Pengyu Lv
|
b687c03183
|
Fix the command for server9-sha*.crt
The new command could generate
parse_input/server9-sha*.crt correctly.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
49c56e651d
|
Add target for parse_input/cert_example_multi_nocn.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
19e949e644
|
Fix typo and long line format
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
736d2bb715
|
Update crl-rsa-pss-*.pem manually
The rules will be in a seperate PR.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Jerry Yu
|
59f392cd4d
|
upgrade server9-bad-saltlen.crt
Upgrade scripts
```python
import subprocess
from asn1crypto import pem, x509,core
output_filename="server9-bad-saltlen.crt"
tmp_filename="server9-bad-saltlen.crt.tmp"
tmp1_filename="server9-bad-saltlen.crt.tmp1"
subprocess.check_call(rf''' openssl x509 -req -extfile server5.crt.openssl.v3_ext \
-passin "pass:PolarSSLTest" -CA test-ca.crt -CAkey test-ca.key \
-set_serial 24 -days 3650 \
-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
-sigopt rsa_mgf1_md:sha256 -sha256 \
-in server9.csr -out {output_filename}
''',shell=True)
with open(output_filename,'rb') as f:
_,_,der_bytes=pem.unarmor(f.read())
target_certificate=x509.Certificate.load(der_bytes)
with open(tmp_filename,'wb') as f:
f.write(target_certificate['tbs_certificate'].dump())
subprocess.check_call(rf'openssl dgst -sign test-ca.key -passin "pass:PolarSSLTest" \
-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 \
-sigopt rsa_mgf1_md:sha256 -out {tmp1_filename} {tmp_filename}',
shell=True)
with open(tmp1_filename,'rb') as f:
signature_value= core.OctetBitString(f.read())
with open(output_filename,'wb') as f:
target_certificate['signature_value']=signature_value
f.write(pem.armor('CERTIFICATE',target_certificate.dump()))
```
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
4ad45c01b9
|
Update server9*.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
8c40c573b2
|
Add server9-bad-{mgfhash,saltlen}.crt
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
b5ac935e44
|
Add rules to generate server9*.crt
Except for server9-bad-saltlen.crt and
server9-bad-mgfhash.crt.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Jerry Yu
|
4ca9520582
|
Update server1-nospace.crt
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Jerry Yu
|
0efdfcbfd3
|
Update v1 crt files
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
0d545a1815
|
Update cert_example_multi_nocn.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
e025cb2096
|
Add rules to generate cert_example_multi_nocn.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
d9ba29733e
|
Update server5.[e]ku-*.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
1ca5c0eae9
|
Add rules to generate server5.[e]ku-*.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
b078607f04
|
cert_write: Support write any for extended key usage
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
5b91dc7265
|
Update server2.ku-*.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
0063599e6f
|
Add rules to generate server2.ku-*.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
55ee7f8e13
|
Add rule for server2-badsign.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Jerry Yu
|
0f381fd02f
|
Update test-ca2.ku-*.crt
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Pengyu Lv
|
5a1dbf3d6e
|
Fix the rule for server5-ss-forgeca.crt
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Jerry Yu
|
affc294dfe
|
Add the rule and update server6-ss-child.crt
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Jerry Yu
|
4d69b29076
|
Update server5-selfsigned.crt
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
|
2023-07-04 17:30:21 +08:00 |
|
Manuel Pégourié-Gonnard
|
443589ac53
|
Merge pull request #7870 from valeriosetti/fix-tls13-guards
tls13: fix guards for PSA error translating function
|
2023-07-04 11:21:14 +02:00 |
|
Tom Cosgrove
|
1940e7bae4
|
Merge pull request #7671 from yanrayw/7360-code-size-improve-format
code size: improve format of csv file
|
2023-07-04 09:15:48 +01:00 |
|
Tom Cosgrove
|
9b20c6fcc1
|
Merge pull request #7840 from yanrayw/7381_aes_gen_table
AES: use uint8_t for array of pow and log to save RAM usage
|
2023-07-04 08:34:12 +01:00 |
|
Valerio Setti
|
dbd01cb677
|
tls13: fix guards for PSA error translating function
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
|
2023-07-04 09:18:52 +02:00 |
|
Dave Rodgman
|
9cf17dad9d
|
Merge pull request #7851 from daverodgman/fix-unused-aes
Fix AES dependencies - build TF-M config cleanly
|
2023-07-03 16:49:00 +01:00 |
|
Gilles Peskine
|
e554f1b9c0
|
Merge pull request #7853 from lpy4105/issue/7816/add-commands-for-files-in-parse_input
7831 follow-up: fix wrong dependency name and wrong commands
|
2023-07-03 16:00:45 +02:00 |
|
Dave Rodgman
|
0d539c222c
|
Merge pull request #7702 from silabs-Kusumit/PBKDF2_out_of_range_input_cost
PBKDF2: Out of range input cost
|
2023-07-03 09:58:22 +01:00 |
|
Manuel Pégourié-Gonnard
|
56b159a12a
|
Merge pull request #7627 from mprse/ffdh_tls13_v2
Make use of FFDH keys in TLS 1.3 v.2
|
2023-07-03 10:12:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
45e009aa97
|
Merge pull request #7814 from valeriosetti/issue7746
PK: refactor wrappers in the USE_PSA case
|
2023-07-03 09:32:31 +02:00 |
|
Valerio Setti
|
f7cd419ade
|
pk: ignore opaque EC keys in pk_setup when they are not supported
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
|
2023-06-30 18:11:29 +02:00 |
|
Valerio Setti
|
35d1dacd82
|
pk_wrap: fix: always clear buffer holding private key in eckey_check_pair_psa
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
|
2023-06-30 18:04:16 +02:00 |
|
Valerio Setti
|
38913c16b0
|
pk_wrap: do not support opaque EC keys when !PK_HAVE_ECC_KEYS
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
|
2023-06-30 16:18:33 +02:00 |
|
Tom Cosgrove
|
c4a760c538
|
Merge pull request #7849 from davidhorstmann-arm/fix-string-to-names-retcode
Fix false success return code in `mbedtls_x509_string_to_names()`
|
2023-06-30 14:28:29 +01:00 |
|
Andrzej Kurek
|
78ecf41f22
|
Change spaces to a tab in a makefile recipe
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
|
2023-06-30 08:42:05 -04:00 |
|
Andrzej Kurek
|
03478d2b90
|
Merge branch 'development' into issue/7816/add-commands-for-files-in-parse_input
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
|
2023-06-30 14:38:05 +02:00 |
|
Dave Rodgman
|
c23d2222ea
|
Merge pull request #7728 from waleed-elmelegy-arm/crypt_and_hash-decrypt-fix
Fix crypt_and_hash decrypt issue when used with stream cipher
|
2023-06-30 11:42:35 +01:00 |
|
Dave Rodgman
|
a2c1a387e4
|
Merge pull request #7630 from daverodgman/prefer-intrinsics
Prefer intrinsics over asm for AES-NI
|
2023-06-30 11:39:38 +01:00 |
|
Dave Rodgman
|
2d07a72b35
|
Merge pull request #7821 from davidhorstmann-arm/simplify-test-dn-formatting
Simplify directory name comparison in AuthorityKeyIdentifier tests
|
2023-06-30 11:38:03 +01:00 |
|
Dave Rodgman
|
38939f705a
|
Merge pull request #7822 from gilles-peskine-arm/code-style-since
code_style.py --since
|
2023-06-30 11:37:02 +01:00 |
|
Manuel Pégourié-Gonnard
|
3f2448b75e
|
Merge pull request #7802 from AndrzejKurek/go-go-der-certs
Use DER format for x509 SAN tests
|
2023-06-30 09:36:08 +02:00 |
|
Gilles Peskine
|
0ca2a1f51b
|
Merge pull request #7646 from gilles-peskine-arm/psa-driver-transaction-testing-spec
Storage resilience with stateful secure elements: design document
|
2023-06-29 18:25:52 +02:00 |
|
Pengyu Lv
|
18730ddbcf
|
fix fragile way to refer to server1.req.sha256
The original varible $< is fragile especially
when there are multiple rules for the same
target.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
|
2023-06-30 00:23:13 +08:00 |
|
Dave Rodgman
|
1a4936ab86
|
Remove options not known to older gcc
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
|
2023-06-29 14:07:50 +01:00 |
|
Valerio Setti
|
88a3aeed9f
|
pk_wrap: use PK_HAVE_ECC_KEYS as guard for ecdsa_opaque_check_pair_wrap
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
|
2023-06-29 15:01:10 +02:00 |
|
Valerio Setti
|
d9d74c285b
|
pk_wrap: guard all ECDSA function with MBEDTLS_PK_HAVE_ECC_KEYS
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
|
2023-06-29 15:00:02 +02:00 |
|
Valerio Setti
|
4d1daf8f8d
|
pk_wrap: minor fixes for guards
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
|
2023-06-29 14:33:27 +02:00 |
|
Valerio Setti
|
97976e3e4c
|
pk_wrap: always fill all the fields of the pk_info structures
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
|
2023-06-29 14:33:27 +02:00 |
|
Valerio Setti
|
76d0f9637c
|
pk: uniform naming of functions and structures in pk/pk_wrap
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
|
2023-06-29 14:33:27 +02:00 |
|