8eb552647f
pk_wrap: fix sizing for private key buffer
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-04-04 10:20:53 +02:00
d62605126d
Fix documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-04-03 17:32:55 +02:00
0fe1ee27e5
pk: add an alternative function for checking private/public key pairs
...
Instead of using the legacy mbedtls_ecp_check_pub_priv() function which
was based on ECP math, we add a new option named eckey_check_pair_psa()
which takes advantage of PSA.
Of course, this is available when MBEDTLS_USE_PSA_CRYPTO in enabled.
Tests were also fixed accordingly.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-04-03 15:00:21 +02:00
6f182c33a8
Fix documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-31 16:17:06 +02:00
6af26f3838
Tidy up, remove MPI_CORE(), apply the naming convention, and use the new mbedtls_mpi_core_mul()
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-31 16:16:00 +02:00
4ae890bbd0
Extract MPI_CORE(mul) from the prototype
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com >
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-31 16:10:34 +02:00
b8f5ba826b
Merge pull request #6891 from yuhaoth/pr/add-milliseconds-platform-function
...
Add milliseconds platform time function
2023-03-31 11:47:37 +01:00
afbc7eda65
psa: Introduce PSA crypto core common symbols
...
When compiling some PSA core files of the
PSA cryptography repository, both the
Mbed TLS library and the PSA cryptography
core common.h are included and if they
define the same inline functions (same name),
the compilation fails.
Thus, inline functions prefixed by psa_crypto_
instead of mbedtls_ are defined in the
PSA cryptography core common.h header.
To ease the maintenance of the PSA cryptography
repository, introduce those symbols in Mbed TLS
as well and use them in PSA crypto core code
files instead of their Mbed TLS equivalent.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-03-31 09:07:57 +02:00
e6e6b75ad3
psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option
...
The support for the PSA crypto driver interface
is not optional anymore as the implementation of
the PSA cryptography interface has been restructured
around the PSA crypto driver interface (see
psa-crypto-implementation-structure.md). There is
thus no purpose for the configuration options
MBEDTLS_PSA_CRYPTO_DRIVERS anymore.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-03-31 09:07:54 +02:00
fe8e135816
psa: Remove unnecessary headers
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-03-31 09:01:45 +02:00
03d557db35
Merge pull request #6900 from AndrzejKurek/san-dirname
...
Add support for directoryName subjectAltName
2023-03-30 18:37:26 +01:00
54118a1720
Merge pull request #7352 from gabor-mezei-arm/6349_fix_merge
...
Remove obsolete ecp_fix_negative function
2023-03-30 14:48:13 +01:00
5f0c6e82fb
Add missing deallocation of subject alt name
...
Since mbedtls_x509_get_name allocates memory
when parsing a directoryName, deallocation
has to be performed if anything fails in the
meantime.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-03-29 11:40:38 -04:00
bf8ccd8109
Adjust error reporting in x509 SAN parsing
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-03-29 11:03:01 -04:00
d40c2b65a6
Introduce proper memory management for SANs
...
DirectoryName parsing performs allocation that has to be handled.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-03-29 11:03:01 -04:00
e12b01d31b
Add support for directoryName subjectAltName
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-03-29 11:03:01 -04:00
df9c029dd5
Remove obsolete ecp_fix_negative function
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-28 18:43:07 +02:00
46423164c1
tls12_client: remove unnecessary parentheses
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-28 16:26:48 +02:00
77a904c761
ssl: remove useless guard
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-28 16:26:48 +02:00
9affb73e44
psa_crypto: fix guard for mbedtls_ecc_group_of_psa()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-28 16:26:47 +02:00
1fa5c56863
ssl_tls: fix guard symbols for EC accelerated tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-28 16:26:47 +02:00
514806bbe9
Add a second round of carry reduction for P192 fast reduction
...
The first round of carry reduction can generate a carry so a
second round is needed.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-28 15:09:34 +02:00
f04848cc3b
Revert "Add generated files"
...
This reverts commit df2b5da57fpaul.elliott@arm.com >
2023-03-27 21:20:52 +01:00
d01a3bca05
Merge tag 'v3.4.0' into mbedtls-3.4.0_mergeback
...
Mbed TLS 3.4.0
2023-03-27 18:09:49 +01:00
445c3bfcac
Merge pull request #7222 from minosgalanakis/bignum/6851_extract_Secp384r1_fast_reduction
...
Bignum: Extract secp384r1 fast reduction from the prototype
2023-03-27 16:56:30 +01:00
ab9dc667ff
psa_util: fix for correctly computing elements in array
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-27 11:25:10 -04:00
2f73edbbc4
Prevent mpi_mod_write from corrupting the input
...
Allocate a working buffer to store the converted value needed for the
mpi_mod_write function.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-27 15:53:14 +02:00
93302422fd
Fix instances of old feature macros being used
...
sed -i -f md.sed include/mbedtls/ssl.h library/hmac_drbg.c programs/pkey/*.c programs/x509/*.c tests/scripts/generate_pkcs7_tests.py tests/suites/test_suite_random.data
Then manually revert programs/pkey/ecdsa.c as it's using a low-level
hash API.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-24 10:43:40 +01:00
4011eb49dc
Fix entropy-related feature macros
...
Was causing testing disparities picked by analyze_outcomes.py
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-24 10:43:40 +01:00
5cd4b6403b
Use MD-light in entropy.c
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-24 10:43:40 +01:00
256c75df90
Fix signed/unsigned comparison (windows compilation failure)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-23 14:09:34 +01:00
b175b146a2
Remove driver_pake_get_role function
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-23 13:37:18 +01:00
e80ec0a9af
Adapt J-PAKE built-in impl to use user/peer
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-23 13:37:12 +01:00
f9fca53cb4
ecp_curves: Updated ecp_mod_p384_raw documentation
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2023-03-23 12:17:17 +00:00
df2b5da57f
Add generated files
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-03-23 10:58:43 +00:00
db67e99bbf
Bump library, libcrypto and libx509 versions
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-03-23 10:57:39 +00:00
226f9b903f
ssl_tls: fix guard in ssl_misc.h
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-23 09:28:51 +01:00
5038a38695
ssl_cache: Return standard mbedtls error code
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com >
2023-03-23 15:53:43 +08:00
656b2595fb
psa_pake_input: validate buffer size using PSA_PAKE_INPUT_SIZE
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-23 08:05:52 +01:00
68d64a10b6
ecp_curves: Re-introduced mbedtls_ecp_fix_negative()
...
This patch re-introduces `mbedtls_ecp_fix_negative` and
appropriately adjusts its' define guards.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2023-03-22 11:28:15 +00:00
080a22ba75
ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-22 10:48:34 +01:00
0c8ec3983e
ssl_tls: fix proper guards for accelerated ECDH
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-22 10:48:34 +01:00
90df310d89
ssl_tls13: fix guards for accel ECDH
...
These changes fix all failures found in test_suite_ssl
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-22 10:48:34 +01:00
1f778bcfd8
EC-JPAKE: remove limitation for user/peer (alow any value)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-22 09:52:08 +01:00
37f4cb6d0e
ecp_curves: Minor rework for p384
...
This patch adjusts formatting, documentation and testing.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2023-03-21 15:46:50 +00:00
6fb105fb2e
ecp_curves: Ported prototypes
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2023-03-21 15:41:26 +00:00
f1eb5e2a04
Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-03-21 15:35:17 +00:00
7224086ebc
Remove legacy_or_psa.h
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-21 16:29:31 +01:00
bef824d394
SSL: use MD_CAN macros
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-21 16:29:31 +01:00
a946489efd
X.509: use MD_CAN macros
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-21 16:28:00 +01:00
