mbedtls

Author	SHA1	Message	Date
Raef Coles	2ac352a322	Make LMS functions args const where required Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:14 +01:00
Raef Coles	f6ddd51bfd	Sanitize LMS and LMOTS macros Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:13 +01:00
Raef Coles	5127e859d7	Update LMS and LMOTS dependency macros Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:11 +01:00
Raef Coles	56fe20a473	Move MBEDTLS_PRIVATE required defines into lms.h From lmots.h, as it is a private header Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:10 +01:00
Raef Coles	ab300f15e8	Move public header content from lmots.h to lms.h Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:08 +01:00
Raef Coles	403558c1c9	Fix LMS function documentation Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:57 +01:00
Raef Coles	9b88ee5d5d	Fix LMS and LMOTS coding style violations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:40 +01:00
Raef Coles	366d67d9af	Shorted LMS and LMOTS line-lengths To attempt to comply with the 80-char suggestion Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:38 +01:00
Raef Coles	e9479a0264	Update LMS API to support multiple parameter sets Parameterise macros to allow variation of sizes Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:36 +01:00
Raef Coles	ab4f87413a	Add MBEDTLS_LMS_PRIVATE define To enable private key operations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:35 +01:00
Raef Coles	01c71a17b3	Update LMS and LMOTS api Fix function names and parameters. Move macros to be more private. Update implementation. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:25 +01:00
Raef Coles	c8f9604d7b	Use PSA hashing for LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:23 +01:00
Raef Coles	7dce69a27a	Make LMOTS a private api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:22 +01:00
Raef Coles	2ad6e611f0	Update LMS/LMOTS documentation Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:20 +01:00
Raef Coles	0aa18e041f	Note that LMS sign function is for testing only Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:18 +01:00
Raef Coles	c464746d45	Document LMS and LMOTS contexts And add some comments about the source of their type IDs Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:17 +01:00
Raef Coles	8ff6df538c	Add LMS implementation Also an LM-OTS implementation as one is required for LMS. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:15 +01:00
Gilles Peskine	0fe6631486	Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 Include platform.h unconditionally	2022-10-13 10:19:22 +02:00
Gilles Peskine	8fd3254cfc	Merge pull request #6374 from mprse/enc_types Test TLS 1.2 builds with each encryption type	2022-10-12 12:45:50 +02:00
Ronald Cron	78317c832b	Merge pull request #6327 from yuhaoth/pr/tls13-psk-after-session-tickets TLS 1.3: PSK and NewSessionTicket: Add support for sending PSK and Ticket together.	2022-10-12 12:39:51 +02:00
Przemek Stekiel	d61a4d3d1a	Fix missing guard and double-space Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-11 09:40:40 +02:00
Przemek Stekiel	52a428b824	Fix MBEDTLS_SSL_TICKET_C, MBEDTLS_SSL_SESSION_TICKETS dependencies Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 11:23:18 +02:00
Jerry Yu	8897c07075	Add server only guards for psk callback Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
Jan Bruckner	b33f6e5ee2	Fix typo Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2022-10-06 11:23:49 +02:00
Przemek Stekiel	0957e7bfc5	Rmove MBEDTLS_NIST_KW_C dependency from MBEDTLS_SSL_TICKET_C Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-03 11:39:02 +02:00
Przemek Stekiel	460192ee19	Fix and sync configuration file and configuration verifiation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-03 08:55:29 +02:00
Przemek Stekiel	ce5b68c7a3	Revert "Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions" This reverts commit `a82290b727`. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 15:29:18 +02:00
Manuel Pégourié-Gonnard	f3f9e450b6	Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 Ad-hoc KDF for EC J-PAKE in TLS 1.2	2022-09-28 09:47:32 +02:00
Przemek Stekiel	e31ba83675	Use basic symbols instead MBEDTLS_CIPHER_MODE_AEAD in check config Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 09:44:58 +02:00
Przemek Stekiel	d582a01073	Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 07:59:01 +02:00
Przemek Stekiel	a82290b727	Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD \|\| MBEDTLS_NIST_KW_C flags - make it consistent. As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available). Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD \|\| MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:14 +02:00
Andrzej Kurek	e09aff8f5a	Add information about ECJPAKE_TO_PMS output size expectations Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-26 10:59:31 -04:00
Andrzej Kurek	96b9f23853	Adjust ECJPAKE_TO_PMS macro value This way the low 8 bits of the identifier indicate that this algorithm is used with SHA-256. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-26 10:30:46 -04:00
Paul Elliott	2c282c9bd0	Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.	2022-09-23 15:48:33 +01:00
Jerry Yu	ba627bfd0d	improve document about session tickets Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-23 09:58:22 +08:00
Jerry Yu	40b4a01388	Improve documents Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-22 23:48:38 +08:00
Jerry Yu	f3bdf9dd51	fix various issues - improve document about configuration item. - format issue - variable type issue. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-22 23:47:14 +08:00
Jerry Yu	d0766eca58	fix various issues - Improve comments - Align count variable name to `new_session_tickets_count` - move tickets_count init to handshake init Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-22 13:21:29 +08:00
Manuel Pégourié-Gonnard	d433cd7d07	Merge pull request #6283 from mpg/driver-only-hashes-wrap-up Driver only hashes wrap-up	2022-09-21 08:29:46 +02:00
Manuel Pégourié-Gonnard	b4e28aa2f7	Fix two typos Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 11:55:00 +02:00
Manuel Pégourié-Gonnard	3c16abebd4	Fix dependencies of KEY_EXCHANGE_ECJPAKE The EC J-PAKE module the ability to "fall back" to PSA when MD is not present a few PRs ago, but the dependency of this key exchange on SHA-256 wasn't updated at the time. (Note: the crypto primitive doesn't depend on SHA-256, only its use in the TLS key exchange does.) Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-19 10:47:05 +02:00
Jerry Yu	1ad7ace6b7	Add conf new session tickets Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-19 14:22:21 +08:00
Ronald Cron	be0224aef3	Merge pull request #6167 from yuhaoth/pr/finalize-tls13-session-tickets	2022-09-18 21:18:13 +02:00
Gilles Peskine	ef843f2b0c	MBEDTLS_PLATFORM_VSNPRINTF_ALT requires MBEDTLS_PLATFORM_C mbedtls_vsnprintf replacement works like mbedtls_snprintf replacement, so copy the requirements for MBEDTLS_PLATFORM_VSNPRINTF_ALT. (MBEDTLS_PLATFORM_xxx_MACRO shouldn't require MBEDTLS_PLATFORM_C, but that's a separate preexisting problem which I do not try address at this time.) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-18 14:05:23 +02:00
Andrzej Kurek	3c4c514302	Remove `PSA_ALG_IS_TLS12_ECJPAKE_TO_PMS` Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 07:24:14 -04:00
Andrzej Kurek	1fafb1f778	Documentation clarifications for ECJPAKE-to-PMS Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-16 07:19:49 -04:00
Manuel Pégourié-Gonnard	1be45825ab	Remove useless guard around include Including a header is harmless, so we can include do it unconditionally. The condition was wrong, should have been USE_PSA \|\| PROTO_TLS1_3. If we just fixed to condition, then we would need to make sure things like: #define MBEDTLS_TLS1_3_MD_MAX_SIZE PSA_HASH_MAX_SIZE are also guarded, which is useless (extra defines are harmless) and annoying, so just remove the condition altogether. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 13:18:36 +02:00
Manuel Pégourié-Gonnard	138387fc8c	Fix some typos, improve wording & formatting Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard	72687b76ca	Clarify dependencies in mbedtls_config.h - One module was missing the warning on psa_crypto_init(). - For modules that are affected by USE_PSA_CRYPTO, it makes more sense to mention that in the warning. - Attempt to improve the description of the TLS 1.3 situation. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 12:03:52 +02:00
Manuel Pégourié-Gonnard	f17f85ef0c	Simplify definition of TLS 1.3 MD max size. Actually this macro is never used in parts that depend on USE_PSA, so it's always using PSA. Currently the macro seems a bit redundant, but: - since it's public we can't remove it; - and there are plans in the future to make it more precise (actually the largest hash that matters for TLS 1.3 is SHA-384 now). Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 12:03:52 +02:00

1 2 3 4 5 ...

5417 Commits