mbedtls

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	a9a1b21ca9	Use ASSERT_COMPARE in test_suite_md Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-09 09:15:50 +01:00
Dave Rodgman	4f70b3cdb4	Fix pylint warning Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-08 16:40:40 +00:00
Nick Child	14f255f332	pkcs7: Remove unnecessary dependencies stdio, stdlib and string header files are not used. Remove them. Signed-off-by: Nick Child <nick.child@ibm.com>	2023-02-08 15:38:48 +00:00
Nick Child	c7c94df715	pkcs7/test: Format generate test script Adhere to syntax and format recommendations from check-python-files.py Signed-off-by: Nick Child <nick.child@ibm.com>	2023-02-08 15:38:48 +00:00
Valerio Setti	00a6c6fcbe	test: fix for using proper sign/verify macros Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:52:31 +01:00
Valerio Setti	40df83509b	all.sh: fix comment for test_psa_crypto_config_accel_ecdsa_use_psa Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:52:31 +01:00
Valerio Setti	ce0caa3384	oid: fix comment in #endif Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:52:31 +01:00
Valerio Setti	fcc6933a53	test: fix disparities in x509parse and x509write suites Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:52:31 +01:00
Valerio Setti	b9dc2513c1	test: add SHA1 to the supported algs in accelerated ECDSA Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:52:31 +01:00
Valerio Setti	f972ce8d69	oid: replace ECDSA_C with new macros for ECDSA capabilities Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:52:31 +01:00
Valerio Setti	c8801b7ef1	test: x509: remove disparities in driver only testing for ECDSA Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:52:31 +01:00
Valerio Setti	80d0798ae8	pk_wrap: use new macros for ECDSA capabilities Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:49:17 +01:00
Valerio Setti	683a432a7f	fix code style Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:39:10 +01:00
Valerio Setti	a1e3e3a28f	test: pk: keep PK_WRITE_C only in RSA tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:39:10 +01:00
Valerio Setti	5c032b5e1b	pk_wrap: fix comment in ecdsa_verify_wrap Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:39:10 +01:00
Valerio Setti	b761b15f06	fix code style Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:39:10 +01:00
Valerio Setti	d0b83e1fc7	build_info: fix PK's requirements for RSA_C Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:39:10 +01:00
Valerio Setti	1337a4f334	pk_wrap: use specific lengths for EC's private key and key-pair Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:39:10 +01:00
Valerio Setti	5bc52248ef	pk_wrap: fix for DETERMINISTIC_ECDSA case in ecdsa_sign_wrap() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-08 13:39:10 +01:00
Gilles Peskine	be9e2a1634	The pk_psa_sign test function needs pk_write Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 13:39:10 +01:00
Gilles Peskine	8a6022e948	Clean up header inclusions in pk_wrap.c To better reflect what the code relies on, limit the headers that are included when MBEDTLS_USE_PSA_CRYPTO is disabled. Also stop including "pkwrite.h" when it is no longer needed. Include "mbedlts/platform_util.h" unconditionally. It was only included for RSA ALT but was also used for MBEDTLS_USE_PSA_CRYPTO (the code worked because other headers include "mbedtls/platform_util.h"). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 13:39:10 +01:00
Gilles Peskine	bbccdd485c	pk no longer needs pk_write for ECDSA with MBEDTLS_USE_PSA_CRYPTO The dependency is still useful for RSA, for which PSA encodes keys with an ASN.1 structure. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 13:39:10 +01:00
Gilles Peskine	13caa94746	Don't use pk_write in ecdsa_sign_wrap with USE_PSA_CRYPTO Under MBEDTLS_USE_PSA_CRYPTO, ecdsa_sign_wrap() was calling mbedtls_pk_write_key_der() to write a private key in SEC1 format, only to then extract the part that represents the private value which is what psa_import_key() actually wants. Instead, call an mpi function to directly get the private key in the desired format. This slightly reduces the code size and stack usage, and removes a dependency on pk_write. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 13:39:10 +01:00
Gilles Peskine	b4a87b07f8	Don't use pk_write in ecdsa_verify_wrap with USE_PSA_CRYPTO Under MBEDTLS_USE_PSA_CRYPTO, ecdsa_verify_wrap() was calling mbedtls_pk_write_pubkey() to write a public key in the form of a subjectPublicKey, only to then extract the part that represents the EC point which psa_import_key() actually wants. Instead, call an ecp function to directly get the public key in the desired format (just the point). This slightly reduces the code size and stack usage, and removes a dependency on pk_write. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 13:39:10 +01:00
Manuel Pégourié-Gonnard	9cb1aa21c4	Merge pull request #6970 from valeriosetti/issue6857 driver-only ECDSA: get testing parity in PK	2023-02-08 13:33:15 +01:00
Gilles Peskine	199ee456b1	Summarize how to improve MBEDTLS_PSA_CRYPTO_CLIENT Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 12:35:19 +01:00
Gilles Peskine	58e935fc6b	add a missing Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 12:07:12 +01:00
Xiaokang Qian	0de0d863b6	Rebase code to restore reco-delay and fix some style issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 07:41:42 +00:00
Yanray Wang	303829709d	compat.sh: simplify code of iterating on VERIFY for PSK tests Since PSK cipher suites do not allow client certificate verification, PSK test cases should be executed under VERIFY=NO. SUB_VERIFIES is used to constrain verification option for PSK tests. With aforementioned change, the latter check of $VERIFY=YES && $TYPE!=PSK is redundant so it's removed. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-02-08 14:58:35 +08:00
Xiaokang Qian	8dc4ce76c7	Fix various coding style and comment issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	6b980011e5	Replace session_negotiate->ciphersuite with handshake->ciphersuite_info->id Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	53c4c27d35	Update the comment of ciphersuite check for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	64bc9bc33d	Add comments to describe the early data behavior-encrypt/rejected... Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	e04afdc44f	Refine the condition of whether re-generate early keys Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	eb31cbc791	Share the hash check code between ticket and external psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	4ef8ba2938	Assign the ciphersuite in finalize_hrr{server_hello} Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	bb883244aa	Remove useless comments of outbound switch Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	02f5e14073	Combine the alert check of selected_id and ciphercuite Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	934ce6f6a9	Rename the finalize_client{server}_hello() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	ac4c625dea	Add hash check of ciphersuite for ticket psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	6be8290aba	Change to CCS after client hello only if we offer early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	7179f810f1	Restore the empty lines Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	b58462157e	Refine the ciphersuite and select id check for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	44051f6376	Refine the state change after write client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	7892b6caad	Refine the comment about generating early secrects in post server hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	bd0ab06d50	Skip CCS once we proposed early data even it is rejected Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	f6d8fd3d6b	Improve the coding style of new lines Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	79f77528f5	Move state change to finalize client hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	3f616c2493	Move selected_identity zero check to post_server_hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00
Xiaokang Qian	1d8e86ce00	Get hash_alg by mbedtls_psa_translate_md Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:47 +00:00

... 5 6 7 8 9 ...

23681 commits