Hanno Becker
c3411d4041
Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
9ed1ba5926
Rename MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE
...
New name MBEDTLS_ERR_SSL_BAD_CERTIFICATE
Also, replace some instances of MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE
by MBEDTLS_ERR_SSL_DECODE_ERROR and MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER
as fit.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
5697af0d3d
Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
cbc8f6fd5d
Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-28 12:35:08 +01:00
Hanno Becker
a0ca87eb68
Remove MBEDTLS_ERR_SSL_BAD_HS_FINISHED
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
d200296f17
Remove MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
d934a2aafc
Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
d3eec78258
Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
666b5b45f7
Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
029cc2f97b
Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
b24e74bff7
Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP error code
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
d01fc5f583
Introduce MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE error code
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
241c19707b
Remove MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
bc00044279
Rename MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION
...
New name is MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
93636cce4a
Add MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Hanno Becker
2fe5f61e1a
Add generic codes for syntactic and semantic message parsing errors
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-06-28 12:35:07 +01:00
Bence Szépkúti
1b2a8836c4
Correct documentation references to Mbed TLS
...
Use the correct formatting of the product name in the documentation.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 10:37:19 +01:00
Bence Szépkúti
a1d1f5b84f
Fix typo
...
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:49:04 +01:00
Janos Follath
8a88f6274c
Merge pull request #4726 from athoelke/at-pbkdf2-doc-fixes
...
Fixes for PBKDF2 documentation
2021-06-28 09:47:57 +01:00
Bence Szépkúti
5c70c140b7
Remove def directive for version symbol
...
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:49 +01:00
Bence Szépkúti
1cafe5ce20
Base config compat check on MBETLS_VERSION_NUMBER
...
Any config with a version older than 3.0.0 or newer than
MBETLS_VERSION_NUMBER will be rejected.
This does mean that the current development version doesn'T accept *any*
value of MBETLS_CONFIG_VERSION, but this will be fixed when we bump the
version during our normal release process.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:48 +01:00
Bence Szépkúti
fc04aa2be5
Remove MBEDTLS_USER_CONFIG_VERSION handling
...
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:48 +01:00
Bence Szépkúti
2bb7456334
Base the config version on MBEDTLS_VERSION_NUMBER
...
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:48 +01:00
Bence Szépkúti
b2e23de0f3
Make config version symbols optional
...
Also remove them from the example configs, but keep the one in
mbedtls_config.h.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:48 +01:00
Bence Szépkúti
04982f7b6b
Move version defines to build_info.h
...
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:48 +01:00
Bence Szépkúti
d3da503c29
Move comment closer to relevant code
...
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:47 +01:00
Bence Szépkúti
ba7248abc4
Introduce versioning in the config files
...
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:47 +01:00
Bence Szépkúti
bb0cfeb2d4
Rename config.h to mbedtls_config.h
...
This commit was generated using the following script:
# ========================
#!/bin/sh
git ls-files | grep -v '^ChangeLog' | xargs sed -b -E -i '
s/((check|crypto|full|mbedtls|query)_config)\.h/\1\nh/g
s/config\.h/mbedtls_config.h/g
y/\n/./
'
mv include/mbedtls/config.h include/mbedtls/mbedtls_config.h
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:33 +01:00
Bence Szépkúti
c5c9eb4741
Move preprocessor logic to build_info.h
...
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:24:42 +01:00
Bence Szépkúti
c662b36af2
Replace all inclusions of config.h
...
Also remove preprocessor logic for MBEDTLS_CONFIG_FILE, since
build_info.h alreadyy handles it.
This commit was generated using the following script:
# ========================
#!/bin/sh
git ls-files | grep -v '^include/mbedtls/build_info\.h$' | xargs sed -b -E -i '
/^#if !?defined\(MBEDTLS_CONFIG_FILE\)/i#include "mbedtls/build_info.h"
//,/^#endif/d
'
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:24:07 +01:00
Bence Szépkúti
5ab7303409
Introduce a level of indirection in config header
...
Create a separate header file (mbedtls/build_info.h) to use when
depending on the config options defined in config.h.
Also copy the handling of the MBEDTLS_CONFIG_FILE macro into the new
header, so that the next commit can remove this code from every other
place where config.h used to be included.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:14:17 +01:00
Andrew Thoelke
52d18cd9a4
Remove trailing space
...
Signed-off-by: Andrew Thoelke <andrew.thoelke@arm.com>
2021-06-25 11:03:57 +01:00
Ronald Cron
3698fa1043
Merge pull request #4673 from gilles-peskine-arm/psa_crypto_spm-from_platform_h
...
Fix and test the MBEDTLS_PSA_CRYPTO_SPM build
2021-06-25 09:01:08 +02:00
Gilles Peskine
f00f152444
Add output size parameter to signature functions
...
The functions mbedtls_pk_sign(), mbedtls_pk_sign_restartable(),
mbedtls_ecdsa_write_signature() and mbedtls_ecdsa_write_signature_restartable()
now take an extra parameter indicating the size of the output buffer for the
signature.
No change to RSA because for RSA, the output size is trivial to calculate.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-25 00:46:22 +02:00
Gilles Peskine
1fed4b8324
Merge pull request #4720 from gilles-peskine-arm/gcm-finish-outlen
...
Add output_length parameter to mbedtls_gcm_finish
2021-06-24 20:02:40 +02:00
Andrew Thoelke
a0f4b595c5
Fixes for PBKDF2 documentation
...
Fix typos in the PBKDF2 documentation
Correct the constraints on PSA_KEY_USAGE_DERIVE and PSA_KEY_USAGE_VERIFY_DERIVATION, aligning them with the note against psa_key_derivation_input_key(). All key inputs must have the required usage flag to permit output or verification.
Correct the constraints on PSA_KEY_DERIVATION_INPUT_SECRET and PSA_KEY_DERIVATION_INPUT_PASSWORD, aligning them with 4feb611. psa_key_derivation_verify_key() does not require the secret/password input to be a key.
Signed-off-by: Andrew Thoelke <andrew.thoelke@arm.com>
2021-06-24 16:47:14 +01:00
Gilles Peskine
fedd52ca19
Merge pull request #4707 from gilles-peskine-arm/require-matching-hashlen-rsa-implementation
...
Require matching hashlen in RSA functions: implementation
2021-06-24 10:28:20 +02:00
Gilles Peskine
5a7be10419
Add output_length parameter to mbedtls_gcm_finish
...
Without this parameter, it would be hard for callers to know how many bytes
of output the function wrote into the output buffer. It would be possible,
since the cumulated output must have the same length as the cumulated input,
but it would be cumbersome for the caller to keep track.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-23 21:51:32 +02:00
Gilles Peskine
f06b92d724
Merge pull request #4567 from mstarzyk-mobica/gcm_ad
...
Enable multiple calls to mbedtls_gcm_update_ad
2021-06-23 19:36:23 +02:00
Dave Rodgman
cb17fc34cf
Merge pull request #4671 from mpg/x509-crt-profile-public
...
Make the fields of mbedtls_x509_crt_profile public
2021-06-23 16:06:12 +01:00
Ronald Cron
4f7cc1bb63
Merge pull request #4713 from gilles-peskine-arm/psa-storage-format-test-lifetimes-3.0
...
PSA storage format: test lifetimes
Almost straightforward of #4392 thus merging with only one approval.
2021-06-23 15:22:03 +02:00
Ronald Cron
44a0ae920c
Merge pull request #4710 from mstarzyk-mobica/ccm_taglen
...
Add missing tag_len in ccm api.
PR-4710-merge TLS Testing run successfully and the failure in PR-4710-head TLS Testing are CI problems thus merging.
2021-06-23 14:20:26 +02:00
Gilles Peskine
91466c8d3f
Hopefully clarify the example
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-23 13:53:56 +02:00
Gilles Peskine
52bb83e6ad
Fix mbedtls_svc_key_id_is_null when KEY_ID_ENCODES_OWNER
...
A null key id is a null key id even when it has an owner attached to it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-23 13:53:56 +02:00
Gilles Peskine
d133bb2909
New macro PSA_KEY_LIFETIME_IS_READ_ONLY
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-23 13:43:08 +02:00
Mateusz Starzyk
82c48c992c
Adjust tag_len documentation for the mbedtls_ccm_finish().
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-06-23 12:39:40 +02:00
Gilles Peskine
c9d86a05ce
Merge pull request #4665 from yanesca/issue-3990-fix_psa_verify_with_alt
...
Fix PSA RSA PSS verify with ALT implementations
2021-06-23 11:47:38 +02:00
Mateusz Starzyk
98d45b90b0
Add missing tag_len in ccm api.
...
Function ccm_set_lengths requires tag_len argument for
the B[0] calculation.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-06-23 10:49:22 +02:00
Paul Elliott
7220cae93c
Ensure generate nonce unavailable in decrypt
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-06-22 22:14:47 +01:00
Gilles Peskine
e9bc857327
Merge pull request #4552 from hanno-arm/mbedtls_3_0_key_export
...
Implement modified key export API for Mbed TLS 3.0
2021-06-22 18:52:37 +02:00