Hanno Becker
d84dbe559f
TinyCrypt Test: Adapt pub/prv ECC key parsing tests to TinyCrypt
2019-09-04 16:17:25 +01:00
Hanno Becker
dfb949bb4e
Fixup: Use TC ECC type instead of uint32_t during pubkey parsing
...
Using explicit enumerated types avoids type confusion.
2019-09-04 16:17:25 +01:00
Hanno Becker
28332a5642
TinyCrypt PK write: Impl. PK writing helpers for TC-based PK context
2019-09-04 16:17:25 +01:00
Hanno Becker
64a81b03aa
TinyCrypt PK write: Make PK writing helpers accept PK context
...
This prepares the ground for TinyCrypt-based implementations of
these helpers.
2019-09-04 16:17:25 +01:00
Hanno Becker
c64d5af9ab
Fixup: Don't use legacy ECC error code from TinyCrypt
...
We want to be able to remove legacy ECC entirely when using TinyCrypt,
including their identifiers.
2019-09-04 16:17:25 +01:00
Hanno Becker
c10c9bfc10
TinyCrypt Test: Add guards to ECDSA verify tests from PK test suite
...
- The underlying test vectors are for Secp192r1, while TinyCrypt uses Secp256r1.
- The test implementation is specific to the structure of legacy-ECC PK ctxs.
Addition of analogous tests for TinyCrypt-based ECC PK contexts are left
for a later commit.
2019-09-04 16:17:25 +01:00
Hanno Becker
251d7523fe
TinyCrypt Test: Adapt 'PK utils: ECKEY' test in PK test suite
2019-09-04 16:17:25 +01:00
Hanno Becker
da77971ec8
Fixup: Rename mbedtls_uecc_pk -> mbedtls_pk_uecc
...
This is in line with the naming of the analogous function mbedtls_pk_ec
used for legacy ECC PK contexts.
2019-09-04 16:17:25 +01:00
Hanno Becker
8cf2f5e466
TinyCrypt PK parse: Move TC-based EC public key parsing code-block
...
Keep code-paths handling legacy-ECC vs. TinyCrypt together
for better readability.
2019-09-04 16:17:25 +01:00
Hanno Becker
3bef643987
Fixup: Guard numerous legacy-ECC PK parse functions by !TinyCrypt
2019-09-04 16:17:25 +01:00
Hanno Becker
d336f721c0
Fixup: Add missing TinyCrypt guard in ECC private key parsing
...
PEM-encoded keys with PEM header
-----BEGIN EC PRIVATE KEY-----
...
-----END EC PRIVATE KEY-----
were previously not parsed in configurations using TinyCrypt
instead of legacy ECC crypto.
2019-09-04 16:17:25 +01:00
Hanno Becker
f2bf115057
TinyCrypt Test: Initialize TinyCrypt RNG in test suites if enabled
2019-09-04 16:17:25 +01:00
Hanno Becker
75f8d3276f
TinyCrypt PK parse: Remove MBEDTLS_PK_ECDSA during pubkey parsing
...
The PK type MBEDTLS_PK_ECDSA is never returned from
`mbedtls_pk_info_from_type()`. Instead, EC keys either
are identified as MBEDTLS_PK_ECKEY_DH (in case they
must only be used for ECDHE) or MBEDTLS_PK_ECKEY (in
case they can be used for any algorithm).
2019-09-04 16:17:25 +01:00
Hanno Becker
e65697c351
TinyCrypt PK parse: Handle each PK type precisely once
2019-09-04 16:17:25 +01:00
Hanno Becker
d45f383b01
TinyCrypt PK parse: Impl. EC public key derivation in TC-based ECDSA
2019-09-04 16:17:25 +01:00
Hanno Becker
7e38c37302
TinyCrypt PK parse: Pass TC keypair structure to ECDSA pubkey parse
2019-09-04 16:17:25 +01:00
Hanno Becker
68d5478d8d
TinyCrypt PK parse: Simplify TinyCrypt public key parsing
2019-09-04 16:17:25 +01:00
Hanno Becker
aebffdd363
TinyCrypt PK parse: Add comments to #endif's indicating condition
2019-09-04 16:17:25 +01:00
Hanno Becker
d7e0cd001c
TinyCrypt PK wrap: Add short documentation for extract_ecdsa_sig_int
2019-09-04 16:17:25 +01:00
Hanno Becker
9653d80518
TinyCrypt PK wrap: Implement check_pair PK wrapper
2019-09-04 16:17:25 +01:00
Hanno Becker
4102972d31
TinyCrypt PK wrap: Implement alloc/free PK wrappers
2019-09-04 16:17:25 +01:00
Hanno Becker
11cb2637e7
TinyCrypt PK wrap: Simplify guards in pk_wrap.c
...
With TinyCrypt and legacy ECC mutually exclusive, we don't have
to use #if TINYCRYPT #else #if LEGACY #endif #endif anymore, but
can add the TC and legacy based ECC implementations independently.
2019-09-04 16:17:25 +01:00
Hanno Becker
b1074979b8
all.sh: Remove default + TinyCrypt test from all.sh
...
TinyCrypt and legacy ECC are mutually exclusive by now, and this
commit removes the all.sh test which exercises both simultaenously.
2019-09-04 16:17:25 +01:00
Hanno Becker
52c52f3c2f
check_config: Forbid simultaenous use of TinyCrypt and legacy ECC
2019-09-04 16:17:25 +01:00
Hanno Becker
a417459ab1
Fixup: Remove trailing whitespace in oid.h
2019-09-04 16:17:25 +01:00
Hanno Becker
8ea35458e4
Fixup: TinyCrypt PK verify wrapper uecc_ecdsa_verify_wrap()
...
- TinyCrypt uses `0` for errors.
- The first argument to uECC_verify() should be the public key,
but the previous code passed the beginning of the entire
private-public key structure.
2019-09-04 16:17:25 +01:00
Hanno Becker
9c7a359cc4
Fixup: uecc_ecdsa_sign_wrap() in pk_wrap.c
...
The previous code passed `2 * NUM_ECC_BYTES` as the size limit for
the ECDSA signature, which fails to account for space required by
ASN.1 headers.
2019-09-04 16:17:25 +01:00
Hanno Becker
9a62f2dbfb
Fixup: get_bitlen() PK API in TinyCrypt-based ECDSA
...
- Return number of bits and not number of bytes
- Return length of private key and not length of public key.
2019-09-04 16:17:25 +01:00
Hanno Becker
496b83ff1b
Fixup: Correct include paths for TinyCrypt header files
...
TinyCrypt header files are expected in 'tinycrypt' folder
relative to the include path.
2019-09-04 16:17:25 +01:00
Hanno Becker
ad353f289b
Fixup: Minor style corrections around use of TinyCrypt
2019-09-04 16:17:25 +01:00
Hanno Becker
e8f1448306
Fixup: Remove references to PSA from TinyCrypt wrapper code
2019-09-04 16:17:25 +01:00
Hanno Becker
adf11e13a4
Fixup: Impl. MBEDTLS_PK_ECKEY, not MBEDTLS_PK_ECDSA, via TinyCrypt
...
The PK-type MBEDTLS_PK_ECDSA isn't really used by the library.
Especially, when parsing a generic EC key, a PK context of type
MBEDTLS_PK_ECKEY will be requested. Hence, to drop in TinyCrypt
for the legacy-ECC implementation, the PK type that TinyCrypt
implements must be MBEDTLS_PK_ECKEY.
2019-09-04 16:17:25 +01:00
Hanno Becker
483fd66d21
Fixup: Don't reference legacy ECP curve identifier in check_config.h
2019-09-04 16:17:25 +01:00
Hanno Becker
49ac40b81b
Fixup: Don't reference legacy ECP curve identifier in config.h
...
TinyCrypt should be used as a replacement of legacy ECC. In particular,
there shouldn't be any use of identifiers from the legacy ECC module.
So far, there's the configuration option
MBEDTLS_SSL_CONF_SINGLE_EC_GRP_ID
that's relevant if MBEDTLS_SSL_CONF_SINGLE_CURVE is set, and which in
this case must resolve to an identifier of type mbedtls_ecp_group_id
indicating which single curve to enable.
With the introduction of TinyCrypt, we must either change the type
of this option to mbedtls_uecc_group_id, or introduce a separate
compilation option.
In order to avoid type confusion, this commit follows tha latter
approach, introducing the configuration option
MBEDTLS_SSL_CONF_SINGLE_UECC_GRP_ID
that indicatesthe TinyCrypt group identifier of the single curve
to use (must be Secp256r1) if MBEDTLS_SSL_CONF_SINGLE_CURVE
and MBEDTLS_USE_TINYCRYPT are set.
2019-09-04 16:17:25 +01:00
Hanno Becker
8d49ba3b78
Fixup: Definition of TinyCrypt OID descriptor structure
2019-09-04 16:17:25 +01:00
Jarno Lamsa
7cb5c11067
Missing uECC ECDSA flagging
2019-09-04 16:17:25 +01:00
Jarno Lamsa
ad78931fb3
Signature wrapper for uECC
2019-09-04 16:17:25 +01:00
Jarno Lamsa
9c9e77a8ad
Actually use the parse functions
2019-09-04 16:17:25 +01:00
Jarno Lamsa
b176092656
Parse private key in uecc format
...
Parse the private key from cert in uecc format.
Accept only P-256 curve.
2019-09-04 16:17:25 +01:00
Jarno Lamsa
42b83db1eb
Verify sign wrapper functionality for uECC
2019-09-04 16:17:25 +01:00
Simon Butcher
e1c5608370
Merge remote-tracking branch 'origin/pr/650' into baremetal
2019-09-04 12:53:09 +01:00
Vikas Katariya
cc9135f42e
Changelog entry
2019-09-04 12:46:02 +01:00
Simon Butcher
42e4e723e8
Merge remote-tracking branch 'origin/pr/648' into baremetal
2019-09-04 12:42:35 +01:00
Simon Butcher
a5e29e31c8
Merge remote-tracking branch 'origin/pr/646' into baremetal
2019-09-04 12:41:05 +01:00
Simon Butcher
8afa0883af
Merge remote-tracking branch 'origin/pr/641' into baremetal
2019-09-04 12:17:33 +01:00
Vikas Katariya
0c34499805
Check for zero length and NULL buffer pointer
...
In reference to issue https://github.com/ARMmbed/mbed-crypto/issues/49
2019-09-04 11:19:38 +01:00
Unknown
43dc0d6a8f
ssl-opt.sh: wait for proxy to start before running the script further
2019-09-04 06:06:46 -04:00
Jaeden Amero
e7e55158f8
Merge remote-tracking branch 'origin/mbedtls-2.16' into mbedtls-2.16-restricted
...
* origin/mbedtls-2.16:
Fix uninitialized variable in x509_crt
Fix the license header of hkdf
Add ChangeLog entry
fix memory leak in mpi_miller_rabin()
2019-09-03 19:43:13 +01:00
Jaeden Amero
fe1d66d3e2
Merge remote-tracking branch 'origin/pr/2813' into mbedtls-2.16
...
* origin/pr/2813:
Fix uninitialized variable in x509_crt
2019-09-03 16:34:23 +01:00
Jaeden Amero
f170449daf
Merge remote-tracking branch 'origin/pr/2770' into mbedtls-2.16
...
* origin/pr/2770:
Fix the license header of hkdf
2019-09-03 16:33:28 +01:00