4cd20313fe
Use user/peer instead role in jpake TLS code
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-10 09:18:03 +01:00
1e7a927118
Add input getters for jpake user and peer
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-10 09:18:03 +01:00
26c909d587
Enable support for user/peer for JPAKE
...
This is only partial support. Only 'client' and 'server' values are accepted for peer and user.
Remove support for role.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-10 09:18:02 +01:00
4da92832b0
Merge pull request #7117 from valeriosetti/issue6862
...
driver-only ECDSA: enable ECDSA-based TLS 1.2 key exchanges
2023-03-09 20:49:44 +01:00
bf4016e5d5
Merge pull request #6567 from mprse/ecjpake-driver-dispatch
2023-03-09 19:23:05 +00:00
5e5aa4a4e6
Merge pull request #7218 from tom-cosgrove-arm/fix-typos-230307
...
Fix typos in development prior to release
2023-03-08 17:19:59 +00:00
51b62ef23d
Merge pull request #7228 from tom-cosgrove-arm/fix-alignment.h-on-32-bit-systems
...
Fix mbedtls_bswap64() on 32-bit systems
2023-03-08 17:19:29 +00:00
913d9bb921
Merge pull request #7162 from valeriosetti/issue7055
...
Legacy MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C dependencies in test_suite_psa_crypto
2023-03-08 17:07:19 +01:00
75fba32cb3
ssl: use new macros for ECDSA capabilities
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-08 16:47:28 +01:00
289e5baa83
Merge pull request #7082 from valeriosetti/issue6861
...
driver-only ECDSA: add ssl-opt.sh testing with testing parity
2023-03-08 16:45:38 +01:00
bbe166e721
Fix mbedtls_bswap64() on 32-bit systems
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2023-03-08 13:23:24 +00:00
c15a2b949d
Update the text about gcc5 support for Armv8 CE
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2023-03-08 12:55:48 +00:00
733de595e3
psa_crypto_rsa: remove PK_WRITE_C in psa_rsa_export_key
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-08 11:03:09 +01:00
73a218513b
psa_crypto_rsa: add comment/explanation for residual PK_WRITE_C guard
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-08 11:03:09 +01:00
691e91adac
Further pake code optimizations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-08 09:54:00 +01:00
a2fc399f57
Merge pull request #6829 from AndrzejKurek/unify-psa-errors
...
Unify PSA to Mbed TLS error translation
2023-03-07 19:55:44 +01:00
12e3c8e019
Merge pull request #7168 from mpg/use-md
...
Use MD (not low-level hash interface) in X.509 and TLS
2023-03-07 19:55:12 +01:00
2f1d967643
ssl: fix included pk header file
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-03-07 18:14:34 +01:00
503d71769c
Enable explicit_bzero() on OpenBSD
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2023-03-07 12:51:11 +00:00
5c8505f061
Fix typos
...
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com >
2023-03-07 11:39:52 +00:00
fe780a3c4b
Merge pull request #7184 from gabor-mezei-arm/6349_Secp224r1_fast_reduction
...
Extract Secp224r1 fast reduction from the prototype
2023-03-07 10:57:58 +00:00
57580f2539
Use proper enum types for pake state/sequence/step
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-07 10:50:09 +01:00
4aa99403f4
Fix configuration for accelerated jpake
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-07 10:50:09 +01:00
4dc83d40af
Add check for pake operation buffer overflow
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-07 10:50:00 +01:00
e3ef3a15cd
Further pake code optimizations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-06 17:24:32 +01:00
97803abd2a
Update comment
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-06 16:32:16 +01:00
947cee18a1
Fix memory leak.
...
The function reset_checksum() can be called more than once with the same
handshake context (this happens with DTLS clients, and perhaps in other
cases as well). When that happens, we need to free the old MD contexts
before setting them up again.
Note: the PSA path was already doing the right thing by calling abort,
we just needed to do the same on the MD path.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-06 11:59:59 +01:00
228a30d16c
Merge pull request #7120 from mpg/md-light
...
Define "MD light" subset of MD
2023-03-06 11:02:19 +01:00
4693fd9e9e
Merge pull request #7173 from daverodgman/zeroize-platform
...
Use platform-provided secure zeroization
2023-03-06 09:16:12 +00:00
b0d96a23a9
Remove not-needed EABI exclusion
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-03-03 17:06:09 +00:00
45cef61fa4
Merge branch 'development' into md-light
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-03-03 14:28:13 +00:00
270b3f9790
Rename error_pair_t to mbedtls_error_pair_t
...
Required by our coding standards.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-03-03 05:54:13 -05:00
daf5b56b02
Translate to MD errors in ssl-tls.c
...
With the introduction of #7047 , ssl_tls.c uses
mbedtls_md_error_from_psa. This complicates
the dependencies for compiling in psa_to_md_errors,
since now these should be ifdeffed also by
MBEDTLS_USE_PSA_CRYPTO followed by a series of or'ed
MBEDTLS_HAS_ALG_SHA_XXX_VIA_MD_OR_PSA_BASED_ON_USE_PSA.
Since this mechanism will be removed soon, we can simplify it to
just MBEDTLS_USE_PSA_CRYPTO.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-03-03 05:52:28 -05:00
747ab4ea5e
Introduce error_pair_t to psa utils
...
This way error handling can be written in a cleaner way.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-03-03 05:23:45 -05:00
138b30ac62
Add missing const qualifiers
...
Also improve documentation
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-03-03 05:23:45 -05:00
ba24138e0f
Duplicate error logic in pk_wrap deprecated functions
...
GCC 4.6+ complains if a deprecated function calls another.
Working around this universally would require a lot of
preprocessing, this seems to be an easier solution.
Copy mbedtls_pk_error_from_psa code without duplicates
instead of calling the function.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-03-03 05:23:45 -05:00
8a045ce5e6
Unify PSA to Mbed TLS error translation
...
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2023-03-03 05:23:44 -05:00
6def41b146
Merge pull request #6932 from yuhaoth/pr/fix-arm64-host-build-and-illegal_instrucion-fail
...
Replace CPU modifier check with file scope target cpu modifiers
2023-03-02 15:36:41 +01:00
528bfa640c
Whitespace fix
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-03-02 13:54:43 +00:00
aeadc2d731
Apply naming convention
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-03-01 16:53:03 +01:00
6d6a720603
Protect against possible macro redefinition warning
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-03-01 15:09:40 +00:00
d1cddff71a
Merge pull request #7189 from daverodgman/armcc-fix
...
Fix macro redefinition warning from armclang
2023-03-01 11:59:26 +00:00
802ff1b116
Merge pull request #7147 from paul-elliott-arm/interruptible_sign_hash_codestyle_drivers
...
Remove driver entry points for psa_{get|set}_max_ops()
2023-03-01 10:46:09 +01:00
914c632646
Whitespace
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-03-01 09:30:14 +00:00
620f0dc850
Fix for 32-bit
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-02-28 18:42:33 +01:00
08a94953e1
Apply naming convention for p224
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-02-28 18:40:57 +01:00
e47899df20
Fix macro redefinition warning from armcc
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-02-28 17:39:03 +00:00
7e677fa2c5
Merge pull request #6389 from gilles-peskine-arm/ecdsa-use-psa-without-pkwrite
...
Remove pkwrite dependency in pk using PSA for ECDSA
2023-02-28 18:17:16 +01:00
b52b788e55
Merge pull request #6895 from yuhaoth/pr/add-aes-with-armv8-crypto-extension
...
Add AES with armv8 crypto extension
2023-02-28 18:16:37 +01:00
6a459f5de5
Merge pull request #7143 from paul-elliott-arm/interruptible_sign_hash_codestyle_wipeout
...
Update psa_wipe_output_buffer() and change name to psa_wipe_tag_output_buffer()
2023-02-28 15:34:06 +00:00
