yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
21767 commits 1 branch 0 tags 94 MiB
Commit graph

5447 commits

Author SHA1 Message Date
Przemek Stekiel
d61a4d3d1a Fix missing guard and double-space 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-11 09:40:40 +02:00
Przemek Stekiel
52a428b824 Fix MBEDTLS_SSL_TICKET_C, MBEDTLS_SSL_SESSION_TICKETS dependencies 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-10 11:23:18 +02:00
Jerry Yu
8897c07075 Add server only guards for psk callback 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-07 10:11:05 +08:00
Jan Bruckner
b33f6e5ee2 Fix typo 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2022-10-06 11:23:49 +02:00
Przemek Stekiel
0957e7bfc5 Rmove MBEDTLS_NIST_KW_C dependency from MBEDTLS_SSL_TICKET_C 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-03 11:39:02 +02:00
Przemek Stekiel
460192ee19 Fix and sync configuration file and configuration verifiation 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-03 08:55:29 +02:00
Przemek Stekiel
ce5b68c7a3 Revert "Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions" 
This reverts commit a82290b727.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-29 15:29:18 +02:00
Manuel Pégourié-Gonnard
f3f9e450b6
Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 
Ad-hoc KDF for EC J-PAKE in TLS 1.2
 2022-09-28 09:47:32 +02:00
Przemek Stekiel
e31ba83675 Use basic symbols instead MBEDTLS_CIPHER_MODE_AEAD in check config 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 09:44:58 +02:00
Przemek Stekiel
d582a01073 Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-28 07:59:01 +02:00
Przemek Stekiel
a82290b727 Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions 
Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C flags - make it consistent.
As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available).
Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-27 15:04:14 +02:00
Andrzej Kurek
e09aff8f5a Add information about ECJPAKE_TO_PMS output size expectations 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-26 10:59:31 -04:00
Andrzej Kurek
96b9f23853 Adjust ECJPAKE_TO_PMS macro value 
This way the low 8 bits of the identifier indicate that this algorithm is used
with SHA-256.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-26 10:30:46 -04:00
Paul Elliott
2c282c9bd0
Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets 
TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.
 2022-09-23 15:48:33 +01:00
Jerry Yu
ba627bfd0d improve document about session tickets 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-23 09:58:22 +08:00
Jerry Yu
40b4a01388 Improve documents 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-22 23:48:38 +08:00
Jerry Yu
f3bdf9dd51 fix various issues 
- improve document about configuration item.
- format issue
- variable type issue.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-22 23:47:14 +08:00
Jerry Yu
d0766eca58 fix various issues 
- Improve comments
- Align count variable name to `new_session_tickets_count`
- move tickets_count init to handshake init

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-22 13:21:29 +08:00
Manuel Pégourié-Gonnard
d433cd7d07
Merge pull request #6283 from mpg/driver-only-hashes-wrap-up 
Driver only hashes wrap-up
 2022-09-21 08:29:46 +02:00
Manuel Pégourié-Gonnard
b4e28aa2f7 Fix two typos 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-09-19 11:55:00 +02:00
Manuel Pégourié-Gonnard
3c16abebd4 Fix dependencies of KEY_EXCHANGE_ECJPAKE 
The EC J-PAKE module the ability to "fall back" to PSA when MD is not
present a few PRs ago, but the dependency of this key exchange on
SHA-256 wasn't updated at the time.

(Note: the crypto primitive doesn't depend on SHA-256, only its use in
the TLS key exchange does.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-09-19 10:47:05 +02:00
Jerry Yu
1ad7ace6b7 Add conf new session tickets 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-19 14:22:21 +08:00
Ronald Cron
be0224aef3
Merge pull request #6167 from yuhaoth/pr/finalize-tls13-session-tickets 2022-09-18 21:18:13 +02:00
Gilles Peskine
ef843f2b0c MBEDTLS_PLATFORM_VSNPRINTF_ALT requires MBEDTLS_PLATFORM_C 
mbedtls_vsnprintf replacement works like mbedtls_snprintf replacement, so
copy the requirements for MBEDTLS_PLATFORM_VSNPRINTF_ALT.

(MBEDTLS_PLATFORM_xxx_MACRO shouldn't require MBEDTLS_PLATFORM_C, but that's
a separate preexisting problem which I do not try address at this time.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-09-18 14:05:23 +02:00
Andrzej Kurek
3c4c514302 Remove PSA_ALG_IS_TLS12_ECJPAKE_TO_PMS 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-16 07:24:14 -04:00
Andrzej Kurek
1fafb1f778 Documentation clarifications for ECJPAKE-to-PMS 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-16 07:19:49 -04:00
Manuel Pégourié-Gonnard
1be45825ab Remove useless guard around include 
Including a header is harmless, so we can include do it unconditionally.

The condition was wrong, should have been USE_PSA || PROTO_TLS1_3. If we
just fixed to condition, then we would need to make sure things like:

    #define MBEDTLS_TLS1_3_MD_MAX_SIZE         PSA_HASH_MAX_SIZE

are also guarded, which is useless (extra defines are harmless) and
annoying, so just remove the condition altogether.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-09-16 13:18:36 +02:00
Manuel Pégourié-Gonnard
138387fc8c Fix some typos, improve wording & formatting 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
72687b76ca Clarify dependencies in mbedtls_config.h 
- One module was missing the warning on psa_crypto_init().
- For modules that are affected by USE_PSA_CRYPTO, it makes more sense
to mention that in the warning.
- Attempt to improve the description of the TLS 1.3 situation.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
f17f85ef0c Simplify definition of TLS 1.3 MD max size. 
Actually this macro is never used in parts that depend on USE_PSA, so
it's always using PSA.

Currently the macro seems a bit redundant, but:
- since it's public we can't remove it;
- and there are plans in the future to make it more precise (actually
the largest hash that matters for TLS 1.3 is SHA-384 now).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
e896705c1a Take advantage of legacy_or_psa.h being public 
Opportunities for using the macros were spotted using:

    git grep -E -n -A2 'MBEDTLS_(MD|SHA)[0-9]+_C' | egrep 'PSA_WANT_ALG_(MD|SHA)'

then manually filtering the results.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard
07018f97d2 Make legacy_or_psa.h public. 
As a public header, it should no longer include common.h, just use
build_info.h which is what we actually need anyway.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-09-16 12:02:48 +02:00
Gilles Peskine
04e4c19ee3 Document the base state of platform abstraction 
It's `#define mbedtls_xxx xxx` unless some option to override `mbedtls_xxx`
is enabled.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-09-15 20:34:50 +02:00
Manuel Pégourié-Gonnard
409a620dea
Merge pull request #6255 from mprse/md_tls13 
Driver-only hashes: TLS 1.3
 2022-09-15 10:37:46 +02:00
Manuel Pégourié-Gonnard
18dff1f226
Merge pull request #5871 from superna9999/4153-psa-expose-ec-j-pake 
Expose ECJPAKE through the PSA Crypto API
 2022-09-15 09:25:55 +02:00
Andrzej Kurek
d60907b85d Define ECJPAKE_TO_PMS in config_psa only if SHA_256 is available 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-14 14:57:51 -04:00
Przemyslaw Stekiel
67ffab5600 ssl.h: use PSA hash buffer size when PSA is used 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-14 14:51:14 +02:00
Andrzej Kurek
18f8e8d62c Document the input size restriction for EC J-PAKE to PMS 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-14 08:44:34 -04:00
Andrzej Kurek
08d34b8693 Add an EC J-PAKE KDF to transform K -> SHA256(K.X) for TLS 1.2 
TLS uses it to derive the session secret. The algorithm takes a serialized
point in an uncompressed form, extracts the X coordinate and computes
SHA256 of it. It is only expected to work with P-256.
Fixes #5978.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-14 08:39:26 -04:00
Przemyslaw Stekiel
034492bd56 ssl.h: Fix hash guards 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-14 11:09:20 +02:00
Przemek Stekiel
ce0aa58fd9 check_config.h: make TLS1.3 requirements verification more readable 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Przemek Stekiel
8a2f2b0bd6 check_config.h: fix TLS 1.3 requirements (add HKDF_EXTRACT/EXPAND) and comments 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Przemek Stekiel
9408b70513 check_config.h: revert HKDF requirements 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Przemek Stekiel
a06787a629 build_info.h: include config_psa.h also when MBEDTLS_PSA_CRYPTO_C 
This is done to have PSA_WANT_xxx symbols available in check_config.h when MBEDTLS_PSA_CRYPTO_C.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Przemek Stekiel
cf9d972a9a Fix config for MBEDTLS_SSL_PROTO_TLS1_3 
Remove MBEDTLS_HKDF_C as it is not needed since #5838

Reasoning: we need SHA-256 or SHA-384 via PSA because they're used by HKDF which is now always done via PSA. If in addition to that USE_PSA is enabled, then everything is done via PSA so that's enough. Otherwise, we need the software implementation of SHA-256 or SHA-384, plus MD_C because we're using a VIA_MD_OR_PSA_BASED_ON_USE_PSA as discussed above.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Przemek Stekiel
a9a8816107 ssl.h: adapt guards for MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-13 18:08:54 +02:00
Jerry Yu
6cf85a4bb0 update document abourt maximum ticket_age_tolerance 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-13 14:28:15 +08:00
Neil Armstrong
fb3093a9cb Use PSA_PAKE_ROLE_NONE in PSA_PAKE_OPERATION_INIT macro instead of 0 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-08 14:59:32 +02:00
Neil Armstrong
7cd4eacbd4 Fix typo in mbedtls_ecjpake_write_shared_key() comment 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-08 14:57:55 +02:00
Neil Armstrong
ecb221b1ff Move operation buffer in operation struct and remove dynamic allocation 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-09-08 11:21:07 +02:00
Andrzej Kurek
f000471c66 Add missing MD dependency for pkcs5_pbkdf2_hmac 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:07:15 -04:00
Andrzej Kurek
345a92b321 Adjust PKCS5 dependencies in check_config 
It's possible to build PKCS5 with PSA instead of MD
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:03:25 -04:00
Andrzej Kurek
65bf73ed6a Enable HMAC in config_psa.h regardless of MD availability 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:03:25 -04:00
Andrzej Kurek
890e78ae66 Deprecate mbedtls_pkcs5_pbkdf2_hmac 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:03:25 -04:00
Andrzej Kurek
dd36c76f09 Provide a version of pkcs5_pbkdf2_hmac without MD usage 
Use the new implementation locally
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-02 04:03:25 -04:00
Manuel Pégourié-Gonnard
97fc247d6a
Merge pull request #6232 from AndrzejKurek/pkcs12-no-md 
Remove MD dependency from pkcs12 module
 2022-09-02 09:43:13 +02:00
Andrzej Kurek
7bd12c5d5e Remove MD dependency from pkcs12 module 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-01 08:57:41 -04:00
Jerry Yu
89eb95a221 Add ticket age tolerance config option 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-31 23:24:25 +08:00
Neil Armstrong
b764fb60aa Remove MBEDTLS_MD_C dep in config_psa.h when ECJPAJE is wanted 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
12663092bc Introduce mbedtls_ecjpake_write_shared_key() to export the EC J-PAKE shared key material before the KDF() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
ed40782628 Fix SECP256R1 enable when PSA_WANT_ALG_JPAKE is defined 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
a557cb8c8b Fixing XXX_ALG_ECJPAKE to XXX_ALG_JPAKE to match specification 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
7616ad28e3 Fix guard of ecjpake.h include in crypto_extra.h 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
63212ddf2f Fix formatting of PSA_PAKE_OPERATION_INIT macro 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
7aaa34a1ba Fix formatting of PSA_PAKE_OUTPUT_SIZE & PSA_PAKE_INPUT_SIZE macros 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
637d0a0290 Enable buildin PSA PAKE implementation when ECJPAKE_C is selected 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Neil Armstrong
35269d93da Fill psa_pake_operation and INPUT/OUTPUT min/max sizes for PSA PAKE builtin implementation 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-31 10:49:18 +02:00
Manuel Pégourié-Gonnard
bf22a2500b
Merge pull request #6208 from AndrzejKurek/tls-tests-no-md-structured 
Remove the dependency on MD from TLS 1.2 tests
 2022-08-30 12:34:37 +02:00
Dave Rodgman
0edfa9dd26
Merge pull request #6207 from daverodgman/ticket_time 
Fix type used for capturing TLS ticket generation time
 2022-08-30 10:03:06 +01:00
Andrzej Kurek
cccb044804 Style & formatting fixes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-23 05:26:02 -04:00
Janos Follath
645ff5b8ff
Merge pull request #6095 from gabor-mezei-arm/6016_add_new_modulus_and_residue_structures 
Add the new modulus and the residue structures with low level I/O operations
 2022-08-23 09:02:43 +01:00
Andrzej Kurek
e02da81086 Update TLS1.2 dependencies description in mbedtls_config.h 
It is possible to use it without MBEDTLS_SHAXXX defines and USE_PSA_CRYPTO
instead.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-22 17:46:50 -04:00
Andrzej Kurek
7e16ce3a72 Clarify TLS 1.2 dependencies with and without PSA crypto 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-22 17:46:50 -04:00
Dave Rodgman
0ce93933e8
Merge pull request #6219 from KloolK/development 
Fix minor typos
 2022-08-22 21:47:21 +01:00
Gilles Peskine
e5018c97f9
Merge pull request #6195 from superna9999/6149-driver-only-hashes-ec-j-pake 
Driver-only hashes: EC J-PAKE
 2022-08-22 17:28:15 +02:00
Gilles Peskine
20ebaac85e
Merge pull request #6211 from tom-cosgrove-arm/explicit-warning-re-ct-conditions-not-0-or-1 
Be explicit about constant time bignum functions that must take a 0 or 1 condition value
 2022-08-22 17:24:04 +02:00
Jan Bruckner
9ff6f8cdbd Fix minor typos 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2022-08-22 16:05:58 +02:00
Neil Armstrong
ecaba1c9b2 Make use of PSA crypto hash if MBEDTLS_MD_C isn't defined 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-19 11:49:22 +02:00
Neil Armstrong
0d76341eac Remove md_info by md_type in ecjpake context, use mbedtls_hash_info_get_size() to get hash length 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-19 11:49:22 +02:00
Przemek Stekiel
10836a04a9 config: Fix requirements for MBEDTLS_X509_USE_C and MBEDTLS_X509_CREATE_C 
Restore MBEDTLS_PK_PARSE_C as it was removed by mistake.
Fix module name in added warnings.

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
12e69cb806 oid.h: remove MBEDTLS_MD_C guard 
*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

*** Comparing reference -> drivers ***
   x509parse: total 723; skipped  89 ->  89
   x509write: total  41; skipped   3 ->   3
         pem: total  13; skipped   0 ->   0
         oid: total  28; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
55c17430be oid.h: remove redundant MBEDTLS_MD_C dependency 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
278b6674bd check_config.h: Adjust x509 dependencies (MBEDTLS_MD_C or MBEDTLS_USE_PSA_CRYPTO) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Przemek Stekiel
fd18366965 Adjust declared dependencies in library/x509* 
*** Comparing before-default -> after-default ***
   x509parse: total 723; skipped  26 ->  26
   x509write: total  41; skipped   8 ->   8

*** Comparing before-full -> after-full ***
   x509parse: total 723; skipped  25 ->  25
   x509write: total  41; skipped   0 ->   0

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-08-19 10:15:56 +02:00
Tom Cosgrove
583816caaf Be explicit about constant time bignum functions that must take a 0 or 1 condition value 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-08-18 14:09:18 +01:00
Dave Rodgman
536f28c892 Respect MBEDTLS_HAVE_TIME in ssl_ticket 
Make use of ticket generation time and associated fields
conditional on MBEDTLS_HAVE_TIME, to avoid compile errors
on baremetal.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-17 14:20:36 +01:00
Dave Rodgman
392f714153 Fix type used for capturing TLS ticket generation time 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-17 12:38:24 +01:00
Gabor Mezei
d41f627650
Order the file names 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-12 15:20:21 +02:00
Manuel Pégourié-Gonnard
077ba8489d PKCS#1 v2.1 now builds with PSA if no MD_C 
Test coverage not there yet, as the entire test_suite_pkcs1_v21 is
skipped so far - dependencies to be adjusted in a future commit.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-08-11 12:47:02 +02:00
Janos Follath
d1baedb786 Bignum: extract bignum_mod.h functions 
Extract functions declared in bignum_mod.h into a source file with a
matching name.

We are doing this because:

- This is a general best practice/convention
- We hope that this will make resolving merge conflicts in the future
  easier
- Having them in a unified source file is a premature optimisation at
  this point

This makes library/bignum_new.c empty and therefore it is deleted.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-09 13:44:53 +01:00
Janos Follath
0ded631879 Bignum: extract bignum_mod_raw.h functions 
Extract functions declared in bignum_mod_raw.h into a source file with a
matching name.

We are doing this because:

- This is a general best practice/convention
- We hope that this will make resolving merge conflicts in the future
  easier
- Having them in a unified source file is a premature optimisation at
  this point

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-09 13:34:54 +01:00
Janos Follath
3ca0775e59 Bignum: extract bignum_core.h functions 
Extract functions declared in bignum_core.h into a source file with a
matching name.

We are doing this because:

- This is a general best practice/convention
- We hope that this will make resolving merge conflicts in the future
  easier
- Having them in a unified source file is a premature optimisation at
  this point

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2022-08-09 11:45:47 +01:00
Gabor Mezei
0c655572dc Build the new bignum_new.c file 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-08-05 17:03:56 +01:00
Gilles Peskine
5740ff5f1f
Merge pull request #5949 from Summer-ARM/mbedtls-psa-crypto-config 
MBEDTLS_POLY1305_C and MBEDTLS_CHACHA20_C are needed when PSA_WANT_ALG_CHACHA20_POLY1305 is defined
 2022-08-05 11:03:45 +02:00
Dave Rodgman
27036c9e28
Merge pull request #6142 from tom-cosgrove-arm/fix-comments-in-docs-and-comments 
Fix a/an typos in doxygen and other comments
 2022-07-29 12:59:05 +01:00
Dave Rodgman
aba26d0099
Merge pull request #5963 from tom-daubney-arm/remove_ssl_compression_new 
Remove use of SSL session compression
 2022-07-28 10:28:23 +01:00
Manuel Pégourié-Gonnard
f6b8c3297a
Merge pull request #6065 from mpg/explore2 
Driver-only hashes: RSA 1.5 and PK + strategy doc
 2022-07-28 10:43:38 +02:00
Tom Cosgrove
ce7f18c00b Fix a/an typos in doxygen and other comments 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-07-28 05:50:56 +01:00
Thomas Daubney
20f89a9605 Remove uses of SSL compression 
Remove or modify current uses of session compression.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-07-26 16:13:03 +01:00
Jan Bruckner
25fdc2addb Fix minor typos 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2022-07-26 10:52:46 +02:00