ad9e5b9abe
Improve docs for mbedtls_ct_memcmp
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-07-31 12:43:23 +01:00
9ee0e1f6fe
Remove GCC redundant-decls workaround for mbedtls_ct_memcmp
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-07-31 12:43:23 +01:00
a02b36886c
Fix gcc warnings when -Wredundant-decls set
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-07-14 13:43:39 +01:00
5dbe17de36
Add PSA_JPAKE_FINISHED to EXPECTED_{IN,OUT}PUTS()
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-06-27 10:30:28 +01:00
279d227971
Add "completed" clarification to struct comments
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-06-22 15:22:35 +01:00
096093bac5
Remove redundant structures from previous design
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-06-22 15:22:35 +01:00
024e5c5f2e
Rename struct member mode to io_mode
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-06-22 15:22:35 +01:00
5da9560178
Properly namespace enum values within PSA_JPAKE_
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-06-22 15:22:35 +01:00
e7f21e65b6
Change J-PAKE internal state machine
...
Keep track of the J-PAKE internal state in a more intuitive way.
Specifically, replace the current state with a struct of 5 fields:
* The round of J-PAKE we are currently in, FIRST or SECOND
* The 'mode' we are currently working in, INPUT or OUTPUT
* The number of inputs so far this round
* The number of outputs so far this round
* The PAKE step we are expecting, KEY_SHARE, ZK_PUBLIC or ZK_PROOF
This should improve the readability of the state-transformation code.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-06-22 15:22:35 +01:00
2fb9d00f6d
Merge pull request #7682 from valeriosetti/issue7453
...
driver-only ECC: ECPf.PK testing
2023-06-22 09:45:57 +02:00
458b96b1a7
Merge pull request #7638 from AndrzejKurek/cert-apps-use-ips
...
Use better IP parsing in x509 apps
2023-06-20 17:21:04 +01:00
a9aab1a85b
pk/psa: use PSA guard for mbedtls_ecc_group_to_psa() and mbedtls_ecc_group_of_psa()
...
This allows also to:
- removing the dependency on ECP_C for these functions and only rely
on PSA symbols
- removing extra header inclusing from crypto_extra.h
- return MBEDTLS_PK_USE_PSA_EC_DATA and MBEDTLS_PK_HAVE_ECC_KEYS to
their original position in pk.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-19 19:24:05 +02:00
bc2b1d3288
psa: move mbedtls_ecc_group_to_psa() from inline function to standard one
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-19 19:24:05 +02:00
f54ca35b8a
build_info: do not enable ECP_LIGHT when PSA_WANT_ALG_ECDSA
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-19 19:24:05 +02:00
81d75127ba
library: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-19 19:24:05 +02:00
e489e81437
pk: add new symbol to state that PK has support for EC keys
...
Note: both MBEDTLS_PK_USE_PSA_EC_DATA and MBEDTLS_PK_HAVE_ECC_KEYS
has been move on top of the pk.h file because we need these symbols
when crypto.h is evaluated otherwise functions like
mbedtls_ecc_group_of_psa() won't be available.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-19 19:24:05 +02:00
3cd4ef7a7a
mbedtls_config: improved description of PK_PARSE_EC_COMPRESSED
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-19 11:35:10 +02:00
a18385b197
build_info: improved description of ECP_LIGHT auto-enabling symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-19 11:34:28 +02:00
fdf15ddfbe
build_info: auto enable PK_PARSE_EC_COMPRESSED when PK_PARSE_C && ECP_C
...
This helps backward compatibility since compressed points were
always supported in previous releases as long as PK_PARSE_C and
ECP_C were defined.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 16:03:47 +02:00
4922ba132a
build_info: complete list of symbols that auto-enable ECP_LIGHT
...
The comment is also updated accordingly.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 16:03:46 +02:00
addeee4531
mbedtls_config: add new MBEDTLS_PK_PARSE_EC_COMPRESSED symbol
...
This includes also:
- auto enabling ECP_LIGHT when MBEDTLS_PK_PARSE_EC_COMPRESSED is
defined
- replacing ECP_LIGHT guards with PK_PARSE_EC_COMPRESSED in pkparse
- disabling PK_PARSE_EC_COMPRESSED in tests with accelarated EC curves
(it get disabled also in the reference components because we want
to achieve test parity)
- remove skipped checks in analyze_outcomes.py
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 16:03:46 +02:00
aecd32c90a
pk: let PK_PARSE_EC_EXTENDED auto-enable ECP_LIGHT
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 16:03:46 +02:00
01cc88a46b
config_psa: replace USE symbols with BASIC one for all KEY_PAIRs
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:27:02 +02:00
4520a8f312
config_psa: only KEY_PAIR_USE includes PUBLIC_KEY
...
While the other (IMPORT, EXPORT, GENERATE, DERIVE) only include
the USE one.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
aac957b493
config_psa: always enable PUBLIC_KEY when any KEY_PAIR is enabled
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
f4d7ede72c
config_psa: fix logic for updating legacy symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
38a3e8d10c
config_psa: ECP_C do not enable ECC_KEY_PAIR_DERIVE
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
b0d9aaee1c
psa: move PSA_WANT checks to check_crypto_config
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
c51cba92a3
config_psa: avoid repetitions when including MBEDTLS symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
b7ef51a193
crypto: move legacy symbols support to a dedicated header file
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
ddb577626d
config_psa: add missing BUILTIN symbols when ECP_C is defined
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
89cb1444a5
config_psa: fix comment for LEGACY symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
602ee2ed98
config_psa: remove support for PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
a801b56600
config_psa: remove GENPRIME from enabled symbols of PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_USE
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
36befce51a
config_psa: remove leftover comment on ECC derivation
...
Signed-off-by: valerio <valerio.setti@nordicsemi.no >
2023-06-16 12:26:26 +02:00
8bb5763a85
library: replace deprecated symbols with temporary _LEGACY ones
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:23:55 +02:00
f87b505511
config_psa: replace legacy symbols with new ones
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:23:55 +02:00
8d6e98c170
psa: add support for legacy symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:23:55 +02:00
67a3e3eb7b
crypto_config: introducing new definitions for PSA_WANT KEY_PAIRs
...
- deprecate legacy PSA_WANT_KEY_TYPE_xxx_KEY_PAIR
- introduce new PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy where
- xxx is either RSA, DH or ECC
- yyy can be USE, IMPORT, EXPORT, GENERATE, DERIVE
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-06-16 12:23:55 +02:00
a426dc31cc
Merge pull request #7782 from gilles-peskine-arm/mbedtls_ecp_modulus_type-move
...
Move mbedtls_ecp_modulus_type out of the public headers
2023-06-16 11:12:57 +01:00
f45a5a0ddd
Merge pull request #7700 from silabs-Kusumit/PBKDF2_output_bytes
...
PBKDF2: Output bytes
2023-06-16 10:08:02 +02:00
637c049349
Move mbedtls_ecp_modulus_type out of the public headers
...
This is an internal detail of the ECC arithmetic implementation, only
exposed for the sake of the unit tests
Mbed TLS 3.4.0 was released with the type mbedtls_ecp_modulus_type defined
in a public header, but without Doxygen documentation, and without any
public function or data structure using it. So removing it is not an API
break.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-06-15 19:07:41 +02:00
c6beb3a741
Rename NUL to null in x509 IP parsing description
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-06-15 09:54:37 -04:00
6edf8b8c7b
Merge pull request #7451 from yanrayw/7376_aes_128bit_only
...
Introduce config option of 128-bit key only in AES calculation
2023-06-15 10:35:32 +01:00
55ef22c2cb
mbedtls_config.h: add description for CTR_DRBG about AES-128 only
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-06-15 10:05:27 +08:00
f956312174
Fix typo in MBEDTLS_MD_CAN macros
...
Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com >
2023-06-11 16:04:29 +01:00
0442e1b561
Fix definition of MBEDTLS_MD_MAX_SIZE and MBEDTLS_MD_MAX_BLOCK_SIZE
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-06-08 16:03:33 +01:00
9304186ae9
Restore accidentally removed comment
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-06-08 10:13:22 +01:00
ff45d44c02
Replace MBEDTLS_MD_CAN_SHA3 with MBEDTLS_MD_CAN_SHA3_xxx
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-06-08 10:11:34 +01:00
b61cd1042a
Correct minor merge mistakes
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-06-07 18:14:45 +01:00
