Commit graph

21055 commits

Author SHA1 Message Date
Przemek Stekiel
40afdd2791 Make use of MBEDTLS_MAX_HASH_SIZE macro
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-06 14:18:45 +02:00
Przemek Stekiel
c3f2767c25 hash_info.h: add MBEDTLS_MAX_HASH_SIZE macro
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-09-06 14:18:39 +02:00
Neil Armstrong
9720b881f5 Remove doxygen markup outside doxygen block in psa_pake_sequence comment
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-06 11:39:21 +02:00
Neil Armstrong
b39833cff2 Fix typo in psa_pake_sequence comment
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-06 11:36:02 +02:00
Neil Armstrong
2a73f21878 Fixup expected status handling in ecjpake_setup() and add more coverage for psa_pake_set_password_key()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-06 11:34:54 +02:00
Jerry Yu
58af2335d9 Add possible group tests for psk with ECDHE
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-06 14:49:39 +08:00
Jerry Yu
079472b4c9 Add multiple pre-configured psk test for server
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-06 11:44:18 +08:00
Neil Armstrong
bcd5bd933e Add a comment expliciting usage of internal PAKE step/state/sequence enums
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-05 18:34:12 +02:00
Neil Armstrong
78c4e8e9cb Make ecjpake_do_round() return void and use TEST_ASSERT with a descriptive text instead of returning a value
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-05 18:08:13 +02:00
Neil Armstrong
51009d7297 Add comment in ecjpake_do_round() explaining input errors can be detected any time in the input sequence
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-05 17:59:54 +02:00
Neil Armstrong
5bbdb70131 Fix style in psa_pake_input()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-09-05 17:54:15 +02:00
Manuel Pégourié-Gonnard
52f83dc471
Merge pull request #6244 from AndrzejKurek/pkcs5-no-md
Driver-only hashes: PKCS5
2022-09-05 11:01:31 +02:00
Andrzej Kurek
5e0654a324 Add a compat.sh run to psa_crypto_config_accel_hash_use_psa
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-04 09:31:17 -04:00
Andrzej Kurek
c502210291 Adjust pkparse test dependencies
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 15:33:20 -04:00
Andrzej Kurek
216baca131 pkcs5: improve error handling
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:15:34 -04:00
Andrzej Kurek
e3d544c58f Minor PKCS5 improvements
Add consts, more elegant size calculation and 
variable initialization.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
7a32072038 Setup / deinitialize PSA in pk tests only if no MD is used
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
3d0dfb99c9 Change the pkcs5_pbkdf2_hmac deprecation approach
The shared part has now been extracted and will
be used regardless of the deprecation define.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
f000471c66 Add missing MD dependency for pkcs5_pbkdf2_hmac
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:07:15 -04:00
Andrzej Kurek
11265d78bb Remove PKCS5 from the ref config in the migration script
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:06:54 -04:00
Andrzej Kurek
26909f348f Add PSA initialization and teardown to tests using pkcs5
If PSA is defined and there is no MD - an initialization
is required.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:05:37 -04:00
Andrzej Kurek
a57267c758 Add a possibility to call PSA_INIT without MBEDTLS_PSA_CRYPTO_C
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:05:37 -04:00
Andrzej Kurek
37a17e890c Enable PKCS5 in no-md builds in all.sh
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:05:33 -04:00
Andrzej Kurek
345a92b321 Adjust PKCS5 dependencies in check_config
It's possible to build PKCS5 with PSA instead of MD
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
65bf73ed6a Enable HMAC in config_psa.h regardless of MD availability
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
ed98e95c81 Adjust pkcs5 test dependencies
Hashing via PSA is now supported 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
890e78ae66 Deprecate mbedtls_pkcs5_pbkdf2_hmac
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Andrzej Kurek
dd36c76f09 Provide a version of pkcs5_pbkdf2_hmac without MD usage
Use the new implementation locally
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-02 04:03:25 -04:00
Manuel Pégourié-Gonnard
97fc247d6a
Merge pull request #6232 from AndrzejKurek/pkcs12-no-md
Remove MD dependency from pkcs12 module
2022-09-02 09:43:13 +02:00
Andrzej Kurek
e16e6edfce Remove the dependency on MD_MAX_SIZE from PKCS12
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-01 08:57:59 -04:00
Andrzej Kurek
7bd12c5d5e Remove MD dependency from pkcs12 module
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-09-01 08:57:41 -04:00
Manuel Pégourié-Gonnard
0777ec1625
Merge pull request #6109 from superna9999/6100-crash-in-test-suite-x509write
Crash in test suite x509write config full no seedfile
2022-09-01 11:18:30 +02:00
Ronald Cron
e00d6d6b55
Merge pull request #6135 from yuhaoth/pr/tls13-finalize-external-psk-negotiation
TLS 1.3: SRV: Finalize external PSK negotiation
2022-08-31 17:21:57 +02:00
Jerry Yu
6688669124 replace psk&dhe with psk_or_ephemeral
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-08-31 17:08:34 +08:00
Neil Armstrong
b764fb60aa Remove MBEDTLS_MD_C dep in config_psa.h when ECJPAJE is wanted
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
e5fdf20a79 Make ecjpake_rounds test depends on PSA_WANT_ALG_TLS12_PSK_TO_MS
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
eae1dfcc46 Change to more efficient error injection in ecjpake_do_round()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
db5b960a7e Permit any psa_pake_input() step to fail when error injected in input
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
f19a3cb613 Use the mbedtls_ecjpake_write_shared_key() to input raw shared key material as derivation secret
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
12663092bc Introduce mbedtls_ecjpake_write_shared_key() to export the EC J-PAKE shared key material before the KDF()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
75673abef5 Only build ecjpake_do_round() is PSA_WANT_ALG_JPAKE is defined
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
8c2e8a6cda Add ecjpake_rounds_inject tests to exercise error injection
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
f983caf6c4 Move JPAKE rounds into a common function, add reordering and error injection
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
db05cbfb86 Introduce and use mbedtls_ecjpake_to_psa_error() to translate various ECP/MPI errors to expected PSA errors
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
1e855601ca Fix psa_pake_get_implicit_key() state & add corresponding tests in ecjpake_rounds()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
ed40782628 Fix SECP256R1 enable when PSA_WANT_ALG_JPAKE is defined
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
19bb9913c2 Update changelog entry for new PSA PAKE feature
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
bb28c56796 Add changelog entry for new PSA PAKE feature
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
e92311176a Add missing parentheses on return statements
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00
Neil Armstrong
5fb07c6a96 No need to check for state in psa_pake_setup()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-08-31 10:49:18 +02:00