mbedtls

Author	SHA1	Message	Date
Tom Cosgrove	bc5d9165ae	Merge pull request #8554 from yanrayw/issue/8221/fix-tls-suiteB-profile TLS: remove RSA signature algorithms in `suite B` profile	2024-01-12 14:34:28 +00:00
Tom Cosgrove	f1ba1933cf	Merge pull request #8526 from yanrayw/issue/7011/send_record_size_limit_ext TLS1.3: SRV/CLI: add support for sending Record Size Limit extension	2024-01-12 13:39:15 +00:00
Manuel Pégourié-Gonnard	eeb96ac9fe	Merge pull request #8433 from yuhaoth/pr/add-deprecated-flag-for-sig_hashes-api Add deprecated flag in document for sig_hashes	2024-01-11 09:33:10 +00:00
Waleed Elmelegy	09561a7575	Add MBEDTLS_SSL_RECORD_SIZE_LIMIT to config_adjust_ssl.h Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:28 +00:00
Tom Cosgrove	3a6059beca	Merge pull request #7455 from KloolK/record-size-limit/comply-with-limit Comply with the received Record Size Limit extension	2024-01-09 15:22:17 +00:00
Manuel Pégourié-Gonnard	454ab28be5	Merge pull request #8668 from gilles-peskine-arm/asymmetric_key_data-secpr1 Fix incorrect test data for SECP_R1 in automatically generated tests	2024-01-09 09:21:14 +00:00
Valerio Setti	d5cab81405	mbedtls_config: update documentation for CIPHER_C and CRYPTO_C Adding auto-enablement sections. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 07:23:33 +01:00
Valerio Setti	9772642b8c	adjust_legacy_crypto: auto-enable CIPHER_C when any builtin cipher is enabled in PSA Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-09 07:23:33 +01:00
Valerio Setti	1aaffec7cf	Revert "check_config: add check for PSA builtin unauthenticated ciphers" This reverts commit d5d99e800a0d648e976a28819ab8709daabcab9b. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-08 16:57:18 +01:00
Valerio Setti	c95ab2a1a0	mbedtls_config: extend documentation for MBEDTLS_PSA_CRYPTO_C Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-08 16:57:18 +01:00
Valerio Setti	95c32973f9	check_config: add check for PSA builtin unauthenticated ciphers Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-08 16:57:18 +01:00
Manuel Pégourié-Gonnard	4aad0ff510	Merge pull request #8632 from valeriosetti/issue8598 [G5] Make block_cipher work with PSA	2024-01-08 08:07:53 +00:00
Manuel Pégourié-Gonnard	5bad043c06	Merge pull request #8641 from valeriosetti/issue8358 G3-G4 wrap-up	2024-01-04 10:48:00 +00:00
Gilles Peskine	44d557c52d	Indicate which curves Mbed TLS supports Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-03 20:59:38 +01:00
Gilles Peskine	6e2069661e	Note unusual curve size Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-03 20:59:03 +01:00
Gilles Peskine	2a22dac694	Fix typo in curve name Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-03 20:58:55 +01:00
Dave Rodgman	1cc90a1003	Merge pull request #8517 from mschulz-at-hilscher/fixes/issue-6910 Fixes redundant declarations for psa_set_key_domain_parameters	2024-01-02 16:34:40 +00:00
Valerio Setti	6315441be7	adjust_legacy_from_psa: relax condition for legacy block cipher auto-enabling CCM/GCM can be either fully accelerated or rely on just the key type being accelerated. This means that ultimately it is just the key type which determines if the legacy block cipher modes need to be auto-enabled or not. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-02 17:21:01 +01:00
Valerio Setti	e581e140cc	oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C This commit also updates test_suite_pkparse.data file adding MBEDTLS_CIPHER_C dependencies whenever PKCS[5/12] is used. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-29 16:35:58 +01:00
Valerio Setti	1994e72e18	check_config/block_cipher: minor improvements Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-28 18:33:04 +01:00
Valerio Setti	e98ad5931a	mbedls_config: update documentation for MBEDTLS_PKCS[5/12]_C Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-28 10:42:12 +01:00
Valerio Setti	6d3a68162c	check_config: remove CIPHER_C requirement for PKCS[5/12] Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-21 16:40:03 +01:00
Valerio Setti	a69e872001	pkcs[5/12]: add CIPHER_C for [en/de]crypting functions This commit also updates corresponding test suites. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-21 16:39:04 +01:00
Waleed Elmelegy	049cd302ed	Refactor record size limit extension handling Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-20 17:28:31 +00:00
Tomi Fontanilles	851d8df58d	fix/work around dependency issues when !MBEDTLS_ECP_C Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>	2023-12-20 13:09:27 +02:00
Tomi Fontanilles	bad170e159	pk: remove last references to MBEDTLS_PSA_CRYPTO_C They are replaced by MBEDTLS_USE_PSA_CRYPTO. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 12:59:57 +02:00
Tomi Fontanilles	8174662b64	pk: implement non-PSA mbedtls_pk_sign_ext() This makes the function always available with its its implementation depending on MBEDTLS_USE_PSA_CRYPTO. Related dependencies and tests are updated as well. Fixes #7583. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 12:59:57 +02:00
Tomi Fontanilles	a70b3c24f6	rsa: minor comment/guard improvements This brings some improvements to comments/ function prototypes that relate to PKCS#1. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 12:59:57 +02:00
Valerio Setti	689c0f71cb	tests: use new CCM/GCM capability macros in tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-20 09:54:18 +01:00
Valerio Setti	bfa675fe48	adjust_legacy_crypto: add macros for CCM/GCM capabilities with key types Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-20 09:52:08 +01:00
Gilles Peskine	1a9e05bf08	Note that domain parameters are not supported with drivers Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-19 12:23:22 +01:00
Gilles Peskine	5ad9539363	Remove DSA and DH domain parameters from the documentation Mbed TLS doesn't support DSA at all, and doesn't support domain parameters for FFDH (only predefined groups). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-19 12:22:46 +01:00
Gilles Peskine	9deb54900e	Document the domain_parameters_size==SIZE_MAX hack It was introduced in https://github.com/Mbed-TLS/mbedtls/pull/8616 but not documented. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-12-18 21:01:18 +01:00
Bence Szépkúti	a085fa8ccf	Merge pull request #8627 from tom-cosgrove-arm/ip_len Avoid use of `ip_len` as it clashes with a macro in AIX system headers	2023-12-18 02:03:17 +00:00
Valerio Setti	4ff405cf80	block_cipher: remove psa_key_type from mbedtls_block_cipher_context_t This information was redundant with the already existing mbedtls_block_cipher_id_t. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-15 16:10:52 +01:00
Valerio Setti	bd7528a592	ccm/gcm: use BLOCK_CIPHER whenever possible Prefer BLOCK_CIPHER instead of CIPHER_C whenever it's enabled. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	4a5d57d225	adjust_legacy_crypto: enable BLOCK_CIPHER also when a driver is available As a consequence BLOCK_CIPHER will be enabled when: - CIPHER_C is not defined - a proper driver is present for one of AES, ARIA and/or Camellia key types Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	2684e3f2e3	config_adjust_legacy_crypto: fix typo Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	291571b447	block_cipher: add MBEDTLS_PRIVATE to new PSA fields in mbedtls_block_cipher_context_t Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	849a1abfdd	block_cipher: remove useless use of psa_cipher_operation_t Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	4bc7fac99a	crypto_builtin_composites: add missing guards for includes Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	c0f9bbca2c	check_config: use new helpers for legacy GCM_C/CCM_C Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	8bba087fe1	adjust_legacy_crypto: add helpers for block ciphers capabilities Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Valerio Setti	c1db99d3f5	block_cipher: add PSA dispatch if possible "if possible" means: - PSA has been initialized - requested key type is available in PSA Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00
Joakim Andersson	b349108b99	library: Move mbedtls_ecc helper functions to psa_util Move the mbedtls_ecc helper functions from psa_core to psa_util. These files are not implemented as part of the PSA API and should not be part of the PSA crypto implementation. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>	2023-12-14 13:55:11 +01:00
Tom Cosgrove	656d4b3c74	Avoid use of `ip_len` as it clashes with a macro in AIX system headers Fixes #8624 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-12-08 21:51:15 +00:00
Gilles Peskine	57e401b39f	Merge pull request #8521 from valeriosetti/issue8441 [G4] Make CTR-DRBG fall back on PSA when AES not built in	2023-12-06 18:25:44 +00:00
Waleed Elmelegy	9aec1c71f2	Add record size checking during handshake Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-06 15:18:15 +00:00
Jan Bruckner	f482dcc6c7	Comply with the received Record Size Limit extension Fixes #7010 Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-12-06 15:18:08 +00:00
Ronald Cron	40f3f1c36f	Merge pull request #7058 from yuhaoth/pr/tls13-early-data-parsing-0-rtt-data TLS 1.3 EarlyData SRV: Parsing 0-RTT data	2023-12-06 06:47:32 +00:00

1 2 3 4 5 ...

6605 commits