Commit graph

1128 commits

Author SHA1 Message Date
Gilles Peskine
f45a5a0ddd
Merge pull request #7700 from silabs-Kusumit/PBKDF2_output_bytes
PBKDF2: Output bytes
2023-06-16 10:08:02 +02:00
Gilles Peskine
8c2f18dac2
Merge pull request #7738 from davidhorstmann-arm/fix-iar-typo
Fix typo in CMakeList.txt in IAR compiler flags
2023-06-15 19:24:00 +02:00
David Horstmann
ff4b6a8d18 Reword changelog entry
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-06-15 14:08:19 +01:00
Dave Rodgman
2e7d57270e
Merge pull request #7624 from daverodgman/aes-perf
AES perf improvements
2023-06-15 12:10:06 +01:00
Tom Cosgrove
6edf8b8c7b
Merge pull request #7451 from yanrayw/7376_aes_128bit_only
Introduce config option of 128-bit key only in AES calculation
2023-06-15 10:35:32 +01:00
Dave Rodgman
0e22597871 Update Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-09 17:23:20 +01:00
Tom Cosgrove
ef2aa0ecad Fix "unterminated '#pragma clang attribute push'" in sha256/sha512.c
If we're built with MBEDTLS_SHAxxx_USE_A64_CRYPTO_IF_PRESENT but don't have a
way to detect the crypto extensions required, the code turns off _IF_PRESENT
and falls back to C only (with a warning). This was done after the attributes
are pushed, and the pop is done only #if defined(xxx_IF_PRESENT), so this
commit fixes that.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-06-09 11:29:50 +01:00
Gilles Peskine
95b43a04a9
Merge pull request #7651 from daverodgman/fix-armclang-compile-fail
Fix armclang compile fail
2023-06-08 14:36:18 +02:00
Kusumit Ghoderao
e5dd11164a Edit changelog
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-06-08 16:43:32 +05:30
Dave Rodgman
05d71ffe5b Merge remote-tracking branch 'origin/development' into sha3-updated 2023-06-07 18:02:04 +01:00
Dave Rodgman
cf4d2bdc09 Spell as SHA-3 not SHA3
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-07 17:08:09 +01:00
Gilles Peskine
d598eaf212
Merge pull request #7106 from davidhorstmann-arm/parse-oid-from-string
Parse an OID from a string
2023-06-06 20:57:17 +02:00
Kusumit Ghoderao
354434c466 Add changelog entry
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
2023-06-06 15:05:47 +05:30
Gilles Peskine
5c3d6e277c
Merge pull request #7575 from AndrzejKurek/URI-SAN-verification
Add partial support for URI SubjectAltNames verification
2023-06-05 16:46:47 +02:00
Gilles Peskine
84b547b5ee
Merge pull request #7400 from AndrzejKurek/cert-write-sans
Add a possibility to generate certificates with a Subject Alternative Name
2023-06-05 15:38:38 +02:00
Dave Rodgman
4db4d6b9b0 Improve changelog
Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>
2023-06-04 20:41:24 -04:00
Dave Rodgman
49bd1f2cb2 Fix spelling in Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>
2023-06-02 10:31:49 -04:00
Manuel Pégourié-Gonnard
0b68784053
Merge pull request #7577 from mprse/ffdh_drivers
FFDH 3b: add driver testing (no TLS 1.3)
2023-06-01 10:26:08 +02:00
David Horstmann
57b5d22a9e Reword ChangeLog entry for consistency
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-05-31 14:36:41 +01:00
Robin Kastberg
925c9b826d
Create bugfix_iar_typo.txt
Changelog entry

Signed-off-by: Robin Kastberg <robin.kastberg@iar.com>
2023-05-26 16:06:44 +02:00
Dave Rodgman
1ae50aebb9 Update Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-25 09:46:34 +01:00
Dave Rodgman
a1f51c213c Fix Changelog formatting
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-24 13:02:18 +01:00
Dave Rodgman
a55e12c525 Add Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-24 12:15:26 +01:00
Dave Rodgman
b19b63a639 Changelog update
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-22 19:56:03 +01:00
Dave Rodgman
0805ad10b2 XOR perf improvements
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-19 11:48:10 +01:00
Andrzej Kurek
1bc7df2540 Add documentation and a changelog entry
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-05-17 15:23:56 -04:00
Tom Cosgrove
6d62faca8e Only include psa_pake_setup() and friends if some PAKE algorithms are required
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-05-12 12:36:24 +01:00
Przemek Stekiel
ea52e1a43f Add changelog entry (FFDH driver dispatch)
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-05-11 12:23:12 +02:00
Andrzej Kurek
199eab97e7 Add partial support for URI SubjectAltNames
Only exact matching without normalization is supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-05-10 09:57:19 -04:00
Yanray Wang
463351d824 ChangeLog: remove issue number as this is a new feature
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-05-10 18:10:03 +08:00
Yanray Wang
a30c72fc44 rewrite ChangeLog
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-05-10 10:13:39 +08:00
Gilles Peskine
97edeb4fb8
Merge pull request #6866 from mprse/extract-key-ids
Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2
2023-05-08 20:38:29 +02:00
Pol Henarejos
d06c6fc45b
Merge branch 'development' into sha3
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
2023-05-05 16:01:18 +02:00
Yanray Wang
d9bf370fbe add ChangeLog entry
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-05-05 16:28:35 +08:00
Jethro Beekman
0167244be4 Read and write X25519 and X448 private keys
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
Co-authored-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
Signed-off-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
2023-05-04 13:01:47 +02:00
Gilles Peskine
d3ca5e5897
Merge pull request #7328 from mprse/ec-jpake-fix1
Fix the JPAKE driver interface for user+peer
2023-05-02 20:42:25 +02:00
Gilles Peskine
53a9ac576d
Merge pull request #7443 from mprse/psa_init_in_programs
Init PSA in ssl and x509 programs
2023-04-28 12:49:11 +02:00
JonathanWitthoeft
2a878a85a6
Adjust ChangeLog
Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>
2023-04-26 19:00:46 -05:00
JonathanWitthoeft
9b265180cc
Make mbedtls_ecdsa_can_do definition unconditional
Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>
2023-04-26 16:09:28 -05:00
David Horstmann
b6ff8a2c4b Add ChangeLog entry for string-to-OID parsing
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-04-26 12:10:36 +01:00
Przemek Stekiel
6cec5e9d9e Add changelog entry (PSA initialization in sample programs)
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-24 08:03:30 +02:00
Gilles Peskine
935a987b2b
Merge pull request #7436 from AndrzejKurek/x509-verify-san-ip
x509 SAN IP parsing
2023-04-21 22:00:58 +02:00
Ronald Cron
f54762e498
Merge pull request #7415 from Harshal5/fix/declaration_of_mbedtls_ecdsa_sign_det_restartable_function
ecdsa: fix `-missing-prototypes` warning when `MBEDTLS_ECDSA_SIGN_ALT` is defined
2023-04-17 15:41:25 +02:00
harshal.patil
8c77644906 ecdsa: fix -missing-prototypes warning when MBEDTLS_ECDSA_SIGN_ALT is defined
- In `mbedtls/v3.4.0`, ECDSA restartable sign and verify functions (`ecdsa.c`) were made public.
- But the `mbedtls_ecdsa_sign_det_restartable` function prototype was declared in the file `ecdsa.h`,
  only when `MBEDTLS_ECDSA_SIGN_ALT` is not defined.

Signed-off-by: harshal.patil <harshal.patil@espressif.com>
2023-04-17 12:53:00 +05:30
Eugene K
3208b0b391 add IP SAN tests changes per mbedTLS standards
Signed-off-by: Eugene K <eugene.kobyakov@netfoundry.io>
2023-04-11 08:29:42 -04:00
Gilles Peskine
7c1c7ce90e
Merge pull request #7401 from AndrzejKurek/md-guards-missing
Add missing md.h includes
2023-04-11 09:32:17 +02:00
Ronald Cron
4d31496294 Update TLS 1.3 documentation and add change log
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Andrzej Kurek
468a99ed0b Add a changelog entry
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-04-06 03:04:15 -04:00
toth92g
d96027acd2 Correcting documentation issues:
- Changelog entry is Feature instead of API Change
- Correcting whitespaces around braces
- Also adding defensive mechanism to x509_get_subject_key_id
  to avoid malfunction in case of trailing garbage

Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:27 +02:00
toth92g
27f9e7815c Adding openssl configuration file and command to Makefile to be able to reproduce the certificate for testing Authority and Subject Key Id fields
Increasing heap memory size of SSL_Client2 and SSL_Server2, because the original value is not enough to handle some certificates. The AuthorityKeyId and SubjectKeyId are also parsed now increasing the size of some certificates

Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:27 +02:00