Commit graph

26059 commits

Author SHA1 Message Date
Gilles Peskine
d8c4549246
Merge pull request #7432 from oberon-microsystems/fix-test-ecjpake-to-pms-dependency
Fix derive_ecjpake_to_pms dependency in PSA crypto test
2023-07-17 11:05:40 +02:00
Dave Rodgman
91d9daf2b3
Merge pull request #7925 from hasheddan/dtls-server-order
Fix order of steps in DTLS server example program
2023-07-17 09:41:43 +01:00
Daniel Mangum
af2f7a6fcb Fix order of steps in DTLS server example program
Fixes the numbered order of steps in the DTLS server example program.

Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com>
2023-07-14 12:00:33 -04:00
Dave Rodgman
8f6094ce47
Merge pull request #7792 from robUx4/win32_winnt 2023-07-13 19:34:24 +01:00
Dave Rodgman
63a21f4cda
Merge pull request #7920 from daverodgman/gcm-size 2023-07-13 19:32:07 +01:00
Dave Rodgman
5ff02450ee Reduce size of static data in gcm
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-07-13 15:57:20 +01:00
Steve Lhomme
551b3bf4bb Don't force the _WIN32_WINT version
If the user has set a value in the build environment, it will be used.
Otherwise, if SDK has a default value, it will be picked.

If either of these values are lower than 0x0501 (XP) we should not force
some calls that will not work on the minimum target OS. We should use
dynamic loading of these API's to support them in higher versions of the
OS.

winsock2.h needs to be included before windows.h and will pick the
default _WIN32_WINNT from the SDK or use the one from the user, by
setting _WIN32_WINNT in the CFLAGS.

Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
2023-07-13 16:11:34 +02:00
Steve Lhomme
4000b6ec0e Don't force the default windows version down
The _WIN32_WINNT value will pick the default value for the SDK when
including windows.h. Depending on its value some calls will be possible or not.

Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
2023-07-13 16:11:34 +02:00
Steve Lhomme
369d7c7148 Don't use FindFirstFileW() before Windows XP
On runtime it will attempt to get FindFirstFileW() from kernel32.dll
but it's not there and the DLL/program containing mbedtls will not load.

Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
2023-07-13 16:11:34 +02:00
Dave Rodgman
15f350424b
Merge pull request #7507 from yuhaoth/pr/fix-armclang-without-cmd-target-flags-fail
Fix armclang without cmd target flags fail
2023-07-13 14:40:41 +01:00
Jerry Yu
893be8d10f Replace cpu modifier flags
`crypto` should be replace with `aes`.

See https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 17:32:11 +08:00
Jerry Yu
8bfa24b021 Update compiler versions requirement
For time being, we haven't verified MSVC
for sha256 and 512. So we do not add msvc
information.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:29 +08:00
Jerry Yu
b1d06bb29e Add error message for old armclang
when armclang<6.10, cpu modifiers MUST be
specified on command line.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:29 +08:00
Jerry Yu
8e96e78dbe update document and error message
Chang the spell of armclang

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:28 +08:00
Jerry Yu
6b00f5a135 Add guards for arm_neon.h
See: https://arm-software.github.io/acle/main/acle.html#arm_neonh



Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:28 +08:00
Jerry Yu
c37e260dc5 Add armclang version requirement for sha512
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:28 +08:00
Jerry Yu
22a4d3e2b4 fix armclang build fail for sha512.
`sha3` support is start from armclang6.10

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:28 +08:00
Jerry Yu
580e06fb07 fix armclang compile fail
`__ARM_FEATURE_AES` is not defined with `armclang < 6.10`.
And it raise error on `target("crypto,aes")

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:27 +08:00
Jerry Yu
08933d3dbb fix compile fail for armclang
when target flags are not set at command line, armclang
will reports required feature not set error.

This is found and verified at 6.20.1. And it does not work
for 6.6

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-07-13 10:40:08 +08:00
Paul Elliott
3c22366695
Merge pull request #7863 from valeriosetti/issue7790
PK: parse: fix disparity with private Montgomery keys
2023-07-11 18:02:12 +01:00
Dave Rodgman
a824e40749
Merge pull request #7500 from tom-cosgrove-arm/fix-armclang-bswap32
Fix MBEDTLS_BSWAP32 on armcc 5
2023-07-11 16:48:42 +01:00
Paul Elliott
88f34e3348
Merge pull request #7703 from gabor-mezei-arm/7598_clone_the_eco_module
[Bignum] Clone the ECP module
2023-07-11 15:00:01 +01:00
Tom Cosgrove
f2b5a13d02 Fix MBEDTLS_BSWAP32 on armcc 5
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-11 14:06:37 +01:00
Dave Rodgman
4999f15d98
Merge pull request #7878 from beni-sandu/development
aesce: use correct target attribute when building with clang
2023-07-11 10:54:14 +01:00
Valerio Setti
1e6063c8ee test: set MBEDTLS_ECP_DP dependency also for Montgomery curves
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
d476faa595 test: add more tests for Montgomery's invalid masks
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
aed87994da test: verify that Montgomery keys can be fixed on parsing
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
41b0818bcb ecp: rearrange code in ecp_read_key()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
4a09dcc6f6 test: replace ECP_DP_CURVE25519_ENABLED with PSA_WANT_ECC_MONTGOMERY_255
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
ef80d11c1f test: add proper key requirements in X25519 key parsing tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
21d42417f9 pkparse: always check all private keys on import
This allows to remove explicit calls to mbedtls_ecp_check_privkey()
in pkparse.c.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
6b062eeed0 pkparse: parse also Weierstrass private keys using ecp_read_key()
This is to hanlde more uniformly Weierstrass and Montgomery curves.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
5f54020d1a analyze_outcomes: do not skip test about wrong Montgomery private key
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
805e4a0378 pkparse: use ecp_read_key() for parsing private key of Montgomery curves
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Valerio Setti
0a92121716 test: test of Montgomery keys with uncorrect bits whenever PK_HAVE_ECC_KEYS
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-11 11:28:22 +02:00
Gilles Peskine
19280ad9b3
Merge pull request #7908 from gilles-peskine-arm/ssl-opt-fix-hrr-test-curves-groups
Fix failure of ssl-opt "TLS 1.3: no HRR in case of PSK key exchange mode"
2023-07-11 11:25:26 +02:00
Gilles Peskine
b387fcf59b Adapt names (curves -> groups) in a separately added test case
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-11 09:19:13 +02:00
Gilles Peskine
6aca2c9613
Merge pull request #7716 from mpg/psa-util-internal
Split psa_util.h between internal and public
2023-07-10 18:33:23 +02:00
Gilles Peskine
d9f0c76f9e
Merge pull request #7879 from tgonzalezorlandoarm/development
tests/test_suite_pem: Augment DES test cases with AES: PEM
2023-07-10 18:28:01 +02:00
Dave Rodgman
f3e488ec40
Merge pull request #7216 from lpy4105/issue/6840/add-getters-for-some-fields
Add getters for some fields
2023-07-10 17:14:11 +01:00
Manuel Pégourié-Gonnard
f614bde912
Merge pull request #7656 from mprse/ffdh_tls13_v2_drivers
FFDH 4: driver-only parity testing - with TLS 1.3
2023-07-10 13:08:47 +02:00
Dave Rodgman
e183ecef3d
Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases
Record the outcome of each test case in compat.sh
2023-07-10 12:08:32 +01:00
Manuel Pégourié-Gonnard
5c41ae867b
Merge pull request #7887 from ronald-cron-arm/fix-hrr-in-psk-kem
tls13: server: Fix spurious HRR
2023-07-10 09:58:13 +02:00
Pengyu Lv
5a3f5f450c Add changelog entries
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 13:25:28 +08:00
Pengyu Lv
5cbb93ef14 Add test for cache timeout getter
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 13:25:24 +08:00
Pengyu Lv
db6143364a Add test for endpoint getter
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Pengyu Lv
30e0870937 Add test for hostname getter
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Pengyu Lv
08daebb410 Make endpoint getter parameter a pointer to const
It would be convenient for users to query the endpoint
type directly from a ssl context:

```
    mbedtls_ssl_conf_get_endpoint(
        mbedtls_ssl_context_get_config(&ssl))
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Pengyu Lv
accd53ff6a Add getter access to endpoint field in mbedtls_ssl_config
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00
Pengyu Lv
918ebf3975 Add getter access to hostname field in mbedtls_ssl_context
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-07-10 11:33:23 +08:00