Commit graph

731 commits

Author SHA1 Message Date
Gilles Peskine e1dc2de900 Move MBEDTLS_CTR_DRBG_USE_128_BIT_KEY to the correct section
It's an on/off feature, so it should be listed in version_features.
2020-03-13 15:22:14 +00:00
Arto Kinnunen 43980a09e0 Add AES SCA countermeasures to query_config
Add MBEDTLS_AES_SCA_COUNTERMEASURES flag to query_config so that
flag value can be queried.
2019-12-10 14:54:43 +02:00
Simon Butcher 9d36fa16f8 Merge remote-tracking branch 'public/pr/2891' into baremetal 2019-10-29 15:25:26 +00:00
Simon Butcher a85b3e4dde Merge remote-tracking branch 'public/pr/2890' into baremetal 2019-10-29 14:41:13 +00:00
Simon Butcher 2f99f3d8a2 Merge remote-tracking branch 'public/pr/2850' into baremetal 2019-10-29 14:24:33 +00:00
Teppo Järvelin 7800719551 Adjusted buf allocated from heap in ssl_client2 to be as small as possible 2019-10-25 14:30:33 +03:00
Teppo Järvelin 614efc268e Moved allocation checks to correct place in ssl_server2.c 2019-10-25 11:03:20 +03:00
Arto Kinnunen 1480444e8e Add config option for AES encryption only
-Add config option for AES encyption only to config.h. Feature is
 disabled by default.
-Enable AES encrypt only feature in baremetal.h configuration
-Remove AES encypt only feature from full config
2019-10-24 12:19:33 +03:00
Arto Kinnunen 265d162d07 Update AES-128 bit configuration
- Do not include MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH to full config
  as it requires also MBEDTLS_CTR_DRBG_USE_128_BIT_KEY

- Update check_config to check availability of flags:
   MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
   MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
2019-10-24 09:49:23 +03:00
Arto Kinnunen 77b9cfcea9 AES: add config option for 128-bit keys
Add configuration options to support only 128-bit key lengths in AES
calculation.
2019-10-24 09:49:23 +03:00
Teppo Järvelin 3d414bfb65 Increased MEMORY_HEAP_SIZE to 140000 in ssl_server2 to get CI passing. 2019-10-22 14:44:13 +03:00
Teppo Järvelin 11e881b536 Changed entropy to be allocated from stack to heap in ssl_server2 2019-10-22 14:44:13 +03:00
Teppo Järvelin 8e0e48199b Changed main buf to be allocated from heap in ssl_client2 2019-10-22 14:44:13 +03:00
Teppo Järvelin 8e0fe19a6a Various changes to get CI passing after changes in ssl_server and client stack to heap 2019-10-22 14:43:56 +03:00
Teppo Järvelin 52c9ecb408 Fixed memory leak in ssl_server2.c main
Allocations are now done after command line parsing.
Added more checks if allocations are needed and fixed
baremetal tests with these defines.
2019-10-15 14:21:29 +03:00
Teppo Järvelin ff1ce269d0 Fixed to compile: ssl_async_keys is not a pointer but was treated that way when giving to functions. 2019-10-14 08:14:34 +03:00
Hanno Becker c828432920 Make use of copy-less CRT parsing API in ssl_client2/ssl_server2 2019-10-10 11:47:28 +03:00
Hanno Becker 7d864c494a ssl_client2/ssl_server2: Use heap for various structures
This commit modifies the example programs ssl_client2 and ssl_server2
to allocate various structures on the heap instead of the stack. This
allows more fine-grained memory usage tracking via valgrind massif.
2019-10-10 11:47:28 +03:00
Jarno Lamsa 642596e931 Adapt the example programs
Adapt the example programs if MBEDTLS_ENTROPY_HARDWARE_ALT
is defined.
2019-10-04 12:52:42 +03:00
Jarno Lamsa e29e8a49b8 Use MBEDTLS_ENTROPY_HARDWARE_ALT
Use MBEDTLS_ENTROPY_HARDWARE_ALT instead of a new global RNG
flag. When this flag is enabled, the platform provides the RNG.
When running unit tests, rnd_std_rand should be used by overriding
the mbedtls_hardware_poll.
2019-10-03 13:49:34 +03:00
Jarno Lamsa 5aee8cab2a Update query_config 2019-10-01 16:10:03 +03:00
Manuel Pégourié-Gonnard 1c1cc0d373 Add config.h option MBEDTLS_PK_SINGLE_HASH
No effect for now, just declaring it here, implemented in subsequent commits.

The option requires MBEDTLS_USE_TINYCRYPT and is incompatible with
MBEDTLS_PK_RSA_ALT_SUPPORT and MBEDTLS_RSA_C.

Currently users (including the X.509 and SSL libraries) assume that if both PK
and RSA are enabled, then RSA is available through PK. If we allowed RSA to be
enabled together with PK_SINGLE_TYPE, we'd break that assumption. Going
through the code to find all place that rely on that assumption and fix them
would be cumbersome, and people who want PK_SINGLE_TYPE are unlikely to care
about RSA anyway, so let's just make them incompatible.

This is also consistent with what's done in the MD module: MD_SINGLE_HASH
requires that exactly one hash be enabled.
2019-09-19 10:45:14 +02:00
Simon Butcher 88b535a47e Merge remote-tracking branch 'origin/pr/654' into baremetal 2019-09-10 14:54:28 +01:00
Simon Butcher 303d399f42 Merge remote-tracking branch 'origin/pr/609' into baremetal 2019-09-10 14:50:04 +01:00
Simon Butcher 9bdd13b2e7 Merge remote-tracking branch 'origin/pr/621' into baremetal 2019-09-10 14:49:35 +01:00
Simon Butcher 7fce190774 Merge remote-tracking branch 'origin/pr/635' into HEAD 2019-09-09 14:20:03 +01:00
Hanno Becker 9ec3fe0d43 Introduce configuration option to remove CRT verification callbacks 2019-09-09 09:55:31 +01:00
Hanno Becker 1292c35c03 Add config.h option to hardcode choice of single MD algorithm
This commit introduces the configuration option

  MBEDTLS_MD_SINGLE_HASH

which can be used to hardcode support for a single digest algorithm
at compile-time, at the benefit of reduced code-size.

To use, it needs to be defined to evaluate to a macro of the form
MBEDTLS_MD_INFO_{DIGEST}, and macros MBEDTLS_MD_INFO_{DIGEST}_FIELD
must be defined, giving rise to the various aspects (name, type,
size, ...) of the chosen digest algorithm. MBEDTLS_MD_INFO_SHA256
provides an example, but other algorithms can be added if needed.

At the moment, the effect of using MBEDTLS_MD_SINGLE_HASH is that
the implementation of the MD API (e.g. mbedtls_md_update()) need no
longer to through the abstraction of the mbedtls_md_info structures
by calling their corresponding function pointers fields (akin to
virtual functions in C++), but the directly call the corresponding
core digest function (such as mbedtls_sha256_update()).

Therefore, MBEDTLS_MD_SINGLE_HASH so far removes the second layer
of indirection in the chain

  User calls MD API -> MD API calls underlying digest impl'n
                    -> Core digest impl'n does the actual work,

but the first indirection remains, as the MD API remains untouched
and cannot yet be inlined. Studying to what extend inlining the
shortened MD API implementations would lead to further code-savings
is left for a later commit.
2019-09-09 09:45:57 +01:00
Manuel Pégourié-Gonnard 9b781b2880 Add MBEDTLS_SHA256_NO_SHA244 option (unimplemented) 2019-09-09 09:06:56 +02:00
Hanno Becker 7bcf2b5875 Introduce version comparing functions
This zero-cost abstraction allows to change the internal encoding
of TLS/DTLS versions in the future.
2019-09-05 17:37:55 +01:00
Hanno Becker 88889c618e Fixup: Add missing TinyCrypt guards 2019-09-04 16:17:45 +01:00
Hanno Becker 49ac40b81b Fixup: Don't reference legacy ECP curve identifier in config.h
TinyCrypt should be used as a replacement of legacy ECC. In particular,
there shouldn't be any use of identifiers from the legacy ECC module.

So far, there's the configuration option

  MBEDTLS_SSL_CONF_SINGLE_EC_GRP_ID

that's relevant if MBEDTLS_SSL_CONF_SINGLE_CURVE is set, and which in
this case must resolve to an identifier of type mbedtls_ecp_group_id
indicating which single curve to enable.

With the introduction of TinyCrypt, we must either change the type
of this option to mbedtls_uecc_group_id, or introduce a separate
compilation option.

In order to avoid type confusion, this commit follows tha latter
approach, introducing the configuration option

  MBEDTLS_SSL_CONF_SINGLE_UECC_GRP_ID

that indicatesthe TinyCrypt group identifier of the single curve
to use (must be Secp256r1) if MBEDTLS_SSL_CONF_SINGLE_CURVE
and MBEDTLS_USE_TINYCRYPT are set.
2019-09-04 16:17:25 +01:00
Hanno Becker 2ccdab8ef3 Fixup alignment in ssl_server2 2019-09-03 09:01:49 +01:00
Hanno Becker 10da2a39be Fix unused variable warnings in ssl_client2/ssl_server2 2019-09-03 08:59:36 +01:00
Hanno Becker 7f1c805b23 Allow ssl_client2/ssl_server2 to use HMAC DRBG instead of CTR DRBG
So far, ssl_client2 and ssl_server2 were relying on MBEDTLS_CTR_DRBG_C
being set. This commit adapts them to use HMAC DRBG in case CTR DRBG
is disabled in the configuration.

Note that disabling CTR DRBG in favor of HMAC DRBG can be useful on
constrained systems because Mbed TLS' HMAC DRBG is slightly smaller,
and moreover needed anyway as part of deterministic ECDSA.
2019-09-03 08:59:05 +01:00
Teppo Järvelin 4009d8f377 Make function mbedtls_ssl_set_hostname(...) as optional
Now function mbedtls_ssl_set_hostname is compile-time configurable
in config.h with define MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION.
This affects to many x509 API's. See config.h for details.
2019-08-27 10:47:08 +03:00
Hanno Becker 572d448ab2 Enforce NULL context for hardcoded RNG 2019-08-12 17:05:03 +01:00
Manuel Pégourié-Gonnard 2b29a37c91 Fix compile bugs in examples with hardcoded I/O callbacks
These were found by `all.sh test_baremetal`, so no need for a new test.
2019-07-30 17:07:38 +02:00
Manuel Pégourié-Gonnard d64a2f72e6 Fix wrong ifdef in ssl_server2 & add test for it
This was found as a warning when running scripts/baremetal.sh --ram
--build-only manually, but it should have been found in a more automated way.
Adding -Werror so that future such issues will be caught by all.sh
(component_test_baremetal already invokes baremetal.sh --ram --build-only).
2019-07-30 16:56:43 +02:00
Hanno Becker 28d2a88173 Fix indentation in three example programs 2019-07-30 16:56:25 +02:00
Hanno Becker 7cedd8bed2 Remove overly strict guard in ssl_server2
get_auth_mode() is needed for a change of authmode through SNI,
which is possible even if the original authmode is hardcoded.
2019-07-30 16:56:18 +02:00
Hanno Becker 41e5a6871d Example apps: Don't use runtime IO config API if CBs are hardcoded
Multiple example applications still use mbedtls_ssl_set_bio() even
if the I/O callbacks are hardcoded. This commit fixes this.
2019-07-30 16:50:27 +02:00
Hanno Becker 32bbe4a66b Remove unused label in ssl_client2/ssl_server2 2019-07-30 16:33:40 +03:00
Hanno Becker 83b8c3b8eb cli/srv ex: Add dbg msg if record checking gives inconsistent result 2019-07-30 16:33:40 +03:00
Hanno Becker de9e36e6b3 Pass dgrams to mbedtls_ssl_check_record in ssl_client2/server2 2019-07-30 16:33:40 +03:00
Hanno Becker fe24b3b269 Add IO wrappers to ssl_server2 as interm's between NET and SSL layer 2019-07-30 16:33:40 +03:00
Hanno Becker 14219feb27 Add IO wrappers to ssl_client2 as interm's between NET and SSL layer 2019-07-30 15:44:43 +03:00
Hanno Becker 02f2609551 Introduce configuration option and API for SSL record checking 2019-07-30 15:38:40 +03:00
Manuel Pégourié-Gonnard cdb83e7c88
Merge pull request #616 from mpg/context-s11n
[baremetal] Implement context serialization
2019-07-30 00:07:23 +02:00
Manuel Pégourié-Gonnard 7c575d29dc
Merge pull request #605 from ARMmbed/x509_ondemand_remove_unneeded_fields
[Baremetal] Allow removal of unneeded fields in X.509 CRT structures
2019-07-29 11:58:58 +02:00