,
but later compared against EOF, which is generally -1. On platforms
where char is unsigned, this generates a compiler warning/error that the
comparison will never be true (causing a build failure). The value will
never match, with the function ultimately bailing with a "Too many bad
symbols are detected" error.
On platforms with signed char, EOF is detected, but a file containing a
0xFF character will causes a premature end of file exit of the loop.
Fix this by changing the result to an int.
Fixes#3794.
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
Signed-off-by: David Brown <david.brown@linaro.org>
Allows required targets to have prefixes added to them, so that external
projects can avoid target names clashing.
Signed-off-by: Raef Coles <raef.coles@arm.com>
If MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED is defined, then the return value will be overridden by the extra code running after the removed return instruction.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
The extra code running after the removed return instruction should not generate any output. Only the read config value must be printed.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
Since the recent changes required the addition of a new definition
in mbedtls/config.h, we also need to update query_config.c to account
for the new MBEDTLS_PSA_CRYPTO_CONFIG setting.
Signed-off-by: John Durkop <john.durkop@fermatsoftware.com>
Python should not be required for the build when the no_test target is
used. This commit adds the generated file to the source tree and the
check-generated-files script, and removes the generation from (c)make.
Fixes#3524
Signed-off-by: Cameron Nemo <cnemo@tutanota.com>
Also adjusted the different makefiles accordingly.
Note: driver lifetime is currently statically defined in the header, but
this will be replaced in the future based on autogeneration of lifetime
values by a script (TBD)
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
With PSA crypto v1.0.0, a volatile key identifier may
contain a owner identifier but no file is associated
to it. Thus rename the type psa_key_file_id_t to
mbedtls_svc_key_id_t to avoid a direct link with a
file when a key identifier involves an owner
identifier.
The new type name is prefixed by mbedtls to highlight
that the type is specific to Mbed TLS implementation
and not defined in the PSA Cryptography API
specification.
The svc in the type name stands for service as this
is the key identifier type from the point of view of
the service providing the Cryptography services.
The service can be completely provided by the present
library or partially in case of a multi-client service.
As a consequence rename as well:
. MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER to
MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
. PSA_KEY_ID_INIT to MBEDTLS_SVC_KEY_ID_INIT
. PSA_KEY_FILE_GET_KEY_ID to MBEDTLS_SVC_KEY_ID_GET_KEY_ID
. psa_key_file_id_make to mbedtls_svc_key_id_make
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
I might be wrong, but lcc's optimizer is curious about this,
and I am too: shouldn't we free allocated stuff correctly
before exiting `dh_genprime` in this certain point of code?
Signed-off-by: makise-homura <akemi_homura@kurisa.ch>
Discover hash algorithms automatically rather than hard-coding a list,
as was previously done in cert_write.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
* development:
Update copyright notices to use Linux Foundation guidance
Undef ASSERT before defining it to ensure that no previous definition has sneaked in through included files.
Add ChangeLog entry for X.509 CN-type vulnerability
Improve documentation of cn in x509_crt_verify()
Fix comparison between different name types
Add test: DNS names should not match IP addresses
Remove obsolete buildbot reference in compat.sh
Fix misuse of printf in shell script
Fix added proxy command when IPv6 is used
Simplify test syntax
Fix logic error in setting client port
ssl-opt.sh: include test name in log files
ssl-opt.sh: remove old buildbot-specific condition
ssl-opt.sh: add proxy to all DTLS tests
Signed-off-by: Dan Handley <dan.handley@arm.com>
Currently the new component in all.sh fails because
mbedtls_ssl_cf_memcpy_offset() is not actually constant flow - this is on
purpose to be able to verify that the new test works.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
As a result, the copyright of contributors other than Arm is now
acknowledged, and the years of publishing are no longer tracked in the
source files.
Also remove the now-redundant lines declaring that the files are part of
MbedTLS.
This commit was generated using the following script:
# ========================
#!/bin/sh
# Find files
find '(' -path './.git' -o -path './3rdparty' ')' -prune -o -type f -print | xargs sed -bi '
# Replace copyright attribution line
s/Copyright.*Arm.*/Copyright The Mbed TLS Contributors/I
# Remove redundant declaration and the preceding line
$!N
/This file is part of Mbed TLS/Id
P
D
'
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
The example application programs/ssl/ssl_client2 allows the
configuration of a client CRT through the parameters
- crt_file, key_file
However, password protected key files are not supported.
This commit adds a new command line option
- key_pwd
which allow to specify a password for the key file specified
in the key_file parameter.
The example application programs/ssl/ssl_server2 allows the
configuration of up to two CRTs through the command line
parameters
- crt_file, key_file
- crt_file2, key_file2.
However, password protected key files are not supported.
This commit adds command line options
- key_pwd
- key_pwd2
which allow to specify passwords for the key files specified
in key_file and key_file2, respectively.
This option allows to test the constant-flow nature of selected code, using
MemSan and the fundamental observation behind ctgrind that the set of
operations allowed on undefined memory by dynamic analysers is the same as the
set of operations allowed on secret data to avoid leaking it to a local
attacker via side channels, namely, any operation except branching and
dereferencing.
(This isn't the full story, as on some CPUs some instructions have variable
execution depending on the inputs, most notably division and on some cores
multiplication. However, testing that no branch or memory access depends on
secret data is already a good start.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Rename PSA_DH_GROUP_xxx to PSA_DH_FAMILY_xxx, also rename
PSA_KEY_TYPE_GET_GROUP to PSA_KEY_TYPE_DH_GET_FAMILY and rename
psa_dh_group_t to psa_dh_family_t. Old defines are provided in
include/crypto_compat.h for backward compatibility.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Rename PSA_ECC_CURVE_xxx to PSA_ECC_FAMILY_xxx, also rename
PSA_KEY_TYPE_GET_CURVE to PSA_KEY_TYPE_ECC_GET_FAMILY and rename
psa_ecc_curve_t to psa_ecc_family_t. Old defines are provided in
include/crypto_compat.h for backward compatibility.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This makes the implementation of mbedtls_param_failed()
for testing purpose available to programs. Thus removing
the ad-hoc implementations in programs.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Use list of executables to:
- factorize the code to define executables
- highlight the similarities and differences of the executable definitions
- avoid list duplication
Use alphabetic order for executables in lists.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The path to source files were relative which triggered
warnings when generating the build system.
Move to absolute paths based on CMAKE_CURRENT_SOURCE_DIR.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Also normalize the first line of the copyright headers.
This commit was generated using the following script:
# ========================
#!/bin/sh
# Find scripts
find -path './.git' -prune -o '(' -name '*.c' -o -name '*.cpp' -o -name '*.fmt' -o -name '*.h' ')' -print | xargs sed -i '
# Normalize the first line of the copyright headers (no text on the first line of a block comment)
/^\/\*.*Copyright.*Arm/I {
i\
/*
s/^\// /
}
/Copyright.*Arm/I {
# Print copyright declaration
p
# Read the two lines immediately following the copyright declaration
N
N
# Insert Apache header if it is missing
/SPDX/! i\
* SPDX-License-Identifier: Apache-2.0\
*\
* Licensed under the Apache License, Version 2.0 (the "License"); you may\
* not use this file except in compliance with the License.\
* You may obtain a copy of the License at\
*\
* http://www.apache.org/licenses/LICENSE-2.0\
*\
* Unless required by applicable law or agreed to in writing, software\
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT\
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\
* See the License for the specific language governing permissions and\
* limitations under the License.
# Clear copyright declaration from buffer
D
}
'
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
This commit was generated using the following script:
# ========================
#!/bin/sh
# Find scripts
find -path './.git' -prune -o '(' -name '*.gdb' -o -name '*.pl' -o -name '*.py' -o -name '*.sh' ')' -print | xargs sed -i '
# Remove Mbed TLS declaration if it occurs before the copyright line
1,/Copyright.*Arm/I {
/This file is part of/,$ {
/Copyright.*Arm/I! d
}
}
# Convert non-standard header in scripts/abi_check.py to the format used in the other scripts
/"""/,/"""/ {
# Cut copyright declaration
/Copyright.*Arm/I {
h
N
d
}
# Paste copyright declaration
/"""/ {
x
/./ {
s/^/# / # Add #
x # Replace orignal buffer with Copyright declaration
p # Print original buffer, insert newline
i\
s/.*// # Clear original buffer
}
x
}
}
/Copyright.*Arm/I {
# Print copyright declaration
p
# Read the two lines immediately following the copyright declaration
N
N
# Insert Apache header if it is missing
/SPDX/! {
i\
# SPDX-License-Identifier: Apache-2.0\
#\
# Licensed under the Apache License, Version 2.0 (the "License"); you may\
# not use this file except in compliance with the License.\
# You may obtain a copy of the License at\
#\
# http://www.apache.org/licenses/LICENSE-2.0\
#\
# Unless required by applicable law or agreed to in writing, software\
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT\
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\
# See the License for the specific language governing permissions and\
# limitations under the License.
# Insert Mbed TLS declaration if it is missing
/This file is part of/! i\
#\
# This file is part of Mbed TLS (https://tls.mbed.org)
}
# Clear copyright declaration from buffer
D
}
'
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
1. When `ssl_server2` export key functionality fails,
don't exit the server, but reset it, to have the
server recover for next connection.
2. Add text filters for `export keys functionality` test in ssl-opt.sh
to check for additional output, to verify if the export suceeded.
This was discovered in the `ssl-opt.sh` script, where the server exited,
before the test tried to kill the server priocess, resulting in a
`kill: No such process` message.
Fixes#2662
Signed-off-by: Ron Eldor <Ron.Eldor@arm.com>
Strict platforms cannot be expected to accept C99 code as valid
when earlier standards versions are selected.
This helps the programs build on Solaris-like platforms (e.g.
illumos).
Fixes#3420
Signed-off-by: nia <nia@netbsd.org>