* #3742 After input of a key as SECRET in the derivation, allow the
derivation result to be used as key.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
* #3741 Allow key agreement inside derivation with a key that's allowed
for the relevant agreement.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
“Prior to Mbed TLS 2.24” suggests that 2.24 itself didn't use the old
policy anymore, but it did. Change to “Until”, and also give the exact
version number “2.24.0”.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
From now on, external contributions are no longer acknowledged in the
changelog file. They of course remain acknowledged in the Git history.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Starting with commit 49e94e3, the do/while loop in
`rsa_prepare_blinding()` was changed to a `do...while(0)`, which
prevents retry from being effective and leaves dead code.
Restore the while condition to retry, and lift the calls to finish the
computation out of the while loop by by observing that they are
performed only when `mbedtls_mpi_inv_mod()` returns zero.
Signed-off-by: Peter Kolbus <peter.kolbus@garmin.com>
Python should not be required for the build when the no_test target is
used. This commit adds the generated file to the source tree and the
check-generated-files script, and removes the generation from (c)make.
Fixes#3524
Signed-off-by: Cameron Nemo <cnemo@tutanota.com>
Move key identifier related macros and functions from
crypto_types.h to crypto_values.h as the latter is
the intended file to put them in.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
No obvious reason to not enable owner identifier encoding
in baremetal as multi-client support is expected to be needed
for some embedded platforms. Thus enable it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
* Reworked the cipher context once again to be more robustly defined
* Removed redundant memset
* Unified behaviour on failure between driver and software in cipher_finish
* Cipher test driver setup function now also returns early when its status
is overridden, like the other test driver functions
* Removed redundant test cases
* Added bad-order checking to verify the driver doesn't get called where
the spec says it won't.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
As pointed out by Ronald. The key slot is populated using
get_key_from_slot, and after calling the driver the slot is
validated to not contain an external key, so calling
get_transparent_key is superfluous.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Added zeroization of the wrapper context on failure/abort, and reliance on
the crypto core to not call an uninitialised wrapper.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Once an operation has been 'accepted' by a driver, the remainder is bound
to the same driver, since driver-specific context structs cannot be shared.
This provides a pretty good gate mechanism for the fallback logic, too.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>