| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
|
|
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
|
|
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
|
|
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
|
|
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
|
|
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
|
|
Replace MBEDTLS_MD_CAN_SHA3_512 with PSA_WANT_ALG_SHA3_512
|
|
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
|
|
Replace MBEDTLS_MD_CAN_SHA384 with PSA_WANT_ALG_SHA_384
|
|
Replace MBEDTLS_MD_CAN_RIPEMD160 with PSA_WANT_ALG_RIPEMD160
|
|
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
|
|
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
|
|
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
|
|
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
|
|
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
|
|
Parse an OID from a string
|
|
Make overflow check more accurate and add testcases
Signed-off-by: David Horstmann <david.horstmann@arm.com>
|
|
The longest OID known by oid-info.com is 34 components[1], so 128
should be plenty and will limit the potential for attacks.
[1] http://oid-info.com/get/1.3.6.1.4.1.1248.1.1.2.1.3.21.69.112.115.111.110.32.83.116.121.108.117.115.32.80.114.111.32.52.57.48.48
Signed-off-by: David Horstmann <david.horstmann@arm.com>
|
|
After this, only PK, X.509 and TLS remain to be done.
Deterministic uses HMAC-DRBG which uses MD, so it needs crypto_init()
when using a driver-only hash.
Also, remove a special-purpose macro that's no longer needed.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
|
|
When passed an empty OID, mbedtls_oid_get_numeric_string would read one
byte from the zero-sized buffer and return an error code that depends on
its value. This is demonstrated by the test suite changes, which
check that an OID with length zero and an invalid buffer pointer does
not cause Mbed TLS to segfault.
Also check that second and subsequent subidentifiers are terminated, and
add a test case for that. Furthermore, stop relying on integer division
by 40, use the same loop for both the first and subsequent
subidentifiers, and add additional tests.
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
|
|
Signed-off-by: David Horstmann <david.horstmann@arm.com>
|
|
Signed-off-by: David Horstmann <david.horstmann@arm.com>
|
|
The more precise error codes are borrowed from the ASN1 module.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
|
|
Signed-off-by: David Horstmann <david.horstmann@arm.com>
|
|
Signed-off-by: David Horstmann <david.horstmann@arm.com>
|
|
corresponding MBEDTLS_HAS_ALG_xxx_VIA_LOWLEVEL_OR_PSA
*** Comparing before-default -> after-default ***
x509parse: total 723; skipped 26 -> 26
x509write: total 41; skipped 8 -> 8
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing before-full -> after-full ***
x509parse: total 723; skipped 25 -> 25
x509write: total 41; skipped 0 -> 0
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
*** Comparing reference -> drivers ***
x509parse: total 723; skipped 89 -> 89
x509write: total 41; skipped 3 -> 3
pem: total 13; skipped 0 -> 0
oid: total 28; skipped 0 -> 0
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
|
|
Rework SHA224 and SHA283 documentation.
Define MBEDTLS_SHAxxx_C options in alphabetic order.
Fix SHA224 and SHA384 dependencies in test suites.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
|
|
These options are still dependant on each other.
This is an intermediate step.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
|
|
|
|
Add the `MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES` to the list
of supported x509 extensions, in `mbedtls_oid_get_x509_ext_type()`.
|
|
Add the Wisun extended key usage oid and tests.
|
|
Add a function for getting the certificate policy. Currently only
"Any Policy" is supported.
|
