93d4591255
Remove deprecated function mbedtls_ssl_conf_curves()
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2025-01-14 12:06:31 +01:00
bc7c523420
Remove uses of secp244k1
...
Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will
not be implemented. (It would be K1_225 anyway, but we don't intend to
implement it anyway.)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2025-01-08 16:51:23 +01:00
ac2cf1f26c
Defragment incoming TLS handshake messages
...
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me >
2024-12-25 14:34:17 +02:00
1bf85a8634
mbedtls_config: Cleaned up legacy sections.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-16 08:53:48 +00:00
80e76b66af
Moved options to new sections.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-16 08:53:47 +00:00
acd560f887
mbedtls_config: Added new section placeholders.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-16 08:53:47 +00:00
51f228cc1b
Switch to actual TF-PSA-Crypto build_info.h
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-12-11 22:32:45 +01:00
e11ae17c60
Split check_config.h
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-12-11 22:32:45 +01:00
ce3c2dd30c
Merge pull request #9806 from ronald-cron-arm/finalize-split-preparation-1
...
Finalize split preparation-1
2024-12-05 13:23:09 +00:00
6924564970
Move back timing.c to mbedtls
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-12-04 14:25:02 +01:00
18047f0b01
Move config_adjust_legacy_crypto.h to tf-psa-crypto
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-12-04 14:25:02 +01:00
80963c64eb
Move hkdf.h to tf-psa-crypto
...
Move hkdf.h to tf-psa-crypto as
hkdf.c was.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-12-04 14:25:02 +01:00
4f619e12e7
Renamed MBEDTLS_PSA_CRYPTO_CONFIG_FILE & MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
...
Files have been renamed respectively to:
- TF_PSA_CRYPTO_CONFIG_FILE
- TF_PSA_CRYPTO_USER_CONFIG_FILE
As per design proposal:
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:57:56 +00:00
1f0d469e1d
Cleaned up MbedTLS/tf-psa-crypto configs.
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:57:56 +00:00
861b90c257
Migrated General and test configuration options (contd).
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:50:53 +00:00
cb32d084aa
crypto_config: Migrated newer configuration options.
...
This commit, moves configuration entries that were not present
during the design-review.
It also updates the proposal accordingly.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:50:09 +00:00
f33250fcc1
crypto_config: Migrated MBEDTLS_NULL_CIPHER in legacy-crypto
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:49:55 +00:00
127ffb507c
crypto_config: Migrated legacy-crypto selection options.
...
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:49:08 +00:00
a19e07fd14
crypto_config: Migrated crypto-drivers selection options.
...
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:38:02 +00:00
626439ae50
crypto_config: Migrated PSA core selection options.
...
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:29:30 +00:00
14489499e7
crypto_config: Migrated data format selection options.
...
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:29:15 +00:00
45544e0bc3
crypto_config: Migrated cryptographic mechanism selection options.
...
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:29:04 +00:00
2056958eb3
crypto_config: Migrated General and test configuration options.
...
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:28:51 +00:00
25ae42e677
crypto_config: Migrated Platform options.
...
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2024-12-04 09:28:23 +00:00
2761d18c00
Add issue reference for ECP_RESTARTABLE limitations
...
Add reference to github issues to give a way for users to track
progress and express interest.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-12-02 13:58:15 +00:00
745e561d2d
Move the psa_init() warnings to _CLI and _SRV
...
Now that USA_PSA_CRYPTO is always on, users need to call psa_init() with
all protocol versions.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-12-02 13:22:34 +00:00
582ecd0ce1
Remove USE_PSA references from X509 documentation
...
MBEDTLS_USE_PSA_CRYPTO is now always enabled we need to update the
documentation accordingly.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-12-02 12:53:05 +00:00
130ece0b6e
Remove USE_PSA references from SSL documentation
...
MBEDTLS_USE_PSA_CRYPTO is now always enabled we need to update the
documentation accordingly.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-12-02 12:53:05 +00:00
277bba89fb
Remove USE_PSA references from config documentation
...
MBEDTLS_USE_PSA_CRYPTO is now always enabled we need to update the
documentation accordingly.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2024-12-02 12:52:59 +00:00
93ba625b96
Remove MBEDTLS_PSA_CRYPTO_CONFIG configuration option
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-11-21 15:52:06 +01:00
0068fceba3
Note the equivalence of two macros, thanks to RSA-PSK removal
...
Removing the now-duplicate internal macro is left for future work.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-11-05 15:49:12 +01:00
91e7ebebfe
Remove RSA_PSK suites from cipher suite lists
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-11-05 15:49:12 +01:00
b3ec125580
Remove mentions of RSA-PSK key exchange from documentation
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-11-05 15:49:12 +01:00
712e9a1c3e
Remove MBEDTLS_KEY_EXCHANGE_RSA_PSK
...
Remove mentions of MBEDTLS_KEY_EXCHANGE_RSA_PSK that were not guarded by the
configuration option MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED. This finishes the
removal of library code that supports the RSA-PSK key exchange in TLS 1.2.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-11-05 15:49:12 +01:00
ac767e5c69
Remove MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
...
Remove the configuration option MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED and all
code guarded by it. This remove support for the RSA-PSK key exchange in TLS
1.2.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-11-05 15:49:01 +01:00
9863b04dec
Make MBEDTLS_USE_PSA_CRYPTO no longer a selectable option
...
The macro MBEDTLS_USE_PSA_CRYPTO is now always defined. It is no longer a
configuration option.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-10-30 14:23:16 +01:00
8ed4d94166
Merge pull request #9614 from gilles-peskine-arm/use_psa_crypto-always_on
...
Always enable MBEDTLS_USE_PSA_CRYPTO in all.sh
2024-10-29 14:58:55 +00:00
5f6e69dae5
Merge pull request #9693 from Harry-Ramsey/split-revert-error-development
...
Split error.h and move back error.c to mbedtls
2024-10-25 13:12:58 +00:00
43b4264cd8
Enable MBEDTLS_USE_PSA_CRYPTO by default
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-10-22 22:10:42 +02:00
83778d7aa9
Documentation: fix some nits
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-10-22 17:56:36 +02:00
a006b8f6c1
check_config: prevent fully dynamic and static key stores to be enabled simultaneously
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-10-22 17:56:36 +02:00
c2a6e8b3a9
mbedtls_config: fix/improve descriptions of PSA_STATIC_KEY_SLOT symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-10-22 17:56:36 +02:00
933b7693f4
mbedtls_config: fix descriptions for PSA static key slots
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-10-22 17:56:36 +02:00
a7ce589fbc
mbedtls_config: move MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE to the correct place
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-10-22 17:56:36 +02:00
678e0fb3e5
psa: allow to use static key buffers instead of dynamic ones
...
This helps reducing heap memory usage and, if heap memory is
not used anywhere else in an embedded device, it also reduces
code footprint since there is no need for heap management code
in this case.
A new build symbol is added for this purpose, named
MBEDTLS_PSA_STATIC_KEY_SLOTS. It's disabled by default so that
normal usage of Mbed TLS library is not affected.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-10-22 17:56:36 +02:00
90724f7f54
Move error.h from tf-psa-crypto to Mbed TLS
...
This commit moves error.h from tf-psa-crypto to Mbed TLS for 4.0
release.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com >
2024-10-18 08:19:50 +01:00
468c0aede9
Revert move of version.h to tf-psa-crypto libray
...
This commit moves version.h back into /include/mbedtls from
tf-psa-crypto/drivers/builtin/include. This commit also changes the
necessary build files and scripts to generate version_features.c
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com >
2024-10-04 13:37:42 +01:00
96c6f5eb36
Merge pull request #9492 from eleuzi01/remove-legacy-symbol-definitions
...
Remove definitions of legacy symbols
2024-10-01 10:33:06 +00:00
9b0bdd0590
Remove MBEDTLS_ECP_HAVE_xxx and MBEDTLS_MD_CAN_xxx
...
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com >
2024-09-26 14:48:59 +01:00
7f85f1f958
Cosmetic changes
...
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com >
2024-09-26 14:48:59 +01:00
