Manuel Pégourié-Gonnard
4aad0ff510
Merge pull request #8632 from valeriosetti/issue8598
...
[G5] Make block_cipher work with PSA
2024-01-08 08:07:53 +00:00
Valerio Setti
98f5db9fca
psa_util: fix typo in comment
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-05 18:17:38 +01:00
Manuel Pégourié-Gonnard
5bad043c06
Merge pull request #8641 from valeriosetti/issue8358
...
G3-G4 wrap-up
2024-01-04 10:48:00 +00:00
Gilles Peskine
44d557c52d
Indicate which curves Mbed TLS supports
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-03 20:59:38 +01:00
Gilles Peskine
6e2069661e
Note unusual curve size
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-03 20:59:03 +01:00
Gilles Peskine
2a22dac694
Fix typo in curve name
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-03 20:58:55 +01:00
Gilles Peskine
39b7bba8a0
Make input parameter const
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 17:56:54 +01:00
Dave Rodgman
1cc90a1003
Merge pull request #8517 from mschulz-at-hilscher/fixes/issue-6910
...
Fixes redundant declarations for psa_set_key_domain_parameters
2024-01-02 16:34:40 +00:00
Valerio Setti
6315441be7
adjust_legacy_from_psa: relax condition for legacy block cipher auto-enabling
...
CCM/GCM can be either fully accelerated or rely on just the key type
being accelerated. This means that ultimately it is just the key
type which determines if the legacy block cipher modes need to
be auto-enabled or not.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 17:21:01 +01:00
Valerio Setti
3d2e0f5f42
psa_util: add algorithm's availability checks for MD conversion functions
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 14:57:47 +01:00
Valerio Setti
45c3cae8a5
md: move PSA conversion functions from md_psa.h to psa_util.h
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 13:26:04 +01:00
Valerio Setti
e581e140cc
oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C
...
This commit also updates test_suite_pkparse.data file adding
MBEDTLS_CIPHER_C dependencies whenever PKCS[5/12] is used.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 16:35:58 +01:00
Valerio Setti
1994e72e18
check_config/block_cipher: minor improvements
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 18:33:04 +01:00
Valerio Setti
e98ad5931a
mbedls_config: update documentation for MBEDTLS_PKCS[5/12]_C
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 10:42:12 +01:00
Benson Liou
6d0a093582
use mbedtls_ssl_session_init() to init session variable
...
Use mbedtls_ssl_session_init() to init variable just like
session-family APIs described
Signed-off-by: Benson Liou <benson.liou@sony.com>
2023-12-27 22:03:24 +08:00
Gilles Peskine
62e33bcc64
New function mbedtls_ecp_write_public_key
...
Directly export the public part of a key pair without having to go through
intermediate objects (using mbedtls_ecp_point_write_binary would require a
group object and a point object).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-24 15:23:19 +01:00
Gilles Peskine
ad5e437c8e
mbedtls_ecp_read_key: explain how to set the public key
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-24 15:23:19 +01:00
Gilles Peskine
7ea72026cd
New function mbedtls_ecp_keypair_calc_public
...
For when you calculate or import a private key, and then need to calculate
the public key.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
28240323d3
New function mbedtls_ecp_set_public_key
...
Set the public key in a key pair. This complements mbedtls_ecp_read_key and
the functions can be used in either order.
Document the need to call check functions separately.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
091a85a762
Promise mbedtls_ecp_read_key doesn't overwrite the public key
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
ba5b5d67aa
Support partial export from mbedtls_ecp_keypair
...
Sometimes you don't need to have all the parts of a key pair object. Relax
the behavior of mbedtls_ecp_keypair so that you can extract just the parts
that you need.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Gilles Peskine
e6886102ef
New function mbedtls_ecp_keypair_get_group_id
...
Add a simple function to get the group id from a key object.
This information is available via mbedtls_ecp_export, but that function
consumes a lot of memory, which is a waste if all you need is to identify
the curve.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 21:30:03 +01:00
Valerio Setti
6d3a68162c
check_config: remove CIPHER_C requirement for PKCS[5/12]
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-21 16:40:03 +01:00
Valerio Setti
a69e872001
pkcs[5/12]: add CIPHER_C for [en/de]crypting functions
...
This commit also updates corresponding test suites.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-21 16:39:04 +01:00
Waleed Elmelegy
049cd302ed
Refactor record size limit extension handling
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-20 17:28:31 +00:00
Tomi Fontanilles
851d8df58d
fix/work around dependency issues when !MBEDTLS_ECP_C
...
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
2023-12-20 13:09:27 +02:00
Tomi Fontanilles
bad170e159
pk: remove last references to MBEDTLS_PSA_CRYPTO_C
...
They are replaced by MBEDTLS_USE_PSA_CRYPTO.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Tomi Fontanilles
8174662b64
pk: implement non-PSA mbedtls_pk_sign_ext()
...
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.
Related dependencies and tests are updated as well.
Fixes #7583 .
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Tomi Fontanilles
a70b3c24f6
rsa: minor comment/guard improvements
...
This brings some improvements to comments/
function prototypes that relate to PKCS#1.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
2023-12-20 12:59:57 +02:00
Valerio Setti
689c0f71cb
tests: use new CCM/GCM capability macros in tests
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 09:54:18 +01:00
Valerio Setti
bfa675fe48
adjust_legacy_crypto: add macros for CCM/GCM capabilities with key types
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 09:52:08 +01:00
Gilles Peskine
1a9e05bf08
Note that domain parameters are not supported with drivers
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-19 12:23:22 +01:00
Gilles Peskine
5ad9539363
Remove DSA and DH domain parameters from the documentation
...
Mbed TLS doesn't support DSA at all, and doesn't support domain parameters
for FFDH (only predefined groups).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-19 12:22:46 +01:00
Gilles Peskine
9deb54900e
Document the domain_parameters_size==SIZE_MAX hack
...
It was introduced in https://github.com/Mbed-TLS/mbedtls/pull/8616 but not
documented.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-18 21:01:18 +01:00
Bence Szépkúti
a085fa8ccf
Merge pull request #8627 from tom-cosgrove-arm/ip_len
...
Avoid use of `ip_len` as it clashes with a macro in AIX system headers
2023-12-18 02:03:17 +00:00
Valerio Setti
4ff405cf80
block_cipher: remove psa_key_type from mbedtls_block_cipher_context_t
...
This information was redundant with the already existing mbedtls_block_cipher_id_t.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-15 16:10:52 +01:00
Valerio Setti
bd7528a592
ccm/gcm: use BLOCK_CIPHER whenever possible
...
Prefer BLOCK_CIPHER instead of CIPHER_C whenever it's enabled.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
4a5d57d225
adjust_legacy_crypto: enable BLOCK_CIPHER also when a driver is available
...
As a consequence BLOCK_CIPHER will be enabled when:
- CIPHER_C is not defined
- a proper driver is present for one of AES, ARIA and/or Camellia key types
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
2684e3f2e3
config_adjust_legacy_crypto: fix typo
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
291571b447
block_cipher: add MBEDTLS_PRIVATE to new PSA fields in mbedtls_block_cipher_context_t
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
849a1abfdd
block_cipher: remove useless use of psa_cipher_operation_t
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
4bc7fac99a
crypto_builtin_composites: add missing guards for includes
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
c0f9bbca2c
check_config: use new helpers for legacy GCM_C/CCM_C
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
8bba087fe1
adjust_legacy_crypto: add helpers for block ciphers capabilities
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Valerio Setti
c1db99d3f5
block_cipher: add PSA dispatch if possible
...
"if possible" means:
- PSA has been initialized
- requested key type is available in PSA
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-14 18:08:14 +01:00
Joakim Andersson
b349108b99
library: Move mbedtls_ecc helper functions to psa_util
...
Move the mbedtls_ecc helper functions from psa_core to psa_util.
These files are not implemented as part of the PSA API and should not
be part of the PSA crypto implementation.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
2023-12-14 13:55:11 +01:00
Tom Cosgrove
656d4b3c74
Avoid use of ip_len
as it clashes with a macro in AIX system headers
...
Fixes #8624
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-12-08 21:51:15 +00:00
Gilles Peskine
57e401b39f
Merge pull request #8521 from valeriosetti/issue8441
...
[G4] Make CTR-DRBG fall back on PSA when AES not built in
2023-12-06 18:25:44 +00:00
Waleed Elmelegy
9aec1c71f2
Add record size checking during handshake
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2023-12-06 15:18:15 +00:00
Jan Bruckner
f482dcc6c7
Comply with the received Record Size Limit extension
...
Fixes #7010
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-12-06 15:18:08 +00:00
Ronald Cron
40f3f1c36f
Merge pull request #7058 from yuhaoth/pr/tls13-early-data-parsing-0-rtt-data
...
TLS 1.3 EarlyData SRV: Parsing 0-RTT data
2023-12-06 06:47:32 +00:00
Valerio Setti
83e0de8481
crypto_extra: revert changes to mbedtls_psa_random_free()
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
7ab90723c4
mbedtls_config: update descriptions of MBEDTLS_CTR_DRBG_C and MBEDTLS_PSA_CRYPTO_C
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:42 +01:00
Valerio Setti
402cfba4dc
psa: free RNG implementation before checking for remaining open key slots
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:41 +01:00
Valerio Setti
5f4b28defc
ctr_drbg: add alternative PSA implementation when AES_C is not defined
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:41 +01:00
Valerio Setti
fbefe04bf3
check_config: fix requirements for CTR_DRBG
...
The module now depends on either:
- AES_C, which is the default and the preferred solution for
backward compatibility
- CRYPTO_C + KEY_TYPE_AES + ALG_ECB_NO_PADDINTG, which is the
new solution when AES_C is not defined
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-04 11:04:41 +01:00
Manuel Pégourié-Gonnard
3d12d65946
Merge pull request #8590 from valeriosetti/fix-pkcs5-pkcs12
...
pkcs[5/12]: use cipher enums for encrypt and decrypt
2023-12-04 10:03:02 +00:00
Valerio Setti
4577bda6d5
pkcs[5|12]: use cipher enums for encrypt and decrypt
...
Instead of re-defining MBEDTLS_PKCS5_[EN/DE]CRYPT and
MBEDTLS_PKCS12_PBE_[EN/DE]CRYPT from scratch, since these values
are to be used with the mbedtls_cipher_setkey() function, ensure
that their value matches with enums in cipher.h.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-01 16:51:24 +01:00
Jerry Yu
e32fac3d23
remove wait_flight2 state
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-01 16:25:16 +08:00
Dave Rodgman
59059ec503
Merge remote-tracking branch 'origin/development' into msft-aarch64
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-30 09:34:41 +00:00
Janos Follath
c6f1637f8c
Merge pull request #8534 from paul-elliott-arm/fix_mutex_abstraction
...
Make mutex abstraction and tests thread safe
2023-11-29 13:26:23 +00:00
Manuel Pégourié-Gonnard
6b5cedf51f
Merge pull request #8547 from valeriosetti/issue8483
...
[G2] Make PSA-AEAD work with cipher-light
2023-11-29 08:53:42 +00:00
Valerio Setti
919e3fa729
check_config: fix guards for PSA builtin implementation of cipher/AEAD
...
While the PSA builtin implementation of cipher still depends on
CIPHER_C, the same is no more true for AEADs. When CIPHER_C is not
defined, BLOCK_CIPHER_C is used instead, thus making it possible
to support AEADs without CIPHER_C.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 11:45:38 +01:00
Valerio Setti
b1cf8aeda4
adjust_psa_from_legacy: add required CIPHER_C dependencies
...
Some PSA_WANT symbols do not have a 1:1 matching with legacy ones.
For example, previous to this commit:
- CCM_C enabled both PSA_WANT_ALG_CCM and PSA_WANT_ALG_CCM_STAR_NO_TAG
even thought the two are not equivalent (authenticated VS
non-authenticated).
- there was no legacy equivalent for ECB_NO_PADDING
What it is common to both PSA_WANT_ALG_CCM_STAR_NO_TAG and
PSA_WANT_ALG_ECB_NO_PADDING is the fact that the builtin implementation
depends on CIPHER_C. Therefore this commits adds this guards to
select whether or not to enable the above mentioned PSA_WANT symbols.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-28 11:45:38 +01:00
Manuel Pégourié-Gonnard
11c3fd1f73
Merge pull request #8568 from yanrayw/issue/8356/block_cipher_no_decrypt_cleanup
...
Driver-only: G1: clean up for BLOCK_CIPHER_NO_DECRYPT
2023-11-28 08:49:48 +00:00
Manuel Pégourié-Gonnard
294f5d7ea9
Merge pull request #8540 from valeriosetti/issue8060
...
[G2] Make CCM and GCM work with the new block_cipher module
2023-11-28 08:18:45 +00:00
Dave Rodgman
9fbac381e6
Merge pull request #8326 from daverodgman/aesce-thumb2
...
Support hw-accelerated AES on Thumb and Arm
2023-11-27 09:58:58 +00:00
Yanray Wang
16b00f9522
mbedtls_config: improve documentation for BLOCK_CIPHER_NO_DECRYPT
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-27 15:52:28 +08:00
Yanray Wang
690ee81533
Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only
2023-11-23 10:31:26 +08:00
Dave Rodgman
2e342f6938
Merge pull request #8546 from BrianX7c/development
...
[cipher.h] Arithmetic overflow in binary left shift operation
2023-11-22 19:36:25 +00:00
Jerry Yu
7d8c3fe12c
Add wait flight2 state.
...
The state is come from RFC8446 section A.2
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-22 16:48:39 +08:00
Yanray Wang
55933a3e9c
tls13: fix a wrong RFC reference section
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-22 16:34:16 +08:00
Manuel Pégourié-Gonnard
d4dc354185
Merge pull request #8541 from yanrayw/issue/ssl-fix-missing-guard
...
ssl_tls: add missing macro guard
2023-11-21 14:57:47 +00:00
Jerry Yu
04fceb782b
Add freshness check information into document
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:59:24 +08:00
Jerry Yu
cf9135100e
fix various issues
...
- fix CI failure due to wrong usage of ticket_lifetime
- Improve document and comments
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
342a555eef
rename ticket received
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
25ba4d40ef
rename ticket_creation
to ticket_creation_time
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
034a8b77d1
Update document of ticket age tolerance
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:19 +08:00
Jerry Yu
8cf44953b2
guards ticket creation field
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
702fc590ed
Add ticket_creation field
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
03511b00aa
Replace c99 fmt macro
...
For c99 compatible compilers, we use PRI64d
and others use official fix.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Jerry Yu
cebffc3446
change time unit of ticket to milliseconds
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-21 09:58:18 +08:00
Gilles Peskine
473ff34d59
Merge pull request #8489 from valeriosetti/issue8482
...
Make CCM* and CCM independent
2023-11-20 14:07:14 +00:00
Ronald Cron
97137f91b6
Merge pull request #7071 from yuhaoth/pr/tls13-ticket-add-max_early_data_size-field
...
TLS 1.3 EarlyData: add `max_early_data_size` field for ticket
2023-11-20 08:04:57 +00:00
BrianX7c
5c7ab6fe86
[cipher.h] Arithmetic overflow in binary left shift operation (MBEDTLS_KEY_BITLEN_SHIFT)
...
Fixing arithmetic overflow warning (C6297), if compiled in Visual Studio
Signed-off-by: BrianX7c <151365853+BrianX7c@users.noreply.github.com>
2023-11-18 11:07:37 +01:00
Paul Elliott
9e25936241
Rename mutex->is_valid to mutex->state
...
Rename struct member to make it more representative of its current use.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-11-16 15:14:16 +00:00
Paul Elliott
3774637518
Make threading helpers tests thread safe
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-11-16 15:13:49 +00:00
Paul Elliott
5fa986c8cb
Move handling of mutex->is_valid into threading_helpers.c
...
This is now a field only used for testing.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-11-16 15:13:05 +00:00
Valerio Setti
9b7a8b2a0c
ccm/gcm: reaplace CIPHER_C functions with BLOCK_CIPHER_C ones
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-16 11:48:00 +01:00
Valerio Setti
8db46e4ee1
check_config: remove dependency check of CCM_C/GCM_C on CIPHER_C
...
CCM_C/GCM_C can now work with either (in order of preference) CIPHER_C
or BLOCK_CIPHER_C and the latter is auto-enabled in case the former
is not enabled. As a consequence there is no need to enforce the
dependency on CIPHER_C.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-16 10:58:27 +01:00
Valerio Setti
dbfd6a9f62
adjust_legacy_crypto: auto-enable BLOCK_CIPHER_C when CIPHER_C is not defined
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-16 10:56:00 +01:00
Yanray Wang
4ed8691f6d
ssl: move MBEDTLS_SSL_HAVE_XXX to config_adjust_legacy_crypto.h
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-16 15:20:57 +08:00
Manuel Pégourié-Gonnard
dc848955d6
Merge pull request #8519 from mpg/block-cipher
...
[G2] Add internal module block_cipher
2023-11-15 11:53:22 +00:00
Manuel Pégourié-Gonnard
9e80a91f27
Merge pull request #8164 from yanrayw/adjust_tfm_configs
...
Adjust how we handle TF-M config files
2023-11-15 08:21:27 +00:00
Valerio Setti
a56eb46ce6
adjust_legacy_from_psa: fix comment
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:18:14 +01:00
Valerio Setti
c2d68f5611
adjust_legacy_from_psa: treat CCM and CCM* separately
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:16:37 +01:00
Valerio Setti
cab5eff98c
adjust_config_synonyms: make CCM and CCM* indipendent
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-15 09:16:37 +01:00
Jerry Yu
fedaeb21b3
improve document
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-15 13:59:07 +08:00
Jerry Yu
6c485dad44
improve document
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-15 10:18:47 +08:00
Manuel Pégourié-Gonnard
752dd39a69
Merge pull request #8508 from valeriosetti/issue6323
...
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
2023-11-14 11:39:06 +00:00
Jerry Yu
1b23bce4a2
improve brief description of conf_sig_algs
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-13 13:45:14 +08:00
Tom Cosgrove
08ea9bfa1f
Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data
...
TLS 1.3: Rename early_data and max_early_data_size configuration function
2023-11-10 19:35:46 +00:00
Manuel Pégourié-Gonnard
5f3361c0c6
Temporary hack to pacify check_names.py
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 12:24:11 +01:00
Manuel Pégourié-Gonnard
21718769d1
Start adding internal module block_cipher.c
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-11-10 11:21:17 +01:00
Valerio Setti
01c4fa3e88
ssl: move MBEDTLS_SSL_HAVE internal symbols to ssl.h
...
This is useful to properly define MBEDTLS_PSK_MAX_LEN when
it is not defined explicitly in mbedtls_config.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-11-10 08:12:07 +01:00
Yanray Wang
111159b89c
BLOCK_CIPHER_NO_DECRYPT: call encrypt direction unconditionally
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-10 15:03:23 +08:00
Matthias Schulz
5a39c4ecf2
Fixes https://github.com/Mbed-TLS/mbedtls/issues/6910 as proposed in https://github.com/Mbed-TLS/mbedtls/issues/6910#issuecomment-1573301661
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-09 15:53:01 +01:00
Jerry Yu
53c4a0da07
Improve documents
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-11-09 10:38:17 +08:00
Gilles Peskine
4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377
...
Fixes "CSR parsing with critical fields fails"
2023-11-08 18:07:04 +00:00
Dave Rodgman
9eb2abd1e0
Add docs re Everest license
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:17 +00:00
Dave Rodgman
28d40930ae
Restore bump version
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:40:08 +00:00
Dave Rodgman
edb8fec988
Add docs re Everest license
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-08 11:36:00 +00:00
Yanray Wang
d137da5a93
check_config: make error message in BLOCK_CIPHER_NO_DECRYPT clearer
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-08 19:17:44 +08:00
Yanray Wang
30769696e7
Merge remote-tracking branch 'origin/development' into adjust_tfm_configs
2023-11-08 10:00:24 +08:00
Matthias Schulz
c55b500343
Changed notes in x509_csr.h to better describe the behavior of mbedtls_x509_csr_parse_der and mbedtls_x509_csr_parse_der_with_ext_cb.
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-11-07 16:47:37 +01:00
Yanray Wang
0751761b49
max_early_data_size: rename configuration function
...
Rename mbedtls_ssl_tls13_conf_max_early_data_size as
mbedtls_ssl_conf_max_early_data_size since in the future
this may not be specific to TLS 1.3.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 11:49:34 +08:00
Yanray Wang
d5ed36ff24
early data: rename configuration function
...
Rename mbedtls_ssl_tls13_conf_early_data as
mbedtls_ssl_conf_early_data since in the future this may not be
specific to TLS 1.3.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-07 11:49:24 +08:00
Yanray Wang
0d76b6ef76
Return an error if asking for decrypt under BLOCK_CIPHER_NO_DECRYPT
...
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is enabled, but decryption is
still requested in some incompatible modes, we return an error of
FEATURE_UNAVAILABLE as additional indication.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Yanray Wang
956aa00202
check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT with PSA
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-06 10:02:10 +08:00
Gilles Peskine
8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407
...
[G2] Make TLS work without Cipher
2023-11-04 15:05:00 +00:00
Dave Rodgman
bb5a18344a
Bump version
...
./scripts/bump_version.sh --version 3.5.1 --so-crypto 15 --so-x509 6 --so-tls 20
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:31:30 +00:00
Dave Rodgman
e3c05853d6
Header updates
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:21:36 +00:00
Dave Rodgman
16799db69a
update headers
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Yanray Wang
b799eea123
check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-02 12:38:01 +08:00
Yanray Wang
e367e47be0
mbedtls_config: add new config option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
...
With the introduction of negative option
MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we don't need to implicitly enable
it through PSA.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-11-02 12:36:41 +08:00
Dave Rodgman
b351d60e99
Merge remote-tracking branch 'origin/development' into msft-aarch64
2023-11-01 13:20:53 +00:00
Yanray Wang
b67b47425e
Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-31 17:22:06 +08:00
Yanray Wang
5779096753
Merge remote-tracking branch 'origin/development' into adjust_tfm_configs
2023-10-31 13:39:07 +08:00
Valerio Setti
d531dab4f6
check_config: let SSL_TLS depend on either CIPHER_C or USE_PSA_CRYPTO
...
TLS code already implements proper dispatching to either
builtin or PSA implementations based on USE_PSA guards, so we can
improve the check_config guards to reflect this.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-30 11:36:32 +01:00
Jerry Yu
2c46ca3474
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-30 17:32:20 +08:00
Jerry Yu
83536c23f3
Add translation ruler into document
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-30 16:18:21 +08:00
Jerry Yu
01c7356944
Add deprecated flag in document for sig_hashes
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-27 17:03:20 +08:00
Valerio Setti
c5d9dd262b
adjust_psa_from_legacy: enable ALG_STREAM_CIPHER on when CIPHER_C is defined
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Valerio Setti
c1d50b6314
check_config: fix dependency of PSA_CRYPTO_C on CIPHER_C
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-27 09:12:06 +02:00
Ronald Cron
95b735530c
Merge pull request #6719 from yuhaoth/pr/tls13-early-data-add-early-data-of-client-hello
...
TLS 1.3: EarlyData SRV: Add early data extension parser.
2023-10-26 08:31:53 +00:00
Dave Rodgman
6e51abf11d
Merge remote-tracking branch 'origin/development' into msft-aarch64
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 15:17:11 +01:00
Dave Rodgman
48b965d941
Update clang version requirements
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
4b8e8dc043
Improve compiler version checking + docs + testing for armclang
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
18838f6c1a
Fix docs for MBEDTLS_AESCE_C
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-25 09:06:24 +01:00
Dave Rodgman
d69d3cda34
Merge pull request #8298 from daverodgman/sha-armce-thumb2
...
Support SHA256 acceleration on Armv8 thumb2 and arm
2023-10-24 21:23:15 +00:00
Dave Rodgman
514590210b
Merge remote-tracking branch 'origin/development' into sha-armce-thumb2
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-23 15:35:07 +01:00
Valerio Setti
bd24d95c27
legacy_from_psa: fix support for PSA_ACCEL_ALG_[STREAM_CIPHER/ECB_NO_PADDING]
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-23 15:01:52 +02:00
Matthias Schulz
edc32eaf1a
Uncrustified
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-19 16:09:08 +02:00
Yanray Wang
08e9423f14
Merge remote-tracking branch 'origin/development' into adjust_tfm_configs
2023-10-19 17:44:47 +08:00
Yanray Wang
893623fb28
PBKDF2-AES-CMAC: remove not needed preprocessor directive
...
PBKDF2-AES-CMAC works if we provide the driver of AES-CMAC or
KEY-TYPE-AES or both. So if PBKDF2-AES-CMAC is requested via PSA,
we don't need to additionally enable builtin AES-CMAC or builtin
KEY-TYPE-AES.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-19 16:13:34 +08:00
Gilles Peskine
6407f8fc54
Merge pull request #8322 from valeriosetti/issue8257
...
Improve location of MD_CAN macros
2023-10-18 14:31:28 +00:00
Matthias Schulz
ab4082290e
Added parameters to add callback function to handle unsupported extensions. Similar to how the callback functions work when parsing certificates. Also added new test cases.
...
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
2023-10-18 13:20:59 +02:00
Manuel Pégourié-Gonnard
c6d633ffbc
Merge pull request #8297 from valeriosetti/issue8064
...
Change accel_aead component to full config
2023-10-18 07:15:59 +00:00
Valerio Setti
2f00b7a5da
cipher: reset MBEDTLS_CIPHER_HAVE_AEAD to MBEDTLS_CIPHER_MODE_AEAD
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-17 11:43:34 +02:00
Manuel Pégourié-Gonnard
6d42921633
Require at least on curve for ECP_LIGHT
...
ECP_LIGHT is not usable without any curve, just the same as ECP_C.
We forgot to update this check when introducing the ECP_LIGHT subset.
Note: the message doesn't mention ECP_LIGHT as that's not a public
config knob, hence the message with "ECP_C or a subset" (that's how it's
referred to in user-facing documentation such as
docs/driver-only-builds.md).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-17 10:01:33 +02:00
Valerio Setti
9fc1f24331
md: restore md.h includes in source files directly using its elements
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 14:39:38 +02:00
Yanray Wang
aa01ee303a
Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only
2023-10-16 17:38:32 +08:00
Valerio Setti
596ef6c0b1
cipher: reset MBEDTLS_CIPHER_HAVE_AEAD_LEGACY to previous naming
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-16 11:26:08 +02:00
Dave Rodgman
3e52184923
Make macro definition more consistent with similar defns
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Dave Rodgman
0a48717b83
Simplify Windows-on-Arm macros
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-16 09:25:59 +01:00
Valerio Setti
5f5573fa90
cipher: reintroduce symbol for legacy AEAD support
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-13 17:29:27 +02:00
Dave Rodgman
7821df3e8b
Adjust use of deprecated in Doxygen
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-13 09:39:11 +01:00
Dave Rodgman
d85277c62e
Doxygen fixes
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-13 09:22:54 +01:00
Valerio Setti
193e383686
check_config: fix typo causing build issues with only CCM enabled
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-13 09:37:24 +02:00
Maciej Zwoliński
720c638717
Add AES encrypted keys support for PKCS5 PBES2
...
Signed-off-by: Maciej Zwoliński <mac.zwolinski@gmail.com>
2023-10-12 12:00:01 +01:00
Valerio Setti
db1ca8fc33
cipher: keep MBEDTLS_CIPHER_HAVE symbols private
...
This commit also improve the usage of these new symbols in
cipher_wrap code
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-12 10:39:54 +02:00
Valerio Setti
e570704f1f
ssl: use MBEDTLS_SSL_HAVE_[CCM/GCM/CHACHAPOLY/AEAD] macros for ssl code
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-12 10:39:37 +02:00
Jerry Yu
7a799ccacd
Share early_data_status
between server and client
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-12 15:02:01 +08:00
Jerry Yu
02e3a074a3
Add max_early_data_size into ticket
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-10-12 15:00:26 +08:00
Bence Szépkúti
9b0c8164eb
Merge pull request #8330 from KloolK/extern-c
...
Fix C++ build issue when MBEDTLS_ASN1_PARSE_C is not enabled
2023-10-11 16:19:39 +00:00
Dave Rodgman
b0d9830373
Merge branch 'development' into sha-armce-thumb2
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-11 13:53:41 +01:00
Valerio Setti
02a634decd
md: remove unnecessary inclusions of mbedtls/md.h
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:15:58 +02:00
Valerio Setti
6bd3d9b166
cipher: fix missing spaces
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:10:34 +02:00
Valerio Setti
d0411defa2
cipher: add internal symbols for AEAD capabilities
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:10:34 +02:00
Valerio Setti
e7bac17b5d
test: keep SSL_TICKET_C and SSL_CONTEXT_SERIALIZATION enabled
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-11 13:10:34 +02:00
Dave Rodgman
be7915aa6c
Revert renaming of SHA512 options
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-11 10:59:05 +01:00
Bence Szépkúti
cffd7135c6
Merge pull request #8328 from yanrayw/sha256_context_guard
...
sha256_context: guard is224 by MBEDTLS_SHA224_C
2023-10-11 09:13:33 +00:00
Ronald Cron
a89d2ba132
Merge pull request #8327 from ronald-cron-arm/adapt-psa-crypto-repo-name
...
Adapt to new PSA Crypto repo name
2023-10-11 06:45:30 +00:00
Dave Rodgman
5b89c55bb8
Rename MBEDTLS_SHAxxx_USE_ARMV8_yyy to MBEDTLS_SHAxxx_USE_ARMV8_A_yyy
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 15:14:57 +01:00
Dave Rodgman
fe9fda81aa
Rename MBEDTLS_ARCH_IS_ARMV8 to MBEDTLS_ARCH_IS_ARMV8_A
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 15:14:56 +01:00
Dave Rodgman
f097bef6ea
Refer to Armv8-A (not Armv8) in docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 15:14:30 +01:00
Dave Rodgman
c5861d5bf2
Code style
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 14:01:54 +01:00
Dave Rodgman
6ab314f71d
More config option renaming
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 14:00:17 +01:00
Dave Rodgman
94a634db96
Rename A64 config options
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-10 12:59:29 +01:00
Ronald Cron
7871cb14a7
Include psa/build_info.h instead of mbedtls/build_info.h
...
In PSA headers include psa/build_info.h instead
of mbedtls/build_info.h. In Mbed TLS, both are
equivalent but not in TF-PSA-Crypto where
psa/build_info.h is the correct one.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-10-10 09:35:22 +02:00
Jan Bruckner
946720aac5
Fix C++ build issue when MBEDTLS_ASN1_PARSE_C is not enabled
...
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
2023-10-09 16:53:41 +02:00
Yanray Wang
29db8b061d
sha256.h: add guard for is224 in sha256 context
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-10-09 18:09:47 +08:00
Ronald Cron
070e8652d5
Adapt to new PSA Crypto repo name
...
Patterns I looked for:
grep -i "psa-crypto"
grep -i "psa.*crypto.*repo"
grep -i "psa.*crypto.*root"
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-10-09 10:26:18 +02:00
Thomas Daubney
540324cd21
Correct styling of Mbed TLS in documentation
...
Several bits of documentation were incorrectly styling Mbed TLS
as MbedTLS.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-10-06 17:07:24 +01:00
Valerio Setti
85d2a98549
md: move definitions of MBEDTLS_MD_CAN to config_adjust_legacy_crypto.h
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-10-06 16:04:49 +02:00
Dave Rodgman
7ed619d3fa
Enable run-time detection for Thumb and Arm
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 09:39:56 +01:00
Dave Rodgman
bfe6021e85
Improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 08:31:22 +01:00
Dave Rodgman
ca92f50e12
Update docs for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 08:24:55 +01:00
Dave Rodgman
8690859097
Improve docs
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-04 17:40:25 +01:00
Minos Galanakis
31ca313efa
Bump version to 3.5.0
...
```
./scripts/bump_version.sh --version 3.5.0
```
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 22:02:18 +01:00
Minos Galanakis
1a3ad265cc
Merge branch 'development-restricted' into mbedtls-3.5.0rc0-pr
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2023-10-03 21:57:51 +01:00
Dave Rodgman
cc5bf4946f
Make SHA256 depend on Armv8, not aarch64
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-03 18:02:56 +01:00
Dave Rodgman
5ed7b2dec2
Introduce MBEDTLS_ARCH_IS_ARMV8
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-03 18:02:31 +01:00
Dave Rodgman
b51f3da354
Merge pull request #8264 from mpg/follow-up-8075
...
Follow up to 8075
2023-09-28 17:32:12 +00:00
Manuel Pégourié-Gonnard
140c08e325
Minor clarifications.
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 11:02:37 +02:00
Manuel Pégourié-Gonnard
7f22f3478d
Add check for unsupported partial curves acceleration
...
Manual test: run test_psa_crypto_config_accel_ecc_non_weierstrass_curves
or test_psa_crypto_config_accel_ecc_weierstrass_curves as they are now,
observe it failing with the expected #error.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:18 +02:00
Manuel Pégourié-Gonnard
842d3552b6
Add check for unsupported partial key type acceleration
...
Tested manually as follows: in
component_test_psa_crypto_config_accel_ecc_some_key_types, modify
loc_accel_list to remove one of the key types between
helper_libtestdriver1_make_drivers and helper_libtestdriver1_make_main,
and observe that the 2nd build fails with the expected #error.
Note: removing one of the key types before
helper_libtestdriver1_make_drivers causes the build of libtestdriver1 to
fail, which is quite acceptable, just not what we're trying to observe.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:16 +02:00
Manuel Pégourié-Gonnard
822870bd5d
Adjust handling of special case for DERIVE
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:15 +02:00
Manuel Pégourié-Gonnard
e662736f4c
Rename macros for consistency
...
It's spelled KEY_TYPE everywhere else.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 10:19:14 +02:00
Manuel Pégourié-Gonnard
dfa42b34ab
Improve documentation about driver-only p256-m.
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-28 08:53:05 +02:00