96fdfb8e62
Unroll aesce_encrypt_block
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-06-15 16:26:20 +01:00
1f5c2ba495
Add missing ECDH dependencies in ssl-opt tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-15 17:07:16 +02:00
a05e9c1ec8
Fix selection of default FFDH group
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-15 17:07:16 +02:00
8c0a95374f
Adapt remaining guards to FFDH
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-15 17:07:10 +02:00
ce05f54283
Properly disable ECDH in only (psk) ephemeral ffdh key exchange components
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-15 16:44:08 +02:00
c6beb3a741
Rename NUL to null in x509 IP parsing description
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-15 09:54:37 -04:00
ff4b6a8d18
Reword changelog entry
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-06-15 14:08:19 +01:00
0fe0c0cf10
Merge pull request #7775 from daverodgman/version_features_codesize
...
Shorten encoding of version features
2023-06-15 14:56:00 +02:00
7c5e567813
Merge pull request #7778 from daverodgman/p256-m-copyright
2023-06-15 13:37:00 +01:00
2e7d57270e
Merge pull request #7624 from daverodgman/aes-perf
...
AES perf improvements
2023-06-15 12:10:06 +01:00
6edf8b8c7b
Merge pull request #7451 from yanrayw/7376_aes_128bit_only
...
Introduce config option of 128-bit key only in AES calculation
2023-06-15 10:35:32 +01:00
9866df96c6
Add copyright (as agreed with Manuel)
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-06-15 10:11:49 +01:00
8d645dcd77
Fix unintentional config reduction in prev commit
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-06-15 09:07:10 +02:00
d07761c19c
add return statement
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com >
2023-06-15 12:11:15 +05:30
55ef22c2cb
mbedtls_config.h: add description for CTR_DRBG about AES-128 only
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-06-15 10:05:27 +08:00
28a97acb3c
code style
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-06-14 20:15:15 +01:00
b28d1c3484
fix check-names failure
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-06-14 20:06:43 +01:00
a53dca125e
Limit number ffdh test cases (ffdhe2048, ffdhe8192)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-14 20:53:09 +02:00
bed9ac7b2d
Optimise final 2 rounds
...
Final two rounds logic could be significantly simplified.
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-06-14 19:20:33 +01:00
d05e7f1ab3
Do not use NEON for AES-CBC on aarch64
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-06-14 18:58:48 +01:00
f75903503b
Merge pull request #7770 from valeriosetti/issue7341
...
gcc 11.3 fails when compiling ecjpake drivers
2023-06-14 19:22:46 +02:00
f22983bd1c
Merge pull request #7411 from mprse/extract-key-ids-test
...
Improve tests for parsing x509 SubjectKeyId and AuthorityKeyId
2023-06-14 19:16:29 +02:00
906c63cf35
Revert "improve cbc encrypt perf"
...
This reverts commit f1e396c427dave.rodgman@arm.com >
2023-06-14 17:55:41 +01:00
b8f7305b02
Replace sizeof(mbedtls_mpi_uint) with ciL define
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-06-14 17:52:42 +01:00
90dfc21f6b
Shorten encoding of version features
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-06-14 17:06:53 +01:00
b3eaf8c2ed
Use predefined serial numer in certificates
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-14 14:25:21 +02:00
15ddda9ff8
Remove PSA_TO_MD_ERR from ssl_tls.c
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-14 07:37:46 -04:00
257ea00199
Use output block as U_accumulator
...
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com >
2023-06-14 15:55:11 +05:30
1cae90bf50
Update PSA_WANT spec for new KEY_PAIR scheme
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-06-14 12:19:13 +02:00
0c23147456
Disable MBEDTLS_DHM_C in component_test_tls13_only_psk
...
For details see the following comment: https://github.com/Mbed-TLS/mbedtls/pull/7627#issuecomment-1590792002
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-14 11:12:45 +02:00
4292441a42
all.sh: use clang for one test of AES_ONLY_128_BIT_KEY_LENGTH
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-06-14 17:10:15 +08:00
422ab1f835
Add FFDH tests to ssl-opt
...
Add FFDH support to the test case generator script: generate_tls13_compat_tests.py.
Add dependency for openssl as FFDH is supported from version 3.0.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-14 11:04:28 +02:00
6ff271e3e9
pake: fixed warning for casting between different types
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-14 10:26:51 +02:00
3646dc78bc
Fix coding style issue
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-06-14 08:51:08 +01:00
34a201774e
More about whether to have the driver key id in the transaction list
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-06-13 21:11:43 +02:00
009c06b973
Discuss the cost of a get_key_attributes entry point
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-06-13 21:11:43 +02:00
b727042501
Move corner test case into python framework
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-06-13 17:42:01 +01:00
436f2ad37c
Three round solution
...
Attempt to fix failing test by dealing with overflow with three rounds,
instead of previous subtract modulus solution. Also optimise out shifts
by using memcpy / memmove instead. Remove final sub to return canonical
result, as this is not required here.
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-06-13 17:39:44 +01:00
ae3209c1e4
Add ffdh support yo generate_tls13_compat_tests.py
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-13 15:09:03 +02:00
b02f006685
Merge pull request #7750 from davidhorstmann-arm/build-docs-realfull
...
Build the docs in realfull config
2023-06-13 15:04:31 +02:00
7d42c0d0e5
Code cleanup #2
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-13 12:30:40 +02:00
a6033ac431
Add missing guards in tls 1.3
...
Error translation is only used with these
defines on.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-13 05:46:47 -04:00
f1b659ed62
Move an include
...
ARRAY_LENGTH macro was previously present
in macros.h, so move the include there.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-13 05:46:47 -04:00
1e4a030b00
Fix wrong array size calculation in error translation code
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-13 05:46:47 -04:00
b22b9778c7
Move the ARRAY_LENGTH definition to common.h
...
Reuse it in the library and tests.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-13 05:46:47 -04:00
1c7a99856f
Add missing ifdefs
...
Make sure that the error translating functions
are only defined when they're used.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-13 05:46:47 -04:00
0064484a70
Optimize error translation code size
...
Introducing an intermediate function
saves code size that's otherwise taken by excessive,
repeated arguments in each place that
was translating errors.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-13 05:46:46 -04:00
84fccd4da2
Build the docs in realfull config
...
Ensure that all possible config options are documented by building the
docs in the realfull config on Read The Docs.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-06-13 10:27:42 +01:00
a01c24227f
Add test components: only PSK ephemeral ffdh, only ephemeral ffdh key exchange
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-13 10:46:48 +02:00
75a5a9c205
Code cleanup
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-06-13 09:57:23 +02:00
