35085c5e89
Merge pull request #7930 from tomi-font/7583-non-PSA_pk_sign_ext
...
Implement non-PSA pk_sign_ext()
2023-12-20 14:30:08 +00:00
3fab8a4deb
driver-only-builds: fix typos
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-20 14:25:37 +01:00
851d8df58d
fix/work around dependency issues when !MBEDTLS_ECP_C
...
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no >
2023-12-20 13:09:27 +02:00
e6a664ed65
changelog: fix missing newline at end of file
...
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no >
2023-12-20 13:05:55 +02:00
9f41770313
pk_*: remove remaining references to MBEDTLS_PSA_CRYPTO_C
...
For real this time.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com >
2023-12-20 13:05:55 +02:00
5297e43eec
non-psa-pk-implementation: rephrase the changelog entry
...
And remove the comment on the uniformity in the PK module
with regards to PSA_CRYPTO_C not being referenced anymore;
end users are probably not interested in that.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com >
2023-12-20 12:59:57 +02:00
bad170e159
pk: remove last references to MBEDTLS_PSA_CRYPTO_C
...
They are replaced by MBEDTLS_USE_PSA_CRYPTO.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com >
2023-12-20 12:59:57 +02:00
1941af087c
pk_wrap: remove last references to MBEDTLS_PSA_CRYPTO_C
...
Deprecated functions are removed and #ifdefs are updated accordingly.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com >
2023-12-20 12:59:57 +02:00
9c69348c24
pk test suite: rename the parameter named parameter
...
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com >
2023-12-20 12:59:57 +02:00
573dc23141
rsa: introduce rsa_internal_rsassa_pss_sign_no_mode_check()
...
And use it in the non-PSA version of mbedtls_pk_sign_ext()
to bypass checks that didn't succeed when used by TLS 1.3.
That is because in the failing scenarios the padding of
the RSA context is not set to PKCS_V21.
See the discussion on PR #7930 for more details.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com >
2023-12-20 12:59:57 +02:00
8174662b64
pk: implement non-PSA mbedtls_pk_sign_ext()
...
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.
Related dependencies and tests are updated as well.
Fixes #7583 .
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com >
2023-12-20 12:59:57 +02:00
80ca493284
gitignore: add clangd index files
...
https://clangd.llvm.org/design/indexing#backgroundindex
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com >
2023-12-20 12:59:57 +02:00
a70b3c24f6
rsa: minor comment/guard improvements
...
This brings some improvements to comments/
function prototypes that relate to PKCS#1.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com >
2023-12-20 12:59:57 +02:00
5eb8de12cb
driver-only-build: remove paragraph about RSA/DH deterministic key generation
...
This feature is not supported at all in MbedTLS, driver or not.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-20 11:59:32 +01:00
9934f834af
Merge pull request #7766 from gilles-peskine-arm/psa-transition-doc-create
...
Legacy-to-PSA transition guide
2023-12-20 10:28:31 +00:00
5f665c3a0d
analyze_outcomes: add exceptions to disparities for block_cipher dispatch
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-20 09:56:05 +01:00
9afa329b80
analyze_outcomes: allow ignored test suites to have a dot in the name
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-20 09:55:28 +01:00
45c84feacc
test_suite_ccm: add missing BLOCK_CIPHER_PSA_[INIT/DONE]()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-20 09:54:39 +01:00
689c0f71cb
tests: use new CCM/GCM capability macros in tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-20 09:54:18 +01:00
bfa675fe48
adjust_legacy_crypto: add macros for CCM/GCM capabilities with key types
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-20 09:52:08 +01:00
299bbacd7d
Merge pull request #8644 from gilles-peskine-arm/domain_parameters_document_size_hack
...
Document the domain_parameters_size==SIZE_MAX hack
2023-12-20 08:27:47 +00:00
a4b38f24fd
Merge pull request #8579 from valeriosetti/issue7995
...
PK: clean up pkwrite
2023-12-20 08:20:10 +00:00
50333977c6
cipher_wrap: fix guards for alloc/free functions of CCM/GCM
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-20 07:36:05 +01:00
4a8ef7cd9b
all.sh: disable legacy AES/ARIA/CAMELLIA in test_full_block_cipher_psa_dispatch
...
This commit also:
- rename the reference component as component_test_full_block_cipher_legacy_dispatch()
- add a common configuration function, named common_block_cipher_dispatch() that
is used from both accelerated and reference components
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-20 07:35:41 +01:00
c393222643
Work around clang 3.8 bug
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-19 18:52:35 +00:00
a69c782351
Merge pull request #8634 from daverodgman/iar-fixes
...
IAR warning fix & some improvements
2023-12-19 16:26:23 +00:00
fc5b9553b2
Don't use full path for setting CC
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-19 16:08:19 +00:00
bc8e61d962
Use gcc in test_full_deprecated_warning
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-19 14:07:15 +00:00
d47186d6e3
Disable automatic setting of clang target flags on old clang
...
Old versions of clang don't support this pragma, so we have to assume
that the user will have set the flags.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-19 13:11:47 +00:00
d8d6451a6e
Add -O2 to some CFLAGS which were not setting it
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-19 12:20:21 +00:00
ea03ef9a77
Don't specify gcc unless the test requires it
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-19 12:19:59 +00:00
dfe5ce81ee
Use clang -O2 in common_block_cipher_no_decrypt
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-19 11:47:18 +00:00
590519f535
Enable -O2 in depends.py
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-19 11:33:55 +00:00
1a9e05bf08
Note that domain parameters are not supported with drivers
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-12-19 12:23:22 +01:00
5ad9539363
Remove DSA and DH domain parameters from the documentation
...
Mbed TLS doesn't support DSA at all, and doesn't support domain parameters
for FFDH (only predefined groups).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-12-19 12:22:46 +01:00
9da01a7f53
all.sh: rename test_psa_crypto_config_accel_cipher to accel_des
...
Renaming this test component in order to better explain what it
really does.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-19 08:05:40 +01:00
70f05bedd6
changelog: add changelog for accelerated ciphers and AEADs
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-19 08:05:37 +01:00
7f062a58fb
pkwrite: add newlines when calling mbedtls_pem_write_buffer()
...
New defines, which are shared with the pkparse module, lack the
new line so we manually add it when invoking
mbedtls_pem_write_buffer().
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-19 07:48:42 +01:00
4bb5740a7d
Revert "pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()"
...
This reverts commit 180915018dvalerio.setti@nordicsemi.no >
2023-12-19 07:48:38 +01:00
d0a594d444
Use gcc in test_psa_compliance
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-18 22:29:56 +00:00
932ce859d5
Ensure test_psa_compliance uses gcc
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-18 20:35:54 +00:00
9deb54900e
Document the domain_parameters_size==SIZE_MAX hack
...
It was introduced in https://github.com/Mbed-TLS/mbedtls/pull/8616 but not
documented.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-12-18 21:01:18 +01:00
0c5bfe816f
Ensure clang is present
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-18 19:53:25 +00:00
66cbc83844
Use clang by default
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-12-18 18:34:50 +00:00
22dbaf05b6
Add AES_PSA_INIT() to thread test case
...
Tests were failing when PSA was being used in ctr_drbg_seed() as PSA was
not initialised.
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-12-18 18:18:04 +00:00
7e11dd6ec6
driver-only-builds: add section for accelerated ciphers/AEADs
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-12-18 15:52:44 +01:00
445af3c25a
Move test dependancies to function file
...
Dependancies are determined by code in this case.
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-12-18 14:49:34 +00:00
e4b3f75298
Remove unnecessary check
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-12-18 14:49:34 +00:00
79dc6dad81
Improve make pthread linking mechanism
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-12-18 14:49:34 +00:00
40f0ec246e
Remove requirement for SHA512 from ctr_drbg test
...
Set the entropy len prior to doing the test to ensure the outcome is the
same regardless of whether SHA512 or SHA256 is used.
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-12-18 14:49:34 +00:00
