Jerry Yu
b6875bc17a
change rsa_pss salt type
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:35 +08:00
Jerry Yu
704cfd2a86
fix comments and style issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:35 +08:00
Jerry Yu
718a9b4a3f
fix doxgen fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
bc18c23531
Guard pk_sign_ext with PSA_CRYPTO_C
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
1f45b67474
Add unit tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
1d172a3483
Add pk_psa_sign_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
79c004148d
Add PSA && TLS1_3 check_config
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
8beb9e173d
Change prototype of pk_sign_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
67eced0132
replace pk_sign with pk_sign_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
d69439aa61
add mbedtls_pk_sign_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
3a58b462b6
add pss_rsae_sha{384,512}
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
bfcfe74b4e
add signature algorithm debug helper
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:33 +08:00
Jerry Yu
919130c035
Add rsa_pss_rsae_sha256 support
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:33 +08:00
Gabor Mezei
1e64f7a643
Use MBEDTLS_USE_PSA_CRYPTO macro guard for testing instead of MBEDTLS_PSA_CRYPTO_C
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-21 17:00:54 +01:00
Gabor Mezei
892c4aa295
Update hkdf test cases to handle PSA code
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-21 17:00:54 +01:00
Gabor Mezei
1bf075fffd
Use SSL error codes
...
The `psa_ssl_status_to_mbedtls` function is not only used for
cipher operations so transalte to TLS error codes.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-21 17:00:53 +01:00
Gabor Mezei
adfeadc6e5
Extend PSA error translation
...
Add new error codes to the PSA to mbedtls error translation.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-21 17:00:53 +01:00
Gabor Mezei
58db65354b
Use the PSA-based HKDF functions
...
Use the `mbedtls_psa_hkdf_extract` and `mbedtls_psa_hkdf_expand`
functions in the HKDF handling.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-21 17:00:53 +01:00
Paul Elliott
21bbb7a888
Add simple test to ensure accessor is working
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-21 15:28:05 +00:00
Paul Elliott
a5bebc297b
Add changelog entry
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-21 15:27:25 +00:00
Paul Elliott
b9af2db4cf
Add accessor for timing final delay
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-21 15:26:19 +00:00
Neil Armstrong
79daea25db
Handle and return translated PSA errors in ssl_cookie.c
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-21 12:05:51 +01:00
Neil Armstrong
2d5e343c75
Use inline PSA code instead of using ssl_cookie_hmac in mbedtls_ssl_cookie_write()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-21 11:39:52 +01:00
Manuel Pégourié-Gonnard
f4042f076b
Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac
...
TLS record HMAC
2022-03-21 11:36:44 +01:00
Manuel Pégourié-Gonnard
706f6bae27
Merge pull request #5518 from superna9999/5274-ecdsa-signing
...
PK: ECDSA signing
2022-03-21 09:57:57 +01:00
Manuel Pégourié-Gonnard
472044f21e
Merge pull request #5525 from superna9999/5161-pk-rsa-encryption
...
PK: RSA encryption
2022-03-21 09:57:38 +01:00
Przemek Stekiel
a677b5f6c7
Fix minor issues
...
- parameter name in function description
- test_suite_ecp.data: add new line at the end of file
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-21 09:49:40 +01:00
Ronald Cron
8d7afc642c
Merge pull request #5523 from ronald-cron-arm/one-flush-output-development
...
TLS 1.3: One flush output
2022-03-21 08:44:04 +01:00
Neil Armstrong
62e6ea2c22
Avoid spurious write to *olen in PSA version of rsa_encrypt_wrap()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 15:39:49 +01:00
Neil Armstrong
c23d2e3ef1
Wrap unused declaration in #if/#endif when USE_PSA is set in x509_csr_check()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 15:31:59 +01:00
Neil Armstrong
17a0655c8d
Add documentation to find_ecdsa_private_key()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 15:27:38 +01:00
Neil Armstrong
05132ed490
md_alg is used in ecdsa_sign_wrap(), cleanup code
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 15:14:57 +01:00
Neil Armstrong
cb753a6945
Use mbedtls_eckey_info directly in ecdsa_sign_wrap()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 15:14:48 +01:00
Przemek Stekiel
815af94905
Add ChangeLog file
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-18 15:10:31 +01:00
Przemek Stekiel
4b30feb32e
Add test for ECP export
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-18 13:58:26 +01:00
Przemek Stekiel
711d0f5e29
Add implemetation of ECP keypair export function
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-18 13:52:26 +01:00
Manuel Pégourié-Gonnard
e5b53193e0
Merge pull request #5636 from mprse/tls_ecdh_2b
...
TLS ECDH 2b: client-side static ECDH (1.2)
2022-03-18 11:36:53 +01:00
Neil Armstrong
0ab7a232b5
Add non-PSA and PSA variant of test_XXXX_constant_flow all.sh tests
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 11:10:09 +01:00
Neil Armstrong
8f92bf3a26
Only make PSA HMAC key exportable when NULL or CBC & not EtM in build_transforms()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 11:10:09 +01:00
Neil Armstrong
29c0c040fc
Only make PSA HMAC key exportable when NULL or CBC & not EtM in ssl_tls12_populate_transform()
...
This requires moving the HMAC init after CIPHER init.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 11:10:09 +01:00
Neil Armstrong
9ebb9ff60c
Reduce HMAC buffer usage in PSA version of mbedtls_ct_hmac()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 11:09:58 +01:00
Neil Armstrong
72c2f76c43
Assume MAC key length is always exactly the output size in PSA version of mbedtls_ct_hmac()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 11:09:36 +01:00
Neil Armstrong
36cc13b340
Use PSA defines for buffers in PSA version of mbedtls_ct_hmac()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 11:09:20 +01:00
Neil Armstrong
ae57cfd3e7
Use psa_ssl_status_to_mbedtls in PSA version of mbedtls_ct_hmac()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 10:00:10 +01:00
Neil Armstrong
28d9c631b8
Fix comments in PSA version of mbedtls_ct_hmac()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 10:00:10 +01:00
Manuel Pégourié-Gonnard
8d4bc5eeb9
Merge pull request #5481 from gabor-mezei-arm/5401_implement_hkdf_extract_based_on_psa_hmac
...
HKDF 1a: Implement Extract in TLS 1.3 based on PSA HMAC
2022-03-17 11:55:48 +01:00
Manuel Pégourié-Gonnard
15c0e39fff
Merge pull request #5519 from superna9999/5150-pk-rsa-decryption
...
PK: RSA decryption
2022-03-17 11:02:13 +01:00
Manuel Pégourié-Gonnard
7c92fe966a
Merge pull request #5614 from gabor-mezei-arm/5203_tls_cipher_tickets_use_psa_for_protection
...
TLS Cipher 2a: tickets: use PSA for protection
2022-03-17 09:50:09 +01:00
Manuel Pégourié-Gonnard
560ef5975c
Merge pull request #5613 from mprse/tls_ecdh_2a
...
TLS ECDH 2a: server-side ECDHE-ECDSA and ECDHE-RSA (1.2)
2022-03-17 09:29:41 +01:00
Przemek Stekiel
068a6b4013
ssl_check_server_ecdh_params():Adapt build flags
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-17 07:54:09 +01:00