Valerio Setti
0f6d565d26
pk: return PK_USE_PSA_EC_DATA to pk.h
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 07:05:47 +02:00
Valerio Setti
7c494e7211
pk: move PK_HAVE_ECC_KEYS to build_info.h
...
This is usefuls to use PK_HAVE_ECC_KEYS in check_config.h instead
of redefining it twice in different ways.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 07:05:47 +02:00
Manuel Pégourié-Gonnard
7dccb66d49
test: disable RSA support on the test ecc_no_bignum component
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-08-10 06:43:23 +02:00
Gilles Peskine
f11cfecb6b
Merge pull request #7998 from gilles-peskine-arm/MBEDTLS_PSA_CRYPTO_CONFIG-less_experimental
...
MBEDTLS_PSA_CRYPTO_CONFIG is ready for production
2023-08-08 09:04:57 +00:00
Gilles Peskine
a79256472c
Merge pull request #7788 from marekjansta/fix-x509-ec-algorithm-identifier
...
Fixed x509 certificate generation to conform to RFCs when using ECC key
2023-08-07 19:14:54 +00:00
Dave Rodgman
003a5e1ca7
Merge pull request #1046 from Mbed-TLS/merge_3.4.1
...
Merge 3.4.1
2023-08-03 18:23:37 +01:00
Dave Rodgman
a0fc9987da
Merge branch 'development' into merge_3.4.1
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-08-03 15:56:59 +01:00
Dave Rodgman
6f80ac4979
Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size
...
Enforce minimum key size when generating RSA key size
2023-08-03 12:57:52 +00:00
Dave Rodgman
9a3ded10b7
Merge remote-tracking branch 'gilles-peskine-arm/3.4.0-updated-certs' into mbedtls-3.4.1rc0-pr
2023-08-03 12:00:31 +01:00
David Horstmann
df28b8d2ea
Add space to appease doxygen bug
...
See doxygen/doxygen#8706
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-08-02 16:06:32 +02:00
Gilles Peskine
550d147078
Bump version to 3.4.1
...
```
./scripts/bump_version.sh --version 3.4.1
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-08-02 12:50:23 +02:00
Gilles Peskine
267bee9be8
Merge pull request #7903 from valeriosetti/issue7773
...
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/DH
2023-08-02 10:16:44 +00:00
Bence Szépkúti
895074e3f9
Merge pull request #8002 from valeriosetti/issue7904
...
PSA maximum size macro definitions should take support into account
2023-08-02 05:57:28 +00:00
Gilles Peskine
d55e451b3e
Merge pull request #7997 from yanesca/fix_new_bignum_tests
...
Fix new bignum tests
2023-08-01 12:09:39 +00:00
Janos Follath
e416f03c8f
Improve wording of MBEDTLS_ECP_WITH_MPI_UINT doc
...
Use the standard "experimental" word in the description and make the
wording more similar to other experimental warnings.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-08-01 08:44:40 +01:00
Manuel Pégourié-Gonnard
de8f56e936
Merge pull request #7884 from valeriosetti/issue7612
...
TLS: Clean up (EC)DH dependencies
2023-08-01 07:13:36 +00:00
Janos Follath
2f04582d37
Move MBEDTLS_ECP_WITH_MPI_UINT to mbedtls_config.h
...
There is a precedent for having bigger and less mature options in
mbedtls_config.h (MBEDTLS_USE_PSA_CRYPTO) for an extended period.
Having this option in mbedtls_config.h is simpler and more robust.
Signed-off-by: Janos Follath <janos.follath@arm.com>
2023-07-31 10:57:16 +01:00
Valerio Setti
43c5bf4f88
crypto_sizes: use PSA_WANT_ALG for MAX signatures and key agreement sizes
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-31 11:35:48 +02:00
Valerio Setti
8b27decc6a
Revert "crypto_sizes: check also if DH is enabled for PSA_SIGNATURE_MAX_SIZE"
...
This reverts commit 478c236938
.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-31 11:35:42 +02:00
Valerio Setti
9cd8011978
tls: fix definition of symbol KEY_EXCHANGE_SOME_XXDH_PSA_ANY
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-28 16:46:55 +02:00
Valerio Setti
478c236938
crypto_sizes: check also if DH is enabled for PSA_SIGNATURE_MAX_SIZE
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-28 16:05:53 +02:00
Manuel Pégourié-Gonnard
43cef57e51
Merge pull request #7811 from mpg/md-info
...
Optimize strings in MD
2023-07-28 08:34:09 +00:00
Valerio Setti
c012a2de7c
crypto_sizes: change initial MAX_SIZE value to 1
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-28 09:34:44 +02:00
Valerio Setti
644e01d767
crypto_sizes: fix typo
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-28 09:31:51 +02:00
Valerio Setti
a83d9bf0db
crypto_sizes: size PSA max symbols according to actual support
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-27 18:15:20 +02:00
Waleed Elmelegy
d7bdbbeb0a
Improve naming of mimimum RSA key size generation configurations
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 14:50:09 +00:00
Gilles Peskine
25b4e72d6e
MBEDTLS_PSA_CRYPTO_CONFIG is ready for production
...
It's ok if people use MBEDTLS_PSA_CRYPTO_CONFIG: it's not unstable or
unpredictable. But we still reserve the right to make minor changes
(e.g. https://github.com/Mbed-TLS/mbedtls/issues/7439 ).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-27 15:09:24 +02:00
Waleed Elmelegy
3d158f0c28
Adapt tests to work on all possible minimum RSA key sizes
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 11:03:35 +00:00
Waleed Elmelegy
ab5707185a
Add a minimum rsa key size config to psa config
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 11:00:03 +00:00
Waleed Elmelegy
76336c3e4d
Enforce minimum key size when generating RSA key size
...
Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-07-27 10:58:25 +00:00
Manuel Pégourié-Gonnard
0fda0d2e5c
Fix overly specific description in public doc
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-07-27 12:22:52 +02:00
Valerio Setti
9c5c2a4b71
crypto_legacy: fix initial comment
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-27 11:11:19 +02:00
Gilles Peskine
7ef14bf8a2
Merge pull request #7835 from gilles-peskine-arm/ssl_premaster_secret-empty-3.4
...
Fix empty union when TLS is disabled
2023-07-27 08:28:21 +00:00
Valerio Setti
a55f042636
psa: replace DH_KEY_PAIR_LEGACY with new symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-27 09:15:34 +02:00
Paul Elliott
f1c032adba
Merge pull request #7902 from valeriosetti/issue7772
...
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/RSA
2023-07-25 17:13:43 +01:00
Valerio Setti
ea59c43499
tls: fix a comment a rename a variable/symbol
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 11:14:03 +02:00
Valerio Setti
d0371b0a08
debug: keep ECDH_C guard for debug printf accessing ecdh_context's items
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 10:57:01 +02:00
Ronald Cron
87f62850f3
Merge pull request #7893 from ronald-cron-arm/misc-from-psa-crypto
...
Miscellaneous fixes resulting from the work on PSA-Crypto
2023-07-21 10:54:41 +02:00
Dave Rodgman
ed70fd0c39
Merge pull request #5549 from AndrzejKurek/doxygen-bad-param-names
...
Fix wrong doxygen parameter names and misused `\p` commands
2023-07-20 14:10:10 +01:00
Manuel Pégourié-Gonnard
c844c1a771
Merge pull request #7546 from mpg/align-psa-md-identifiers
...
Align psa md identifiers
2023-07-20 11:34:28 +02:00
Dave Rodgman
6dd40642e8
Merge pull request #7932 from AgathiyanB/add-mpi-uint-size-macro
...
Use compile-time determination of which __builtin_clz() to use, with new MBEDTLS_MPI_UINT_SIZE macro
2023-07-19 14:57:39 +01:00
Agathiyan Bragadeesh
eed55c6c94
Use defined macros for MBEDTLS_MPI_UINT_MAX
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-19 11:08:02 +01:00
Dave Rodgman
5f65acb02b
Merge pull request #7859 from gilles-peskine-arm/mbedtls_mpi-smaller
...
Reduce the size of mbedtls_mpi
2023-07-18 16:48:37 +01:00
Gilles Peskine
24a305ec22
Explain why we check 65535 (not USHORT_MAX)
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-18 13:53:07 +02:00
Manuel Pégourié-Gonnard
828b3acd6b
Merge pull request #7848 from valeriosetti/issue7749
...
driver-only ECC: EPCf.TLS testing
2023-07-18 10:33:21 +02:00
Agathiyan Bragadeesh
197565062a
Make consistent suffix MBEDTLS_MPI_UINT_MAX
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-17 16:43:19 +01:00
Agathiyan Bragadeesh
900e20d3a2
Change MBEDTLS_MPI_UINT_MAX suffix
...
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Agathiyan Bragadeesh <48658345+AgathiyanB@users.noreply.github.com>
2023-07-17 16:27:21 +01:00
Ronald Cron
170c199829
Align guards of Windows specific configuration checks
...
In check_config.h, align the guards of Windows
specific configuration checks with the ones used
in platform.h.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-07-17 11:53:20 +02:00
Ronald Cron
03ea8f8d0a
Add dependency of builtin CCM* on builtin cipher
...
Add missing dependency of the unauthenticated
cipher CCM* without tag builtin implementation
on builtin cipher.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-07-17 11:52:32 +02:00
Agathiyan Bragadeesh
09a455e21a
Add macros for mpi uint max sizes
...
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
2023-07-14 14:07:18 +01:00