Valerio Setti 
							
						 
					 
					
						
						
							
						
						d24dfad7af 
					 
					
						
						
							
							library: x509: remove sig_opts from mbedtls_x509_sig_alg_gets()  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no > 
						
						
					 
					
						2025-05-07 09:06:52 +02:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
							
						
						68878ccdd0 
					 
					
						
						
							
							library: x509: simplify RSA-PSS management  
						
						... 
						
						
						
						- Do not store RSA-PSS signature options in CRL/CRT/CSR structures;
- During the parsing phase, just ensure that MGF1 hash alg is the same
  as the one used for the message.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no > 
						
						
					 
					
						2025-05-07 09:06:52 +02:00 
						 
				 
			
				
					
						
							
							
								Harry Ramsey 
							
						 
					 
					
						
						
							
						
						0f6bc41a22 
					 
					
						
						
							
							Update includes for each library file  
						
						... 
						
						
						
						Signed-off-by: Harry Ramsey <harry.ramsey@arm.com > 
						
						
					 
					
						2024-10-09 11:18:50 +01:00 
						 
				 
			
				
					
						
							
							
								Sam Berry 
							
						 
					 
					
						
						
							
						
						4f76194eaf 
					 
					
						
						
							
							Move function mbedtls_oid_get_numeric_string to x509.c  
						
						... 
						
						
						
						This commit moves the mbedtls_oid_get_numeric_string function definition
from oid.c to x509.c.
Signed-off-by: Sam Berry <sam.berry@arm.com > 
						
						
					 
					
						2024-09-18 21:23:17 +01:00 
						 
				 
			
				
					
						
							
							
								Elena Uziunaite 
							
						 
					 
					
						
						
							
						
						9fc5be09cb 
					 
					
						
						
							
							Replace MBEDTLS_MD_CAN_SHA1 with PSA_WANT_ALG_SHA_1  
						
						... 
						
						
						
						Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com > 
						
						
					 
					
						2024-09-04 18:12:59 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						c15ef93aa5 
					 
					
						
						
							
							Replace MBEDTLS_MD_CAN_SHA512 with PSA_WANT_ALG_SHA_512  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2024-08-28 18:20:25 +02:00 
						 
				 
			
				
					
						
							
							
								Elena Uziunaite 
							
						 
					 
					
						
						
							
						
						b66a991f04 
					 
					
						
						
							
							Replace MBEDTLS_MD_CAN_MD5 with PSA_WANT_ALG_MD5  
						
						... 
						
						
						
						Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com > 
						
						
					 
					
						2024-07-18 14:31:59 +03:00 
						 
				 
			
				
					
						
							
							
								Elena Uziunaite 
							
						 
					 
					
						
						
							
						
						0916cd702f 
					 
					
						
						
							
							Replace MBEDTLS_MD_CAN_SHA256 with PSA_WANT_ALG_SHA_256  
						
						... 
						
						
						
						Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com > 
						
						
					 
					
						2024-07-11 11:13:35 +03:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						2cf41a273e 
					 
					
						
						
							
							Merge pull request  #9171  from eleuzi01/replace-mbedtls-md-can-sha384  
						
						... 
						
						
						
						Replace MBEDTLS_MD_CAN_SHA384 with PSA_WANT_ALG_SHA_384 
						
						
					 
					
						2024-07-04 08:56:52 +00:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						45aa4d50de 
					 
					
						
						
							
							Merge pull request  #9125  from eleuzi01/replace-mbedtls-md-can-ripemd160  
						
						... 
						
						
						
						Replace MBEDTLS_MD_CAN_RIPEMD160 with PSA_WANT_ALG_RIPEMD160 
						
						
					 
					
						2024-07-04 08:38:40 +00:00 
						 
				 
			
				
					
						
							
							
								Elena Uziunaite 
							
						 
					 
					
						
						
							
						
						b476d4bf21 
					 
					
						
						
							
							Replace MBEDTLS_MD_CAN_SHA384 with PSA_WANT_ALG_SHA_384  
						
						... 
						
						
						
						Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com > 
						
						
					 
					
						2024-07-03 10:20:41 +01:00 
						 
				 
			
				
					
						
							
							
								Elena Uziunaite 
							
						 
					 
					
						
						
							
						
						fcc9afaf9d 
					 
					
						
						
							
							Replace MBEDTLS_MD_CAN_SHA224 with PSA_WANT_ALG_SHA_224  
						
						... 
						
						
						
						Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com > 
						
						
					 
					
						2024-07-02 11:08:04 +01:00 
						 
				 
			
				
					
						
							
							
								Elena Uziunaite 
							
						 
					 
					
						
						
							
						
						1b6fb219e9 
					 
					
						
						
							
							Replace MBEDTLS_MD_CAN_RIPEMD160 with PSA_WANT_ALG_RIPEMD160  
						
						... 
						
						
						
						Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com > 
						
						
					 
					
						2024-06-20 16:35:29 +01:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
							
						
						25b282ebfe 
					 
					
						
						
							
							x509: move internal functions declarations to a private header  
						
						... 
						
						
						
						Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no > 
						
						
					 
					
						2024-01-19 09:07:35 +01:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						16799db69a 
					 
					
						
						
							
							update headers  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-11-02 19:47:20 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						3cea3efc25 
					 
					
						
						
							
							Merge pull request  #8025  from AgathiyanB/accept-numericoid-hexstring-x509  
						
						... 
						
						
						
						Accept numericoid hexstring x509 
						
						
					 
					
						2023-09-13 08:54:33 +00:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						c7959b22c6 
					 
					
						
						
							
							Remove magic number in x509.c  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-09-12 17:56:58 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						86dc08599b 
					 
					
						
						
							
							Add asn1 write tag and len to x509 use c config  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-09-04 15:40:41 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						15df01240d 
					 
					
						
						
							
							Fix code style  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 17:50:00 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						022f86f108 
					 
					
						
						
							
							Prevent output of escaped null characters dn gets  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 16:56:04 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						8aa74ab6a9 
					 
					
						
						
							
							Add return for buffer too small when reading OIDs  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 16:42:27 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						f3b9724dcd 
					 
					
						
						
							
							Remove questionable use of macro.  
						
						... 
						
						
						
						MBEDTLS_X509_SAFE_SNPRINTF was used after mbedtls_oid_get_numeric_string
so instead we have expanded the macro and kept the relevant code.
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 16:37:11 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						07f472a88b 
					 
					
						
						
							
							Add corruption detected return when writing asn1  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 16:29:39 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						eb55867520 
					 
					
						
						
							
							Fix code style  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						af70c7dce7 
					 
					
						
						
							
							Write numeric oid directly to buffer  
						
						... 
						
						
						
						mbedtls_oid_get_numeric_string now points to output buffer in dn_gets
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						a7f9630925 
					 
					
						
						
							
							Remove duplicate '+' in comparison string  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						5adffb2488 
					 
					
						
						
							
							Refactor dn_gets use library function to write tag  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						2bf09a61a3 
					 
					
						
						
							
							Fix style on left shift operations  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						ee642d93a8 
					 
					
						
						
							
							Format preprocessor conditionals  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						7f639fc7ab 
					 
					
						
						
							
							Fix Windows x64 build errors with type conversions  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						a1f5c2d06f 
					 
					
						
						
							
							Move declaration of variables in dn_gets to top  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						0a4b6d88d0 
					 
					
						
						
							
							Alter conditions on hexstring output dn_gets  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						4987c8fcb0 
					 
					
						
						
							
							Fix code style on x509.c and x509_create.c  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						c9d74f3109 
					 
					
						
						
							
							Refactor AttributeType in mbedtls_x509_dn_gets  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						0eb6673a80 
					 
					
						
						
							
							Add preprocessor config guards  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						ddc720d209 
					 
					
						
						
							
							Add mbedtls_x509_dn_gets hexstring output  
						
						... 
						
						
						
						If the data is a bitstring or an octet string, instead use the hexstring
of the BER encoding (RFC 4514 Section 2.4)
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						f0e1ac59d8 
					 
					
						
						
							
							Rewrite nibble_to_hex_digit for readability  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						9d2507c81d 
					 
					
						
						
							
							Rename x509_int_to_hexdigit to nibble_to_hex_digit  
						
						... 
						
						
						
						Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:39:56 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						ef2decbe4a 
					 
					
						
						
							
							Escape hexpairs characters RFC 4514  
						
						... 
						
						
						
						Converts none ascii to escaped hexpairs in mbedtls_x509_dn_gets and
interprets hexpairs in mbedtls_x509_string_to_names.
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:38:16 +01:00 
						 
				 
			
				
					
						
							
							
								Agathiyan Bragadeesh 
							
						 
					 
					
						
						
							
						
						48513b8639 
					 
					
						
						
							
							Escape special characters RFC 4514  
						
						... 
						
						
						
						This escapes special characters according to RFC 4514 in
mbedtls_x509_dn_gets and de-escapes in mbedtls_x509_string_to_names.
This commit does not handle hexpairs.
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com > 
						
						
					 
					
						2023-08-22 10:38:16 +01:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						cfae6a1ae9 
					 
					
						
						
							
							Fix incorrect detection of HardwareModuleName  
						
						... 
						
						
						
						The hardware module name otherName SAN contains 2 OIDs:
 OtherName ::= SEQUENCE {
      type-id    OBJECT IDENTIFIER,
      value      [0] EXPLICIT ANY DEFINED BY type-id }
 HardwareModuleName ::= SEQUENCE {
                           hwType OBJECT IDENTIFIER,
                           hwSerialNum OCTET STRING }
The first, type-id, is the one that identifies the otherName as a
HardwareModuleName. The second, hwType, identifies the type of hardware.
This change fixes 2 issues:
1. We were erroneously trying to identify HardwareModuleNames by looking
at hwType, not type-id.
2. We accidentally inverted the check so that we were checking that
hwType did NOT match HardwareModuleName.
This fix ensures that type-id is correctly checked to make sure that it
matches the OID for HardwareModuleName.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2023-08-18 19:31:39 +01:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						2ea44d28de 
					 
					
						
						
							
							Fix: Set type_id in x509_get_other_name()  
						
						... 
						
						
						
						When parsing a subject alternative name of type otherName, retain the
type-id field of the otherName. Previously this was not copied to the
mbedtls_x509_san_other_name struct when it should have been.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2023-08-18 18:36:02 +01:00 
						 
				 
			
				
					
						
							
							
								Tom Cosgrove 
							
						 
					 
					
						
						
							
						
						836aed7cf8 
					 
					
						
						
							
							Merge pull request  #6003  from gstrauss/x509_time  
						
						... 
						
						
						
						mbedtls_x509_time performance and reduce memory use 
						
						
					 
					
						2023-07-06 09:28:14 +01:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						3ae1c4c0f7 
					 
					
						
						
							
							Fix formatting of explanatory commented code  
						
						... 
						
						
						
						Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2023-07-05 11:15:08 +01:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						b1d27bcd69 
					 
					
						
						
							
							Improve comment formatting  
						
						... 
						
						
						
						Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2023-07-05 10:00:31 +01:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						cdf5283dad 
					 
					
						
						
							
							Rename variables to more descriptive names  
						
						... 
						
						
						
						Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2023-07-05 09:58:03 +01:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						f032c9842d 
					 
					
						
						
							
							Improve #endif comments  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-06-29 12:09:27 +01:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						ffabb7b7da 
					 
					
						
						
							
							Fix unused function warning in x509.c  
						
						... 
						
						
						
						Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2023-06-28 16:22:50 +01:00 
						 
				 
			
				
					
						
							
							
								Demi Marie Obenour 
							
						 
					 
					
						
						
							
						
						690b8c9ca7 
					 
					
						
						
							
							Add a do-while loop around macros  
						
						... 
						
						
						
						This is good practice in C.
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com > 
						
						
					 
					
						2023-06-20 11:48:04 -04:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
							
						
						06c31fcd9f 
					 
					
						
						
							
							x509_parse_time() perf  
						
						... 
						
						
						
						Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com > 
						
						
					 
					
						2023-06-09 17:02:35 +01:00