Sometimes you don't need to have all the parts of a key pair object. Relax
the behavior of mbedtls_ecp_keypair so that you can extract just the parts
that you need.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add a simple function to get the group id from a key object.
This information is available via mbedtls_ecp_export, but that function
consumes a lot of memory, which is a waste if all you need is to identify
the curve.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This reverts commit be978a8c4fc52965b486125f2993251025b1a399.
The feature is no longer needed, and the script is broken if you don't pass
--make-vars.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This reverts commit 6587959a32f978aeb02766c27cf30b04d8a245e1.
The feature is no longer needed, and the script is broken if you don't pass
--make-vars.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When building with Make on a Unix-like platform (shell and compiler),
auto-detect configurations that may require linking with pthread.
This removes the need for MAKE_THREADING_FLAGS in all.sh.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Create a common.make for definitions that are shared between tests/Makefile
and programs/Makefile, to facilitate maintenance. Start populating it with
CFLAGS/LDFLAGS variables. More to follow in subsequent commits.
Keep library/Makefile independent, at least for the time being.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Unify the treatment of MBEDTLS_TEST_OBJS between programs/Makefile and
tests/Makefile: include it via LOCAL_LD_FLAGS in both cases. Document why
the definition of MBEDTLS_TEST_OBJS is different.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
And remove the comment on the uniformity in the PK module
with regards to PSA_CRYPTO_C not being referenced anymore;
end users are probably not interested in that.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
And use it in the non-PSA version of mbedtls_pk_sign_ext()
to bypass checks that didn't succeed when used by TLS 1.3.
That is because in the failing scenarios the padding of
the RSA context is not set to PKCS_V21.
See the discussion on PR #7930 for more details.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.
Related dependencies and tests are updated as well.
Fixes#7583.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
This brings some improvements to comments/
function prototypes that relate to PKCS#1.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
