Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do Not Review, Do Not Merge: Do Not Review, Do Not Merge: Prototype for single file PSA/Legacy Mbed TLS configs #24

Open
wants to merge 25 commits into
base: main
Choose a base branch
from
+353 −141
Open

Do Not Review, Do Not Merge: Do Not Review, Do Not Merge: Prototype for single file PSA/Legacy Mbed TLS configs #24

Changes from 1 commit
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
f6d3c44
[nrf noup] Undef PSA crypto client in crypto_types
frkv Nov 29, 2021
92a84d6
[nrf noup] Remove redefinition ECC_MAX_CURVE_BITS
Vge0rge Dec 13, 2021
d3eb208
[nrf noup] Check if ECP_MAX_BITS is set in ecp.h
Vge0rge Jan 20, 2022
8ffbcc1
[nrf noup] Check if GCM_C is defined in gcm.h
Vge0rge Jan 20, 2022
f1f21d2
[nrf noup] Add driver_wrapper call for derivation
Vge0rge Jan 30, 2022
ca1e6b2
[nrf noup] Enable use of SNI without x509.
plskeggs Feb 5, 2022
dbbe35f
[nrf noup] Enable auto-generation of additional TLS/DTLS docs
plskeggs Feb 14, 2022
a9d5a5a
[nrf toup] pk_wrap: Add missing MD description for ECDSA verify
frkv Mar 10, 2022
3da802b
[nrf noup] Disable reporting ecjpake kkpp extension for PSK
frkv Apr 5, 2022
24c4ec1
[nrf noup] Fix PSA MAC for CMAC key types
frkv Apr 5, 2022
f6ff46f
[nrf_noup] Add opaque oberon context for hash
Vge0rge Apr 10, 2022
2863179
[nrf noup] Fix unset key bits for nrf_cc3xx v0.9.14
frkv May 12, 2022
c56a2ae
[nrf noup] Zeroize the Mbedtls entropy mutex
Vge0rge Sep 13, 2022
7322ffa
[nrf noup] Constant size for psa_core_key_attributes_t struct
mswarowsky Sep 30, 2022
45374c0
[nrf toup] Fix RSA dependency on PK write when enabling PSA crypto
joerchan Feb 17, 2023
a58396e
[nrf fromlist] library: psa_crypto: Fix compilation error in psa_key_…
joerchan Feb 17, 2023
829e3ed
[nrf fromlist] psa_crypto: Fix psa_key_derivation_output_key ECC with…
joerchan Mar 1, 2023
b573773
[nrf_noup] mbedtls: Circumvent ECJPAKE API inconsistency for OpenThread
maciejbaczmanski Sep 15, 2023
2d81092
[nrf noup] Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing
frkv Oct 16, 2023
4a204f2
[nrf noup] Fix buffer overflow in TLS 1.3 ECDH public key parsing
frkv Oct 16, 2023
acea48f
[nrf noup] Fix buffer overread with stream cipher
frkv Oct 17, 2023
8277390
[nrf noup] mbedtls: Remove enforcing config_psa.h
frkv Sep 6, 2023
7239fbd
[nrf noup] mbedtls: MBEDTLS_PSA_CRYPTO_CLIENT
frkv Dec 5, 2023
81e3610
[nrf noup] mbedtls: ifdef guard around PSA_VENDOR_ECDSA_SIGNATURE_MAX…
frkv Dec 5, 2023
53e4153
[nrf noup] mbedtls: HACK: Make ECJPAKE use legacy for non TF-M
frkv Dec 1, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
[nrf noup] Fix unset key bits for nrf_cc3xx v0.9.14 
-The runtime library expects key-bits to be set when it is not
 for cipher and ECDSA, this is fixed here. This may be an issue
 either in Mbed TLS or in nrf_cc3xx v0.9.14. Hence setting as a
 noup

ref: NCSDK-13857

Signed-off-by: Frank Audun Kvamtrø <frank.kvamtro@nordicsemi.no>
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
(cherry picked from commit 67cb08f)
(cherry picked from commit 1707e93)
@frkv @de-nordic
frkv authored and de-nordic committed May 26, 2023
commit 28631799df112faaaac02800b1bbefba0dfc225d
1 change: 1 addition & 0 deletions library/cipher.c
View file
Original file line number Diff line number Diff line change
@@ -284,6 +284,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
/* mbedtls_psa_translate_cipher_operation( operation ); */
PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
psa_set_key_algorithm( &attributes, cipher_psa->alg );
psa_set_key_bits( &attributes, (size_t) key_bitlen );

status = psa_import_key( &attributes, key, key_bytelen,
&cipher_psa->slot );
1 change: 1 addition & 0 deletions library/pk_wrap.c
View file
Original file line number Diff line number Diff line change
@@ -953,6 +953,7 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg,
psa_set_key_type( &attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ) );
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH );
psa_set_key_algorithm( &attributes, psa_sig_md );
psa_set_key_bits( &attributes, curve_bits );

status = psa_import_key( &attributes,
buf + sizeof( buf ) - key_len, key_len,