Commit graph

15895 commits

Author SHA1 Message Date
TRodziewicz
062f353804 Changes after code review
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:34:14 +02:00
TRodziewicz
caf2ae04b8 ChangeLog and migration guide added.
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:33:51 +02:00
TRodziewicz
cc7074128a Remove MBEDTLS_CHECK_PARAMS option
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:33:32 +02:00
Ronald Cron
875b5fb7fa Refactor optional parameter check tests
Remove tests related to NULL pointers,
keep tests related to invalid enum values.
Remove test code related to MBEDTLS_CHECK_PARAMS.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:27:14 +02:00
Ronald Cron
142c205ffc
Merge pull request #4513 from Patater/psa-without-genprime-fix
psa: Support RSA signature without MBEDTLS_GENPRIME
2021-05-27 14:19:24 +02:00
Manuel Pégourié-Gonnard
f3bacd72d2
Merge pull request #4476 from TRodziewicz/Remove__SSL_DTLS_BADMAC_LIMIT_option
Remove _SSL_DTLS_BADMAC_LIMIT option
2021-05-27 09:41:34 +02:00
TRodziewicz
a86c312d92 Addition of the migration guide entry.
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-26 15:29:36 +02:00
TRodziewicz
5c251c6a5e Add the ChangeLog file
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-26 13:36:40 +02:00
TRodziewicz
46cccb8f39 _SSL_DTLS_BADMAC_LIMIT config.h option removed
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-26 13:36:21 +02:00
Gilles Peskine
b7abba28e3
Merge pull request #4515 from tom-daubney-arm/remove_rsa_mode_params_2
Remove rsa mode params part 2
2021-05-25 20:36:33 +02:00
Gilles Peskine
8a5304d446
Merge pull request #4553 from gilles-peskine-arm/aria_alt-3.0
Fix ARIA_ALT header and self-test and CAMELLIA_ALT self-test
2021-05-25 20:32:40 +02:00
Thomas Daubney
731b952b69 Additional corrections to ChangeLog
Commit makes further corrections to the
wording in the ChangeLog entry.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-25 16:26:24 +01:00
Dave Rodgman
86d1d7487a
Merge pull request #4495 from TRodziewicz/remove_support_for_(D)TLS_1.0_and_1.1
Remove support for (d)tls 1.0 and 1.1
2021-05-25 15:59:34 +01:00
Thomas Daubney
6f966112c7 Corrections to ChangeLog and Migration guide
Corrections to address wording of ChangeLog
and Migration guide.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-25 15:00:19 +01:00
Gilles Peskine
0e1f05d34b Changelog entry for the ARIA_ALT and CAMELLIA_ALT fixes
Fix ARMmbed/mbed-os#14694

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 15:33:14 +02:00
Gilles Peskine
c537aa83f4 CAMELLIA: add missing context init/free
This fixes the self-test with alternative implementations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 09:23:10 +02:00
Gilles Peskine
be89fea1a7 ARIA: add missing context init/free
This fixes the self-test with alternative implementations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 09:23:10 +02:00
Gilles Peskine
59392b0075 Fix misplaced extern "C" affecting MBEDTLS_ARIA_ALT
Reported via Mbed OS:
https://github.com/ARMmbed/mbed-os/issues/14694

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-25 09:23:10 +02:00
Thomas Daubney
3ca92b182c Re-wording of Migration guide entry
Commit re-words the migration guide
entry as requested in review.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-24 14:11:39 +01:00
TRodziewicz
9d1ce40898 Additional corrections
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-24 14:07:17 +02:00
TRodziewicz
4ca18aae38 Corrections after the code review
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-24 13:38:00 +02:00
TRodziewicz
d807060e0a Addition of migration guide and corrections to the ChangeLog file
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-24 12:50:51 +02:00
TRodziewicz
97e41723fa Remove the _SSL_FALLBACK_ tests
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-24 12:50:42 +02:00
TRodziewicz
6370dbeb1d Remove the _SSL_FALLBACK_ parts
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-24 12:49:59 +02:00
TRodziewicz
2d8800e227 Small corrections in the comments
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-24 12:49:24 +02:00
TRodziewicz
b5850c5216 Correction of too restrictive ssl cli minor check
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-24 12:49:15 +02:00
TRodziewicz
ef73f01927 Removing strayed dtls1 after doing tests
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-24 12:49:04 +02:00
TRodziewicz
55bd84bebc Correction to the ssl client/server usage comment.
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-24 12:48:40 +02:00
TRodziewicz
28126050f2 Removal of constants and functions and a new ChangeLog file
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-24 12:48:12 +02:00
TRodziewicz
0f82ec6740 Remove the TLS 1.0 and 1.1 support
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-24 12:45:20 +02:00
Thomas Daubney
2fbbe1d2fe Corrections to ChangeLog and Migration guide
This commit fixes typos and re-words
the migration guide. It also adds
the issue number to the ChangeLog.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-24 10:53:57 +01:00
Thomas Daubney
f54c5c5547 Fixes typo
Commit fixes typo in rsa.h found in review.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-21 17:05:21 +01:00
Thomas Daubney
62b0d1dbc8 Adds ChangeLog and Migration guide entry
Commit adds relevant entry to the
ChangeLog and to the
Migration guide.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-21 17:05:12 +01:00
Ronald Cron
f823722af4
Merge pull request #4532 from gilles-peskine-arm/host_test-int32-3.0
Fix build error in host_test.function when int32_t is not int
2021-05-21 16:02:28 +02:00
Thomas Daubney
d58ed587fd Restores erroneously removed checks
Some padding checks in rsa.c were
erroneously removed in a previous
commit and are restored in this
commit.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-21 11:50:39 +01:00
Thomas Daubney
2c65db9655 Corrects documentation in rsa.h
Some documentation in rsa.h was
still incorrect regarding f_rng
being mandatory. This has now
been corrected.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-21 10:58:28 +01:00
Janos Follath
7fc487c4d6
Merge pull request #4347 from hanno-arm/ssl_session_cache_3_0
Add session ID as an explicit parameter to SSL session cache API
2021-05-21 09:28:55 +01:00
Manuel Pégourié-Gonnard
ea047c8590
Merge pull request #4429 from gilles-peskine-arm/openssl-dhparam-robustness-3.0
Fix SSL tests scripts with recent OpenSSL server with Diffie-Hellman
2021-05-21 10:16:38 +02:00
Manuel Pégourié-Gonnard
59c4412767
Merge pull request #4497 from netfoundry/fix-mingw-build-development
Use proper formatting macros when using MinGW provided stdio
2021-05-21 10:03:26 +02:00
Ronald Cron
ca72287583
Merge pull request #4304 from mstarzyk-mobica/convert_NO_SHA384_to_positive
Modify config option for SHA384.
2021-05-21 08:04:33 +02:00
Jaeden Amero
424fa93efd psa: Support RSA signature without MBEDTLS_GENPRIME
On space-constrained platforms, it is a useful configuration to be able
to import/export and perform RSA key pair operations, but to exclude RSA
key generation, potentially saving flash space. It is not possible to
express this with the PSA_WANT_ configuration system at the present
time. However, in previous versions of Mbed TLS (v2.24.0 and earlier) it
was possible to configure a software PSA implementation which was
capable of making RSA signatures but not capable of generating RSA keys.
To do this, one unset MBEDTLS_GENPRIME.

Since the addition of MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR, this
expressivity was lost. Expressing that you wanted to work with RSA key
pairs forced you to include the ability to generate key pairs as well.

Change psa_crypto_rsa.c to only call mbedtls_rsa_gen_key() if
MBEDTLS_GENPRIME is also set. This restores the configuration behavior
present in Mbed TLS v2.24.0 and earlier versions.

It left as a future exercise to add the ability to PSA to be able to
express a desire for a software or accelerator configuration that
includes RSA key pair operations, like signature, but excludes key pair
generation.

Without this change, linker errors will occur when attempts to call,
which doesn't exist when MBEDTLS_GENPRIME is unset.
    psa_crypto_rsa.c.obj: in function `rsa_generate_key':
    psa_crypto_rsa.c:320: undefined reference to `mbedtls_rsa_gen_key'

Fixes #4512

Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
2021-05-20 17:08:59 +01:00
Jaeden Amero
ff143c0a34 psa: Add missing RSA test dependency
The test "PSA generate key: RSA, 1024 bits, good, encrypt (OAEP
SHA-256)" had a dependency on MBEDTLS_GENPRIME, but this was not listed
in the dependencies. Add MBEDTLS_GENPRIME to the test's dependencies to
ensure it has what it needs to run.

Signed-off-by: Jaeden Amero <jaeden.amero@arm.com>
2021-05-20 17:08:59 +01:00
Gilles Peskine
e913174c8a
Merge pull request #4543 from gilles-peskine-arm/undefined-reference-3.0
Fix missing compilation guard around psa_crypto_driver_wrappers.c
2021-05-20 17:20:31 +02:00
Thomas Daubney
03412787e1 Modifies documentation in rsa.h
Changes to documentation to show that
f_rng is no longer going to be
optional in 3.0.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-20 15:31:17 +01:00
Gilles Peskine
3248be4b3a
Merge pull request #4462 from netfoundry/gcc11.fixes
build with gcc11
2021-05-20 15:54:23 +02:00
Gilles Peskine
f4c1d58607
Merge pull request #4453 from facchinm/crt_in_filesystem_mbed_os
mbed-os: allow storing certificates in filesystem
2021-05-20 15:53:47 +02:00
Ronald Cron
49fef37ebf
Merge pull request #4342 from gilles-peskine-arm/gcm-update-any-length
GCM: allow arbitrary lengths for update
Only the ABI-API-checking job failed and this is expected thus good to go.
2021-05-20 15:08:55 +02:00
Mateusz Starzyk
17011a3185 Merge branch 'development' into convert_NO_SHA384_to_positive
Conflicts:
	library/version_features.c
	programs/test/query_config.c

Files were removed in development branch and modified by current branch.
Conflicts fixes by removing them.
2021-05-20 14:18:12 +02:00
Mateusz Starzyk
3489cc1433 Improve migration guide for SHA384 option
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-20 13:52:48 +02:00
Thomas Daubney
f505b0e307 Removes unused variables in test_suite_rsa.function
CI was failing on check_params due to
MBEDTLS_RSA_PRIVATE being assigned to a now
superfluous variable. The variable has been
as well as another superfluous variable.
This should correct the CI issue.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2021-05-20 12:20:55 +01:00