mbedtls

Author	SHA1	Message	Date
Valerio Setti	4520a8f312	config_psa: only KEY_PAIR_USE includes PUBLIC_KEY While the other (IMPORT, EXPORT, GENERATE, DERIVE) only include the USE one. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	aac957b493	config_psa: always enable PUBLIC_KEY when any KEY_PAIR is enabled Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	f4d7ede72c	config_psa: fix logic for updating legacy symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	38a3e8d10c	config_psa: ECP_C do not enable ECC_KEY_PAIR_DERIVE Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	b0d9aaee1c	psa: move PSA_WANT checks to check_crypto_config Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	c51cba92a3	config_psa: avoid repetitions when including MBEDTLS symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	b7ef51a193	crypto: move legacy symbols support to a dedicated header file Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	ddb577626d	config_psa: add missing BUILTIN symbols when ECP_C is defined Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	89cb1444a5	config_psa: fix comment for LEGACY symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	602ee2ed98	config_psa: remove support for PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	a801b56600	config_psa: remove GENPRIME from enabled symbols of PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_USE Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
valerio	36befce51a	config_psa: remove leftover comment on ECC derivation Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	8bb5763a85	library: replace deprecated symbols with temporary _LEGACY ones Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:23:55 +02:00
Valerio Setti	f87b505511	config_psa: replace legacy symbols with new ones Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:23:55 +02:00
Valerio Setti	8d6e98c170	psa: add support for legacy symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:23:55 +02:00
Valerio Setti	67a3e3eb7b	crypto_config: introducing new definitions for PSA_WANT KEY_PAIRs - deprecate legacy PSA_WANT_KEY_TYPE_xxx_KEY_PAIR - introduce new PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy where - xxx is either RSA, DH or ECC - yyy can be USE, IMPORT, EXPORT, GENERATE, DERIVE Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:23:55 +02:00
Janos Follath	a426dc31cc	Merge pull request #7782 from gilles-peskine-arm/mbedtls_ecp_modulus_type-move Move mbedtls_ecp_modulus_type out of the public headers	2023-06-16 11:12:57 +01:00
Gilles Peskine	f45a5a0ddd	Merge pull request #7700 from silabs-Kusumit/PBKDF2_output_bytes PBKDF2: Output bytes	2023-06-16 10:08:02 +02:00
Gilles Peskine	637c049349	Move mbedtls_ecp_modulus_type out of the public headers This is an internal detail of the ECC arithmetic implementation, only exposed for the sake of the unit tests Mbed TLS 3.4.0 was released with the type mbedtls_ecp_modulus_type defined in a public header, but without Doxygen documentation, and without any public function or data structure using it. So removing it is not an API break. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-15 19:07:41 +02:00
Przemek Stekiel	ce05f54283	Properly disable ECDH in only (psk) ephemeral ffdh key exchange components Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-15 16:44:08 +02:00
Andrzej Kurek	c6beb3a741	Rename NUL to null in x509 IP parsing description Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-15 09:54:37 -04:00
Tom Cosgrove	6edf8b8c7b	Merge pull request #7451 from yanrayw/7376_aes_128bit_only Introduce config option of 128-bit key only in AES calculation	2023-06-15 10:35:32 +01:00
Yanray Wang	55ef22c2cb	mbedtls_config.h: add description for CTR_DRBG about AES-128 only Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-06-15 10:05:27 +08:00
Przemek Stekiel	7d42c0d0e5	Code cleanup #2 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-13 12:30:40 +02:00
Przemek Stekiel	75a5a9c205	Code cleanup Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-13 09:57:23 +02:00
Dave Rodgman	f956312174	Fix typo in MBEDTLS_MD_CAN macros Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-11 16:04:29 +01:00
Glenn Strauss	61d99304da	mbedtls_x509_time_gmtime() to fill struct w/ time Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-06-09 17:01:03 +01:00
Glenn Strauss	416dc03467	mbedtls_x509_time_cmp() compare mbedtls_x509_time Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-06-09 17:01:03 +01:00
Dave Rodgman	0442e1b561	Fix definition of MBEDTLS_MD_MAX_SIZE and MBEDTLS_MD_MAX_BLOCK_SIZE Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-08 16:03:33 +01:00
Manuel Pégourié-Gonnard	1f6d2e352d	Simplify implementation of MD<->PSA translation Also, add tests and comments due from previous commits. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-08 12:09:20 +02:00
Manuel Pégourié-Gonnard	9b76318138	Change values of md_type enum Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-08 11:48:53 +02:00
Dave Rodgman	9304186ae9	Restore accidentally removed comment Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-08 10:13:22 +01:00
Dave Rodgman	ff45d44c02	Replace MBEDTLS_MD_CAN_SHA3 with MBEDTLS_MD_CAN_SHA3_xxx Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-08 10:11:34 +01:00
Dave Rodgman	b61cd1042a	Correct minor merge mistakes Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 18:14:45 +01:00
Dave Rodgman	05d71ffe5b	Merge remote-tracking branch 'origin/development' into sha3-updated	2023-06-07 18:02:04 +01:00
Dave Rodgman	f9d8f4cd68	Remove reference to SHAKE Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 17:08:29 +01:00
Dave Rodgman	a35551ef01	Use MBEDTLS_PRIVATE Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 17:08:19 +01:00
Dave Rodgman	cf4d2bdc09	Spell as SHA-3 not SHA3 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 17:08:09 +01:00
Dave Rodgman	c3048b3eea	Tidy-up definition of mbedtls_sha3_context Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 16:50:15 +01:00
Dave Rodgman	9d7fa93e6c	move mbedtls_sha3_family_functions out of public interface Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 16:50:15 +01:00
Dave Rodgman	e627bef2f8	Use faster type for state index Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 16:50:15 +01:00
Dave Rodgman	1789d84282	remove not-needed fields from SHA-3 context Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 16:50:15 +01:00
Andrzej Kurek	5d9aeba899	Fix param documentation for mbedtls_x509_crt_parse_cn_inet_pton Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-07 08:54:35 -04:00
Andrzej Kurek	cd17ecfe85	Use better IP parsing in x509 programs Remove unnecessary duplicated code. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-07 08:50:05 -04:00
Gilles Peskine	13230a4ad3	Merge pull request #7349 from mpg/rm-hash-info Remove `hash_info` module	2023-06-06 21:05:13 +02:00
Gilles Peskine	d598eaf212	Merge pull request #7106 from davidhorstmann-arm/parse-oid-from-string Parse an OID from a string	2023-06-06 20:57:17 +02:00
Przemek Stekiel	ff9fcbcace	ssl_client2, ssl_server2: code optimization + guards adaptation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:53:40 +02:00
Przemek Stekiel	e7db09bede	Move FFDH helper functions and macros to more suitable locations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Przemek Stekiel	cceb933e30	Add FFDH definitions and translation functions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com> Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:07 +02:00
Kusumit Ghoderao	85e6bdb7ad	Add additional members to pbkdf2 struct Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-06-06 15:05:39 +05:30
Manuel Pégourié-Gonnard	c9d9829533	Add comment on macros that should be kept in sync Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	f76c2208f6	Remove mbedtls_psa_translate_md(). The header clearly states all functions here are internal, so we're free to remove them at any time. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	45b34517fb	Keep MD and PSA max size in sync Some TLS code is using MD_MAX_SIZE in parts that are common to USE_PSA and non-USE_PSA, then using PSA_HASH_MAX_SIZE in parts specific to USE_PSA, and having different values causes trouble. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	725d2e24aa	Fix guard for PSA->MD error conversion Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	1c32e37b0c	Formally deprecate mbedtls_psa_translate_md() The previous informal comment was not enough to prevent it from being used in several places in the library. This should have more effect, considering with have builds with DEPRECATED_REMOVED. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	6076f4124a	Remove hash_info.[ch] Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	2d6d993662	Use MD<->PSA functions from MD light As usual, just a search-and-replace plus: 1. Removing things from hash_info.[ch] 2. Adding new auto-enable MD_LIGHT in build-info.h 3. Including md_psa.h where needed Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	9b41eb8533	Replace hash_info_get_type with MD function Mostly a search and replace with just two manual changes: 1. Now PK and TLS need MD light, so auto-enable it. 2. Remove the old function in hash_info.[ch] Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	1ef26e285e	Add convenience inline function to md.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Gilles Peskine	5c3d6e277c	Merge pull request #7575 from AndrzejKurek/URI-SAN-verification Add partial support for URI SubjectAltNames verification	2023-06-05 16:46:47 +02:00
Gilles Peskine	975d9c0faf	Merge pull request #7530 from AndrzejKurek/misc-subjectaltname-fixes Miscellaneous fixes for SubjectAltName code / docs	2023-06-05 15:38:53 +02:00
Gilles Peskine	84b547b5ee	Merge pull request #7400 from AndrzejKurek/cert-write-sans Add a possibility to generate certificates with a Subject Alternative Name	2023-06-05 15:38:38 +02:00
Manuel Pégourié-Gonnard	f37b94b5bf	Merge pull request #7533 from valeriosetti/issue7484 PK: add support for private key writing with "opaque" EC keys	2023-06-05 10:53:53 +02:00
Tom Cosgrove	32b06f50df	Merge pull request #7650 from yanrayw/7360-code-size-tfm-medium code size measurement support for tfm-medium	2023-06-02 13:25:26 +01:00
Andrzej Kurek	1747304a7a	Update the descriptions of SANs All of them are listed, so the previous description was wrong. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-01 18:20:24 +01:00
David Horstmann	bf95e9a058	Reword description and change NUL to null Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:33:15 +01:00
David Horstmann	017139751a	Change behaviour away from NUL-terminated strings Instead, require the length of the string to be passed. This is more useful for our use-case, as it is likely we will parse OIDs from the middle of strings. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:04:20 +01:00
David Horstmann	d1a203a382	Cosmetic fixes to doxygen comment Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-01 15:02:15 +01:00
valerio	64e0184a39	psa_util: add support for rfc8410's OIDs Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-01 11:06:40 +02:00
Manuel Pégourié-Gonnard	7b1136836c	Merge pull request #7438 from valeriosetti/issue7074 Avoid parse/unparse private ECC keys in PK with USE_PSA when !ECP_C	2023-06-01 10:06:45 +02:00
Gilles Peskine	a1b416670e	Merge pull request #7547 from silabs-Kusumit/PBKDF2_input_validation PBKDF2: Input Validation	2023-06-01 10:05:34 +02:00
David Horstmann	b97b689832	Reword function description slightly Use of the term "dotted-decimal" improves clarity. Put a full-stop where one should have been. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-05-31 14:42:00 +01:00
Kusumit Ghoderao	b20f13a41b	Change input cost type to uint64_t and fix max iteration test case Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-31 12:51:02 +05:30
Kusumit Ghoderao	10cc6bda1c	Add PSA_ALG_PBKDF2_HMAC_GET_HASH macro Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 12:35:14 +05:30
Kusumit Ghoderao	e66a8ad8d6	Define PSA_VENDOR_PBKDF2_MAX_ITERATIONS Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 12:30:43 +05:30
Kusumit Ghoderao	52fe517a77	Change pbkdf2 password to array Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-24 12:28:46 +05:30
Dave Rodgman	b2e551d347	Merge pull request #6943 from ucko/2023b-platform	2023-05-23 18:37:54 +01:00
Valerio Setti	7ef8a8d0da	pk: improve description for the new priv_id field Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 18:39:54 +02:00
Manuel Pégourié-Gonnard	9dc9204b77	Merge pull request #7554 from valeriosetti/issue7073-reshape Avoid parse/unparse public ECC keys in PK with USE_PSA when !ECP_C	2023-05-23 15:08:45 +02:00
Aditya Deshpande	2f1ae5a86e	Modify TFM files to allow them to build on baremetal with Mbed TLS and fix code style. Also change the include path of crypto_spe.h in crypto_platform.h to allow the former file to be included in library-only builds. Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2023-05-23 15:40:11 +08:00
Valerio Setti	016264b6cb	pk: fix a return value and a typo in comment Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-22 18:40:35 +02:00
Gilles Peskine	50729eac74	Merge pull request #7611 from yanrayw/7609_tweak_build_info_include_order build_info.h: fix mutual implications with config_psa.h temporarily	2023-05-22 17:49:55 +02:00
Yanray Wang	37db332658	build_info.h: rewrite comment Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-22 16:50:39 +08:00
Aaron M. Ucko	5e4a01bff5	mbedtls/platform.h: Avoid potential macro redefinition warnings. Some identifiers (e.g. mbedtls_free) can name either functions or macros depending on configuration settings. For those that turn out to name macros, first clear out any existing macro definitions to accommodate possible unconditional bulk symbol renaming. (There remains no standard provision for such renaming, but it's nevertheless straightforward enough to do as desired, particularly with this change in place.) Signed-off-by: Aaron M. Ucko <ucko@ncbi.nlm.nih.gov>	2023-05-19 10:50:06 -04:00
Valerio Setti	f57007dd1e	pk: fixing and improving comments Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-19 13:54:39 +02:00
Paul Elliott	9a11f8a122	Merge pull request #7573 from tom-cosgrove-arm/add-psa_want_alg_some_pake Only include psa_pake_setup() and friends if some PAKE algorithms are required	2023-05-18 09:59:52 +01:00
Andrzej Kurek	1bc7df2540	Add documentation and a changelog entry Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Paul Elliott	8203f2d89f	Merge pull request #7535 from minosgalanakis/ecp/7264_enable_core_shift_l [Bignum] Adjust mbedtls_mpi_core_shift_l to use the core function	2023-05-17 18:45:44 +01:00
Valerio Setti	c1541cb3c7	pk: minor fixes (guards and a wrong assignment) Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 19:23:02 +02:00
Andrzej Kurek	67fdb3307d	Add a possibility to write subject alt names in a certificate Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 11:45:36 -04:00
Andrzej Kurek	1a75269589	Move mbedtls_x509_san_list to x509.h Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 11:45:36 -04:00
Valerio Setti	92c3f36866	test_suite_debug: fix USE_PSA_INIT/DONE guards in a test Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 15:38:34 +02:00
Valerio Setti	722f8f7472	pk: adding a new field to store the public key in raw format Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-17 15:31:21 +02:00
Manuel Pégourié-Gonnard	b1c0afe484	Merge pull request #7595 from valeriosetti/deprecate_pk_ec Set mbedtls_pk_ec() as internal function when ECP_C is not defined	2023-05-17 12:27:03 +02:00
Yanray Wang	419a55e929	build_info.h: rewrite comment for inclusion of config_psa.h Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-17 18:22:34 +08:00
Yanray Wang	6397673cb8	build_info.h: change location of including config_psa.h In build_info.h, some macros are defined based on PSA_WANT_XXX symbol. This commit tweaks the location of including config_psa.h so that macros in build_info.h could imply config options correctly. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-17 13:57:22 +08:00
Minos Galanakis	2056d09893	bignum: Updated documentation for `mbedtls_mpi_shift_l()` Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2023-05-16 17:16:26 +01:00
Valerio Setti	3f00b84dd1	pk: fix build issues Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-15 12:57:06 +02:00
Valerio Setti	77a75685ed	pk: align library and tests code to the new internal functions Note = programs are not aligned to this change because: - the original mbedtls_pk_ec is not ufficially deprecated - that function is used in tests when ECP_C is defined, so the legacy version of that function is available in that case Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-15 11:18:46 +02:00
Valerio Setti	229bf1031f	pk: make mbedtls_pk_ec internal when !ECP_C mbedtls_pk_ec() is not an ideal function because: - it provides direct access to the ecp_keypair structure wrapped by the pk_context and - this bypasses the PK module's control However, since for backward compatibility, it cannot be deprecated immediately, 2 alternative internal functions are proposed. As a consequence: - when ECP_C is defined, then the legacy mbedtls_pk_ec is available - when only ECP_LIGHT is defined, but ECP_C is not, then only the new internal functions will be available Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-15 11:13:55 +02:00
Fredrik Hesse	cc207bc379	Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. Signed-off-by: Fredrik Hesse <fredrik@hesse.se>	2023-05-12 14:59:01 +01:00
Tom Cosgrove	6d62faca8e	Only include psa_pake_setup() and friends if some PAKE algorithms are required Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-05-12 12:36:24 +01:00
Andrzej Kurek	199eab97e7	Add partial support for URI SubjectAltNames Only exact matching without normalization is supported. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-10 09:57:19 -04:00
Yanray Wang	7265bab8ad	mbedtls_config.h: remove empty * line before closing */ line Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-10 17:50:58 +08:00
Yanray Wang	d2ae432364	mbedtls_config.h: rewrite comment for AES_ONLY_128_BIT_KEY_LENGTH Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-10 17:49:34 +08:00
Manuel Pégourié-Gonnard	1d046fa0dd	Merge pull request #6010 from mprse/ffdh_import_export FFDH 1, 2A, 2B: FFDH add support for import/export key, key agreement, key generation + tests	2023-05-10 11:40:54 +02:00
Yanray Wang	ab4fb0d34c	aes.h: rewrite comment for aes round key buf Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-10 10:06:14 +08:00
Gilles Peskine	8d42cfddd6	Merge pull request #7539 from gilles-peskine-arm/mbedtls_error_pair_t-smaller Halve size of mbedtls_error_pair_t	2023-05-09 15:55:51 +02:00
Gilles Peskine	97edeb4fb8	Merge pull request #6866 from mprse/extract-key-ids Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2	2023-05-08 20:38:29 +02:00
Kusumit Ghoderao	9016bc4ed2	Clean up commented code Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-08 16:04:05 +05:30
Kusumit Ghoderao	3fc4ca7272	Limit max input cost to 32bit Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-08 15:57:41 +05:30
Gilles Peskine	4837e9d1c0	Correct comment about mbedtls error codes Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-07 20:27:13 +02:00
Pol Henarejos	d06c6fc45b	Merge branch 'development' into sha3 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-05 16:01:18 +02:00
Valerio Setti	92da2a79aa	pk: improve description for the next opaque ID field Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-05 12:31:23 +02:00
Valerio Setti	4f387ef277	pk: use better naming for the new key ID field Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-05 10:59:32 +02:00
Valerio Setti	e00954d0ed	pk: store opaque key ID directly in the pk_context structure Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-05 10:57:26 +02:00
Yanray Wang	1ed226f790	Auto-enable CTR_DRBG_USE_128_BIT_KEY with AES_ONLY_128_BIT_KEY_LENGTH This commit adds support to auto-enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enabled. Furthermore, the corresponding check is removed in check_config.h. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-05 16:23:31 +08:00
Yanray Wang	8b9877bad7	aes.h: add comment for round key buffer in aes context Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-05 16:17:48 +08:00
Yanray Wang	4a7fdffa5e	mbedtls_config.h: paraphrase code size saving in comment Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-05 16:11:33 +08:00
Yanray Wang	3d4d146f07	mbedtls_config.h: fix issue in grammar Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-05 15:05:46 +08:00
Yanray Wang	a87046704f	Add checks if MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enabled This commit adds configuration check in check_config.h if MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enabled. Furthermore, MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is disabled by default in scripts/config.py for full configuration. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-05 11:21:18 +08:00
Arto Kinnunen	b1c626b5c6	AES: adjust AES RAM usage according to config options Do not reserve additional space for mbedtls_aes_context if config option AES_ONLY_128_BIT_KEY_LENGTH is used and PADLOCK_C is not used. This reduces RAM usage by 96 bytes. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-05 11:21:13 +08:00
Arto Kinnunen	732ca3221d	AES: add macro of MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH Add configuration option to support 128-bit key length only in AES calculation. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-05 11:20:38 +08:00
Jethro Beekman	0167244be4	Read and write X25519 and X448 private keys Signed-off-by: Jethro Beekman <jethro@fortanix.com> Co-authored-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com> Signed-off-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>	2023-05-04 13:01:47 +02:00
Kusumit Ghoderao	b9410e89b4	Fix failing CI Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-04 13:17:51 +05:30
Przemek Stekiel	746dfaea3f	Enable FFDH through PSA if it's enabled in the legacy interface Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-04 09:14:08 +02:00
Kusumit Ghoderao	dcfa548293	Add pbkdf2 to key_derivation context struct Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:35 +05:30
Kusumit Ghoderao	30ced52497	Add pbkdf2 struct to crypto_builtin_key_derivation.h Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:35 +05:30
Kusumit Ghoderao	876e2c2424	Add psa_pbkdf2_key_derivation_state_t Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:34 +05:30
Kusumit Ghoderao	83baf8968d	Add builtin PBKDF2_HMAC definition in config_psa.h Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:34 +05:30
Kusumit Ghoderao	aca31654e6	Enable PSA_WANT_ALG_PBKDF2_HMAC in crypto_config.h Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:34 +05:30
Gilles Peskine	b567f8326d	Halve size of mbedtls_error_pair_t All PSA crypto error codes fit comfortably in 16 bits and we have no plans to ever change this. So use 16 bits to store them, which reduces mbedtls_error_pair_t from 8 bytes to 4 bytes. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-02 21:40:07 +02:00
Gilles Peskine	d3ca5e5897	Merge pull request #7328 from mprse/ec-jpake-fix1 Fix the JPAKE driver interface for user+peer	2023-05-02 20:42:25 +02:00
Manuel Pégourié-Gonnard	8e076e4132	Merge pull request #6915 from aditya-deshpande-arm/example-driver-post-codestyle Document (with examples) how to integrate a third-party driver with Mbed TLS	2023-05-02 12:13:42 +02:00
Manuel Pégourié-Gonnard	f317df98ea	Merge pull request #7461 from valeriosetti/issue7460-part1 Fixing USE_PSA_INIT/DONE in SSL/X509/PK test suites	2023-05-02 10:44:13 +02:00
Aditya Deshpande	f100f00679	Add warnings to documentation stating that p256-m code may be out of date with upstream, plus other minor grammatical fixes. Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2023-04-28 17:54:15 +01:00
Aditya Deshpande	bac592d53e	Remove rand() from p256_generate_random() and move to an implementation based on mbedtls_ctr_drbg Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2023-04-28 17:54:15 +01:00
Aditya Deshpande	e41f7e457f	Integrate p256-m as an example driver alongside Mbed TLS and write documentation for the example. (Reapplying changes as one commit on top of development post codestyle change instead of rewriting old branch) Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2023-04-28 17:54:09 +01:00
Przemek Stekiel	4ce523256b	Fix definition of PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE (ECC vs FFDH max) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-28 13:40:34 +02:00
Przemek Stekiel	eb511a4495	Update config files to make PSA FFDH undependent on MBEDTLS_DHM_C To enable support for FFDH in PSA MBEDTLS_USE_PSA_CRYPTO needs to be enabled. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-28 13:20:16 +02:00
Przemek Stekiel	6d85afa0cc	Fix naming: FFDH key -> DH key and fix guard in psa_validate_key_type_and_size_for_key_generation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-28 11:42:17 +02:00
Przemek Stekiel	5357a7a6d9	Use PSA_MAX_OF_THREE in PSA_EXPORT_KEY_PAIR_MAX_SIZE Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-27 11:22:36 +02:00
Dave Rodgman	98062a7c5d	Merge pull request #7316 from yuhaoth/pr/Add-msvc-support-for-aesce-module Add msvc support for AESCE	2023-04-26 21:27:08 +01:00
David Horstmann	9643575d92	Limit OIDs to 128 components The longest OID known by oid-info.com is 34 components[1], so 128 should be plenty and will limit the potential for attacks. [1] http://oid-info.com/get/1.3.6.1.4.1.1248.1.1.2.1.3.21.69.112.115.111.110.32.83.116.121.108.117.115.32.80.114.111.32.52.57.48.48 Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-04-26 11:50:14 +01:00
Przemek Stekiel	654bef0be0	Fix typos, comments, style, optimize macros Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	87d9a4a30c	Provide PSA_WANT_KEY_TYPE_FFDH_PUBLIC_KEY configuration Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	ed23b61020	Adapt size macros for FFDH Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:04:32 +02:00
Przemek Stekiel	84ee3e2921	Adapt config files for FFDH Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:04:32 +02:00
Jerry Yu	a1a039dba6	Improve minimum compiler versions document Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-26 10:21:42 +08:00
Przemek Stekiel	aede2ad554	Optimize code (pake role type, freeing buffers) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-25 14:30:34 +02:00
Przemek Stekiel	6e628a4e7b	Add undfined role for ec j-pake Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-25 13:11:36 +02:00
Jerry Yu	f015a93f98	Add msvc version document Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-25 10:38:03 +08:00
valerio	cf35d774fe	doc: update USE_PSA_CRYPTO description Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-04-24 13:47:18 +02:00
Gilles Peskine	935a987b2b	Merge pull request #7436 from AndrzejKurek/x509-verify-san-ip x509 SAN IP parsing	2023-04-21 22:00:58 +02:00
Jerry Yu	a7d454cec2	Remove unnecessary check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-04-20 10:32:38 +08:00
Paul Elliott	4359badbb2	Merge pull request #7331 from mprse/ec-jpake-fix2 PSA PAKE: Check input_length against PSA_PAKE_INPUT_SIZE() in psa_pake_input	2023-04-17 16:31:09 +01:00
Ronald Cron	f54762e498	Merge pull request #7415 from Harshal5/fix/declaration_of_mbedtls_ecdsa_sign_det_restartable_function ecdsa: fix `-missing-prototypes` warning when `MBEDTLS_ECDSA_SIGN_ALT` is defined	2023-04-17 15:41:25 +02:00
Przemek Stekiel	7921a03425	Add claryfication for PSA_PAKE_INPUT/OUTPUT_MAX_SIZE macros Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-17 12:32:06 +02:00
harshal.patil	8c77644906	ecdsa: fix `-missing-prototypes` warning when `MBEDTLS_ECDSA_SIGN_ALT` is defined - In `mbedtls/v3.4.0`, ECDSA restartable sign and verify functions (`ecdsa.c`) were made public. - But the `mbedtls_ecdsa_sign_det_restartable` function prototype was declared in the file `ecdsa.h`, only when `MBEDTLS_ECDSA_SIGN_ALT` is not defined. Signed-off-by: harshal.patil <harshal.patil@espressif.com>	2023-04-17 12:53:00 +05:30
Manuel Pégourié-Gonnard	ed5998cd7d	Merge pull request #7422 from valeriosetti/remove-psa-have-full-symbols Remove PSA_HAVE_FULL_xxx symbols	2023-04-17 09:19:00 +02:00
Stephan Koch	48fba6fbac	Fix so that PSA_WANT_ALG_DETERMINISTIC_ECDSA implies PSA_HAVE_FULL_ECDSA. Signed-off-by: Stephan Koch <koch@oberon.ch> Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-14 13:41:10 +02:00
Glenn Strauss	c26bd76020	x509 crt verify SAN iPAddress Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:42 -04:00
Valerio Setti	6b006c126b	remove KEY_TYPE_ECC_PUBLIC_KEY unnecessary requirement Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 12:02:19 +02:00
Valerio Setti	6c496a1553	solve disparities for ECP_LIGHT between ref/accel Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	151bdf9668	build_info: fixed comment Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	d4a5d461de	library: add remaining changes for the new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	0d2980f117	pk: adapt to new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	fd122f4e95	ecp: introduce new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Valerio Setti	969e206e28	remove PSA_HAVE_FULL_JPAKE symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 10:55:25 +02:00
Valerio Setti	6f66664ed6	remove PSA_HAVE_FULL_ECDSA symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 10:54:22 +02:00
Valerio Setti	48859cc7d8	remove PSA_HAVE_FULL_ECDH symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 10:50:47 +02:00
Gilles Peskine	7c1c7ce90e	Merge pull request #7401 from AndrzejKurek/md-guards-missing Add missing md.h includes	2023-04-11 09:32:17 +02:00
Gilles Peskine	c9e8a65d06	Merge pull request #7298 from lpy4105/issue/6840/add-cache-entry-removal-api ssl_cache: misc improvements	2023-04-11 09:30:40 +02:00
Pengyu Lv	723ac268e7	ssh_cache: Add back description of other errors for cache getter Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-04-11 09:19:08 +08:00
Pengyu Lv	e3746d7ce6	ssl_cache: Error renaming and document improvement Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-04-10 14:40:03 +08:00
Ronald Cron	b828c7d3de	Fix, improve and add comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	8a12aeec93	tls: Initialize SSL context tls_version in mbedtls_ssl_setup() Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Przemek Stekiel	21903ec860	Fix after rebase Handle manually functions that have been moved to different locations. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	8a13866f65	Remove parsing of rfc822Name Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	9a511c5bdf	Rename back mbedtls_x509_parse_general_name->mbedtls_x509_parse_subject_alt_name Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
toth92g	8d435a0c8b	Renaming x509_get_subject_alt_name to x509_get_general_names and mbedtls_x509_parse_subject_alt_name to mbedtls_x509_parse_general_name so they can be used not only to collect subject alt name, but the V3 authority cert issuer that is also GeneralName type. Also updated the x509_get_general_names function to be able to parse rfc822Names Test are also updated according these changes. Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:28 +02:00
toth92g	a41954d0cf	Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions. Updating mbedtls_x509_crt_free function to also free the new dynamic elements (issuer field of AuthorityKeyId). A few tests are also added which test the feature with a correct certificate and multiple ones with erroneous ASN1 tags. Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:27 +02:00
Andrzej Kurek	1b75e5f784	Add missing md.h includes MBEDTLS_MD_CAN_SHAXXX are defined there. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-04 09:55:06 -04:00
Ronald Cron	219f978097	Merge pull request #7059 from ronald-cron-arm/psa-crypto-misc PSA cryptography miscellaneous	2023-04-04 10:54:03 +02:00
Manuel Pégourié-Gonnard	86d5d4bf31	Merge pull request #7103 from valeriosetti/issue6622 Some MAX_SIZE macros are too small when PSA ECC is accelerated	2023-04-03 16:23:27 +02:00
Dave Rodgman	dd48c6e3df	Merge pull request #7385 from daverodgman/timing_alignment Fix cast alignment warning in timing.c	2023-03-31 19:48:34 +01:00
Dave Rodgman	33b2210065	Fix cast alignment warning in timing.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-31 15:50:54 +01:00
Dave Rodgman	b8f5ba826b	Merge pull request #6891 from yuhaoth/pr/add-milliseconds-platform-function Add milliseconds platform time function	2023-03-31 11:47:37 +01:00
Ronald Cron	789cef87f8	Fix documentation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:07:57 +02:00
Ronald Cron	135f2ae312	Pacify doxygen.sh Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:07:57 +02:00
Ronald Cron	f6236f032a	psa: Introduce psa/build_info.h The PSA cryptography repository is based to start with on the PSA cryptography implementation in Mbed TLS but with a different directority structure, build system and build configuration. The build-time configuration information in the PSA cryptography repository is psa/build_info.h. This commit introduces this file in Mbed TLS to be used in place of mbedtls/build_info.h (but basically just an alias to it) in PSA headers. This is to ease the update of the PSA cryptography repository. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:07:57 +02:00
Ronald Cron	e6e6b75ad3	psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option The support for the PSA crypto driver interface is not optional anymore as the implementation of the PSA cryptography interface has been restructured around the PSA crypto driver interface (see psa-crypto-implementation-structure.md). There is thus no purpose for the configuration options MBEDTLS_PSA_CRYPTO_DRIVERS anymore. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:07:54 +02:00
Ronald Cron	2f10fceccd	psa: include: Move key derivation builtin and driver contexts Move key derivation builtin and driver contexts to specific header files as key derivation contexts depend both on primitive and composite crypto algorithms contexts. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:01:45 +02:00
Ronald Cron	e7cde181ea	psa: include: Move some Mbed TLS headers The structures related to CMAC, GCM, CCM and CHACHAPOLY operations are defined in crypto_builtin_composites.h not in crypto_struct.h. Thus move the cmac.h, gcm.h, ccm.h and chachapoly.h header inclusions from crypto_struct.h to crypto_builtin_composites.h. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:01:45 +02:00
Ronald Cron	fe8e135816	psa: Remove unnecessary headers Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:01:45 +02:00
Paul Elliott	03d557db35	Merge pull request #6900 from AndrzejKurek/san-dirname Add support for directoryName subjectAltName	2023-03-30 18:37:26 +01:00
Manuel Pégourié-Gonnard	0ab380a8ae	Merge pull request #7354 from mpg/ecc-doc-update Ecc doc update	2023-03-30 15:38:47 +02:00
Manuel Pégourié-Gonnard	9463e780c6	Fix a typo Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-30 09:37:39 +02:00
Manuel Pégourié-Gonnard	59b61da7c4	Fix dependency check for TLS 1.3 ECDH This part is specific to 1.3 and directly calls PSA APIs regardless of whether MBEDTLS_USE_PSA_CRYPTO is defined, so use PSA_WANT. Note: the code is already using PSA_WANT everywhere in ssl_tls13*.c. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-30 09:35:41 +02:00
Andrzej Kurek	c27ba3a531	Clarify SAN structure memory management Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:41:34 -04:00

... 2 3 4 5 6 ...

6221 commits