Commit graph

1114 commits

Author SHA1 Message Date
Tom Cosgrove
ef2aa0ecad Fix "unterminated '#pragma clang attribute push'" in sha256/sha512.c
If we're built with MBEDTLS_SHAxxx_USE_A64_CRYPTO_IF_PRESENT but don't have a
way to detect the crypto extensions required, the code turns off _IF_PRESENT
and falls back to C only (with a warning). This was done after the attributes
are pushed, and the pop is done only #if defined(xxx_IF_PRESENT), so this
commit fixes that.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-06-09 11:29:50 +01:00
Gilles Peskine
95b43a04a9
Merge pull request #7651 from daverodgman/fix-armclang-compile-fail
Fix armclang compile fail
2023-06-08 14:36:18 +02:00
Dave Rodgman
05d71ffe5b Merge remote-tracking branch 'origin/development' into sha3-updated 2023-06-07 18:02:04 +01:00
Dave Rodgman
cf4d2bdc09 Spell as SHA-3 not SHA3
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-07 17:08:09 +01:00
Gilles Peskine
d598eaf212
Merge pull request #7106 from davidhorstmann-arm/parse-oid-from-string
Parse an OID from a string
2023-06-06 20:57:17 +02:00
Gilles Peskine
5c3d6e277c
Merge pull request #7575 from AndrzejKurek/URI-SAN-verification
Add partial support for URI SubjectAltNames verification
2023-06-05 16:46:47 +02:00
Gilles Peskine
84b547b5ee
Merge pull request #7400 from AndrzejKurek/cert-write-sans
Add a possibility to generate certificates with a Subject Alternative Name
2023-06-05 15:38:38 +02:00
Dave Rodgman
4db4d6b9b0 Improve changelog
Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>
2023-06-04 20:41:24 -04:00
Dave Rodgman
49bd1f2cb2 Fix spelling in Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>
2023-06-02 10:31:49 -04:00
Manuel Pégourié-Gonnard
0b68784053
Merge pull request #7577 from mprse/ffdh_drivers
FFDH 3b: add driver testing (no TLS 1.3)
2023-06-01 10:26:08 +02:00
David Horstmann
57b5d22a9e Reword ChangeLog entry for consistency
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-05-31 14:36:41 +01:00
Dave Rodgman
1ae50aebb9 Update Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-25 09:46:34 +01:00
Dave Rodgman
a1f51c213c Fix Changelog formatting
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-24 13:02:18 +01:00
Dave Rodgman
a55e12c525 Add Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-05-24 12:15:26 +01:00
Andrzej Kurek
1bc7df2540 Add documentation and a changelog entry
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-05-17 15:23:56 -04:00
Tom Cosgrove
6d62faca8e Only include psa_pake_setup() and friends if some PAKE algorithms are required
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-05-12 12:36:24 +01:00
Przemek Stekiel
ea52e1a43f Add changelog entry (FFDH driver dispatch)
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-05-11 12:23:12 +02:00
Andrzej Kurek
199eab97e7 Add partial support for URI SubjectAltNames
Only exact matching without normalization is supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-05-10 09:57:19 -04:00
Gilles Peskine
97edeb4fb8
Merge pull request #6866 from mprse/extract-key-ids
Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2
2023-05-08 20:38:29 +02:00
Pol Henarejos
d06c6fc45b
Merge branch 'development' into sha3
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
2023-05-05 16:01:18 +02:00
Jethro Beekman
0167244be4 Read and write X25519 and X448 private keys
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
Co-authored-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
Signed-off-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
2023-05-04 13:01:47 +02:00
Gilles Peskine
d3ca5e5897
Merge pull request #7328 from mprse/ec-jpake-fix1
Fix the JPAKE driver interface for user+peer
2023-05-02 20:42:25 +02:00
Gilles Peskine
53a9ac576d
Merge pull request #7443 from mprse/psa_init_in_programs
Init PSA in ssl and x509 programs
2023-04-28 12:49:11 +02:00
JonathanWitthoeft
2a878a85a6
Adjust ChangeLog
Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>
2023-04-26 19:00:46 -05:00
JonathanWitthoeft
9b265180cc
Make mbedtls_ecdsa_can_do definition unconditional
Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>
2023-04-26 16:09:28 -05:00
David Horstmann
b6ff8a2c4b Add ChangeLog entry for string-to-OID parsing
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-04-26 12:10:36 +01:00
Przemek Stekiel
6cec5e9d9e Add changelog entry (PSA initialization in sample programs)
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-04-24 08:03:30 +02:00
Gilles Peskine
935a987b2b
Merge pull request #7436 from AndrzejKurek/x509-verify-san-ip
x509 SAN IP parsing
2023-04-21 22:00:58 +02:00
Ronald Cron
f54762e498
Merge pull request #7415 from Harshal5/fix/declaration_of_mbedtls_ecdsa_sign_det_restartable_function
ecdsa: fix `-missing-prototypes` warning when `MBEDTLS_ECDSA_SIGN_ALT` is defined
2023-04-17 15:41:25 +02:00
harshal.patil
8c77644906 ecdsa: fix -missing-prototypes warning when MBEDTLS_ECDSA_SIGN_ALT is defined
- In `mbedtls/v3.4.0`, ECDSA restartable sign and verify functions (`ecdsa.c`) were made public.
- But the `mbedtls_ecdsa_sign_det_restartable` function prototype was declared in the file `ecdsa.h`,
  only when `MBEDTLS_ECDSA_SIGN_ALT` is not defined.

Signed-off-by: harshal.patil <harshal.patil@espressif.com>
2023-04-17 12:53:00 +05:30
Eugene K
3208b0b391 add IP SAN tests changes per mbedTLS standards
Signed-off-by: Eugene K <eugene.kobyakov@netfoundry.io>
2023-04-11 08:29:42 -04:00
Gilles Peskine
7c1c7ce90e
Merge pull request #7401 from AndrzejKurek/md-guards-missing
Add missing md.h includes
2023-04-11 09:32:17 +02:00
Ronald Cron
4d31496294 Update TLS 1.3 documentation and add change log
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-06 10:26:18 +02:00
Andrzej Kurek
468a99ed0b Add a changelog entry
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-04-06 03:04:15 -04:00
toth92g
d96027acd2 Correcting documentation issues:
- Changelog entry is Feature instead of API Change
- Correcting whitespaces around braces
- Also adding defensive mechanism to x509_get_subject_key_id
  to avoid malfunction in case of trailing garbage

Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:27 +02:00
toth92g
27f9e7815c Adding openssl configuration file and command to Makefile to be able to reproduce the certificate for testing Authority and Subject Key Id fields
Increasing heap memory size of SSL_Client2 and SSL_Server2, because the original value is not enough to handle some certificates. The AuthorityKeyId and SubjectKeyId are also parsed now increasing the size of some certificates

Signed-off-by: toth92g <toth92g@gmail.com>
2023-04-04 17:48:27 +02:00
Manuel Pégourié-Gonnard
86d5d4bf31
Merge pull request #7103 from valeriosetti/issue6622
Some MAX_SIZE macros are too small when PSA ECC is accelerated
2023-04-03 16:23:27 +02:00
Valerio Setti
3a3a756431 adding missing newline at the end of changelog file
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-03 10:55:29 +02:00
Valerio Setti
0a7ff791a6 add Changelog
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-04-03 09:18:41 +02:00
Dave Rodgman
b8f5ba826b
Merge pull request #6891 from yuhaoth/pr/add-milliseconds-platform-function
Add milliseconds platform time function
2023-03-31 11:47:37 +01:00
Andrzej Kurek
9fa1d25aeb Add changelog entry for directoryname SAN
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-29 11:38:47 -04:00
Paul Elliott
d01a3bca05 Merge tag 'v3.4.0' into mbedtls-3.4.0_mergeback
Mbed TLS 3.4.0
2023-03-27 18:09:49 +01:00
Manuel Pégourié-Gonnard
a71594538f Add a ChangeLog entry for driver-only hashes
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-24 10:44:59 +01:00
Przemek Stekiel
ebfeb172ee Add change log entry (j-pake user/peer accept any values)
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-23 13:37:18 +01:00
Paul Elliott
dbe435cda0 Assemble Changelog for 3.4.0 release
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-23 10:46:10 +00:00
Tom Cosgrove
4903139bc4 Add security entry to ChangeLog for AES-NI
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-03-22 17:43:40 +00:00
Tom Cosgrove
a9c58584be Add security entry to ChangeLog for AES-CE
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-03-22 17:42:17 +00:00
Paul Elliott
e214827347 Add TLS1.2 Opaque ECJPAKE changelog entry
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-03-22 15:03:32 +00:00
Valerio Setti
89029e7366 changelog: fix description for ECDH changes
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-22 10:48:34 +01:00
Valerio Setti
8427b56d71 added changelog for accelerated ECDH changes
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-22 10:48:34 +01:00