Updating test-ca.key to use AES instead of DES #7528

See doxygen/doxygen#8706 Signed-off-by: David Horstmann <david.horstmann@arm.com>

Signed-off-by: David Horstmann <david.horstmann@arm.com>

Sphinx's breathe plugin cannot readily parse the Mbed TLS macros, so define the less essential ones away at the doxygen step to reduce the number of warnings. Signed-off-by: David Horstmann <david.horstmann@arm.com>

…fast_reduction Extract Secp256r1 fast reduction from the prototype

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

Add Threat Model Summary

Implement MD dispatch to PSA

But, for now, still guard things with MBEDTLS_MD5_C, as md.c can only compute MD5 hashes when MBEDTLS_MD5_C is defined. We'll change the guards once that has changed. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Same note as previous commit regarding guards. Note that we could auto-enable MD_LIGHT only when SELF_TEST is defined, and even only when SHA1_C is defined too, but somewhere down the line we'll want to auto-enable it for the sake of other RSA function (not in selftest and could use any hash), so there's little point in optimizing the temporary condition, let's use the simple one upfront. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Driver-only EC JPAKE: starter

…stricted-test Fix CI build after repository merge conflict

Added ability to include the SubjectAltName extension to a CSR - v.2

Add parsing for Record Size Limit extension in TLS 1.3

Signed-off-by: Yanray Wang <yanray.wang@arm.com>

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com> Signed-off-by: Yanray Wang <yanray.wang@arm.com>

Signed-off-by: Yanray Wang <yanray.wang@arm.com>

Signed-off-by: David Horstmann <david.horstmann@arm.com>

Fix psa_key_derivation_output_key not being able to derive ECC keys without MBEDTLS_BUILTIN ECC key types enabled. The PSA crypto drivers can generate these keys without requiring the builtin key types. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Note that ECC key derivation is not using drivers yet, as we don't have driver support for cooked key derivation acceleration, see Mbed-TLS#5451 and follow-ups. So, we still need MBEDTLS_ECP_C enabled at least for this, and probably in several other places for now. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

This was intended as an if-else-if chain. Make it so. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

Add changelog entry

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

Changelog and terminology tidy-up for AESCE

Signed-off-by: Yanray Wang <yanray.wang@arm.com>

Use md light

psa_crypto: Fix psa_key_derivation_output_key ECC without builtin keys

Driver only EC JPAKE: enable ssl-opt.sh and get test parity

Driver only EC JPAKE: re-enable the EC J-PAKE key exchange and get test parity

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

…nge is specified Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

…rypto-extension Add GCM with armv8 crypto extension

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>

Add ChangeLog entry for driver-only EC J-PAKE

Implement AESNI with intrinsics

…_have_asm-requirements-in-mbedtls_config.h Note that MBEDTLS_HAVE_ASM is required by MBEDTLS_AESCE_C

…shID RSA: provide interface to retrieve padding mode and hash_id

driver-only ECDH: enable ECDH-based TLS 1.2 key exchanges -- part 1

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

This enables access to all available hashes, instead of the previous situation where you had to choose by including MD_C or not. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

sed -i -f md.sed \ library/ecjpake.c \ include/medtls/ecjpake.h \ tests/suites/test_suite_ecjpake.* With md.sed as follows: s/\bMBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA\b/MBEDTLS_MD_CAN_SHA512/g s/\bMBEDTLS_MD5_C\b/MBEDTLS_MD_CAN_MD5/g s/\bMBEDTLS_RIPEMD160_C\b/MBEDTLS_MD_CAN_RIPEMD160/g s/\bMBEDTLS_SHA1_C\b/MBEDTLS_MD_CAN_SHA1/g s/\bMBEDTLS_SHA224_C\b/MBEDTLS_MD_CAN_SHA224/g s/\bMBEDTLS_SHA256_C\b/MBEDTLS_MD_CAN_SHA256/g s/\bMBEDTLS_SHA384_C\b/MBEDTLS_MD_CAN_SHA384/g s/\bMBEDTLS_SHA512_C\b/MBEDTLS_MD_CAN_SHA512/g Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

sed -i -f md.sed library/pkcs12.c tests/suites/test_suite_pkcs12.* include/mbedtls/pkcs12.h with md.sed as before. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Note: PEM_PARSE already auto-enables MD_LIGHT in build_info.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

sed -i -f md.sed library/pem.c tests/suites/test_suite_pem* include/mbedtls/pem.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Note: already auto-enabled in build_info.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

sed -i -f md.sed library/rsa.c tests/suites/test_suite_rsa* include/mbedtls/rsa.h tests/suites/test_suite_pkcs1_v* Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

As a consequence, MD_C is now enabled in component accel_hash_use_psa. Fix guards in X.509 info function to avoid this causing a failure now. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

sed -i -f md.sed library/pkcs5.c tests/suites/test_suite_pkcs5* include/mbedtls/pkcs5.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Could use MD_CAN, as both are equivalent when MBEDTLS_PSA_CRYPTO_C is defined, but using PSA_WANT is preferable in a PSA context. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

After this, only PK, X.509 and TLS remain to be done. Deterministic uses HMAC-DRBG which uses MD, so it needs crypto_init() when using a driver-only hash. Also, remove a special-purpose macro that's no longer needed. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

sed -i -f md.sed tests/suites/test_suite_pk{,parse,write}.* Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Introduce MD_OR_USE_PSA_INIT/DONE. This will likely be used everywhere in X.509 and SSL/TLS, but most places in PK only need USE_PSA_INIT/DONE. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

1. Change USE_PSA_CRYPTO_INIT/DONE to MD_OR_USE. 2. Add missing occurrences - some of these were already necessary in principle (in one form or another) but where missing and this was not detected so far as `psa_hash` doesn't complain in case of a missing init, but now MD makes it visible. 3. Add missing include in ssl_test_lib.h. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Split the part the varies between driver/built-in builds to a separate file for convenience. Fix analyze_outcomes.py to be able to exclude specific data files and not just a whole family at once. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Now that HMAC-DRBG can use driver, so can deterministic ECDSA Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

This patch adjusts formatting, documentation and testing. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

Use md-can macros

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

…s specified Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

…heck_config Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

These changes fix all failures found in test_suite_ssl Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

This patch re-introduces `mbedtls_ecp_fix_negative` and appropriately adjusts its' define guards. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>

driver-only ECDH: enable ECDH-based TLS 1.2 key exchanges -- part 2

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

Regenerate the requirements.txt with Exhale removed and also with Python 3.9 instead of 3.8, for parity with Read The Docs. Signed-off-by: David Horstmann <david.horstmann@arm.com>

It is clearer to have this option next to the GENERATE_LATEX option. Signed-off-by: David Horstmann <david.horstmann@arm.com>

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

driver-only ECDH: enable TLS 1.3 key exchanges

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

Lift exclusions from driver-only hash component

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>

Allow the script to also execute the tests needed for the following analysis. It doesn't affect the previous usage of this script: - if the output file is already present, then only the analysis is performed - if the outfile does not exists, then tests are also executed before doing the analysis Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

These were assuming that psa_crypto_init() doesn't call hashes, which is not always correct. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

We only enable SHA-256, so let's use that. Previously the entropy module was deciding which hash to use based on MBEDTLS_xxx_C feature macros, and since only SHA256_C was defined in config_test_driver.h, it used that and things worked. However since entropy was changed to use MD light, and MBEDTLS_MD_CAN_xxx feature macros, we had an issue: when building libtestdriver1 with its default config, MBEDTLS_PSA_ACCEL_ALG_SHA_512 is defined even though there's no actual accelerator in the build. (This is done so that PSA_WANT_ALG_SHA_512 can remain defined in order to match the application's config, while not defining MBEDTLS_PSA_BUILTIN_ALG_SHA_512 in order to only include what we need in the build of libtestdriver1.) This will cause MD to dispatch to PSA in order to take advantage of the accelerator, which will then fail because there is no accelerator not builtin for this hash. In the long-term, perhaps it would be best to address the root of the issue: defining MBEDTLS_PSA_ACCEL_ALG_SHA_512 in a build that doesn't actually have a SHA-512 accelerator is a lie. But that would require significant changes in libtestdriver1. So for now, just fix the most obvious symptom (picking a non-supported hash in entropy.h) by forcing the choice of hash to match what's in the libtestdriver1 config. Note: if the copy of entropy module in libtestdriver1 doesn't work, we'll get a failure when calling libtestdriver1_psa_crypto_init(), which we do, from mbedtls_test_transparent_init(), indirectly called by our psa_crypto_init() which will then fail. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Was causing testing disparities picked by analyze_outcomes.py Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

sed -i -f md.sed include/mbedtls/ssl.h library/hmac_drbg.c programs/pkey/*.c programs/x509/*.c tests/scripts/generate_pkcs7_tests.py tests/suites/test_suite_random.data Then manually revert programs/pkey/ecdsa.c as it's using a low-level hash API. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Unless I missed something, all remaining instance of all macros are in files where it makes sense to use these. I went over the output of: git grep -c -E 'MBEDTLS_(MD5|RIPEMD160|SHA[0-9]*)_C' and I think all the files listed fall into one of the following acceptable categories: - documentation and historical documents: Changelog, docs/**/*.md - config files and related: mbedtls_config.h, configs/*.h, check_config.h, config_psa.h, etc. - scripts that build/modify configs: all.sh, depends.py, set_psa_test_dependencies.py, etc. - implementation of MD or PSA or related: md.h, psa_util.h, etc. and corresponding test suites - implementation of hashes: md5.c, sha256.h, etc. and corresponding test suites - two example programs using a low-level hash API: hash/hello.c, pkey/ecdsa.c - test/benchmark.c, test/selftest.c: actually want our built-in implementations - a function in test_suite_psa_crypto_storage_format that is specifically for checking if the hash is built in. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Appeared after the dependencies were changed to use MD_CAN. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Fixes Mbed-TLS#6441 Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Now that Entropy doesn't need it any more, we can have driver-only SHA-256 (and 224 with it) in the non-USE_PSA component too. This reveals a missing PSA_INIT in a PK test using SHA-256. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

TLS 1.2 has never been able to work with only SHA-512, it just happened to pass previously because the declared dependencies were too lax. (Probably related to the fact that in the past we didn't distinguish between SHA-512 and SHA-384 in dependencies.) So, just disable all of TLS in SHA-512-only builds. While at it, tune build_info.h to make this easier - it already had partial support for disabling TLS 1.2 or TLS 1.3 in an easier way, but not both of them at the same time. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

- Update for the new hashes strategy, in part by adding references to md-cipher-dispatch.md - General update about the status of things since the last update Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

For recent work and latest plans. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

The check in check_config.h was fixed in a previous PR, but the documentation hadn't been updated accordingly. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Unrelated to the other changes, other than I noticed it was missing while making the other edits. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Yanray Wang <yanray.wang@arm.com>

Entropy: use MD light

…c0-pr Mbedtls 3.4.0rc0 pr - DO NOT MERGE

Driver-only hashes: wrap-up

Include the make apidoc and breathe-apidoc steps in the documentation Makefile for ease of use. In this way, depart from the Makefile generated automatically by Sphinx. Signed-off-by: David Horstmann <david.horstmann@arm.com>

Building the docs on Windows is not supported in any case, as the apidoc target in the main Makefile will not run on Windows. Signed-off-by: David Horstmann <david.horstmann@arm.com>

This is no longer needed as make.bat has been removed. We do not support building the documentation on Windows. This reverts commit d50daed. Signed-off-by: David Horstmann <david.horstmann@arm.com>

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

…act_Secp384r1_fast_reduction Bignum: Extract secp384r1 fast reduction from the prototype

psa_util: fix for correctly computing elements in array

Mbed TLS 3.4.0

…dency Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>

This reverts commit df2b5da. Signed-off-by: Paul Elliott <paul.elliott@arm.com>

MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA was removed in development and replaced with MBEDTLS_MD_CAN_SHA384. Signed-off-by: Paul Elliott <paul.elliott@arm.com>

…mergeback Mbedtls 3.4.0 merge back

Signed-off-by: David Horstmann <david.horstmann@arm.com>

…te-test-macro-deps ecp: Updated ecp384 depedency macro

Actually this adds both the accelerated test as well as the reference. Both of them are used to evaluate the driver's coverage with analyze_outcomes.py script. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

…ge analysis All these EC based algs are now tested all at once in test_psa_crypto_config_[accel/reference]_all_ec_algs_use_psa() functions. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

We keep tests without USE_PSA for single accel components (i.e. ECDH, ECDSA, ECJPAKE), but when testing for all 3 accelerated at the same time we use USE_PSA for better test coverage. However for this purpose there is already the: component_test_psa_crypto_config_[reference/accel]_all_ec_algs_use_psa() so we can delete this extra component. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

…e_psa() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>

Driver-only ECC: all three top-level modules

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

…ed support Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Weierstrass key derivation still depends on ECP_C (no driver dispatch yet), so the legacy dependency is still mandatory here. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Previous PRs update check_config.h correctly, but forgot the documentation in mbedtls_config.h. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

…entation Generate API documentation with Sphinx and Breathe

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

DirectoryName parsing performs allocation that has to be handled. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

This simplifies generating malformed data and doesn't require the PEM support for tests. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

Now, that the errors are not silently ignored anymore, instead of expecting a <malformed> tag in parsed data, the test case returns an error. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

Since mbedtls_x509_get_name allocates memory when parsing a directoryName, deallocation has to be performed if anything fails in the meantime. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

…mprovement Improve analyze_outcomes.py script

fix: ignore *.o under tests/src/test_helpers

This part is specific to 1.3 and directly calls PSA APIs regardless of whether MBEDTLS_USE_PSA_CRYPTO is defined, so use PSA_WANT. Note: the code is already using PSA_WANT everywhere in ssl_tls13*.c. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

Ecc doc update

Remove obsolete ecp_fix_negative function

Add support for directoryName subjectAltName

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

The structures related to CMAC, GCM, CCM and CHACHAPOLY operations are defined in crypto_builtin_composites.h not in crypto_struct.h. Thus move the cmac.h, gcm.h, ccm.h and chachapoly.h header inclusions from crypto_struct.h to crypto_builtin_composites.h. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

Move key derivation builtin and driver contexts to specific header files as key derivation contexts depend both on primitive and composite crypto algorithms contexts. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

The support for the PSA crypto driver interface is not optional anymore as the implementation of the PSA cryptography interface has been restructured around the PSA crypto driver interface (see psa-crypto-implementation-structure.md). There is thus no purpose for the configuration options MBEDTLS_PSA_CRYPTO_DRIVERS anymore. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

The PSA cryptography repository is based to start with on the PSA cryptography implementation in Mbed TLS but with a different directority structure, build system and build configuration. The build-time configuration information in the PSA cryptography repository is psa/build_info.h. This commit introduces this file in Mbed TLS to be used in place of mbedtls/build_info.h (but basically just an alias to it) in PSA headers. This is to ease the update of the PSA cryptography repository. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

When compiling some PSA core files of the PSA cryptography repository, both the Mbed TLS library and the PSA cryptography core common.h are included and if they define the same inline functions (same name), the compilation fails. Thus, inline functions prefixed by psa_crypto_ instead of mbedtls_ are defined in the PSA cryptography core common.h header. To ease the maintenance of the PSA cryptography repository, introduce those symbols in Mbed TLS as well and use them in PSA crypto core code files instead of their Mbed TLS equivalent. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

The component_test_psa_crypto_drivers was renamed component_test_psa_crypto_builtin_keys in a previous commit. This was misleading as the goal of the component is not to test the builtin keys but to run the PSA unit tests with the test drivers doing the cryptographic operations. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

…tform-function Add milliseconds platform time function

Signed-off-by: Hanno Becker <hanno.becker@arm.com> Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>

…new mbedtls_mpi_core_mul() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>

@Cases

The test cases use the following MPI values. The .data file only includes those (a, b) values where a <= b; the test code does a * b and b * a. 0 1 80 ff 100 fffe ffff 10000 ffffffff 100000000 20000000000000 7f7f7f7f7f7f7f7f 8000000000000000 ffffffffffffffff 10000000000000000 10000000000000001 1234567890abcdef0 fffffffffffffffffefefefefefefefe 100000000000000000000000000000000 1234567890abcdef01234567890abcdef0 ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0 4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b The lines in the .data file were generated by the following script ``` #!/usr/bin/env perl # # mpi-test-core-mul.pl - generate MPI tests in Perl for mbedtls_mpi_core_mul() # use strict; use warnings; use Math::BigInt; use sort 'stable'; my $echo = 0; my @mul_mpis = qw( 0 1 80 ff 100 fffe ffff 10000 ffffffff 100000000 20000000000000 7f7f7f7f7f7f7f7f 8000000000000000 ffffffffffffffff 10000000000000000 10000000000000001 1234567890abcdef0 fffffffffffffffffefefefefefefefe 100000000000000000000000000000000 1234567890abcdef01234567890abcdef0 ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0 4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b ); generate_tests(); sub generate_tests { generate_mbedtls_mpi_core_mul(); } sub generate_mbedtls_mpi_core_mul { my $sub_name = (caller(0))[3]; # e.g. main::generate_mbedtls_mpi_sub_mpi my ($ignore, $test_name) = split("main::generate_", $sub_name); my @Cases = (); for my $ah (@mul_mpis) { for my $bh (@mul_mpis) { my $a = Math::BigInt->from_hex($ah); my $b = Math::BigInt->from_hex($bh); next if $a > $b; # don't need to repeat test cases my $r = $a * $b; my $rh = $r->to_hex(); my $desc = "$test_name #NUMBER: 0x$ah * 0x$bh = 0x$rh"; my $case = output($test_name, str($ah), str($bh), str($rh)); push(@Cases, [$case, $desc]); } } output_cases("", @Cases); } sub output_cases { my ($explain, @Cases) = @_; my $count = 1; for my $c (@Cases) { my ($case, $desc, $dep) = @$c; $desc =~ s/NUMBER/$count/; $count++; if (defined($explain) && $desc =~ /EXPLAIN/) { $desc =~ s/EXPLAIN/$explain/; $explain = ""; } my $depends = ""; $depends = "depends_on:$dep\n" if defined($dep) && length($dep); print <<EOF; $desc $depends$case EOF } } sub output { return join(":", @_); } sub str { return '"' . $_[0] . '"'; } ``` Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

Fix cast alignment warning in timing.c

All RSA associated algs are now forcedly disabled both on library and driver sides. Some PSA driver tests required to be fixed because they were just requiring for not having the built-in version, but they didn't check if the driver one was present (kind of assuming that RSA was always supported on the driver side). Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>

Some MAX_SIZE macros are too small when PSA ECC is accelerated

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

PSA cryptography miscellaneous

…e-mul Bignum: extract core_mul from the prototype

Fix memory allocations in pkcs7_verify test

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>

…affolding bignum: Removed merge scaffolding

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Updating test-ca.key to use AES instead of DES #7528

Updating test-ca.key to use AES instead of DES #7528

Commits on Mar 16, 2023

Commits on Mar 17, 2023

Commits on Mar 18, 2023

Commits on Mar 20, 2023

Commits on Mar 21, 2023

Commits on Mar 22, 2023

Commits on Mar 23, 2023

Commits on Mar 24, 2023

Commits on Mar 27, 2023

Commits on Mar 28, 2023

Commits on Mar 29, 2023

Commits on Mar 30, 2023

Commits on Mar 31, 2023

Commits on Apr 3, 2023

Commits on Apr 4, 2023

Commits on Apr 5, 2023

Commits on Apr 6, 2023