Gilles Peskine
97edeb4fb8
Merge pull request #6866 from mprse/extract-key-ids
...
Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2
2023-05-08 20:38:29 +02:00
Valerio Setti
92da2a79aa
pk: improve description for the next opaque ID field
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-05 12:31:23 +02:00
Valerio Setti
4f387ef277
pk: use better naming for the new key ID field
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-05 10:59:32 +02:00
Valerio Setti
e00954d0ed
pk: store opaque key ID directly in the pk_context structure
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-05-05 10:57:26 +02:00
Jethro Beekman
0167244be4
Read and write X25519 and X448 private keys
...
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
Co-authored-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
Signed-off-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
2023-05-04 13:01:47 +02:00
Gilles Peskine
d3ca5e5897
Merge pull request #7328 from mprse/ec-jpake-fix1
...
Fix the JPAKE driver interface for user+peer
2023-05-02 20:42:25 +02:00
Manuel Pégourié-Gonnard
8e076e4132
Merge pull request #6915 from aditya-deshpande-arm/example-driver-post-codestyle
...
Document (with examples) how to integrate a third-party driver with Mbed TLS
2023-05-02 12:13:42 +02:00
Manuel Pégourié-Gonnard
f317df98ea
Merge pull request #7461 from valeriosetti/issue7460-part1
...
Fixing USE_PSA_INIT/DONE in SSL/X509/PK test suites
2023-05-02 10:44:13 +02:00
Aditya Deshpande
f100f00679
Add warnings to documentation stating that p256-m code may be out of date with upstream, plus other minor grammatical fixes.
...
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2023-04-28 17:54:15 +01:00
Aditya Deshpande
bac592d53e
Remove rand() from p256_generate_random() and move to an implementation based on mbedtls_ctr_drbg
...
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2023-04-28 17:54:15 +01:00
Aditya Deshpande
e41f7e457f
Integrate p256-m as an example driver alongside Mbed TLS and write documentation for the example.
...
(Reapplying changes as one commit on top of development post codestyle change instead of rewriting old branch)
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2023-04-28 17:54:09 +01:00
Dave Rodgman
98062a7c5d
Merge pull request #7316 from yuhaoth/pr/Add-msvc-support-for-aesce-module
...
Add msvc support for AESCE
2023-04-26 21:27:08 +01:00
Jerry Yu
a1a039dba6
Improve minimum compiler versions document
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-04-26 10:21:42 +08:00
Przemek Stekiel
aede2ad554
Optimize code (pake role type, freeing buffers)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-25 14:30:34 +02:00
Przemek Stekiel
6e628a4e7b
Add undfined role for ec j-pake
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-25 13:11:36 +02:00
Jerry Yu
f015a93f98
Add msvc version document
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-04-25 10:38:03 +08:00
valerio
cf35d774fe
doc: update USE_PSA_CRYPTO description
...
Signed-off-by: valerio <valerio.setti@nordicsemi.no>
2023-04-24 13:47:18 +02:00
Gilles Peskine
935a987b2b
Merge pull request #7436 from AndrzejKurek/x509-verify-san-ip
...
x509 SAN IP parsing
2023-04-21 22:00:58 +02:00
Jerry Yu
a7d454cec2
Remove unnecessary check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-04-20 10:32:38 +08:00
Paul Elliott
4359badbb2
Merge pull request #7331 from mprse/ec-jpake-fix2
...
PSA PAKE: Check input_length against PSA_PAKE_INPUT_SIZE() in psa_pake_input
2023-04-17 16:31:09 +01:00
Ronald Cron
f54762e498
Merge pull request #7415 from Harshal5/fix/declaration_of_mbedtls_ecdsa_sign_det_restartable_function
...
ecdsa: fix `-missing-prototypes` warning when `MBEDTLS_ECDSA_SIGN_ALT` is defined
2023-04-17 15:41:25 +02:00
Przemek Stekiel
7921a03425
Add claryfication for PSA_PAKE_INPUT/OUTPUT_MAX_SIZE macros
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-17 12:32:06 +02:00
harshal.patil
8c77644906
ecdsa: fix -missing-prototypes
warning when MBEDTLS_ECDSA_SIGN_ALT
is defined
...
- In `mbedtls/v3.4.0`, ECDSA restartable sign and verify functions (`ecdsa.c`) were made public.
- But the `mbedtls_ecdsa_sign_det_restartable` function prototype was declared in the file `ecdsa.h`,
only when `MBEDTLS_ECDSA_SIGN_ALT` is not defined.
Signed-off-by: harshal.patil <harshal.patil@espressif.com>
2023-04-17 12:53:00 +05:30
Manuel Pégourié-Gonnard
ed5998cd7d
Merge pull request #7422 from valeriosetti/remove-psa-have-full-symbols
...
Remove PSA_HAVE_FULL_xxx symbols
2023-04-17 09:19:00 +02:00
Stephan Koch
48fba6fbac
Fix so that PSA_WANT_ALG_DETERMINISTIC_ECDSA implies PSA_HAVE_FULL_ECDSA.
...
Signed-off-by: Stephan Koch <koch@oberon.ch>
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-14 13:41:10 +02:00
Glenn Strauss
c26bd76020
x509 crt verify SAN iPAddress
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2023-04-11 08:29:42 -04:00
Valerio Setti
6b006c126b
remove KEY_TYPE_ECC_PUBLIC_KEY unnecessary requirement
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 12:02:19 +02:00
Valerio Setti
6c496a1553
solve disparities for ECP_LIGHT between ref/accel
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 11:33:50 +02:00
Valerio Setti
151bdf9668
build_info: fixed comment
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 11:33:50 +02:00
Valerio Setti
d4a5d461de
library: add remaining changes for the new ECP_LIGHT symbol
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 11:33:50 +02:00
Valerio Setti
0d2980f117
pk: adapt to new ECP_LIGHT symbol
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 11:33:50 +02:00
Valerio Setti
fd122f4e95
ecp: introduce new ECP_LIGHT symbol
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 11:33:50 +02:00
Valerio Setti
969e206e28
remove PSA_HAVE_FULL_JPAKE symbol
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 10:55:25 +02:00
Valerio Setti
6f66664ed6
remove PSA_HAVE_FULL_ECDSA symbol
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 10:54:22 +02:00
Valerio Setti
48859cc7d8
remove PSA_HAVE_FULL_ECDH symbol
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-11 10:50:47 +02:00
Gilles Peskine
7c1c7ce90e
Merge pull request #7401 from AndrzejKurek/md-guards-missing
...
Add missing md.h includes
2023-04-11 09:32:17 +02:00
Gilles Peskine
c9e8a65d06
Merge pull request #7298 from lpy4105/issue/6840/add-cache-entry-removal-api
...
ssl_cache: misc improvements
2023-04-11 09:30:40 +02:00
Pengyu Lv
723ac268e7
ssh_cache: Add back description of other errors for cache getter
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-04-11 09:19:08 +08:00
Pengyu Lv
e3746d7ce6
ssl_cache: Error renaming and document improvement
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-04-10 14:40:03 +08:00
Ronald Cron
b828c7d3de
Fix, improve and add comments
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Ronald Cron
8a12aeec93
tls: Initialize SSL context tls_version in mbedtls_ssl_setup()
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Przemek Stekiel
21903ec860
Fix after rebase
...
Handle manually functions that have been moved to different locations.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-04 17:48:28 +02:00
Przemek Stekiel
8a13866f65
Remove parsing of rfc822Name
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-04 17:48:28 +02:00
Przemek Stekiel
9a511c5bdf
Rename back mbedtls_x509_parse_general_name->mbedtls_x509_parse_subject_alt_name
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-04 17:48:28 +02:00
toth92g
8d435a0c8b
Renaming x509_get_subject_alt_name to x509_get_general_names and mbedtls_x509_parse_subject_alt_name to mbedtls_x509_parse_general_name so they can be used not only to collect subject alt name, but the V3 authority cert issuer that is also GeneralName type.
...
Also updated the x509_get_general_names function to be able to parse rfc822Names
Test are also updated according these changes.
Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:28 +02:00
toth92g
a41954d0cf
Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions. Updating mbedtls_x509_crt_free function to also free the new dynamic elements (issuer field of AuthorityKeyId).
...
A few tests are also added which test the feature with a correct certificate and multiple ones with erroneous ASN1 tags.
Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:27 +02:00
Andrzej Kurek
1b75e5f784
Add missing md.h includes
...
MBEDTLS_MD_CAN_SHAXXX are defined there.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-04-04 09:55:06 -04:00
Ronald Cron
219f978097
Merge pull request #7059 from ronald-cron-arm/psa-crypto-misc
...
PSA cryptography miscellaneous
2023-04-04 10:54:03 +02:00
Manuel Pégourié-Gonnard
86d5d4bf31
Merge pull request #7103 from valeriosetti/issue6622
...
Some MAX_SIZE macros are too small when PSA ECC is accelerated
2023-04-03 16:23:27 +02:00
Dave Rodgman
dd48c6e3df
Merge pull request #7385 from daverodgman/timing_alignment
...
Fix cast alignment warning in timing.c
2023-03-31 19:48:34 +01:00