mbedtls

Author	SHA1	Message	Date
Przemek Stekiel	dff21d3429	Move jpake role check to psa_pake_complete_inputs() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	4fcc61eec0	Optimize psa_pake_ecjpake_setup() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	849c35f8b4	Remove pake abort on failure from driver (handled by core) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	e1d51bf3c9	Optimieze psa_pake_complete_inputs() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	3e784d8981	PSA crypto pake: call abort on each failure Adapt driver hook counters in pake driver test. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	d69dca9fc4	Rework psa_pake_abort - Fix potential issue with freeing password - Clean operation object even if psa_driver_wrapper_pake_abort fails - Remove redundant code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	f62b3bb087	Optimization of pake core functions Adapt pake test (passing NULL buffers is not allowed). Passing the null buffer to psa_pake_output results in a hard fault. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	9dd2440c95	Change pake input: key_lifetime -> key attributes In the future key attributes will be available for opaque driver via psa_crypto_driver_pake_get_password_key(). Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com> Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	d5d28a217f	Use operation alg for locking key slot Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	1c3cfb4fb0	Introduce PSA_PAKE_OPERATION_STAGE_SETUP to optimize out alg checks Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	ff01bc496c	Remove j-pake specific checks from psa_pake_setup mbedtls_psa_pake_setup has already check for PSA_PAKE_PRIMITIVE_TYPE_ECC primitive. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	dde6a910bb	Optimize out psa_pake_computation_stage_t Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	5cbca790f7	Make usage of pake input getters Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	18620a3b1c	Make copy of inputs on stack before passing to psa_driver_wrapper_pake_setup Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	ca8d2b2589	Add get-data functions for inputs + tests Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	7b730175b3	Simplify psa_pake_computation_stage_s structure Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	b09c487546	Combine core pake computation stage(step,sequence,state) into single driver step Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	9a5b812aa8	Cleanup the code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	2797d37424	Split handling of memory allocation for password between core and driver Driver is now responsible for creating its own copy of the password in the setup function. After calling pake setup driver entry point core frees memory for password. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	e12ed36a6c	Move JPAKE state machine logic from driver to core - Add `alg` and `computation_stage` to `psa_pake_operation_s`. Now when logic is moved to core information about `alg` is required. `computation_stage` is a structure that provides a union of computation stages for pake algorithms. - Move the jpake operation logic from driver to core. This requires changing driver entry points for `psa_pake_output`/`psa_pake_input` functions and adding a `computation_stage` parameter. I'm not sure if this solution is correct. Now the driver can check the current computation stage and perform some action. For jpake drivers `step` parameter is now not used, but I think it needs to stay as it might be needed for other pake algorithms. - Removed test that seems to be redundant as we can't be sure that operation is aborted after failure. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	be5e27b5ad	Remove redundant code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	ca67483b15	psa_crypto_pake.h: adapt function descriptions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	51eac53b93	Divide pake operation into two phases collecting inputs and computation. Functions that only set inputs do not have driver entry points. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:25:30 +01:00
Przemek Stekiel	061f6949fd	Make psa_get_and_lock_key_slot_with_policy() static function psa_get_and_lock_key_slot_with_policy() becomes public temporarily as part of: https://github.com/Mbed-TLS/mbedtls/pull/6608 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:25:30 +01:00
Przemek Stekiel	0c78180ee5	mbedtls_psa_pake_get_implicit_key: move psa_key_derivation_input_bytes call to upper layer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:25:30 +01:00
Przemek Stekiel	6c7644150a	Adapt pake impl for driver dispatch Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:25:30 +01:00
Przemek Stekiel	2e73649f9c	Add pake psa crypto driver wrappers implementation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:25:30 +01:00
Neil Armstrong	5ae609631e	Move the common parameters check code out of the wrapper Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2023-02-22 11:25:30 +01:00
Neil Armstrong	a7d08c3009	Add PSA PAKE api calling the PAKE wrappers Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2023-02-22 11:25:30 +01:00
Neil Armstrong	7da8c56b84	Add PSA PAKE wrappers Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2023-02-22 11:25:30 +01:00
Neil Armstrong	56b8d23ca1	Add mbedtls_ prefix to PSA PAKE over MbedTLS implementation Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2023-02-22 11:25:30 +01:00
Gilles Peskine	ffb92b0789	Merge pull request #7105 from davidhorstmann-arm/fix-oid-printing-bug Fix bugs in OID to string conversion	2023-02-21 23:16:44 +01:00
Gilles Peskine	250a5ac4cb	Merge pull request #7095 from paul-elliott-arm/interruptible_sign_hash_codestyle Implement PSA interruptible sign/verify hash	2023-02-21 15:13:34 +01:00
Dave Rodgman	e42cedf256	Merge pull request #7077 from daverodgman/pkcs7-fixes-dm-rebased Pkcs7 fixes	2023-02-21 11:53:30 +00:00
Dave Rodgman	a1b2bfff46	Add clarifying comments Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-20 14:45:09 +00:00
David Horstmann	5b5a0b618c	Change error codes to more appropriate codes The more precise error codes are borrowed from the ASN1 module. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-20 14:24:12 +00:00
Janos Follath	ec718afb41	Merge pull request #7051 from gabor-mezei-arm/6376_Secp521r1_fast_reduction Add a raw entry point to Secp521r1 fast reduction	2023-02-20 13:03:12 +00:00
Manuel Pégourié-Gonnard	718eb4f190	Merge pull request #7025 from AndrzejKurek/uri_san Add the uniformResourceIdentifier subtype for the subjectAltName	2023-02-20 11:29:59 +01:00
Paul Elliott	f8e5b56ad8	Fix get_num_ops internal code. Previously calling get_num_ops more than once would have ended up with ops getting double counted, and not calling inbetween completes would have ended up with ops getting missed. Fix this by moving this to where the work is actually done, and add tests for double calls to get_num_ops(). Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-19 18:55:10 +00:00
Gabor Mezei	ac70ad6576	Fix coding style Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2023-02-16 19:31:21 +01:00
Dave Rodgman	fc64352253	Adjust position of empty line Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-16 16:23:09 +00:00
Paul Elliott	ba70ad4944	Add safety for keys larger than we currently support. Prevent buffer overflow with keys whos grp.nbits is greater than PSA_VENDOR_ECC_MAX_CURVE_BITS. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-16 12:15:39 +00:00
Paul Elliott	93d9ca83ea	Move num_ops ECP abstraction fully into internal implementation Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-16 12:15:39 +00:00
Andrzej Kurek	81b0b89a34	Clarify comments on subjectAltName types Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-16 06:55:10 -05:00
Paul Elliott	2c9843f2a4	Make mbedtls_sa_ecp_load_public_part return psa_status_t Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	7ef174b285	Correct insufficient memory return documentation. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	a1c9409d88	Move structure init calls as early as possible Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	ebe225cf7b	Move num ops update to only point where work can be done. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	53bb312054	Wipe output buffer even when INCOMPLETE is returned. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
Paul Elliott	c569fc268f	Switch from nbits to pbits Correct coordinate size is grp.nbits, not grp.pbits. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00

1 2 3 4 5 ...

10426 commits