mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-20 21:39:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
27,511 Commits 172 Branches 263 Tags
Commit Graph

6412 Commits

Author SHA1 Message Date
Valerio Setti
3d237b5ff1 ssl_misc: fix guards for PSA data used in XXDH key exchanges 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 19:02:16 +02:00
Valerio Setti
0a0d0d5527 ssl: keep all helper definitions in ssl_ciphersuites.h 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 17:31:40 +02:00
Valerio Setti
ed365e66bb ssl: improve/fix definitions for internal helpers 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 17:31:40 +02:00
Valerio Setti
a15078b784 pk: do not duplicate internal symbols for ECDH/ECDSA capabilities 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 17:31:40 +02:00
Valerio Setti
e87915b66f ssl: update new symbols to include also FFDH 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 17:23:53 +02:00
Valerio Setti
b302efc8d9 debug: replace ECDH_C symbol with key exchange one 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 17:23:53 +02:00
Valerio Setti
c2232eadfb tls: replace PK_CAN_ECDH guards with new helpers 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 17:23:53 +02:00
Valerio Setti
7aeec54094 tls: replace ECDH_C guards with new helpers 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 17:23:53 +02:00
Valerio Setti
00dc4063e2 ssl: add new helpers for TLS 1.2/1.3 ECDH(E) key exchanges 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-07 17:23:53 +02:00
Andrzej Kurek
c508dc29f6 Unify csr and crt san writing functions 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-07-07 09:05:30 -04:00
Manuel Pégourié-Gonnard
9967f11066
Merge pull request #7810 from valeriosetti/issue7771 
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/ECC
 2023-07-07 10:22:47 +02:00
Manuel Pégourié-Gonnard
999ce227fc Make the PSA-mbedtls RNG API public 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:47:28 +02:00
Manuel Pégourié-Gonnard
abfe640864 Rationalize includes in psa_util 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:47:27 +02:00
Manuel Pégourié-Gonnard
b7e8939198 Move error functions to internal header 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:47:26 +02:00
Manuel Pégourié-Gonnard
a5a8f29d7e Move ECC and FFDH macros to internal header 
ECC macros used in the following files:

library/pk.c
library/pk_wrap.c
library/pkparse.c
library/pkwrite.c
library/ssl_misc.h
library/ssl_tls12_client.c

FFDH macro use only in library/ssl_misc.h so could possibly be moved
there, but it seems cleaner to keep it close to the ECC macros are they
are very similar in nature.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:45:54 +02:00
Manuel Pégourié-Gonnard
f9b012f313 Remove unused function from psa_util.h 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:42:33 +02:00
Manuel Pégourié-Gonnard
5c731b0afb Use consistent guards for deprecated feature 
Fixes an "unused static function" warning in builds with
DEPRECATED_REMOVED.

While at it, remove an include that's now useless.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:42:33 +02:00
Manuel Pégourié-Gonnard
efcc1f21c8 Make cipher functions static in cipher.c 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:42:33 +02:00
Manuel Pégourié-Gonnard
2be8c63af7 Create psa_util_internal.h 
Most functions in psa_util.h are going to end up there (except those
that can be static in one file), but I wanted to have separate commits
for file creation and moving code around, so for now the new file's
pretty empty but that will change in the next few commits.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-06 12:42:33 +02:00
Tom Cosgrove
836aed7cf8
Merge pull request #6003 from gstrauss/x509_time 
mbedtls_x509_time performance and reduce memory use
 2023-07-06 09:28:14 +01:00
Dave Rodgman
852b6c30b7 Support MBEDTLS_MD_SHA3_xxx_VIA_PSA 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 19:47:08 +01:00
Dave Rodgman
527f48f14d Add OID definitions for SHA3 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 18:57:30 +01:00
Dave Rodgman
3d0c8255aa
Merge pull request #7825 from daverodgman/cipher_wrap_size 
Cipher wrap size improvement
 2023-07-05 15:45:48 +01:00
Dave Rodgman
761d0dcfbf Improve doxygen formatting 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 12:33:53 +01:00
Dave Rodgman
ff4c2db489 Improve comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-07-05 12:11:32 +01:00
Kusumit Ghoderao
3fde8feaa9 FIx name of macro 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:02 +05:30
Kusumit Ghoderao
b3042c39fe Define PSA_ALG_WANT_PBKDF2_AES_CMAC_PRF_128 and fix config 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:17:02 +05:30
Kusumit Ghoderao
857cd4b3ee Add AES_CMAC_PRF_128 output size macro 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:16:59 +05:30
Kusumit Ghoderao
dd45667a18 Define struct for pbkdf2_cmac 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:16:59 +05:30
Kusumit Ghoderao
3cb6e41dfa Add define for builtin pbkdf2_cmac 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-07-04 15:16:59 +05:30
Andrzej Kurek
2b3c06edb3 Enable certain documented defines only when generating doxygen 
Avoid an "unrecognized define" error.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-07-03 10:42:15 -04:00
Manuel Pégourié-Gonnard
56b159a12a
Merge pull request #7627 from mprse/ffdh_tls13_v2 
Make use of FFDH keys in TLS 1.3 v.2
 2023-07-03 10:12:33 +02:00
Valerio Setti
06dfba7fd9 config_psa: enabled EC key derivation support when ECP_C is enabled 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:22 +02:00
Valerio Setti
27c501a10c lib/test: replace BASIC_IMPORT_EXPORT internal symbol with BASIC,IMPORT,EXPORT 
Also the python script for automatic test generation is fixed accordingly

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:22 +02:00
Valerio Setti
6a9d0ee373 library/test: replace LEGACY symbol with BASIC_IMPORT_EXPORT 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:21 +02:00
Valerio Setti
73fc082fcd config_psa: introduce new internal KEY_PAIR symbol for BASIC+IMPORT+EXPORT 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-30 10:16:21 +02:00
Gilles Peskine
053022fe24 Reduce the size of mbedtls_mpi 
Reduce the size of mbedtls_mpi from 3 words to 2 on most architectures.

This also reduces the code size significantly in bignum.o and ecp_curves.o,
with negligible variations in other modules.

This removes the ability to set MBEDTLS_MPI_MAX_LIMBS to a value >=65536,
but we don't support customizing this value anyway (it's always 10000).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-29 19:33:44 +02:00
Andrzej Kurek
aae3208c29 Add an mbedtls_calloc(SIZE_MAX/2, SIZE_MAX/2) test 
It should return NULL and not a valid pointer.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
84356a16e9 Add a description of how mbedtls_calloc is determined 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
ecaf6fb8b2 Documentation and cosmetic fixes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
2d981f092e Extend mbedtls_calloc and mbedtls_free documentation 
Co-authored-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
c08ccd00f3 Add a test for calloc zeroization 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
b9f8974c6c Document mbedtls_calloc zeroization 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
David Horstmann
4506e7de61 Move clarification to a separate note 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-27 12:20:32 +01:00
David Horstmann
5dbe17de36 Add PSA_JPAKE_FINISHED to EXPECTED_{IN,OUT}PUTS() 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-27 10:30:28 +01:00
Dave Rodgman
47a2ac1c25 Fix incorrectly named macro 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-26 18:39:42 +01:00
Dave Rodgman
5734bb99cc Fix PSA_HMAC_MAX_HASH_BLOCK_SIZE and PSA_HASH_MAX_SIZE definitions 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-26 18:23:08 +01:00
Przemek Stekiel
98d79335d1 Update guards for supported groups 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-26 16:28:45 +02:00
Dave Rodgman
09822a35f5 code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-26 11:11:23 +01:00
Dave Rodgman
f66cd61daa Use more standard PSA macro names 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-26 11:02:12 +01:00