Manuel Pégourié-Gonnard
e1f3faf5bf
Remove temporary macros that are not needed
...
Those were only used for KEY_EXCHANGE_ECJPAKE, but had a much larger
scope than needed. We actually don't need those macros if we distinguish
between cases when expressing dependencies for this key exchange.
The remaining helper macros are all short lived.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:55:51 +01:00
Manuel Pégourié-Gonnard
61758e606e
Fix wrong dependency of ECJPAKE_C
...
It always uses MD now. (The "fall back" to PSA Crypto was only in the
1st iteration of driver-only hash support, before we changed the
architecture to make everything go through MD.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:44:22 +01:00
Manuel Pégourié-Gonnard
49f64b4cac
Fix dependency on low-level hash modules
...
None of the TLS code is calling low-level hash functions directly. So
the correct dependencies here are MD_CAN.
(I checked and this was the only occurrence.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:44:21 +01:00
Manuel Pégourié-Gonnard
7eb3f9a523
Simplify and fix dependency of MD_C on a hash
...
Simplify: let's take advantage of the MD_CAN macros instead of doing it
again ourselves.
Fix: SHA-3 was forgotten.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:44:21 +01:00
Manuel Pégourié-Gonnard
68608b2317
Remove redundant helper macros in check_config.h
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-02-08 12:44:19 +01:00
Tom Cosgrove
1dbfc8ad3c
Merge pull request #8790 from paul-elliott-arm/fix_ctr_drbg_comment
...
Fix confusing comment in ctr drbg thread test
2024-02-08 11:11:50 +00:00
Gilles Peskine
a3172d1e96
Inline the SHA3 parameters table into a switch
...
This saves a few bytes of code size.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-08 10:47:08 +01:00
Manuel Pégourié-Gonnard
b7307630bb
Merge pull request #8703 from valeriosetti/issue7765-guards-in-asn1
...
Conversion function between raw and DER ECDSA signatures (guards in ASN1)
2024-02-08 08:45:30 +00:00
Manuel Pégourié-Gonnard
7bf1e98f44
Merge pull request #8740 from valeriosetti/issue8647
...
Move RSA basic key parsing/writing to rsa.c
2024-02-08 08:35:42 +00:00
Tom Cosgrove
c8de362202
Merge pull request #8665 from ivq/reduce_static_mem
...
Reduce many unnecessary static memory consumption
2024-02-07 23:26:27 +00:00
Valerio Setti
1910390b4a
psa_util: improve leading zeros check in convert_der_to_raw_single_int()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 16:16:58 +01:00
Paul Elliott
bda577bb0b
Fix confusing comment in ctr drbg thread test
...
Make it clearer where the magic number chosen for entropy_len actually
comes from, and why we chose this value.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-02-07 15:13:46 +00:00
Dave Rodgman
9b272ac1c6
Merge pull request #8794 from daverodgman/pr-guidelines
...
Remind contributors not to force-push
2024-02-07 15:08:42 +00:00
Valerio Setti
ef07fa0fc3
test_suite_psa_crypto_util: add more test for raw->der
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 15:16:45 +01:00
Valerio Setti
affba30833
psa_util: update documentation for mbedtls_ecdsa_raw_to_der()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 15:03:33 +01:00
Manuel Pégourié-Gonnard
b02c0be06a
Merge pull request #8791 from gilles-peskine-arm/psa-legacy-bridges-ecdsa-bits-first
...
Update ECDSA signature conversion specification
2024-02-07 13:43:29 +00:00
Ryan Everett
a8082c43d5
Add MBEDTLS_CIPHER_C dependencies to new pkparse tests
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-07 13:31:19 +00:00
Paul Elliott
292b1dc1e1
Merge pull request #8789 from paul-elliott-arm/fix_tsan_gcc
...
Stop platform test failures with GCC and TSAN
2024-02-07 11:32:39 +00:00
Dave Rodgman
2a6593bbb6
Slightly soften force-push suggestion
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-07 11:05:47 +00:00
Dave Rodgman
c1a4d1f09a
Remove comments about rebasing vs merging; link to longer RTD document
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-07 11:04:14 +00:00
Dave Rodgman
2840523ae4
Remind contributors not to force-push
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-02-07 10:42:41 +00:00
Gilles Peskine
3f557ad59c
Wording improvement
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-07 11:22:16 +01:00
Manuel Pégourié-Gonnard
1d7bc1ecdf
Merge pull request #8717 from valeriosetti/issue8030
...
PSA FFDH: feature macros for parameters
2024-02-07 10:06:03 +00:00
Dave Rodgman
57a0957938
Merge pull request #8788 from daverodgman/old-gcc-alignment-bug
...
Change unaligned access method for old gcc
2024-02-07 09:31:45 +00:00
Valerio Setti
447bbce8b4
rsa: remove unnecessary check in priv/pub key parsing
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-07 08:02:03 +01:00
Gilles Peskine
30a303f1a8
ECDSA signature conversion: put bits first
...
Metadata, then inputs, then outputs.
https://github.com/Mbed-TLS/mbedtls/pull/8703#discussion_r1474697136
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-06 19:45:11 +01:00
Paul Elliott
e053cb2f12
Stop platform test failures with GCC and TSAN
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2024-02-06 18:10:43 +00:00
Gilles Peskine
8bdd8cdc4f
Merge pull request #8729 from adeaarm/crypto_struct_client_view
...
Add a client view of the multipart contexts
2024-02-06 17:29:55 +00:00
Gilles Peskine
f45589b492
Merge pull request #8198 from silabs-Kusumit/kdf_incorrect_initial_capacity
...
KDF incorrect initial capacity
2024-02-06 17:29:43 +00:00
Gilles Peskine
137e0c1a02
Merge pull request #8761 from valeriosetti/issue4681
...
Re-introduce enum-like checks from CHECK_PARAMS
2024-02-06 17:29:38 +00:00
Gilles Peskine
fb7001f15b
Merge pull request #8738 from gilles-peskine-arm/pk_import_into_psa-use_usage
...
Implement mbedtls_pk_get_psa_attributes
2024-02-06 17:28:54 +00:00
Ryan Everett
a76a0011ab
Remove mutex calls in psa_wipe_all_key_slots
...
Code size and code style improvement, these calls aren't needed.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-02-06 16:45:54 +00:00
Valerio Setti
1810fd9ac8
add changelog
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 17:03:32 +01:00
Valerio Setti
bb76f80218
pk_wrap: use proper raw buffer length in ecdsa_sign_psa()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 16:57:23 +01:00
Valerio Setti
cf81f69977
psa_util: smarter raw length check in mbedtls_ecdsa_raw_to_der()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 16:57:12 +01:00
Dave Rodgman
91d5fde944
Merge pull request #8745 from adeaarm/trail_key_id_field
...
Put the id field at the end of the psa_key_attributes_s structure
2024-02-06 15:55:56 +00:00
Valerio Setti
6269f3baf4
Revert "psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()"
...
This reverts commit d4fc5d9d1c
.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 16:55:18 +01:00
Ronald Cron
2261ab298f
tests: early data status: Add HRR scenario
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
d6dba675b8
tests: early data status: Add "server rejects" scenario
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
265273e8b3
tests: early data status: Add "not sent" scenario
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
5c208d7daf
tests: ssl: Add scenario param to early data status testing function
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
a7f94e49a8
tests: ssl: Add early data status unit test
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
90e223364c
tls13: cli: Refine early data status
...
The main purpose of the change is to
know from the status, at any point in
the handshake, if early data can be
sent or not and why.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
fe59ff794d
tls13: Send dummy CCS only once
...
Fix cases where the client was sending
two CCS, no harm but better to send only one.
Prevent to send even more CCS when early data
are involved without having to add conditional
state transitions.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
bfcdc069ef
tests: ssl: Use get TLS 1.3 ticket helper for early data test
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
1f6e4e4a49
tests: ssl: Add helper function to get a TLS 1.3 ticket
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
ced99be007
tests: ssl: Add early data handshake option
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
b4ad3e750b
tests: ssl: First reset to all zeroes options in init
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Ronald Cron
fb53647b0b
tests: ssl: Move group list to options
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-02-06 16:43:33 +01:00
Valerio Setti
2b6a7b37f4
suite_psa_crypto_util: use 521 bits data and bit-size instead of 528
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-02-06 16:21:44 +01:00