mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-03 01:20:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
31,227 Commits 172 Branches 267 Tags
Commit Graph

2027 Commits

Author SHA1 Message Date
Bence Szépkúti
e7fdfdb913
Merge pull request #9123 from eleuzi01/replace-mbedtls-md-can-md5 
Replace MBEDTLS_MD_CAN_MD5 with PSA_WANT_ALG_MD5
 2024-07-18 16:17:25 +00:00
Paul Elliott
b449476595
Merge pull request #9354 from eleuzi01/replace-ecp-have-secp512r1 
Replace MBEDTLS_ECP_HAVE_SECP521R1 with PSA_WANT_ECC_SECP_R1_521
 2024-07-18 15:55:41 +00:00
Paul Elliott
df772da34e
Merge pull request #9358 from eleuzi01/replace-curve 
Replace MBEDTLS_ECP_HAVE_CURVE* with PSA_WANT counterparts
 2024-07-18 13:54:26 +00:00
Elena Uziunaite
b66a991f04 Replace MBEDTLS_MD_CAN_MD5 with PSA_WANT_ALG_MD5 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-18 14:31:59 +03:00
Gilles Peskine
9a75dddb5c
Merge pull request #9350 from eleuzi01/replace-ecp-have-secp224r1 
Replace MBEDTLS_ECP_HAVE_SECP224R1 with PSA_WANT_ECC_SECP_R1_224
 2024-07-17 13:48:40 +00:00
Elena Uziunaite
b8d10876d1 Replace MBEDTLS_ECP_HAVE_BP*R1 with PSA_WANT counterparts 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-16 21:48:55 +03:00
Elena Uziunaite
24e24f2b5a Replace MBEDTLS_ECP_HAVE_SECP521R1 with PSA_WANT_ECC_SECP_R1_521 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-16 21:43:30 +03:00
Elena Uziunaite
eaa0cf0de6 Replace MBEDTLS_ECP_HAVE_SECP224R1 with PSA_WANT_ECC_SECP_R1_224 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-16 17:00:31 +03:00
Gilles Peskine
cb854d5d19
Merge pull request #9356 from eleuzi01/replace-ecp-have-secp-k1 
Replace MBEDTLS_ECP_HAVE_SECP*K1 with PSA_WANT counterparts
 2024-07-16 13:57:46 +00:00
Elena Uziunaite
9e85c9f0f4 Replace MBEDTLS_ECP_HAVE_SECP*K1 with PSA_WANT counterparts 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-15 12:11:55 +03:00
Elena Uziunaite
a363286c9f Replace MBEDTLS_ECP_HAVE_SECP192R1 with PSA_WANT_ECC_SECP_R1_192 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-15 11:24:49 +03:00
Elena Uziunaite
0b5d48ebbf Replace MBEDTLS_ECP_HAVE_CURVE* with PSA_WANT counterparts 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-11 13:20:35 +03:00
Elena Uziunaite
0916cd702f Replace MBEDTLS_MD_CAN_SHA256 with PSA_WANT_ALG_SHA_256 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-11 11:13:35 +03:00
Gilles Peskine
4efd1645e8
Merge pull request #8983 from Troy-Butler/handle-null-args 
Fix NULL argument handling in mbedtls_xxx_free() functions
 2024-07-04 14:50:55 +00:00
Ronald Cron
2cf41a273e
Merge pull request #9171 from eleuzi01/replace-mbedtls-md-can-sha384 
Replace MBEDTLS_MD_CAN_SHA384 with PSA_WANT_ALG_SHA_384
 2024-07-04 08:56:52 +00:00
Elena Uziunaite
b476d4bf21 Replace MBEDTLS_MD_CAN_SHA384 with PSA_WANT_ALG_SHA_384 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-03 10:20:41 +01:00
Elena Uziunaite
fcc9afaf9d Replace MBEDTLS_MD_CAN_SHA224 with PSA_WANT_ALG_SHA_224 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-02 11:08:04 +01:00
Tom Cosgrove
f41272099b
Merge pull request #9242 from sezrab/fix-function-parameter 
Fix incorrect array length in function prototype
 2024-06-13 07:55:50 +00:00
Sam Berry
3504c88916 Fix incorrect array length in function prototype 
Issue #9179 (MBEDTLS_SSL_CID_OUT_LEN_MAX changed to
MBEDTLS_SSL_CID_IN_LEN_MAX in library\ssl.h and library\ssl_tls.c)

Signed-off-by: Sam Berry <sam.berry@arm.com>
 2024-06-11 14:46:31 +01:00
lhuang04
54adeab866 set psk to null in ssl_psk_remove 
Summary:
set the psk to null after it is released.

Test Plan:

Reviewers:

Subscribers:

Tasks:

Tags:
Signed-off-by: lhuang04 <lhuang04@fb.com>
 2024-06-10 12:17:11 -07:00
Manuel Pégourié-Gonnard
a4b773d3bb
Merge pull request #6955 from inorick/nofa_no_session_tickets 
Guard ticket specific TLS 1.3 function with macro
 2024-04-08 08:56:17 +00:00
Ronald Cron
233fcaadbf tls13: Do not initiate at all resumption if tickets not supported 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 15:52:40 +02:00
Troy-Butler
da73abc8d7 Fix NULL handling in mbedtls_ssl_config.free() function 
Signed-off-by: Troy-Butler <squintik@outlook.com>
 2024-04-02 13:37:31 -04:00
Norbert Fabritius
d36913a58f Constify parameter of ssl_tls13_session_load 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
 2024-03-27 08:22:53 +01:00
Minos Galanakis
b70f0fd9a9 Merge branch 'development' into 'development-restricted' 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-19 22:24:40 +00:00
Waleed Elmelegy
4dfb0e7c90 Add ALPN checking when accepting early data 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-15 12:12:15 +00:00
Waleed Elmelegy
131b2ffd89 Fix bug in ALPN negotiating 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-15 12:12:15 +00:00
Waleed Elmelegy
b28ab0a45a Fix code style in ssl_tls.c 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
daa4da781a Increase ALPN length in saved session to 2 bytes 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
7dfba34475 Fix possible overflow in ALPN length when saving session 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
75e33fa12e Fix code style in ssl_tls.c 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
fe9ae085e3 Update serialized session description with ALPN information 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
1102563685 Add ALPN bit flag to session header 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
883f77cb08 Add mbedtls_ssl_session_set_alpn() function 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
2824a209bc Add ALPN information in session tickets 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Ronald Cron
05d7cfbd9c tls13: cli: Rename STATE_UNKNOWN to STATE_IDLE 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-12 17:48:18 +01:00
Ronald Cron
d2884662c1 tls13: cli: Split early data user status and internal state 
Do not use the return values of
mbedtls_ssl_get_early_data_status()
(MBEDTLS_SSL_EARLY_DATA_STATUS_ macros)
for the state of the negotiation and
transfer of early data during the
handshake.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-12 17:48:15 +01:00
David Horstmann
93fa4e1b87 Merge branch 'development' into buffer-sharing-merge 2024-03-12 15:05:06 +00:00
Ronald Cron
7e1f9f290f
Merge pull request #8854 from ronald-cron-arm/tls13-srv-max-early-data-size 
TLS 1.3: Enforce max_early_data_size on server
 2024-03-09 00:16:07 +00:00
Ronald Cron
139a4185b1
Merge pull request #8587 from yanrayw/issue/4911/ssl_setup-check-RNG-configuration 
TLS: check RNG when calling mbedtls_ssl_setup()
 2024-03-08 07:38:39 +00:00
David Horstmann
71fa1a94e7 Fix code style 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 12:32:18 +00:00
David Horstmann
76ba26a542 Fixup: add peer_cert_digest_type to comment 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 12:03:35 +00:00
David Horstmann
f686f1dc17 Fix naming inconsistencies in config bits 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 11:20:32 +00:00
Ronald Cron
19bfe0a631 tls13: Rename early_data_count to total_early_data_size 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
26a9811027 ssl: Add early_data_count field 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:03:51 +01:00
David Horstmann
531aca2810 Fix missing fields in ssl session struct comment 
The endpoint and version were factorized out into the main session.
Update the session struct comment to reflect these new fields, as was
previously missed.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 18:14:28 +00:00
David Horstmann
cb01b361e1 Move session descriptions into a single comment 
Describe the TLS 1.2, TLS 1.3 and full session structs in the same
place for ease of reference.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 18:10:13 +00:00
David Horstmann
80a9668762 Add config guards to session struct comments 
This shows which fields of the session are dependent on which config
options.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 18:00:32 +00:00
David Horstmann
e59f970f28 Move session functions to same part of file 
Ensure that session save and load functions are not scattered
throughout ssl_tls.c but are in the same part of the file.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 17:50:44 +00:00
David Horstmann
92b258bb50 Update ssl session serialization config bitflag 
Add config bits for server name indication, early data and record size
limit, which all cause the serialized session to be structured
differently.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 17:41:31 +00:00