Commit graph

27165 commits

Author SHA1 Message Date
Dave Rodgman
f6f76c5a25
Merge pull request #8240 from mpg/doc-driver-only-hashes
Document driver only hashes (overdue)
2023-09-24 13:41:45 +01:00
Manuel Pégourié-Gonnard
030f11b0b1 Type fixes and wording improvements
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-24 09:48:47 +02:00
Manuel Pégourié-Gonnard
e47c53eeab Fix SHA-3 in accel tests that need it
Components that accelerate an algorithm that uses hashing internally
(such as deterministic ECDSA and RSA-PSS) need the hash algorithms
available in libtestdriver1.

Previously, the omission of SHA-3 in
tests/include/test/drivers/crypto_config_test_driver_extension.h meant
it was enabled in libtestdriver1 when not requesting its acceleration,
and disabled when requesting it. Adding it in a previous commit fixed
the components that asked it accelerated, but broke the component that
didn't ask for it but still needed it.

Fix those components by explicitly requesting SHA-3 as we already do for
the other hash algorithms that are require for the same reason.

Note: this broke test_suite_psa_crypto_storage_format.v0 which is
apparently the only place exercising signatures with SHA-3.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-24 09:48:47 +02:00
Manuel Pégourié-Gonnard
f4ceb16813 Fix dependencies for SHA-3 MD dispatch tests
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-24 09:48:46 +02:00
Manuel Pégourié-Gonnard
1f61b7b8ea Document driver-only hashes
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-24 09:48:46 +02:00
Manuel Pégourié-Gonnard
cc21ad441a Add SHA-3 support to libtestdriver1
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-24 09:48:45 +02:00
Gilles Peskine
10304d8329
Merge pull request #8244 from paul-elliott-arm/remove_travis_ci
Remove all travis builds except for coverity_scan
2023-09-22 21:53:33 +00:00
Dave Rodgman
27b7e2f350
Merge pull request #8243 from daverodgman/update-tfm-config
Update TF-M config
2023-09-22 18:52:29 +00:00
Gilles Peskine
6809f231a6
Merge pull request #8210 from yanrayw/aes_128bit_improvement
AES 128bit only: add guards in cipher_wrap.c
2023-09-22 18:15:03 +00:00
Gilles Peskine
ae3cda9541
Merge pull request #8092 from silabs-Kusumit/PBKDF2_output_key
PBKDF2: test output_key
2023-09-22 18:01:06 +00:00
Paul Elliott
645a541747 Remove all travis builds except for coverity_scan
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-09-22 17:50:44 +01:00
Dave Rodgman
739d815b7f Remove PK options
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-22 17:40:24 +01:00
Dave Rodgman
84e8f1d618 Set MBEDTLS_MD_C
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-22 17:40:18 +01:00
Dave Rodgman
4f53520f54
Merge pull request #8241 from daverodgman/cast_warning
fix cast warning
2023-09-22 14:23:05 +00:00
Dave Rodgman
38c3228f3e fix cast warning
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-22 10:51:37 +01:00
Tom Cosgrove
41434d043c
Merge pull request #8237 from tom-cosgrove-arm/mbedtls_pk_write_key_der-unused-len-and-unreachable-ret
Remove unused variable and unreachable return from mbedtls_pk_write_key_der()
2023-09-22 08:45:48 +00:00
Dave Rodgman
aaebc9be51
Merge pull request #8235 from daverodgman/misc-size 2023-09-21 18:42:37 +01:00
Tom Cosgrove
8d276fbc23 Remove unused variable and unreachable return from mbedtls_pk_write_key_der()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-09-21 17:19:36 +01:00
Gilles Peskine
af3b6fe12d
Merge pull request #8232 from gilles-peskine-arm/rename-p256m-config
Rename p256m configuration option
2023-09-21 12:52:44 +00:00
Dave Rodgman
ef6795d2a9 Reduce size of mbedtls_asn1_get_len
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 10:35:33 +01:00
Dave Rodgman
d3450da98d Re-order mbedtls_ccm_context
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-21 10:34:45 +01:00
Gilles Peskine
67cf66b427 Add a note about the code size benefits
We don't normally make promises related to code size, but this one is vague
enough (just "to benefit"), and it's what a lot of users of this option
care about.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-20 23:19:46 +02:00
Gilles Peskine
29d0bfba0d Rename option where concatenated with -D
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-20 23:11:33 +02:00
Gilles Peskine
3aa79691fc Add a note about p256m near the option to enable secp256r1
Only document it with the PSA configuration, not for
MBEDTLS_ECP_DP_SECP256R1_ENABLED, since p256m can't be used with the classic
API.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-20 20:54:50 +02:00
Gilles Peskine
08b66cd7d7 Move MBEDTLS_PSA_P256M_DRIVER_ENABLED to keep alphabetical order
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-20 20:51:47 +02:00
Gilles Peskine
efaee9a299 Give a production-sounding name to the p256m option
Now that p256-m is officially a production feature and not just an example,
give it a more suitable name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-20 20:49:47 +02:00
Manuel Pégourié-Gonnard
5edb942708
Merge pull request #8041 from mpg/tfm-p256m
Test TF-M config with p256-m driver
2023-09-20 16:09:56 +00:00
Paul Elliott
5382ba6987
Merge pull request #8230 from gilles-peskine-arm/test_tls1_2_ecjpake_compatibility-avoid-build-race
Work around a race condition in parallel builds
2023-09-20 15:53:04 +00:00
Manuel Pégourié-Gonnard
3ec976c42c Fix typo in variable declaration
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-20 16:12:46 +02:00
Gilles Peskine
edc8456e01 Work around a race condition in parallel builds
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-20 15:03:18 +02:00
Gilles Peskine
eda1b1f744
Merge pull request #7921 from valeriosetti/issue7613
TLS: Clean up ECDSA dependencies
2023-09-20 12:47:55 +00:00
Gilles Peskine
452beb9076
Merge pull request #8203 from gilles-peskine-arm/p256-m-production
Declare p256-m as ready for production
2023-09-20 09:36:05 +00:00
Manuel Pégourié-Gonnard
f25189473b Fix documentation of error codes
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-20 09:42:55 +02:00
Manuel Pégourié-Gonnard
5ca69349b5 Improve comments on key formats
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-20 09:28:02 +02:00
Manuel Pégourié-Gonnard
fbea9d2e7d Improve return code
CORRUPTION_DETECTED should be reserved for cases that are impossible,
short of physical corruption during execution or a major bug in the
code. We shouldn't use this for the kind of mistakes that can happen
during configuration or integration, such as calling a driver on a key
type that it doesn't support.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-20 09:22:29 +02:00
Gilles Peskine
bd50d5baec
Merge pull request #8177 from gilles-peskine-arm/generated-files-off-in-release
Generated files off in release
2023-09-18 14:11:58 +00:00
Dave Rodgman
25c271a035
Merge pull request #8182 from daverodgman/asn1write-size
Reduce code size in mbedtls_asn1_write_len
2023-09-18 10:27:23 +00:00
Manuel Pégourié-Gonnard
97bb726e2d Add clarifying comment
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-18 11:28:32 +02:00
Manuel Pégourié-Gonnard
275afe187f Fix preset shared between 1.2 and 1.3
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-18 11:19:20 +02:00
Manuel Pégourié-Gonnard
f299efdb96 Improve a comment
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-18 11:19:04 +02:00
Gilles Peskine
67c86e626b
Merge pull request #7961 from gilles-peskine-arm/psa_crypto_config-in-full
Enable MBEDTLS_PSA_CRYPTO_CONFIG in the full config
2023-09-18 08:13:12 +00:00
Gilles Peskine
8fbef064a6
Merge pull request #8217 from paul-elliott-arm/remove_unused_values_programs
Remove unneeded setting of ret from ssl programs
2023-09-18 08:13:00 +00:00
Gilles Peskine
5083a5b85e
Merge pull request #8220 from jnmeurisse/development
Fix issue #8215 : add missing requires documentation in mbedtls_config.h
2023-09-18 10:06:14 +02:00
Manuel Pégourié-Gonnard
4f119b8f21 Remove extra copies of a block of comment/define
Not sure how it happened, but this block was not just duplicated, but
triplicated. Keep only the first copy: the one before the code that uses
the macro being defined.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-18 09:57:04 +02:00
Manuel Pégourié-Gonnard
f7298cd397 Fix some issues in comments
Ranging from typos to outdated comment contradicting the code.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-09-18 09:55:24 +02:00
jnmeurisse
83f0a65d71
Fix issue #8215 : add missing requires documentation in mbedtls_config.h
Add missing requirements MBEDTLS_SSL_PROTO_TLS1_2 to option MBEDTLS_SSL_RENEGOTIATION documentation.

Signed-off-by: jnmeurisse <88129653+jnmeurisse@users.noreply.github.com>
2023-09-16 18:12:18 +02:00
Dave Rodgman
0c9516ea89 code style
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-15 18:30:09 +01:00
Dave Rodgman
127f35d5e5 Merge remote-tracking branch 'origin/development' into asn1write-size
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-15 18:02:59 +01:00
Dave Rodgman
ecdfc1c94f Fix poorly named function
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-09-15 18:00:37 +01:00
Paul Elliott
fd3360ebf4 Remove unneeded setting of ret from ssl programs
Remove coverity warnings on unused values.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-09-15 17:41:25 +01:00