Commit Graph

250 Commits

Author SHA1 Message Date
Mateusz Starzyk
0fdcc8eee9 Remove Havege module.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-02-11 14:17:07 +01:00
Ronald Cron
00b7bfc2c4 psa: Move xxx_load_representation functions to RSA/ECP specific modules
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-02 11:29:08 +01:00
Ronald Cron
d7906327ca psa: Add psa_crypto_client.c
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-02-01 13:16:44 +01:00
Janos Follath
0cbdc61171 Bump version to Mbed TLS 2.25.0
Executed ./scripts/bump_version.sh --version 2.25.0 --so-crypto 6

Increasing the SO version of the crypto library, because the openless
API improvement came with API/ABI incompatibilities. For example
    - the size of psa_key_handle_t changed
    - the type of a parameter in 18 public functions has changed from
      psa_key_handle_t to mbedtls_svc_key_id_t

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-12-09 15:05:22 +00:00
Janos Follath
2a25904f45
Merge pull request #3568 from hanno-arm/tls13_experimental_key_schedule_1
TLS 1.3: Add HKDF-based key derivation functionality
2020-09-16 11:40:06 +01:00
Hanno Becker
be9d6648f8 Implement TLS 1.3 key derivation function HKDF-Expand-Label
This commit introduces a new file library/ssl_tls13_key.c
which will subsequently be populated with functionality relating
to the TLS 1.3 key schedule.

Those functions are expected to be internal and are documented
in the internal header library/ssl_tls13_keys.h.

The first function to be implemented is the key expansion
function `HKDF-Expand-Label`. See the documentation in
library/ssl_tls13_keys.h for more information.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:28:06 +01:00
Steven Cooreman
cd84cb4903 Add a handcrafted first version of the driver wrapper code
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2020-09-04 14:22:26 +02:00
Manuel Pégourié-Gonnard
527b87890d
Merge pull request #3454 from gilles-peskine-arm/include-common-h-development
Include common.h from all library source files
2020-07-03 09:44:18 +02:00
Gilles Peskine
76dd3aa5bb Add comments explaining include paths
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 15:59:45 +02:00
Gilles Peskine
66c3dc44f2 Include the library directory for the sake of 3rdparty
When compiling library files under `3rdparty/`, the directory containing
the `.c` file that is being compiled is not the current directory, so
headers from the `library/` directory are not found. Fix this by
adding `.` to the include path.

This was not detected until now because as of this commit, no 3rdparty
source file requires a header under `library/`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-02 11:26:57 +02:00
Janos Follath
0435cd8c23 Bump version to Mbed TLS 2.23.0
Executed "./scripts/bump_version.sh --version 2.23.0 --so-crypto 5"

A symbol has been removed from the mbedcrypto library since the last
release:
mbedtls_ecc_group_to_psa ( enum mbedtls_ecp_group_id grpid,
                           size_t* bits )

This is an ABI break and we need to increase the SO version.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-06-29 22:41:30 +01:00
Manuel Pégourié-Gonnard
10a5b535f1 Sort lists in Makefiles and have one item per line
A file generated based on the output of `make list` from programs has been
re-generated.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-17 11:57:50 +02:00
Andrzej Kurek
98911cdd3a
makefile: remove unneeded priority dependency from library makefile
This change was first introduced in 8af3923 - see this commit for more background.
After the removal of crypto directory, there are no targets that require a 
crypto library with the directory prefix, so there's also no need for the priority
dependency to be declared. This commit removes it.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-03-26 07:18:42 -04:00
Gilles Peskine
a647f1296e Delete third-party objects in cleanup 2020-03-23 17:55:32 +01:00
Gilles Peskine
55d5353b3a Remove lingering build code referencing the crypto submodule
Remove code guarded by `USE_CRYPTO_SUBMODULE`. It's dead now that
crypto can no longer be a submodule.

In `library/Makefile`:

* Replace `$(CRYPTO_INCLUDE)` with the single include directory
  `-I../include`.
* Remove references to `$(OBJS_CRYPTO)` when it's in addition to the
  local objects (`*.o`) since `$(OBJS_CRYPTO)` is now a subset of the
  local objects.
* Merge modules that were duplicated between the mbedtls and the
  mbed-crypto repositories back into the single list for `OBJS_CRYPTO`.
2020-03-23 17:55:32 +01:00
Gilles Peskine
d2e77b51a1 Restore the library SO version in Makefile 2020-03-23 17:55:31 +01:00
Gilles Peskine
b99bd39b4e Merge mbed-crypto into mbedtls: the merge commit
Merge `unremove-non-crypto` into `mbedtls/development`. The branch
`unremove-non-crypto` was obtained by starting from `mbed-crypto/development`,
then reverting many commits that removed X.509 and TLS functionality when Mbed
Crypto forked from Mbed TLS (the “unremoval”), then make a few tweaks to
facilitate the merge.

The unremoval step restored old versions of some tls files. If a file doesn't
exist in mbed-crypto, check out the mbedtls version, regardless of what
happened during the unremoval of tls files in the crypto tree. Also
unconditionally take the mbedtls version of a few files where the
modifications are completely project-specific and are not relevant in
mbed-crypto:

* `.github/issue_template.md`: completely different. We may want to reconcile
  them independently as a follow-up.
* `.travis.yml`: would only be reverted to an earlier tls version.
* `README.md`: completely different. We may want to reconcile them
  independently as a follow-up.
* `doxygen/input/doc_mainpage.h`: the changes in crypto were minimal and not
  relevant except as a stopgap as mbed-crypto did not have its own product
  versioning in the Doxygen documentation.
* `tests/.jenkins/Jenkinsfile`: completely different.
* `tests/data_files/Makefile`: there were no changes in mbed-crypto,
  but the unremoval step restored an old version.

Shell script for everything to do after the merge apart from the conflict
resolution:
```
tls_files=($(comm -23 <(git ls-tree -r --name-only HEAD) <(git ls-tree -r --name-only $(git merge-base upstream-crypto/development MERGE_HEAD))))
tls_files+=($tls_files .github/issue_template.md .travis.yml README.md doxygen/input/doc_mainpage.h tests/.jenkins/Jenkinsfile tests/data_files/Makefile)
git checkout --theirs HEAD -- $tls_files
git add -- $tls_files
```

Resolve the remaining conflicts:

* `library/CMakeLists.txt`:
    * Keep the TLS definition of `src_crypto`
    * `USE_SHARED_MBEDTLS_LIBRARY`: keep all three libraries, with both
      `include` and `crypto/include` in `target_include_directories`, all with
      version `2.21.0`.
* `programs/Makefile`:
    * Reconcile the APPS lists (add/add from a differently-formatted common
      ancestor): insert the `psa/*` from crypto into the tls list.
    * Keep the `fuzz` target defined only in tls version.
    * Keep the recipe (only in tls version) cleaning `ssl_pthread_server`
      stuff for the `clean` target.
* `scripts/config.py`:
    * `include_in_full`: add/add conflict. Keep both.
* `tests/scripts/all.sh`:
    * `component_test_no_use_psa_crypto_full_cmake_asan`: partially old
      version in crypto. Take the tls version.
    * `component_test_malloc_0_null` and more: take
      `component_test_malloc_0_null` from crypto (with `config.py` rather than
      `config.pl`, and with `$ASAN_FLAGS` rather than an explicit list), but
      add the call to `ssl-opt.sh` from tls. Take the other components from
      crypto.

With this commit, building and running the unit tests with both `make ` and
`cmake` work in the default configuration on Linux. Other platforms, build
systems and configurations are likely not to work, and there is some
regression in test coverage.

There is some loss of functionality because the unremoval step restored older
versions of tls content. This commit contains the latest tls version of
tls-only files, but some changes from the tls side in files that existed on
both sides have regressed. Most problematic changes are hunks that remove some
tls-specific feature and contain either a C preprocessor symbol identifying a
tls-specific module or option, or the name of a tls-specific file. Hunks
that remove a tls-specific preprocessor symbol can be identified with the
regular expression `^-.*MBEDTLS_(ERR_)?(PKCS11|X509|NET|SSL)_`.

Subsequent commits will revert a few parts of the patch from this merge commit
in order to restore the tls functionality that it removes, ensure that the
test coverage includes what was covered in either branch, and fix test
failures.
2020-03-23 17:54:46 +01:00
Gilles Peskine
722a7e6940 Revert "Only build libmbedcrypto"
This reverts commit 8298d70bee.

Conflicts:
* library/Makefile: removal of SOEXT_X509 and SOEXT_TLS vs change of
  value of SOEXT_CRYPTO. Keep all, with the new value of SOEXT_CRYPTO.
2020-03-19 14:07:55 +01:00
Hanno Becker
6e7051af13 Add guarded ssl_msg.c to Makefiles
This commit adds the newly created copy ssl_msg.c of ssl_tls.c
to the build system but guards its content by an `#if 0 ... #endif`
preprocessor guard in order to avoid compilation failures resulting
from code duplication. This guard will be removed once the contents
of ssl_tls.c and ssl_msg.c have been made disjoint.
2020-02-05 16:10:40 +00:00
Hanno Becker
471c0c98f6 Rename temporary copy ssl_tls_old.c back to ssl_tls.c 2020-02-05 16:10:22 +00:00
Hanno Becker
abd9cef520 Duplicate ssl_tls.c as ssl_tls_old.c and ssl_msg.c
This commit is the first in a series of commits aiming to split
the content of ssl_tls.c in two files ssl_tls.c and ssl_msg.c.

As a first step, this commit replaces ssl_tls.c by two identical
copies ssl_tls_old.c and ssl_msg.c. Even though the file
ssl_tls_old.c will subsequently be renamed back into ssl_tls.c,
this approach retains the git history in both files.
2020-02-05 16:08:41 +00:00
Janos Follath
4c736fb6a8 Update Mbed Crypto SO version
The recent update changed the Mbed Crypto SO version, get Mbed TLS in
sync.
2020-01-27 16:37:14 +00:00
Janos Follath
2e9f108fbd Bump version to Mbed TLS 2.20.0 2020-01-21 14:08:26 +00:00
Gilles Peskine
9afbfdc833 Merge remote-tracking branch 'myfork-public/development' into merge-crypto-development-20191115
First deal with deleted files.

* Files deleted by us: keep them deleted.
* Files deleted by them, whether modified by us or not: keep our version.

```
git rm $(git status -s | sed -n 's/^DU //p')
git reset -- $(git status -s | sed -n 's/^D  //p')
git checkout -- $(git status -s | sed -n 's/^ D //p')
git add -- $(git status -s | sed -n 's/^UD //p')
```

Individual files with conflicts:

* `3rdparty/everest/library/Hacl_Curve25519_joined.c`: spurious conflict because git mistakenly identified this file as a rename. Keep our version.
* `README.md`: conflict due to their change in a paragraph that doesn't exist in our version. Keep our version of this paragraph.
* `docs/architecture/Makefile`: near-identical additions. Adapt the definition of `all_markdown` and include the clean target.
* `doxygen/input/docs_mainpage.h`: conflict in the version number. Keep our version number.
* `include/mbedtls/config.h`: two delete/modify conflicts. Keep the removed chunks out.
* `library/CMakeLists.txt`: discard all their changes as they are not relevant.
* `library/Makefile`:
    * Discard the added chunk about the crypto submodule starting with `INCLUDING_FROM_MBEDTLS:=1`.
    * delete/modify: keep the removed chunk out.
    * library build: This is almost delete/modify. Their changes are mostly not applicable. Do keep the `libmbedcrypto.$(DLEXT): | libmbedcrypto.a` order dependency.
    * `.c.o`: `-o` was added on both sides but in a different place. Change to their place.
* `library/error.c`: to be regenerated.
* `library/version_features.c`: to be regenerated.
* `programs/Makefile`: Most of the changes are not relevant. The one relevant change is in the `clean` target for Windows; adapt it by removing `/S` from our version.
* `programs/test/query_config.c`: to be regenerated.
* `scripts/config.py`: added in parallel on both sides. Keep our version.
* `scripts/footprint.sh`: parallel changes. Keep our version.
* `scripts/generate_visualc_files.pl`: one delete/modify conflict. Keep the removed chunks out.
* `tests/Makefile`: discard all of their changes.
* `tests/scripts/all.sh`:
    * `pre_initialize_variables` add `append_outcome`: add it.
    * `pre_initialize_variables` add `ASAN_CFLAGS`: already there, keep our version.
    * `pre_parse_command_line` add `--no-append-outcome`: add it.
    * `pre_parse_command_line` add `--outcome-file`: add it.
    * `pre_print_configuration`: add `MBEDTLS_TEST_OUTCOME_FILE`.
    * Several changes in SSL-specific components: keep our version without them.
    * Several changes where `config.pl` was changed to `config.py` and there was an adjacent difference: keep our version.
    * Changes regarding the inclusion of `MBEDTLS_MEMORY_xxx`: ignore them here, they will be normalized in a subsequent commit.
    * `component_test_full_cmake_gcc_asan`: add it without the TLS tests.
    * `component_test_no_use_psa_crypto_full_cmake_asan`: keep the fixed `msg`, discard other changes.
    * `component_test_memory_buffer_allocator_backtrace`, `component_test_memory_buffer_allocator`: add them without the TLS tests.
    * `component_test_m32_everest`: added in parallel on both sides. Keep our version.
* `tests/scripts/check-names.sh`, `tests/scripts/list-enum-consts.pl`, `tests/scripts/list-identifiers.sh`, ``tests/scripts/list-macros.sh`: discard all of their changes.
* `tests/scripts/test-ref-configs.pl`: the change in the conflict is not relevant, so keep our version there.
* `visualc/VS2010/*.vcxproj`: to be regenerated.

Regenerate files:

```
scripts/generate_visualc_files.pl
git add visualc/VS2010/*.vcxproj
scripts/generate_errors.pl
git add library/error.c
scripts/generate_features.pl
git add library/version_features.c
scripts/generate_query_config.pl
git add programs/test/query_config.c
```

Rejected changes in non-conflicting files:

* `CMakeLists.txt`: discard their addition which has already been side-ported.
* `doxygen/mbedtls.doxyfile`: keep the version number change. Discard the changes related to `../crypto` paths.

Keep the following changes after examination:

* `.travis.yml`: all of their changes are relevant.
* `include/mbedtls/error.h`: do keep their changes. Even though Crypto doesn't use TLS errors, it must not encroach on TLS's allocated numbers.
* `tests/scripts/check-test-cases.py`: keep the code dealing with `ssl-opt.sh`. It works correctly when the file is not present.
2019-11-15 11:47:14 +01:00
Andrzej Kurek
8028cb19f4 Makefile: add path prefixes to other versions of libmbedcrypto library 2019-10-08 10:10:43 -04:00
Andrzej Kurek
8af3923815 Add a recipe for libmbedcrypto with a path prefix
This caused problems when running multiple jobs at once, since
there was no target matching libmbedcrypto.so with the path
prefix. It only worked if it was built first, since such file was found.
Additionally,  building of libmbedcrypto.so now waits for the static .a version.
Previously, recipes for both libmbedcrypto.a and libmbedcrypto.so could run
independently when running parallel jobs, which resulted in the .o files
being built twice. It could sometimes be a problem, since linking would start
when building one of the object files was still in progress (the previous one
existed). This in turn resulted in reading (and trying to link) a malformed file.
The "|" character is followed by "order-only-prerequisites", and in this case,
makes linking of the shared version of the library wait for the .a file.
Since it's guaranteed to be always built in the "all" target, it's fine to do that.
All of the .o files are only built once thanks to this change.
2019-10-07 09:19:18 -04:00
Jaeden Amero
9298dca14d
Merge pull request #185 from gilles-peskine-arm/harvard-md
Remove method dispatch from md
2019-09-10 18:38:39 +01:00
Darryl Green
9b9a790be6 Handle deleting non-existant files on Windows
If we try to delete a non-existant file using del on Windows, as
can happen when running make clean, del will throw an error. Make
the Makefiles more robust by only deleting files if they exist.
2019-08-30 15:45:46 +01:00
Janos Follath
4f055f4ca2 Use 3rdparty headers from the submodule 2019-08-29 16:12:38 +01:00
Christoph M. Wintersteiger
54d09ad0df 3rdparty: Rename THIRDPARTY_OBJECTS 2019-08-29 16:12:38 +01:00
Christoph M. Wintersteiger
89f36aeb2a Add new 3rdparty build scripts 2019-08-29 16:12:38 +01:00
Christoph M. Wintersteiger
e14c779615 ECDH: Everest: Remove unnecessary file 2019-08-29 16:12:38 +01:00
Christoph M. Wintersteiger
f4bee2fbf7 ECDH: Use LOCAL_CFLAGS instead of CFLAGS 2019-08-29 16:12:38 +01:00
Christoph M. Wintersteiger
977d89ab29 ECDH: Include Everest Curve25519 in build scripts 2019-08-29 16:12:38 +01:00
Jaeden Amero
4e0db5642a Merge branch 'mbedtls-2.18' into development
Bring Mbed TLS 2.18.0 and 2.18.1 release changes back into the
development branch. We had branched to release 2.18.0 and 2.18.1 in
order to allow those releases to go out without having to block work on
the `development` branch.

Manually resolve conflicts in the Changelog by moving all freshly addded
changes to a new, unreleased version entry.

Reject changes to include/mbedtls/platform.h made in the mbedtls-2.18
branch, as that file is now sourced from Mbed Crypto.

* mbedtls-2.18:
  platform: Include stdarg.h where needed
  Update Mbed Crypto to contain mbed-crypto#152
  CMake: Add a subdirectory build regression test
  README: Enable builds as a CMake subproject
  ChangeLog: Enable builds as a CMake subproject
  Remove use of CMAKE_SOURCE_DIR
  Update library version to 2.18.0
2019-08-27 11:18:28 +01:00
Christoph M. Wintersteiger
2d4725f204 3rdparty: Rename THIRDPARTY_OBJECTS 2019-08-19 13:37:46 +01:00
Christoph M. Wintersteiger
62dddd08fd Add new 3rdparty build scripts 2019-08-19 13:36:44 +01:00
Christoph M. Wintersteiger
24fbceff50 ECDH: Everest: Remove unnecessary file 2019-08-19 13:36:44 +01:00
Christoph M. Wintersteiger
34811a8db2 ECDH: Use LOCAL_CFLAGS instead of CFLAGS 2019-08-19 13:36:44 +01:00
Christoph M. Wintersteiger
d5fd766c49 ECDH: Include Everest Curve25519 in build scripts 2019-08-19 13:36:44 +01:00
Gilles Peskine
72c8c5b352 Merge remote-tracking branch 'upstream-crypto/development' into psa-api-1.0-beta-merge_development_20190801
Conflict resolution:
* `scripts/config.pl`:
  Take the exclusion of `MBEDTLS_PSA_CRYPTO_SE_C` from the API branch.
  Take the removal of `MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C` (obsolete) from
  the development branch.
* `tests/scripts/all.sh`:
  Multiple instances of factoring a sequence of `config.pl` calls into
  a mere `config.pl baremetal` in the development branch, and a change in
  the composition of `baremetal` in the API branch. In each case, take the
  version from development.
* `tests/suites/test_suite_psa_crypto_slot_management.function`:
  A function became non-static in development and disappeared in the API
  branch. Keep the version from the API branch. Functions need to be
  non-static if they're defined but unused in some configurations,
  which is not the case for any function in this file at the moment.
* `tests/suites/test_suite_psa_crypto.function`:
  Consecutive changes in the two branches, reconciled.
2019-07-31 17:47:49 +02:00
Jaeden Amero
8dd1690993 Merge remote-tracking branch 'tls/development' into development
Resolve conflicts by performing the following operations:
- Reject changes related to building a crypto submodule, since Mbed
  Crypto is the crypto submodule.
- Reject X.509, NET, and SSL changes.
- Reject changes to README, as Mbed Crypto is a different project from
  Mbed TLS, with a different README.
- Avoid adding mention of ssl-opt.sh in a comment near some modified
  code in include/CMakeLists.txt (around where ENABLE_TESTING as added).
- Align config.pl in Mbed TLS with config.pl in Mbed Crypto where PSA
  options are concerned, to make future merging easier. There is no
  reason for the two to be different in this regard, now that Mbed TLS
  always depends on Mbed Crypto. Remaining differences are only the
  PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER option and the absence of X.509,
  NET, and SSL related options in Mbed Crypto's config.pl.
- Align config.h in Mbed Crypto with Mbed TLS's copy, with a few notable
  exceptions:
  - Leave CMAC on by default.
  - Leave storage on by default (including ITS emulation).
  - Avoid documenting the PSA Crypto API as is in beta stage in
    documentation for MBEDTLS_PSA_CRYPTO_C.
  The only remaining differences are a lack of X.509, NET, and SSL
  options in Mbed Crypto's config.h, as well as an additional
  Mbed-Crypto-specific PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER option.
  Documentation for the check params feature and related macros is also
  updated to match Mbed TLS's description.
- Reject tests/data_files/Makefile changes to generate DER versions of
  CRTs and keys, as none of those are used by Mbed Crypto tests.
- Add the "no PEM and no filesystem" test to all.sh, without ssl-opt.sh
  run, as Mbed Crypto doesn't have ssl-opt.sh. Also remove use of PSA
  Crypto storage and ITS emulation, since those depend on filesystem
  support.
- Reject addition of test when no ciphersuites have MAC to all.sh, as
  the option being tested, MBEDTLS_SSL_SOME_MODES_USE_MAC, is not
  present in Mbed Crypto.
- Use baremetal config in all.sh, as Mbed Crypto's baremetal
  configuration does exclude the net module (as it doesn't exist in Mbed
  Crypto)
- Reject cmake_subproject_build changes, continuing to link only
  libmbedcrypto.
- Reject changes to visualc and associated templates. Mbed Crypto
  doesn't need additional logic to handle submodule-sourced headers.
- Avoid adding fuzzers from Mbed TLS. The only relevant fuzzers are the
  privkey and pubkey fuzzers, but non-trivial work would be required to
  integrate those into Mbed Crypto (more than is comfortable in a merge
  commit).
- Reject addition of Docker wrappers for compat.sh and ssl-opt.sh, as
  those are not present in Mbed Crypto.
- Remove calls to SSL-related scripts from basic-in-docker.sh

Fix test errors by performing the following:
- Avoid using a link that Doxygen can't seem to resolve in Mbed Crypto,
  but can resolve in Mbed TLS. In documentation for
  MBEDTLS_CHECK_PARAMS, don't attempt to link to MBEDTLS_PARAM_FAILED.

* origin/development: (339 commits)
  Do not build fuzz on windows
  No booleans and import config
  Removing space before opening parenthesis
  Style corrections
  Syntax fix
  Fixes warnings from MSVC
  Add a linker flag to enable gcov in basic-build-test.sh
  Update crypto submodule to a revision with the HAVEGE header changes
  Test with MBEDTLS_ECP_RESTARTABLE
  Allow TODO in code
  Use the docstring in the command line help
  Split _abi_compliance_command into smaller functions
  Record the commits that were compared
  Document how to build the typical argument for -s
  Allow running /somewhere/else/path/to/abi_check.py
  tests: Limit each log to 10 GiB
  Warn if VLAs are used
  Remove redundant compiler flag
  Consistently spell -Wextra
  Fix parsing issue when int parameter is in base 16
  ...
2019-07-31 10:37:53 +01:00
Gilles Peskine
84867cffdd Don't use dynamic pointer dispatch in md
In the generic message digest abstraction, instead of storing method
pointers in the per-algorithm data structure and using wrapper
functions as those methods, call the per-algorithm function directly.

This saves some code size (2336B -> 2043B for md with all algorithms
enabled on M0+ with gcc -Os). This should also make it easier to
optimize the case when a single algorithm is supported. In addition,
this is a very slight security improvement since it removes one
opportunity for a buffer overflow to directly turn into letting the
attacker overwrite a pointer to a function pointer.

This commit does not modify the documented API. However, it removes
the possibility for users to define their own hash implementations and
use them by building their own md_info.

Changing mbedtls_md_context to contain a md type identifier rather
than a pointer to an info structure would save a few more bytes and a
few more runtime memory accesses, but would be a major API break since
a lot of code uses `const mbedtls_md_info *` to keep track of which
hash is in use.
2019-07-22 11:35:15 +02:00
Gilles Peskine
85aba47715 Consistently spell -Wextra
-W is a deprecated alias of -Wextra. Consistently use the new name.
2019-07-02 20:05:16 +02:00
Gilles Peskine
c2d56a4446 Allow declarations after statements
We officially allow C99, so don't forbid this C99 feature.
2019-06-25 18:52:06 +02:00
Gilles Peskine
a899a72fd0 Implement the secure element driver registration function 2019-06-24 19:55:44 +02:00
Jaeden Amero
b1c72f56b1 Update library version to 2.18.0
Increase the SO versions of libmbedx509 and libmbedtls due to the
addition of fields in publicly visible (non-opaque) structs:
  - mbedtls_ssl_config
  - mbedtls_ssl_context
  - mbedtls_x509_crt
2019-06-11 17:19:35 +01:00
Andrzej Kurek
346747cd24 Force the usage of crypto submodule
Remove all.sh tests exercising the optional usage of submodule
2019-05-23 03:01:35 -04:00
Manuel Pégourié-Gonnard
d8167e85d6 Build from submodule by default (make, cmake)
Adapt tests in all.sh:
- tests with submodule enabled (default) no longer need to enable it
  explicitly, and no longer need runtime tests, as those are now handled by
all other test cases in this script
- tests with submodule disabled (old default) now need to disable it
  explicitly, and execute some runtime tests, as those are no longer tested
anywhere else in this script

Adapt documentation in Readme: remove the section "building with submodule"
and replace it with a new section before the other building sections.
Purposefully don't document how to build not from the submodule, as that
option is going away soon.
2019-05-23 03:01:35 -04:00
Jaeden Amero
8d4d4f55f0 Makefile: Use full paths to refer to parent files
When running lcov, files can't be found relative to the parent project
(Mbed TLS) root. Use full, non-relative paths to refer to files used in
building Mbed Crypto from Mbed TLS in order to enable lcov to locate the
files properly.
2019-05-22 13:54:52 +01:00
Jaeden Amero
461fd58fb2
Merge pull request #71 from Patater/remove-non-crypto
Remove non-crypto code
2019-04-30 11:10:51 +01:00
Jaeden Amero
d29db1f8ab Makefile: Remove extra debug print
Remove debug print added to print list of source files used in making
libmbedcrypto.

Fixes 92da0bd862 ("Makefile: Use generated source files from parent").
2019-04-29 15:06:33 +01:00
Jaeden Amero
92da0bd862 Makefile: Use generated source files from parent
When building as a submodule of a parent project, like Mbed TLS, use the
parent projects generated source files (error.c, version.c,
version_features.c)
2019-04-26 15:41:33 +01:00
Jaeden Amero
8df5de42e2 Makefile: Output to explicit target
Don't depend on the C compiler's default output file name and path. Make
knows what it wants to build and where it should go, and this may not
always align with the C compiler default, so tell the C compilter to
output to the Make target explicitly.
2019-04-26 14:00:02 +01:00
Jaeden Amero
8298d70bee Only build libmbedcrypto
Update build scripts and tools to only build or update libmbedcrypto.
2019-04-25 11:46:21 +01:00
Gilles Peskine
088b77f39c Merge psa_crypto_storage_its into psa_crypto_storage
Since the ITS API has stabilized and we don't plan to make use of more
than ITS, we don't need an abstraction layer between key storage and
key storage over ITS. Merge the ITS code into the generic storage
module.
2019-03-15 11:15:01 +01:00
Gilles Peskine
e435f23019 Remove psa_crypto_storage_file
Now that we have ITS over files, we no longer need a direct backend
for key storage over files. Remove psa_crypto_storage_file and its
tests.

Switch MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C and MBEDTLS_PSA_ITS_FILE_C on
by default. This preserves functionality and test coverage in the
default configuration, but forgets any key previously stored using the
file backend.
2019-03-15 11:14:51 +01:00
Gilles Peskine
6194dc2062 Implement PSA ITS over files
Implement the PSA ITS API over stdio files.
2019-03-15 11:14:09 +01:00
Jaeden Amero
67ea2c5e6d Merge branch 'development-psa-proposed' into development
Resolve conflicts by performing the following.

- Take the upstream Mbed TLS ChangeLog verbatim.
- Reject changes to Makefiles and CMake that are related to using Mbed
  Crypto as a submodule. It doesn't make sense to use Mbed Crypto as a
  submodule of itself.
- Reject README changes, as Mbed Crypto has its own, different README.
- Reject PSA-related changes to config.h. We don't want to disable the
  availability of the PSA Crypto API by default in the Mbed Crypto
  config.h.
- Don't inadvertently revert dead code removal in
  mbedtls_cipher_write_tag() which was added in f2a7529403 ("Fix
  double return statement in cipher.c")
- Where Mbed Crypto already had some MBEDTLS_USE_PSA_CRYPTO code (from
  past companion PRs) take the latest version from Mbed TLS which
  includes integration with MBEDTLS_CHECK_PARAMS.
- Update the version of the shared library files to match what's
  currently present in Mbed TLS.
- Reject removal of testing with PSA from config full tests.
- Resolve conflicts in test tests/suites/helpers.function, where both
  Mbed Crypto and Mbed TLS both added documentation for TEST_ASSERT.
  Combine text from both documentation efforts.
- Reject adding a submodule of ourselves.
- Reject addition of submodule tests in all.sh.
- Reject addition of submodule to library path in
  tests/scripts/run-test-suites.pl.
- Avoid using USE_CRYPTO_SUBMODULE=1 in
  component_test_use_psa_crypto_full_cmake_asan() in all.sh.
2019-02-14 15:58:43 +00:00
Andrzej Kurek
de5a007316 Merge development commit f352f7 into development-psa 2019-02-01 07:03:03 -05:00
Antonin Décimo
36e89b5b71 Fix #2370, minor typos and spelling mistakes 2019-01-24 10:37:40 +01:00
Gilles Peskine
961849f6d1 Implement slot allocation
Implement psa_allocate_key, psa_open_key, psa_create_key,
psa_close_key.

Add support for keys designated to handles to psa_get_key_slot, and
thereby to the whole API.

Allocated and non-allocated keys can coexist. This is a temporary
stage in order to transition from the use of direct slot numbers to
allocated handles only. Once all the tests and sample programs have
been migrated to use handles, the implementation will be simplified
and made more robust with support for handles only.
2018-12-11 16:48:13 +01:00
Gilles Peskine
3d5d8372a5
Merge pull request #198 from ARMmbed/psa_crypto_its
PSA Crypto Storage backend implementation over PSA ITS APIs (#198)
2018-11-21 15:04:03 +01:00
Jaeden Amero
30b340a760 crypto: Add mbedtls-psa as a submodule
mbedtls-psa contains an implementation of libmbedcrypto, including the PSA
Crypto API.
2018-11-21 12:54:57 +00:00
Jaeden Amero
c6e4ab00a8 Use parent module includes when used as a submodule
For Makefiles, enable overriding where includes can come from in order to
enable the parent module to set the include path. This allows the parent
module to specify that its config.h should be used, even when the submodule
when built standalone would use a different config.h.

For CMake, always look in the parent's include folder and our own. List the
parent's include folder first, so that preference is given to parent
include files.
2018-11-21 12:17:31 +00:00
Moran Peker
a26d764bae Add new PSA Crypto Storage backend implementation using ITS APIs
The new file is conditionally compiled with the new mbedtls
configuration option that  Mbed OS would set by default -
`MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C`.

-
2018-11-21 13:28:10 +02:00
Darryl Green
db2b8db715 psa: Add storage implementation for files
Add new functions, psa_load_persistent_key(),
psa_free_persistent_key_data(), and psa_save_persistent_key(), for
managing persistent keys. These functions load to or save from our
internal representation of key slots. Serialization is a concern of the
storage backend implementation and doesn't abstraction-leak into the
lifetime management code.

An initial implementation for files is provided. Additional storage
backends can implement this interface for other storage types.
2018-11-20 15:21:22 +00:00
Darryl Green
6c0f94cbd0 Add better handling when deleting files on Windows
Windows complains if you try to delete a file that doesn't exist.
Makefiles now check if the files exist before trying to delete them.
2018-10-23 12:03:31 +01:00
Gilles Peskine
e59236fc17 Add PSA crypto module
New module psa_crypto.c (MBEDTLS_PSA_CRYPTO_C):
Platform Security Architecture compatibility layer on top of
libmedcrypto.

Implement psa_crypto_init function which sets up a RNG.

Add a mbedtls_psa_crypto_free function which deinitializes the
library.

Define a first batch of error codes.
2018-09-05 10:59:00 +03:00
Simon Butcher
4d075cd7d0 Update library version number to 2.13.0 2018-08-31 15:59:10 +01:00
Ron Eldor
cb349ac279 Implement the KW and KWP algorithm
1. Add kw to the Makefiles
2. Implement the algorithms as defined in SP800-38F, and RFC 3394.
2018-07-24 16:43:20 +01:00
Simon Butcher
1d97cab5f5 Merge remote-tracking branch 'public/pr/1645' into development 2018-06-28 12:06:16 +01:00
Andres Amaya Garcia
e3402ce44f Enable APPLE_BUILD in makefile if using system ar 2018-06-20 10:43:21 +01:00
Andres Amaya Garcia
c51d613eac Ensure crosscompiling with make works in Mac OS X 2018-06-19 17:25:42 +01:00
Manuel Pégourié-Gonnard
0dadba2b58 Merge branch 'development' into iotssl-2257-chacha-poly-primitives
* development: (182 commits)
  Change the library version to 2.11.0
  Fix version in ChangeLog for fix for #552
  Add ChangeLog entry for clang version fix. Issue #1072
  Compilation warning fixes on 32b platfrom with IAR
  Revert "Turn on MBEDTLS_SSL_ASYNC_PRIVATE by default"
  Fix for missing len var when XTS config'd and CTR not
  ssl_server2: handle mbedtls_x509_dn_gets failure
  Fix harmless use of uninitialized memory in ssl_parse_encrypted_pms
  SSL async tests: add a few test cases for error in decrypt
  Fix memory leak in ssl_server2 with SNI + async callback
  SNI + SSL async callback: make all keys async
  ssl_async_resume: free the operation context on error
  ssl_server2: get op_name from context in ssl_async_resume as well
  Clarify "as directed here" in SSL async callback documentation
  SSL async callbacks documentation: clarify resource cleanup
  Async callback: use mbedtls_pk_check_pair to compare keys
  Rename mbedtls_ssl_async_{get,set}_data for clarity
  Fix copypasta in the async callback documentation
  SSL async callback: cert is not always from mbedtls_ssl_conf_own_cert
  ssl_async_set_key: detect if ctx->slots overflows
  ...
2018-06-19 11:13:50 +02:00
Simon Butcher
2fcd3e4441 Change the library version to 2.11.0
* Change the Mbed TLS library version to 2.11.0
 * Increase the soversion of libmbedcrypto
 * Increase the soversion of libmbedtls
2018-06-18 14:39:06 +01:00
Andres Amaya Garcia
1d9375919a Conditionally assign APPLE_BUILD var in makefile 2018-06-13 10:05:43 +01:00
Andres Amaya Garcia
c471cd7e0a Autodetect if running on OS X in makefile 2018-06-13 09:28:04 +01:00
Andres Amaya Garcia
c06c9ae088 Add alias APPLE make var of APPLE_BUILD 2018-06-12 18:29:28 +01:00
Simon Butcher
e47d6fd97e Merge remote-tracking branch 'public/pr/1497' into development 2018-06-12 16:53:04 +01:00
Thomas Fossati
656864b360 Add an HKDF (RFC 5869) implementation 2018-06-11 13:10:14 +01:00
Manuel Pégourié-Gonnard
39b1904b9f Merge branch 'development' into iotssl-2257-chacha-poly-primitives
* development: (97 commits)
  Updated version number to 2.10.0 for release
  Add a disabled CMAC define in the no-entropy configuration
  Adapt the ARIA test cases for new ECB function
  Fix file permissions for ssl.h
  Add ChangeLog entry for PR#1651
  Fix MicroBlaze register typo.
  Fix typo in doc and copy missing warning
  Fix edit mistake in cipher_wrap.c
  Update CTR doc for the 64-bit block cipher
  Update CTR doc for other 128-bit block ciphers
  Slightly tune ARIA CTR documentation
  Remove double declaration of mbedtls_ssl_list_ciphersuites
  Update CTR documentation
  Use zeroize function from new platform_util
  Move to new header style for ALT implementations
  Add ifdef for selftest in header file
  Fix typo in comments
  Use more appropriate type for local variable
  Remove useless parameter from function
  Wipe sensitive info from the stack
  ...
2018-06-07 12:02:55 +02:00
Manuel Pégourié-Gonnard
dca3a5d884 Rename aead_chacha20_poly1305 to chachapoly
While the old name is explicit and aligned with the RFC, it's also very long,
so with the mbedtls_ prefix prepended we get a 31-char prefix to each
identifier, which quickly conflicts with our 80-column policy.

The new name is shorter, it's what a lot of people use when speaking about
that construction anyway, and hopefully should not introduce confusion at
it seems unlikely that variants other than 20/1305 be standardised in the
foreseeable future.
2018-05-24 13:37:31 +02:00
Daniel King
b8025c5826 Implement AEAD-ChaCha20-Poly1305.
This implementation is based off the description in RFC 7539.

The ChaCha20 code is also updated to provide a means of generating
keystream blocks with arbitrary counter values. This is used to
generated the one-time Poly1305 key in the AEAD construction.
2018-05-24 13:37:31 +02:00
Daniel King
adc32c0b50 Add Poly1305 authenticator algorithm (RFC 7539)
Test vectors are included from RFC 7539.

Poly1305 is also added to the benchmark program.
2018-05-24 13:37:31 +02:00
Daniel King
34b822ce7b Initial implementation of ChaCha20 2018-05-24 13:37:31 +02:00
Andres Amaya Garcia
0e98e88a22 Silence no symbols warn on apple & Makefile 2018-05-23 09:19:54 +01:00
Manuel Pégourié-Gonnard
a3712beb9b Merge branch 'development' into iotssl-1941-aria-ciphersuites
* development: (504 commits)
  Fix minor code style issues
  Add the uodate to the soversion to the ChangeLog
  Fix the ChangeLog for clarity, english and credit
  Update version to 2.9.0
  ecp: Fix binary compatibility with group ID
  Changelog entry
  Change accepted ciphersuite versions when parsing server hello
  Remove preprocessor directives around platform_util.h include
  Fix style for mbedtls_mpi_zeroize()
  Improve mbedtls_platform_zeroize() docs
  mbedtls_zeroize -> mbedtls_platform_zeroize in docs
  Reword config.h docs for MBEDTLS_PLATFORM_ZEROIZE_ALT
  Organize CMakeLists targets in alphabetical order
  Organize output objs in alfabetical order in Makefile
  Regenerate errors after ecp.h updates
  Update ecp.h
  Change variable bytes_written to header_bytes in record decompression
  Update ecp.h
  Update ecp.h
  Update ecp.h
  ...
2018-05-22 15:58:50 +02:00
Jaeden Amero
a331e0f0af Merge remote-tracking branch 'upstream-restricted/pr/421' into development-proposed 2018-05-04 14:39:24 +01:00
Jaeden Amero
7d7bad6b1f Update version to 2.9.0
Bump SOVERSION for parity with 2.7.2 and 2.7.3.
2018-04-30 09:58:33 +01:00
Andres Amaya Garcia
21b376b56c Organize output objs in alfabetical order in Makefile 2018-04-24 08:28:26 -05:00
Andres Amaya Garcia
3ea559ea6c Fix alignment in makefile 2018-04-17 10:17:22 -05:00
Andres Amaya Garcia
904e1efb8c Make utils module part of the platform 2018-04-17 10:00:11 -05:00
Andres Amaya Garcia
614d9c0667 Add a utils.h file that contains common functions
The new header contains common information across various mbed TLS
modules and avoids code duplication. To start, utils.h currently only
contains the mbedtls_zeroize() function.
2018-04-17 09:17:38 -05:00
Gilles Peskine
0ed632f445 Merge remote-tracking branch 'upstream-public/pr/1499' into development-proposed 2018-04-01 12:41:22 +02:00
Andres Amaya Garcia
ceed91b72c Allow overriding ar param prefix in library/Makefile 2018-03-25 23:48:39 +01:00
Andres Amaya Garcia
873f15d70d Make DLEXT var configurable in library/Makefile 2018-03-25 23:47:15 +01:00
Mitsuhiro Nakamura
5ff2ee51e9 Fix dylib linking 2018-03-21 11:10:59 +00:00
Markku-Juhani O. Saarinen
3c0b53b2b0 ARIA build integration 2018-02-27 12:39:12 +01:00
Jaeden Amero
3b438d33c1 Update version to 2.7.0 2018-02-02 18:09:45 +00:00