mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 18:40:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
29,549 Commits 170 Branches 263 Tags
Commit Graph

6726 Commits

Author SHA1 Message Date
BrianX7c
5c7ab6fe86
[cipher.h] Arithmetic overflow in binary left shift operation (MBEDTLS_KEY_BITLEN_SHIFT) 
Fixing arithmetic overflow warning (C6297), if compiled in Visual Studio

Signed-off-by: BrianX7c <151365853+BrianX7c@users.noreply.github.com>
 2023-11-18 11:07:37 +01:00
Paul Elliott
9e25936241 Rename mutex->is_valid to mutex->state 
Rename struct member to make it more representative of its current use.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:14:16 +00:00
Paul Elliott
3774637518 Make threading helpers tests thread safe 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:13:49 +00:00
Paul Elliott
5fa986c8cb Move handling of mutex->is_valid into threading_helpers.c 
This is now a field only used for testing.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-16 15:13:05 +00:00
Valerio Setti
9b7a8b2a0c ccm/gcm: reaplace CIPHER_C functions with BLOCK_CIPHER_C ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-16 11:48:00 +01:00
Valerio Setti
8db46e4ee1 check_config: remove dependency check of CCM_C/GCM_C on CIPHER_C 
CCM_C/GCM_C can now work with either (in order of preference) CIPHER_C
or BLOCK_CIPHER_C and the latter is auto-enabled in case the former
is not enabled. As a consequence there is no need to enforce the
dependency on CIPHER_C.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-16 10:58:27 +01:00
Valerio Setti
dbfd6a9f62 adjust_legacy_crypto: auto-enable BLOCK_CIPHER_C when CIPHER_C is not defined 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-16 10:56:00 +01:00
Yanray Wang
4ed8691f6d ssl: move MBEDTLS_SSL_HAVE_XXX to config_adjust_legacy_crypto.h 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-16 15:20:57 +08:00
Manuel Pégourié-Gonnard
dc848955d6
Merge pull request #8519 from mpg/block-cipher 
[G2] Add internal module block_cipher
 2023-11-15 11:53:22 +00:00
Manuel Pégourié-Gonnard
9e80a91f27
Merge pull request #8164 from yanrayw/adjust_tfm_configs 
Adjust how we handle TF-M config files
 2023-11-15 08:21:27 +00:00
Valerio Setti
a56eb46ce6 adjust_legacy_from_psa: fix comment 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:18:14 +01:00
Valerio Setti
c2d68f5611 adjust_legacy_from_psa: treat CCM and CCM* separately 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:16:37 +01:00
Valerio Setti
cab5eff98c adjust_config_synonyms: make CCM and CCM* indipendent 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-15 09:16:37 +01:00
Jerry Yu
fedaeb21b3 improve document 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-15 13:59:07 +08:00
Jerry Yu
6c485dad44 improve document 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-15 10:18:47 +08:00
Manuel Pégourié-Gonnard
752dd39a69
Merge pull request #8508 from valeriosetti/issue6323 
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
 2023-11-14 11:39:06 +00:00
Jerry Yu
1b23bce4a2 improve brief description of conf_sig_algs 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-13 13:45:14 +08:00
Tom Cosgrove
08ea9bfa1f
Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data 
TLS 1.3: Rename early_data and max_early_data_size configuration function
 2023-11-10 19:35:46 +00:00
Manuel Pégourié-Gonnard
5f3361c0c6 Temporary hack to pacify check_names.py 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 12:24:11 +01:00
Manuel Pégourié-Gonnard
21718769d1 Start adding internal module block_cipher.c 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-11-10 11:21:17 +01:00
Valerio Setti
01c4fa3e88 ssl: move MBEDTLS_SSL_HAVE internal symbols to ssl.h 
This is useful to properly define MBEDTLS_PSK_MAX_LEN when
it is not defined explicitly in mbedtls_config.h

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-10 08:12:07 +01:00
Yanray Wang
111159b89c BLOCK_CIPHER_NO_DECRYPT: call encrypt direction unconditionally 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-10 15:03:23 +08:00
Matthias Schulz
5a39c4ecf2 Fixes https://github.com/Mbed-TLS/mbedtls/issues/6910 as proposed in https://github.com/Mbed-TLS/mbedtls/issues/6910#issuecomment-1573301661 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-09 15:53:01 +01:00
Jerry Yu
53c4a0da07 Improve documents 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-09 10:38:17 +08:00
Gilles Peskine
4dec9ebdc2
Merge pull request #8378 from mschulz-at-hilscher/fixes/issue-8377 
Fixes "CSR parsing with critical fields fails"
 2023-11-08 18:07:04 +00:00
Dave Rodgman
9eb2abd1e0 Add docs re Everest license 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:40:17 +00:00
Dave Rodgman
28d40930ae Restore bump version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:40:08 +00:00
Dave Rodgman
edb8fec988 Add docs re Everest license 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:36:00 +00:00
Yanray Wang
d137da5a93 check_config: make error message in BLOCK_CIPHER_NO_DECRYPT clearer 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 19:17:44 +08:00
Yanray Wang
30769696e7 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-11-08 10:00:24 +08:00
Matthias Schulz
c55b500343 Changed notes in x509_csr.h to better describe the behavior of mbedtls_x509_csr_parse_der and mbedtls_x509_csr_parse_der_with_ext_cb. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-07 16:47:37 +01:00
Yanray Wang
0751761b49 max_early_data_size: rename configuration function 
Rename mbedtls_ssl_tls13_conf_max_early_data_size as
mbedtls_ssl_conf_max_early_data_size since in the future
this may not be specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 11:49:34 +08:00
Yanray Wang
d5ed36ff24 early data: rename configuration function 
Rename mbedtls_ssl_tls13_conf_early_data as
mbedtls_ssl_conf_early_data since in the future this may not be
specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 11:49:24 +08:00
Yanray Wang
0d76b6ef76 Return an error if asking for decrypt under BLOCK_CIPHER_NO_DECRYPT 
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is enabled, but decryption is
still requested in some incompatible modes, we return an error of
FEATURE_UNAVAILABLE as additional indication.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00
Yanray Wang
956aa00202 check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT with PSA 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00
Gilles Peskine
8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407 
[G2] Make TLS work without Cipher
 2023-11-04 15:05:00 +00:00
Dave Rodgman
bb5a18344a Bump version 
./scripts/bump_version.sh --version 3.5.1 --so-crypto 15 --so-x509 6 --so-tls 20

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:31:30 +00:00
Dave Rodgman
e3c05853d6 Header updates 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-03 12:21:36 +00:00
Dave Rodgman
16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
Yanray Wang
b799eea123 check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-02 12:38:01 +08:00
Yanray Wang
e367e47be0 mbedtls_config: add new config option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 
With the introduction of negative option
MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we don't need to implicitly enable
it through PSA.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-02 12:36:41 +08:00
Dave Rodgman
b351d60e99 Merge remote-tracking branch 'origin/development' into msft-aarch64 2023-11-01 13:20:53 +00:00
Yanray Wang
b67b47425e Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-10-31 17:22:06 +08:00
Yanray Wang
5779096753 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-10-31 13:39:07 +08:00
Valerio Setti
d531dab4f6 check_config: let SSL_TLS depend on either CIPHER_C or USE_PSA_CRYPTO 
TLS code already implements proper dispatching to either
builtin or PSA implementations based on USE_PSA guards, so we can
improve the check_config guards to reflect this.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-30 11:36:32 +01:00
Jerry Yu
2c46ca3474 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-30 17:32:20 +08:00
Jerry Yu
83536c23f3 Add translation ruler into document 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-30 16:18:21 +08:00
Jerry Yu
01c7356944 Add deprecated flag in document for sig_hashes 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-10-27 17:03:20 +08:00
Valerio Setti
c5d9dd262b adjust_psa_from_legacy: enable ALG_STREAM_CIPHER on when CIPHER_C is defined 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-27 09:12:06 +02:00
Valerio Setti
c1d50b6314 check_config: fix dependency of PSA_CRYPTO_C on CIPHER_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-10-27 09:12:06 +02:00