mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-31 00:32:50 +00:00

Author	SHA1	Message	Date
Waleed Elmelegy	3ff472441a	Fix warning in ssl_tls13_generic.c Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:28 +00:00
Waleed Elmelegy	f501790ff2	Improve comments across record size limit changes Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:28 +00:00
Waleed Elmelegy	fbe42743eb	Fix issue in checking in writing extensions Fix issue in checking if server received record size limit extension. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	e1ac98d888	remove mbedtls_ssl_is_record_size_limit_valid function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	d2fc90e024	Stop sending record size limit extension if it's not sent from client Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	148dfb6457	Change record size limit writing function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Waleed Elmelegy	47d2946943	tls13: server: write Record Size Limit ext in EncryptedExtensions - add the support in library - update corresponding test cases. Signed-off-by: Yanray Wang <yanray.wang@arm.com> Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Yanray Wang	42017cd4c9	tls13: cli: write Record Size Limit ext in ClientHello - add the support in library - update corresponding test case Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2024-01-10 16:17:27 +00:00
Yanray Wang	faf70bdf9d	ssl_tls13_generic: check value of RecordSizeLimit in helper function Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2024-01-10 16:17:27 +00:00
Yanray Wang	a8b4291836	tls13: add generic function to write Record Size Limit ext Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2024-01-10 16:17:27 +00:00
Tom Cosgrove	3a6059beca	Merge pull request #7455 from KloolK/record-size-limit/comply-with-limit Comply with the received Record Size Limit extension	2024-01-09 15:22:17 +00:00
Manuel Pégourié-Gonnard	4aad0ff510	Merge pull request #8632 from valeriosetti/issue8598 [G5] Make block_cipher work with PSA	2024-01-08 08:07:53 +00:00
Waleed-Ziad Maamoun-Elmelegy	e2d3db5cfc	Update mbedtls_ssl_get_output_record_size_limit signature Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Waleed-Ziad Maamoun-Elmelegy <122474370+waleed-elmelegy-arm@users.noreply.github.com>	2024-01-05 14:19:16 +00:00
Dave Rodgman	a021d63bf7	Merge pull request #8642 from daverodgman/default-compiler-all CI perf: Use clang by default in all.sh	2024-01-04 12:58:54 +00:00
Manuel Pégourié-Gonnard	5bad043c06	Merge pull request #8641 from valeriosetti/issue8358 G3-G4 wrap-up	2024-01-04 10:48:00 +00:00
Valerio Setti	c1c6858bfc	cipher_wrap: fix guards for some CCM/GCM functions Legacy CCM and GCM can work even when AES_C is not defined thanks to the block_cipher module, so we can relax guards in cipher_wrap. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-02 17:20:58 +01:00
Dave Rodgman	84125a167e	Merge remote-tracking branch 'origin/development' into default-compiler-all Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-01-02 11:42:38 +00:00
Valerio Setti	e581e140cc	oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C This commit also updates test_suite_pkparse.data file adding MBEDTLS_CIPHER_C dependencies whenever PKCS[5/12] is used. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-29 16:35:58 +01:00
Waleed Elmelegy	6a971fd61a	Refactor and improve Record size limit handling Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-28 17:48:16 +00:00
Valerio Setti	1fff4f2012	psa: add key_type as input parameter of psa_can_do_cipher() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-28 18:33:17 +01:00
Valerio Setti	1994e72e18	check_config/block_cipher: minor improvements Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-28 18:33:04 +01:00
Valerio Setti	a69e872001	pkcs[5/12]: add CIPHER_C for [en/de]crypting functions This commit also updates corresponding test suites. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-21 16:39:04 +01:00
Dave Rodgman	3bc249959c	Merge branch 'development' into default-compiler-all Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-21 14:35:14 +00:00
Tom Cosgrove	c6088eceb4	Merge pull request #8384 from paul-elliott-arm/remove_ssl_null_tls12 Remove NULLing of ssl context in TLS1.2 transform population	2023-12-21 13:28:09 +00:00
Gilles Peskine	4bf4473ef0	Merge pull request #8633 from Wenxing-hou/clear_clienthello_comment Make clienthello comment clear	2023-12-21 12:09:23 +00:00
Gilles Peskine	0e6fdc4f1d	Merge pull request #8342 from yanesca/threading_test_pc Threading test proof of concept and plan	2023-12-21 12:08:41 +00:00
Waleed Elmelegy	65e3046e18	Fix code style in ssl_tls.c Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-20 17:55:10 +00:00
Waleed Elmelegy	049cd302ed	Refactor record size limit extension handling Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-20 17:28:31 +00:00
Tomi Fontanilles	851d8df58d	fix/work around dependency issues when !MBEDTLS_ECP_C Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>	2023-12-20 13:09:27 +02:00
Tomi Fontanilles	9f41770313	pk_*: remove remaining references to MBEDTLS_PSA_CRYPTO_C For real this time. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 13:05:55 +02:00
Tomi Fontanilles	bad170e159	pk: remove last references to MBEDTLS_PSA_CRYPTO_C They are replaced by MBEDTLS_USE_PSA_CRYPTO. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 12:59:57 +02:00
Tomi Fontanilles	1941af087c	pk_wrap: remove last references to MBEDTLS_PSA_CRYPTO_C Deprecated functions are removed and #ifdefs are updated accordingly. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 12:59:57 +02:00
Tomi Fontanilles	573dc23141	rsa: introduce rsa_internal_rsassa_pss_sign_no_mode_check() And use it in the non-PSA version of mbedtls_pk_sign_ext() to bypass checks that didn't succeed when used by TLS 1.3. That is because in the failing scenarios the padding of the RSA context is not set to PKCS_V21. See the discussion on PR #7930 for more details. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 12:59:57 +02:00
Tomi Fontanilles	8174662b64	pk: implement non-PSA mbedtls_pk_sign_ext() This makes the function always available with its its implementation depending on MBEDTLS_USE_PSA_CRYPTO. Related dependencies and tests are updated as well. Fixes #7583. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>	2023-12-20 12:59:57 +02:00
Valerio Setti	689c0f71cb	tests: use new CCM/GCM capability macros in tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-20 09:54:18 +01:00
Manuel Pégourié-Gonnard	a4b38f24fd	Merge pull request #8579 from valeriosetti/issue7995 PK: clean up pkwrite	2023-12-20 08:20:10 +00:00
Valerio Setti	50333977c6	cipher_wrap: fix guards for alloc/free functions of CCM/GCM Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-20 07:36:05 +01:00
Dave Rodgman	a69c782351	Merge pull request #8634 from daverodgman/iar-fixes IAR warning fix & some improvements	2023-12-19 16:26:23 +00:00
Dave Rodgman	d47186d6e3	Disable automatic setting of clang target flags on old clang Old versions of clang don't support this pragma, so we have to assume that the user will have set the flags. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-19 13:11:47 +00:00
Valerio Setti	7f062a58fb	pkwrite: add newlines when calling mbedtls_pem_write_buffer() New defines, which are shared with the pkparse module, lack the new line so we manually add it when invoking mbedtls_pem_write_buffer(). Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-19 07:48:42 +01:00
Valerio Setti	4bb5740a7d	Revert "pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()" This reverts commit 180915018dd04f6ad66faa3e9fc66813a221643d. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-19 07:48:38 +01:00
Paul Elliott	8860021abc	Fix false claim of variables used unitialised GCC with TSan + O3 causes an error where it claims key_len and iv_len may be used uninitialised. This is, as far as I can tell incorrect (the only way it could not be set is in the error case, and then it is not used), however the simplest option seemed to be just to fix it. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-12-18 14:49:34 +00:00
Dave Rodgman	af616d9123	Merge remote-tracking branch 'origin/development' into iar-fixes	2023-12-18 13:38:22 +00:00
Manuel Pégourié-Gonnard	8f1c36df00	Merge pull request #8607 from valeriosetti/issue8602 Make enrollement "optional" in pk_can_do_ext()	2023-12-18 11:30:04 +00:00
Bence Szépkúti	a085fa8ccf	Merge pull request #8627 from tom-cosgrove-arm/ip_len Avoid use of `ip_len` as it clashes with a macro in AIX system headers	2023-12-18 02:03:17 +00:00
Valerio Setti	4ff405cf80	block_cipher: remove psa_key_type from mbedtls_block_cipher_context_t This information was redundant with the already existing mbedtls_block_cipher_id_t. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-15 16:10:52 +01:00
Dave Rodgman	543d275c68	Merge pull request #8635 from daverodgman/asan-opt CI perf - prefer clang for Asan	2023-12-15 13:25:02 +00:00
Manuel Pégourié-Gonnard	cddab78612	Merge pull request #8630 from joerchan/mbedtls-tfm-compat Mbedtls tfm compat	2023-12-15 09:31:27 +00:00
Dave Rodgman	815b240d72	Fix unused function/variable warnings from clang Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-14 23:20:48 +00:00
Valerio Setti	bd7528a592	ccm/gcm: use BLOCK_CIPHER whenever possible Prefer BLOCK_CIPHER instead of CIPHER_C whenever it's enabled. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-14 18:08:14 +01:00

1 2 3 4 5 ...

12589 Commits