aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
6 daysMerge pull request #8957 from valeriosetti/issue8836developmentcoverity_scanManuel Pégourié-Gonnard
Unify consistency tests for mbedtls_pk_import_into_psa and mbedtls_pk_copy_from_psa
6 daysMerge pull request #8967 from ↵Manuel Pégourié-Gonnard
ronald-cron-arm/improve-version-selection-tests-titles ssl-opt.sh: Improve version selection test titles
7 daysMerge pull request #8586 from lpy4105/issue/fix-fake-case-listed-in-compat_shManuel Pégourié-Gonnard
Fix fake cases listed of compat.sh
7 daysMerge pull request #8941 from daverodgman/branches-3.6ltsminosgalanakis
Update BRANCHES for 3.6
7 daysMerge pull request #8951 from valeriosetti/issue8938Manuel Pégourié-Gonnard
mbedtls_pk_setup_opaque always uses PKCS#1v1.5 for RSA keys
7 daysssl-opt.sh: Improve version selection test titlesRonald Cron
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
8 daystest_suite_pk: fix guards in pk_psa_sign()Valerio Setti
If the public key is exported with mbedtls_pk_write_pubkey_der() it should be re-imported with mbedtls_pk_parse_public_key(). Alternative options (when PK_WRITE is not defined), i.e. mbedtls_ecp_point_write_binary() and mbedtls_rsa_write_pubkey(), export the key in a different format which cannot be parsed by pk_parse module so mbedtls_ecp_point_read_binary() and mbedtls_rsa_parse_pubkey() should be used respectively in this case. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
8 daysadd changelogValerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
8 dayspkwrite: add new internal symbol for the max supported public key DER lengthValerio Setti
This is also used in pk_psa_sign() to properly size buffers holding the public key. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
8 daystest_suite_pk: uniformly generate RSA and EC keys in pk_psa_sign()Valerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
8 daystest_suite_pk: fix guards in pk_psa_sign()Valerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
8 daystest_suite_pk: test also RSA OAEP in pk_wrap_rsa_decrypt_test_vec()Valerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
8 dayspk_wrap: fix algorithm selection in rsa_opaque_decrypt()Valerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
8 daystest_suite_pk: fix guards in pk_psa_sign()Valerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
8 daystest_suite_pk: simplify pk_copy_from_psa_success()Valerio Setti
Use mbedtls_test_key_consistency_psa_pk() to verify that the generated PK contexts match with the original PSA keys instead of doing sign/verify and encrypt/decrypt. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
9 daystest_suite_pk: properly size buffers for public keys in pk_psa_sign()Valerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
9 daystest_suite_pk: test also RSA keys with PKCS1 v2.1 padding mode in pk_psa_sign()Valerio Setti
Previously only only PKCS1 v1.5 was tested. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
9 dayspk_wrap: fix algorithm selection in rsa_opaque_sign_wrap()Valerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
9 daystest_suite_pk: fix RSA issue in pk_psa_sign() when !PK_[PARSE|WRITE]_C are ↵Valerio Setti
defined This bug was not found until now because: - !PK_[WRITE|PARSE]_C is only tested in component_full_no_pkparse_pkwrite() - the test only case concerning RSA key had MBEDTLS_PK_WRITE_C as dependency so it was not executed in that component. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
9 daystest_suite_pk: rename some variables in pk_psa_sign()Valerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
9 daystest_suite_pk: reshape pk_psa_sign()Valerio Setti
The behavior of the functions is kept intact. Changes concern: - generate the initial PK context using PSA parameters only; this allows to remove 1 input parameter for the test function. - add/fix comments. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
9 daysMerge pull request #8942 from valeriosetti/fix-null-dereferenceGilles Peskine
[Bugfix] Fix null dereference in `mbedtls_pk_verify_ext()`
9 daysMerge pull request #8932 from ronald-cron-arm/enable-tls13-by-defaultManuel Pégourié-Gonnard
Enable TLS 1.3 by default
9 daystest_suite_pk: always test verify_ext with opaque keys in pk_psa_wrap_sign_ext()Valerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
10 daysadd changelogValerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
10 daysMerge pull request #8940 from paul-elliott-arm/add_fixes_to_threading_changelogPaul Elliott
Add issues fixed to threading MVP changelog entry
10 daysReplace reference to masterDave Rodgman
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
10 dayspk: check PK context type in mbedtls_pk_verify_ext() before trying RSA PSSValerio Setti
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
10 daystest_suite_pk: extend pk_psa_wrap_sign_ext()Valerio Setti
Try to perform verify_ext() using the opaque context when the key type is MBEDTLS_PK_RSASSA_PSS. This currently leads to a crash while running the test suite and this will be fixed by the next commit. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
10 daysUpdate BRANCHESDave Rodgman
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
10 daysMerge pull request #8939 from daverodgman/codestyle-autogenDave Rodgman
Codestyle autogen fix
10 daysAdd issues fixed to changelog entryPaul Elliott
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
10 daysMinor relaxation to auto-gen regexDave Rodgman
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
10 daysall.sh: Add TLS 1.2 only componentRonald Cron
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
10 daysall.sh: Adapt/Fix some componentsRonald Cron
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
10 daysall.sh: Disable TLS 1.3 when pre-requisites are not meetRonald Cron
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
10 daysEnable TLS 1.3 by defaultRonald Cron
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
10 daysMerge pull request #8928 from Ryan-Everett-arm/update-psa-thread-safety-docsgh-readonly-queue/development/pr-8928-47f8d0e840a5ab0179c5b90fbecf4609ef896268Dave Rodgman
Update psa-thread-safety.md to reflect version 3.6 changes
10 daysline length fixDave Rodgman
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
10 daysCheck file content to see if it looks auto-generatedDave Rodgman
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
10 daysMerge pull request #8934 from paul-elliott-arm/add_threading_changelogManuel Pégourié-Gonnard
Add changelog entry for threading MVP
10 daysUpdate docs/architecture/psa-thread-safety/psa-thread-safety.mdRyan Everett
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com> Signed-off-by: Ryan Everett <ryan.everett@arm.com>
10 daysMerge pull request #8921 from ↵Manuel Pégourié-Gonnard
gilles-peskine-arm/pk_import_into_psa-test-lifetime pk_import_into_psa: test persistent keys
11 daysAdd changelog entry for threading MVPPaul Elliott
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
13 daysMerge pull request #8901 from paul-elliott-arm/make_psa_global_data_safePaul Elliott
Make PSA global_data thread safe
13 daysRespond to feedback on psa-thread-safety.mdRyan Everett
A few typo fixes, extrapolations and extra details. Signed-off-by: Ryan Everett <ryan.everett@arm.com>
13 daysUpdate slot transition diagramRyan Everett
Adds missing transition and italicises internal functions Signed-off-by: Ryan Everett <ryan.everett@arm.com>
13 daysMerge pull request #8930 from ronald-cron-arm/tls13-doc-updateManuel Pégourié-Gonnard
TLS 1.3: Documentation update for 3.6 release
13 daysAdd explanatory comment for init flagsPaul Elliott
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
13 daysAdd comments about RNG mutex requirementsPaul Elliott
Signed-off-by: Paul Elliott <paul.elliott@arm.com>