mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-12 12:40:52 +00:00

Author	SHA1	Message	Date
Dave Rodgman	7e5b7f91ca	Fix error in ctr_drbg Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 17:28:25 +00:00
Dave Rodgman	46697da5b3	Make gcm counter increment more efficient Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	174eeff235	Save 14 bytes in CTR-DRBG Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	591ff05384	Use optimised counter increment in AES-CTR and CTR-DRBG Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	b49cf1019d	Introduce mbedtls_ctr_increment_counter Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Ryan Everett	1d32a57764	Revert change to psa_destroy_key documentation Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:27:58 +00:00
Ryan Everett	709120a9ce	Revert change to return behaviour in psa_reserve_free_key_slot This change was a mistake, we still need to wipe the pointers here. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:50 +00:00
Ryan Everett	dfe8bf86a8	Return CORRUPTION_DETECTED instead of BAD_SLOT when the slot's state is wrong These error codes are only returned if the program has been tampered with, so they should be CORRUPTION_DETECTED. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:50 +00:00
Ryan Everett	4755e6bda4	Relax psa_wipe_key_slot to allow states other than SLOT_PENDING_DELETION psa_wipe_key_slot can now be called on a slot in any state, if the slot's state is PSA_SLOT_FULL or PSA_SLOT_PENDING_DELETION then there must be exactly 1 registered reader. Remove the state changing calls that are no longer necessary. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:35 +00:00
Dave Rodgman	c4f984f2a5	Iterate in 16-byte chunks Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:20:19 +00:00
Valerio Setti	5bb454aace	psa_crypto: allow asymmetric encryption/decryption also with opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 10:43:16 +01:00
Tom Cosgrove	bc5d9165ae	Merge pull request #8554 from yanrayw/issue/8221/fix-tls-suiteB-profile TLS: remove RSA signature algorithms in `suite B` profile	2024-01-12 14:34:28 +00:00
Tom Cosgrove	f1ba1933cf	Merge pull request #8526 from yanrayw/issue/7011/send_record_size_limit_ext TLS1.3: SRV/CLI: add support for sending Record Size Limit extension	2024-01-12 13:39:15 +00:00
Waleed Elmelegy	f0ccf46713	Add minor cosmetic changes to record size limit changelog and comments Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-12 10:52:45 +00:00
Ronald Cron	ae2213c307	Merge pull request #8414 from lpy4105/issue/uniform-ssl-check-function Harmonise the names and return values of check functions in TLS code	2024-01-11 13:51:39 +00:00
Ronald Cron	7c14afcaaa	Merge pull request #8595 from yanrayw/issue/8593/srv-CH-fix-version-check TLS1.3: SRV: check `min_tls_version` when parsing ClientHello	2024-01-11 13:34:09 +00:00
Valerio Setti	19ec9e4f66	psa_crypto_ecp: remove support for secp224k1 Since this curve is not supported in PSA (and it will not ever be in the future), we save a few bytes. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-11 07:07:14 +01:00
Paul Elliott	f149cd1a3a	Merge pull request #8688 from jwinzig-at-hilscher/development Fix bug in mbedtls_x509_set_extension	2024-01-10 16:57:16 +00:00
Waleed Elmelegy	3ff472441a	Fix warning in ssl_tls13_generic.c Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:28 +00:00
Waleed Elmelegy	f501790ff2	Improve comments across record size limit changes Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:28 +00:00
Waleed Elmelegy	fbe42743eb	Fix issue in checking in writing extensions Fix issue in checking if server received record size limit extension. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	e1ac98d888	remove mbedtls_ssl_is_record_size_limit_valid function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	d2fc90e024	Stop sending record size limit extension if it's not sent from client Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	148dfb6457	Change record size limit writing function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	47d2946943	tls13: server: write Record Size Limit ext in EncryptedExtensions - add the support in library - update corresponding test cases. Signed-off-by: Yanray Wang <yanray.wang@arm.com> Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Yanray Wang	42017cd4c9	tls13: cli: write Record Size Limit ext in ClientHello - add the support in library - update corresponding test case Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2024-01-10 16:17:27 +00:00
Yanray Wang	faf70bdf9d	ssl_tls13_generic: check value of RecordSizeLimit in helper function Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2024-01-10 16:17:27 +00:00
Yanray Wang	a8b4291836	tls13: add generic function to write Record Size Limit ext Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2024-01-10 16:17:27 +00:00
Jonathan Winzig	5caf20ea80	Update fix to be more platform-independent Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>	2024-01-09 16:41:10 +01:00
Tom Cosgrove	3a6059beca	Merge pull request #7455 from KloolK/record-size-limit/comply-with-limit Comply with the received Record Size Limit extension	2024-01-09 15:22:17 +00:00
Jonathan Winzig	05c722bfd0	Fix Issue #8687 Signed-off-by: Jonathan Winzig <jwinzig@hilscher.com>	2024-01-09 15:20:03 +01:00
Valerio Setti	39faa9cad4	psa_util: rename parameter of mbedtls_ecc_group_from_psa The new name better reflects the fact that the 1st parameter is just the EC family and not the curve. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:53 +01:00
Valerio Setti	0d438fa390	psa_crypto_ecp: fix comment for secp224k1 in check_ecc_parameters Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	7863627bd6	psa_util: remove support for secp224k1 in EC conversion functions Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	65df79303f	psa_crypto_ecp: return unsupported for secp224k1 in check_ecc_parameters() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	0bc8598d20	psa_util: properly handle secp224r1 private key size Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	0e608807e3	psa: let mbedtls_ecc_group_from_psa() accept only exact bit lengths Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	673868be5d	psa_crypto_ecp: add helper for checking EC parameters This commit also updates "test_suite_psa_crypto.data" replacing PSA_ERROR_NOT_SUPPORTED with PSA_ERROR_INVALID_ARGUMENT when a wrong bit size is provided while importing key. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	d36c313b53	psa: remove bits_is_sloppy parameter from mbedtls_ecc_group_from_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	ddba51e6c9	psa: rename "mbedtls_ecc_group_of_psa" to "mbedtls_ecc_group_from_psa" Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 13:41:52 +01:00
Valerio Setti	dd2afcd881	Revert "psa_util: add algorithm's availability checks for MD conversion functions" This reverts commit 3d2e0f5f42b9ac646f63d67e442f4af0f8a3fe4f. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 08:41:29 +01:00
Manuel Pégourié-Gonnard	4aad0ff510	Merge pull request #8632 from valeriosetti/issue8598 [G5] Make block_cipher work with PSA	2024-01-08 08:07:53 +00:00
Waleed-Ziad Maamoun-Elmelegy	e2d3db5cfc	Update mbedtls_ssl_get_output_record_size_limit signature Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Waleed-Ziad Maamoun-Elmelegy <122474370+waleed-elmelegy-arm@users.noreply.github.com>	2024-01-05 14:19:16 +00:00
Ryan Everett	6a9c14b918	Update mbedtls_psa_get_stats Uses readers to report "locked_slots", and slot state empty to report "empty_slots". Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	6cd2b8db96	Update psa_wipe_all_key_slots This will still wipe the slot regardless of state/readers. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	1b70a07eca	Replace psa_unlock_key_slot calls in operations which act on FULL slots Replaces calls to psa_unlock_key_slot with calls to psa_unregister_read. All instances follow a pattern of a call to psa_get_and_lock_key_slot_X, followed by some code which reads from a slot, followed by a call to psa_unregister_read. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	eb27dc0f3a	Update psa_load_X_key_into_slot These functions (on success) take a slot from PSA_SLOT_FILLING to PSA_SLOT_FULL. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	c70ce576bd	Update psa_destroy_key, psa_purge_key and psa_close_key This does not yet implement destruction while a key is in use for psa_destroy_key; that will be implemented in a separate pr. (I am not sure if I am allowed to change the documentation in the include files.) Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	098c6659ad	Update psa_get_and_lock_key_slot_X functions Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00
Ryan Everett	b69118ebd0	Update key creation functions to use the new key slot states Update psa_start_key_creation, psa_finish_key_creation and psa_fail_key_creation. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-04 16:57:48 +00:00

1 2 3 4 5 ...

12714 Commits