yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
20881 commits 1 branch 0 tags 94 MiB
Commit graph

5325 commits

Author SHA1 Message Date
Paul Elliott
cd08ba0326 Bump version to 3.2.1 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-07-12 10:51:55 +01:00
Manuel Pégourié-Gonnard
bab73ab842 Loosen guards in mbedtls_psa_translate_md() 
Depending only of our software implementation was too strict. The
function can be useful when only the PSA implementation is available,
since oftentimes the algorithm will still be expressed as an md_type for
legacy reasons.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:20 +02:00
Manuel Pégourié-Gonnard
46a295422d Build and test RSA PKCS#1v1.5 without MD 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard
3f4778995e Rm dependency on MD in psa_crypto_rsa.c 
The previous commit made the PKCS#1v1.5 part of rsa.c independent from
md.c, but there was still a dependency in the corresponding part in PSA.
This commit removes it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard
fe2b9b5397 Make mbedtls_oid_get_md_alg() always available 
This is a step towards building with RSA PKCS#1v1.5 without MD.

Also loosen guards around oid data: the OID definitions clearly don't
depend on our software implementation.

We could simply have no dependency as this is just data. But for the
sake of code size, let's have some guards so that people who don't use
MD5, SHA1 or RIPEMD160 don't have to pay the price for them.

Note: this is used for RSA (PKCS#v1.5) signatures among other things, an
area that is not influenced by USE_PSA, so the guards should not depend
on it either.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:19 +02:00
Manuel Pégourié-Gonnard
b86279fc63 Build and test PK without MD 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-12 11:11:18 +02:00
Paul Elliott
20362cd1ca Bump library and so versions for 3.2.0 release 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-07-11 13:56:01 +01:00
Ronald Cron
ce7d76e2ee Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr 2022-07-11 10:22:37 +02:00
Manuel Pégourié-Gonnard
3e83098e01 Clarify the TLS 1.3 situation 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-04 12:44:32 +02:00
Manuel Pégourié-Gonnard
ff43ff6e78 Remove stability waiver from USE_PSA 
It was initially motivated by the fact that the PSA Crypto APIs
themselves were not stable. In the meantime, PSA Crypto has reached
1.0.0 so this no longer applies.

If we want user to be able to fully benefit from PSA in order to
isolate long-term secrets, they need to be able to use the new APIs with
confidence. There is no reason to think those APIs are any more likely
to change than any of our other APIs, and if they do, we'll follow the
normal process (deprecated in favour of a new variant).

For reference, the APIs in question are:

mbedtls_pk_setup_opaque() // to use PSA-held ECDSA/RSA keys in TLS

mbedtls_ssl_conf_psk_opaque()   // for PSA-held PSKs in TLS
mbedtls_ssl_set_hs_psk_opaque() // for PSA-held PSKs in TLS

mbedtls_cipher_setup_psa() (deprecated in 3.2)
mbedtls_pk_wrap_as_opaque() (documented internal, to be removed in 3.2)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-07-04 12:38:43 +02:00
Manuel Pégourié-Gonnard
4d7af2aee0
Merge pull request #5835 from superna9999/5831-tls-1-2-ciphersuite-selection 
Permissions 2a: TLS 1.2 ciphersuite selection
 2022-07-04 12:37:02 +02:00
Paul Elliott
41aa808a56
Merge pull request #952 from gilles-peskine-arm/stdio_buffering-setbuf 
Turn off stdio buffering with setbuf()
 2022-07-04 10:12:22 +01:00
Paul Elliott
bae7a1a5a6
Merge pull request #5620 from gstrauss/dn_hints 
Add accessors to config DN hints for cert request
 2022-07-01 17:23:14 +01:00
Manuel Pégourié-Gonnard
790ab52ee0
Merge pull request #5962 from gilles-peskine-arm/storage-format-doc-202206 
Documentation about storage format compatibility
 2022-07-01 12:21:17 +02:00
Gilles Peskine
0bd76ee2ed Fix Doxygen documentation attached to non-existent elements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 19:32:02 +02:00
Gilles Peskine
6497b5a1d1 Add setbuf platform function 
Add a platform function mbedtls_setbuf(), defaulting to setbuf().

The intent is to allow disabling stdio buffering when reading or writing
files with sensitive data, because this exposes the sensitive data to a
subsequent memory disclosure vulnerability.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 17:01:40 +02:00
Ronald Cron
bcde39ca4a
Merge pull request #5612 from tom-cosgrove-arm/tls13-config-options 
Document that MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is required by MBEDTLS_SSL_PROTO_TLS1_3

Fully validated by the internal CI. No need to wait for the open one.
 2022-06-30 15:10:02 +02:00
Manuel Pégourié-Gonnard
31fcfd5632
Merge pull request #5981 from mprse/hkdf_config_fix 
Add comment to config_psa.h about enabling PSA_HKDF/-EXTRACT/-EXPAND
 2022-06-30 11:27:16 +02:00
Tom Cosgrove
afb2fe1acf Document that MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is required by MBEDTLS_SSL_PROTO_TLS1_3 
Also have check_config.h enforce this. And MBEDTLS_SSL_EXPORT_KEYS has been removed,
so no longer mention it.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-06-29 16:36:12 +01:00
Werner Lewis
6d71944f0d Specify unit for rk_offset in AES context 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-29 16:17:50 +01:00
Werner Lewis
dd76ef359d Refactor AES context to be shallow-copyable 
Replace RK pointer in AES context with a buffer offset, to allow
shallow copying. Fixes #2147.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-29 16:17:50 +01:00
Gilles Peskine
955993c4b5 For status values, the macro expansions must not change either 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-29 14:37:17 +02:00
Ronald Cron
7898fd456a
Merge pull request #5970 from gabor-mezei-arm/5229_Send_dummy_change_cipher_spec_records_from_server 
TLS 1.3 server: Send dummy change_cipher_spec records

The internal CI PR-merge job ran successfully thus good to go.
 2022-06-29 09:47:49 +02:00
Gilles Peskine
7d14c19730
Merge pull request #5905 from gilles-peskine-arm/changelog-improvements-20220609-development 
Changelog improvements before the 3.2 release
 2022-06-28 21:00:10 +02:00
Glenn Strauss
999ef70b27 Add accessors to config DN hints for cert request 
mbedtls_ssl_conf_dn_hints()
mbedtls_ssl_set_hs_dn_hints()

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-06-28 12:43:59 -04:00
Neil Armstrong
9f4606e6d2 Rename mbedtls_ssl_get_ciphersuite_sig_pk_ext_XXX in mbedtls_ssl_get_ciphersuite_sig_pk_ext_XXX() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-06-28 18:12:17 +02:00
Neil Armstrong
0c9c10a401 Introduce mbedtls_ssl_get_ciphersuite_sig_pk_ext_alg() and use it in ssl_pick_cert() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-06-28 18:10:48 +02:00
Gabor Mezei
f7044eaec8
Fix name 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-06-28 16:01:49 +02:00
Summer Qin
9f2596f387 Add MBEDTLS_POLY1305_C and MBEDTLS_CHACHA20_C 
MBEDTLS_POLY1305_C and MBEDTLS_CHACHA20_C are needed
when PSA_WANT_ALG_CHACHA20_POLY1305 is defined

Signed-off-by: Summer Qin <summer.qin@arm.com>
 2022-06-28 17:56:27 +08:00
Glenn Strauss
01d2f52a32 Inline mbedtls_x509_dn_get_next() in x509.h 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-06-27 14:20:07 -04:00
Przemek Stekiel
18399d8d53 Add comment to config_psa.h about enabling PSA_HKDF/PSA_HKDF_EXRACT/PSA_HKDF_EXPAND algs 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-27 15:36:06 +02:00
Manuel Pégourié-Gonnard
93a7f7d7f8
Merge pull request #5954 from wernerlewis/x509_next_merged 
Add mbedtls_x509_dn_get_next function
 2022-06-24 09:59:22 +02:00
Manuel Pégourié-Gonnard
4cfaae5b6b Save code size by calling get_type only once 
This is an external function, so in the absence of link-time
optimisation (LTO) the compiler can't know anything about it and has to
call it the number of times it's called in the source code.

This only matters for pk_ec, but change pk_rsa as well for the sake of
uniformity.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-06-23 09:43:39 +02:00
Gabor Mezei
7b39bf178e
Send dummy change_cipher_spec records from TLS 1.3 server 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-06-22 17:07:21 +02:00
Przemek Stekiel
b33bd19197 Enable HKDF EXTRACT/EXPAND algs 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-21 09:58:51 +02:00
Manuel Pégourié-Gonnard
22e84de971 Improve contract of mbedtls_pk_ec/rsa() 
Trusting the caller to perform the appropriate check is both risky, and
a bit user-unfriendly. Returning NULL on error seems both safer
(dereferencing a NULL pointer is more likely to result in a clean crash,
while mis-casting a pointer might have deeper, less predictable
consequences) and friendlier (the caller can just check the return
value for NULL, which is a common idiom).

Only add that as an additional way of using the function, for the sake
of backwards compatibility. Calls where we know the type of the context
for sure (for example because we just set it up) were legal and safe, so
they should remain legal without checking the result for NULL, which
would be redundant.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-06-20 21:12:29 +02:00
Manuel Pégourié-Gonnard
1c91b0c434 Clarify warning about mbedtls_pk_ec/rsa() 
The previous wording "ensure it holds an XXX" context did not mean
anything without looking at the source.

Looking at the source, the criterion is:
- for mbedtls_pk_rsa(), that the info structure uses rsa_alloc_wrap;
- for mbedtls_pk_ec(), that it uses eckey_alloc_wrap or
ecdsa_alloc_wrap, since mbedtls_ecdsa_context is a typedef for
mbedtls_ecp_keypair. (Note that our test code uses mbedtls_pk_ec() on
contexts of type MBEDTLS_PK_ECDSA.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-06-20 21:12:29 +02:00
Gilles Peskine
4b873874a3 Backward compatibility: the key store with drivers 
Promise that we will try to keep backward compatibility with basic driver
usage, but not with more experimental aspects.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-20 18:50:09 +02:00
Gilles Peskine
98473c4523 Officially deprecate MBEDTLS_PSA_CRYPTO_SE_C 
This was intended as experimental, and we've been saying for a long time
that it's superseded by the "unified driver interface", but we hadn't
documented that inside the Mbed TLS source code. So announce it as
deprecated.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-20 18:46:22 +02:00
Gilles Peskine
7973399f7b Add compatibility notes regarding values embedded in the key store 
Certain numerical values are written to the key store. Changing those
numerical values would break the backward compatibility of stored keys. Add
a note to the affected types. Add comments near the definitions of affected
values.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-20 18:41:20 +02:00
Gilles Peskine
f070a5e5d5 Document how PSA identifiers are generally constructed 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-20 18:40:45 +02:00
Gilles Peskine
36aeb7f163
Merge pull request #5834 from mprse/HKDF_1 
HKDF 1: PSA: implement HKDF_Expand and HKDF_Extract algorithms
 2022-06-20 15:27:46 +02:00
Werner Lewis
2f1d51070c Fix incorrect param in function declaration 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-20 11:48:35 +01:00
Werner Lewis
b3acb053fb Add mbedtls_x509_dn_get_next function 
Allow iteration through relative DNs when X509 name contains multi-
value RDNs.

Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-06-17 16:40:55 +01:00
Tuvshinzaya Erdenekhuu
44baacd089 Update documenation of PSA_ALG_RSA_PSS 
Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-06-17 12:10:35 +01:00
Gilles Peskine
9b3278b263 Doc: the SHA256/SHA512 options also cover SHA224/SHA384 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-09 19:09:38 +02:00
Paul Elliott
5f2bc754d6
Merge pull request #5792 from yuhaoth/pr/add-tls13-moving-state-tests 
Pr/add-tls13-moving-state-tests
 2022-06-08 13:39:52 +01:00
Dave Rodgman
4b55a89327
Merge pull request #5887 from tom-daubney-arm/mbedtls_x509_crt_ext_types_accessor 
Add accessor for x509 certificate extension types
 2022-06-06 21:51:38 +01:00
Thomas Daubney
a5f39e0ec2 Move accessor definition 
Move the definition of the accessor so that it is not defined
within the MBEDTLS_X509_CRT_WRITE_C guards. Thus remove the
dependency from the test and test cases.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-06-06 15:42:32 +01:00
Przemek Stekiel
3e8249cde0 Add PSA_WANT_ALG_HKDF_EXPAND, PSA_WANT_ALG_HKDF_EXTRACT, adapt code and dependencies 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-03 16:18:15 +02:00
Przemek Stekiel
73f97d4841 PSA_ALG_HKDF: add salt processing warning 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-03 16:18:15 +02:00
Przemek Stekiel
a29b488296 Optimize code by adding PSA_ALG_IS_ANY_HKDF macro 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-03 16:18:09 +02:00
Przemek Stekiel
459ee35062 Fix typo and style 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-06-02 11:16:52 +02:00
Thomas Daubney
979aa49d1c Add accessor for x509 certificate extension types 
Add accessor for x509 certificate extension types

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-06-01 10:22:14 +01:00
Gilles Peskine
09858ae664
Merge pull request #5813 from mprse/deprecate_mbedtls_cipher_setup_psa 
Deprecate mbedtls_cipher_setup_psa()
 2022-05-31 10:56:52 +02:00
Janos Follath
07c2e5e6d5
Merge pull request #5860 from superna9999/4745-psa-jpake-api-fixes 
PSA J-PAKE API has missing elements and confusing documentation
 2022-05-31 08:27:32 +01:00
Jerry Yu
4dec0e5329 fix state undeclare error 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-05-31 15:06:04 +08:00
Neil Armstrong
ccffab38a3 Remove linkage documentation on PAKE cipher-suite helpers 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-30 15:49:21 +02:00
Dave Rodgman
52625b739e
Merge pull request #5876 from tom-cosgrove-arm/fix-typos-220526 
Fix spelling and typographical errors found by cspell
 2022-05-30 11:35:55 +01:00
Janos Follath
1bc0ca4ed3
Merge pull request #5875 from Summer-ARM/mbedtls-psa-crypto-config 
Remove duplicated PSA_WANT_ALG_CMAC in crypto_config.h
 2022-05-30 09:41:48 +01:00
Neil Armstrong
5ed8a0ec73 Overall PSA PAKE API style issues fixes 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-27 09:47:53 +02:00
Neil Armstrong
5892aa69e3 Fix typo in PSA_ALG_JPAKE documentation 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-27 09:44:47 +02:00
Tom Cosgrove
1e21144194 Fix spelling and typographical errors found by cspell 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-05-26 11:51:00 +01:00
Summer Qin
f0b4253c68 Remove duplicated PSA_WANT_ALG_CMAC in crypto_config.h 
Signed-off-by: Summer Qin <summer.qin@arm.com>
 2022-05-26 09:38:33 +08:00
XiaokangQian
6b916b1616 Add client certificate parse and certificate verify 
Change-Id: I638db78922a03db6f8bd70c6c5f56fb60365547d
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-26 00:40:53 +00:00
Neil Armstrong
ef15751f08 PSA PAKE API typos in documentation fixes 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-25 11:49:45 +02:00
Neil Armstrong
72ab56a1fe Overall PSA PAKE API style issues fixes 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-25 11:48:37 +02:00
Neil Armstrong
eb93a6f1d8 Use PSA_ALG_NONE in PSA_PAKE_OPERATION_INIT to init psa_algorithm_t 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-25 11:41:05 +02:00
Neil Armstrong
2056ce5111 Fix PSA_PAKE_OUTPUT_MAX_SIZE/PSA_PAKE_INPUT_MAX_SIZE commment about parameters to PSA_PAKE_OUTPUT_SIZE/PSA_PAKE_INPUT_SIZE 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-25 11:38:15 +02:00
Manuel Pégourié-Gonnard
69e348db85
Merge pull request #5833 from superna9999/5826-create-mbedtls-pk-can-do-psa 
Permissions 1: create `mbedtls_pk_can_do_ext()`
 2022-05-23 10:58:32 +02:00
Neil Armstrong
b2f2b027c2 Clarify mbedtls_pk_can_do_ext() return documentation amd add warning on future addition of allowed algs & usage flags 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 12:00:56 +02:00
Neil Armstrong
e9b4581b16 Clarify BAD_STATE return documentation on bad ordering of input and output steps for psa_pake_input() & psa_pake_output() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:52:30 +02:00
Neil Armstrong
0d24575ad0 Clarify BAD_STATE return documentation of psa_pake_set_peer() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:52:30 +02:00
Neil Armstrong
59fa8ee090 Update return documentation of psa_pake_abort() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:52:30 +02:00
Neil Armstrong
97d74b8abb Update return documentation of psa_pake_get_implicit_key() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:52:30 +02:00
Neil Armstrong
407b27b516 Update return documentation of psa_pake_input() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:52:30 +02:00
Neil Armstrong
664077e3ae Update return documentation of psa_pake_output() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:52:30 +02:00
Neil Armstrong
2a6dd9c2a8 Rename & update documentation of function, types, and macros for psa_pake_set_role() and associated 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:52:30 +02:00
Neil Armstrong
16ff788f9d Update return documentation of psa_pake_set_peer() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:22 +02:00
Neil Armstrong
3585168259 Update return documentation of psa_pake_set_user() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:22 +02:00
Neil Armstrong
71cae6121d Update return documentation of psa_pake_set_password_key() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:22 +02:00
Neil Armstrong
4721a6f33e Update return documentation of psa_pake_setup() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:22 +02:00
Neil Armstrong
1614537697 Fix password wording in PSA_ALG_JPAKE documentation 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:22 +02:00
Neil Armstrong
7bc71e9c04 Fix output_size documentation of psa_pake_output() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:22 +02:00
Neil Armstrong
cd974d590b Fix return documentation of PSA_PAKE_OUTPUT_SIZE 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:22 +02:00
Neil Armstrong
d5a4825b84 Add missing psa_pake_cs_get_bits() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:22 +02:00
Neil Armstrong
ff9cac72e7 Add missing psa_pake_cs_get_family() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:22 +02:00
Neil Armstrong
0c8ef93c8e Add missing psa_pake_abort() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:22 +02:00
Neil Armstrong
799106b441 Pass input as const reference and fix documentation of psa_pake_input() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:22 +02:00
Neil Armstrong
47e700e7de Pass cipher_suite parameter of psa_pake_setup() by const reference 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:51:20 +02:00
Neil Armstrong
0151c55b56 Add documentation of PSA_PAKE_OPERATION_INIT 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:50:58 +02:00
Neil Armstrong
5ff6a7fa97 Add missing psa_pake_cipher_suite_init() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 11:50:57 +02:00
Neil Armstrong
fb99302726 Add missing PSA_PAKE_CIPHER_SUITE_INIT 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 10:45:01 +02:00
Neil Armstrong
a724f7ae17 Document mbedtls_pk_can_do_ext() return for non-allowed algorithms and usage flags 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-20 09:28:12 +02:00
bootstrap-prime
6dbbf44d78
Fix typos in documentation and constants with typo finding tool 
Signed-off-by: bootstrap-prime <bootstrap.prime@gmail.com>
 2022-05-18 14:15:33 -04:00
Przemek Stekiel
b398d8693f Update descryption of HKDF-Extract/Expand algs and fix comment 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-05-18 15:43:54 +02:00
Neil Armstrong
408f6a60a3 Add usage parameter to mbedtls_pk_can_do_ext() 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-17 14:23:20 +02:00
Neil Armstrong
cec133a242 Fix typo in mbedtls_pk_can_do_ext() documentation 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-05-17 11:56:01 +02:00
Manuel Pégourié-Gonnard
1cd4f6a873
Merge pull request #5794 from mprse/cipher_dep 
Fix undeclared dependencies: CIPHER
 2022-05-12 13:09:04 +02:00
Manuel Pégourié-Gonnard
4014a0408e
Merge pull request #5617 from gilles-peskine-arm/chacha20-rfc7539-test-vector 
PSA: ChaCha20: add RFC 7539 test vector with counter=1
 2022-05-12 12:34:20 +02:00