mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00

Author	SHA1	Message	Date
Valerio Setti	de50413009	crypto_sizes: adjust PSA_VENDOR_FFDH_MAX_KEY_BITS based on the supported groups Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 15:56:30 +01:00
Valerio Setti	4ed8daa929	psa_crypto_ffdh: add guards for enabled domain parameters Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 15:56:30 +01:00
Valerio Setti	fecef8bc8e	config_adjust: fix adjustments between legacy and PSA Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 15:56:26 +01:00
Ryan Everett	4a0ba80bdb	Clarify psa_destroy_key documentation Co-authored-by: Janos Follath <janos.follath@arm.com> Signed-off-by: Ryan Everett <144035422+Ryan-Everett-arm@users.noreply.github.com>	2024-01-17 14:12:33 +00:00
Gilles Peskine	dd77343381	Open question for ECDSA signature that can be resolved during implementation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-17 14:33:32 +01:00
Gilles Peskine	d5b04a0c63	Add a usage parameter to mbedtls_pk_get_psa_attributes Let the user specify whether to use the key as a sign/verify key, an encrypt/decrypt key or a key agreement key. Also let the user indicate if they just want the public part when the input is a key pair. Based on a discussion in https://github.com/Mbed-TLS/mbedtls/pull/8682#discussion_r1444936480 Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-17 14:31:57 +01:00
Gilles Peskine	702d9f65f6	Resolve several open questions as nothing special to do Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-17 12:58:25 +01:00
Ryan Everett	38a2b7a6a3	Extend psa_wipe_key_slot documentation Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-17 11:45:44 +00:00
Ryan Everett	7ed542e0f1	Implement delayed deletion in psa_destroy_key and some cleanup Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-17 11:40:29 +00:00
Gilles Peskine	42a025dc9c	Reference filed issues All PK-related actions are now covered. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-17 12:35:31 +01:00
Dave Rodgman	885248c8ee	Add header guards Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-17 11:06:31 +00:00
Valerio Setti	bbff303fe1	crypto_config: define feature macros for DH keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 11:47:44 +01:00
Gilles Peskine	5a64c42693	Reference ongoing work Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-17 10:09:16 +01:00
Gilles Peskine	89ca6c7e72	typo Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-17 10:08:56 +01:00
Gilles Peskine	32294044e1	Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO It's useful in applications that want to use some PSA opaque keys regardless of whether all pk operations go through PSA. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-17 10:07:55 +01:00
Valerio Setti	584dc80d96	add changelog Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 08:06:32 +01:00
Bence Szépkúti	1325942c28	Merge pull request #8707 from bensze01/new_redirect_format Migrate to new RTD redirect format	2024-01-16 20:22:08 +00:00
Dave Rodgman	9039ba572b	Fix test dependencies Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 18:38:55 +00:00
Dave Rodgman	7e5b7f91ca	Fix error in ctr_drbg Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 17:28:25 +00:00
Dave Rodgman	b7778b2388	Fix ASAN error in test Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 16:27:34 +00:00
Bence Szépkúti	333ca8fdfc	Migrate to new RTD redirect format Migrate to the new redirect format introduced by ReadTheDocs in readthedocs/readthedocs.org#10881 Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2024-01-16 17:06:06 +01:00
Dave Rodgman	9f97566c04	Add Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 13:24:45 +00:00
Dave Rodgman	24ad1b59e8	Add NIST AES-CTR test vectors Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 13:24:45 +00:00
Dave Rodgman	4cc6fb9039	add test for multipart AES-CTR Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 13:24:45 +00:00
Valerio Setti	4860a6c7ac	test_suite_psa_crypto: revert known failing checks for [en\|de]cryption with opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 16:30:12 +01:00
Valerio Setti	62b6f10f64	test_driver_asymmetric_encryption: implement opaque [en/de]cryption functions Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 16:30:07 +01:00
Valerio Setti	66a827fc83	test_driver_key_management: make opaque [un]wrapping functions public Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 15:00:52 +01:00
Dave Rodgman	46697da5b3	Make gcm counter increment more efficient Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	174eeff235	Save 14 bytes in CTR-DRBG Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	591ff05384	Use optimised counter increment in AES-CTR and CTR-DRBG Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	ae730348e9	Add tests for mbedtls_ctr_increment_counter Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	b49cf1019d	Introduce mbedtls_ctr_increment_counter Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Ryan Everett	1d32a57764	Revert change to psa_destroy_key documentation Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:27:58 +00:00
Ryan Everett	709120a9ce	Revert change to return behaviour in psa_reserve_free_key_slot This change was a mistake, we still need to wipe the pointers here. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:50 +00:00
Ryan Everett	dfe8bf86a8	Return CORRUPTION_DETECTED instead of BAD_SLOT when the slot's state is wrong These error codes are only returned if the program has been tampered with, so they should be CORRUPTION_DETECTED. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:50 +00:00
Ryan Everett	4755e6bda4	Relax psa_wipe_key_slot to allow states other than SLOT_PENDING_DELETION psa_wipe_key_slot can now be called on a slot in any state, if the slot's state is PSA_SLOT_FULL or PSA_SLOT_PENDING_DELETION then there must be exactly 1 registered reader. Remove the state changing calls that are no longer necessary. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:35 +00:00
Dave Rodgman	c4f984f2a5	Iterate in 16-byte chunks Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:20:19 +00:00
Valerio Setti	5bb454aace	psa_crypto: allow asymmetric encryption/decryption also with opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 10:43:16 +01:00
Valerio Setti	f202c2968b	test_suite_psa_crypto: test asymmetric encryption/decryption also with opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 10:42:37 +01:00
Dave Rodgman	67223bb501	add support for AES-CTR to benchmark Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-12 18:33:57 +00:00
Tom Cosgrove	bc5d9165ae	Merge pull request #8554 from yanrayw/issue/8221/fix-tls-suiteB-profile TLS: remove RSA signature algorithms in `suite B` profile	2024-01-12 14:34:28 +00:00
Tom Cosgrove	f1ba1933cf	Merge pull request #8526 from yanrayw/issue/7011/send_record_size_limit_ext TLS1.3: SRV/CLI: add support for sending Record Size Limit extension	2024-01-12 13:39:15 +00:00
Waleed Elmelegy	f0ccf46713	Add minor cosmetic changes to record size limit changelog and comments Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-12 10:52:45 +00:00
Waleed Elmelegy	4b09dcd19c	Change renegotiation test to use G_NEXT_SRV Change renegotiation test to use G_NEXT_SRV to avoid problems when sending TLS 1.3 extensions since we exceed the extension limit in G_SRV. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-12 10:50:25 +00:00
Kusumit Ghoderao	153586a3d5	change values to ULL Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2024-01-12 11:19:16 +05:30
Paul Elliott	3519cfb3d8	Merge pull request #8639 from bensze01/release_components Set OpenSSL/GnuTLS variables when running release components	2024-01-11 15:38:35 +00:00
Ronald Cron	ae2213c307	Merge pull request #8414 from lpy4105/issue/uniform-ssl-check-function Harmonise the names and return values of check functions in TLS code	2024-01-11 13:51:39 +00:00
Ronald Cron	7c14afcaaa	Merge pull request #8595 from yanrayw/issue/8593/srv-CH-fix-version-check TLS1.3: SRV: check `min_tls_version` when parsing ClientHello	2024-01-11 13:34:09 +00:00
Waleed Elmelegy	85ddd43656	Improve record size limit changelog wording Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-11 11:07:57 +00:00
Manuel Pégourié-Gonnard	eeb96ac9fe	Merge pull request #8433 from yuhaoth/pr/add-deprecated-flag-for-sig_hashes-api Add deprecated flag in document for sig_hashes	2024-01-11 09:33:10 +00:00

... 6 7 8 9 10 ...

29468 Commits