0f6d565d26
pk: return PK_USE_PSA_EC_DATA to pk.h
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-08-10 07:05:47 +02:00
7c494e7211
pk: move PK_HAVE_ECC_KEYS to build_info.h
...
This is usefuls to use PK_HAVE_ECC_KEYS in check_config.h instead
of redefining it twice in different ways.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-08-10 07:05:47 +02:00
7dccb66d49
test: disable RSA support on the test ecc_no_bignum component
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-08-10 06:43:23 +02:00
935ff2300c
More unsigned literal in size macros
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-08-09 19:48:02 +02:00
115784bd3f
Merge pull request #1040 from waleed-elmelegy-arm/development-restricted
...
Improve & test legacy mbedtls_pkcs5_pbe2
2023-08-09 09:43:23 +01:00
aa9a15833e
Fix doc
...
Signed-off-by: Chien Wong <m@xv97.com >
2023-08-09 12:35:47 +08:00
f11cfecb6b
Merge pull request #7998 from gilles-peskine-arm/MBEDTLS_PSA_CRYPTO_CONFIG-less_experimental
...
MBEDTLS_PSA_CRYPTO_CONFIG is ready for production
2023-08-08 09:04:57 +00:00
a79256472c
Merge pull request #7788 from marekjansta/fix-x509-ec-algorithm-identifier
...
Fixed x509 certificate generation to conform to RFCs when using ECC key
2023-08-07 19:14:54 +00:00
153ae464db
Improve doc on special use of A in ecp group structure
...
Signed-off-by: Chien Wong <m@xv97.com >
2023-08-07 23:02:31 +08:00
c98f8d996a
Merge branch 'development' into safer-ct5
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-08-07 11:47:35 +01:00
003a5e1ca7
Merge pull request #1046 from Mbed-TLS/merge_3.4.1
...
Merge 3.4.1
2023-08-03 18:23:37 +01:00
a0fc9987da
Merge branch 'development' into merge_3.4.1
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-08-03 15:56:59 +01:00
f50767d7ab
Improve mbedtls_pkcs5_pbes2 function signature comments
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2023-08-03 15:42:55 +01:00
6f80ac4979
Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size
...
Enforce minimum key size when generating RSA key size
2023-08-03 12:57:52 +00:00
9a3ded10b7
Merge remote-tracking branch 'gilles-peskine-arm/3.4.0-updated-certs' into mbedtls-3.4.1rc0-pr
2023-08-03 12:00:31 +01:00
c8ccc8f86d
tls: add new symbol for generic TLS 1.2 and 1.3 support
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-08-02 20:00:13 +02:00
df28b8d2ea
Add space to appease doxygen bug
...
See doxygen/doxygen#8706
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-08-02 16:06:32 +02:00
550d147078
Bump version to 3.4.1
...
```
./scripts/bump_version.sh --version 3.4.1
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-08-02 12:50:23 +02:00
267bee9be8
Merge pull request #7903 from valeriosetti/issue7773
...
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/DH
2023-08-02 10:16:44 +00:00
1414029ff0
improve document about hardware only
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-08-02 17:44:03 +08:00
6943681820
Improve error message and documents
...
- fix grammar error
- Add more information for AES_USE_HARDWARE_ONLY
- Improve error message
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-08-02 17:44:03 +08:00
e77c4d95a7
Mention the crash risk without runtime detection
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-08-02 17:44:02 +08:00
3660623e59
Rename plain c option and update comments
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-08-02 17:44:01 +08:00
3fcf2b5053
Rename HAS_NO_PLAIN_C to DONT_USE_SOFTWARE_CRYPTO
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-08-02 17:44:00 +08:00
1b3ab36b55
Update comments
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-08-02 17:43:59 +08:00
315fd30201
Rename plain c disable option
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-08-02 17:43:59 +08:00
0d4f4e5b01
Add option to disable built-in aes implementation.
...
For time being, there are only two aes implementations for known
architectures. I define runtime detection function as const when
built-in was disabled. In this case, compiler will remove dead
built-in code.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-08-02 17:43:54 +08:00
895074e3f9
Merge pull request #8002 from valeriosetti/issue7904
...
PSA maximum size macro definitions should take support into account
2023-08-02 05:57:28 +00:00
2430a70fcf
ssl_ciphersuites: adding new internal helper symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-08-01 19:02:38 +02:00
56e5d6887f
Fix comment typo
...
Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com >
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-08-01 15:04:11 +01:00
d55e451b3e
Merge pull request #7997 from yanesca/fix_new_bignum_tests
...
Fix new bignum tests
2023-08-01 12:09:39 +00:00
e416f03c8f
Improve wording of MBEDTLS_ECP_WITH_MPI_UINT doc
...
Use the standard "experimental" word in the description and make the
wording more similar to other experimental warnings.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-01 08:44:40 +01:00
de8f56e936
Merge pull request #7884 from valeriosetti/issue7612
...
TLS: Clean up (EC)DH dependencies
2023-08-01 07:13:36 +00:00
baf350c6bd
Add PSA_HAVE_SOFT_PBKDF2 to crypto_driver_context_key_derivation
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com >
2023-07-31 20:22:33 +05:30
ad9e5b9abe
Improve docs for mbedtls_ct_memcmp
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-07-31 12:43:23 +01:00
9ee0e1f6fe
Remove GCC redundant-decls workaround for mbedtls_ct_memcmp
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-07-31 12:43:23 +01:00
2f04582d37
Move MBEDTLS_ECP_WITH_MPI_UINT to mbedtls_config.h
...
There is a precedent for having bigger and less mature options in
mbedtls_config.h (MBEDTLS_USE_PSA_CRYPTO) for an extended period.
Having this option in mbedtls_config.h is simpler and more robust.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-07-31 10:57:16 +01:00
43c5bf4f88
crypto_sizes: use PSA_WANT_ALG for MAX signatures and key agreement sizes
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-31 11:35:48 +02:00
8b27decc6a
Revert "crypto_sizes: check also if DH is enabled for PSA_SIGNATURE_MAX_SIZE"
...
This reverts commit 478c236938valerio.setti@nordicsemi.no >
2023-07-31 11:35:42 +02:00
9cd8011978
tls: fix definition of symbol KEY_EXCHANGE_SOME_XXDH_PSA_ANY
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-28 16:46:55 +02:00
478c236938
crypto_sizes: check also if DH is enabled for PSA_SIGNATURE_MAX_SIZE
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-28 16:05:53 +02:00
43cef57e51
Merge pull request #7811 from mpg/md-info
...
Optimize strings in MD
2023-07-28 08:34:09 +00:00
c22affd9ec
Fix dependencies for pbkdf2 cmac
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com >
2023-07-28 13:31:58 +05:30
c012a2de7c
crypto_sizes: change initial MAX_SIZE value to 1
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-28 09:34:44 +02:00
644e01d767
crypto_sizes: fix typo
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-28 09:31:51 +02:00
a83d9bf0db
crypto_sizes: size PSA max symbols according to actual support
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-27 18:15:20 +02:00
a12e2d53bd
Replace AES_CMAC_128_PRF_OUTPUT_SIZE with PSA_MAC_LENGTH()
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com >
2023-07-27 21:18:30 +05:30
9ab03c3d72
Define PSA_ALG_IS_PBKDF2
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com >
2023-07-27 21:14:05 +05:30
2addf35855
Replace MBEDTLS_PSA_BUILTIN_PBKDF2_XXX with PSA_HAVE_SOFT_PBKDF2
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com >
2023-07-27 21:11:09 +05:30
105f772fe8
Add PSA_HAVE_SOFT_PBKDF2
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com >
2023-07-27 21:03:06 +05:30
