Andrzej Kurek
e6c3aa7e7b
Fix minor issues and clean up the code
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-18 15:06:42 -05:00
Andrzej Kurek
e2134ed4b1
Fix certificate management when freeing handshake
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-18 11:23:19 -05:00
Andrzej Kurek
38c7f2d32f
Refactor the immediate transmission feature
...
The original way or handling it did not cover
message fragmentation or retransmission.
Now, the messages are always appended
to the flight and sent immediately, using
the same function as normal flight
transmission.
Moreover, epoch handling is different for this feature,
with a possibility to perform the usual retransmission
using previous methods.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 18:17:31 -05:00
Andrzej Kurek
d886d9f93c
Fix freeing uninitialized fields from the ssl context
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
9627202d3a
Move MBEDTLS_DELAYED_SERVER_CERT_VERIFICATION to baremetal config
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
5ac3a50924
DTLS: disable datagram packing tests when immediate transmission is on
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
c3dde3f2f9
Fix unreachable code error
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
52e08cbcb2
Fix unused parameters and ifdefs
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
777d4217f1
Fix define and function names to conform to Mbed TLS rules
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
b22e64045b
Update generated files
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Andrzej Kurek
131512440e
Move the new config optimization defines to be optional
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-15 15:43:12 -05:00
Hannes Tschofenig
32846c62ac
Moving the ecdhe_computed variable into the handshake structure
2020-12-15 12:50:37 +01:00
Hannes Tschofenig
34630562cd
Making sure that the ECDHE pre-computation is only done once.
2020-12-15 12:33:45 +01:00
Hannes Tschofenig
c162895030
Add call to mbedtls_x509_crt_free()
2020-12-07 11:04:09 +01:00
Hannes Tschofenig
e151a3528a
Adding early ECDHE key generation to ssl_cli.c
2020-12-03 17:37:49 +01:00
Hannes Tschofenig
c34d9cf37a
Adding storage for public key to handshake_params
2020-12-03 17:37:06 +01:00
Hannes Tschofenig
77cddb3ef7
Adding early key computation config option
2020-12-03 17:36:00 +01:00
Hannes Tschofenig
3cb3db7961
Adding early key computation config check
2020-12-03 17:35:50 +01:00
Hannes Tschofenig
2279ffd2a0
Adding immediate message transmission
2020-12-03 15:52:35 +01:00
Hannes Tschofenig
dfa4bae320
Adding immediate transmission option
2020-12-03 15:49:35 +01:00
Hannes Tschofenig
cb6410c67d
Wrapper function for calling parse_certificate_verify
2020-12-03 15:48:55 +01:00
Hannes Tschofenig
635f86874f
Adding delayed server cert verification to client state machine
2020-12-03 15:48:32 +01:00
Hannes Tschofenig
4f8c88312c
Adding wrapper function for certificate verification function
2020-12-03 15:48:12 +01:00
Hannes Tschofenig
f336c7ea71
Adding delayed server cert verification config option
2020-12-03 15:47:47 +01:00
Hannes Tschofenig
c7f6d7f75c
Making sure that keep peer certificate option is set when server cert verification is used.
2020-12-03 15:47:31 +01:00
Andrzej Kurek
b0b1cdc059
Merge pull request #3932 from AndrzejKurek/tinycrypt-ecdh-test-vectors
...
Tinycrypt - ecdh test vectors
2020-12-02 11:43:35 -05:00
Shelly Liberman
c6603c501c
Merge pull request #3931 from shelib01/plat_rand_buf_FI_protection
...
Platform random buf FI mitigation added
2020-12-02 13:30:25 +02:00
Andrzej Kurek
0e6c01796d
Add NIST CAVP SP 800-56A tests for tinycrypt ecdh
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-12-01 07:29:50 -05:00
Shelly Liberman
7326c62efb
Add flow control to platform rnd buf
...
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-12-01 14:04:51 +02:00
Shelly Liberman
26bea33674
Merge pull request #3899 from shelib01/masked-aes
...
Masked AES 128 bit, encrypt only (boolean mask technique)
2020-11-27 17:17:23 +02:00
Shelly Liberman
11c64885a6
After review fixes
...
1. Formating
2. Check config added
3. Dependency description fixed
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-11-26 23:58:41 +02:00
Andrzej Kurek
6994eb2b52
Merge pull request #3919 from AndrzejKurek/fi-flag-ccm-countermeasures
...
Make CCM shuffling an masking optional
2020-11-26 14:08:32 -05:00
Andrzej Kurek
7d0a6864d3
Make CCM shuffling and masking optional
...
Add a define for CCM shuffling and masking operations.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-11-26 06:35:04 -05:00
Shelly Liberman
44b4229352
masked-aes CI problems fixes
...
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-11-26 10:54:19 +02:00
Andrzej Kurek
ab3de1daff
Add flow control protection to ccm
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-11-26 03:24:14 -05:00
Shelly Liberman
c907c81a3b
aes boolean masking
...
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-11-25 20:58:25 +02:00
Andrzej Kurek
8265f5cc4f
Merge pull request #3880 from AndrzejKurek/fi-random-delays
...
Add random delays to sha256 to protect against fault injection
2020-11-25 13:38:52 -05:00
Shelly Liberman
88da3c245b
Merge branch 'baremetal' into masked-aes
2020-11-25 18:32:19 +02:00
Shelly Liberman
cdebcfe1a3
aes boolean masking
...
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-11-25 18:14:59 +02:00
Andrzej Kurek
9b92865bcd
Merge pull request #3850 from AndrzejKurek/ccm-clean-temp-data
...
ccm - clean temp data
2020-11-25 11:14:05 -05:00
Andrzej Kurek
549a35690c
Merge pull request #3890 from AndrzejKurek/fi-memcpy-memset-fail
...
Add a callback for platform faults in platform_util.c
2020-11-25 11:13:32 -05:00
Andrzej Kurek
1c448168b2
Merge pull request #3913 from jarvte/memfix_variablebuffer
...
Fix possible memory leak when MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH defined
2020-11-25 09:45:53 -05:00
Andrzej Kurek
7f81c86a0d
Add a callback for platform faults in platform_util.c
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-11-25 06:53:59 -05:00
Andrzej Kurek
9bc6119bb9
Add random delays to sha256 to protect against fault injection
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-11-25 06:38:05 -05:00
Andrzej Kurek
142f09fb96
ccm: zeroize buffers before and after usage
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-11-25 06:20:43 -05:00
Andrzej Kurek
5eba1d82a2
Merge pull request #3841 from AndrzejKurek/baremetal-rnd-in-range-fix
...
Move size checks outside of mbedtls_platform_random_in_range
2020-11-25 11:41:40 +01:00
Andrzej Kurek
21f64d3633
Merge pull request #3840 from AndrzejKurek/baremetal-aes-shuffling-2
...
CCM countermeasures - shuffling and masking
2020-11-25 11:33:53 +01:00
Teppo Järvelin
b89cf99a57
Fix possible memory leak when MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH is defined
...
Signed-off-by: Teppo Järvelin <teppo.jarvelin@arm.com>
2020-11-25 11:44:05 +02:00
Shelly Liberman
9e27b901b7
Merge pull request #3900 from shelib01/fix_uninitialized_var
...
Fix uninitialized variables
2020-11-25 11:25:51 +02:00
Shelly Liberman
c5b0c6e8ae
fix uninitialized variables
...
Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
2020-11-19 20:01:21 +02:00