lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-25 12:41:56 +03:00
Code Activity
23,292 Commits 173 Branches 268 Tags
a22749e7496ff9211d8c201fe7633cbd291261d3
Commit Graph

161 Commits

Author SHA1 Message Date
Valerio Setti
7ca1318256 pk: add new symbol for generic ECDSA capability 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-07 08:02:23 +01:00
Valerio Setti
ab363d9fe1 pk/pk_wrap: replace ECDSA_C with generic ECDSA capabilities' defines 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-02-07 08:02:23 +01:00
Gilles Peskine
449bd8303e Switch to the new code style 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-01-11 14:50:10 +01:00
Manuel Pégourié-Gonnard
4dacf58d6d Take advantage of now-public macro in pk.c 
Used to be private, hence the duplication, but that's been fixed in the
meantime, I guess we just missed this occurrence.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-12-21 09:50:17 +01:00
Manuel Pégourié-Gonnard
6958355a51 Use PSA Crypto more often in pk_verify_ext() 
See https://github.com/Mbed-TLS/mbedtls/issues/5277 - strategy 1.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-12-21 09:49:57 +01:00
Tuvshinzaya Erdenekhuu
c388af63e4 Remove extra spacings 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:25 +01:00
Tuvshinzaya Erdenekhuu
78c1d8c299 Re-introduce ENUM validation in pk.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:25 +01:00
Tuvshinzaya Erdenekhuu
26b39c6c6f Remove NULL pointer validation in pk.c 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-08-31 10:14:25 +01:00
Manuel Pégourié-Gonnard
abac037a7b Migrate from old inline to new actual function. 
This is mostly:

    sed -i 's/mbedtls_psa_translate_md/mbedtls_hash_info_psa_from_md/' \
    library/*.c tests/suites/*.function

This should be good for code size as the old inline function was used
from 10 translation units inside the library, so we have 10 copies at
least.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-18 21:28:38 +02:00
Manuel Pégourié-Gonnard
4772884133 New internal module for managing hash information 
Using static inline functions is bad for code size; the function from
md_internal.h was already used from 3 different C files, so already was
copied at least 3 times in the library, and this would only get worse
over time.

Use actual functions, and also share the actual data between them.

Provide a consistent set of operations. Conversion to/from
human-readable string was omitted for now but could be added later if
needed.

In the future, this can be used to replace other similar (inline)
functions that are currently scattered, including (but perhaps not
limited to):
- mbedtls_psa_translate_md() from psa_util.h
- mbedtls_md_info_from_psa() (indirectly) from psa_crypto_hash.h
- get_md_alg_from_psa() from psa_crypto_rsa.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-18 21:28:38 +02:00
Manuel Pégourié-Gonnard
a370e06e30 Avoid dependency of PK on MD 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:18 +02:00
Neil Armstrong
81d391f773 Check when usage == 0 in mbedtls_pk_can_do_ext() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 09:26:16 +02:00
Neil Armstrong
b80785f1a4 Comment typo fix in mbedtls_pk_can_do_ext() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 09:25:55 +02:00
Neil Armstrong
084338d336 Change mbedtls_pk_can_do_ext() usage test logic for opaque keys 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-19 16:22:40 +02:00
Neil Armstrong
bbb8b75f20 Fixup comment of mbedtls_pk_can_do_ext() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-17 14:58:27 +02:00
Neil Armstrong
408f6a60a3 Add usage parameter to mbedtls_pk_can_do_ext() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-17 14:23:20 +02:00
Neil Armstrong
dab56ba2bd Fix typo in mbedtls_pk_can_do_ext() code documentation 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-17 11:56:55 +02:00
Neil Armstrong
a88b15897d Add implementation of mbedtls_pk_can_do_ext() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-12 11:53:02 +02:00
Neil Armstrong
a1fc18fa55 Change mbedtls_pk_wrap_as_opaque() signature to specify alg, usage and key_enrollment_algorithm 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-28 13:27:59 +02:00
Neil Armstrong
13e76be02b Reorganize & simplify mbedtls_pk_sign_ext() handling of wrapped RSA-PSS 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-21 12:08:52 +02:00
Neil Armstrong
62d452baac Implement PK Opaque RSA PSS signature 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-12 15:11:49 +02:00
Neil Armstrong
7624a5ae5e Allow RSA PK Opaque keys for RSA-PSS signing 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-12 10:09:26 +02:00
Neil Armstrong
56e71d4d1a Update documentation of mbedtls_pk_setup_opaque() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-08 15:12:42 +02:00
Neil Armstrong
eccf88fa48 Only accept RSA key pair in mbedtls_pk_setup_opaque() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-08 15:11:50 +02:00
Neil Armstrong
c1152e4a0f Handle and return translated PSA errors in mbedtls_pk_wrap_as_opaque() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-07 15:01:24 +02:00
Neil Armstrong
7e1b4a45fa Use PSA_BITS_TO_BYTES instead of open-coded calculation in mbedtls_pk_wrap_as_opaque() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-07 15:01:24 +02:00
Neil Armstrong
ca5b55f0d1 Add support for RSA in mbedtls_pk_wrap_as_opaque() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-07 15:01:24 +02:00
Neil Armstrong
eabbf9d907 Add support for RSA PK Opaque key 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-04-07 14:51:47 +02:00
Neil Armstrong
80325d00cf Allow ECDSA PK Opaque keys for ECDH Derivation 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-31 15:24:17 +02:00
Jerry Yu
fb0621d841 fix pk_sign_ext issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 11:42:06 +08:00
Jerry Yu
89107d1bc2 fix ci fail without RSA_C 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:14:53 +08:00
Jerry Yu
406cf27cb5 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:14:53 +08:00
Jerry Yu
b02ee18e64 replace use_psa_crypto with psa_crypto_c 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:35 +08:00
Jerry Yu
b6875bc17a change rsa_pss salt type 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:35 +08:00
Jerry Yu
704cfd2a86 fix comments and style issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:35 +08:00
Jerry Yu
718a9b4a3f fix doxgen fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
1d172a3483 Add pk_psa_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
8beb9e173d Change prototype of pk_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
d69439aa61 add mbedtls_pk_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Neil Armstrong
19915c2c00 Rename error translation functions and move them to library/pk_wrap.* 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-03-01 15:21:02 +01:00
Neil Armstrong
3f9cef4547 Remove actual and use new PSA to mbedtls PK errors mapping functions 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 15:44:39 +01:00
Neil Armstrong
a3fdfb4925 Introduce new PSA to mbedtls PK error mapping function 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-02-22 14:37:00 +01:00
Andrzej Kurek
d70fa0e327 Restructure error handling in mbedtls_pk_verify_ext 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-17 10:51:15 -05:00
Andrzej Kurek
59550537f0 Change signature_length type to size_t 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-16 07:46:42 -05:00
Andrzej Kurek
4a953cdd9f pk: properly handle signatures in larger buffers when using PSA 
As stated in function documentation.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-16 06:13:35 -05:00
Andrzej Kurek
8666df6f18 Add signature length mismatch handling when using PSA in pk_verify_ext 
Introduce a regression test for that too.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-15 08:23:02 -05:00
Andrzej Kurek
90ba2cbd0a Cosmetic changes to return placement and variable naming 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-15 08:18:44 -05:00
Andrzej Kurek
7db1b78fff Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO 
Duplicate a test case but with a different expected error
due to error translation to and from PSA.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-09 14:13:44 -05:00
Andrzej Kurek
03e01461ad Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO 
Fix library references, tests and programs.
Testing is performed in the already present all.sh test.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-01-03 12:53:24 +01:00
Gilles Peskine
f00f152444 Add output size parameter to signature functions 
The functions mbedtls_pk_sign(), mbedtls_pk_sign_restartable(),
mbedtls_ecdsa_write_signature() and mbedtls_ecdsa_write_signature_restartable()
now take an extra parameter indicating the size of the output buffer for the
signature.

No change to RSA because for RSA, the output size is trivial to calculate.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-25 00:46:22 +02:00