09104b8712
rework psa_pake_set_role to be consistent with requirements and adapt tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-12 16:59:28 +01:00
d7f6ad7bc8
Minor fixes (comments, cleanup)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-12 16:59:28 +01:00
d0f9b0bacc
Don't warn about Msan/Valgrind if AESNI isn't actually built
...
The warning is only correct if the assembly code for AESNI is built, not if
MBEDTLS_AESNI_C is activated but MBEDTLS_HAVE_ASM is disabled or the target
architecture isn't x86_64.
This is a partial fix for #7236 .
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-03-10 22:28:25 +01:00
d4f31c87d1
Update bibliographic references
...
There are new versions of the Intel whitepapers and they've moved.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-03-10 22:21:47 +01:00
55ceff6d2f
Code optimization and style fixes
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-10 14:36:16 +01:00
4cd20313fe
Use user/peer instead role in jpake TLS code
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-10 09:18:03 +01:00
1e7a927118
Add input getters for jpake user and peer
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-10 09:18:03 +01:00
26c909d587
Enable support for user/peer for JPAKE
...
This is only partial support. Only 'client' and 'server' values are accepted for peer and user.
Remove support for role.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-10 09:18:02 +01:00
4da92832b0
Merge pull request #7117 from valeriosetti/issue6862
...
driver-only ECDSA: enable ECDSA-based TLS 1.2 key exchanges
2023-03-09 20:49:44 +01:00
bf4016e5d5
Merge pull request #6567 from mprse/ecjpake-driver-dispatch
2023-03-09 19:23:05 +00:00
42510a91c4
Use for loop instead while loop
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-09 14:04:17 +01:00
e4710ae9ed
Add and fix comments
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-09 13:43:02 +01:00
5e5aa4a4e6
Merge pull request #7218 from tom-cosgrove-arm/fix-typos-230307
...
Fix typos in development prior to release
2023-03-08 17:19:59 +00:00
51b62ef23d
Merge pull request #7228 from tom-cosgrove-arm/fix-alignment.h-on-32-bit-systems
...
Fix mbedtls_bswap64() on 32-bit systems
2023-03-08 17:19:29 +00:00
913d9bb921
Merge pull request #7162 from valeriosetti/issue7055
...
Legacy MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C dependencies in test_suite_psa_crypto
2023-03-08 17:07:19 +01:00
75fba32cb3
ssl: use new macros for ECDSA capabilities
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-08 16:47:28 +01:00
289e5baa83
Merge pull request #7082 from valeriosetti/issue6861
...
driver-only ECDSA: add ssl-opt.sh testing with testing parity
2023-03-08 16:45:38 +01:00
d1f16b937e
Add documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-08 15:26:32 +01:00
6ef9bb3d74
Implement and use MBEDTLS_STATIC_ASSERT()
...
Fixes #3693
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2023-03-08 14:19:51 +00:00
bbe166e721
Fix mbedtls_bswap64() on 32-bit systems
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2023-03-08 13:23:24 +00:00
716447ff32
Fix limb size calculation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-08 14:09:51 +01:00
ed1acf642c
Apply naming conventions
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-08 14:09:50 +01:00
5221c04b92
Change the p256_raw fuction to be testable
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-08 14:09:50 +01:00
ab6ac91a0a
Extract Secp256r1 from the prototype
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-08 14:09:50 +01:00
c15a2b949d
Update the text about gcc5 support for Armv8 CE
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2023-03-08 12:55:48 +00:00
07c5ea348c
Add check for buffer overflow and fix style.
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-08 13:31:19 +01:00
733de595e3
psa_crypto_rsa: remove PK_WRITE_C in psa_rsa_export_key
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-08 11:03:09 +01:00
73a218513b
psa_crypto_rsa: add comment/explanation for residual PK_WRITE_C guard
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-08 11:03:09 +01:00
691e91adac
Further pake code optimizations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-08 09:54:00 +01:00
a2fc399f57
Merge pull request #6829 from AndrzejKurek/unify-psa-errors
...
Unify PSA to Mbed TLS error translation
2023-03-07 19:55:44 +01:00
12e3c8e019
Merge pull request #7168 from mpg/use-md
...
Use MD (not low-level hash interface) in X.509 and TLS
2023-03-07 19:55:12 +01:00
2f1d967643
ssl: fix included pk header file
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-07 18:14:34 +01:00
503d71769c
Enable explicit_bzero() on OpenBSD
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2023-03-07 12:51:11 +00:00
5c8505f061
Fix typos
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2023-03-07 11:39:52 +00:00
fe780a3c4b
Merge pull request #7184 from gabor-mezei-arm/6349_Secp224r1_fast_reduction
...
Extract Secp224r1 fast reduction from the prototype
2023-03-07 10:57:58 +00:00
57580f2539
Use proper enum types for pake state/sequence/step
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-07 10:50:09 +01:00
4aa99403f4
Fix configuration for accelerated jpake
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-07 10:50:09 +01:00
4dc83d40af
Add check for pake operation buffer overflow
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-07 10:50:00 +01:00
7b6299b49b
ssl_cache: Add an interface to remove cache entry by session id
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com >
2023-03-07 15:00:22 +08:00
e3ef3a15cd
Further pake code optimizations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-06 17:24:32 +01:00
97803abd2a
Update comment
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-06 16:32:16 +01:00
947cee18a1
Fix memory leak.
...
The function reset_checksum() can be called more than once with the same
handshake context (this happens with DTLS clients, and perhaps in other
cases as well). When that happens, we need to free the old MD contexts
before setting them up again.
Note: the PSA path was already doing the right thing by calling abort,
we just needed to do the same on the MD path.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-06 11:59:59 +01:00
228a30d16c
Merge pull request #7120 from mpg/md-light
...
Define "MD light" subset of MD
2023-03-06 11:02:19 +01:00
4693fd9e9e
Merge pull request #7173 from daverodgman/zeroize-platform
...
Use platform-provided secure zeroization
2023-03-06 09:16:12 +00:00
f61d6c0a2b
Merge branch 'development' into sha3
2023-03-04 00:03:06 +01:00
b0d96a23a9
Remove not-needed EABI exclusion
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-03-03 17:06:09 +00:00
45cef61fa4
Merge branch 'development' into md-light
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-03-03 14:28:13 +00:00
57207711d8
Add MBEDTLS_ASN1_CHK_CLEANUP_ADD macro to be able to release memory on failure
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-03 12:58:29 +01:00
5a49d3cce3
Replace mbedtls_x509_san_node with mbedtls_x509_subject_alternative_name
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-03 12:58:11 +01:00
f40de93b1a
Remove redundant variable
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-03 12:58:10 +01:00
