polarssl

mirror of https://github.com/cuberite/polarssl.git synced 2025-09-30 08:56:50 -04:00

Author	SHA1	Message	Date
Gilles Peskine	42a025dc9c	Reference filed issues All PK-related actions are now covered. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-17 12:35:31 +01:00
Dave Rodgman	885248c8ee	Add header guards Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-17 11:06:31 +00:00
Valerio Setti	bbff303fe1	crypto_config: define feature macros for DH keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 11:47:44 +01:00
Gilles Peskine	5a64c42693	Reference ongoing work Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-17 10:09:16 +01:00
Gilles Peskine	89ca6c7e72	typo Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-17 10:08:56 +01:00
Gilles Peskine	32294044e1	Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO It's useful in applications that want to use some PSA opaque keys regardless of whether all pk operations go through PSA. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-01-17 10:07:55 +01:00
Valerio Setti	584dc80d96	add changelog Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 08:06:32 +01:00
Bence Szépkúti	1325942c28	Merge pull request #8707 from bensze01/new_redirect_format Migrate to new RTD redirect format	2024-01-16 20:22:08 +00:00
Dave Rodgman	9039ba572b	Fix test dependencies Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 18:38:55 +00:00
Dave Rodgman	7e5b7f91ca	Fix error in ctr_drbg Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 17:28:25 +00:00
Dave Rodgman	b7778b2388	Fix ASAN error in test Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 16:27:34 +00:00
Bence Szépkúti	333ca8fdfc	Migrate to new RTD redirect format Migrate to the new redirect format introduced by ReadTheDocs in readthedocs/readthedocs.org#10881 Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>	2024-01-16 17:06:06 +01:00
Dave Rodgman	9f97566c04	Add Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 13:24:45 +00:00
Dave Rodgman	24ad1b59e8	Add NIST AES-CTR test vectors Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 13:24:45 +00:00
Dave Rodgman	4cc6fb9039	add test for multipart AES-CTR Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-16 13:24:45 +00:00
Valerio Setti	4860a6c7ac	test_suite_psa_crypto: revert known failing checks for [en\|de]cryption with opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 16:30:12 +01:00
Valerio Setti	62b6f10f64	test_driver_asymmetric_encryption: implement opaque [en/de]cryption functions Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 16:30:07 +01:00
Valerio Setti	66a827fc83	test_driver_key_management: make opaque [un]wrapping functions public Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 15:00:52 +01:00
Dave Rodgman	46697da5b3	Make gcm counter increment more efficient Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	174eeff235	Save 14 bytes in CTR-DRBG Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	591ff05384	Use optimised counter increment in AES-CTR and CTR-DRBG Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	ae730348e9	Add tests for mbedtls_ctr_increment_counter Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Dave Rodgman	b49cf1019d	Introduce mbedtls_ctr_increment_counter Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:45:01 +00:00
Ryan Everett	1d32a57764	Revert change to psa_destroy_key documentation Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:27:58 +00:00
Ryan Everett	709120a9ce	Revert change to return behaviour in psa_reserve_free_key_slot This change was a mistake, we still need to wipe the pointers here. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:50 +00:00
Ryan Everett	dfe8bf86a8	Return CORRUPTION_DETECTED instead of BAD_SLOT when the slot's state is wrong These error codes are only returned if the program has been tampered with, so they should be CORRUPTION_DETECTED. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:50 +00:00
Ryan Everett	4755e6bda4	Relax psa_wipe_key_slot to allow states other than SLOT_PENDING_DELETION psa_wipe_key_slot can now be called on a slot in any state, if the slot's state is PSA_SLOT_FULL or PSA_SLOT_PENDING_DELETION then there must be exactly 1 registered reader. Remove the state changing calls that are no longer necessary. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-15 11:20:35 +00:00
Dave Rodgman	c4f984f2a5	Iterate in 16-byte chunks Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-15 11:20:19 +00:00
Valerio Setti	5bb454aace	psa_crypto: allow asymmetric encryption/decryption also with opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 10:43:16 +01:00
Valerio Setti	f202c2968b	test_suite_psa_crypto: test asymmetric encryption/decryption also with opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-15 10:42:37 +01:00
Dave Rodgman	67223bb501	add support for AES-CTR to benchmark Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-12 18:33:57 +00:00
Tom Cosgrove	bc5d9165ae	Merge pull request #8554 from yanrayw/issue/8221/fix-tls-suiteB-profile TLS: remove RSA signature algorithms in `suite B` profile	2024-01-12 14:34:28 +00:00
Tom Cosgrove	f1ba1933cf	Merge pull request #8526 from yanrayw/issue/7011/send_record_size_limit_ext TLS1.3: SRV/CLI: add support for sending Record Size Limit extension	2024-01-12 13:39:15 +00:00
Waleed Elmelegy	f0ccf46713	Add minor cosmetic changes to record size limit changelog and comments Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-12 10:52:45 +00:00
Waleed Elmelegy	4b09dcd19c	Change renegotiation test to use G_NEXT_SRV Change renegotiation test to use G_NEXT_SRV to avoid problems when sending TLS 1.3 extensions since we exceed the extension limit in G_SRV. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-12 10:50:25 +00:00
Ryan Everett	86d5347930	Mention PK parse in changelog Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-12 10:31:31 +00:00
Ryan Everett	a90378c425	Restore previous version of rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-12 10:24:00 +00:00
Kusumit Ghoderao	153586a3d5	change values to ULL Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2024-01-12 11:19:16 +05:30
Ryan Everett	d00a138075	Change test data for pkparse aes Test data generated using openSSL with: openssl pkcs8 -topk8 -v2 $ENC -v2prf hmacWithSHA384 -inform PEM -in $IN -outform PEM -out $OUT -passout "pass:PolarSSLTest" Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-11 17:23:15 +00:00
Paul Elliott	3519cfb3d8	Merge pull request #8639 from bensze01/release_components Set OpenSSL/GnuTLS variables when running release components	2024-01-11 15:38:35 +00:00
Ronald Cron	ae2213c307	Merge pull request #8414 from lpy4105/issue/uniform-ssl-check-function Harmonise the names and return values of check functions in TLS code	2024-01-11 13:51:39 +00:00
Ronald Cron	7c14afcaaa	Merge pull request #8595 from yanrayw/issue/8593/srv-CH-fix-version-check TLS1.3: SRV: check `min_tls_version` when parsing ClientHello	2024-01-11 13:34:09 +00:00
Waleed Elmelegy	85ddd43656	Improve record size limit changelog wording Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-11 11:07:57 +00:00
Manuel Pégourié-Gonnard	eeb96ac9fe	Merge pull request #8433 from yuhaoth/pr/add-deprecated-flag-for-sig_hashes-api Add deprecated flag in document for sig_hashes	2024-01-11 09:33:10 +00:00
Valerio Setti	19ec9e4f66	psa_crypto_ecp: remove support for secp224k1 Since this curve is not supported in PSA (and it will not ever be in the future), we save a few bytes. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-11 07:07:14 +01:00
Waleed Elmelegy	e83be5f639	Change renegotiation tests to work with TLS 1.2 only Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 23:39:54 +00:00
Ryan Everett	1f935f5027	Add AES tests to test_suite_pkparse Test data generated using openssl: openssl genpkey -algorithm rsa -out $OUT -$ALG Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-10 19:34:18 +00:00
Ryan Everett	ae0b4bd04c	Add more details to comments Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-10 19:19:10 +00:00
Ryan Everett	4cfd6a6bc6	Fix dependencies in pkcs5 aes-128-cbc tests These tests do not specify a hash function. This is an optional parameter with default value hmacWithSHA1, so these test cases are dependant on SHA-1 and not SHA-256 Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-01-10 19:15:45 +00:00
Kusumit Ghoderao	a7c55d5a14	fix depends on condition Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2024-01-11 00:43:48 +05:30

... 7 8 9 10 11 ...

29528 Commits