Mention that TLS 1.3 is supported, in addition to (D)TLS 1.2.
Improve and clarify the documentation. In particular, emphasise that the
minor version numbers are the internal numbers which are off by one from the
human numbers.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Same intended semantics, no casts.
Limitation: this doesn't work on architectures where
sizeof(uintptr_t) < sizeof(void*), which is somewhat weird but possible if
pointers contain redundant information.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The user data is typically a pointer to a data structure or a handle which
may no longer be valid after the session is restored. If the user data needs
to be preserved, let the application do it. This way, it is a conscious
decision for the application to save/restore either the pointer/handle
itself or the object it refers to.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In structure types that are passed to user callbacks, add a field that the
library won't ever care about. The application can use this field to either
identify an instance of the structure with a handle, or store a pointer to
extra data.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Initially this function was doing something because the output format of
psa_export_public() didn't match the ECPoint format that TLS wants.
Then it became a no-op then the output format of psa_export_public()
changed, but it made sense to still keep the function in case the format
changed again. Now that the PSA Crypto API has reached 1.0 status, this
is unlikely to happen, so the no-op function is no longer useful.
Removing it de-clutters the code a bit; while at it we can remove a
temporary stack buffer (that was up to 133 bytes).
It's OK to remove this function even if it was declared in a public
header, as there's a warning at the top of the file saying it's not part
of the public API.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Relying on a PSA_VENDOR macro is not ideal, since the standard doesn't
guarantee this macro exists, but OTOH relying on
MBEDTLS_ECP_DP_xxx_ENABLED was even less ideal, so I believe this is
still an improvement.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
We had ECC then PK then ECC, move PK to the end, now all ECC things are
together. (The comments suggest that was the intention all along.)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
PKCS5 depends on MD, but is missing a config check resulting in
obscure errors on invalid configurations.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Fix library references, tests and programs.
Testing is performed in the already present all.sh test.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that
their return values should be checked.
Do check the return values in our code. We were already doing that
everywhere for hash calculations, but not for HMAC calculations.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
As we have now a minimal viable implementation of TLS 1.3,
let's remove EXPERIMENTAL from the config option enabling
it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
