mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-27 06:35:22 +00:00

Author	SHA1	Message	Date
toth92g	27f9e7815c	Adding openssl configuration file and command to Makefile to be able to reproduce the certificate for testing Authority and Subject Key Id fields Increasing heap memory size of SSL_Client2 and SSL_Server2, because the original value is not enough to handle some certificates. The AuthorityKeyId and SubjectKeyId are also parsed now increasing the size of some certificates Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:27 +02:00
Manuel Pégourié-Gonnard	23fc437037	SSL: fix test failures 1. Change USE_PSA_CRYPTO_INIT/DONE to MD_OR_USE. 2. Add missing occurrences - some of these were already necessary in principle (in one form or another) but where missing and this was not detected so far as `psa_hash` doesn't complain in case of a missing init, but now MD makes it visible. 3. Add missing include in ssl_test_lib.h. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Manuel Pégourié-Gonnard	bef824d394	SSL: use MD_CAN macros Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Gilles Peskine	2a44ac245f	Merge pull request #7217 from lpy4105/issue/6840/add-cache-entry-removal-api ssl_cache: Add cache entry removal api	2023-03-15 15:38:06 +01:00
Pengyu Lv	f30488f5cd	Move the usage string of cache_remove to USAGE_CACHE Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-15 09:53:45 +08:00
Pengyu Lv	753d02ffd4	ssl_server2: Add options to support cache removal Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-13 09:28:17 +08:00
Dave Rodgman	5e5aa4a4e6	Merge pull request #7218 from tom-cosgrove-arm/fix-typos-230307 Fix typos in development prior to release	2023-03-08 17:19:59 +00:00
Tom Cosgrove	5c8505f061	Fix typos Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-07 11:39:52 +00:00
Valerio Setti	5ba1d5eb2c	programs: use proper macro for ECDSA capabilities in ssl_sever2 Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-02-23 08:15:17 +01:00
Dave Rodgman	f31c9e441b	Merge pull request #7019 from tom-cosgrove-arm/dont-use-cast-assignment-in-ssl_server2.c Don't use cast-assignment in ssl_server.c	2023-02-06 12:13:08 +00:00
Tom Cosgrove	de85725507	Don't use cast-assignment in ssl_server.c Would have used mbedtls_put_unaligned_uint32(), but alignment.h is in library/. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-02-03 16:38:05 +00:00
Aditya Deshpande	644a5c0b2b	Fix bugs in example programs: change argc == 0 to argc < 2 Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2023-01-30 16:48:13 +00:00
Pengyu Lv	e2f1dbf5ae	update docs of ssl_client2 and improve code format Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-01-16 12:38:12 +08:00
Pengyu Lv	302feb3955	add cases to test session resumption with different ticket_flags This commit add test cases to test if the check of kex change mode in SessionTicket works well. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-01-13 11:05:56 +08:00
Gilles Peskine	449bd8303e	Switch to the new code style Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-01-11 14:50:10 +01:00
Jerry Yu	a15af37867	Change time resolution of reco_delay from second to millionseconds Per gnutls anti replay issue, it needs millionsecond time delay for improve the fail rate. From test result of #6712, this can improve the fail rate from 4% to 92%. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-01-07 13:01:42 +08:00
Manuel Pégourié-Gonnard	c98624af3c	Merge pull request #6680 from valeriosetti/issue6599 Allow isolation of EC J-PAKE password when used in TLS	2022-12-14 11:04:33 +01:00
Valerio Setti	d75c5c4405	test: pake: fail in case the opaque key is destroyed unexpectedly Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-13 11:51:32 +01:00
Valerio Setti	785116a5be	test: pake: modify opaque key verification before destruction Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-12 11:59:25 +01:00
Valerio Setti	eb3f788b03	tls: pake: do not destroy password key in TLS Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-08 18:42:58 +01:00
Valerio Setti	d5fa0bfb85	test: pake: check psa key validity before destroying it Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-07 16:02:42 +01:00
Ronald Cron	fbba0e9d75	Merge pull request #6537 from yuhaoth/pr/tls13-refactor-early-data-configuration-interface TLS 1.3: Refactor early data configuration interface.	2022-12-07 09:42:12 +01:00
Jerry Yu	d146a37d56	Change the definition of max_early_data_size argument. `conf_max_early_data_size` does not reuse as en/disable. When call it, we should call `conf_early_data()` also. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-06 14:56:54 +08:00
Jerry Yu	2c93fc1544	Revert "Add reco_debug_level to reduce debug output" This reverts commit a6934776c90a834a321daf7eeb35f2ad7d402c50. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-06 11:05:54 +08:00
Jerry Yu	54dfcb7794	fix comments and debug info issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-05 15:43:09 +08:00
Tom Cosgrove	1797b05602	Fix typos prior to release Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-12-04 17:19:59 +00:00
Valerio Setti	d6feb20869	test: pake: allow opaque password only when USE_PSA is enabled Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-02 14:28:49 +01:00
Jerry Yu	7854a4e019	Add max_early_data_size option for ssl_sever2 - to set max_early_data_set Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-01 23:11:48 +08:00
Jerry Yu	a6934776c9	Add reco_debug_level to reduce debug output Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-01 23:11:48 +08:00
Valerio Setti	661b9bca75	test: psa_pake: add specific log message for the opaque password Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-29 17:28:17 +01:00
Valerio Setti	77e8315f5b	fix formatting and typos Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-29 17:28:04 +01:00
Valerio Setti	d572a82df9	tls: psa_pake: add test for opaque password Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-29 11:30:56 +01:00
Xiaokang Qian	2cd5ce0c6b	Fix various issues cause rebase to latest code Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-15 10:33:53 +00:00
Xiaokang Qian	9a0aafbe79	Enable/disable MBEDTLS_SSL_EARLY_DATA for cases in ssl-opt.sh Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-15 02:49:46 +00:00
Xiaokang Qian	0e97d4d16d	Add early data indication to client side Add fields to mbedtls_ssl_context Add write early data indication function Add check whether write early data indication Add early data option to ssl_client2 Add test cases for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:13:50 +00:00
Gilles Peskine	fd7aa13671	Merge pull request #6436 from yanrayw/ssl_client2-add-build-version Add build version to the output of ssl_client2 and ssl_server2	2022-11-10 14:39:38 +01:00
Jerry Yu	2883219edb	Improve output message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-30 13:53:31 +08:00
Jerry Yu	c3a7fa386e	Update output message when certification verified fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-28 12:38:33 +08:00
Jerry Yu	ad9e99bd2e	fix session resumption fail when hostname is not localhost Change-Id: Icb2f625bb11debb5c7cae36e34d7270f7baae4d5 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-28 12:30:58 +08:00
Yanray Wang	eaf46d1291	Add output of build version in ssl_server2 Usage: - By default, build version is printed out in the beginning of ssl_server2 application. - ./ssl_server2 build_version=1 only prints build verison and stop Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2022-10-28 10:53:50 +08:00
Yanray Wang	84645e92c6	Simplify code of adding output in ssl_client2 - print build version macro defined in build_info.h directly - Remove all the MBEDTLS_VERSION_C guards as build version information is always available in build_info.h Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2022-10-28 10:53:22 +08:00
Gilles Peskine	744fd37d23	Merge pull request #6467 from davidhorstmann-arm/fix-unusual-macros-0 Fix unusual macros	2022-10-25 19:55:29 +02:00
David Horstmann	3f44e5b11a	Refactor macro-spanning if in ssl_server2.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-24 13:12:19 +01:00
David Horstmann	f160ef1dd1	Refactor macro-spanning if in ssl_client2.c Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-10-24 13:11:38 +01:00
Yanray Wang	7f9ddb584a	Merge branch 'Mbed-TLS:development' into ssl_client2-add-build-version	2022-10-24 12:19:39 +08:00
Ronald Cron	73fe8df922	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED to guard TLS code (both 1.2 and 1.3) specific to handshakes involving PSKs. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	e68ab4f55e	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to guard TLS code (both TLS 1.2 and 1.3) specific to handshakes involving certificates. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	81378b72e8	programs: ssl: Remove dependency on TLS 1.3 for "sig_algs" option Signature algorithms can be specified through the sig_algs option for TLS 1.2 as well. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:40:56 +02:00
Ronald Cron	20a8e63b23	programs: ssl: Fix some mbedtls_ssl_conf_sig_algs() guards Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:36:43 +02:00
Yanray Wang	076b2d062f	Improve the method of printing string build version Following changes are introduced with this commit: - Call mbedtls_version_get_string before printing string build version instead of printing macro directly - Output build version in the beginning of ssl_client2 program Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2022-10-21 11:22:44 +08:00

1 2 3 4 5 ...

1105 Commits