ce38db1c0b
Change config_psa.h PBKDF2_CMAC dependencies
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com >
2023-07-27 21:01:03 +05:30
d7bdbbeb0a
Improve naming of mimimum RSA key size generation configurations
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2023-07-27 14:50:09 +00:00
f2e3eb8bd9
Add OID for HMAC-RIPEMD160
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-07-27 15:46:05 +01:00
5cc67a3ee2
Add OIDs for HMAC-SHA3
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-07-27 14:44:35 +01:00
2d626cc44f
Fix missing opening brace in comments
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-07-27 14:43:55 +01:00
25b4e72d6e
MBEDTLS_PSA_CRYPTO_CONFIG is ready for production
...
It's ok if people use MBEDTLS_PSA_CRYPTO_CONFIG: it's not unstable or
unpredictable. But we still reserve the right to make minor changes
(e.g. https://github.com/Mbed-TLS/mbedtls/issues/7439 ).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-07-27 15:09:24 +02:00
3d158f0c28
Adapt tests to work on all possible minimum RSA key sizes
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2023-07-27 11:03:35 +00:00
ab5707185a
Add a minimum rsa key size config to psa config
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2023-07-27 11:00:03 +00:00
76336c3e4d
Enforce minimum key size when generating RSA key size
...
Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2023-07-27 10:58:25 +00:00
0fda0d2e5c
Fix overly specific description in public doc
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-07-27 12:22:52 +02:00
9c5c2a4b71
crypto_legacy: fix initial comment
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-27 11:11:19 +02:00
7ef14bf8a2
Merge pull request #7835 from gilles-peskine-arm/ssl_premaster_secret-empty-3.4
...
Fix empty union when TLS is disabled
2023-07-27 08:28:21 +00:00
a55f042636
psa: replace DH_KEY_PAIR_LEGACY with new symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-27 09:15:34 +02:00
f1c032adba
Merge pull request #7902 from valeriosetti/issue7772
...
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/RSA
2023-07-25 17:13:43 +01:00
ea59c43499
tls: fix a comment a rename a variable/symbol
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-25 11:14:03 +02:00
d0371b0a08
debug: keep ECDH_C guard for debug printf accessing ecdh_context's items
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-25 10:57:01 +02:00
cad28ae77a
Merge remote-tracking branch 'origin/development' into psa-sha3
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-07-24 15:51:13 +01:00
3c861642c8
Make sure that size constants are unsigned
...
This fixes a warning from some compilers (e.g. MSVC) about comparisons
between signed and unsigned values in perfectly reasonable code. In
particular, there was one such warning in psa_pbkdf2_hmac_set_password.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-07-21 17:50:49 +02:00
2387bdab0f
Merge pull request #1038 from Mbed-TLS/development
...
Merge development into development-restricted
2023-07-21 15:40:36 +02:00
87f62850f3
Merge pull request #7893 from ronald-cron-arm/misc-from-psa-crypto
...
Miscellaneous fixes resulting from the work on PSA-Crypto
2023-07-21 10:54:41 +02:00
ed70fd0c39
Merge pull request #5549 from AndrzejKurek/doxygen-bad-param-names
...
Fix wrong doxygen parameter names and misused `\p` commands
2023-07-20 14:10:10 +01:00
c844c1a771
Merge pull request #7546 from mpg/align-psa-md-identifiers
...
Align psa md identifiers
2023-07-20 11:34:28 +02:00
6dd40642e8
Merge pull request #7932 from AgathiyanB/add-mpi-uint-size-macro
...
Use compile-time determination of which __builtin_clz() to use, with new MBEDTLS_MPI_UINT_SIZE macro
2023-07-19 14:57:39 +01:00
708d78f80b
Improve & test legacy mbedtls_pkcs5_pbe2
...
* Prevent pkcs5_pbe2 encryption when PKCS7 padding has been
disabled since this not part of the specs.
* Allow decryption when PKCS7 padding is disabled for legacy
reasons, However, invalid padding is not checked.
* Add tests to check these scenarios. Test data has been
reused but with changing padding data in last block to
check for valid/invalid padding.
* Document new behaviour, known limitations and possible
security concerns.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2023-07-19 14:01:35 +01:00
eed55c6c94
Use defined macros for MBEDTLS_MPI_UINT_MAX
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com >
2023-07-19 11:08:02 +01:00
5f65acb02b
Merge pull request #7859 from gilles-peskine-arm/mbedtls_mpi-smaller
...
Reduce the size of mbedtls_mpi
2023-07-18 16:48:37 +01:00
24a305ec22
Explain why we check 65535 (not USHORT_MAX)
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-07-18 13:53:07 +02:00
828b3acd6b
Merge pull request #7848 from valeriosetti/issue7749
...
driver-only ECC: EPCf.TLS testing
2023-07-18 10:33:21 +02:00
197565062a
Make consistent suffix MBEDTLS_MPI_UINT_MAX
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com >
2023-07-17 16:43:19 +01:00
900e20d3a2
Change MBEDTLS_MPI_UINT_MAX suffix
...
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com >
Signed-off-by: Agathiyan Bragadeesh <48658345+AgathiyanB@users.noreply.github.com >
2023-07-17 16:27:21 +01:00
170c199829
Align guards of Windows specific configuration checks
...
In check_config.h, align the guards of Windows
specific configuration checks with the ones used
in platform.h.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-07-17 11:53:20 +02:00
03ea8f8d0a
Add dependency of builtin CCM* on builtin cipher
...
Add missing dependency of the unauthenticated
cipher CCM* without tag builtin implementation
on builtin cipher.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-07-17 11:52:32 +02:00
09a455e21a
Add macros for mpi uint max sizes
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com >
2023-07-14 14:07:18 +01:00
a02b36886c
Fix gcc warnings when -Wredundant-decls set
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-07-14 13:43:39 +01:00
f14a5c3fcb
Improve the documentation of MBEDTLS_PLATFORM_MEMORY
...
Introduce requests from review comments.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-07-14 06:15:15 -04:00
377eb5f0c3
doxygen: \p commands misuse - review comments
...
Apply comments suggested in review.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-07-13 10:02:32 -04:00
00b54e6885
doxygen: fix parameter name typos and misused \p commands
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-07-13 10:02:32 -04:00
43dfd51ab4
doxygen: fix misused \p commands in rsa.h
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-07-13 10:02:32 -04:00
3bedb5b663
doxygen: fix parameter name typos and misused \p commands
...
\p is reserved for function parameters.
\c is used to describe other values and variables.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-07-13 10:02:32 -04:00
69ed8c41fa
Fix documentation - parameter name mistakes
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-07-13 10:02:32 -04:00
7d49a1c907
doxygen: remove unnecessary description
...
Due to the nature of CTR, there is no mode parameter.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-07-13 10:02:32 -04:00
8bfa24b021
Update compiler versions requirement
...
For time being, we haven't verified MSVC
for sha256 and 512. So we do not add msvc
information.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-07-13 10:40:29 +08:00
8e96e78dbe
update document and error message
...
Chang the spell of armclang
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-07-13 10:40:28 +08:00
c37e260dc5
Add armclang version requirement for sha512
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2023-07-13 10:40:28 +08:00
98e632f210
Re-order mbedtls_mpi to save a few extra bytes with clang
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-07-11 16:02:50 +01:00
980383421a
config_psa: enable KEY_PAIR_GENERATE only when GENPRIME is defined
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-11 16:32:50 +02:00
0d5c5e5a38
config_psa: enable KEY_PAIR_[IMPORT/EXPORT] as soon as BASIC is enabled
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-11 14:06:00 +02:00
a9a3c5581e
config_psa: enable GENPRIME when BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-11 14:06:00 +02:00
b2bcedbf9a
library: replace MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_LEGACY
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-11 14:06:00 +02:00
f6d4dfb745
library: replace PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY symbols with proper ones
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-11 14:06:00 +02:00