mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 09:40:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
30,651 Commits 170 Branches 263 Tags
Commit Graph

30651 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ronald Cron
05c1ba22f0 Add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
8d63084bd1 tls13: Do not initiate at all resumption if tickets not supported 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
fccfa69de8 tls13: Fix doc of mbedtls_ssl_session_set() - 2 
Fix documentation of mbedtls_ssl_session_set()
regarding its dependency on MBEDTLS_SSL_SESSION_TICKETS
in TLS 1.3 case.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
7fb4343ee9 tls13: Fix doc of mbedtls_ssl_session_set() - 1 
It was eventually decided to not support multiple
tickets in TLS 1.3 ClientHello messages thus
removing the parts in mbedtls_ssl_session_set()
documentation that were anticipating that.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
e221f67f15 tls13: Fix doc of mbedtls_ssl_session_get() - 2 
Fix documentation of mbedtls_ssl_session_get()
regarding its interaction with session
ticket enablement.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
de4183f580 tls13: Fix doc of mbedtls_ssl_session_get() - 1 
The API has eventually not been changed to
return multiple tickets through multiple
subsequent call to it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
48e29a1271 tls: Fix doc of mbedtls_ssl_session_save() 
Fix documentation of mbedtls_ssl_session_save()
regarding its dependency on MBEDTLS_SSL_SESSION_TICKETS
in TLS 1.3 session case.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
698c8e902e ssl_msg.c: Rename _check_new_session_ticket to _is_new_session_ticket 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
6a8e4eb8d1 all.sh: Use full instead of default as the base for the new component 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
f02af2d1c5 tests: ssl: Fix dependencies of SRV TLS 1.3 session serialization tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
54a9b11bb5 ssl-opt.sh: Add tests where tickets are ignored 
Add tests where we explicitely check that
tickets are ignored on client side when
the support is not enabled.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
6071f611f6 tls13: cli: Ignore tickets if not supported 
If a TLS 1.3 client receives a ticket and
the feature is not enabled, ignore it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Norbert Fabritius
c93fc86517 ssl-opt.sh: Add missing MBEDTLS_SSL_SESSION_TICKETS dependencies 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Norbert Fabritius
06d9934b85 all.sh: Add component testing default minus session tickets 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
094f55333d tests: ssl: Fix dependencies of TLS 1.3 session serialization tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:32 +02:00
Ronald Cron
346b81877d tests: ssl: Add hostname checks in session serialization tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:31 +02:00
Ronald Cron
1fb585492d tests: ssl: Remove redundant test 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:31 +02:00
Ronald Cron
819636994e tests: ssl: Fix session field guards 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:31 +02:00
Norbert Fabritius
93b2c32ece Constify parameter of ssl_tls13_session_load 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
 2024-04-05 14:16:31 +02:00
Norbert Fabritius
ba1de9fa4e Enable ssl_tls13_get_ciphersuite_hash_alg only if macro is active 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
 2024-04-05 14:16:31 +02:00
Norbert Fabritius
b6ff6101d9 Unconditionally define session variable 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
 2024-04-05 14:16:31 +02:00
Ronald Cron
5e297b984d tls13: srv: Fix guards of _is_psk_(ephemeral_)available 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 14:16:31 +02:00
Norbert Fabritius
da0d169fae Guard ticket specific TLS 1.3 function with macro 
Guard ssl_tls13_write_new_session_ticket_coordinate with
MBEDTLS_SSL_SESSION_TICKETS macro.

Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
 2024-04-05 14:16:31 +02:00
Bence Szépkúti
4ee6ddca86
Merge pull request #9004 from valeriosetti/issue8903-backport 
[Backport 3.6] Test gap: mbedtls_pk_check_pair with MBEDTLS_PK_OPAQUE
 2024-04-04 13:44:31 +00:00
Bence Szépkúti
ec17c1c1ab
Merge pull request #9005 from valeriosetti/issue8712-backport 
[Backport 3.6] Clarify the documentation of mbedtls_pk_setup_opaque
 2024-04-04 13:41:15 +00:00
Tom Cosgrove
387aafff5b
Merge pull request #9007 from mpg/checkbox-3.6 
Add 3.6 backport checkbox to the PR template
 2024-04-04 10:33:22 +00:00
Manuel Pégourié-Gonnard
b76573c662 We now have two LTS branches to backport to. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-04 10:44:18 +02:00
Valerio Setti
fd0e2f3beb pk: fix documentation of mbedtls_pk_setup_opaque() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
b2470d9bbf pk: fix typos in description of mbedtls_pk_setup_opaque() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
320180f043 pk: add check_pair info to mbedtls_pk_setup_opaque() documentation 
This also updates use-psa-crypto.md accordingly.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
b2840b0aac test_suite_pk: add failing check for sign_ext() in pk_psa_wrap_sign_ext() 
If the wrapped key has a PKCS1 v1.5 signature algorithm, then try
to call sign_ext() to perform PSA RSS. Of course this will fail
because it's not supported by the wrapped key.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
a53f54350e pk: simplify mbedtls_pk_sign_ext() 
In case of opaque keys skip the check of the supported primary/enrollment
algorithms. Just try to perfom the signature and if the wrapped key
does not support RSA PSS the operation will fail automatically.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
c26646c211 pk: fix description of mbedtls_pk_setup_opaque for sign_ext() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
c51b08ca1d pk: fix indentation in description of mbedtls_pk_setup_opaque() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
013fa95222 pk: fix description of mbedtls_pk_setup_opaque() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
872b8c4678 pk: update documentation of mbedtls_pk_setup_opaque() based on #8951 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
3c5ea11284 pk: fix documentation for mbedtls_pk_setup_opaque() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
b711a987d3 pk: improve documentation of mbedtls_pk_setup_opaque() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
7ab1861163 pk: fix documentation for mbedtls_pk_setup_opaque() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Valerio Setti
7e9711ae07 test_suite_pk: test check_pair() also with opaque RSA keys 
check_pair() is not supported by opaque RSA keys, but we want
to be sure that calling this functions fails nicely instead
for crashing.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 07:02:47 +02:00
Paul Elliott
30978ec650
Merge pull request #8874 from stevenwdv/development 
Fix compilation on macOS without apple-clang
 2024-03-29 13:59:36 +00:00
minosgalanakis
e146940714
Merge pull request #1216 from Mbed-TLS/mbedtls-3.6.0_mergeback 
Mbedtls 3.6.0 mergeback
 2024-03-28 14:31:03 +00:00
Minos Galanakis
9860056006 Revert "Autogenerated files for 3.6.0" 
This reverts commit e8a6833b2878f1c08b8f96fe35e2812367e32ef3.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-27 17:36:15 +00:00
minosgalanakis
2ca6c285a0
Merge pull request #1215 from Mbed-TLS/mbedtls-3.6.0rc1-pr 
Mbedtls 3.6.0rc1
v3.6.0 mbedtls-3.6.0 		2024-03-26 14:58:02 +00:00
Minos Galanakis
078f823843 Merge pull request #8990 from tom-cosgrove-arm:record-size-limit-support-is-now-released 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-26 12:32:00 +00:00
Minos Galanakis
a11b9d69dd Merge pull request #8989 from tom-cosgrove-arm:fix-typo-in-psa_key_production_parameters_t-doc 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-26 12:31:38 +00:00
Tom Cosgrove
f02c6ef86d Fix typo in psa_key_production_parameters_t doc: 65535 should be 65537 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2024-03-26 12:25:07 +00:00
Tom Cosgrove
1b3b1743f5 Record size limit support is released, so remove warning about only for testing 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2024-03-26 12:23:49 +00:00
minosgalanakis
7424296082
Merge pull request #1213 from Mbed-TLS/mbedtls-3.6.0rc0-pr 
Mbedtls 3.6.0 Release Candidate
 2024-03-22 22:50:33 +00:00
Minos Galanakis
e8a6833b28 Autogenerated files for 3.6.0 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-22 16:00:55 +00:00