mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-30 15:32:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
29,982 Commits 170 Branches 263 Tags
Commit Graph

6823 Commits

Author SHA1 Message Date
Valerio Setti
eca07140f3 psa_util: update documentation of EC conversion functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 13:41:52 +01:00
Valerio Setti
0e608807e3 psa: let mbedtls_ecc_group_from_psa() accept only exact bit lengths 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 13:41:52 +01:00
Valerio Setti
3b7663de29 psa_util: update the documentation of ECC conversion functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 13:41:52 +01:00
Valerio Setti
d36c313b53 psa: remove bits_is_sloppy parameter from mbedtls_ecc_group_from_psa() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 13:41:52 +01:00
Valerio Setti
ddba51e6c9 psa: rename "mbedtls_ecc_group_of_psa" to "mbedtls_ecc_group_from_psa" 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 13:41:52 +01:00
Manuel Pégourié-Gonnard
454ab28be5
Merge pull request #8668 from gilles-peskine-arm/asymmetric_key_data-secpr1 
Fix incorrect test data for SECP_R1 in automatically generated tests
 2024-01-09 09:21:14 +00:00
Valerio Setti
dd2afcd881 Revert "psa_util: add algorithm's availability checks for MD conversion functions" 
This reverts commit 3d2e0f5f42b9ac646f63d67e442f4af0f8a3fe4f.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 08:41:29 +01:00
Valerio Setti
cd38f27206 Revert "psa_util: fix typo in comment" 
This reverts commit 98f5db9fca7fa9dc3a30c3264b720e41589d713d.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 08:41:03 +01:00
Valerio Setti
d5cab81405 mbedtls_config: update documentation for CIPHER_C and CRYPTO_C 
Adding auto-enablement sections.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 07:23:33 +01:00
Valerio Setti
9772642b8c adjust_legacy_crypto: auto-enable CIPHER_C when any builtin cipher is enabled in PSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 07:23:33 +01:00
Valerio Setti
1aaffec7cf Revert "check_config: add check for PSA builtin unauthenticated ciphers" 
This reverts commit d5d99e800a0d648e976a28819ab8709daabcab9b.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-08 16:57:18 +01:00
Valerio Setti
c95ab2a1a0 mbedtls_config: extend documentation for MBEDTLS_PSA_CRYPTO_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-08 16:57:18 +01:00
Valerio Setti
95c32973f9 check_config: add check for PSA builtin unauthenticated ciphers 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-08 16:57:18 +01:00
Manuel Pégourié-Gonnard
4aad0ff510
Merge pull request #8632 from valeriosetti/issue8598 
[G5] Make block_cipher work with PSA
 2024-01-08 08:07:53 +00:00
Valerio Setti
98f5db9fca psa_util: fix typo in comment 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-05 18:17:38 +01:00
Manuel Pégourié-Gonnard
5bad043c06
Merge pull request #8641 from valeriosetti/issue8358 
G3-G4 wrap-up
 2024-01-04 10:48:00 +00:00
Gilles Peskine
44d557c52d Indicate which curves Mbed TLS supports 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-03 20:59:38 +01:00
Gilles Peskine
6e2069661e Note unusual curve size 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-03 20:59:03 +01:00
Gilles Peskine
2a22dac694 Fix typo in curve name 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-03 20:58:55 +01:00
Gilles Peskine
39b7bba8a0 Make input parameter const 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 17:56:54 +01:00
Dave Rodgman
1cc90a1003
Merge pull request #8517 from mschulz-at-hilscher/fixes/issue-6910 
Fixes redundant declarations for psa_set_key_domain_parameters
 2024-01-02 16:34:40 +00:00
Valerio Setti
6315441be7 adjust_legacy_from_psa: relax condition for legacy block cipher auto-enabling 
CCM/GCM can be either fully accelerated or rely on just the key type
being accelerated. This means that ultimately it is just the key
type which determines if the legacy block cipher modes need to
be auto-enabled or not.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-02 17:21:01 +01:00
Valerio Setti
3d2e0f5f42 psa_util: add algorithm's availability checks for MD conversion functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-02 14:57:47 +01:00
Valerio Setti
45c3cae8a5 md: move PSA conversion functions from md_psa.h to psa_util.h 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-02 13:26:04 +01:00
Valerio Setti
e581e140cc oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C 
This commit also updates test_suite_pkparse.data file adding
MBEDTLS_CIPHER_C dependencies whenever PKCS[5/12] is used.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-29 16:35:58 +01:00
Valerio Setti
1994e72e18 check_config/block_cipher: minor improvements 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-28 18:33:04 +01:00
Valerio Setti
e98ad5931a mbedls_config: update documentation for MBEDTLS_PKCS[5/12]_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-28 10:42:12 +01:00
Benson Liou
6d0a093582 use mbedtls_ssl_session_init() to init session variable 
Use mbedtls_ssl_session_init() to init variable just like
session-family APIs described

Signed-off-by: Benson Liou <benson.liou@sony.com>
 2023-12-27 22:03:24 +08:00
Gilles Peskine
62e33bcc64 New function mbedtls_ecp_write_public_key 
Directly export the public part of a key pair without having to go through
intermediate objects (using mbedtls_ecp_point_write_binary would require a
group object and a point object).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-24 15:23:19 +01:00
Gilles Peskine
ad5e437c8e mbedtls_ecp_read_key: explain how to set the public key 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-24 15:23:19 +01:00
Gilles Peskine
7ea72026cd New function mbedtls_ecp_keypair_calc_public 
For when you calculate or import a private key, and then need to calculate
the public key.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Gilles Peskine
28240323d3 New function mbedtls_ecp_set_public_key 
Set the public key in a key pair. This complements mbedtls_ecp_read_key and
the functions can be used in either order.

Document the need to call check functions separately.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Gilles Peskine
091a85a762 Promise mbedtls_ecp_read_key doesn't overwrite the public key 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Gilles Peskine
ba5b5d67aa Support partial export from mbedtls_ecp_keypair 
Sometimes you don't need to have all the parts of a key pair object. Relax
the behavior of mbedtls_ecp_keypair so that you can extract just the parts
that you need.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Gilles Peskine
e6886102ef New function mbedtls_ecp_keypair_get_group_id 
Add a simple function to get the group id from a key object.

This information is available via mbedtls_ecp_export, but that function
consumes a lot of memory, which is a waste if all you need is to identify
the curve.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Valerio Setti
6d3a68162c check_config: remove CIPHER_C requirement for PKCS[5/12] 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-21 16:40:03 +01:00
Valerio Setti
a69e872001 pkcs[5/12]: add CIPHER_C for [en/de]crypting functions 
This commit also updates corresponding test suites.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-21 16:39:04 +01:00
Waleed Elmelegy
049cd302ed Refactor record size limit extension handling 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-12-20 17:28:31 +00:00
Tomi Fontanilles
851d8df58d fix/work around dependency issues when !MBEDTLS_ECP_C 
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
 2023-12-20 13:09:27 +02:00
Tomi Fontanilles
bad170e159 pk: remove last references to MBEDTLS_PSA_CRYPTO_C 
They are replaced by MBEDTLS_USE_PSA_CRYPTO.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
8174662b64 pk: implement non-PSA mbedtls_pk_sign_ext() 
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.

Related dependencies and tests are updated as well.

Fixes #7583.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
a70b3c24f6 rsa: minor comment/guard improvements 
This brings some improvements to comments/
function prototypes that relate to PKCS#1.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Valerio Setti
689c0f71cb tests: use new CCM/GCM capability macros in tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-20 09:54:18 +01:00
Valerio Setti
bfa675fe48 adjust_legacy_crypto: add macros for CCM/GCM capabilities with key types 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-20 09:52:08 +01:00
Gilles Peskine
1a9e05bf08 Note that domain parameters are not supported with drivers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-19 12:23:22 +01:00
Gilles Peskine
5ad9539363 Remove DSA and DH domain parameters from the documentation 
Mbed TLS doesn't support DSA at all, and doesn't support domain parameters
for FFDH (only predefined groups).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-19 12:22:46 +01:00
Gilles Peskine
9deb54900e Document the domain_parameters_size==SIZE_MAX hack 
It was introduced in https://github.com/Mbed-TLS/mbedtls/pull/8616 but not
documented.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-18 21:01:18 +01:00
Bence Szépkúti
a085fa8ccf
Merge pull request #8627 from tom-cosgrove-arm/ip_len 
Avoid use of `ip_len` as it clashes with a macro in AIX system headers
 2023-12-18 02:03:17 +00:00
Valerio Setti
4ff405cf80 block_cipher: remove psa_key_type from mbedtls_block_cipher_context_t 
This information was redundant with the already existing mbedtls_block_cipher_id_t.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-15 16:10:52 +01:00
Valerio Setti
bd7528a592 ccm/gcm: use BLOCK_CIPHER whenever possible 
Prefer BLOCK_CIPHER instead of CIPHER_C whenever it's enabled.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-14 18:08:14 +01:00