lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-07 06:42:56 +03:00
Code Activity
29,840 Commits 174 Branches 272 Tags
0719d7c3d8e134b3d95f5f075fa31fd75f95736c
Commit Graph

29840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Rodgman
7d8c99abb0 Move MBEDTLS_COMPILER_IS_GCC defn into alignment.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-19 14:02:58 +00:00
Dave Rodgman
69b5a86064 Improve mbedtls_xor for IAR 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-19 14:02:08 +00:00
Ryan Everett
63952b7de5 Fix typo 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-19 13:45:19 +00:00
Ryan Everett
7aeacc1ec4 Add empty line in register_read comment 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-19 13:02:58 +00:00
Ryan Everett
558da2ffd3 Move key_slot_mutex to threading.h 
Make this a global mutex so that we don't have to init and free it.
Also rename the mutex to follow the convention

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-19 12:59:28 +00:00
Valerio Setti
639d5678b5 pk: move mbedtls_pk_load_file to pk_internal 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-19 09:07:39 +01:00
Valerio Setti
25b282ebfe x509: move internal functions declarations to a private header 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-19 09:07:35 +01:00
Valerio Setti
b4f5076270 debug: move internal functions declarations to an internal header file 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 15:30:46 +01:00
Minos Galanakis
7c8448842d programs_dh_client/server: Updated to query digest size using mbedtls_md_info_from_type(). 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-01-18 14:29:41 +00:00
Minos Galanakis
6e92df12c2 programs_rsa_rsa_verify: Updated program to use mbedtls_rsa_get_len() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-01-18 14:29:41 +00:00
Minos Galanakis
992f0b8427 programs_rsa_rsa_sign: Updated program to use mbedtls_rsa_get_len() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-01-18 14:29:41 +00:00
Minos Galanakis
ee757d35df programs_rsa_encrypt/decrypt: Updated programs to use mbedtls_rsa_get_len() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-01-18 14:29:41 +00:00
Minos Galanakis
b6a96195fb programs_dh_client/server: Updated programs to use mbedtls_rsa_get_len() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-01-18 14:29:41 +00:00
Minos Galanakis
f4dfd1c8a5 programs/dh_client/server: Added entropy source to mbedtls_rsa_pkcs1_sign() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-01-18 14:29:41 +00:00
Minos Galanakis
a184fd0516 programs/dh_client/server: Replaced mbedtls_sha1 with mbedtls_sha256 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-01-18 14:29:41 +00:00
Valerio Setti
d929106f36 ssl_ciphersuites: move internal functions declarations to a private header 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 15:08:28 +01:00
Gilles Peskine
4d4891e18a Merge pull request #8666 from valeriosetti/issue8340 
Export the mbedtls_md_psa_alg_from_type function
 2024-01-18 13:58:55 +00:00
Ryan Everett
fb02d57de7 Document the thread safety of the primitive key slot functions 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-18 10:54:42 +00:00
Ryan Everett
0e3b677cf4 Support PSA_ERROR_SERVICE_FAILURE 
To be returned in the case where mbedtls_mutex_lock and
mbedtls_mutex_unlock fail.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-18 10:47:29 +00:00
Ryan Everett
846889355c Initialize and free the key slot mutex 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-18 10:47:05 +00:00
Gilles Peskine
b1f96c0354 Merge pull request #7815 from gilles-peskine-arm/ecp-export-partial 
ECP keypair utility functions
 2024-01-18 10:29:05 +00:00
Gilles Peskine
c9077cccd3 Merge pull request #8664 from valeriosetti/issue7764 
Conversion function from ecp group to PSA curve
 2024-01-18 10:28:55 +00:00
Ryan Everett
491f7e5ac3 Define key_slot_mutex 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-18 10:21:38 +00:00
Valerio Setti
18371ee08f generate_tls13_compat_tests: add DH group dependency when FFDH is used 
"tls13-compat.sh" is also updated in this commit using the python
script.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 10:44:57 +01:00
Valerio Setti
05754d8e85 ssl-opt: add DH groups requirements in test cases using FFDH 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 09:47:00 +01:00
Valerio Setti
4f34b155f5 test_driver_key_management: keep mbedtls_test_opaque_wrap_key() private 
Only mbedtls_test_opaque_unwrap_key() is actually needed by other
test drivers to deal with opaque keys. mbedtls_test_opaque_wrap_key()
can be kept private to test_driver_key_management.c.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 08:44:13 +01:00
Valerio Setti
43ff242a8b changelog: fix typo 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 08:42:38 +01:00
Dave Rodgman
fb133513d6 Merge pull request #8705 from daverodgman/ctr-perf 
Ctr perf
 2024-01-17 20:25:41 +00:00
Paul Elliott
2728267ec4 Merge pull request #8672 from Ryan-Everett-arm/implement-new-key-slot-states 
Implement the new key slot state system within the PSA subsystem.
 2024-01-17 17:50:04 +00:00
Dave Rodgman
5c745fa7da Pacify check_files 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-17 15:27:05 +00:00
Dave Rodgman
5f8e2a2b5f Spelling fix 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-17 15:27:05 +00:00
Dave Rodgman
ad4b705863 Use quiet make wrappers from all.sh 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-17 15:27:05 +00:00
Dave Rodgman
3e2c61dca2 Create quiet wrappers for make and cmake 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-17 15:27:05 +00:00
Valerio Setti
78aa0bc1d9 all.sh: fix tests with accelerated FFDH 
Explicitly accelerate also DH groups in those tests.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Valerio Setti
1161b44981 crypto_config_test_driver_extension: support accelaration of DH groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Valerio Setti
48a847afb7 tests: add guards for DH groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Valerio Setti
6bed64ec75 all.sh: add new component with only DH 2048 bits. 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Valerio Setti
504a10254c psa_crypto: do not validate DH groups which are not enabled 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:03 +01:00
Valerio Setti
e8683ce9ef ssl_test_lib: add guards for enabled DH groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:56:30 +01:00
Valerio Setti
ecaf7c5690 ssl_tls: add guards for enabled DH key types 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:56:30 +01:00
Valerio Setti
de50413009 crypto_sizes: adjust PSA_VENDOR_FFDH_MAX_KEY_BITS based on the supported groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:56:30 +01:00
Valerio Setti
4ed8daa929 psa_crypto_ffdh: add guards for enabled domain parameters 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:56:30 +01:00
Valerio Setti
fecef8bc8e config_adjust: fix adjustments between legacy and PSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:56:26 +01:00
Ryan Everett
4a0ba80bdb Clarify psa_destroy_key documentation 
Co-authored-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: Ryan Everett <144035422+Ryan-Everett-arm@users.noreply.github.com>
 2024-01-17 14:12:33 +00:00
Gilles Peskine
dd77343381 Open question for ECDSA signature that can be resolved during implementation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 14:33:32 +01:00
Gilles Peskine
d5b04a0c63 Add a usage parameter to mbedtls_pk_get_psa_attributes 
Let the user specify whether to use the key as a sign/verify key, an
encrypt/decrypt key or a key agreement key. Also let the user indicate if
they just want the public part when the input is a key pair.

Based on a discussion in
https://github.com/Mbed-TLS/mbedtls/pull/8682#discussion_r1444936480

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 14:31:57 +01:00
Gilles Peskine
702d9f65f6 Resolve several open questions as nothing special to do 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 12:58:25 +01:00
Ryan Everett
38a2b7a6a3 Extend psa_wipe_key_slot documentation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-17 11:45:44 +00:00
Ryan Everett
7ed542e0f1 Implement delayed deletion in psa_destroy_key and some cleanup 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-17 11:40:29 +00:00
Gilles Peskine
42a025dc9c Reference filed issues 
All PK-related actions are now covered.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 12:35:31 +01:00