kXuan
22fc906d57
Add ChangeLog and migration guide for MBEDTLS_ECP_FIXED_POINT_OPTIM
...
Signed-off-by: kXuan <kxuanobj@gmail.com>
2021-06-01 14:01:59 +08:00
kXuan
b2b3ec4f7a
add ecp_comb_table.py
...
ecp_comb_table.py generates comb table
Signed-off-by: kXuan <kxuanobj@gmail.com>
2021-06-01 10:02:14 +08:00
kXuan
ba9cb76e9f
static initialize comb table
...
MBEDTLS_ECP_FIXED_POINT_OPTIM aims to speed up ecc multiplication performance.
We compute the comb table in runtime now. It is a costly operation.
This patch add a pre-computed table to initialize well-known curves. It speed up ECDSA signature verify process in runtime by using more ROM size.
Signed-off-by: kXuan <kxuanobj@gmail.com>
2021-06-01 10:02:13 +08:00
Hanno Becker
cd817b0630
Remove misleading comment in TLS 1.3 key schedule code
...
The implementation documentation of
```
mbedtls_ssl_tls1_3_derive_early_secrets()
```
mentioned the PSK binder key, which is misleading because the
function doesn't actually calculate it.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-31 19:40:45 +01:00
Gilles Peskine
bbd617be5f
Remove duplicated definition of ASSERT_ALLOC
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-31 20:33:17 +02:00
Gilles Peskine
b2827693b5
Remove spurious dependencies on PEM
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-31 20:33:15 +02:00
TRodziewicz
231649a020
Changing the migration guide entry wording.
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-31 13:12:16 +02:00
TRodziewicz
4e57f4cdfd
Adding removed defines to check_config.h and fixing the migration guide entry.
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-31 12:58:25 +02:00
Manuel Pégourié-Gonnard
6d84e917bb
Merge pull request #4568 from creiter32/to_upstream/csr_critical_extensions
...
Expose flag for critical extensions
2021-05-31 12:46:59 +02:00
Manuel Pégourié-Gonnard
ee57ebe553
Add ChangeLog and migration guide entries
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-31 12:25:01 +02:00
Manuel Pégourié-Gonnard
42eba1a274
Fix a typo
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-31 12:14:02 +02:00
TRodziewicz
3670e387dc
Remove 3DES ciphersuites
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-31 12:11:53 +02:00
Manuel Pégourié-Gonnard
daae68d9b2
Merge pull request #4565 from mpg/fixup-changelog-4495-4286
...
Fix the "rm (D)TLS 1.0 1.1" ChangeLog entry
2021-05-31 11:37:04 +02:00
Manuel Pégourié-Gonnard
c42a0be00b
Clarify calling sequence in the Cipher layer
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-31 11:13:35 +02:00
Ronald Cron
ea62d2f391
Merge pull request #4369 from hanno-arm/relax_psk_config
...
Implement relaxed semantics for static PSK configuration in Mbed TLS 3.0
2021-05-31 10:03:56 +02:00
TRodziewicz
dee975af7d
Remove MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 option
...
Remove define
Add ChangeLog file and migration guide entry
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-28 15:27:01 +02:00
TRodziewicz
358e588b32
Temporary addition of an empty assert to satisfy the compiler
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-28 12:58:46 +02:00
TRodziewicz
bcd2b4b972
Addition of ommited part of code review follow-up
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-28 12:56:57 +02:00
Ronald Cron
f1eb425782
Merge pull request #4469 from xiaoxiang781216/padlock
...
aes: Check aes_padlock_ace > 0 before calling padlock
2021-05-28 11:06:40 +02:00
Hanno Becker
2bec09c113
Fix typo in migration guide
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-28 09:54:31 +01:00
Hanno Becker
934ab00f77
Minor improvement of ChangeLog wording
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-28 09:52:54 +01:00
Ronald Cron
c44a1d522a
Merge pull request #4507 from Venafi/userid-oid
...
Add OID for User ID
2021-05-28 10:43:41 +02:00
Hanno Becker
196739b478
Change wording in documentation of PSK configuration
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-28 05:33:14 +01:00
TRodziewicz
9b279f98bc
Removal of the rsa_invalid_param() from the test
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:38:53 +02:00
TRodziewicz
2d0769d149
Simplification of the tests
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:36:54 +02:00
TRodziewicz
7019955c76
Removal of the TEST_VALID_PARAM macro and its usages
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:35:04 +02:00
TRodziewicz
062f353804
Changes after code review
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:34:14 +02:00
Ronald Cron
7146cb9488
Merge pull request #4559 from gilles-peskine-arm/psa-storage-format-test-algorithms-3.0
...
PSA storage format test: algorithms
2021-05-27 17:33:57 +02:00
TRodziewicz
caf2ae04b8
ChangeLog and migration guide added.
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:33:51 +02:00
TRodziewicz
cc7074128a
Remove MBEDTLS_CHECK_PARAMS option
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:33:32 +02:00
Ronald Cron
875b5fb7fa
Refactor optional parameter check tests
...
Remove tests related to NULL pointers,
keep tests related to invalid enum values.
Remove test code related to MBEDTLS_CHECK_PARAMS.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-27 17:27:14 +02:00
Mateusz Starzyk
e7dce558c9
Merge branch 'development' into mbedtls_private_with_python
...
Conflicts:
include/mbedtls/ssl.h
Conflicts resolved by using code from development branch and
manually re-applying MBEDTLS_PRIVATE wrapping.
2021-05-27 16:02:46 +02:00
Mateusz Starzyk
55768f26fc
Fix MBEDTLS_PRIVATE wrapping in tests and sample programs.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-27 15:53:27 +02:00
Mateusz Starzyk
b4a012929d
Add test/helpers include to test drivers. Remove config.h include.
...
"test/helpers.h" defines MBEDTLS_ALLOW_PRIVATE_ACCESS. Drivers can include
that header instead of defining the MBEDTLS_ALLOW_PRIVATE_ACCESS themselves.
"test/helpers.h" includes config header as well. Remove obsolete config
includes from src/drivers.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-27 14:53:06 +02:00
Mateusz Starzyk
b1982728a5
Document MBEDTLS_ALLOW_PRIVATE_ACCESS inside test/helpers.h.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-27 14:46:48 +02:00
Mateusz Starzyk
3911e70eaa
Remove obsolete MBEDTLS_ALLOW_PRIVATE_ACCESS from helpers function.
...
MBEDTLS_ALLOW_PRIVATE_ACCESS is already defined inside test/helpers.h
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-27 14:44:31 +02:00
Mateusz Starzyk
03f00307a2
Add missing common.h include.
...
Remove obsolete config.h include when common.h is included.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-27 14:40:40 +02:00
Mateusz Starzyk
57d1d198ef
Fix typo
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-27 14:39:53 +02:00
Christoph Reiter
95273f4b07
Expose flag for critical extensions
...
Enables creating X.509 CSRs with critical extensions.
Signed-off-by: Christoph Reiter <christoph.reiter@infineon.com>
2021-05-27 14:27:43 +02:00
Ronald Cron
142c205ffc
Merge pull request #4513 from Patater/psa-without-genprime-fix
...
psa: Support RSA signature without MBEDTLS_GENPRIME
2021-05-27 14:19:24 +02:00
Mateusz Starzyk
cad24bb5d8
Make python script idempotent.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-27 13:50:40 +02:00
Gilles Peskine
4023c0153d
Add bad-workflow key derivation tests
...
Add HKDF tests where the sequence of inputs differs from the nominal
case: missing step, duplicate step, step out of order, or invalid step.
There were already similar tests for TLS 1.2 PRF. Add one with a key
agreement which has slightly different code.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-27 13:33:22 +02:00
Manuel Pégourié-Gonnard
e9cac0e277
Fix inconsistent documentation of cipher_setup()
...
- the \internal note said that calling cipher_init() first would be made
mandatory later, but the documention of the ctx parameter already said
the context had to be initialized...
- the documentation was using the word initialize for two different
meanings (calling setup() vs calling init()), making the documentation
of the ctx parameter quite confusing (you must initialize before you can
initialize...)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-27 12:59:11 +02:00
Mateusz Starzyk
284471c236
Clarify python script's comments
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-27 12:42:32 +02:00
Gilles Peskine
1c77edda15
More explicit names for some bad-workflow key derivation tests
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-27 11:55:02 +02:00
Ronald Cron
0cc60f9985
Improve some length parameter descriptions
...
Improve some length parameter descriptions, aligning
them with the descriptions for the one-shot
functions.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-27 09:58:21 +02:00
Ronald Cron
c0cc7ba51e
Change from total_input_len to plaintext_len as parameter name
...
plaintext_len conveys more information.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-27 09:58:12 +02:00
Manuel Pégourié-Gonnard
f3bacd72d2
Merge pull request #4476 from TRodziewicz/Remove__SSL_DTLS_BADMAC_LIMIT_option
...
Remove _SSL_DTLS_BADMAC_LIMIT option
2021-05-27 09:41:34 +02:00
TRodziewicz
1e660edd82
Change the comment wording in config.h
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-26 17:08:54 +02:00
TRodziewicz
0a02fbb783
Addition of the migration guide entry.
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-26 15:57:50 +02:00