4f69668558
Merge pull request #8082 from daverodgman/misc-code-size
...
Misc code size improvements
2023-09-02 11:44:31 +00:00
662c497395
Merge pull request #8144 from daverodgman/zeroize-stronger
...
Add more protection to mbedtls_platform_zeroize
2023-09-02 10:59:12 +01:00
1dab445804
Update guard for ecp
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-09-02 10:56:44 +01:00
16a76721b6
Merge pull request #8068 from paul-elliott-arm/fix_tls_zeroization
...
Fix TLS pad buffer zeroization
2023-09-01 23:35:23 +00:00
4d43f2ed0e
Add Everest to threat model
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-09-01 16:22:25 +01:00
02ad791f29
Merge pull request #8116 from gilles-peskine-arm/config_psa-changelog-3.5
...
Announce that #7420 is fixed
2023-09-01 13:53:44 +00:00
83ae22dbbd
Add Changelog entry
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-09-01 14:29:04 +01:00
c5fef82c52
Fix typo in pkcs5.c
...
Co-authored-by: Janos Follath <janos.follath@arm.com >
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2023-09-01 11:45:39 +01:00
fe55320b5c
Avoid error from old gcc version
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-09-01 11:15:28 +01:00
5f6060a1f3
Code style
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-09-01 11:00:58 +01:00
ba67451562
Fix gcc compile warnings
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-09-01 10:14:46 +01:00
ac3cf7c20b
Add more protection to mbedtls_platform_zeroize
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-09-01 10:09:31 +01:00
6147511bc0
Merge pull request #7955 from davidhorstmann-arm/psa-crypto-script-changes
...
Miscellaneous changes to scripts for PSA-Crypto enablement
2023-08-31 18:19:52 +00:00
6ebe7d2e3a
Merge pull request #8095 from davidhorstmann-arm/initialize-struct-get-other-name
...
Coverity fix: Set `type_id` in `x509_get_other_name()`
2023-08-31 16:26:00 +00:00
c43c3aaf02
Define all PSA_xxx macros to 1 rather than have them empty, for consistency
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2023-08-31 17:06:58 +01:00
b5d97156e4
Merge pull request #7857 from minosgalanakis/bugifx/address_curve_bits
...
[BigNum] test_suite_ecp: Fixed curve bit-length.
2023-08-31 13:14:11 +00:00
b4527fbd82
Add clarifications to the threading requirements
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 14:01:24 +01:00
b6954730f0
Fix typo
...
Co-authored-by: Ronald Cron <ronald.cron@arm.com >
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 13:54:21 +01:00
4f47f3dac8
Covert PSA guards to MBEDTLS
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-08-31 12:10:00 +01:00
a9a53a05f0
Merge remote-tracking branch 'origin/development' into misc-code-size
2023-08-31 11:53:46 +01:00
dea266f3f5
Use MBEDTLS_MD_LIGHT instead of MBEDTLS_MD_C
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-08-31 11:52:43 +01:00
8d706f6b59
Simplify camellia error conversion macros
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-08-31 11:48:44 +01:00
09a9e589c1
Add missing error conversion case
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-08-31 11:05:22 +01:00
68efcf56ed
Remove not-needed #include
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-08-31 10:09:05 +01:00
f7632382cc
Merge pull request #8130 from davidhorstmann-arm/fix-unnecessary-include-prefixes
...
Fix unnecessary header prefixes in tests
2023-08-31 08:57:26 +00:00
793654b78c
Merge pull request #8137 from paul-elliott-arm/regen_coverity_token
...
Regenerate coverity scan token
2023-08-31 14:55:39 +01:00
35633dd977
Add threading non-requirement
...
State explicitly the non-requirement that it's ok for psa_destroy_key to
block waiting for a driver.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 08:31:19 +01:00
7990a3296d
Explain the story about cryptography version requirements
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-08-31 09:30:56 +02:00
7b2b76a2d4
Merge pull request #7165 from yanrayw/7094-collect-compatsh-test-cases
...
check_test_cases.py: support to collect test cases for compat.sh
2023-08-31 07:30:20 +00:00
15d9ec29be
Improve thread safety presentation
...
- Use unique section titles so that there are unique anchors
- Make list style consistent between similar sections
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 08:22:21 +01:00
5a387c8515
Merge pull request #8140 from daverodgman/sha3-zeroize
...
Ensure mbedtls_sha3_finish zeroizes the context
2023-08-31 07:16:35 +00:00
984309c2c3
Call mbedtls_platform_zeroize via mbedtls_sha3_free
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-08-30 19:22:28 +01:00
dbddb00158
Ensure mbedtls_sha3_finish zeroizes the context
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-08-30 18:43:23 +01:00
240240dfae
Regenerate coverity scan token
...
On the advice of travis support, try regenerating the coverity scan
token to see if that fixes the connection to coverity scan
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-08-30 18:06:50 +01:00
03e9dea30b
Merge remote-tracking branch 'development' into psa_crypto_config-in-full
...
Conflicts:
* `include/psa/crypto_sizes.h`: the addition of the `u` suffix in this branch
conflicts with the rework of the calculation of `PSA_HASH_MAX_SIZE` and
`PSA_HMAC_MAX_HASH_BLOCK_SIZE` in `development`. Use the new definitions
from `development`, and add the `u` suffix to the relevant constants.
2023-08-30 18:32:57 +02:00
0385c2815c
Tighten thread safety requirements
...
We shouldn't violate the requirement that the key identifier can be
reused. In practice, a key manager may destroy a key that's in use by
another process, and the privileged world containing the key manager and
the crypto service should not be perturbed by an unprivileged process.
With respect to blocking, again, a key manager should not be blocked
indefinitely by an unprivileged application.
These are desirable properties even in the short term.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-30 16:44:04 +01:00
a2423debcc
Fix code style
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com >
2023-08-30 16:24:31 +01:00
52af0d08b4
Fix unsafe behaviour in MBEDTLS_ASN1_IS_STRING_TAG
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com >
2023-08-30 16:24:15 +01:00
de02ee268e
Refactor parse_attribute_value_string
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com >
2023-08-30 16:12:57 +01:00
1aece47e8c
Make hexpair_to_int take a char pointer
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com >
2023-08-30 16:05:24 +01:00
e9d1c8e1eb
Reword and reformat comments
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com >
2023-08-30 15:55:31 +01:00
ef6abd4062
Add blank lines after variable declarations
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com >
2023-08-30 15:55:12 +01:00
2c40b90598
ssl-opt.sh doesn't actually use OPENSSL_LEGACY: remove unused function
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-08-30 16:38:56 +02:00
22ec2aefa9
Fix unnecessary header prefixes in tests
...
Remove unnecessary "../library" prefix from test suite includes. This
makes the tests repo-agnostic between the mbedtls and psa-crypto repos.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-08-30 15:34:34 +01:00
1a8ebe39bf
Merge pull request #1050 from Mbed-TLS/update-restricted-2023-08-30
...
Sync development-restricted with tip of development
2023-08-30 15:47:22 +02:00
21d7d85af7
Fix mbedtls_pkcs5_pbes test function failure
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2023-08-30 13:12:09 +01:00
63f0abe226
check_test_cases: add a comment to explain idx in walk_compat_sh
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-08-30 18:31:37 +08:00
730bbee226
Merge remote-tracking branch 'origin/development' into update-restricted-2023-08-30
2023-08-30 11:22:00 +01:00
29bf911058
Merge pull request #7839 from daverodgman/psa-sha3
...
SHA-3 via PSA
2023-08-30 08:51:36 +00:00
8f3ec8ec9d
Use '--target' instead of shortened '-t'
...
This enables compatibility with older versions of CMake that do not have
the abbreviated switch.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-08-30 09:46:20 +01:00
