Valerio Setti
19fec5487d
test: remove GENPRIME dependency when RSA_KEY_PAIR_GENERATE
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 12:31:50 +02:00
Valerio Setti
fe478909f0
psa_crypto_rsa: fix guards for importing the key
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-25 12:27:19 +02:00
Valerio Setti
7e6aaa1ea5
psa: fix missed LEGACY symbols caused by the rebase
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 16:59:21 +02:00
Valerio Setti
980383421a
config_psa: enable KEY_PAIR_GENERATE only when GENPRIME is defined
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 16:32:50 +02:00
Valerio Setti
76df8c1900
psa: remove redundant GENPRIME when RSA_KEY_PAIR_GENERATE is defined
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 14:11:28 +02:00
Valerio Setti
0d5c5e5a38
config_psa: enable KEY_PAIR_[IMPORT/EXPORT] as soon as BASIC is enabled
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 14:06:00 +02:00
Valerio Setti
a9a3c5581e
config_psa: enable GENPRIME when BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 14:06:00 +02:00
Valerio Setti
42796e25cf
generate_psa_tests: fix automatically generated tests for RSA
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 14:06:00 +02:00
Valerio Setti
acab57b6b4
test: replace RSA_KEY_PAIR_LEGACY with proper symbols
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 14:06:00 +02:00
Valerio Setti
b2bcedbf9a
library: replace MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_LEGACY
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 14:06:00 +02:00
Valerio Setti
f6d4dfb745
library: replace PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY symbols with proper ones
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 14:06:00 +02:00
Dave Rodgman
4999f15d98
Merge pull request #7878 from beni-sandu/development
...
aesce: use correct target attribute when building with clang
2023-07-11 10:54:14 +01:00
Gilles Peskine
19280ad9b3
Merge pull request #7908 from gilles-peskine-arm/ssl-opt-fix-hrr-test-curves-groups
...
Fix failure of ssl-opt "TLS 1.3: no HRR in case of PSK key exchange mode"
2023-07-11 11:25:26 +02:00
Gilles Peskine
b387fcf59b
Adapt names (curves -> groups) in a separately added test case
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-11 09:19:13 +02:00
Gilles Peskine
6aca2c9613
Merge pull request #7716 from mpg/psa-util-internal
...
Split psa_util.h between internal and public
2023-07-10 18:33:23 +02:00
Gilles Peskine
d9f0c76f9e
Merge pull request #7879 from tgonzalezorlandoarm/development
...
tests/test_suite_pem: Augment DES test cases with AES: PEM
2023-07-10 18:28:01 +02:00
Dave Rodgman
f3e488ec40
Merge pull request #7216 from lpy4105/issue/6840/add-getters-for-some-fields
...
Add getters for some fields
2023-07-10 17:14:11 +01:00
Manuel Pégourié-Gonnard
f614bde912
Merge pull request #7656 from mprse/ffdh_tls13_v2_drivers
...
FFDH 4: driver-only parity testing - with TLS 1.3
2023-07-10 13:08:47 +02:00
Dave Rodgman
e183ecef3d
Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases
...
Record the outcome of each test case in compat.sh
2023-07-10 12:08:32 +01:00
Manuel Pégourié-Gonnard
5c41ae867b
Merge pull request #7887 from ronald-cron-arm/fix-hrr-in-psk-kem
...
tls13: server: Fix spurious HRR
2023-07-10 09:58:13 +02:00
Pengyu Lv
5a3f5f450c
Add changelog entries
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 13:25:28 +08:00
Pengyu Lv
5cbb93ef14
Add test for cache timeout getter
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 13:25:24 +08:00
Pengyu Lv
db6143364a
Add test for endpoint getter
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Pengyu Lv
30e0870937
Add test for hostname getter
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Pengyu Lv
08daebb410
Make endpoint getter parameter a pointer to const
...
It would be convenient for users to query the endpoint
type directly from a ssl context:
```
mbedtls_ssl_conf_get_endpoint(
mbedtls_ssl_context_get_config(&ssl))
```
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Pengyu Lv
accd53ff6a
Add getter access to endpoint field in mbedtls_ssl_config
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Pengyu Lv
918ebf3975
Add getter access to hostname field in mbedtls_ssl_context
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Pengyu Lv
af724dd112
ssl_cache: Add getter access to timeout field
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Dave Rodgman
7dbd2bf90c
Merge pull request #7441 from gilles-peskine-arm/mbedtls_x509_crt_parse_path-qemu-bug
...
More mbedtls_x509_crt_parse_path() tests, and note qemu-user bug when 32-bit code run on 64-bit host
2023-07-07 19:15:31 +01:00
Paul Elliott
2dfe7993af
Merge pull request #6914 from davidhorstmann-arm/cmake-pass-through-config-defines
...
Pass `MBEDTLS_CONFIG_FILE` defines through cmake
2023-07-07 17:01:57 +01:00
Tom Cosgrove
c5f41bfeb8
Merge pull request #7212 from sergio-nsk/patch-4
...
Fix error: comparison of integers of different signs: 'SOCKET' and 'int'
2023-07-07 16:45:55 +01:00
Dave Rodgman
602a0919f3
Merge pull request #7464 from yuhaoth/pr/Change-clock-source-to-bootime-for-ms-time
...
Replace CLOCK_MONOTONIC with CLOCK_BOOTTIME for `mbedtls_ms_time` on linux
2023-07-07 15:42:17 +01:00
Manuel Pégourié-Gonnard
461d59b2f8
Merge pull request #7858 from mprse/ffdh_tls13_v2_f
...
Make use of FFDH keys in TLS 1.3 - follow-up
2023-07-07 16:19:35 +02:00
Dave Rodgman
8abb3497ad
Merge branch 'development' into mbedtls_x509_crt_parse_path-qemu-bug
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-07 15:11:35 +01:00
Ronald Cron
c75ff730cd
Add change log
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-07-07 15:53:34 +02:00
Ronald Cron
8a74f07c2a
tls13: server: Fix spurious HRR
...
If the server during a TLS 1.3 handshake selects
the PSK key exchange mode, it does not matter
if it did not find in the key share extension
a key share for a group it supports. Such a
key share is used and necessary only in the
case of the ephemeral or PSK ephemeral key
exchange mode. This is a possible scenario in
the case of a server that supports only the PSK
key exchange mode and a client that also
supports a key exchange mode with ephemeral keys.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-07-07 15:53:12 +02:00
Dave Rodgman
c4749b1c66
Merge pull request #7584 from gilles-peskine-arm/fuzz-file-open-fail
...
Fuzz programs: print an error if loading the reproducer fails
2023-07-07 11:51:59 +01:00
David Horstmann
2d3ba07bf4
Add ChangeLog entry for CMake config defines
...
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-07-07 11:25:40 +01:00
Dave Rodgman
1917ee7cd1
Merge pull request #7867 from gilles-peskine-arm/readme-python3.8
...
Officially require Python 3.8
2023-07-07 09:58:15 +01:00
Manuel Pégourié-Gonnard
9967f11066
Merge pull request #7810 from valeriosetti/issue7771
...
Define PSA_WANT_xxx_KEY_PAIR_yyy step 2/ECC
2023-07-07 10:22:47 +02:00
Przemek Stekiel
46b2d2b643
Fix code style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-07 09:34:17 +02:00
Dave Rodgman
aa00e81901
Merge pull request #7492 from gilles-peskine-arm/psa-driver-doc-entry-point
...
README: add section about drivers
2023-07-06 15:35:18 +01:00
Tomás González
3719f9ec91
tests/test_suite_pem: Augment DES test cases with AES: PEM
...
A few negative test cases in test_suite_pem.data rely on DES
(“invalid iv”, “malformed”). DES is deprecated.
Construct similar test cases using AES.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
2023-07-06 14:21:23 +01:00
Dave Rodgman
2230258530
Merge pull request #7890 from yanrayw/aes_comment_fix
2023-07-06 13:52:33 +01:00
Gilles Peskine
e1d5b07304
Link to the guide for writing a driver
...
Don't link to the proposed specifications: they aren't good entry points
because they describe what we want to achieve, not what exists today. The
guide links to them, that's enough.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-06 13:13:43 +02:00
Manuel Pégourié-Gonnard
a30c5cfc66
Use minimal include in test_suite_random
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-07-06 12:47:29 +02:00
Manuel Pégourié-Gonnard
999ce227fc
Make the PSA-mbedtls RNG API public
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-07-06 12:47:28 +02:00
Manuel Pégourié-Gonnard
d55d66f5ec
Fix missing includes
...
Some files relied on psa_util.h to provide the includes they need.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-07-06 12:47:28 +02:00
Manuel Pégourié-Gonnard
abfe640864
Rationalize includes in psa_util
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-07-06 12:47:27 +02:00
Manuel Pégourié-Gonnard
801d5b441d
Remove unnecessary (and harmful) include
...
Besides being unnecessary, it was causing problem when build SSL test
programs, which include this header, then in turn trying to include the
internal header from library, which didn't work.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-07-06 12:47:26 +02:00