mbedtls

Author	SHA1	Message	Date
Gilles Peskine	0c3a071300	Make psa_key_derivation_setup return early if the key agreement is not supported Otherwise the systematically generated algorithm-not-supported tests complain when they try to start an operation and succeed. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-05 15:00:01 +02:00
Gilles Peskine	0cc417d34b	Make psa_key_derivation_setup return early if the hash is not supported Otherwise the systematically generated algorithm-not-supported tests complain when they try to start an operation and succeed. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-05 14:58:39 +02:00
Gilles Peskine	9efde4f2ec	Simplify is_kdf_alg_supported in psa_key_derivation_setup_kdf No behavior change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-05 14:57:20 +02:00
Dave Rodgman	2cecd8aaad	Merge pull request #3624 from daxtens/timeless RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test	2022-03-15 16:43:19 +00:00
Dave Rodgman	868d38f50f	Merge pull request #5547 from tom-cosgrove-arm/seclib-667-sha256-acceleration-mbedtls-internal SECLIB-667: Accelerate SHA-256 with A64 crypto extensions	2022-03-14 12:57:37 +00:00
Manuel Pégourié-Gonnard	c11bffe989	Merge pull request #5139 from mprse/key_der_ecc PSA: implement key derivation for ECC keys	2022-03-14 09:17:13 +01:00
Gilles Peskine	81d903f5aa	Merge pull request #5510 from SiliconLabs/feature/PSEC-3269-MD-X.509-hashing feat: MD: X.509 hashing	2022-03-10 20:16:43 +01:00
Gilles Peskine	afb482897b	Merge pull request #5292 from mprse/asym_encrypt Driver dispatch for PSA asymmetric encryption + RSA tests	2022-03-10 20:07:38 +01:00
Manuel Pégourié-Gonnard	10e5cdbbbf	Merge pull request #5454 from gstrauss/cert_cb-user_data server certificate selection callback	2022-03-10 11:51:42 +01:00
Paul Elliott	17f452aec4	Merge pull request #5448 from lhuang04/tls13_alpn Port ALPN support for tls13 client from tls13-prototype	2022-03-08 17:53:38 +00:00
Manuel Pégourié-Gonnard	d815114f93	Merge pull request #5524 from mprse/tls_ecdh_2c TLS ECDH 2c: ECHDE in TLS 1.3 (client-side)	2022-03-08 11:43:45 +01:00
Przemek Stekiel	c85f0912c4	psa_crypto.c, test_suite_psa_crypto.function: fix style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-08 11:37:54 +01:00
Gilles Peskine	44311f5c98	Merge pull request #5571 from superna9999/5162-pk-rsa-signing PK: RSA signing	2022-03-07 17:09:14 +01:00
Gilles Peskine	15364ffb03	Merge pull request #5579 from SiliconLabs/erase_secret_before_free Erase secrets in allocated memory before freeing said memory	2022-03-07 17:04:04 +01:00
pespacek	b9ca22dead	Improving readability of x509_crt and x509write_crt for PR Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-03-07 13:59:44 +01:00
pespacek	d924e55944	Improving readability of x509_crt and x509write_crt Signed-off-by: pespacek <peter.spacek@silabs.com>	2022-03-07 13:31:54 +01:00
Przemek Stekiel	7fc0751f78	Restore build options for mbedtls_ecc_group_of_psa() and related functions Additional issue created to simplifiy usage of BUILTIN_KEY_TYPE_xxx && BUILTIN_ALG_yy macros https://github.com/ARMmbed/mbedtls/issues/5596 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-06 20:43:46 +01:00
Andrzej Kurek	09e803ce0d	Provide a dummy implementation of timing.c Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Andrzej Kurek	108bf520e0	Add a missing guard for time.h in net_sockets.c Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Daniel Axtens	f071024bf8	Do not include time.h without MBEDTLS_HAVE_TIME MBEDTLS_HAVE_TIME is documented as: "System has time.h and time()." If that is not defined, do not attempt to include time.h. A particular problem is platform-time.h, which should only be included if MBEDTLS_HAVE_TIME is defined, which makes everything messier. Maybe it should be refactored to have the check inside the header. Signed-off-by: Daniel Axtens <dja@axtens.net>	2022-03-04 05:07:45 -05:00
Neil Armstrong	db69c5213f	Use new PSA to mbedtls PK error mapping functions in rsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:41:23 +01:00
Neil Armstrong	66fa769ae8	Fix 80 characters indentation in rsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	4b1a059f7d	Use now shared RSA_PRV_DER_MAX_BYTES define in pk_wrap.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	48a9833cdf	Check psa_destroy_key() return in rsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	e4f28688fd	Fix comment typo in rsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Neil Armstrong	9854568204	PK: RSA signing PSA wrap implementation Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-03 16:39:39 +01:00
Gilles Peskine	1f13e984ad	Merge pull request #5529 from superna9999/5514-translate-psa-errs-to-mbedtls Rename, move and refine PSA to mbedtls PK errors mappings	2022-03-03 13:30:29 +01:00
Gilles Peskine	d929dbbb25	Merge pull request #5368 from mfil/feature/additional_md_getters Add function to get message digest info from context	2022-03-02 16:44:26 +01:00
Gilles Peskine	e8c8300190	Merge pull request #5581 from superna9999/pk-move-rename-rsa-ec-key-sizes Move max sizes of RSA & EC DER keys into public header	2022-03-02 16:41:53 +01:00
Przemek Stekiel	e894c5c4a5	Fix code style (indentation) in ssl_tls13_generate_and_write_ecdh_key_exchange() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-02 08:45:56 +01:00
Paul Elliott	06898650f9	Merge pull request #5471 from yuhaoth/pr/add-tls13-client-certificate-verify TLS1.3: Add write client Certificate and CertificateVerify	2022-03-01 18:42:00 +00:00
Przemek Stekiel	15565eeb59	Move publick key check out of MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 17:01:39 +01:00
Neil Armstrong	19915c2c00	Rename error translation functions and move them to library/pk_wrap.* Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 15:21:02 +01:00
Przemek Stekiel	a81aed2dae	Clean up init values of psa crypto status and fix switch default case Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 15:13:30 +01:00
Przemek Stekiel	f110dc05be	Clenup conditional compilation flags. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 14:48:05 +01:00
Przemek Stekiel	dcab6ccb3b	Return PSA_ERROR_INVALID_ARGUMENT for a public key, and PSA_ERROR_NOT_SUPPORTED for a type that is not handled. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-01 14:29:49 +01:00
Neil Armstrong	0f49f83625	Use now shared ECP_PUB_DER_MAX_BYTES define in pk_wrap.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 10:05:33 +01:00
Neil Armstrong	e9ecd27890	Rename max sizes of RSA & EC DER keys defines Rename to match the required pattern of defines: '^(MBEDTLS\|PSA)_[0-9A-Z_]*[0-9A-Z]$' Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 10:03:21 +01:00
Neil Armstrong	e0326a6acc	Move max sizes of RSA & EC DER keys into private pkwrite.h Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-01 09:58:58 +01:00
Glenn Strauss	6989407261	Add accessor to retrieve SNI during handshake Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 19:55:53 -05:00
Glenn Strauss	36872dbd0b	Provide means to reset handshake cert list Extend mbedtls_ssl_set_hs_own_cert() to reset handshake cert list if cert provided is null. Previously, mbedtls_ssl_set_hs_own_cert() only provided a way to append to the handshake certificate list, without providing a way to replace the handshake certificate list. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 19:55:48 -05:00
Glenn Strauss	2ed95279c0	Add server certificate selection callback https://github.com/ARMmbed/mbedtls/issues/5430 Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 17:31:49 -05:00
Steven Cooreman	cd5be32191	Erase secrets in allocated memory before freeing said memory Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>	2022-02-25 11:14:59 +01:00
Andrzej Kurek	a0237f86d3	Add missing key destruction calls in ssl_write_client_key_exchange Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-02-25 04:36:40 -05:00
Tom Cosgrove	7e7aba8c9d	Rename mbedtls_a64_crypto_sha256_check_support() to mbedtls_a64_crypto_sha256_determine_support() The Mbed TLS coding standard specifies that "check" functions must return 0 for success (i.e. feature present), while "has" functions should return 1 for true. Since we were using "check" to do the actual check, and "has" to get the cached value, having inverted values here would be confusing. Therefore, rename "check" to "determine", as that's what those functions are doing. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-02-24 08:33:11 +00:00
Jerry Yu	71f36f1d2e	change alert message type Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-23 17:34:29 +08:00
Jerry Yu	0b7b101b3b	fix warnings Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-23 12:26:48 +08:00
Jerry Yu	2ff6ba1df0	Remove rsa_pss_rsae_sha256 support. Sign rsa is not thread safe. Remove it from current code. And a thread-safe version should be re-introduce in future. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-23 10:38:25 +08:00
Przemyslaw Stekiel	91ebfc0402	Adapt compilation flags for ECC key derivation Use conditional compilation flags for building ECC key derivation code consistent with flags used for mbedtls_ecc_group_of_psa(). Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-22 15:50:30 +01:00
Neil Armstrong	3f9cef4547	Remove actual and use new PSA to mbedtls PK errors mapping functions Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-02-22 15:44:39 +01:00

1 2 3 4 5 ...

8246 commits