Commit graph

5255 commits

Author SHA1 Message Date
Neil Armstrong
b2f2b027c2 Clarify mbedtls_pk_can_do_ext() return documentation amd add warning on future addition of allowed algs & usage flags
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 12:00:56 +02:00
Neil Armstrong
e9b4581b16 Clarify BAD_STATE return documentation on bad ordering of input and output steps for psa_pake_input() & psa_pake_output()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
0d24575ad0 Clarify BAD_STATE return documentation of psa_pake_set_peer()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
59fa8ee090 Update return documentation of psa_pake_abort()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
97d74b8abb Update return documentation of psa_pake_get_implicit_key()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
407b27b516 Update return documentation of psa_pake_input()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
664077e3ae Update return documentation of psa_pake_output()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
2a6dd9c2a8 Rename & update documentation of function, types, and macros for psa_pake_set_role() and associated
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:52:30 +02:00
Neil Armstrong
16ff788f9d Update return documentation of psa_pake_set_peer()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
3585168259 Update return documentation of psa_pake_set_user()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
71cae6121d Update return documentation of psa_pake_set_password_key()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
4721a6f33e Update return documentation of psa_pake_setup()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
1614537697 Fix password wording in PSA_ALG_JPAKE documentation
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
7bc71e9c04 Fix output_size documentation of psa_pake_output()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
cd974d590b Fix return documentation of PSA_PAKE_OUTPUT_SIZE
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
d5a4825b84 Add missing psa_pake_cs_get_bits()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
ff9cac72e7 Add missing psa_pake_cs_get_family()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
0c8ef93c8e Add missing psa_pake_abort()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
799106b441 Pass input as const reference and fix documentation of psa_pake_input()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:22 +02:00
Neil Armstrong
47e700e7de Pass cipher_suite parameter of psa_pake_setup() by const reference
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:51:20 +02:00
Neil Armstrong
0151c55b56 Add documentation of PSA_PAKE_OPERATION_INIT
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:50:58 +02:00
Neil Armstrong
5ff6a7fa97 Add missing psa_pake_cipher_suite_init()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 11:50:57 +02:00
Neil Armstrong
fb99302726 Add missing PSA_PAKE_CIPHER_SUITE_INIT
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 10:45:01 +02:00
Neil Armstrong
a724f7ae17 Document mbedtls_pk_can_do_ext() return for non-allowed algorithms and usage flags
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-20 09:28:12 +02:00
bootstrap-prime
6dbbf44d78
Fix typos in documentation and constants with typo finding tool
Signed-off-by: bootstrap-prime <bootstrap.prime@gmail.com>
2022-05-18 14:15:33 -04:00
Przemek Stekiel
b398d8693f Update descryption of HKDF-Extract/Expand algs and fix comment
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-18 15:43:54 +02:00
Neil Armstrong
408f6a60a3 Add usage parameter to mbedtls_pk_can_do_ext()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-17 14:23:20 +02:00
Neil Armstrong
cec133a242 Fix typo in mbedtls_pk_can_do_ext() documentation
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-17 11:56:01 +02:00
Manuel Pégourié-Gonnard
1cd4f6a873
Merge pull request #5794 from mprse/cipher_dep
Fix undeclared dependencies: CIPHER
2022-05-12 13:09:04 +02:00
Manuel Pégourié-Gonnard
4014a0408e
Merge pull request #5617 from gilles-peskine-arm/chacha20-rfc7539-test-vector
PSA: ChaCha20: add RFC 7539 test vector with counter=1
2022-05-12 12:34:20 +02:00
Neil Armstrong
0b5295848e Add definition of mbedtls_pk_can_do_ext()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-12 11:53:02 +02:00
Przemek Stekiel
a09f835bd8 Fix CIPHER dependencies dependeny and error messages
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-12 10:42:20 +02:00
Przemek Stekiel
ea805b4f20 mbedtls_config.h, check_config.h: fix CIPHER dependencies
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-12 10:42:20 +02:00
Dave Rodgman
58f591526e
Merge pull request #5732 from daverodgman/warmsocks_spellingfixes
Fixed spelling and typographical errors found by CodeSpell
2022-05-12 09:26:29 +01:00
Manuel Pégourié-Gonnard
34f6ac7c22
Merge pull request #5812 from adeaarm/development
Fix key_id and owner_id accessor macros
2022-05-12 10:25:02 +02:00
Andrzej Kurek
5c65c5781f Fix additional misspellings found by codespell
Remaining hits seem to be hex data, certificates,
and other miscellaneous exceptions.
List generated by running codespell -w -L 
keypair,Keypair,KeyPair,keyPair,ciph,nd

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-05-11 21:25:54 +01:00
Shaun Case
8b0ecbccf4 Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.
Signed-off-by: Shaun Case <warmsocks@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-05-11 21:25:51 +01:00
Przemek Stekiel
ebf6281ce6 crypto_values.h: fix description
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-11 14:16:05 +02:00
Przemek Stekiel
6b6ce3278e Add definitions for HKDF-Extract and HKDF-Expand algs
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-10 12:38:27 +02:00
Manuel Pégourié-Gonnard
42650260a9
Merge pull request #5783 from mprse/md_dep_v3
Fix undeclared dependencies: MD
2022-05-10 10:41:32 +02:00
Przemek Stekiel
6e71282c87 Fix caller list of the MD module
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-06 11:40:20 +02:00
Przemek Stekiel
ef1fb4a3d3 Deprecate mbedtls_cipher_setup_psa()
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-05-06 10:55:10 +02:00
Antonio de Angelis
6729474fbb Fix key_id and owner_id accessor macros
The accessor macros for key_id and owner_id in the mbedtls_svc_key_id_t
need to have the MBEDTLS_PRIVATE() specifier as these fields are private

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
2022-05-05 18:45:31 +01:00
Neil Armstrong
8ecd66884f Keep raw PSK when set via mbedtls_ssl_conf_psk() and feed as input_bytes
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-05 14:01:49 +02:00
Neil Armstrong
e952a30d47 Remove RAW PSK when MBEDTLS_USE_PSA_CRYPTO is selected
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-04 11:08:41 +02:00
Neil Armstrong
501c93220d Import PSK as opaque PSA key for mbedtls_ssl_conf_psk() & mbedtls_ssl_set_hs_psk()
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-05-04 11:08:41 +02:00
Manuel Pégourié-Gonnard
068a13d909
Merge pull request #5771 from superna9999/5761-rsa-decrypt-rework-pk-wrap-as-opaque
RSA decrypt 0: Rework `mbedtls_pk_wrap_as_opaque()`
2022-05-02 09:06:49 +02:00
Gilles Peskine
2b5d898eb4
Merge pull request #5644 from gilles-peskine-arm/psa-storage-format-test-exercise
PSA storage format: exercise key
2022-04-28 18:20:02 +02:00
Gilles Peskine
038108388a
Merge pull request #5654 from gilles-peskine-arm/psa-crypto-config-file
Support alternative MBEDTLS_PSA_CRYPTO_CONFIG_FILE
2022-04-28 18:17:50 +02:00
Gilles Peskine
f21617915f
Merge pull request #2082 from hanno-arm/iotssl-2490
Fix documentation of allowed_pks field in mbedtls_x509_crt_profile
2022-04-28 18:13:55 +02:00
Neil Armstrong
a1fc18fa55 Change mbedtls_pk_wrap_as_opaque() signature to specify alg, usage and key_enrollment_algorithm
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-28 13:27:59 +02:00
Przemek Stekiel
bc3cfed43e check_config.h: Add MBEDTLS_MD_C dependency MBEDTLS_PKCS12_C, MBEDTLS_PKCS1_V15, MBEDTLS_PKCS1_V21, MBEDTLS_PK_C
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-27 14:49:13 +02:00
Przemek Stekiel
6aadf0b44f mbedtls_config.h: update dependencies for MBEDTLS_MD_C
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-27 14:49:13 +02:00
Gilles Peskine
efffd6410a Note that MBEDTLS_CONFIG_FILE can't be defined inside the config file
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-26 18:16:33 +02:00
Manuel Pégourié-Gonnard
8ba99e736a Clarify wording of documentation
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-04-25 11:17:47 +02:00
Hanno Becker
2b9fb88281 Clarify documentation of mbedtls_x509_crt_profile
This commit fixes #1992: The documentation of mbedtls_x509_crt_profile
previously stated that the bitfield `allowed_pks` defined which signature
algorithms shall be allowed in CRT chains. In actual fact, however,
the field also applies to guard the public key of the end entity
certificate.

This commit changes the documentation to state that `allowed_pks`
applies to the public keys of all CRTs in the provided chain.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-04-25 11:17:15 +02:00
Gilles Peskine
72b99edf31
Merge pull request #5381 from mpg/benchmark-ecc-heap
Improve benchmarking of ECC heap usage
2022-04-22 16:43:11 +02:00
Ronald Cron
38b8aa4f63
Merge pull request #5539 from xkqian/add_client_hello_to_server
Add client hello into server side
2022-04-22 10:26:00 +02:00
Manuel Pégourié-Gonnard
70701e39b5
Merge pull request #5726 from mprse/mixed_psk_1_v2
Mixed PSK 1: Extend PSK-to-MS algorithm in PSA (v.2)
2022-04-21 17:11:52 +02:00
Manuel Pégourié-Gonnard
90c70146b5
Merge pull request #5728 from superna9999/5711-pk-opaque-rsa-pss-sign
RSA-PSS sign 1: PK
2022-04-21 17:11:18 +02:00
Przemek Stekiel
7f1c89d1d4 Provide other_secret, other_secret_length fields if MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS is defined
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-21 11:53:57 +02:00
Neil Armstrong
23143dca2a Update mbedtls_pk_wrap_as_opaque() public documentation for RSA & RSA-PSS
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-21 11:33:54 +02:00
XiaokangQian
0a1b54ed73 Minor change the place of some functions
Change-Id: I2626e68cf837d8ca4086cb35a8482cee315cde97
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-21 03:01:38 +00:00
XiaokangQian
75d40ef8cb Refine code base on review
Remove useless hrr code
Share validate_cipher_suit between client and server
Fix test failure when tls13 only in server side

Change-Id: I5d6a7932bd8448ebf542bc86cdcab8862bc28e9b
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 11:05:24 +00:00
XiaokangQian
0803755347 Update code base on review comments
Refine named_group parsing
Refine cipher_suites parsing
Remove hrr related part
Share code between client and server side
Some code style changes

Change-Id: Ia9ffd5ef9c0b64325f633241e0ea1669049fe33a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:50:14 +00:00
XiaokangQian
8f9dfe41c0 Fix comments about coding styles and test cases
Change-Id: I70ebc05e9dd9fa084d7b0ce724a25464c3425e22
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:45:50 +00:00
XiaokangQian
cfd925f3e8 Fix comments and remove hrr related code
Change-Id: Iab1fc5415b3b7f7b5bcb0a41a01f4234cc3497d6
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:45:50 +00:00
XiaokangQian
ed582dd023 Update based on comments
Remove cookie support from server side
Change code to align with coding styles
Re-order functions of client_hello

Change-Id: If31509ece402f8276e6cac37f261e0b166d05e18
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
XiaokangQian
3207a32b1e Fix unused parameter issue and not defined cookie issue
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
XiaokangQian
7807f9f5c9 Add client hello into server side
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2022-04-20 07:43:48 +00:00
Ronald Cron
217d699d85 Fix Doxygen marks
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2022-04-19 18:28:51 +02:00
Paul Elliott
a2da9c7e45
Merge pull request #5631 from gstrauss/enum-tls-vers
Unify internal/external TLS protocol version enums
2022-04-19 17:05:26 +01:00
Gilles Peskine
6d187afd8d psa_crypto does not support XTS
The cipher module implements XTS, and the PSA API specifies XTS, but the PSA
implementation does not support XTS. It requires double-size keys, which
psa_crypto does not currently support.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-15 11:10:14 +02:00
Gilles Peskine
09dc05b880
Merge pull request #5635 from gilles-peskine-arm/psa-test-op-fail
PSA: systematically test operation failure
2022-04-15 10:52:47 +02:00
Glenn Strauss
bbdc83b55b Use mbedtls_ssl_protocol_version in public structs
Use mbedtls_ssl_protocol_version in public structs, even when doing
so results in a binary-incompatible change to the public structure

(PR feedback from @ronald-cron-arm)

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:14 -04:00
Glenn Strauss
d09b343ffc Deprecate mbedtls_ssl_conf_(min/max)_version()
Deprecate mbedtls_ssl_conf_max_version()
Replaced with mbedtls_ssl_conf_max_tls_version()

Deprecate mbedtls_ssl_conf_min_version()
Replaced with mbedtls_ssl_conf_min_tls_version()

(PR feedback from @ronald-cron-arm)

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:14 -04:00
Glenn Strauss
60bfe60d0f mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version
Store the TLS version in tls_version instead of major, minor version num

Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller.

Reduce size of mbedtls_ssl_ciphersuite_t

members are defined using integral types instead of enums in
order to pack structure and reduce memory usage by internal
ciphersuite_definitions[]

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:40:12 -04:00
Glenn Strauss
2dfcea2b9d mbedtls_ssl_config min_tls_version, max_tls_version
Store the TLS version in tls_version instead of major, minor version num

Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible on little-endian platforms,
but is compatible on big-endian platforms.  For systems supporting
only TLSv1.2, the underlying values are the same (=> 3).

New setter functions are more type-safe,
taking argument as enum mbedtls_ssl_protocol_version:
mbedtls_ssl_conf_max_tls_version()
mbedtls_ssl_conf_min_tls_version()

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:39:43 -04:00
Glenn Strauss
da7851c825 Rename mbedtls_ssl_session minor_ver to tls_version
Store the TLS version instead of minor version number in tls_version.

Note: struct member size changed from unsigned char to uint16_t
Due to standard structure padding, the structure size does not change
unless alignment is 1-byte (instead of 2-byte or more)

Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is compatible on little-endian platforms,
but not compatible on big-endian platforms.  The enum values for
the lower byte of MBEDTLS_SSL_VERSION_TLS1_2 and of
MBEDTLS_SSL_VERSION_TLS1_3 matches MBEDTLS_SSL_MINOR_VERSION_3 and
MBEDTLS_SSL_MINOR_VERSION_4, respectively.

Note: care has been taken to preserve serialized session format,
which uses only the lower byte of the TLS version.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 15:23:57 -04:00
Glenn Strauss
dff84620a0 Unify internal/external TLS protocol version enums
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-14 13:45:20 -04:00
Gilles Peskine
58ffcba9d4 Make it explicit that an absolute path is also ok
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-14 12:44:16 +02:00
Gilles Peskine
0c4db1f20d Wording improvement
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-14 12:44:01 +02:00
Gilles Peskine
db0421b073 More precise explanation of MBEDTLS_PSA_CRYPTO_CONFIG disabled
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-13 23:22:49 +02:00
Gilles Peskine
f68f43a42e State explicitly USER config files can modify the default config
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-13 23:22:20 +02:00
Gilles Peskine
3f49cc14e7 Clarify the "duplicate documentation" remark
This remark is intended for maintainers, not for users. It should not have
been in the Doxygen typeset part.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-13 23:21:16 +02:00
Gilles Peskine
d5793ce273 Document the section "General configuration options"
Replace the copypasta that was there.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-13 23:05:10 +02:00
Gilles Peskine
611179c3f5 Fix name mismatch in section end comment
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-13 23:04:48 +02:00
Manuel Pégourié-Gonnard
6c242a01f7
Merge pull request #5634 from superna9999/5625-pk-opaque-rsa-basics
PK Opaque RSA sign
2022-04-13 09:55:42 +02:00
Gilles Peskine
6457ef9b3c Format literal # in a way that doesn't confuse older Doxygen
With Doxygen 1.8.11 (as on Ubuntu 16.04), `#include` doesn't protect the
hash character enough, and Doxygen tries to link to something called
include. (Doxygen 1.8.17 doesn't have this problem.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-11 17:11:33 +02:00
Gilles Peskine
ba4162a526 Place MBEDTLS_CONFIG_FILE and such into a new section
Include this new section in the "full for documentation" (`realfull`)
configuration, so that these options are documented in the official
documentation build (`scripts/apidoc_full.sh`).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-11 17:04:38 +02:00
Dave Rodgman
e5a7ba684f
Merge pull request #5719 from tom-cosgrove-arm/adamwolf-reasonable
Fix spelling of 'reasonable' in comments
2022-04-11 09:47:20 +01:00
Gilles Peskine
e1730e492d
Merge pull request #5708 from AndrzejKurek/timeless-struggles
Remove the dependency on MBEDTLS_TIME_H from the timing module
2022-04-08 18:43:16 +02:00
Adam Wolf
039080fba7 Fix spelling of 'reasonable' in comments
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-04-08 16:49:04 +01:00
Andrzej Kurek
5735369f4a Remove the dependency on MBEDTLS_HAVE_TIME from MBEDTLS_TIMING_C
The timing module might include time.h on its own when on 
a suitable platform, even if MBEDTLS_HAVE_TIME is disabled. 


Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-04-08 04:41:42 -04:00
Gilles Peskine
f4c6eb0a49 Support alternative MBEDTLS_PSA_CRYPTO_CONFIG_FILE
When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, support an alternative file to
include instead of "psa/crypto_config.h", and an additional file to include
after it. This follows the model of the existing MBEDTLS_{,USER_}CONFIG_FILE.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-04-07 21:40:22 +02:00
Glenn Strauss
236e17ec26 Introduce mbedtls_ssl_hs_cb_t typedef
Inline func for mbedtls_ssl_conf_cert_cb()

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-04-07 14:18:30 -04:00
Przemek Stekiel
c4b814a9c2 psa_tls12_prf_key_derivation_state_t: add optional step to set other key
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:01:50 +02:00
Przemek Stekiel
f4e8f01964 psa_tls12_prf_key_derivation_t: add other_secret and other_secret_length fields to handle mixed PSK
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:01:50 +02:00
Przemek Stekiel
37c81c4f05 Extend PSA_ALG_TLS12_PSK_TO_MS alg (add #PSA_KEY_DERIVATION_INPUT_OTHER_SECRET input)
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-04-07 15:01:50 +02:00
Neil Armstrong
b354742371 Update documentation of mbedtls_pk_setup_opaque()
The function now accepts a RSA key pair in addition to an ECC
key pair.

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-07 15:01:24 +02:00