mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-14 18:40:50 +00:00

Author	SHA1	Message	Date
David Horstmann	4a523a608e	Add buffer copying to psa_sign_hash_start/complete Add buffer protection to: * psa_sign_hash_start(), which takes an input buffer for the hash. * psa_sign_hash_complete(), which takes an output buffer for the calculated signature. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-03-11 15:56:13 +00:00
Dave Rodgman	d282e264cd	Fix IAR warning Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-11 15:28:48 +00:00
David Horstmann	63dfb45e5e	Merge pull request #1181 from tom-daubney-arm/key_agreement_buffer_protection Implement safe buffer copying in key agreement	2024-03-11 15:10:49 +00:00
Janos Follath	43edc75e31	Merge pull request #8882 from Ryan-Everett-arm/threading-key-tests Test multi-threaded key generation	2024-03-11 15:07:48 +00:00
Dave Rodgman	9cc01ccbf8	Merge pull request #8831 from yanesca/switch_to_new_exp Use mpi_core_exp_mod in bignum	2024-03-11 13:40:46 +00:00
Ronald Cron	44193fa573	Fix and improve the change log Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-11 13:40:24 +01:00
Paul Elliott	a09b01b5a8	Merge pull request #8912 from Ryan-Everett-arm/double-destroy-key-bugfix Fix threading bug when multiple destroy_key calls run on the same key	2024-03-11 12:04:04 +00:00
Janos Follath	23dc8b5fd8	Fix code style Co-authored-by: Dave Rodgman <dave.rodgman@arm.com> Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-03-11 10:39:57 +00:00
Valerio Setti	e095a67bb2	pk: improve mbedtls_pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	6f5f9f5ce8	test_suite_pk: fix some comments Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	3b98c640ce	pk: fix documentation for mbedtls_pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	64d5fc0070	changelog: fix text and typos Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	4f1650d4af	changelog: enhance description Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	ab7ddbc812	test_suite_pk: when ANY_HASH is used then pick any available MD alg in the build Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	3433f832fb	test_suite_pk: improve PSA alg selection in pk_copy_from_psa_success() Use the same hashing algorithm as md_for_test. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	039bbbac33	test_suite_pk: destroy original xkey after pk_copy_from_psa() in pk_copy_from_psa_success() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	4114a54403	test_suite_pk: add description for psa_pub_key_from_priv() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	42a58a5249	test_suite_pk: minor fixes for test failures Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	e700d8086e	rsa: rsa_rsassa_pss_sign() to check MD alg both in parameters and RSA context This helps fixing a disparity between the legacy and the USE_PSA case for rsa_sign_wrap() in pk_wrap.c. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	f22eff99a6	test_suite_pk: add new test case for an algorithm only avaible in driver Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	a657ae388a	pk: pk_copy_from_psa() performs the conversion even if the algorithm doesn't match This commit also: - fixes existing tests and add new ones - updates documentation. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	1015985d8a	test_suite_pk: add more test cases for pk_copy_from_psa_success() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	d2ccc2f468	test_suite_pk: various minor fixes - removed redundant info from data file (i.e. informations that can be extrapolated somehow) - removed unecessary parameters in functions - added some extra check on the generated PK contexts - etc... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	8fb0fe8e12	pk: fixed documentation of mbedtls_pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	2f08f4cdb8	add changelog Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	61a47a46ea	test_suite_pk: extend testing in pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	aeeefef64e	pk_wrap: use correct PSA alg in rsa_encrypt_wrap() when USE_PSA This bugfix was due in PR #8826, but we didn't catch that. This commit also add proper testing in test_suite_pk that was not implemented in #8826. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	88e2dac6d6	test_suite_pk: rename PK context variables Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	e8fe3e76c4	test_suite_pk: add key pair check in pk_copy_from_psa_success() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	5ac511b45a	pk: let psa_export_key() check if the key is exportable or not Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:58 +01:00
Valerio Setti	3a815cbd2f	all.sh: keep RSA_C enabled in component_full_no_pkparse_pkwrite() This is possible because after #8740 RSA_C no longer depends on PK to parse and write private/public keys. This commit also solves related issues that arose after this change in "pk.c" and "test_suite_pk". In particular now we can use rsa's module functions for parsing and writing keys without need to rely on pk_parse and pk_write functions. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 11:34:53 +01:00
Minos Galanakis	f9a6893b55	Changelog: Added entry for ssl_session accessors. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2024-03-11 10:09:44 +00:00
Janos Follath	adb9d2d822	Remove volatile from declaration Use of volatile is more an internal implementation detail (ensuring const-time) than part of the contract (the caller doesn't care about volatile as such). Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-03-11 10:03:05 +00:00
Janos Follath	d6df0a5dac	Fix use of volatile We need the pointer, A, to be volatile, to ensure the reads happen. bits does not need to be volatile. Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-03-11 09:40:03 +00:00
Janos Follath	b888bc0be6	Fix typo Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-03-11 09:29:53 +00:00
Valerio Setti	61532e9a6b	test_suite_pk: fix typos Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Valerio Setti	1346075cfd	pk_ecc: fix documentation Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Valerio Setti	01ba66d56e	pk: replace CRYPTO_CLIENT guards with CRYPTO_C Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Valerio Setti	a41654d5b1	all.sh: add test component based on full config without PK_[PARSE\|WRITE]_C Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Valerio Setti	851f190da7	pk: move ECC setters to a separate file - These functions are used both in pkparse.c for key parsing as well as pk.c for managing copy_from_psa(). As as consequence they should belong to pk.c, but that would make that module messier, so that's why a new separate module is added. - Their guard can be changed from PKPARSE_C to PK_C. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Valerio Setti	452d2d2ccb	test_suite_pk: add some initial testing for mbedtls_pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:48:40 +01:00
Valerio Setti	070d95e958	pk: add mbedtls_pk_copy_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:47:27 +01:00
Valerio Setti	3bfad3a8dc	pkparse: make EC/RSA setup functions internally available Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-11 09:37:33 +01:00
Manuel Pégourié-Gonnard	af3e574f5f	Merge pull request #8862 from valeriosetti/issue8825 Improve support of mbedtls_psa_get_random in client-only builds	2024-03-10 20:06:27 +00:00
Ronald Cron	61fd13c6a5	Merge remote-tracking branch 'mbedtls/development' into tls13-cli-max-early-data-size	2024-03-10 18:09:47 +01:00
Ronald Cron	9422725aba	tls13: cli: Discard ticket with zero lifetime Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-10 17:48:26 +01:00
Jerry Yu	ce79488dd5	tls13: srv: Fail connection if ticket lifetime exceed 7 days Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-10 17:42:43 +01:00
Ronald Cron	7e1f9f290f	Merge pull request #8854 from ronald-cron-arm/tls13-srv-max-early-data-size TLS 1.3: Enforce max_early_data_size on server	2024-03-09 00:16:07 +00:00
Ryan Everett	d868b746a8	Fix potential bug in psa_destroy_key where multiple threads can return PSA_SUCCESS Threads lose the mutex between locking the slot and changing the slot's state. Make it so that threads check if another thread has completed a destruction during this period. Also fix the issue with the incorrect status variable being used. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-08 18:39:07 +00:00
Janos Follath	16ef486c2c	Improve style Signed-off-by: Janos Follath <janos.follath@arm.com>	2024-03-08 17:25:57 +00:00

... 5 6 7 8 9 ...

30654 Commits