mbedtls

Author	SHA1	Message	Date
Valerio Setti	01cc88a46b	config_psa: replace USE symbols with BASIC one for all KEY_PAIRs Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:27:02 +02:00
Valerio Setti	4520a8f312	config_psa: only KEY_PAIR_USE includes PUBLIC_KEY While the other (IMPORT, EXPORT, GENERATE, DERIVE) only include the USE one. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	aac957b493	config_psa: always enable PUBLIC_KEY when any KEY_PAIR is enabled Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	f4d7ede72c	config_psa: fix logic for updating legacy symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	38a3e8d10c	config_psa: ECP_C do not enable ECC_KEY_PAIR_DERIVE Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	c51cba92a3	config_psa: avoid repetitions when including MBEDTLS symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	b7ef51a193	crypto: move legacy symbols support to a dedicated header file Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	ddb577626d	config_psa: add missing BUILTIN symbols when ECP_C is defined Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	89cb1444a5	config_psa: fix comment for LEGACY symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	602ee2ed98	config_psa: remove support for PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	a801b56600	config_psa: remove GENPRIME from enabled symbols of PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_USE Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
valerio	36befce51a	config_psa: remove leftover comment on ECC derivation Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Valerio Setti	f87b505511	config_psa: replace legacy symbols with new ones Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:23:55 +02:00
Valerio Setti	8d6e98c170	psa: add support for legacy symbols Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:23:55 +02:00
Valerio Setti	67a3e3eb7b	crypto_config: introducing new definitions for PSA_WANT KEY_PAIRs - deprecate legacy PSA_WANT_KEY_TYPE_xxx_KEY_PAIR - introduce new PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy where - xxx is either RSA, DH or ECC - yyy can be USE, IMPORT, EXPORT, GENERATE, DERIVE Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:23:55 +02:00
Gilles Peskine	a1b416670e	Merge pull request #7547 from silabs-Kusumit/PBKDF2_input_validation PBKDF2: Input Validation	2023-06-01 10:05:34 +02:00
Tom Cosgrove	6d62faca8e	Only include psa_pake_setup() and friends if some PAKE algorithms are required Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-05-12 12:36:24 +01:00
Kusumit Ghoderao	9016bc4ed2	Clean up commented code Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-08 16:04:05 +05:30
Kusumit Ghoderao	b9410e89b4	Fix failing CI Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-04 13:17:51 +05:30
Przemek Stekiel	746dfaea3f	Enable FFDH through PSA if it's enabled in the legacy interface Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-04 09:14:08 +02:00
Kusumit Ghoderao	83baf8968d	Add builtin PBKDF2_HMAC definition in config_psa.h Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-05-03 14:20:34 +05:30
Przemek Stekiel	eb511a4495	Update config files to make PSA FFDH undependent on MBEDTLS_DHM_C To enable support for FFDH in PSA MBEDTLS_USE_PSA_CRYPTO needs to be enabled. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-28 13:20:16 +02:00
Przemek Stekiel	6d85afa0cc	Fix naming: FFDH key -> DH key and fix guard in psa_validate_key_type_and_size_for_key_generation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-28 11:42:17 +02:00
Przemek Stekiel	654bef0be0	Fix typos, comments, style, optimize macros Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	87d9a4a30c	Provide PSA_WANT_KEY_TYPE_FFDH_PUBLIC_KEY configuration Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:07:20 +02:00
Przemek Stekiel	84ee3e2921	Adapt config files for FFDH Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 09:04:32 +02:00
Valerio Setti	969e206e28	remove PSA_HAVE_FULL_JPAKE symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 10:55:25 +02:00
Valerio Setti	6f66664ed6	remove PSA_HAVE_FULL_ECDSA symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 10:54:22 +02:00
Valerio Setti	48859cc7d8	remove PSA_HAVE_FULL_ECDH symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 10:50:47 +02:00
Valerio Setti	ccf0be28e8	fix typo Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:40:05 +01:00
Valerio Setti	da8535b74e	ecdh: simplify guards for the newly created PSA_HAVE_FULL_ECDH symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:40:05 +01:00
Manuel Pégourié-Gonnard	235a933f99	PSA hash algs must be a superset of built-ins Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Valerio Setti	5d1f29e700	ssl_tls: fix guards for accelerated ECDH Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-20 14:02:07 +01:00
Valerio Setti	82b484ecbc	ecjpake: fix guards for driver only builds Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-16 08:21:44 +01:00
Manuel Pégourié-Gonnard	45bcb6aac8	Fix dependencies of 1.2 ECDSA key exchanges Having ECDSA in PSA doesn't help if we're not using PSA from TLS 1.2... Also, move the definition of PSA_HAVE_FULL_ECDSA outside the MBEDTLS_PSA_CRYPTO_CONFIG guards so that it is available in all cases. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-10 12:37:15 +01:00
Gilles Peskine	4da92832b0	Merge pull request #7117 from valeriosetti/issue6862 driver-only ECDSA: enable ECDSA-based TLS 1.2 key exchanges	2023-03-09 20:49:44 +01:00
Przemek Stekiel	b8eaf635ba	Remove MBEDTLS_SHA256_C from PSA_WANT_ALG_JPAKE config and adapt test dependencies Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-09 12:14:26 +01:00
Valerio Setti	1470ce3eba	fix typos Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-08 16:50:12 +01:00
Valerio Setti	30c4618970	Add new PSA_HAS_FULL_ECDSA macro for easily signal that PSA has full ECDSA support Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-08 16:47:28 +01:00
Przemek Stekiel	4aa99403f4	Fix configuration for accelerated jpake Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-07 10:50:09 +01:00
Gilles Peskine	bba2630549	Add ECJPAKE secret input types to psa/crypto_config.h Add PSA_WANT_KEY_TYPE_PASSWORD and PSA_WANT_KEY_TYPE_PASSWORD_HASH to psa/crypto_config.h, since the types PSA_KEY_TYPE_PASSWORD and PSA_KEY_TYPE_PASSWORD_HASH are used by ECJPAKE. The two key types are always enabled, like PSA_KEY_TYPE_DERIVE. Add the key types to the metadata test suite as well. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-01-19 12:11:19 +01:00
Gilles Peskine	449bd8303e	Switch to the new code style Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-01-11 14:50:10 +01:00
Tom Cosgrove	1797b05602	Fix typos prior to release Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-12-04 17:19:59 +00:00
Manuel Pégourié-Gonnard	f3f9e450b6	Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 Ad-hoc KDF for EC J-PAKE in TLS 1.2	2022-09-28 09:47:32 +02:00
Manuel Pégourié-Gonnard	18dff1f226	Merge pull request #5871 from superna9999/4153-psa-expose-ec-j-pake Expose ECJPAKE through the PSA Crypto API	2022-09-15 09:25:55 +02:00
Andrzej Kurek	d60907b85d	Define ECJPAKE_TO_PMS in config_psa only if SHA_256 is available Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-14 14:57:51 -04:00
Andrzej Kurek	08d34b8693	Add an EC J-PAKE KDF to transform K -> SHA256(K.X) for TLS 1.2 TLS uses it to derive the session secret. The algorithm takes a serialized point in an uncompressed form, extracts the X coordinate and computes SHA256 of it. It is only expected to work with P-256. Fixes #5978. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-14 08:39:26 -04:00
Andrzej Kurek	65bf73ed6a	Enable HMAC in config_psa.h regardless of MD availability Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-02 04:03:25 -04:00
Neil Armstrong	b764fb60aa	Remove MBEDTLS_MD_C dep in config_psa.h when ECJPAJE is wanted Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-08-31 10:49:18 +02:00
Neil Armstrong	ed40782628	Fix SECP256R1 enable when PSA_WANT_ALG_JPAKE is defined Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-08-31 10:49:18 +02:00

1 2 3

138 commits