yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
25216 commits 89 branches 205 tags 114 MiB
Commit graph

5982 commits

Author SHA1 Message Date
Gilles Peskine 5c3d6e277c
Merge pull request #7575 from AndrzejKurek/URI-SAN-verification 
Add partial support for URI SubjectAltNames verification
 2023-06-05 16:46:47 +02:00
Gilles Peskine 975d9c0faf
Merge pull request #7530 from AndrzejKurek/misc-subjectaltname-fixes 
Miscellaneous fixes for SubjectAltName code / docs
 2023-06-05 15:38:53 +02:00
Gilles Peskine 84b547b5ee
Merge pull request #7400 from AndrzejKurek/cert-write-sans 
Add a possibility to generate certificates with a Subject Alternative Name
 2023-06-05 15:38:38 +02:00
Manuel Pégourié-Gonnard f37b94b5bf
Merge pull request #7533 from valeriosetti/issue7484 
PK: add support for private key writing with "opaque" EC keys
 2023-06-05 10:53:53 +02:00
Tom Cosgrove 32b06f50df
Merge pull request #7650 from yanrayw/7360-code-size-tfm-medium 
code size measurement support for tfm-medium
 2023-06-02 13:25:26 +01:00
Andrzej Kurek 1747304a7a Update the descriptions of SANs 
All of them are listed, so the previous description was wrong.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-01 18:20:24 +01:00
valerio 64e0184a39 psa_util: add support for rfc8410's OIDs 
Signed-off-by: valerio <valerio.setti@nordicsemi.no>
 2023-06-01 11:06:40 +02:00
Manuel Pégourié-Gonnard 7b1136836c
Merge pull request #7438 from valeriosetti/issue7074 
Avoid parse/unparse private ECC keys in PK with USE_PSA when !ECP_C
 2023-06-01 10:06:45 +02:00
Gilles Peskine a1b416670e
Merge pull request #7547 from silabs-Kusumit/PBKDF2_input_validation 
PBKDF2: Input Validation
 2023-06-01 10:05:34 +02:00
Kusumit Ghoderao b20f13a41b Change input cost type to uint64_t and fix max iteration test case 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-31 12:51:02 +05:30
Kusumit Ghoderao 10cc6bda1c Add PSA_ALG_PBKDF2_HMAC_GET_HASH macro 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-24 12:35:14 +05:30
Kusumit Ghoderao e66a8ad8d6 Define PSA_VENDOR_PBKDF2_MAX_ITERATIONS 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-24 12:30:43 +05:30
Kusumit Ghoderao 52fe517a77 Change pbkdf2 password to array 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-24 12:28:46 +05:30
Dave Rodgman b2e551d347
Merge pull request #6943 from ucko/2023b-platform 2023-05-23 18:37:54 +01:00
Valerio Setti 7ef8a8d0da pk: improve description for the new priv_id field 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-23 18:39:54 +02:00
Manuel Pégourié-Gonnard 9dc9204b77
Merge pull request #7554 from valeriosetti/issue7073-reshape 
Avoid parse/unparse public ECC keys in PK with USE_PSA when !ECP_C
 2023-05-23 15:08:45 +02:00
Aditya Deshpande 2f1ae5a86e Modify TFM files to allow them to build on baremetal with Mbed TLS and fix code style. 
Also change the include path of crypto_spe.h in crypto_platform.h to allow the former file to be included in library-only builds.

Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-05-23 15:40:11 +08:00
Valerio Setti 016264b6cb pk: fix a return value and a typo in comment 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-22 18:40:35 +02:00
Gilles Peskine 50729eac74
Merge pull request #7611 from yanrayw/7609_tweak_build_info_include_order 
build_info.h: fix mutual implications with config_psa.h temporarily
 2023-05-22 17:49:55 +02:00
Yanray Wang 37db332658 build_info.h: rewrite comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-22 16:50:39 +08:00
Aaron M. Ucko 5e4a01bff5 mbedtls/platform.h: Avoid potential macro redefinition warnings. 
Some identifiers (e.g. mbedtls_free) can name either functions or
macros depending on configuration settings.  For those that turn out
to name macros, first clear out any existing macro definitions to
accommodate possible unconditional bulk symbol renaming.  (There
remains no standard provision for such renaming, but it's nevertheless
straightforward enough to do as desired, particularly with this change
in place.)

Signed-off-by: Aaron M. Ucko <ucko@ncbi.nlm.nih.gov>
 2023-05-19 10:50:06 -04:00
Valerio Setti f57007dd1e pk: fixing and improving comments 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-19 13:54:39 +02:00
Paul Elliott 9a11f8a122
Merge pull request #7573 from tom-cosgrove-arm/add-psa_want_alg_some_pake 
Only include psa_pake_setup() and friends if some PAKE algorithms are required
 2023-05-18 09:59:52 +01:00
Andrzej Kurek 1bc7df2540 Add documentation and a changelog entry 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Paul Elliott 8203f2d89f
Merge pull request #7535 from minosgalanakis/ecp/7264_enable_core_shift_l 
[Bignum] Adjust mbedtls_mpi_core_shift_l to use the core function
 2023-05-17 18:45:44 +01:00
Valerio Setti c1541cb3c7 pk: minor fixes (guards and a wrong assignment) 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-17 19:23:02 +02:00
Andrzej Kurek 67fdb3307d Add a possibility to write subject alt names in a certificate 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 11:45:36 -04:00
Andrzej Kurek 1a75269589 Move mbedtls_x509_san_list to x509.h 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 11:45:36 -04:00
Valerio Setti 92c3f36866 test_suite_debug: fix USE_PSA_INIT/DONE guards in a test 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-17 15:38:34 +02:00
Valerio Setti 722f8f7472 pk: adding a new field to store the public key in raw format 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-17 15:31:21 +02:00
Manuel Pégourié-Gonnard b1c0afe484
Merge pull request #7595 from valeriosetti/deprecate_pk_ec 
Set mbedtls_pk_ec() as internal function when ECP_C is not defined
 2023-05-17 12:27:03 +02:00
Yanray Wang 419a55e929 build_info.h: rewrite comment for inclusion of config_psa.h 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-17 18:22:34 +08:00
Yanray Wang 6397673cb8 build_info.h: change location of including config_psa.h 
In build_info.h, some macros are defined based on PSA_WANT_XXX symbol.
This commit tweaks the location of including config_psa.h
so that macros in build_info.h could imply config options correctly.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-05-17 13:57:22 +08:00
Minos Galanakis 2056d09893 bignum: Updated documentation for mbedtls_mpi_shift_l() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2023-05-16 17:16:26 +01:00
Valerio Setti 3f00b84dd1 pk: fix build issues 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 12:57:06 +02:00
Valerio Setti 77a75685ed pk: align library and tests code to the new internal functions 
Note = programs are not aligned to this change because:
- the original mbedtls_pk_ec is not ufficially deprecated
- that function is used in tests when ECP_C is defined, so
  the legacy version of that function is available in that
  case

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 11:18:46 +02:00
Valerio Setti 229bf1031f pk: make mbedtls_pk_ec internal when !ECP_C 
mbedtls_pk_ec() is not an ideal function because:
- it provides direct access to the ecp_keypair structure wrapped
  by the pk_context and
- this bypasses the PK module's control
However, since for backward compatibility, it cannot be deprecated
immediately, 2 alternative internal functions are proposed.
As a consequence:
- when ECP_C is defined, then the legacy mbedtls_pk_ec is available
- when only ECP_LIGHT is defined, but ECP_C is not, then only the
  new internal functions will be available

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-15 11:13:55 +02:00
Fredrik Hesse cc207bc379 Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 14:59:01 +01:00
Tom Cosgrove 6d62faca8e Only include psa_pake_setup() and friends if some PAKE algorithms are required 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-05-12 12:36:24 +01:00
Andrzej Kurek 199eab97e7 Add partial support for URI SubjectAltNames 
Only exact matching without normalization is supported.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-10 09:57:19 -04:00
Manuel Pégourié-Gonnard 1d046fa0dd
Merge pull request #6010 from mprse/ffdh_import_export 
FFDH 1, 2A, 2B: FFDH add support for import/export key, key agreement, key generation + tests
 2023-05-10 11:40:54 +02:00
Gilles Peskine 8d42cfddd6
Merge pull request #7539 from gilles-peskine-arm/mbedtls_error_pair_t-smaller 
Halve size of mbedtls_error_pair_t
 2023-05-09 15:55:51 +02:00
Gilles Peskine 97edeb4fb8
Merge pull request #6866 from mprse/extract-key-ids 
Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2
 2023-05-08 20:38:29 +02:00
Kusumit Ghoderao 9016bc4ed2 Clean up commented code 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-08 16:04:05 +05:30
Kusumit Ghoderao 3fc4ca7272 Limit max input cost to 32bit 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
 2023-05-08 15:57:41 +05:30
Gilles Peskine 4837e9d1c0 Correct comment about mbedtls error codes 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-07 20:27:13 +02:00
Valerio Setti 92da2a79aa pk: improve description for the next opaque ID field 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 12:31:23 +02:00
Valerio Setti 4f387ef277 pk: use better naming for the new key ID field 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 10:59:32 +02:00
Valerio Setti e00954d0ed pk: store opaque key ID directly in the pk_context structure 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-05-05 10:57:26 +02:00
Jethro Beekman 0167244be4 Read and write X25519 and X448 private keys 
Signed-off-by: Jethro Beekman <jethro@fortanix.com>
Co-authored-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
Signed-off-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>
 2023-05-04 13:01:47 +02:00