From 18c9fed857f57ec100702b54e185e786e4695590 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 30 Dec 2022 17:44:24 +0100 Subject: [PATCH 1/9] tls: remove dependency from mbedtls_ecp_curve functions Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 16 ----- library/ssl_client.c | 10 ++-- library/ssl_misc.h | 70 ++++++++++++++++++++-- library/ssl_tls.c | 120 +++++++++++++++++++++++++++++++++---- library/ssl_tls12_client.c | 17 +++--- library/ssl_tls12_server.c | 66 +++++++++++--------- library/ssl_tls13_client.c | 19 +++--- 7 files changed, 238 insertions(+), 80 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index f030bea94e..f2f5400853 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -264,22 +264,6 @@ static inline int mbedtls_psa_get_ecc_oid_from_id( #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \ PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE( PSA_VENDOR_ECC_MAX_CURVE_BITS ) -/* This function transforms an ECC group identifier from - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * into a PSA ECC group identifier. */ -#if defined(MBEDTLS_ECP_C) -static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group( - uint16_t tls_ecc_grp_reg_id, size_t *bits ) -{ - const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id ); - if( curve_info == NULL ) - return( 0 ); - return( PSA_KEY_TYPE_ECC_KEY_PAIR( - mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) ); -} -#endif /* MBEDTLS_ECP_C */ - /* Expose whatever RNG the PSA subsystem uses to applications using the * mbedtls_xxx API. The declarations and definitions here need to be * consistent with the implementation in library/psa_crypto_random_impl.h. diff --git a/library/ssl_client.c b/library/ssl_client.c index e838845940..d1a66401f4 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -266,15 +266,17 @@ static int ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl, ( mbedtls_ssl_conf_is_tls12_enabled( ssl->conf ) && mbedtls_ssl_tls12_named_group_is_ecdhe( *group_list ) ) ) { - const mbedtls_ecp_curve_info *curve_info; - curve_info = mbedtls_ecp_curve_info_from_tls_id( *group_list ); - if( curve_info == NULL ) + if( mbedtls_ssl_get_ecp_group_id_from_tls_id( *group_list ) == + MBEDTLS_ECP_DP_NONE ) + { continue; + } MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); MBEDTLS_PUT_UINT16_BE( *group_list, p, 0 ); p += 2; MBEDTLS_SSL_DEBUG_MSG( 3, ( "NamedGroup: %s ( %x )", - curve_info->name, *group_list ) ); + mbedtls_ssl_get_curve_name_from_tls_id( *group_list ), + *group_list ) ); } #endif /* MBEDTLS_ECP_C */ /* Add DHE groups here */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 82549642fe..acb38cf811 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -787,7 +787,7 @@ struct mbedtls_ssl_handshake_params #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - const mbedtls_ecp_curve_info **curves; /*!< Supported elliptic curves */ + uint16_t *curves_tls_id; /*!< List of TLS IDs of supported elliptic curves */ #endif #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) @@ -1576,6 +1576,69 @@ MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ); #endif +/** + * \brief Return PSA EC info for the specified TLS ID. + * + * \param tls_id The TLS ID to look for + * \param family If the TLD ID is supported, then proper \c psa_ecc_family_t + * value is returned here. Can be NULL. + * \param bits If the TLD ID is supported, then proper bit size is returned + * here. Can be NULL. + * \return PSA_SUCCESS if the TLS ID is supported, + * PSA_ERROR_NOT_SUPPORTED otherwise + * + * \note If either \c family or \c bits parameters are NULL, then + * the corresponding value is not returned. + * The function can be called with both parameters as NULL + * simply to check if a specific TLS ID is supported. + */ +int mbedtls_ssl_get_psa_curve_info_from_tls_id( uint16_t tls_id, + psa_ecc_family_t *family, + size_t* bits ); + +/** + * \brief Return \c mbedtls_ecp_group_id for the specified TLS ID. + * + * \param tls_id The TLS ID to look for + * \return Proper \c mbedtls_ecp_group_id if the TLS ID is supported, + * or MBEDTLS_ECP_DP_NONE otherwise + */ +mbedtls_ecp_group_id mbedtls_ssl_get_ecp_group_id_from_tls_id( uint16_t tls_id ); + +/** + * \brief Return TLS ID for the specified \c mbedtls_ecp_group_id. + * + * \param grp_id The \c mbedtls_ecp_group_id ID to look for + * \return Proper TLS ID if the \c mbedtls_ecp_group_id is supported, + * or 0 otherwise + */ +uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id( mbedtls_ecp_group_id grp_id ); + +/** + * \brief Return EC's name for the specified TLS ID. + * + * \param tls_id The TLS ID to look for + * \return A pointer to a const string with the proper name. If TLS + * ID is not suppoted, a NULL pointer is returned insted. + */ +const char* mbedtls_ssl_get_curve_name_from_tls_id( uint16_t tls_id ); + +/* This function transforms an ECC group identifier from + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * into a PSA ECC group identifier. */ +#if defined(MBEDTLS_ECP_C) +static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group( + uint16_t tls_ecc_grp_reg_id, size_t *bits ) +{ + mbedtls_ecp_group_id grp_id = + mbedtls_ssl_get_ecp_group_id_from_tls_id( tls_ecc_grp_reg_id ); + if( grp_id == MBEDTLS_ECP_DP_NONE ) + return( 0 ); + return( PSA_KEY_TYPE_ECC_KEY_PAIR( + mbedtls_ecc_group_to_psa( grp_id, bits ) ) ); +} +#endif /* MBEDTLS_ECP_C */ + #if defined(MBEDTLS_SSL_DTLS_SRTP) static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value ( const uint16_t srtp_profile_value ) @@ -2173,9 +2236,8 @@ static inline int mbedtls_ssl_named_group_is_supported( uint16_t named_group ) #if defined(MBEDTLS_ECDH_C) if( mbedtls_ssl_tls13_named_group_is_ecdhe( named_group ) ) { - const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_tls_id( named_group ); - if( curve_info != NULL ) + if( mbedtls_ssl_get_ecp_group_id_from_tls_id( named_group ) != + MBEDTLS_ECP_DP_NONE ) return( 1 ); } #else diff --git a/library/ssl_tls.c b/library/ssl_tls.c index b757613171..dbee389616 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1064,14 +1064,14 @@ static int ssl_handshake_init( mbedtls_ssl_context *ssl ) for( size_t i = 0; i < length; i++ ) { - const mbedtls_ecp_curve_info *info = - mbedtls_ecp_curve_info_from_grp_id( curve_list[i] ); - if ( info == NULL ) + uint16_t tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id( + curve_list[i] ); + if ( tls_id == 0 ) { mbedtls_free( group_list ); return( MBEDTLS_ERR_SSL_BAD_CONFIG ); } - group_list[i] = info->tls_id; + group_list[i] = tls_id; } group_list[length] = 0; @@ -4048,7 +4048,7 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) /* explicit void pointer cast for buggy MS compiler */ - mbedtls_free( (void *) handshake->curves ); + mbedtls_free( (void *) handshake->curves_tls_id ); #endif #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) @@ -5468,18 +5468,118 @@ int mbedtls_ssl_check_curve_tls_id( const mbedtls_ssl_context *ssl, uint16_t tls */ int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ) { - const mbedtls_ecp_curve_info *grp_info = - mbedtls_ecp_curve_info_from_grp_id( grp_id ); + uint16_t tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id( grp_id ); - if ( grp_info == NULL ) + if ( tls_id == 0 ) return -1; - uint16_t tls_id = grp_info->tls_id; - return mbedtls_ssl_check_curve_tls_id( ssl, tls_id ); } #endif /* MBEDTLS_ECP_C */ +static const struct { + uint16_t tls_id; + mbedtls_ecp_group_id ecp_group_id; + psa_ecc_family_t psa_family; + uint16_t bits; + const char* name; +} tls_id_match_table[] = +{ +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_521) + { 25, MBEDTLS_ECP_DP_SECP521R1, PSA_ECC_FAMILY_SECP_R1, 521, "secp521r1" }, +#endif +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) + { 28, MBEDTLS_ECP_DP_BP512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 512, "brainpoolP512r1" }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) + { 24, MBEDTLS_ECP_DP_SECP384R1, PSA_ECC_FAMILY_SECP_R1, 384, "secp384r1" }, +#endif +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_384) + { 27, MBEDTLS_ECP_DP_BP384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 384, "brainpoolP384r1" }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) + { 23, MBEDTLS_ECP_DP_SECP256R1, PSA_ECC_FAMILY_SECP_R1, 256, "secp256r1" }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_256) + { 22, MBEDTLS_ECP_DP_SECP256K1, PSA_ECC_FAMILY_SECP_K1, 256, "secp256k1" }, +#endif +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_256) + { 26, MBEDTLS_ECP_DP_BP256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 256, "brainpoolP256r1" }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_224) + { 21, MBEDTLS_ECP_DP_SECP224R1, PSA_ECC_FAMILY_SECP_R1, 224, "secp224r1" }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_224) + { 20, MBEDTLS_ECP_DP_SECP224K1, PSA_ECC_FAMILY_SECP_K1, 224, "secp224k1" }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_192) + { 19, MBEDTLS_ECP_DP_SECP192R1, PSA_ECC_FAMILY_SECP_R1, 192, "secp192r1" }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_192) + { 18, MBEDTLS_ECP_DP_SECP192K1, PSA_ECC_FAMILY_SECP_K1, 192, "secp192k1" }, +#endif +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_255) + { 29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 256, "x25519" }, +#endif +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_448) + { 30, MBEDTLS_ECP_DP_CURVE448, PSA_ECC_FAMILY_MONTGOMERY, 448, "x448" }, +#endif + { 0, MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, +}; + +int mbedtls_ssl_get_psa_curve_info_from_tls_id( uint16_t tls_id, + psa_ecc_family_t *family, + size_t* bits ) +{ + for( int i = 0; tls_id_match_table[i].tls_id != 0; i++ ) + { + if( tls_id_match_table[i].tls_id == tls_id ) + { + if( family != NULL ) + *family = tls_id_match_table[i].psa_family; + if( bits != NULL ) + *bits = tls_id_match_table[i].bits; + return PSA_SUCCESS; + } + } + + return PSA_ERROR_NOT_SUPPORTED; +} + +mbedtls_ecp_group_id mbedtls_ssl_get_ecp_group_id_from_tls_id( uint16_t tls_id ) +{ + for( int i = 0; tls_id_match_table[i].tls_id != 0; i++ ) + { + if( tls_id_match_table[i].tls_id == tls_id ) + return tls_id_match_table[i].ecp_group_id; + } + + return MBEDTLS_ECP_DP_NONE; +} + +uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id( mbedtls_ecp_group_id grp_id ) +{ + for( int i = 0; tls_id_match_table[i].ecp_group_id != MBEDTLS_ECP_DP_NONE; + i++ ) + { + if( tls_id_match_table[i].ecp_group_id == grp_id ) + return tls_id_match_table[i].tls_id; + } + + return 0; +} + +const char* mbedtls_ssl_get_curve_name_from_tls_id( uint16_t tls_id ) +{ + for( int i = 0; tls_id_match_table[i].tls_id != 0; i++ ) + { + if( tls_id_match_table[i].tls_id == tls_id ) + return tls_id_match_table[i].name; + } + + return NULL; +} + #if defined(MBEDTLS_X509_CRT_PARSE_C) int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, const mbedtls_ssl_ciphersuite_t *ciphersuite, diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 76588d30b4..7c54820f33 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -1870,7 +1870,7 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) { - const mbedtls_ecp_curve_info *curve_info; + uint16_t tls_id; mbedtls_ecp_group_id grp_id; #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) grp_id = ssl->handshake->ecdh_ctx.grp.id; @@ -1878,14 +1878,15 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) grp_id = ssl->handshake->ecdh_ctx.grp_id; #endif - curve_info = mbedtls_ecp_curve_info_from_grp_id( grp_id ); - if( curve_info == NULL ) + tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id( grp_id ); + if( tls_id == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", + mbedtls_ssl_get_curve_name_from_tls_id( tls_id ) ) ); if( mbedtls_ssl_check_curve( ssl, grp_id ) != 0 ) return( -1 ); @@ -2346,16 +2347,16 @@ start_processing: * that TLS ID here */ uint16_t read_tls_id = MBEDTLS_GET_UINT16_BE( p, 1 ); - const mbedtls_ecp_curve_info *curve_info; + uint16_t exp_tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id( + MBEDTLS_ECP_DP_SECP256R1 ); - if( ( curve_info = mbedtls_ecp_curve_info_from_grp_id( - MBEDTLS_ECP_DP_SECP256R1 ) ) == NULL ) + if( exp_tls_id == 0 ) { return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); } if( ( *p != MBEDTLS_ECP_TLS_NAMED_CURVE ) || - ( read_tls_id != curve_info->tls_id ) ) + ( read_tls_id != exp_tls_id ) ) { return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 5cdbcc0163..a90617f9a6 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -180,7 +180,7 @@ static int ssl_parse_supported_groups_ext( mbedtls_ssl_context *ssl, { size_t list_size, our_size; const unsigned char *p; - const mbedtls_ecp_curve_info *curve_info, **curves; + uint16_t *curves_tls_id; if ( len < 2 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); @@ -199,7 +199,7 @@ static int ssl_parse_supported_groups_ext( mbedtls_ssl_context *ssl, } /* Should never happen unless client duplicates the extension */ - if( ssl->handshake->curves != NULL ) + if( ssl->handshake->curves_tls_id != NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, @@ -213,23 +213,25 @@ static int ssl_parse_supported_groups_ext( mbedtls_ssl_context *ssl, if( our_size > MBEDTLS_ECP_DP_MAX ) our_size = MBEDTLS_ECP_DP_MAX; - if( ( curves = mbedtls_calloc( our_size, sizeof( *curves ) ) ) == NULL ) + if( ( curves_tls_id = mbedtls_calloc( our_size, + sizeof( *curves_tls_id ) ) ) == NULL ) { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); } - ssl->handshake->curves = curves; + ssl->handshake->curves_tls_id = curves_tls_id; p = buf + 2; while( list_size > 0 && our_size > 1 ) { - curve_info = mbedtls_ecp_curve_info_from_tls_id( ( p[0] << 8 ) | p[1] ); + uint16_t curr_tls_id = MBEDTLS_GET_UINT16_BE( p, 0 ); - if( curve_info != NULL ) + if( mbedtls_ssl_get_ecp_group_id_from_tls_id( curr_tls_id ) != + MBEDTLS_ECP_DP_NONE ) { - *curves++ = curve_info; + *curves_tls_id++ = curr_tls_id; our_size--; } @@ -685,16 +687,18 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_ECDSA_C) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_check_key_curve( mbedtls_pk_context *pk, - const mbedtls_ecp_curve_info **curves ) + uint16_t *curves_tls_id ) { - const mbedtls_ecp_curve_info **crv = curves; + uint16_t *curr_tls_id = curves_tls_id; mbedtls_ecp_group_id grp_id = mbedtls_pk_ec( *pk )->grp.id; + mbedtls_ecp_group_id curr_grp_id; - while( *crv != NULL ) + while( *curr_tls_id != 0 ) { - if( (*crv)->grp_id == grp_id ) + curr_grp_id = mbedtls_ssl_get_ecp_group_id_from_tls_id( *curr_tls_id ); + if( curr_grp_id == grp_id ) return( 0 ); - crv++; + curr_tls_id++; } return( -1 ); @@ -789,7 +793,8 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_ECDSA_C) if( pk_alg == MBEDTLS_PK_ECDSA && - ssl_check_key_curve( &cur->cert->pk, ssl->handshake->curves ) != 0 ) + ssl_check_key_curve( &cur->cert->pk, + ssl->handshake->curves_tls_id ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: elliptic curve" ) ); continue; @@ -857,8 +862,8 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) if( mbedtls_ssl_ciphersuite_uses_ec( suite_info ) && - ( ssl->handshake->curves == NULL || - ssl->handshake->curves[0] == NULL ) ) + ( ssl->handshake->curves_tls_id == NULL || + ssl->handshake->curves_tls_id[0] == 0 ) ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " "no common elliptic curve" ) ); @@ -2849,7 +2854,6 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, ssl->out_msglen; size_t output_offset = 0; size_t output_len = 0; - const mbedtls_ecp_curve_info *curve_info; /* * The first 3 bytes are: @@ -2859,13 +2863,14 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * However since we only support secp256r1 for now, we hardcode its * TLS ID here */ - if( ( curve_info = mbedtls_ecp_curve_info_from_grp_id( - MBEDTLS_ECP_DP_SECP256R1 ) ) == NULL ) + uint16_t tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id( + MBEDTLS_ECP_DP_SECP256R1 ); + if( tls_id ==0 ) { return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); } *out_p = MBEDTLS_ECP_TLS_NAMED_CURVE; - MBEDTLS_PUT_UINT16_BE( curve_info->tls_id, out_p, 1 ); + MBEDTLS_PUT_UINT16_BE( tls_id, out_p, 1 ); output_offset += 3; ret = mbedtls_psa_ecjpake_write_round( &ssl->handshake->psa_pake_ctx, @@ -2986,27 +2991,29 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * ECPoint public; * } ServerECDHParams; */ - const mbedtls_ecp_curve_info **curve = NULL; + uint16_t *curr_tls_id = ssl->handshake->curves_tls_id; const uint16_t *group_list = mbedtls_ssl_get_groups( ssl ); int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; /* Match our preference list against the offered curves */ - if( group_list == NULL ) + if( ( group_list == NULL ) || ( curr_tls_id == NULL ) ) return( MBEDTLS_ERR_SSL_BAD_CONFIG ); for( ; *group_list != 0; group_list++ ) - for( curve = ssl->handshake->curves; *curve != NULL; curve++ ) - if( (*curve)->tls_id == *group_list ) + for( curr_tls_id = ssl->handshake->curves_tls_id; + *curr_tls_id != 0; curr_tls_id++ ) + if( *curr_tls_id == *group_list ) goto curve_matching_done; curve_matching_done: - if( curve == NULL || *curve == NULL ) + if( *curr_tls_id == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", + mbedtls_ssl_get_curve_name_from_tls_id(*curr_tls_id) ) ); #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_status_t status = PSA_ERROR_GENERIC_ERROR; @@ -3022,7 +3029,7 @@ curve_matching_done: /* Convert EC group to PSA key type. */ handshake->ecdh_psa_type = mbedtls_psa_parse_tls_ecc_group( - (*curve)->tls_id, &ecdh_bits ); + *curr_tls_id, &ecdh_bits ); if( handshake->ecdh_psa_type == 0 ) { @@ -3047,7 +3054,7 @@ curve_matching_done: /* * Next two bytes are the namedcurve value */ - MBEDTLS_PUT_UINT16_BE( (*curve)->tls_id, p, 0 ); + MBEDTLS_PUT_UINT16_BE( *curr_tls_id, p, 0 ); p += 2; /* Generate ECDH private key. */ @@ -3093,8 +3100,11 @@ curve_matching_done: /* Determine full message length. */ len += header_size; #else + mbedtls_ecp_group_id curr_grp_id = + mbedtls_ssl_get_ecp_group_id_from_tls_id( *curr_tls_id ); + if( ( ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx, - (*curve)->grp_id ) ) != 0 ) + curr_grp_id ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); return( ret ); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 839b954452..b43bb5f71c 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -230,9 +230,8 @@ static int ssl_tls13_get_default_group_id( mbedtls_ssl_context *ssl, for ( ; *group_list != 0; group_list++ ) { - const mbedtls_ecp_curve_info *curve_info; - curve_info = mbedtls_ecp_curve_info_from_tls_id( *group_list ); - if( curve_info != NULL && + if( ( mbedtls_ssl_get_psa_curve_info_from_tls_id( *group_list, + NULL, NULL ) == PSA_SUCCESS ) && mbedtls_ssl_tls13_named_group_is_ecdhe( *group_list ) ) { *group_id = *group_list; @@ -385,7 +384,6 @@ static int ssl_tls13_parse_hrr_key_share_ext( mbedtls_ssl_context *ssl, const unsigned char *end ) { #if defined(MBEDTLS_ECDH_C) - const mbedtls_ecp_curve_info *curve_info = NULL; const unsigned char *p = buf; int selected_group; int found = 0; @@ -412,8 +410,9 @@ static int ssl_tls13_parse_hrr_key_share_ext( mbedtls_ssl_context *ssl, */ for( ; *group_list != 0; group_list++ ) { - curve_info = mbedtls_ecp_curve_info_from_tls_id( *group_list ); - if( curve_info == NULL || curve_info->tls_id != selected_group ) + if( ( mbedtls_ssl_get_psa_curve_info_from_tls_id( *group_list, + NULL, NULL ) == PSA_ERROR_NOT_SUPPORTED ) || + *group_list != selected_group ) continue; /* We found a match */ @@ -493,15 +492,15 @@ static int ssl_tls13_parse_key_share_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_ECDH_C) if( mbedtls_ssl_tls13_named_group_is_ecdhe( group ) ) { - const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_tls_id( group ); - if( curve_info == NULL ) + if( mbedtls_ssl_get_psa_curve_info_from_tls_id( group, NULL, NULL ) + == PSA_ERROR_NOT_SUPPORTED ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Invalid TLS curve group id" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", + mbedtls_ssl_get_curve_name_from_tls_id( group ) ) ); ret = mbedtls_ssl_tls13_read_public_ecdhe_share( ssl, p, end - p ); if( ret != 0 ) From 3322f611e6f7a2c06c1e4bdcbaf00c6b63595f9f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 30 Dec 2022 17:45:05 +0100 Subject: [PATCH 2/9] test: verify that TLS and X509 are independent from mbedtls_ecp_curve functions Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 18dc8a6688..046a073520 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -939,6 +939,19 @@ component_test_full_cmake_gcc_asan () { msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec tests/context-info.sh + + # Verify that TLS and X509 libraries have no dipendency from + # "mbedtls_ecp_curve" symbols. + msg "test: verify that TLS and X509 have no dependency from mbedtls_ecp_curve symbols" + docs/architecture/psa-migration/syms.sh full + + not grep mbedtls_ecp_curve full-tls-external + not grep mbedtls_ecp_curve full-x509-external + + rm full-tls-external \ + full-tls-modules \ + full-x509-external \ + full-x509-modules } component_test_psa_crypto_key_id_encodes_owner () { From 73260b6e650679a35700c3b360af07e0ddff9657 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 3 Jan 2023 12:53:28 +0100 Subject: [PATCH 3/9] test: extend test_suite_ssl for testing new functions Signed-off-by: Valerio Setti --- tests/suites/test_suite_ssl.data | 4 ++ tests/suites/test_suite_ssl.function | 97 ++++++++++++++++++++++++++++ 2 files changed, 101 insertions(+) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 1b5e44baa3..03acc292d0 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -3547,3 +3547,7 @@ ssl_ecjpake_set_password:0 EC-JPAKE set opaque password depends_on:MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED:MBEDTLS_USE_PSA_CRYPTO ssl_ecjpake_set_password:1 + +Test Elliptic curves' info parsing +depends_on:MBEDTLS_SSL_TLS_C +elliptic_curve_get_properties diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 95fa8ef858..087448dc3f 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2597,6 +2597,25 @@ int tweak_tls13_certificate_msg_vector_len( pwd_string, pwd_len ); \ TEST_EQUAL( ret, exp_ret_val ) #endif + +#define TEST_AVAILABLE_ECC( _tls_id, _group_id, _psa_family, _psa_bits ) \ + TEST_EQUAL( mbedtls_ssl_get_ecp_group_id_from_tls_id( _tls_id ), \ + _group_id ); \ + TEST_EQUAL( mbedtls_ssl_get_tls_id_from_ecp_group_id( _group_id ), \ + _tls_id ); \ + TEST_EQUAL( mbedtls_ssl_get_psa_curve_info_from_tls_id( _tls_id, \ + &psa_family, &psa_bits), PSA_SUCCESS ); \ + TEST_EQUAL( _psa_family, psa_family ); \ + TEST_EQUAL( _psa_bits, psa_bits ); + +#define TEST_UNAVAILABLE_ECC( _tls_id, _group_id, _psa_family, _psa_bits ) \ + TEST_EQUAL( mbedtls_ssl_get_ecp_group_id_from_tls_id( _tls_id ), \ + MBEDTLS_ECP_DP_NONE ); \ + TEST_EQUAL( mbedtls_ssl_get_tls_id_from_ecp_group_id( _group_id ), \ + 0 ); \ + TEST_EQUAL( mbedtls_ssl_get_psa_curve_info_from_tls_id( _tls_id, \ + &psa_family, &psa_bits), PSA_ERROR_NOT_SUPPORTED ); + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -6094,3 +6113,81 @@ void ssl_ecjpake_set_password( int use_opaque_arg ) USE_PSA_DONE( ); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_TLS_C*/ +void elliptic_curve_get_properties( ) +{ + psa_ecc_family_t psa_family; + size_t psa_bits; + + USE_PSA_INIT( ); + +#if defined( MBEDTLS_ECP_DP_SECP521R1_ENABLED ) || defined(PSA_WANT_ECC_SECP_R1_521) + TEST_AVAILABLE_ECC( 25, MBEDTLS_ECP_DP_SECP521R1, PSA_ECC_FAMILY_SECP_R1, 521 ); +#else + TEST_UNAVAILABLE_ECC( 25, MBEDTLS_ECP_DP_SECP521R1, PSA_ECC_FAMILY_SECP_R1, 521 ); +#endif +#if defined( MBEDTLS_ECP_DP_BP512R1_ENABLED ) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) + TEST_AVAILABLE_ECC( 28, MBEDTLS_ECP_DP_BP512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 512 ); +#else + TEST_UNAVAILABLE_ECC( 28, MBEDTLS_ECP_DP_BP512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 512 ); +#endif +#if defined( MBEDTLS_ECP_DP_SECP384R1_ENABLED ) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) + TEST_AVAILABLE_ECC( 24, MBEDTLS_ECP_DP_SECP384R1, PSA_ECC_FAMILY_SECP_R1, 384 ); +#else + TEST_UNAVAILABLE_ECC( 24, MBEDTLS_ECP_DP_SECP384R1, PSA_ECC_FAMILY_SECP_R1, 384 ); +#endif +#if defined( MBEDTLS_ECP_DP_BP384R1_ENABLED ) || defined(PSA_WANT_ECC_SECP_R1_384) + TEST_AVAILABLE_ECC( 27, MBEDTLS_ECP_DP_BP384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 384 ); +#else + TEST_UNAVAILABLE_ECC( 27, MBEDTLS_ECP_DP_BP384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 384 ); +#endif +#if defined( MBEDTLS_ECP_DP_SECP256R1_ENABLED ) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) + TEST_AVAILABLE_ECC( 23, MBEDTLS_ECP_DP_SECP256R1, PSA_ECC_FAMILY_SECP_R1, 256 ); +#else + TEST_UNAVAILABLE_ECC( 23, MBEDTLS_ECP_DP_SECP256R1, PSA_ECC_FAMILY_SECP_R1, 256 ); +#endif +#if defined( MBEDTLS_ECP_DP_SECP256K1_ENABLED ) || defined(PSA_WANT_ECC_SECP_K1_256) + TEST_AVAILABLE_ECC( 22, MBEDTLS_ECP_DP_SECP256K1, PSA_ECC_FAMILY_SECP_K1, 256 ); +#else + TEST_UNAVAILABLE_ECC( 22, MBEDTLS_ECP_DP_SECP256K1, PSA_ECC_FAMILY_SECP_K1, 256 ); +#endif +#if defined( MBEDTLS_ECP_DP_BP256R1_ENABLED ) || defined(PSA_WANT_ECC_SECP_R1_256) + TEST_AVAILABLE_ECC( 26, MBEDTLS_ECP_DP_BP256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 256 ); +#else + TEST_UNAVAILABLE_ECC( 26, MBEDTLS_ECP_DP_BP256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 256 ); +#endif +#if defined( MBEDTLS_ECP_DP_SECP224R1_ENABLED ) || defined(PSA_WANT_ECC_SECP_R1_224) + TEST_AVAILABLE_ECC( 21, MBEDTLS_ECP_DP_SECP224R1, PSA_ECC_FAMILY_SECP_R1, 224 ); +#else + TEST_UNAVAILABLE_ECC( 21, MBEDTLS_ECP_DP_SECP224R1, PSA_ECC_FAMILY_SECP_R1, 224 ); +#endif +#if defined( MBEDTLS_ECP_DP_SECP224K1_ENABLED ) || defined(PSA_WANT_ECC_SECP_K1_224) + TEST_AVAILABLE_ECC( 20, MBEDTLS_ECP_DP_SECP224K1, PSA_ECC_FAMILY_SECP_K1, 224 ); +#else + TEST_UNAVAILABLE_ECC( 20, MBEDTLS_ECP_DP_SECP224K1, PSA_ECC_FAMILY_SECP_K1, 224 ); +#endif +#if defined( MBEDTLS_ECP_DP_SECP192R1_ENABLED ) || defined(PSA_WANT_ECC_SECP_R1_192) + TEST_AVAILABLE_ECC( 19, MBEDTLS_ECP_DP_SECP192R1, PSA_ECC_FAMILY_SECP_R1, 192 ); +#else + TEST_UNAVAILABLE_ECC( 19, MBEDTLS_ECP_DP_SECP192R1, PSA_ECC_FAMILY_SECP_R1, 192 ); +#endif +#if defined( MBEDTLS_ECP_DP_SECP192K1_ENABLED ) || defined(PSA_WANT_ECC_SECP_K1_192) + TEST_AVAILABLE_ECC( 18, MBEDTLS_ECP_DP_SECP192K1, PSA_ECC_FAMILY_SECP_K1, 192 ); +#else + TEST_UNAVAILABLE_ECC( 18, MBEDTLS_ECP_DP_SECP192K1, PSA_ECC_FAMILY_SECP_K1, 192 ); +#endif +#if defined( MBEDTLS_ECP_DP_CURVE25519_ENABLED ) || defined(PSA_WANT_ECC_MONTGOMERY_255) + TEST_AVAILABLE_ECC( 29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 256 ); +#else + TEST_UNAVAILABLE_ECC( 29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 256 ); +#endif +#if defined( MBEDTLS_ECP_DP_CURVE448_ENABLED ) || defined(PSA_WANT_ECC_MONTGOMERY_448) + TEST_AVAILABLE_ECC( 30, MBEDTLS_ECP_DP_CURVE448, PSA_ECC_FAMILY_MONTGOMERY, 448 ); +#else + TEST_UNAVAILABLE_ECC( 30, MBEDTLS_ECP_DP_CURVE448, PSA_ECC_FAMILY_MONTGOMERY, 448 ); +#endif + + USE_PSA_DONE( ); +} +/* END_CASE */ From 40d9ca907bfd8a6e0337a7b9f19c5691d35213ab Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 4 Jan 2023 16:08:04 +0100 Subject: [PATCH 4/9] tls: remove useless legacy function Signed-off-by: Valerio Setti --- library/ssl_misc.h | 18 +----------------- library/ssl_tls12_client.c | 12 +++++++----- library/ssl_tls12_server.c | 14 +++++++------- library/ssl_tls13_generic.c | 17 ++++++++++------- 4 files changed, 25 insertions(+), 36 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index acb38cf811..b9fd53e766 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1619,26 +1619,10 @@ uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id( mbedtls_ecp_group_id grp_id ) * * \param tls_id The TLS ID to look for * \return A pointer to a const string with the proper name. If TLS - * ID is not suppoted, a NULL pointer is returned insted. + * ID is not suppoted, a NULL pointer is returned instead. */ const char* mbedtls_ssl_get_curve_name_from_tls_id( uint16_t tls_id ); -/* This function transforms an ECC group identifier from - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 - * into a PSA ECC group identifier. */ -#if defined(MBEDTLS_ECP_C) -static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group( - uint16_t tls_ecc_grp_reg_id, size_t *bits ) -{ - mbedtls_ecp_group_id grp_id = - mbedtls_ssl_get_ecp_group_id_from_tls_id( tls_ecc_grp_reg_id ); - if( grp_id == MBEDTLS_ECP_DP_NONE ) - return( 0 ); - return( PSA_KEY_TYPE_ECC_KEY_PAIR( - mbedtls_ecc_group_to_psa( grp_id, bits ) ) ); -} -#endif /* MBEDTLS_ECP_C */ - #if defined(MBEDTLS_SSL_DTLS_SRTP) static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value ( const uint16_t srtp_profile_value ) diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 7c54820f33..58f0a375c1 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -1800,9 +1800,10 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, unsigned char *end ) { uint16_t tls_id; - size_t ecdh_bits = 0; uint8_t ecpoint_len; mbedtls_ssl_handshake_params *handshake = ssl->handshake; + psa_ecc_family_t ec_psa_family = 0; + size_t ec_bits = 0; /* * struct { @@ -1836,13 +1837,14 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } - /* Convert EC group to PSA key type. */ - if( ( handshake->ecdh_psa_type = - mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 ) + /* Convert EC's TLS ID to PSA key type. */ + if( mbedtls_ssl_get_psa_curve_info_from_tls_id( tls_id, &ec_psa_family, + &ec_bits ) == PSA_ERROR_NOT_SUPPORTED ) { return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } - handshake->ecdh_bits = ecdh_bits; + handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR( ec_psa_family ); + handshake->ecdh_bits = ec_bits; /* Keep a copy of the peer's public key */ ecpoint_len = *(*p)++; diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index a90617f9a6..fb053c689a 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -3019,24 +3019,24 @@ curve_matching_done: psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t key_attributes; mbedtls_ssl_handshake_params *handshake = ssl->handshake; - size_t ecdh_bits = 0; uint8_t *p = ssl->out_msg + ssl->out_msglen; const size_t header_size = 4; // curve_type(1), namedcurve(2), // data length(1) const size_t data_length_size = 1; + psa_ecc_family_t ec_psa_family = 0; + size_t ec_bits = 0; MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) ); - /* Convert EC group to PSA key type. */ - handshake->ecdh_psa_type = mbedtls_psa_parse_tls_ecc_group( - *curr_tls_id, &ecdh_bits ); - - if( handshake->ecdh_psa_type == 0 ) + /* Convert EC's TLS ID to PSA key type. */ + if( mbedtls_ssl_get_psa_curve_info_from_tls_id( *curr_tls_id, + &ec_psa_family, &ec_bits ) == PSA_ERROR_NOT_SUPPORTED ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Invalid ecc group parse." ) ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } - handshake->ecdh_bits = ecdh_bits; + handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR( ec_psa_family ); + handshake->ecdh_bits = ec_bits; key_attributes = psa_key_attributes_init(); psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 761c00ec52..7a85063df2 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1518,16 +1518,19 @@ int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange( psa_key_attributes_t key_attributes; size_t own_pubkey_len; mbedtls_ssl_handshake_params *handshake = ssl->handshake; - size_t ecdh_bits = 0; + psa_ecc_family_t ec_psa_family = 0; + size_t ec_bits = 0; MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) ); - /* Convert EC group to PSA key type. */ - if( ( handshake->ecdh_psa_type = - mbedtls_psa_parse_tls_ecc_group( named_group, &ecdh_bits ) ) == 0 ) - return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); - - ssl->handshake->ecdh_bits = ecdh_bits; + /* Convert EC's TLS ID to PSA key type. */ + if( mbedtls_ssl_get_psa_curve_info_from_tls_id( named_group, + &ec_psa_family, &ec_bits ) == PSA_ERROR_NOT_SUPPORTED ) + { + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); + } + handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR( ec_psa_family ); + ssl->handshake->ecdh_bits = ec_bits; key_attributes = psa_key_attributes_init(); psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); From 67419f0e112d6edd72fdad559c2ff5f40dc1d8cf Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 4 Jan 2023 16:12:42 +0100 Subject: [PATCH 5/9] tls: fix + save code size when DEBUG_C is not enabled Some PSA curves' symbols (PSA_WANT_) were not matching the corresponding MBEDTLS_ECP_DP_. This was fixed together with the removal of extra code when DEBUG_C is not enabled. Signed-off-by: Valerio Setti --- library/ssl_misc.h | 2 ++ library/ssl_tls.c | 42 +++++++++++++++++----------- tests/scripts/all.sh | 8 +++--- tests/suites/test_suite_ssl.function | 12 ++++---- 4 files changed, 37 insertions(+), 27 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index b9fd53e766..37ff223bce 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1614,6 +1614,7 @@ mbedtls_ecp_group_id mbedtls_ssl_get_ecp_group_id_from_tls_id( uint16_t tls_id ) */ uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id( mbedtls_ecp_group_id grp_id ); +#if defined(MBEDTLS_DEBUG_C) /** * \brief Return EC's name for the specified TLS ID. * @@ -1622,6 +1623,7 @@ uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id( mbedtls_ecp_group_id grp_id ) * ID is not suppoted, a NULL pointer is returned instead. */ const char* mbedtls_ssl_get_curve_name_from_tls_id( uint16_t tls_id ); +#endif #if defined(MBEDTLS_SSL_DTLS_SRTP) static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value diff --git a/library/ssl_tls.c b/library/ssl_tls.c index dbee389616..86b5de8e80 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5477,6 +5477,12 @@ int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_i } #endif /* MBEDTLS_ECP_C */ +#if defined( MBEDTLS_DEBUG_C ) +#define EC_NAME(_name_) _name_ +#else +#define EC_NAME(_name_) NULL +#endif + static const struct { uint16_t tls_id; mbedtls_ecp_group_id ecp_group_id; @@ -5486,43 +5492,43 @@ static const struct { } tls_id_match_table[] = { #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_521) - { 25, MBEDTLS_ECP_DP_SECP521R1, PSA_ECC_FAMILY_SECP_R1, 521, "secp521r1" }, + { 25, MBEDTLS_ECP_DP_SECP521R1, PSA_ECC_FAMILY_SECP_R1, 521, EC_NAME( "secp521r1" ) }, #endif #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) - { 28, MBEDTLS_ECP_DP_BP512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 512, "brainpoolP512r1" }, + { 28, MBEDTLS_ECP_DP_BP512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 512, EC_NAME( "brainpoolP512r1" ) }, #endif -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) - { 24, MBEDTLS_ECP_DP_SECP384R1, PSA_ECC_FAMILY_SECP_R1, 384, "secp384r1" }, +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_384) + { 24, MBEDTLS_ECP_DP_SECP384R1, PSA_ECC_FAMILY_SECP_R1, 384, EC_NAME( "secp384r1" ) }, #endif -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_384) - { 27, MBEDTLS_ECP_DP_BP384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 384, "brainpoolP384r1" }, +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) + { 27, MBEDTLS_ECP_DP_BP384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 384, EC_NAME( "brainpoolP384r1" ) }, #endif -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) - { 23, MBEDTLS_ECP_DP_SECP256R1, PSA_ECC_FAMILY_SECP_R1, 256, "secp256r1" }, +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_256) + { 23, MBEDTLS_ECP_DP_SECP256R1, PSA_ECC_FAMILY_SECP_R1, 256, EC_NAME( "secp256r1" ) }, #endif #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_256) - { 22, MBEDTLS_ECP_DP_SECP256K1, PSA_ECC_FAMILY_SECP_K1, 256, "secp256k1" }, + { 22, MBEDTLS_ECP_DP_SECP256K1, PSA_ECC_FAMILY_SECP_K1, 256, EC_NAME( "secp256k1" ) }, #endif -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_256) - { 26, MBEDTLS_ECP_DP_BP256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 256, "brainpoolP256r1" }, +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) + { 26, MBEDTLS_ECP_DP_BP256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 256, EC_NAME( "brainpoolP256r1" ) }, #endif #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_224) - { 21, MBEDTLS_ECP_DP_SECP224R1, PSA_ECC_FAMILY_SECP_R1, 224, "secp224r1" }, + { 21, MBEDTLS_ECP_DP_SECP224R1, PSA_ECC_FAMILY_SECP_R1, 224, EC_NAME( "secp224r1" ) }, #endif #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_224) - { 20, MBEDTLS_ECP_DP_SECP224K1, PSA_ECC_FAMILY_SECP_K1, 224, "secp224k1" }, + { 20, MBEDTLS_ECP_DP_SECP224K1, PSA_ECC_FAMILY_SECP_K1, 224, EC_NAME( "secp224k1" ) }, #endif #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_192) - { 19, MBEDTLS_ECP_DP_SECP192R1, PSA_ECC_FAMILY_SECP_R1, 192, "secp192r1" }, + { 19, MBEDTLS_ECP_DP_SECP192R1, PSA_ECC_FAMILY_SECP_R1, 192, EC_NAME( "secp192r1" ) }, #endif #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_192) - { 18, MBEDTLS_ECP_DP_SECP192K1, PSA_ECC_FAMILY_SECP_K1, 192, "secp192k1" }, + { 18, MBEDTLS_ECP_DP_SECP192K1, PSA_ECC_FAMILY_SECP_K1, 192, EC_NAME( "secp192k1" ) }, #endif #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_255) - { 29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 256, "x25519" }, + { 29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 255, EC_NAME( "x25519" ) }, #endif #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_448) - { 30, MBEDTLS_ECP_DP_CURVE448, PSA_ECC_FAMILY_MONTGOMERY, 448, "x448" }, + { 30, MBEDTLS_ECP_DP_CURVE448, PSA_ECC_FAMILY_MONTGOMERY, 448, EC_NAME( "x448" ) }, #endif { 0, MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, }; @@ -5569,6 +5575,7 @@ uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id( mbedtls_ecp_group_id grp_id ) return 0; } +#if defined(MBEDTLS_DEBUG_C) const char* mbedtls_ssl_get_curve_name_from_tls_id( uint16_t tls_id ) { for( int i = 0; tls_id_match_table[i].tls_id != 0; i++ ) @@ -5579,6 +5586,7 @@ const char* mbedtls_ssl_get_curve_name_from_tls_id( uint16_t tls_id ) return NULL; } +#endif #if defined(MBEDTLS_X509_CRT_PARSE_C) int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 046a073520..90acaaa92f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -940,13 +940,13 @@ component_test_full_cmake_gcc_asan () { msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec tests/context-info.sh - # Verify that TLS and X509 libraries have no dipendency from - # "mbedtls_ecp_curve" symbols. - msg "test: verify that TLS and X509 have no dependency from mbedtls_ecp_curve symbols" + msg "test: check direct ECP dependencies in TLS and X.509" docs/architecture/psa-migration/syms.sh full + # TODO: replace "mbedtls_ecp_curve" with "mbedtls_ecp" also for + # "full-tls-external" once Issue6839 is completed not grep mbedtls_ecp_curve full-tls-external - not grep mbedtls_ecp_curve full-x509-external + not grep mbedtls_ecp full-x509-external rm full-tls-external \ full-tls-modules \ diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 087448dc3f..9dcee84d5c 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -6132,17 +6132,17 @@ void elliptic_curve_get_properties( ) #else TEST_UNAVAILABLE_ECC( 28, MBEDTLS_ECP_DP_BP512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 512 ); #endif -#if defined( MBEDTLS_ECP_DP_SECP384R1_ENABLED ) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) +#if defined( MBEDTLS_ECP_DP_SECP384R1_ENABLED ) || defined(PSA_WANT_ECC_SECP_R1_384) TEST_AVAILABLE_ECC( 24, MBEDTLS_ECP_DP_SECP384R1, PSA_ECC_FAMILY_SECP_R1, 384 ); #else TEST_UNAVAILABLE_ECC( 24, MBEDTLS_ECP_DP_SECP384R1, PSA_ECC_FAMILY_SECP_R1, 384 ); #endif -#if defined( MBEDTLS_ECP_DP_BP384R1_ENABLED ) || defined(PSA_WANT_ECC_SECP_R1_384) +#if defined( MBEDTLS_ECP_DP_BP384R1_ENABLED ) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) TEST_AVAILABLE_ECC( 27, MBEDTLS_ECP_DP_BP384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 384 ); #else TEST_UNAVAILABLE_ECC( 27, MBEDTLS_ECP_DP_BP384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 384 ); #endif -#if defined( MBEDTLS_ECP_DP_SECP256R1_ENABLED ) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) +#if defined( MBEDTLS_ECP_DP_SECP256R1_ENABLED ) || defined(PSA_WANT_ECC_SECP_R1_256) TEST_AVAILABLE_ECC( 23, MBEDTLS_ECP_DP_SECP256R1, PSA_ECC_FAMILY_SECP_R1, 256 ); #else TEST_UNAVAILABLE_ECC( 23, MBEDTLS_ECP_DP_SECP256R1, PSA_ECC_FAMILY_SECP_R1, 256 ); @@ -6152,7 +6152,7 @@ void elliptic_curve_get_properties( ) #else TEST_UNAVAILABLE_ECC( 22, MBEDTLS_ECP_DP_SECP256K1, PSA_ECC_FAMILY_SECP_K1, 256 ); #endif -#if defined( MBEDTLS_ECP_DP_BP256R1_ENABLED ) || defined(PSA_WANT_ECC_SECP_R1_256) +#if defined( MBEDTLS_ECP_DP_BP256R1_ENABLED ) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) TEST_AVAILABLE_ECC( 26, MBEDTLS_ECP_DP_BP256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 256 ); #else TEST_UNAVAILABLE_ECC( 26, MBEDTLS_ECP_DP_BP256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 256 ); @@ -6178,9 +6178,9 @@ void elliptic_curve_get_properties( ) TEST_UNAVAILABLE_ECC( 18, MBEDTLS_ECP_DP_SECP192K1, PSA_ECC_FAMILY_SECP_K1, 192 ); #endif #if defined( MBEDTLS_ECP_DP_CURVE25519_ENABLED ) || defined(PSA_WANT_ECC_MONTGOMERY_255) - TEST_AVAILABLE_ECC( 29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 256 ); + TEST_AVAILABLE_ECC( 29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 255 ); #else - TEST_UNAVAILABLE_ECC( 29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 256 ); + TEST_UNAVAILABLE_ECC( 29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 255 ); #endif #if defined( MBEDTLS_ECP_DP_CURVE448_ENABLED ) || defined(PSA_WANT_ECC_MONTGOMERY_448) TEST_AVAILABLE_ECC( 30, MBEDTLS_ECP_DP_CURVE448, PSA_ECC_FAMILY_MONTGOMERY, 448 ); From 2b5d3ded1f6ba1018bf5deebcfec6cb1bd6563a4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 9 Jan 2023 11:04:52 +0100 Subject: [PATCH 6/9] remove remaining occurencies of mbedtls_ecc_group_to_psa() from TLS Signed-off-by: Valerio Setti --- library/ssl_tls12_client.c | 20 ++++++++++++-------- library/ssl_tls12_server.c | 17 +++++++++++------ 2 files changed, 23 insertions(+), 14 deletions(-) diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 58f0a375c1..4ddb1874f6 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -2107,8 +2107,9 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) peer_key = mbedtls_pk_ec( *peer_pk ); #if defined(MBEDTLS_USE_PSA_CRYPTO) - size_t ecdh_bits = 0; size_t olen = 0; + uint16_t tls_id = 0; + psa_ecc_family_t ecc_family; if( mbedtls_ssl_check_curve( ssl, peer_key->grp.id ) != 0 ) { @@ -2116,17 +2117,20 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_BAD_CERTIFICATE ); } - ssl->handshake->ecdh_psa_type = - PSA_KEY_TYPE_ECC_KEY_PAIR( mbedtls_ecc_group_to_psa( peer_key->grp.id, - &ecdh_bits ) ); - - if( ssl->handshake->ecdh_psa_type == 0 || ecdh_bits > 0xffff ) + tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id( peer_key->grp.id ); + if( tls_id == 0 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Invalid ecc group conversion to psa." ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ECC group %d not suported", + peer_key->grp.id ) ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } - ssl->handshake->ecdh_bits = (uint16_t) ecdh_bits; + /* If the above conversion to TLS ID was fine, then also this one will be, + so there is no need to check the retun value here */ + mbedtls_ssl_get_psa_curve_info_from_tls_id( tls_id, &ecc_family, + &ssl->handshake->ecdh_bits ); + + ssl->handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR( ecc_family ); /* Store peer's public key in psa format. */ ret = mbedtls_ecp_point_write_binary( &peer_key->grp, &peer_key->Q, diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index fb053c689a..2d7e5722d8 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -2659,7 +2659,8 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) unsigned char buf[ PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT; - size_t ecdh_bits = 0; + uint16_t tls_id = 0; + psa_ecc_family_t ecc_family; size_t key_len; mbedtls_pk_context *pk; mbedtls_ecp_keypair *key; @@ -2703,15 +2704,19 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) if( key == NULL ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - /* Convert EC group to PSA key type. */ - if( ( ssl->handshake->ecdh_psa_type = - mbedtls_ecc_group_to_psa( key->grp.id, - &ecdh_bits ) ) == 0 ) + tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id( key->grp.id ); + if( tls_id == 0 ) { + /* This elliptic curve is not supported */ return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } - ssl->handshake->ecdh_bits = ecdh_bits; + /* If the above conversion to TLS ID was fine, then also this one will + be, so there is no need to check the retun value here */ + mbedtls_ssl_get_psa_curve_info_from_tls_id( tls_id, &ecc_family, + &ssl->handshake->ecdh_bits ); + + ssl->handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR( ecc_family ); key_attributes = psa_key_attributes_init(); psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); From 1e868ccbace3d8ec592de2c1e7bca3b6e17fb0bf Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 9 Jan 2023 17:30:01 +0100 Subject: [PATCH 7/9] fix several typos and extra blank spaces Signed-off-by: Valerio Setti --- library/ssl_misc.h | 2 +- library/ssl_tls12_client.c | 4 ++-- library/ssl_tls12_server.c | 2 +- tests/suites/test_suite_ssl.function | 30 ++++++++++++++-------------- 4 files changed, 19 insertions(+), 19 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 37ff223bce..2c95afeff2 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1620,7 +1620,7 @@ uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id( mbedtls_ecp_group_id grp_id ) * * \param tls_id The TLS ID to look for * \return A pointer to a const string with the proper name. If TLS - * ID is not suppoted, a NULL pointer is returned instead. + * ID is not supported, a NULL pointer is returned instead. */ const char* mbedtls_ssl_get_curve_name_from_tls_id( uint16_t tls_id ); #endif diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 4ddb1874f6..a7a1fc1c5d 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -2125,8 +2125,8 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } - /* If the above conversion to TLS ID was fine, then also this one will be, - so there is no need to check the retun value here */ + /* If the above conversion to TLS ID was fine, then also this one will be, + so there is no need to check the return value here */ mbedtls_ssl_get_psa_curve_info_from_tls_id( tls_id, &ecc_family, &ssl->handshake->ecdh_bits ); diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 2d7e5722d8..a28cd67405 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -2712,7 +2712,7 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) } /* If the above conversion to TLS ID was fine, then also this one will - be, so there is no need to check the retun value here */ + be, so there is no need to check the return value here */ mbedtls_ssl_get_psa_curve_info_from_tls_id( tls_id, &ecc_family, &ssl->handshake->ecdh_bits ); diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 9dcee84d5c..73e22985c0 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2598,22 +2598,22 @@ int tweak_tls13_certificate_msg_vector_len( TEST_EQUAL( ret, exp_ret_val ) #endif -#define TEST_AVAILABLE_ECC( _tls_id, _group_id, _psa_family, _psa_bits ) \ - TEST_EQUAL( mbedtls_ssl_get_ecp_group_id_from_tls_id( _tls_id ), \ - _group_id ); \ - TEST_EQUAL( mbedtls_ssl_get_tls_id_from_ecp_group_id( _group_id ), \ - _tls_id ); \ - TEST_EQUAL( mbedtls_ssl_get_psa_curve_info_from_tls_id( _tls_id, \ - &psa_family, &psa_bits), PSA_SUCCESS ); \ - TEST_EQUAL( _psa_family, psa_family ); \ - TEST_EQUAL( _psa_bits, psa_bits ); +#define TEST_AVAILABLE_ECC( tls_id_, group_id_, psa_family_, psa_bits_ ) \ + TEST_EQUAL( mbedtls_ssl_get_ecp_group_id_from_tls_id( tls_id_ ), \ + group_id_ ); \ + TEST_EQUAL( mbedtls_ssl_get_tls_id_from_ecp_group_id( group_id_ ), \ + tls_id_ ); \ + TEST_EQUAL( mbedtls_ssl_get_psa_curve_info_from_tls_id( tls_id_, \ + &psa_family, &psa_bits), PSA_SUCCESS ); \ + TEST_EQUAL( psa_family_, psa_family ); \ + TEST_EQUAL( psa_bits_, psa_bits ); -#define TEST_UNAVAILABLE_ECC( _tls_id, _group_id, _psa_family, _psa_bits ) \ - TEST_EQUAL( mbedtls_ssl_get_ecp_group_id_from_tls_id( _tls_id ), \ - MBEDTLS_ECP_DP_NONE ); \ - TEST_EQUAL( mbedtls_ssl_get_tls_id_from_ecp_group_id( _group_id ), \ - 0 ); \ - TEST_EQUAL( mbedtls_ssl_get_psa_curve_info_from_tls_id( _tls_id, \ +#define TEST_UNAVAILABLE_ECC( tls_id_, group_id_, psa_family_, psa_bits_ ) \ + TEST_EQUAL( mbedtls_ssl_get_ecp_group_id_from_tls_id( tls_id_ ), \ + MBEDTLS_ECP_DP_NONE ); \ + TEST_EQUAL( mbedtls_ssl_get_tls_id_from_ecp_group_id( group_id_ ), \ + 0 ); \ + TEST_EQUAL( mbedtls_ssl_get_psa_curve_info_from_tls_id( tls_id_, \ &psa_family, &psa_bits), PSA_ERROR_NOT_SUPPORTED ); /* END_HEADER */ From 2c12185b8824e8c0a04517e390aeffb91223f676 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 9 Jan 2023 18:00:39 +0100 Subject: [PATCH 8/9] test: fix dependencies on function and data files Signed-off-by: Valerio Setti --- tests/suites/test_suite_ssl.data | 1 - tests/suites/test_suite_ssl.function | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 03acc292d0..3059e7fca6 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -3549,5 +3549,4 @@ depends_on:MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED:MBEDTLS_USE_PSA_CRYPTO ssl_ecjpake_set_password:1 Test Elliptic curves' info parsing -depends_on:MBEDTLS_SSL_TLS_C elliptic_curve_get_properties diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 73e22985c0..ee0cbd24c5 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -6114,7 +6114,7 @@ void ssl_ecjpake_set_password( int use_opaque_arg ) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_TLS_C*/ +/* BEGIN_CASE */ void elliptic_curve_get_properties( ) { psa_ecc_family_t psa_family; From a0b97bc803067655c3e7bd1010fb6568cacb0035 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 9 Jan 2023 19:10:32 +0100 Subject: [PATCH 9/9] fix wrong type in debug message Signed-off-by: Valerio Setti --- library/ssl_tls12_client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index a7a1fc1c5d..30b648166d 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -2120,7 +2120,7 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id( peer_key->grp.id ); if( tls_id == 0 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ECC group %d not suported", + MBEDTLS_SSL_DEBUG_MSG( 1, ( "ECC group %u not suported", peer_key->grp.id ) ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); }