-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updating test-ca.key to use AES instead of DES #7528
Updating test-ca.key to use AES instead of DES #7528
Commits on Mar 16, 2023
-
Add space to appease doxygen bug
See doxygen/doxygen#8706 Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for d855b46 - Browse repository at this point
Copy the full SHA d855b46View commit details -
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 4425383 - Browse repository at this point
Copy the full SHA 4425383View commit details -
Add initial API doc configuration
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e84d61c - Browse repository at this point
Copy the full SHA e84d61cView commit details -
Add configuration for Read The Docs
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 633a081 - Browse repository at this point
Copy the full SHA 633a081View commit details -
Ignore mbedtls macros causing warnings
Sphinx's breathe plugin cannot readily parse the Mbed TLS macros, so define the less essential ones away at the doxygen step to reduce the number of warnings. Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 1305581 - Browse repository at this point
Copy the full SHA 1305581View commit details -
Merge pull request Mbed-TLS#7230 from gabor-mezei-arm/6850_Secp256r1_…
…fast_reduction Extract Secp256r1 fast reduction from the prototype
Configuration menu - View commit details
-
Copy full SHA for c18cd0c - Browse repository at this point
Copy the full SHA c18cd0cView commit details -
Fix use of arithmetic on void*
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 28e4dc1 - Browse repository at this point
Copy the full SHA 28e4dc1View commit details -
Merge pull request Mbed-TLS#994 from yanesca/threat_model_summary
Add Threat Model Summary
Configuration menu - View commit details
-
Copy full SHA for a6b9e11 - Browse repository at this point
Copy the full SHA a6b9e11View commit details
Commits on Mar 17, 2023
-
Merge pull request Mbed-TLS#7242 from mpg/md-dispatch-psa
Implement MD dispatch to PSA
Configuration menu - View commit details
-
Copy full SHA for ec000c1 - Browse repository at this point
Copy the full SHA ec000c1View commit details -
Use MD_LIGHT rather than md5.h in pem.c
But, for now, still guard things with MBEDTLS_MD5_C, as md.c can only compute MD5 hashes when MBEDTLS_MD5_C is defined. We'll change the guards once that has changed. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 8316209 - Browse repository at this point
Copy the full SHA 8316209View commit details -
Use MD_LIGHT, not sha1.h, in RSA selftest
Same note as previous commit regarding guards. Note that we could auto-enable MD_LIGHT only when SELF_TEST is defined, and even only when SHA1_C is defined too, but somewhere down the line we'll want to auto-enable it for the sake of other RSA function (not in selftest and could use any hash), so there's little point in optimizing the temporary condition, let's use the simple one upfront. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for b33ef74 - Browse repository at this point
Copy the full SHA b33ef74View commit details -
Avoid double definition of MD_LIGHT
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 1b5ffc6 - Browse repository at this point
Copy the full SHA 1b5ffc6View commit details -
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 6ea8d34 - Browse repository at this point
Copy the full SHA 6ea8d34View commit details -
Merge pull request Mbed-TLS#7275 from valeriosetti/issue7255
Driver-only EC JPAKE: starter
Configuration menu - View commit details
-
Copy full SHA for 0d957d3 - Browse repository at this point
Copy the full SHA 0d957d3View commit details -
Merge pull request Mbed-TLS#1001 from paul-elliott-arm/development-re…
…stricted-test Fix CI build after repository merge conflict
Configuration menu - View commit details
-
Copy full SHA for 320f7ee - Browse repository at this point
Copy the full SHA 320f7eeView commit details -
Merge pull request Mbed-TLS#7009 from mprse/csr_write_san
Added ability to include the SubjectAltName extension to a CSR - v.2
Configuration menu - View commit details
-
Copy full SHA for 9f02a41 - Browse repository at this point
Copy the full SHA 9f02a41View commit details -
Merge pull request Mbed-TLS#7083 from KloolK/record-size-limit/parsing
Add parsing for Record Size Limit extension in TLS 1.3
Configuration menu - View commit details
-
Copy full SHA for 0e2b06a - Browse repository at this point
Copy the full SHA 0e2b06aView commit details -
rsa.c: rename getter function of hash_id
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Yanray Wang committedMar 17, 2023 Configuration menu - View commit details
-
Copy full SHA for d41684e - Browse repository at this point
Copy the full SHA d41684eView commit details -
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com> Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 8a7ed69 - Browse repository at this point
Copy the full SHA 8a7ed69View commit details -
rsa: add positive test cases for getter functions
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Yanray Wang committedMar 17, 2023 Configuration menu - View commit details
-
Copy full SHA for 15d3df7 - Browse repository at this point
Copy the full SHA 15d3df7View commit details -
rsa: add a test to check default padding mode and hash_id
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Yanray Wang committedMar 17, 2023 Configuration menu - View commit details
-
Copy full SHA for e05a21f - Browse repository at this point
Copy the full SHA e05a21fView commit details -
rsa_tests: use TEST_EQUAL instead of TEST_ASSERT
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Yanray Wang committedMar 17, 2023 Configuration menu - View commit details
-
Copy full SHA for 69bc840 - Browse repository at this point
Copy the full SHA 69bc840View commit details -
Add exemption for make.bat in checks for tabs
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for d50daed - Browse repository at this point
Copy the full SHA d50daedView commit details -
psa_crypto: Fix psa_key_derivation_output_key ECC without builtin keys
Fix psa_key_derivation_output_key not being able to derive ECC keys without MBEDTLS_BUILTIN ECC key types enabled. The PSA crypto drivers can generate these keys without requiring the builtin key types. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for bb576fe - Browse repository at this point
Copy the full SHA bb576feView commit details -
Handle dependency on ECP_C in ECC KDF
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 3831637 - Browse repository at this point
Copy the full SHA 3831637View commit details -
Add a test with all of ECC accelerated
Note that ECC key derivation is not using drivers yet, as we don't have driver support for cooked key derivation acceleration, see Mbed-TLS#5451 and follow-ups. So, we still need MBEDTLS_ECP_C enabled at least for this, and probably in several other places for now. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 0f60d09 - Browse repository at this point
Copy the full SHA 0f60d09View commit details -
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 30e9f2a - Browse repository at this point
Copy the full SHA 30e9f2aView commit details -
This was intended as an if-else-if chain. Make it so. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 36b9e47 - Browse repository at this point
Copy the full SHA 36b9e47View commit details -
Merge pull request Mbed-TLS#998 from yanesca/changelog_for_7083
Add changelog entry
Configuration menu - View commit details
-
Copy full SHA for 55ef304 - Browse repository at this point
Copy the full SHA 55ef304View commit details -
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Configuration menu - View commit details
-
Copy full SHA for f918d42 - Browse repository at this point
Copy the full SHA f918d42View commit details -
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Configuration menu - View commit details
-
Copy full SHA for f992e6f - Browse repository at this point
Copy the full SHA f992e6fView commit details
Commits on Mar 18, 2023
-
Merge pull request Mbed-TLS#7313 from daverodgman/aes-armv8-changelog
Changelog and terminology tidy-up for AESCE
Configuration menu - View commit details
-
Copy full SHA for b937c92 - Browse repository at this point
Copy the full SHA b937c92View commit details
Commits on Mar 20, 2023
-
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Yanray Wang committedMar 20, 2023 Configuration menu - View commit details
-
Copy full SHA for b46ccf2 - Browse repository at this point
Copy the full SHA b46ccf2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 14c194a - Browse repository at this point
Copy the full SHA 14c194aView commit details -
Merge pull request Mbed-TLS#7192 from joerchan/psa-update-mbedtls
psa_crypto: Fix psa_key_derivation_output_key ECC without builtin keys
Configuration menu - View commit details
-
Copy full SHA for c9ef476 - Browse repository at this point
Copy the full SHA c9ef476View commit details -
Merge pull request Mbed-TLS#7299 from valeriosetti/issue7280
Driver only EC JPAKE: enable ssl-opt.sh and get test parity
Configuration menu - View commit details
-
Copy full SHA for e91aada - Browse repository at this point
Copy the full SHA e91aadaView commit details -
Merge pull request Mbed-TLS#7300 from valeriosetti/issue7281
Driver only EC JPAKE: re-enable the EC J-PAKE key exchange and get test parity
Configuration menu - View commit details
-
Copy full SHA for 4ebe2a7 - Browse repository at this point
Copy the full SHA 4ebe2a7View commit details -
Add ChangeLog entry for driver-only EC J-PAKE
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e9a6022 - Browse repository at this point
Copy the full SHA e9a6022View commit details -
test: enable ECDH key exchanges for driver coverage tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 53a5844 - Browse repository at this point
Copy the full SHA 53a5844View commit details -
ssl-opt: solve errors in ECDH reference tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 6ba247c - Browse repository at this point
Copy the full SHA 6ba247cView commit details -
ssl_tls: fix guards for accelerated ECDH
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 5d1f29e - Browse repository at this point
Copy the full SHA 5d1f29eView commit details -
ecdh: solve disparities in accelerated ECDH vs reference
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 866aa18 - Browse repository at this point
Copy the full SHA 866aa18View commit details -
ssl-opt: remove leftover debug commands and fix comment
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 2f8eb62 - Browse repository at this point
Copy the full SHA 2f8eb62View commit details -
test_suite_ssl: remove redundant ECDH dependencies when the key excha…
…nge is specified Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for fdea36d - Browse repository at this point
Copy the full SHA fdea36dView commit details -
Merge pull request Mbed-TLS#6918 from yuhaoth/pr/add-gcm-with-armv8-c…
…rypto-extension Add GCM with armv8 crypto extension
Configuration menu - View commit details
-
Copy full SHA for c5807a6 - Browse repository at this point
Copy the full SHA c5807a6View commit details -
Note that MBEDTLS_HAVE_ASM is required by MBEDTLS_AESCE_C
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for f586aa2 - Browse repository at this point
Copy the full SHA f586aa2View commit details -
Merge pull request Mbed-TLS#7315 from mpg/ecjpake-changelog
Add ChangeLog entry for driver-only EC J-PAKE
Configuration menu - View commit details
-
Copy full SHA for 43f9a25 - Browse repository at this point
Copy the full SHA 43f9a25View commit details -
Merge pull request Mbed-TLS#997 from gilles-peskine-arm/aesni-intrinsics
Implement AESNI with intrinsics
Configuration menu - View commit details
-
Copy full SHA for d3b6e92 - Browse repository at this point
Copy the full SHA d3b6e92View commit details -
Merge pull request Mbed-TLS#7318 from tom-cosgrove-arm/update-mbedtls…
…_have_asm-requirements-in-mbedtls_config.h Note that MBEDTLS_HAVE_ASM is required by MBEDTLS_AESCE_C
Configuration menu - View commit details
-
Copy full SHA for 97fd217 - Browse repository at this point
Copy the full SHA 97fd217View commit details -
Merge pull request Mbed-TLS#7190 from yanrayw/6197_rsa_get_padding_ha…
…shID RSA: provide interface to retrieve padding mode and hash_id
Configuration menu - View commit details
-
Copy full SHA for 3543806 - Browse repository at this point
Copy the full SHA 3543806View commit details
Commits on Mar 21, 2023
-
Merge pull request Mbed-TLS#7296 from valeriosetti/issue7253-part1
driver-only ECDH: enable ECDH-based TLS 1.2 key exchanges -- part 1
Configuration menu - View commit details
-
Copy full SHA for e0e161b - Browse repository at this point
Copy the full SHA e0e161bView commit details -
MD no longer depends on a built-in hash
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 534d64d - Browse repository at this point
Copy the full SHA 534d64dView commit details -
PSA hash algs must be a superset of built-ins
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 235a933 - Browse repository at this point
Copy the full SHA 235a933View commit details -
Make MD_PSA_INIT/DONE available to all suites
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for ffcda56 - Browse repository at this point
Copy the full SHA ffcda56View commit details -
This enables access to all available hashes, instead of the previous situation where you had to choose by including MD_C or not. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 41bc8b6 - Browse repository at this point
Copy the full SHA 41bc8b6View commit details -
sed -i -f md.sed \ library/ecjpake.c \ include/medtls/ecjpake.h \ tests/suites/test_suite_ecjpake.* With md.sed as follows: s/\bMBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_MD5_C\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_RIPEMD160_C\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_SHA1_C\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_SHA224_C\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_SHA256_C\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_SHA384_C\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_SHA512_C\b/MBEDTLS_MD_CAN_SHA512/g Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for b2eb1f7 - Browse repository at this point
Copy the full SHA b2eb1f7View commit details -
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for be97afe - Browse repository at this point
Copy the full SHA be97afeView commit details -
sed -i -f md.sed library/pkcs12.c tests/suites/test_suite_pkcs12.* include/mbedtls/pkcs12.h with md.sed as before. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 0baad53 - Browse repository at this point
Copy the full SHA 0baad53View commit details -
Note: PEM_PARSE already auto-enables MD_LIGHT in build_info.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 1c2008f - Browse repository at this point
Copy the full SHA 1c2008fView commit details -
sed -i -f md.sed library/pem.c tests/suites/test_suite_pem* include/mbedtls/pem.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 52d02a8 - Browse repository at this point
Copy the full SHA 52d02a8View commit details -
Note: already auto-enabled in build_info.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for fb8d90a - Browse repository at this point
Copy the full SHA fb8d90aView commit details -
sed -i -f md.sed library/rsa.c tests/suites/test_suite_rsa* include/mbedtls/rsa.h tests/suites/test_suite_pkcs1_v* Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for c1f1044 - Browse repository at this point
Copy the full SHA c1f1044View commit details -
As a consequence, MD_C is now enabled in component accel_hash_use_psa. Fix guards in X.509 info function to avoid this causing a failure now. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 49e67f8 - Browse repository at this point
Copy the full SHA 49e67f8View commit details -
sed -i -f md.sed library/pkcs5.c tests/suites/test_suite_pkcs5* include/mbedtls/pkcs5.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for a5f0462 - Browse repository at this point
Copy the full SHA a5f0462View commit details -
test_suite_psa_crypto: use PSA_WANT
Could use MD_CAN, as both are equivalent when MBEDTLS_PSA_CRYPTO_C is defined, but using PSA_WANT is preferable in a PSA context. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 1d3bf24 - Browse repository at this point
Copy the full SHA 1d3bf24View commit details -
OID + misc crypto: use MD_CAN and fix failures
After this, only PK, X.509 and TLS remain to be done. Deterministic uses HMAC-DRBG which uses MD, so it needs crypto_init() when using a driver-only hash. Also, remove a special-purpose macro that's no longer needed. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for ebef58d - Browse repository at this point
Copy the full SHA ebef58dView commit details -
sed -i -f md.sed tests/suites/test_suite_pk{,parse,write}.* Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 0b8095d - Browse repository at this point
Copy the full SHA 0b8095dView commit details -
Introduce MD_OR_USE_PSA_INIT/DONE. This will likely be used everywhere in X.509 and SSL/TLS, but most places in PK only need USE_PSA_INIT/DONE. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for fa99afa - Browse repository at this point
Copy the full SHA fa99afaView commit details -
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for a946489 - Browse repository at this point
Copy the full SHA a946489View commit details -
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 33a1302 - Browse repository at this point
Copy the full SHA 33a1302View commit details -
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for bef824d - Browse repository at this point
Copy the full SHA bef824dView commit details -
1. Change USE_PSA_CRYPTO_INIT/DONE to MD_OR_USE. 2. Add missing occurrences - some of these were already necessary in principle (in one form or another) but where missing and this was not detected so far as `psa_hash` doesn't complain in case of a missing init, but now MD makes it visible. 3. Add missing include in ssl_test_lib.h. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 23fc437 - Browse repository at this point
Copy the full SHA 23fc437View commit details -
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 7224086 - Browse repository at this point
Copy the full SHA 7224086View commit details -
MD: use MD_CAN in test suite and check for parity
Split the part the varies between driver/built-in builds to a separate file for convenience. Fix analyze_outcomes.py to be able to exclude specific data files and not just a whole family at once. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 7d381f5 - Browse repository at this point
Copy the full SHA 7d381f5View commit details -
Fix typos & improve wording in comments
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 161dca6 - Browse repository at this point
Copy the full SHA 161dca6View commit details -
Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for f1eb5e2 - Browse repository at this point
Copy the full SHA f1eb5e2View commit details -
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 6fb105f - Browse repository at this point
Copy the full SHA 6fb105fView commit details -
Enable HKDF in driver-only hashes test
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 0d1921c - Browse repository at this point
Copy the full SHA 0d1921cView commit details -
Enable PKCS7 in driver-only hashes component
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for fbaf4e9 - Browse repository at this point
Copy the full SHA fbaf4e9View commit details -
Enable HMAC-DRBG in driver-only hashes component
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for d111fbd - Browse repository at this point
Copy the full SHA d111fbdView commit details -
Enable ECDSA-det in driver-only hashes component
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 91cc8bb - Browse repository at this point
Copy the full SHA 91cc8bbView commit details -
Remove now-spurious dependencies
Now that HMAC-DRBG can use driver, so can deterministic ECDSA Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 8965b65 - Browse repository at this point
Copy the full SHA 8965b65View commit details -
test_suite_ecp: Added ecp_mod_p384_raw() test case.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 619385d - Browse repository at this point
Copy the full SHA 619385dView commit details -
ecp test generator: Added EcpPp384R1Raw().
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Configuration menu - View commit details
-
Copy full SHA for f359c91 - Browse repository at this point
Copy the full SHA f359c91View commit details -
Rename misnamed changelog entries
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 3201f56 - Browse repository at this point
Copy the full SHA 3201f56View commit details -
ecp_curves: Minor rework for p384
This patch adjusts formatting, documentation and testing. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 37f4cb6 - Browse repository at this point
Copy the full SHA 37f4cb6View commit details -
EcpP384R1Raw: Added test case for 2nd round of carry reduction.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 4af90bb - Browse repository at this point
Copy the full SHA 4af90bbView commit details -
Add changelog entry for Mbed-TLS#6932 and Mbed-TLS#7203
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 8d3fa9b - Browse repository at this point
Copy the full SHA 8d3fa9bView commit details -
Update changelog entry, splitting into two sections
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for dcc0ee1 - Browse repository at this point
Copy the full SHA dcc0ee1View commit details -
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for c4d759b - Browse repository at this point
Copy the full SHA c4d759bView commit details -
Add Changelog for PSA to Mbed TLS error translation unification
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 1b59571 - Browse repository at this point
Copy the full SHA 1b59571View commit details
Commits on Mar 22, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 5663682 - Browse repository at this point
Copy the full SHA 5663682View commit details -
test: enable ECDHE key exchanges for driver coverage tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for a81130f - Browse repository at this point
Copy the full SHA a81130fView commit details -
ecdhe: fix guards for accelerated ECDHE key exchanges
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for d3f0b9e - Browse repository at this point
Copy the full SHA d3f0b9eView commit details -
ecdhe: solve disparities in accelerated ECDHE vs reference
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 7a2f396 - Browse repository at this point
Copy the full SHA 7a2f396View commit details -
test_suite_ssl: remove redundant dependencies when the key exchange i…
…s specified Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 13ce403 - Browse repository at this point
Copy the full SHA 13ce403View commit details -
ecdh: simplify guards for the newly created PSA_HAVE_FULL_ECDH symbol
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for da8535b - Browse repository at this point
Copy the full SHA da8535bView commit details -
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for ccf0be2 - Browse repository at this point
Copy the full SHA ccf0be2View commit details -
accelerated ecdh: re-enable TLS 1.3 key exchanges and fix guards in c…
…heck_config Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 4059aba - Browse repository at this point
Copy the full SHA 4059abaView commit details -
ssl_tls13: fix guards for accel ECDH
These changes fix all failures found in test_suite_ssl Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 90df310 - Browse repository at this point
Copy the full SHA 90df310View commit details -
ssl_tls: fix proper guards for accelerated ECDH
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 0c8ec39 - Browse repository at this point
Copy the full SHA 0c8ec39View commit details -
added changelog for accelerated ECDH changes
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 8427b56 - Browse repository at this point
Copy the full SHA 8427b56View commit details -
ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 080a22b - Browse repository at this point
Copy the full SHA 080a22bView commit details -
changelog: fix description for ECDH changes
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 89029e7 - Browse repository at this point
Copy the full SHA 89029e7View commit details -
ecp_curves: Re-introduced
mbedtls_ecp_fix_negative()
This patch re-introduces `mbedtls_ecp_fix_negative` and appropriately adjusts its' define guards. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 68d64a1 - Browse repository at this point
Copy the full SHA 68d64a1View commit details -
Merge pull request Mbed-TLS#7297 from valeriosetti/issue7253-part2
driver-only ECDH: enable ECDH-based TLS 1.2 key exchanges -- part 2
Configuration menu - View commit details
-
Copy full SHA for 8e9fb2d - Browse repository at this point
Copy the full SHA 8e9fb2dView commit details -
Add TLS1.2 Opaque ECJPAKE changelog entry
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e214827 - Browse repository at this point
Copy the full SHA e214827View commit details -
Remove Exhale from requirements and regenerate
Regenerate the requirements.txt with Exhale removed and also with Python 3.9 instead of 3.8, for parity with Read The Docs. Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5158bd8 - Browse repository at this point
Copy the full SHA 5158bd8View commit details -
Improve positioning of GENERATE_XML option
It is clearer to have this option next to the GENERATE_LATEX option. Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 1c693d4 - Browse repository at this point
Copy the full SHA 1c693d4View commit details -
Add security entry to ChangeLog for AES-CE
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for a9c5858 - Browse repository at this point
Copy the full SHA a9c5858View commit details -
Add security entry to ChangeLog for AES-NI
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 4903139 - Browse repository at this point
Copy the full SHA 4903139View commit details
Commits on Mar 23, 2023
-
ssl_tls: fix guard in ssl_misc.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 226f9b9 - Browse repository at this point
Copy the full SHA 226f9b9View commit details -
Merge pull request Mbed-TLS#7312 from valeriosetti/issue7254
driver-only ECDH: enable TLS 1.3 key exchanges
Configuration menu - View commit details
-
Copy full SHA for f0b883f - Browse repository at this point
Copy the full SHA f0b883fView commit details -
Assemble Changelog for 3.4.0 release
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for dbe435c - Browse repository at this point
Copy the full SHA dbe435cView commit details -
Bump library, libcrypto and libx509 versions
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for db67e99 - Browse repository at this point
Copy the full SHA db67e99View commit details -
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for b6264f3 - Browse repository at this point
Copy the full SHA b6264f3View commit details -
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for df2b5da - Browse repository at this point
Copy the full SHA df2b5daView commit details -
Merge pull request Mbed-TLS#7317 from mpg/lift-exclusions
Lift exclusions from driver-only hash component
Configuration menu - View commit details
-
Copy full SHA for ac6db4d - Browse repository at this point
Copy the full SHA ac6db4dView commit details -
ecp_curves: Updated ecp_mod_p384_raw documentation
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Configuration menu - View commit details
-
Copy full SHA for f9fca53 - Browse repository at this point
Copy the full SHA f9fca53View commit details
Commits on Mar 24, 2023
-
test: improve analyze_outcomes.py script
Allow the script to also execute the tests needed for the following analysis. It doesn't affect the previous usage of this script: - if the output file is already present, then only the analysis is performed - if the outfile does not exists, then tests are also executed before doing the analysis Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for a266332 - Browse repository at this point
Copy the full SHA a266332View commit details -
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5cd4b64 - Browse repository at this point
Copy the full SHA 5cd4b64View commit details -
These were assuming that psa_crypto_init() doesn't call hashes, which is not always correct. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 2334d3a - Browse repository at this point
Copy the full SHA 2334d3aView commit details -
Test entropy.c with driver-only hashes
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5d0d641 - Browse repository at this point
Copy the full SHA 5d0d641View commit details -
Force SHA-256 for entropy in libtestdriver1
We only enable SHA-256, so let's use that. Previously the entropy module was deciding which hash to use based on MBEDTLS_xxx_C feature macros, and since only SHA256_C was defined in config_test_driver.h, it used that and things worked. However since entropy was changed to use MD light, and MBEDTLS_MD_CAN_xxx feature macros, we had an issue: when building libtestdriver1 with its default config, MBEDTLS_PSA_ACCEL_ALG_SHA_512 is defined even though there's no actual accelerator in the build. (This is done so that PSA_WANT_ALG_SHA_512 can remain defined in order to match the application's config, while not defining MBEDTLS_PSA_BUILTIN_ALG_SHA_512 in order to only include what we need in the build of libtestdriver1.) This will cause MD to dispatch to PSA in order to take advantage of the accelerator, which will then fail because there is no accelerator not builtin for this hash. In the long-term, perhaps it would be best to address the root of the issue: defining MBEDTLS_PSA_ACCEL_ALG_SHA_512 in a build that doesn't actually have a SHA-512 accelerator is a lie. But that would require significant changes in libtestdriver1. So for now, just fix the most obvious symptom (picking a non-supported hash in entropy.h) by forcing the choice of hash to match what's in the libtestdriver1 config. Note: if the copy of entropy module in libtestdriver1 doesn't work, we'll get a failure when calling libtestdriver1_psa_crypto_init(), which we do, from mbedtls_test_transparent_init(), indirectly called by our psa_crypto_init() which will then fail. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 66300d6 - Browse repository at this point
Copy the full SHA 66300d6View commit details -
Fix entropy-related feature macros
Was causing testing disparities picked by analyze_outcomes.py Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 4011eb4 - Browse repository at this point
Copy the full SHA 4011eb4View commit details -
Fix instances of old feature macros being used
sed -i -f md.sed include/mbedtls/ssl.h library/hmac_drbg.c programs/pkey/*.c programs/x509/*.c tests/scripts/generate_pkcs7_tests.py tests/suites/test_suite_random.data Then manually revert programs/pkey/ecdsa.c as it's using a low-level hash API. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 9330242 - Browse repository at this point
Copy the full SHA 9330242View commit details -
Manually fix two remaining instances of old macros
Unless I missed something, all remaining instance of all macros are in files where it makes sense to use these. I went over the output of: git grep -c -E 'MBEDTLS_(MD5|RIPEMD160|SHA[0-9]*)_C' and I think all the files listed fall into one of the following acceptable categories: - documentation and historical documents: Changelog, docs/**/*.md - config files and related: mbedtls_config.h, configs/*.h, check_config.h, config_psa.h, etc. - scripts that build/modify configs: all.sh, depends.py, set_psa_test_dependencies.py, etc. - implementation of MD or PSA or related: md.h, psa_util.h, etc. and corresponding test suites - implementation of hashes: md5.c, sha256.h, etc. and corresponding test suites - two example programs using a low-level hash API: hash/hello.c, pkey/ecdsa.c - test/benchmark.c, test/selftest.c: actually want our built-in implementations - a function in test_suite_psa_crypto_storage_format that is specifically for checking if the hash is built in. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 33783b4 - Browse repository at this point
Copy the full SHA 33783b4View commit details -
Fix failures in test_suite_random
Appeared after the dependencies were changed to use MD_CAN. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e931977 - Browse repository at this point
Copy the full SHA e931977View commit details -
Use helper macros for hashes in check_config.h
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for bb21c5a - Browse repository at this point
Copy the full SHA bb21c5aView commit details -
Fix and simplify TLS hash dependency declarations
Fixes Mbed-TLS#6441 Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for a31ddb9 - Browse repository at this point
Copy the full SHA a31ddb9View commit details -
Disable built-in SHA-256 in accel_hash too
Now that Entropy doesn't need it any more, we can have driver-only SHA-256 (and 224 with it) in the non-USE_PSA component too. This reveals a missing PSA_INIT in a PK test using SHA-256. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for c584c27 - Browse repository at this point
Copy the full SHA c584c27View commit details -
Fix depends.py failure with correct TLS 1.2 deps
TLS 1.2 has never been able to work with only SHA-512, it just happened to pass previously because the declared dependencies were too lax. (Probably related to the fact that in the past we didn't distinguish between SHA-512 and SHA-384 in dependencies.) So, just disable all of TLS in SHA-512-only builds. While at it, tune build_info.h to make this easier - it already had partial support for disabling TLS 1.2 or TLS 1.3 in an easier way, but not both of them at the same time. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5a51d0d - Browse repository at this point
Copy the full SHA 5a51d0dView commit details -
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 70a1b6d - Browse repository at this point
Copy the full SHA 70a1b6dView commit details -
Update psa-migration/strategy.md
- Update for the new hashes strategy, in part by adding references to md-cipher-dispatch.md - General update about the status of things since the last update Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 52f7edb - Browse repository at this point
Copy the full SHA 52f7edbView commit details -
For recent work and latest plans. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 03cb87e - Browse repository at this point
Copy the full SHA 03cb87eView commit details -
Use PSA Crypto: try clarifying what it means
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 3dd9add - Browse repository at this point
Copy the full SHA 3dd9addView commit details -
Add a ChangeLog entry for driver-only hashes
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for a715945 - Browse repository at this point
Copy the full SHA a715945View commit details -
Fix documented dependencies on TLS 1.2
The check in check_config.h was fixed in a previous PR, but the documentation hadn't been updated accordingly. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for a22857b - Browse repository at this point
Copy the full SHA a22857bView commit details -
Try again to clarify USE_PSA_CRYPTO
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 2ca08c8 - Browse repository at this point
Copy the full SHA 2ca08c8View commit details -
Mention EC J-PAKE opaque passwords.
Unrelated to the other changes, other than I noticed it was missing while making the other edits. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 86efa85 - Browse repository at this point
Copy the full SHA 86efa85View commit details -
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for b38c9c8 - Browse repository at this point
Copy the full SHA b38c9c8View commit details -
tests/.gitignore: ignore *.o under tests/src/test_helpers
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Yanray Wang committedMar 24, 2023 Configuration menu - View commit details
-
Copy full SHA for 5663e74 - Browse repository at this point
Copy the full SHA 5663e74View commit details -
Merge pull request Mbed-TLS#7327 from mpg/entropy-md-light
Entropy: use MD light
Configuration menu - View commit details
-
Copy full SHA for 530da90 - Browse repository at this point
Copy the full SHA 530da90View commit details -
Merge pull request Mbed-TLS#1005 from paul-elliott-arm/mbedtls-3.4.0r…
…c0-pr Mbedtls 3.4.0rc0 pr - DO NOT MERGE
Configuration menu - View commit details
-
Copy full SHA for a33da45 - Browse repository at this point
Copy the full SHA a33da45View commit details
Commits on Mar 27, 2023
-
Merge pull request Mbed-TLS#7330 from mpg/hashes-wrapup
Driver-only hashes: wrap-up
Configuration menu - View commit details
-
Copy full SHA for 0048d15 - Browse repository at this point
Copy the full SHA 0048d15View commit details -
Improve docs Makefile to do full build
Include the make apidoc and breathe-apidoc steps in the documentation Makefile for ease of use. In this way, depart from the Makefile generated automatically by Sphinx. Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 9bca03a - Browse repository at this point
Copy the full SHA 9bca03aView commit details -
Remove make.bat for documentation
Building the docs on Windows is not supported in any case, as the apidoc target in the main Makefile will not run on Windows. Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 434fc5e - Browse repository at this point
Copy the full SHA 434fc5eView commit details -
Revert "Add exemption for make.bat in checks for tabs"
This is no longer needed as make.bat has been removed. We do not support building the documentation on Windows. This reverts commit d50daed. Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 9251ed5 - Browse repository at this point
Copy the full SHA 9251ed5View commit details -
psa_util: fix for correctly computing elements in array
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for ab9dc66 - Browse repository at this point
Copy the full SHA ab9dc66View commit details -
Merge pull request Mbed-TLS#7222 from minosgalanakis/bignum/6851_extr…
…act_Secp384r1_fast_reduction Bignum: Extract secp384r1 fast reduction from the prototype
Configuration menu - View commit details
-
Copy full SHA for 445c3bf - Browse repository at this point
Copy the full SHA 445c3bfView commit details -
Merge pull request Mbed-TLS#1010 from AndrzejKurek/fix-error-translation
psa_util: fix for correctly computing elements in array
Configuration menu - View commit details
-
Copy full SHA for 1873d3b - Browse repository at this point
Copy the full SHA 1873d3bView commit details -
Merge tag 'v3.4.0' into mbedtls-3.4.0_mergeback
Mbed TLS 3.4.0
Configuration menu - View commit details
-
Copy full SHA for d01a3bc - Browse repository at this point
Copy the full SHA d01a3bcView commit details -
ecp_mod_p224_raw: Added
MBEDTLS_ECP_DP_SECP224R1_ENABLED
as a depen……dency Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 37bdd93 - Browse repository at this point
Copy the full SHA 37bdd93View commit details -
This reverts commit df2b5da. Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for f04848c - Browse repository at this point
Copy the full SHA f04848cView commit details -
Fix conflict between restricted and development
MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA was removed in development and replaced with MBEDTLS_MD_CAN_SHA384. Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 6903438 - Browse repository at this point
Copy the full SHA 6903438View commit details
Commits on Mar 28, 2023
-
Merge pull request Mbed-TLS#1012 from paul-elliott-arm/mbedtls-3.4.0_…
…mergeback Mbedtls 3.4.0 merge back
Configuration menu - View commit details
-
Copy full SHA for da01817 - Browse repository at this point
Copy the full SHA da01817View commit details -
Clean the breathe-apidoc files with make clean
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for c1f2eef - Browse repository at this point
Copy the full SHA c1f2eefView commit details -
Add _build/ and api/ to gitignore
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 2717f62 - Browse repository at this point
Copy the full SHA 2717f62View commit details -
Merge pull request Mbed-TLS#7343 from minosgalanakis/ecp/sec-384-upda…
…te-test-macro-deps ecp: Updated ecp384 depedency macro
Configuration menu - View commit details
-
Copy full SHA for 0f50868 - Browse repository at this point
Copy the full SHA 0f50868View commit details -
test: add a test with all EC based algs accelerated
Actually this adds both the accelerated test as well as the reference. Both of them are used to evaluate the driver's coverage with analyze_outcomes.py script. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 42d5f19 - Browse repository at this point
Copy the full SHA 42d5f19View commit details -
ssl_tls: fix guard symbols for EC accelerated tests
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 1fa5c56 - Browse repository at this point
Copy the full SHA 1fa5c56View commit details -
test: remove previous tests for accelerated ECDSA/ECDH/ECJPAKE covera…
…ge analysis All these EC based algs are now tested all at once in test_psa_crypto_config_[accel/reference]_all_ec_algs_use_psa() functions. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 1c3de61 - Browse repository at this point
Copy the full SHA 1c3de61View commit details -
test: fix comments in test_psa_crypto_config_accel_ecc()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 6f820cc - Browse repository at this point
Copy the full SHA 6f820ccView commit details -
psa_crypto: fix guard for mbedtls_ecc_group_of_psa()
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 9affb73 - Browse repository at this point
Copy the full SHA 9affb73View commit details -
test: fix erroneous changes in all.sh
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 44b178c - Browse repository at this point
Copy the full SHA 44b178cView commit details -
test: remove unused tasks in analyze_outcomes.py
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 2495cdb - Browse repository at this point
Copy the full SHA 2495cdbView commit details -
test: improve comment in the added test
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 77bdff1 - Browse repository at this point
Copy the full SHA 77bdff1View commit details -
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 77a904c - Browse repository at this point
Copy the full SHA 77a904cView commit details -
test: moving accel ECJPAKE test close to accel ECDH and ECDSA ones
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 4fa6d0b - Browse repository at this point
Copy the full SHA 4fa6d0bView commit details -
test: removing test with all accel EC algs without USE_PSA
We keep tests without USE_PSA for single accel components (i.e. ECDH, ECDSA, ECJPAKE), but when testing for all 3 accelerated at the same time we use USE_PSA for better test coverage. However for this purpose there is already the: component_test_psa_crypto_config_[reference/accel]_all_ec_algs_use_psa() so we can delete this extra component. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for c762797 - Browse repository at this point
Copy the full SHA c762797View commit details -
test: simplify comment in test_psa_crypto_config_accel_all_ec_algs_us…
…e_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 6d687b9 - Browse repository at this point
Copy the full SHA 6d687b9View commit details -
test: fix wrong accelerated SHA1 symbol
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for b76672d - Browse repository at this point
Copy the full SHA b76672dView commit details -
tls12_client: remove unnecessary parentheses
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 4642316 - Browse repository at this point
Copy the full SHA 4642316View commit details -
Remove obsolete ecp_fix_negative function
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Configuration menu - View commit details
-
Copy full SHA for df9c029 - Browse repository at this point
Copy the full SHA df9c029View commit details
Commits on Mar 29, 2023
-
Merge pull request Mbed-TLS#7321 from valeriosetti/issue7272
Driver-only ECC: all three top-level modules
Configuration menu - View commit details
-
Copy full SHA for 77902df - Browse repository at this point
Copy the full SHA 77902dfView commit details -
test: add specific test with only accel EC curves and algs
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for b7e9544 - Browse repository at this point
Copy the full SHA b7e9544View commit details -
psa: set PSA_VENDOR_ECC_MAX_CURVE_BITS based on both SW and accelerat…
…ed support Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 8f1e98a - Browse repository at this point
Copy the full SHA 8f1e98aView commit details -
test: add legacy dependency for weierstrass key derivation
Weierstrass key derivation still depends on ECP_C (no driver dispatch yet), so the legacy dependency is still mandatory here. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for a532983 - Browse repository at this point
Copy the full SHA a532983View commit details -
psa: use only PSA_WANT symbols for PSA_VENDOR_ECC_MAX_CURVE_BITS
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 271c12e - Browse repository at this point
Copy the full SHA 271c12eView commit details -
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 5360886 - Browse repository at this point
Copy the full SHA 5360886View commit details -
test: disable proper key exchanges while testing accel EC algs
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 3ebecc9 - Browse repository at this point
Copy the full SHA 3ebecc9View commit details -
test: use BUILTIN symbols in as weierstrass key derivation guard
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 659aa68 - Browse repository at this point
Copy the full SHA 659aa68View commit details -
test: use full config as test starting point and solve issues
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 1a6d96f - Browse repository at this point
Copy the full SHA 1a6d96fView commit details -
test: add a companion test for another curve (x25519) and fix issues
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for e4758aa - Browse repository at this point
Copy the full SHA e4758aaView commit details -
check_config: add helper symbol for SECP256R1
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for ee9fa46 - Browse repository at this point
Copy the full SHA ee9fa46View commit details -
test: improve comments and code in newly added helper function
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for ee97a1e - Browse repository at this point
Copy the full SHA ee97a1eView commit details -
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for d0c644d - Browse repository at this point
Copy the full SHA d0c644dView commit details -
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 1f1420d - Browse repository at this point
Copy the full SHA 1f1420dView commit details -
Update documentation to mention ECC drivers
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 93b21e7 - Browse repository at this point
Copy the full SHA 93b21e7View commit details -
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5c8c9e0 - Browse repository at this point
Copy the full SHA 5c8c9e0View commit details -
test: fix/improve comments in all.sh
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 5aab43f - Browse repository at this point
Copy the full SHA 5aab43fView commit details -
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 22992a0 - Browse repository at this point
Copy the full SHA 22992a0View commit details -
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for f109c66 - Browse repository at this point
Copy the full SHA f109c66View commit details -
Update documented dependencies on ECC algs
Previous PRs update check_config.h correctly, but forgot the documentation in mbedtls_config.h. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 4fa702a - Browse repository at this point
Copy the full SHA 4fa702aView commit details -
Merge pull request Mbed-TLS#7307 from Mbed-TLS/sphinx-versioned-docum…
…entation Generate API documentation with Sphinx and Breathe
Configuration menu - View commit details
-
Copy full SHA for 05c5a91 - Browse repository at this point
Copy the full SHA 05c5a91View commit details -
test: remove old component errouneously reintroduced during rebase
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 846118b - Browse repository at this point
Copy the full SHA 846118bView commit details -
Add support for directoryName subjectAltName
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for e12b01d - Browse repository at this point
Copy the full SHA e12b01dView commit details -
Add the original certificate to be malformed for x509 tests
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for 4a4f1ec - Browse repository at this point
Copy the full SHA 4a4f1ecView commit details -
Introduce proper memory management for SANs
DirectoryName parsing performs allocation that has to be handled. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for d40c2b6 - Browse repository at this point
Copy the full SHA d40c2b6View commit details -
Introduce a test for a malformed directoryname SAN
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for 151d85d - Browse repository at this point
Copy the full SHA 151d85dView commit details -
Adjust error reporting in x509 SAN parsing
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for bf8ccd8 - Browse repository at this point
Copy the full SHA bf8ccd8View commit details -
Switch from PEM to DER format for new x509 directoryname test
This simplifies generating malformed data and doesn't require the PEM support for tests. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for d348632 - Browse repository at this point
Copy the full SHA d348632View commit details -
Add a test for a malformed directoryname sequence
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for d90376e - Browse repository at this point
Copy the full SHA d90376eView commit details -
Add changelog entry for directoryname SAN
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for 9fa1d25 - Browse repository at this point
Copy the full SHA 9fa1d25View commit details -
Move an x509 malformation test
Now, that the errors are not silently ignored anymore, instead of expecting a <malformed> tag in parsed data, the test case returns an error. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for 532b8d4 - Browse repository at this point
Copy the full SHA 532b8d4View commit details -
Add missing deallocation of subject alt name
Since mbedtls_x509_get_name allocates memory when parsing a directoryName, deallocation has to be performed if anything fails in the meantime. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for 5f0c6e8 - Browse repository at this point
Copy the full SHA 5f0c6e8View commit details -
Add missing information about supported subjectAltName types
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for 8bc128e - Browse repository at this point
Copy the full SHA 8bc128eView commit details -
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for 43d7131 - Browse repository at this point
Copy the full SHA 43d7131View commit details -
Clarify SAN structure memory management
Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Configuration menu - View commit details
-
Copy full SHA for c27ba3a - Browse repository at this point
Copy the full SHA c27ba3aView commit details -
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Andrzej Kurek committedMar 29, 2023 Configuration menu - View commit details
-
Copy full SHA for 303704e - Browse repository at this point
Copy the full SHA 303704eView commit details
Commits on Mar 30, 2023
-
Merge pull request Mbed-TLS#7334 from valeriosetti/analyze_outcomes_i…
…mprovement Improve analyze_outcomes.py script
Configuration menu - View commit details
-
Copy full SHA for 1640682 - Browse repository at this point
Copy the full SHA 1640682View commit details -
Merge pull request Mbed-TLS#7336 from yanrayw/6500-gitignore-fix
fix: ignore *.o under tests/src/test_helpers
Configuration menu - View commit details
-
Copy full SHA for 99771a3 - Browse repository at this point
Copy the full SHA 99771a3View commit details -
Fix dependency check for TLS 1.3 ECDH
This part is specific to 1.3 and directly calls PSA APIs regardless of whether MBEDTLS_USE_PSA_CRYPTO is defined, so use PSA_WANT. Note: the code is already using PSA_WANT everywhere in ssl_tls13*.c. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 59b61da - Browse repository at this point
Copy the full SHA 59b61daView commit details -
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 9463e78 - Browse repository at this point
Copy the full SHA 9463e78View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0ab380a - Browse repository at this point
Copy the full SHA 0ab380aView commit details -
Merge pull request Mbed-TLS#7352 from gabor-mezei-arm/6349_fix_merge
Remove obsolete ecp_fix_negative function
Configuration menu - View commit details
-
Copy full SHA for 54118a1 - Browse repository at this point
Copy the full SHA 54118a1View commit details -
Merge pull request Mbed-TLS#6900 from AndrzejKurek/san-dirname
Add support for directoryName subjectAltName
Configuration menu - View commit details
-
Copy full SHA for 03d557d - Browse repository at this point
Copy the full SHA 03d557dView commit details
Commits on Mar 31, 2023
-
psa: Remove unnecessary headers
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Configuration menu - View commit details
-
Copy full SHA for fe8e135 - Browse repository at this point
Copy the full SHA fe8e135View commit details -
psa: include: Move some Mbed TLS headers
The structures related to CMAC, GCM, CCM and CHACHAPOLY operations are defined in crypto_builtin_composites.h not in crypto_struct.h. Thus move the cmac.h, gcm.h, ccm.h and chachapoly.h header inclusions from crypto_struct.h to crypto_builtin_composites.h. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e7cde18 - Browse repository at this point
Copy the full SHA e7cde18View commit details -
psa: include: Move key derivation builtin and driver contexts
Move key derivation builtin and driver contexts to specific header files as key derivation contexts depend both on primitive and composite crypto algorithms contexts. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 2f10fce - Browse repository at this point
Copy the full SHA 2f10fceView commit details -
psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option
The support for the PSA crypto driver interface is not optional anymore as the implementation of the PSA cryptography interface has been restructured around the PSA crypto driver interface (see psa-crypto-implementation-structure.md). There is thus no purpose for the configuration options MBEDTLS_PSA_CRYPTO_DRIVERS anymore. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e6e6b75 - Browse repository at this point
Copy the full SHA e6e6b75View commit details -
psa: Introduce psa/build_info.h
The PSA cryptography repository is based to start with on the PSA cryptography implementation in Mbed TLS but with a different directority structure, build system and build configuration. The build-time configuration information in the PSA cryptography repository is psa/build_info.h. This commit introduces this file in Mbed TLS to be used in place of mbedtls/build_info.h (but basically just an alias to it) in PSA headers. This is to ease the update of the PSA cryptography repository. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Configuration menu - View commit details
-
Copy full SHA for f6236f0 - Browse repository at this point
Copy the full SHA f6236f0View commit details -
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 135f2ae - Browse repository at this point
Copy the full SHA 135f2aeView commit details -
psa: Introduce PSA crypto core common symbols
When compiling some PSA core files of the PSA cryptography repository, both the Mbed TLS library and the PSA cryptography core common.h are included and if they define the same inline functions (same name), the compilation fails. Thus, inline functions prefixed by psa_crypto_ instead of mbedtls_ are defined in the PSA cryptography core common.h header. To ease the maintenance of the PSA cryptography repository, introduce those symbols in Mbed TLS as well and use them in PSA crypto core code files instead of their Mbed TLS equivalent. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Configuration menu - View commit details
-
Copy full SHA for afbc7ed - Browse repository at this point
Copy the full SHA afbc7edView commit details -
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 789cef8 - Browse repository at this point
Copy the full SHA 789cef8View commit details -
all.sh: Fix test component name
The component_test_psa_crypto_drivers was renamed component_test_psa_crypto_builtin_keys in a previous commit. This was misleading as the goal of the component is not to test the builtin keys but to run the PSA unit tests with the test drivers doing the cryptographic operations. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 32a432a - Browse repository at this point
Copy the full SHA 32a432aView commit details -
Merge pull request Mbed-TLS#6891 from yuhaoth/pr/add-milliseconds-pla…
…tform-function Add milliseconds platform time function
Configuration menu - View commit details
-
Copy full SHA for b8f5ba8 - Browse repository at this point
Copy the full SHA b8f5ba8View commit details -
Extract MPI_CORE(mul) from the prototype
Signed-off-by: Hanno Becker <hanno.becker@arm.com> Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 4ae890b - Browse repository at this point
Copy the full SHA 4ae890bView commit details -
Tidy up, remove MPI_CORE(), apply the naming convention, and use the …
…new mbedtls_mpi_core_mul() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 6af26f3 - Browse repository at this point
Copy the full SHA 6af26f3View commit details -
Add unit tests for mbedtls_mpi_core_mul()
The test cases use the following MPI values. The .data file only includes those (a, b) values where a <= b; the test code does a * b and b * a. 0 1 80 ff 100 fffe ffff 10000 ffffffff 100000000 20000000000000 7f7f7f7f7f7f7f7f 8000000000000000 ffffffffffffffff 10000000000000000 10000000000000001 1234567890abcdef0 fffffffffffffffffefefefefefefefe 100000000000000000000000000000000 1234567890abcdef01234567890abcdef0 ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0 4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b The lines in the .data file were generated by the following script ``` #!/usr/bin/env perl # # mpi-test-core-mul.pl - generate MPI tests in Perl for mbedtls_mpi_core_mul() # use strict; use warnings; use Math::BigInt; use sort 'stable'; my $echo = 0; my @mul_mpis = qw( 0 1 80 ff 100 fffe ffff 10000 ffffffff 100000000 20000000000000 7f7f7f7f7f7f7f7f 8000000000000000 ffffffffffffffff 10000000000000000 10000000000000001 1234567890abcdef0 fffffffffffffffffefefefefefefefe 100000000000000000000000000000000 1234567890abcdef01234567890abcdef0 ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0 4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b ); generate_tests(); sub generate_tests { generate_mbedtls_mpi_core_mul(); } sub generate_mbedtls_mpi_core_mul { my $sub_name = (caller(0))[3]; # e.g. main::generate_mbedtls_mpi_sub_mpi my ($ignore, $test_name) = split("main::generate_", $sub_name); my @Cases = (); for my $ah (@mul_mpis) { for my $bh (@mul_mpis) { my $a = Math::BigInt->from_hex($ah); my $b = Math::BigInt->from_hex($bh); next if $a > $b; # don't need to repeat test cases my $r = $a * $b; my $rh = $r->to_hex(); my $desc = "$test_name #NUMBER: 0x$ah * 0x$bh = 0x$rh"; my $case = output($test_name, str($ah), str($bh), str($rh)); push(@Cases, [$case, $desc]); } } output_cases("", @Cases); } sub output_cases { my ($explain, @Cases) = @_; my $count = 1; for my $c (@Cases) { my ($case, $desc, $dep) = @$c; $desc =~ s/NUMBER/$count/; $count++; if (defined($explain) && $desc =~ /EXPLAIN/) { $desc =~ s/EXPLAIN/$explain/; $explain = ""; } my $depends = ""; $depends = "depends_on:$dep\n" if defined($dep) && length($dep); print <<EOF; $desc $depends$case EOF } } sub output { return join(":", @_); } sub str { return '"' . $_[0] . '"'; } ``` Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Configuration menu - View commit details
-
Copy full SHA for e16a945 - Browse repository at this point
Copy the full SHA e16a945View commit details -
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5ded38e - Browse repository at this point
Copy the full SHA 5ded38eView commit details -
Add generated test for core_mul
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 87223ab - Browse repository at this point
Copy the full SHA 87223abView commit details -
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 6f182c3 - Browse repository at this point
Copy the full SHA 6f182c3View commit details -
Fix cast alignment warning in timing.c
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 33b2210 - Browse repository at this point
Copy the full SHA 33b2210View commit details -
Test that setting reset actually does something
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 4ffc9d8 - Browse repository at this point
Copy the full SHA 4ffc9d8View commit details -
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Configuration menu - View commit details
-
Copy full SHA for d43b42e - Browse repository at this point
Copy the full SHA d43b42eView commit details -
Merge pull request Mbed-TLS#7385 from daverodgman/timing_alignment
Fix cast alignment warning in timing.c
Configuration menu - View commit details
-
Copy full SHA for dd48c6e - Browse repository at this point
Copy the full SHA dd48c6eView commit details
Commits on Apr 3, 2023
-
test: disable all RSA algs and fix tests
All RSA associated algs are now forcedly disabled both on library and driver sides. Some PSA driver tests required to be fixed because they were just requiring for not having the built-in version, but they didn't check if the driver one was present (kind of assuming that RSA was always supported on the driver side). Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for c6ecdad - Browse repository at this point
Copy the full SHA c6ecdadView commit details -
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 0a7ff79 - Browse repository at this point
Copy the full SHA 0a7ff79View commit details -
adding missing newline at the end of changelog file
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Configuration menu - View commit details
-
Copy full SHA for 3a3a756 - Browse repository at this point
Copy the full SHA 3a3a756View commit details -
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Configuration menu - View commit details
-
Copy full SHA for f8b55d6 - Browse repository at this point
Copy the full SHA f8b55d6View commit details -
Merge pull request Mbed-TLS#7103 from valeriosetti/issue6622
Some MAX_SIZE macros are too small when PSA ECC is accelerated
Configuration menu - View commit details
-
Copy full SHA for 86d5d4b - Browse repository at this point
Copy the full SHA 86d5d4bView commit details -
Multplication is simmetric so only generate unique combinations
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Configuration menu - View commit details
-
Copy full SHA for b0f0137 - Browse repository at this point
Copy the full SHA b0f0137View commit details -
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Configuration menu - View commit details
-
Copy full SHA for d626051 - Browse repository at this point
Copy the full SHA d626051View commit details
Commits on Apr 4, 2023
-
Fix memory allocations in pkcs7_verify test
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Configuration menu - View commit details
-
Copy full SHA for 9735be5 - Browse repository at this point
Copy the full SHA 9735be5View commit details -
Merge pull request Mbed-TLS#7059 from ronald-cron-arm/psa-crypto-misc
PSA cryptography miscellaneous
Configuration menu - View commit details
-
Copy full SHA for 219f978 - Browse repository at this point
Copy the full SHA 219f978View commit details -
Merge pull request Mbed-TLS#6233 from tom-cosgrove-arm/issue-6226-cor…
…e-mul Bignum: extract core_mul from the prototype
Configuration menu - View commit details
-
Copy full SHA for 13c73de - Browse repository at this point
Copy the full SHA 13c73deView commit details -
Merge pull request Mbed-TLS#7394 from mprse/fix_pkcs7_test_alloc
Fix memory allocations in pkcs7_verify test
Configuration menu - View commit details
-
Copy full SHA for 56f59d7 - Browse repository at this point
Copy the full SHA 56f59d7View commit details
Commits on Apr 5, 2023
-
bignum: Removed merge scaffolding.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 00bd892 - Browse repository at this point
Copy the full SHA 00bd892View commit details
Commits on Apr 6, 2023
-
Merge pull request Mbed-TLS#7324 from minosgalanakis/bignum/remove-sc…
…affolding bignum: Removed merge scaffolding
Configuration menu - View commit details
-
Copy full SHA for bcf2f66 - Browse repository at this point
Copy the full SHA bcf2f66View commit details