yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
24610 commits 1 branch 0 tags 94 MiB
Commit graph

5895 commits

Author SHA1 Message Date
Gilles Peskine
935a987b2b
Merge pull request #7436 from AndrzejKurek/x509-verify-san-ip 
x509 SAN IP parsing
 2023-04-21 22:00:58 +02:00
Paul Elliott
4359badbb2
Merge pull request #7331 from mprse/ec-jpake-fix2 
PSA PAKE: Check input_length against PSA_PAKE_INPUT_SIZE() in psa_pake_input
 2023-04-17 16:31:09 +01:00
Ronald Cron
f54762e498
Merge pull request #7415 from Harshal5/fix/declaration_of_mbedtls_ecdsa_sign_det_restartable_function 
ecdsa: fix `-missing-prototypes` warning when `MBEDTLS_ECDSA_SIGN_ALT` is defined
 2023-04-17 15:41:25 +02:00
Przemek Stekiel
7921a03425 Add claryfication for PSA_PAKE_INPUT/OUTPUT_MAX_SIZE macros 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-04-17 12:32:06 +02:00
harshal.patil
8c77644906 ecdsa: fix -missing-prototypes warning when MBEDTLS_ECDSA_SIGN_ALT is defined 
- In `mbedtls/v3.4.0`, ECDSA restartable sign and verify functions (`ecdsa.c`) were made public.
- But the `mbedtls_ecdsa_sign_det_restartable` function prototype was declared in the file `ecdsa.h`,
  only when `MBEDTLS_ECDSA_SIGN_ALT` is not defined.

Signed-off-by: harshal.patil <harshal.patil@espressif.com>
 2023-04-17 12:53:00 +05:30
Manuel Pégourié-Gonnard
ed5998cd7d
Merge pull request #7422 from valeriosetti/remove-psa-have-full-symbols 
Remove PSA_HAVE_FULL_xxx symbols
 2023-04-17 09:19:00 +02:00
Stephan Koch
48fba6fbac Fix so that PSA_WANT_ALG_DETERMINISTIC_ECDSA implies PSA_HAVE_FULL_ECDSA. 
Signed-off-by: Stephan Koch <koch@oberon.ch>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-14 13:41:10 +02:00
Glenn Strauss
c26bd76020 x509 crt verify SAN iPAddress 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2023-04-11 08:29:42 -04:00
Valerio Setti
6b006c126b remove KEY_TYPE_ECC_PUBLIC_KEY unnecessary requirement 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-11 12:02:19 +02:00
Valerio Setti
6c496a1553 solve disparities for ECP_LIGHT between ref/accel 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-11 11:33:50 +02:00
Valerio Setti
151bdf9668 build_info: fixed comment 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-11 11:33:50 +02:00
Valerio Setti
d4a5d461de library: add remaining changes for the new ECP_LIGHT symbol 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-11 11:33:50 +02:00
Valerio Setti
0d2980f117 pk: adapt to new ECP_LIGHT symbol 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-11 11:33:50 +02:00
Valerio Setti
fd122f4e95 ecp: introduce new ECP_LIGHT symbol 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-11 11:33:50 +02:00
Valerio Setti
969e206e28 remove PSA_HAVE_FULL_JPAKE symbol 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-11 10:55:25 +02:00
Valerio Setti
6f66664ed6 remove PSA_HAVE_FULL_ECDSA symbol 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-11 10:54:22 +02:00
Valerio Setti
48859cc7d8 remove PSA_HAVE_FULL_ECDH symbol 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-04-11 10:50:47 +02:00
Gilles Peskine
7c1c7ce90e
Merge pull request #7401 from AndrzejKurek/md-guards-missing 
Add missing md.h includes
 2023-04-11 09:32:17 +02:00
Gilles Peskine
c9e8a65d06
Merge pull request #7298 from lpy4105/issue/6840/add-cache-entry-removal-api 
ssl_cache: misc improvements
 2023-04-11 09:30:40 +02:00
Pengyu Lv
723ac268e7 ssh_cache: Add back description of other errors for cache getter 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-04-11 09:19:08 +08:00
Pengyu Lv
e3746d7ce6 ssl_cache: Error renaming and document improvement 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-04-10 14:40:03 +08:00
Ronald Cron
b828c7d3de Fix, improve and add comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:18 +02:00
Ronald Cron
8a12aeec93 tls: Initialize SSL context tls_version in mbedtls_ssl_setup() 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:18 +02:00
Andrzej Kurek
1b75e5f784 Add missing md.h includes 
MBEDTLS_MD_CAN_SHAXXX are defined there.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-04 09:55:06 -04:00
Ronald Cron
219f978097
Merge pull request #7059 from ronald-cron-arm/psa-crypto-misc 
PSA cryptography miscellaneous
 2023-04-04 10:54:03 +02:00
Manuel Pégourié-Gonnard
86d5d4bf31
Merge pull request #7103 from valeriosetti/issue6622 
Some MAX_SIZE macros are too small when PSA ECC is accelerated
 2023-04-03 16:23:27 +02:00
Dave Rodgman
dd48c6e3df
Merge pull request #7385 from daverodgman/timing_alignment 
Fix cast alignment warning in timing.c
 2023-03-31 19:48:34 +01:00
Dave Rodgman
33b2210065 Fix cast alignment warning in timing.c 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-03-31 15:50:54 +01:00
Dave Rodgman
b8f5ba826b
Merge pull request #6891 from yuhaoth/pr/add-milliseconds-platform-function 
Add milliseconds platform time function
 2023-03-31 11:47:37 +01:00
Ronald Cron
789cef87f8 Fix documentation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-03-31 09:07:57 +02:00
Ronald Cron
135f2ae312 Pacify doxygen.sh 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-03-31 09:07:57 +02:00
Ronald Cron
f6236f032a psa: Introduce psa/build_info.h 
The PSA cryptography repository is based to
start with on the PSA cryptography implementation
in Mbed TLS but with a different directority
structure, build system and build configuration.

The build-time configuration information in the
PSA cryptography repository is psa/build_info.h.
This commit introduces this file in Mbed TLS to
be used in place of mbedtls/build_info.h (but
basically just an alias to it) in PSA headers.
This is to ease the update of the PSA cryptography
repository.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-03-31 09:07:57 +02:00
Ronald Cron
e6e6b75ad3 psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option 
The support for the PSA crypto driver interface
is not optional anymore as the implementation of
the PSA cryptography interface has been restructured
around the PSA crypto driver interface (see
psa-crypto-implementation-structure.md). There is
thus no purpose for the configuration options
MBEDTLS_PSA_CRYPTO_DRIVERS anymore.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-03-31 09:07:54 +02:00
Ronald Cron
2f10fceccd psa: include: Move key derivation builtin and driver contexts 
Move key derivation builtin and driver contexts
to specific header files as key derivation
contexts depend both on primitive and composite
crypto algorithms contexts.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-03-31 09:01:45 +02:00
Ronald Cron
e7cde181ea psa: include: Move some Mbed TLS headers 
The structures related to CMAC, GCM, CCM and
CHACHAPOLY operations are defined in
crypto_builtin_composites.h not in
crypto_struct.h. Thus move the cmac.h, gcm.h,
ccm.h and chachapoly.h header inclusions from
crypto_struct.h to crypto_builtin_composites.h.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-03-31 09:01:45 +02:00
Ronald Cron
fe8e135816 psa: Remove unnecessary headers 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-03-31 09:01:45 +02:00
Paul Elliott
03d557db35
Merge pull request #6900 from AndrzejKurek/san-dirname 
Add support for directoryName subjectAltName
 2023-03-30 18:37:26 +01:00
Manuel Pégourié-Gonnard
0ab380a8ae
Merge pull request #7354 from mpg/ecc-doc-update 
Ecc doc update
 2023-03-30 15:38:47 +02:00
Manuel Pégourié-Gonnard
9463e780c6 Fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-30 09:37:39 +02:00
Manuel Pégourié-Gonnard
59b61da7c4 Fix dependency check for TLS 1.3 ECDH 
This part is specific to 1.3 and directly calls PSA APIs regardless of
whether MBEDTLS_USE_PSA_CRYPTO is defined, so use PSA_WANT. Note: the
code is already using PSA_WANT everywhere in ssl_tls13*.c.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-30 09:35:41 +02:00
Andrzej Kurek
c27ba3a531 Clarify SAN structure memory management 
Co-authored-by: David Horstmann <david.horstmann@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-29 11:41:34 -04:00
Andrzej Kurek
8bc128eca7 Add missing information about supported subjectAltName types 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-29 11:40:38 -04:00
Andrzej Kurek
5f0c6e82fb Add missing deallocation of subject alt name 
Since mbedtls_x509_get_name allocates memory
when parsing a directoryName, deallocation
has to be performed if anything fails in the
meantime.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-29 11:40:38 -04:00
Andrzej Kurek
d40c2b65a6 Introduce proper memory management for SANs 
DirectoryName parsing performs allocation that has to be handled.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-29 11:03:01 -04:00
Andrzej Kurek
e12b01d31b Add support for directoryName subjectAltName 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-03-29 11:03:01 -04:00
Dave Rodgman
05c5a91514
Merge pull request #7307 from Mbed-TLS/sphinx-versioned-documentation 
Generate API documentation with Sphinx and Breathe
 2023-03-29 12:01:59 +01:00
Manuel Pégourié-Gonnard
4fa702ae79 Update documented dependencies on ECC algs 
Previous PRs update check_config.h correctly, but forgot the
documentation in mbedtls_config.h.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-29 12:19:41 +02:00
Manuel Pégourié-Gonnard
93b21e74f9 Update documentation to mention ECC drivers 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-29 10:30:26 +02:00
Valerio Setti
ee9fa46111 check_config: add helper symbol for SECP256R1 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-29 10:28:39 +02:00
Valerio Setti
1a6d96f59e test: use full config as test starting point and solve issues 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-03-29 10:28:06 +02:00