1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-10 21:01:41 +03:00
Commit Graph

7069 Commits

Author SHA1 Message Date
0f6d565d26 pk: return PK_USE_PSA_EC_DATA to pk.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 07:05:47 +02:00
7c494e7211 pk: move PK_HAVE_ECC_KEYS to build_info.h
This is usefuls to use PK_HAVE_ECC_KEYS in check_config.h instead
of redefining it twice in different ways.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 07:05:47 +02:00
7dccb66d49 test: disable RSA support on the test ecc_no_bignum component
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 06:43:23 +02:00
935ff2300c More unsigned literal in size macros
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-09 19:48:02 +02:00
115784bd3f Merge pull request #1040 from waleed-elmelegy-arm/development-restricted
Improve & test legacy mbedtls_pkcs5_pbe2
2023-08-09 09:43:23 +01:00
aa9a15833e Fix doc
Signed-off-by: Chien Wong <m@xv97.com>
2023-08-09 12:35:47 +08:00
f11cfecb6b Merge pull request #7998 from gilles-peskine-arm/MBEDTLS_PSA_CRYPTO_CONFIG-less_experimental
MBEDTLS_PSA_CRYPTO_CONFIG is ready for production
2023-08-08 09:04:57 +00:00
a79256472c Merge pull request #7788 from marekjansta/fix-x509-ec-algorithm-identifier
Fixed x509 certificate generation to conform to RFCs when using ECC key
2023-08-07 19:14:54 +00:00
153ae464db Improve doc on special use of A in ecp group structure
Signed-off-by: Chien Wong <m@xv97.com>
2023-08-07 23:02:31 +08:00
c98f8d996a Merge branch 'development' into safer-ct5
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-07 11:47:35 +01:00
003a5e1ca7 Merge pull request #1046 from Mbed-TLS/merge_3.4.1
Merge 3.4.1
2023-08-03 18:23:37 +01:00
a0fc9987da Merge branch 'development' into merge_3.4.1
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-03 15:56:59 +01:00
f50767d7ab Improve mbedtls_pkcs5_pbes2 function signature comments
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-08-03 15:42:55 +01:00
6f80ac4979 Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size
Enforce minimum key size when generating RSA key size
2023-08-03 12:57:52 +00:00
9a3ded10b7 Merge remote-tracking branch 'gilles-peskine-arm/3.4.0-updated-certs' into mbedtls-3.4.1rc0-pr 2023-08-03 12:00:31 +01:00
c8ccc8f86d tls: add new symbol for generic TLS 1.2 and 1.3 support
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-02 20:00:13 +02:00
df28b8d2ea Add space to appease doxygen bug
See doxygen/doxygen#8706

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-08-02 16:06:32 +02:00
550d147078 Bump version to 3.4.1
```
./scripts/bump_version.sh --version 3.4.1
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-02 12:50:23 +02:00
267bee9be8 Merge pull request #7903 from valeriosetti/issue7773
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/DH
2023-08-02 10:16:44 +00:00
1414029ff0 improve document about hardware only
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:44:03 +08:00
6943681820 Improve error message and documents
- fix grammar error
- Add more information for AES_USE_HARDWARE_ONLY
- Improve error message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:44:03 +08:00
e77c4d95a7 Mention the crash risk without runtime detection
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:44:02 +08:00
3660623e59 Rename plain c option and update comments
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:44:01 +08:00
3fcf2b5053 Rename HAS_NO_PLAIN_C to DONT_USE_SOFTWARE_CRYPTO
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:44:00 +08:00
1b3ab36b55 Update comments
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:43:59 +08:00
315fd30201 Rename plain c disable option
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:43:59 +08:00
0d4f4e5b01 Add option to disable built-in aes implementation.
For time being, there are only two aes implementations for known
architectures. I define runtime detection function as const when
built-in was disabled. In this case, compiler will remove dead
built-in code.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-08-02 17:43:54 +08:00
895074e3f9 Merge pull request #8002 from valeriosetti/issue7904
PSA maximum size macro definitions should take support into account
2023-08-02 05:57:28 +00:00
2430a70fcf ssl_ciphersuites: adding new internal helper symbols
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-01 19:02:38 +02:00
56e5d6887f Fix comment typo
Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-01 15:04:11 +01:00
d55e451b3e Merge pull request #7997 from yanesca/fix_new_bignum_tests
Fix new bignum tests
2023-08-01 12:09:39 +00:00
e416f03c8f Improve wording of MBEDTLS_ECP_WITH_MPI_UINT doc
Use the standard "experimental" word in the description and make the
wording more similar to other experimental warnings.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-08-01 08:44:40 +01:00
de8f56e936 Merge pull request #7884 from valeriosetti/issue7612
TLS: Clean up (EC)DH dependencies
2023-08-01 07:13:36 +00:00
baf350c6bd Add PSA_HAVE_SOFT_PBKDF2 to crypto_driver_context_key_derivation
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-31 20:22:33 +05:30
ad9e5b9abe Improve docs for mbedtls_ct_memcmp
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:43:23 +01:00
9ee0e1f6fe Remove GCC redundant-decls workaround for mbedtls_ct_memcmp
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-31 12:43:23 +01:00
2f04582d37 Move MBEDTLS_ECP_WITH_MPI_UINT to mbedtls_config.h
There is a precedent for having bigger and less mature options in
mbedtls_config.h (MBEDTLS_USE_PSA_CRYPTO) for an extended period.
Having this option in mbedtls_config.h is simpler and more robust.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-07-31 10:57:16 +01:00
43c5bf4f88 crypto_sizes: use PSA_WANT_ALG for MAX signatures and key agreement sizes
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-31 11:35:48 +02:00
8b27decc6a Revert "crypto_sizes: check also if DH is enabled for PSA_SIGNATURE_MAX_SIZE"
This reverts commit 478c236938.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-31 11:35:42 +02:00
9cd8011978 tls: fix definition of symbol KEY_EXCHANGE_SOME_XXDH_PSA_ANY
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-28 16:46:55 +02:00
478c236938 crypto_sizes: check also if DH is enabled for PSA_SIGNATURE_MAX_SIZE
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-28 16:05:53 +02:00
43cef57e51 Merge pull request #7811 from mpg/md-info
Optimize strings in MD
2023-07-28 08:34:09 +00:00
c22affd9ec Fix dependencies for pbkdf2 cmac
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-28 13:31:58 +05:30
c012a2de7c crypto_sizes: change initial MAX_SIZE value to 1
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-28 09:34:44 +02:00
644e01d767 crypto_sizes: fix typo
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-28 09:31:51 +02:00
a83d9bf0db crypto_sizes: size PSA max symbols according to actual support
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-27 18:15:20 +02:00
a12e2d53bd Replace AES_CMAC_128_PRF_OUTPUT_SIZE with PSA_MAC_LENGTH()
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-27 21:18:30 +05:30
9ab03c3d72 Define PSA_ALG_IS_PBKDF2
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-27 21:14:05 +05:30
2addf35855 Replace MBEDTLS_PSA_BUILTIN_PBKDF2_XXX with PSA_HAVE_SOFT_PBKDF2
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-27 21:11:09 +05:30
105f772fe8 Add PSA_HAVE_SOFT_PBKDF2
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-07-27 21:03:06 +05:30