cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-01 09:31:25 -04:00
Code Issues Packages Projects Releases Wiki Activity
28,767 Commits 7 Branches 115 Tags
Commit Graph

28767 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
6dd87384ae Rename variable that's a C++ keyword 
It gave uncrustify trouble
(https://github.com/uncrustify/uncrustify/issues/4044)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-24 15:23:19 +01:00
Gilles Peskine
ad5e437c8e mbedtls_ecp_read_key: explain how to set the public key 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-24 15:23:19 +01:00
Gilles Peskine
7ea72026cd New function mbedtls_ecp_keypair_calc_public 
For when you calculate or import a private key, and then need to calculate
the public key.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Gilles Peskine
28240323d3 New function mbedtls_ecp_set_public_key 
Set the public key in a key pair. This complements mbedtls_ecp_read_key and
the functions can be used in either order.

Document the need to call check functions separately.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Gilles Peskine
091a85a762 Promise mbedtls_ecp_read_key doesn't overwrite the public key 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Gilles Peskine
ba5b5d67aa Support partial export from mbedtls_ecp_keypair 
Sometimes you don't need to have all the parts of a key pair object. Relax
the behavior of mbedtls_ecp_keypair so that you can extract just the parts
that you need.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Gilles Peskine
e6886102ef New function mbedtls_ecp_keypair_get_group_id 
Add a simple function to get the group id from a key object.

This information is available via mbedtls_ecp_export, but that function
consumes a lot of memory, which is a waste if all you need is to identify
the curve.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-22 21:30:03 +01:00
Manuel Pégourié-Gonnard
69b290589b
Merge pull request #8057 from mpg/cipher-study 
[G2] Tentative definition of Cipher light
 2023-12-22 08:53:30 +00:00
Tom Cosgrove
c6088eceb4
Merge pull request #8384 from paul-elliott-arm/remove_ssl_null_tls12 
Remove NULLing of ssl context in TLS1.2 transform population
 2023-12-21 13:28:09 +00:00
Gilles Peskine
907cb020ef
Merge pull request #8618 from Ryan-Everett-arm/new-state-transition-documentation 
Update thread safety state transition documentation
 2023-12-21 12:09:58 +00:00
Gilles Peskine
4bf4473ef0
Merge pull request #8633 from Wenxing-hou/clear_clienthello_comment 
Make clienthello comment clear
 2023-12-21 12:09:23 +00:00
Gilles Peskine
0e6fdc4f1d
Merge pull request #8342 from yanesca/threading_test_pc 
Threading test proof of concept and plan
 2023-12-21 12:08:41 +00:00
Ryan Everett
3dd6cde0d8 Mention functional correctness explicitly 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-20 16:47:57 +00:00
Ryan Everett
f5e135670b Clarify key generation and memory-management correctness 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-20 15:24:47 +00:00
Manuel Pégourié-Gonnard
35085c5e89
Merge pull request #7930 from tomi-font/7583-non-PSA_pk_sign_ext 
Implement non-PSA pk_sign_ext()
 2023-12-20 14:30:08 +00:00
Tomi Fontanilles
851d8df58d fix/work around dependency issues when !MBEDTLS_ECP_C 
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
 2023-12-20 13:09:27 +02:00
Tomi Fontanilles
e6a664ed65 changelog: fix missing newline at end of file 
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
 2023-12-20 13:05:55 +02:00
Tomi Fontanilles
9f41770313 pk_*: remove remaining references to MBEDTLS_PSA_CRYPTO_C 
For real this time.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 13:05:55 +02:00
Tomi Fontanilles
5297e43eec non-psa-pk-implementation: rephrase the changelog entry 
And remove the comment on the uniformity in the PK module
with regards to PSA_CRYPTO_C not being referenced anymore;
end users are probably not interested in that.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
bad170e159 pk: remove last references to MBEDTLS_PSA_CRYPTO_C 
They are replaced by MBEDTLS_USE_PSA_CRYPTO.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
1941af087c pk_wrap: remove last references to MBEDTLS_PSA_CRYPTO_C 
Deprecated functions are removed and #ifdefs are updated accordingly.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
9c69348c24 pk test suite: rename the parameter named parameter 
Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
573dc23141 rsa: introduce rsa_internal_rsassa_pss_sign_no_mode_check() 
And use it in the non-PSA version of mbedtls_pk_sign_ext()
to bypass checks that didn't succeed when used by TLS 1.3.

That is because in the failing scenarios the padding of
the RSA context is not set to PKCS_V21.

See the discussion on PR #7930 for more details.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
8174662b64 pk: implement non-PSA mbedtls_pk_sign_ext() 
This makes the function always available with its
its implementation depending on MBEDTLS_USE_PSA_CRYPTO.

Related dependencies and tests are updated as well.

Fixes #7583.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
80ca493284 gitignore: add clangd index files 
https://clangd.llvm.org/design/indexing#backgroundindex

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Tomi Fontanilles
a70b3c24f6 rsa: minor comment/guard improvements 
This brings some improvements to comments/
function prototypes that relate to PKCS#1.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
Manuel Pégourié-Gonnard
9934f834af
Merge pull request #7766 from gilles-peskine-arm/psa-transition-doc-create 
Legacy-to-PSA transition guide
 2023-12-20 10:28:31 +00:00
Manuel Pégourié-Gonnard
299bbacd7d
Merge pull request #8644 from gilles-peskine-arm/domain_parameters_document_size_hack 
Document the domain_parameters_size==SIZE_MAX hack
 2023-12-20 08:27:47 +00:00
Manuel Pégourié-Gonnard
a4b38f24fd
Merge pull request #8579 from valeriosetti/issue7995 
PK: clean up pkwrite
 2023-12-20 08:20:10 +00:00
Dave Rodgman
a69c782351
Merge pull request #8634 from daverodgman/iar-fixes 
IAR warning fix & some improvements
 2023-12-19 16:26:23 +00:00
Gilles Peskine
1a9e05bf08 Note that domain parameters are not supported with drivers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-19 12:23:22 +01:00
Gilles Peskine
5ad9539363 Remove DSA and DH domain parameters from the documentation 
Mbed TLS doesn't support DSA at all, and doesn't support domain parameters
for FFDH (only predefined groups).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-19 12:22:46 +01:00
Valerio Setti
7f062a58fb pkwrite: add newlines when calling mbedtls_pem_write_buffer() 
New defines, which are shared with the pkparse module, lack the
new line so we manually add it when invoking
mbedtls_pem_write_buffer().

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-19 07:48:42 +01:00
Valerio Setti
4bb5740a7d Revert "pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()" 
This reverts commit 180915018dd04f6ad66faa3e9fc66813a221643d.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-19 07:48:38 +01:00
Gilles Peskine
9deb54900e Document the domain_parameters_size==SIZE_MAX hack 
It was introduced in https://github.com/Mbed-TLS/mbedtls/pull/8616 but not
documented.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-18 21:01:18 +01:00
Paul Elliott
22dbaf05b6 Add AES_PSA_INIT() to thread test case 
Tests were failing when PSA was being used in ctr_drbg_seed() as PSA was
not initialised.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 18:18:04 +00:00
Paul Elliott
445af3c25a Move test dependancies to function file 
Dependancies are determined by code in this case.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
e4b3f75298 Remove unnecessary check 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
79dc6dad81 Improve make pthread linking mechanism 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
40f0ec246e Remove requirement for SHA512 from ctr_drbg test 
Set the entropy len prior to doing the test to ensure the outcome is the
same regardless of whether SHA512 or SHA256 is used.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
20a95bc09a Remove explicit linking of PThread in make 
This would break platforms that do not have pthread. Put the linking
instead behind a define and add this define where required to all.sh.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
6587959a32 Add ability to pass make variables to psa_collect_statuses.py 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
be978a8c4f Add option to pass make variables to depends.py 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
80fa88e2fa Remove warning with GCC 12 and TSan 
Compiler is unhappy that the return from mbedtls_cipher_get_name() could
be NULL as this is used in a printf statement.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
356597f077 Make TSan test run operate on full config 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
bb0e48f94f Make number of threads a test argument 
Remove hard coded number of threads.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
fed410f58e Increase entropy buffer sizes 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
811c600d88 Guard tests correctly 
All guarded options change output, thus failing the test.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
6a997c9994 Fix code style 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00
Paul Elliott
2667eda785 Explicitly link tests with pthreads 
Required to use pthreads within tests.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-12-18 14:49:34 +00:00