This reverts commit 6587959a32.
The feature is no longer needed, and the script is broken if you don't pass
--make-vars.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When building with Make on a Unix-like platform (shell and compiler),
auto-detect configurations that may require linking with pthread.
This removes the need for MAKE_THREADING_FLAGS in all.sh.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Create a common.make for definitions that are shared between tests/Makefile
and programs/Makefile, to facilitate maintenance. Start populating it with
CFLAGS/LDFLAGS variables. More to follow in subsequent commits.
Keep library/Makefile independent, at least for the time being.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Unify the treatment of MBEDTLS_TEST_OBJS between programs/Makefile and
tests/Makefile: include it via LOCAL_LD_FLAGS in both cases. Document why
the definition of MBEDTLS_TEST_OBJS is different.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
And remove the comment on the uniformity in the PK module
with regards to PSA_CRYPTO_C not being referenced anymore;
end users are probably not interested in that.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
And use it in the non-PSA version of mbedtls_pk_sign_ext()
to bypass checks that didn't succeed when used by TLS 1.3.
That is because in the failing scenarios the padding of
the RSA context is not set to PKCS_V21.
See the discussion on PR #7930 for more details.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.
Related dependencies and tests are updated as well.
Fixes#7583.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
This brings some improvements to comments/
function prototypes that relate to PKCS#1.
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
Mbed TLS doesn't support DSA at all, and doesn't support domain parameters
for FFDH (only predefined groups).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
New defines, which are shared with the pkparse module, lack the
new line so we manually add it when invoking
mbedtls_pem_write_buffer().
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Set the entropy len prior to doing the test to ensure the outcome is the
same regardless of whether SHA512 or SHA256 is used.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This would break platforms that do not have pthread. Put the linking
instead behind a define and add this define where required to all.sh.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Compiler is unhappy that the return from mbedtls_cipher_get_name() could
be NULL as this is used in a printf statement.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
