Commit Graph

330 Commits

Author SHA1 Message Date
Minos Galanakis
6e92df12c2 programs_rsa_rsa_verify: Updated program to use mbedtls_rsa_get_len()
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2024-01-18 14:29:41 +00:00
Minos Galanakis
992f0b8427 programs_rsa_rsa_sign: Updated program to use mbedtls_rsa_get_len()
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2024-01-18 14:29:41 +00:00
Minos Galanakis
ee757d35df programs_rsa_encrypt/decrypt: Updated programs to use mbedtls_rsa_get_len()
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2024-01-18 14:29:41 +00:00
Minos Galanakis
b6a96195fb programs_dh_client/server: Updated programs to use mbedtls_rsa_get_len()
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2024-01-18 14:29:41 +00:00
Minos Galanakis
f4dfd1c8a5 programs/dh_client/server: Added entropy source to mbedtls_rsa_pkcs1_sign()
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2024-01-18 14:29:41 +00:00
Minos Galanakis
a184fd0516 programs/dh_client/server: Replaced mbedtls_sha1 with mbedtls_sha256
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2024-01-18 14:29:41 +00:00
Gilles Peskine
9552a52f5f Declare dependency on bignum in sample programs
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-24 19:51:57 +01:00
Gilles Peskine
52cc2a6368 Use new mbedtls_ecp_keypair functions in sample programs
This eliminates the use of MBEDTLS_PRIVATE in sample programs to access
fields of an mbedtls_ecp_keypair structure.

When displaying elliptic curve points, the program now display the
coordinates in the standard form instead of the internal representation.

The auxiliary function show_ecp_key is present in three programs. It's more
complex than the previous code which was also triplicated. There's no good
place for such auxiliary functions that don't belong in the library and are
used in multiple sample programs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-24 19:49:43 +01:00
Yanray Wang
690ee81533 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-11-23 10:31:26 +08:00
Yanray Wang
f24bbd987a dh_client.c: modify prompt message
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Dave Rodgman
16799db69a update headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Yanray Wang
b67b47425e Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-31 17:22:06 +08:00
Yanray Wang
d7058b0a35 dh_client: removed under CIPHER_ENCRYPT_ONLY
dh_client requests AES-ECB to do decryption. So it needs to be
removed under CIPHER_ENCRYPT_ONLY.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-09-01 17:35:58 +08:00
Manuel Pégourié-Gonnard
660bbf2470 test: disable BIGNUM support on the test ecc_no_bignum component
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 06:43:23 +02:00
Przemek Stekiel
758aef60c5 Add guards for mbedtls_psa_crypto_free()
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-24 08:10:01 +02:00
Przemek Stekiel
2c1ef0967c Init PSA in pkey programs
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-19 10:16:53 +02:00
Andrzej Kurek
0af32483f3 Change the format of md.h include comments
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-04-07 03:10:28 -04:00
Andrzej Kurek
316b7dd19c Add a justification for early md.h include in programs
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-04-05 14:44:38 -04:00
Andrzej Kurek
da86e2e5bd Revert to using MBEDTLS_SHA_1_C when mbedtls_sha1 is called directly
This was mistakingly changed in #7327.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-04-05 14:39:22 -04:00
Andrzej Kurek
eaea30d30e Remove duplicated md.h includes
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-04-05 14:36:51 -04:00
Andrzej Kurek
1b75e5f784 Add missing md.h includes
MBEDTLS_MD_CAN_SHAXXX are defined there.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-04-04 09:55:06 -04:00
Manuel Pégourié-Gonnard
93302422fd Fix instances of old feature macros being used
sed -i -f md.sed include/mbedtls/ssl.h library/hmac_drbg.c programs/pkey/*.c programs/x509/*.c tests/scripts/generate_pkcs7_tests.py tests/suites/test_suite_random.data

Then manually revert programs/pkey/ecdsa.c as it's using a low-level
hash API.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-24 10:43:40 +01:00
Dave Rodgman
94c9c96c94
Merge pull request #6998 from aditya-deshpande-arm/fix-example-programs-usage
Fix incorrect dispatch to USAGE in example programs, which causes uninitialized memory to be used
2023-02-06 09:53:50 +00:00
Dave Rodgman
6dd757a8ba Fix use of sizeof without brackets
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-02 12:40:50 +00:00
Aditya Deshpande
644a5c0b2b Fix bugs in example programs: change argc == 0 to argc < 2
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2023-01-30 16:48:13 +00:00
Gilles Peskine
449bd8303e Switch to the new code style
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-11 14:50:10 +01:00
Tom Cosgrove
1797b05602 Fix typos prior to release
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-04 17:19:59 +00:00
ihsinme
d21ecd71c0 dh_genprime: Fix issue where the error code returned by mbedtls_mpi_write_file() is incorrectly reported on failure
In 'dh_genprime.c', the following condition can be found inside an 'if' statement:

ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) != 0

As the '!=' operator binds closer than the assignment operator ('='), the value assigned to 'ret' will be the boolean result of the comparison (0 or 1) instead of the status code returned by 'mbedtls_mpi_write_file'. This means that the above statement is actually equivalent to:

ret = ( mbedtls_mpi_write_file( "P = ", &P, 16, fout ) != 0 )

What we want instead is for the the status code to be assigned to 'ret'. If the value assigned is non-zero, it will be 'truthy' and the 'if' branch will be taken.

( ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) )  != 0

This PR fixes the issue by explicitly specifying the precedence of operations with parentheses.

Signed-off-by: ihsinme <ihsinme@gmail.com>
2022-11-10 12:58:15 +03:00
Gilles Peskine
945b23c46f Include platform.h unconditionally: automatic part
We used to include platform.h only when MBEDTLS_PLATFORM_C was enabled, and
to define ad hoc replacements for mbedtls_xxx functions on a case-by-case
basis when MBEDTLS_PLATFORM_C was disabled. The only reason for this
complication was to allow building individual source modules without copying
platform.h. This is not something we support or recommend anymore, so get
rid of the complication: include platform.h unconditionally.

There should be no change in behavior since just including the header should
not change the behavior of a program.

This commit replaces most occurrences of conditional inclusion of
platform.h, using the following code:

```
perl -i -0777 -pe 's!#if.*\n#include "mbedtls/platform.h"\n(#else.*\n(#define (mbedtls|MBEDTLS)_.*\n|#include <(stdarg|stddef|stdio|stdlib|string|time)\.h>\n)*)?#endif.*!#include "mbedtls/platform.h"!mg' $(git grep -l '#include "mbedtls/platform.h"')
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-09-15 20:33:07 +02:00
Gilles Peskine
f940693960
Merge pull request #5725 from tom-daubney-arm/x25519_program
Rewrite x25519 example program
2022-05-31 11:27:22 +02:00
Thomas Daubney
413550c529 Change memcmp call
Previous call used sizeof() function which is not needed.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-05-23 16:11:31 +01:00
Thomas Daubney
70c0088239 Change use of olen variables
Removed olen variable in favour of storing olens for
client and server separately.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-05-20 18:46:10 +01:00
Thomas Daubney
306a89094a Add additional error checking
Initialise client and server secret buffers and check their
lengths.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-05-18 15:26:39 +01:00
Thomas Daubney
ec2ec42828 Fix formatting
Line up function parameters.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-05-18 10:23:20 +01:00
Thomas Daubney
64042b8d3d Fix typo
Fix typo that was caught during review.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-05-18 09:59:55 +01:00
josesimoes
23419560c9 Remove prompt to exit in all programs
Signed-off-by: José Simões <jose.simoes@eclo.solutions>
2022-05-06 17:11:22 +01:00
Thomas Daubney
88fed8e700 Rewrite ecdh_curve25519 program
Rewrite the example ECDH x25519 program using the
high-level ECDH API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2022-04-12 14:37:16 +01:00
Gilles Peskine
680747b868 Fix the build of sample programs without mbedtls_strerror
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-25 22:09:12 +02:00
Gilles Peskine
2bb5e9c973
Merge pull request #4760 from gilles-peskine-arm/ecb-alt-ret-3.0
Catch failures of mbedtls_aes_crypt_ecb and its DES equivalents
2021-10-14 12:11:20 +02:00
Gilles Peskine
5b8618b44c fixup: Make the fields of mbedtls_ecp_curve_info public
Remove more places where MBEDTLS_PRIVATE() was used on grp_id, which is now
public.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-28 12:34:53 +02:00
Gilles Peskine
7820a574f1 Catch failures of AES or DES operations
Declare all AES and DES functions that return int as needing to have
their result checked, and do check the result in our code.

A DES or AES block operation can fail in alternative implementations of
mbedtls_internal_aes_encrypt() (under MBEDTLS_AES_ENCRYPT_ALT),
mbedtls_internal_aes_decrypt() (under MBEDTLS_AES_DECRYPT_ALT),
mbedtls_des_crypt_ecb() (under MBEDTLS_DES_CRYPT_ECB_ALT),
mbedtls_des3_crypt_ecb() (under MBEDTLS_DES3_CRYPT_ECB_ALT).
A failure can happen if the accelerator peripheral is in a bad state.
Several block modes were not catching the error.

This commit does the following code changes, grouped together to avoid
having an intermediate commit where the build fails:

* Add MBEDTLS_CHECK_RETURN to all functions returning int in aes.h and des.h.
* Fix all places where this causes a GCC warning, indicating that our code
  was not properly checking the result of an AES operation:
    * In library code: on failure, goto exit and return ret.
    * In pkey programs: goto exit.
    * In the benchmark program: exit (not ideal since there's no error
      message, but it's what the code currently does for failures).
    * In test code: TEST_ASSERT.
* Changelog entry.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-27 16:22:08 +02:00
Gilles Peskine
a73b577744 Make the fields of mbedtls_ecp_curve_info public
The whole point of this structure is to provide information, both for the
library's own sake and to applications.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-08-31 22:52:41 +02:00
Ronald Cron
8682faeb09
Merge pull request #4694 from gilles-peskine-arm/out_size-3.0
Add output size parameter to signature functions
2021-06-29 09:43:17 +02:00
Bence Szépkúti
c662b36af2 Replace all inclusions of config.h
Also remove preprocessor logic for MBEDTLS_CONFIG_FILE, since
build_info.h alreadyy handles it.

This commit was generated using the following script:

# ========================
#!/bin/sh
git ls-files | grep -v '^include/mbedtls/build_info\.h$' | xargs sed -b -E -i '
/^#if !?defined\(MBEDTLS_CONFIG_FILE\)/i#include "mbedtls/build_info.h"
//,/^#endif/d
'
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:24:07 +01:00
Gilles Peskine
f00f152444 Add output size parameter to signature functions
The functions mbedtls_pk_sign(), mbedtls_pk_sign_restartable(),
mbedtls_ecdsa_write_signature() and mbedtls_ecdsa_write_signature_restartable()
now take an extra parameter indicating the size of the output buffer for the
signature.

No change to RSA because for RSA, the output size is trivial to calculate.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-25 00:46:22 +02:00
Gilles Peskine
fedd52ca19
Merge pull request #4707 from gilles-peskine-arm/require-matching-hashlen-rsa-implementation
Require matching hashlen in RSA functions: implementation
2021-06-24 10:28:20 +02:00
Gilles Peskine
6e3187b212 RSA: Use hashlen as the hash input size as documented
Where hashlen was previously ignored when the hash length could be
inferred from an md_alg parameter, the two must now match.

Adapt the existing tests accordingly. Adapt the sample programs accordingly.

This commit does not add any negative testing.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-22 18:39:53 +02:00
Manuel Pégourié-Gonnard
1503a9adab Use a proper DRBG in programs
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-06-17 09:40:15 +02:00
Manuel Pégourié-Gonnard
36a8963b3b Fix cmake build of programs
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-06-17 09:38:38 +02:00
Manuel Pégourié-Gonnard
84dea01f36 Add RNG params to private key parsing
This is necessary for the case where the public part of an EC keypair
needs to be computed from the private part - either because it was not
included (it's an optional component) or because it was compressed (a
format we can't parse).

This changes the API of two public functions: mbedtls_pk_parse_key() and
mbedtls_pk_parse_keyfile().

Tests and programs have been adapted. Some programs use a non-secure RNG
(from the test library) just to get things to compile and run; in a
future commit this should be improved in order to demonstrate best
practice.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-06-17 09:38:38 +02:00