Hanno Becker
9bd8842c77
PSA: Adapt ssl_server2 to hew key policy initialization API
2019-01-25 14:27:01 +00:00
Hanno Becker
1387124c89
PSA: Adapt ssl_client2 to new key policy initialization API
2019-01-25 14:26:26 +00:00
Hanno Becker
37519ea5f8
PSA: Adapt ssl_client2 to modified key slot allocation API
2019-01-25 14:26:01 +00:00
Hanno Becker
8d865dfe37
PSA: Adapt PK test suite to new key policy initialization API
2019-01-25 14:25:16 +00:00
Hanno Becker
353295ac70
PSA: Adapt PK test suite to modified key slot allocation mechanism
2019-01-25 14:25:00 +00:00
Hanno Becker
4a2949ba29
Update crypto submodule
...
Includes PRs #6 , #18 , #19 .
2019-01-25 14:23:06 +00:00
Jaeden Amero
4d69cf1a84
Merge pull request #13 from Patater/pubkey-format
...
Simplify RSA and EC public key formats
2019-01-25 10:09:40 +00:00
Andrzej Kurek
4b5686537f
Update crypto version to use new key allocation
2019-01-25 03:16:49 -05:00
Andrzej Kurek
4687ea0271
Revert .gitmodules update - point back to development
2019-01-25 03:15:37 -05:00
Gilles Peskine
eb2d4b9037
Test that HASH_ANY is not meaningful for OAEP
...
PSA_ALG_HASH_ANY is specified as meaningful only for signature.
2019-01-24 13:05:36 +01:00
Antonin Décimo
36e89b5b71
Fix #2370 , minor typos and spelling mistakes
2019-01-24 10:37:40 +01:00
Jaeden Amero
21fec0c1c5
psa: Expand documentation for psa_key_agreement()
...
Document `peer_key` parameter requirements, including an explanation of
how the peer key is used and an example for EC keys.
2019-01-23 17:39:46 +00:00
Jaeden Amero
c67200d0e6
psa: Remove extra status handling from import
...
Remove extra status handling code from psa_import_key_into_slot(). This
helps save a tiny amount of code space, but mainly serves to improve the
readability of the code.
2019-01-23 17:39:46 +00:00
Jaeden Amero
cd09d8c83a
psa: Refactor psa_import_rsa_key() pk-using code
...
Move pk-using code to inside psa_import_rsa_key(). This aligns the shape
of psa_import_rsa_key() to match that of psa_import_ec_private_key() and
psa_import_ec_public_key().
2019-01-23 17:39:46 +00:00
Jaeden Amero
ccdce90adb
psa: Simplify EC public key format
...
Remove front matter from our EC key format, to make it just the contents
of an ECPoint as defined by SEC1 section 2.3.3.
As a consequence of the simplification, remove the restriction on not
being able to use an ECDH key with ECDSA. There is no longer any OID
specified when importing a key, so we can't reject importing of an ECDH
key for the purpose of ECDSA based on the OID.
2019-01-23 17:39:46 +00:00
Jaeden Amero
97271b37c8
psa: Use psa_status_t in psa_key_agreement_ecdh()
...
Use the PSA-native status type in psa_key_agreement_ecdh() in
preparation for us calling PSA functions (and not just Mbed TLS
functions) and still being able to return a psa_status_t (without having
to translate it to a Mbed TLS error and then back again).
2019-01-23 17:31:50 +00:00
Jaeden Amero
25384a236e
psa: Simplify RSA public key format
...
Remove pkcs-1 and rsaEncryption front matter from RSA public keys. Move
code that was shared between RSA and other key types (like EC keys) to
be used only with non-RSA keys.
2019-01-23 17:31:50 +00:00
Jaeden Amero
0b6b871056
Merge pull request #22 from ARMmbed/iotssl-2697-psa-key-allocation-crypto
...
Adapting to the new PSA key slot allocation mechanism
2019-01-23 15:00:19 +00:00
Jaeden Amero
cfb7ae9318
Merge pull request #16 from itayzafrir/spm-support-crypto-handles-api
...
Support for slots to handles crypto API changes under SPM
2019-01-23 13:38:50 +00:00
Andrzej Kurek
dae1768de7
Update .gitmodules file to point to a sibling branch in mbed-crypto
2019-01-23 06:38:45 -05:00
Andrzej Kurek
54c139f141
Remove unnecessary "#" sign from PSA macros
2019-01-23 06:23:53 -05:00
Andrzej Kurek
f410a5c251
Fix indentation of documentation
2019-01-23 06:23:31 -05:00
Andrzej Kurek
e1a8187df9
pk_wrap: pass curve size instead of a larger size of the exported key
...
Whitespace fixes
2019-01-23 06:23:21 -05:00
Andrzej Kurek
1ec0fee458
pk: wrap curve_id before passing it to PSA
...
Add a helper function in PSA utils
2019-01-23 06:23:12 -05:00
Andrzej Kurek
08dfceaba4
cipher: fixed key ownership scope
...
Indicate key ownership earlier, so that it gets destroyed on faulty policy setting.
2019-01-23 06:22:42 -05:00
Andrzej Kurek
c750932f2c
Adapt to the new key allocation mechanism
2019-01-23 06:22:32 -05:00
Gilles Peskine
870f5dc656
Add missing test dependency
2019-01-23 10:42:23 +01:00
Simon Butcher
8e763329ad
Merge remote-tracking branch 'public/pr/2040' into development
2019-01-23 10:28:25 +01:00
Simon Butcher
442ca5710b
Merge remote-tracking branch 'public/pr/1375' into development
2019-01-23 10:27:05 +01:00
Simon Butcher
a3c821d143
Merge remote-tracking branch 'public/pr/2319' into development
2019-01-23 10:21:05 +01:00
Simon Butcher
38cb940692
Merge remote-tracking branch 'public/pr/2231' into development
2019-01-23 10:20:08 +01:00
Simon Butcher
0999ca3063
Merge remote-tracking branch 'public/pr/2326' into development
2019-01-23 10:19:25 +01:00
Simon Butcher
d4e327c4ff
Merge remote-tracking branch 'public/pr/2345' into development
2019-01-23 10:14:52 +01:00
Simon Butcher
d253bb49e7
Merge remote-tracking branch 'public/pr/2352' into development-psa
2019-01-23 09:43:50 +01:00
Jaeden Amero
494624d299
Merge pull request #18 from gilles-peskine-arm/psa-hash_clone
...
New function psa_hash_clone
2019-01-22 17:35:25 +00:00
Gilles Peskine
eb35d78a11
Style fix
2019-01-22 17:56:16 +01:00
Jaeden Amero
9c0c79e877
Merge pull request #19 from gilles-peskine-arm/psa-no_type_on_allocate_key
...
Don't require a type and size when creating a key slot
2019-01-22 14:37:08 +00:00
Andrzej Kurek
c847d9ff8d
Change PSA submodule url
2019-01-22 07:13:10 -05:00
Andrzej Kurek
7deba18576
Remove unnecessary "#" sign from PSA macros
2019-01-22 06:29:45 -05:00
Gilles Peskine
e43aa39397
hash_clone: Fix copypasta and add a functional description
2019-01-21 14:50:37 +01:00
Gilles Peskine
d40c1fbd50
Don't require a type and size when creating a key slot
...
Remove the type and bits arguments to psa_allocate_key() and
psa_create_key(). They can be useful if the implementation wants to
know exactly how much space to allocate for the slot, but many
implementations (including ours) don't care, and it's possible to work
around their lack by deferring size-dependent actions to the time when
the key material is created. They are a burden to applications and
make the API more complex, and the benefits aren't worth it.
Change the API and adapt the implementation, the units test and the
sample code accordingly.
2019-01-19 12:20:52 +01:00
Gilles Peskine
ebb2c3e419
New function psa_hash_clone
...
Clone a hash operation.
Test good cases as part as multipart tests. Add new test functions for
the state machine.
2019-01-19 12:03:41 +01:00
Ron Eldor
574ac577b0
Specify server certificate to use in SHA-1 test
...
Specify the SHA-1 server certificate to use in the SHA-1 test,
because now the default certificates use SHA256 certificates.
2019-01-17 00:36:42 +02:00
ILUXONCHIK
acfee8eb04
refactor CA and SRV certificates into separate blocks
2019-01-17 00:35:40 +02:00
ILUXONCHIK
2bd7f99685
refactor SHA-1 certificate defintions and assignment
...
As per refactoring suggestion that I made in #1520 .
2019-01-17 00:32:36 +02:00
ILUXONCHIK
d94b3e7368
refactor server SHA-1 certificate definition into a new block
2019-01-17 00:29:18 +02:00
ILUXONCHIK
2f27790565
define TEST_SRV_CRT_RSA_SOME in similar logic to TEST_CA_CRT_RSA_SOME
2019-01-17 00:25:26 +02:00
ILUXONCHIK
914df7937d
server SHA-256 certificate now follows the same logic as CA SHA-256 certificate
2019-01-17 00:25:26 +02:00
ILUXONCHIK
4d7082288f
add entry to ChangeLog
2019-01-17 00:17:55 +02:00
Andres Amaya Garcia
8761d929da
Add ChangeLog entry for unused bits in bitstrings
2019-01-16 19:00:22 +00:00