mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 18:40:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
30,654 Commits 170 Branches 263 Tags
Commit Graph

30654 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pengyu Lv
7ee283362b Fix typo in ssl test suite 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2024-04-09 10:48:24 +02:00
Pengyu Lv
e2776d16ef Correct dependancy on MBEDTLS_X509_INFO for x509parse 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2024-04-09 10:48:24 +02:00
Manuel Pégourié-Gonnard
a4b773d3bb
Merge pull request #6955 from inorick/nofa_no_session_tickets 
Guard ticket specific TLS 1.3 function with macro
 2024-04-08 08:56:17 +00:00
Ronald Cron
527a2eb8c4 Add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-05 08:45:09 +02:00
Ronald Cron
233fcaadbf tls13: Do not initiate at all resumption if tickets not supported 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 15:52:40 +02:00
Ronald Cron
fe15d90f72 tls13: Fix doc of mbedtls_ssl_session_set() - 2 
Fix documentation of mbedtls_ssl_session_set()
regarding its dependency on MBEDTLS_SSL_SESSION_TICKETS
in TLS 1.3 case.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 15:52:34 +02:00
Bence Szépkúti
e4d9013518
Merge pull request #8987 from valeriosetti/issue8903 
Test gap: mbedtls_pk_check_pair with MBEDTLS_PK_OPAQUE
 2024-04-04 13:44:24 +00:00
Bence Szépkúti
a376f84eb1
Merge pull request #8937 from valeriosetti/issue8712 
Clarify the documentation of mbedtls_pk_setup_opaque
 2024-04-04 13:40:57 +00:00
Ronald Cron
d85eeae740 tls13: Fix doc of mbedtls_ssl_session_set() - 1 
It was eventually decided to not support multiple
tickets in TLS 1.3 ClientHello messages thus
removing the parts in mbedtls_ssl_session_set()
documentation that were anticipating that.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 15:39:20 +02:00
Ronald Cron
66a206c26c tls13: Fix doc of mbedtls_ssl_session_get() - 2 
Fix documentation of mbedtls_ssl_session_get()
regarding its interaction with session
ticket enablement.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 15:34:22 +02:00
Ronald Cron
81bb589090 tls13: Fix doc of mbedtls_ssl_session_get() - 1 
The API has eventually not been changed to
return multiple tickets through multiple
subsequent call to it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 15:30:55 +02:00
Ronald Cron
9314df617b tls: Fix doc of mbedtls_ssl_session_save() 
Fix documentation of mbedtls_ssl_session_save()
regarding its dependency on MBEDTLS_SSL_SESSION_TICKETS
in TLS 1.3 session case.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-04 14:07:50 +02:00
Tom Cosgrove
387aafff5b
Merge pull request #9007 from mpg/checkbox-3.6 
Add 3.6 backport checkbox to the PR template
 2024-04-04 10:33:22 +00:00
Manuel Pégourié-Gonnard
b76573c662 We now have two LTS branches to backport to. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-04 10:44:18 +02:00
Valerio Setti
1c7f5dea8b pk: fix documentation of mbedtls_pk_setup_opaque() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:39:12 +02:00
Ronald Cron
cf47a15e96 ssl_msg.c: Rename _check_new_session_ticket to _is_new_session_ticket 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-02 17:46:52 +02:00
Ronald Cron
dd96c0a2df all.sh: Use full instead of default as the base for the new component 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-02 17:46:44 +02:00
Ronald Cron
d64fcee58c tests: ssl: Fix dependencies of SRV TLS 1.3 session serialization tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-04-02 12:25:56 +02:00
Paul Elliott
30978ec650
Merge pull request #8874 from stevenwdv/development 
Fix compilation on macOS without apple-clang
 2024-03-29 13:59:36 +00:00
minosgalanakis
e146940714
Merge pull request #1216 from Mbed-TLS/mbedtls-3.6.0_mergeback 
Mbedtls 3.6.0 mergeback
 2024-03-28 14:31:03 +00:00
Minos Galanakis
9860056006 Revert "Autogenerated files for 3.6.0" 
This reverts commit e8a6833b2878f1c08b8f96fe35e2812367e32ef3.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-27 17:36:15 +00:00
Ronald Cron
ceae4f85ea ssl-opt.sh: Add tests where tickets are ignored 
Add tests where we explicitely check that
tickets are ignored on client side when
the support is not enabled.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:37:37 +01:00
Ronald Cron
7df18bc210 tls13: cli: Ignore tickets if not supported 
If a TLS 1.3 client receives a ticket and
the feature is not enabled, ignore it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:37:37 +01:00
Norbert Fabritius
4f1c9278cc ssl-opt.sh: Add missing MBEDTLS_SSL_SESSION_TICKETS dependencies 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:37:37 +01:00
Norbert Fabritius
d30e91150e all.sh: Add component testing default minus session tickets 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:37:37 +01:00
Ronald Cron
161e14faf6 tests: ssl: Fix dependencies of TLS 1.3 session serialization tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:37:37 +01:00
Ronald Cron
8d15e0114b tests: ssl: Add hostname checks in session serialization tests 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:37:31 +01:00
Ronald Cron
ad0ee1a7c4 tests: ssl: Remove redundant test 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:18:04 +01:00
Ronald Cron
18b92a1aec tests: ssl: Fix session field guards 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 09:07:50 +01:00
Norbert Fabritius
d36913a58f Constify parameter of ssl_tls13_session_load 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
 2024-03-27 08:22:53 +01:00
Norbert Fabritius
8ceeff95e9 Enable ssl_tls13_get_ciphersuite_hash_alg only if macro is active 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
 2024-03-27 08:22:53 +01:00
Norbert Fabritius
d60aef0f1b Unconditionally define session variable 
Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
 2024-03-27 08:22:53 +01:00
Ronald Cron
1f045f3a0c tls13: srv: Fix guards of _is_psk_(ephemeral_)available 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-27 08:22:53 +01:00
Norbert Fabritius
96eed725e1 Guard ticket specific TLS 1.3 function with macro 
Guard ssl_tls13_write_new_session_ticket_coordinate with
MBEDTLS_SSL_SESSION_TICKETS macro.

Signed-off-by: Norbert Fabritius <norbert.fabritius@esrlabs.com>
 2024-03-27 08:22:53 +01:00
minosgalanakis
2ca6c285a0
Merge pull request #1215 from Mbed-TLS/mbedtls-3.6.0rc1-pr 
Mbedtls 3.6.0rc1
v3.6.0 mbedtls-3.6.0 		2024-03-26 14:58:02 +00:00
Minos Galanakis
078f823843 Merge pull request #8990 from tom-cosgrove-arm:record-size-limit-support-is-now-released 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-26 12:32:00 +00:00
Minos Galanakis
a11b9d69dd Merge pull request #8989 from tom-cosgrove-arm:fix-typo-in-psa_key_production_parameters_t-doc 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-26 12:31:38 +00:00
Tom Cosgrove
f02c6ef86d Fix typo in psa_key_production_parameters_t doc: 65535 should be 65537 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2024-03-26 12:25:07 +00:00
Tom Cosgrove
1b3b1743f5 Record size limit support is released, so remove warning about only for testing 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2024-03-26 12:23:49 +00:00
Valerio Setti
ec2cfb042c test_suite_pk: test check_pair() also with opaque RSA keys 
check_pair() is not supported by opaque RSA keys, but we want
to be sure that calling this functions fails nicely instead
for crashing.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-25 14:46:45 +01:00
Valerio Setti
f9f63edbe4 pk: fix typos in description of mbedtls_pk_setup_opaque() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-25 09:38:05 +01:00
minosgalanakis
7424296082
Merge pull request #1213 from Mbed-TLS/mbedtls-3.6.0rc0-pr 
Mbedtls 3.6.0 Release Candidate
 2024-03-22 22:50:33 +00:00
Minos Galanakis
e8a6833b28 Autogenerated files for 3.6.0 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-22 16:00:55 +00:00
Minos Galanakis
8d94aec75c Fix some Changelog typos 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-22 16:00:55 +00:00
Valerio Setti
ac81e23c33 pk: add check_pair info to mbedtls_pk_setup_opaque() documentation 
This also updates use-psa-crypto.md accordingly.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-22 14:36:41 +01:00
Valerio Setti
f0d4c9a7e2 test_suite_pk: add failing check for sign_ext() in pk_psa_wrap_sign_ext() 
If the wrapped key has a PKCS1 v1.5 signature algorithm, then try
to call sign_ext() to perform PSA RSS. Of course this will fail
because it's not supported by the wrapped key.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-22 14:36:41 +01:00
Valerio Setti
afa6d51442 pk: simplify mbedtls_pk_sign_ext() 
In case of opaque keys skip the check of the supported primary/enrollment
algorithms. Just try to perfom the signature and if the wrapped key
does not support RSA PSS the operation will fail automatically.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-22 14:36:38 +01:00
Minos Galanakis
4492dbd286 Version Bump for 3.6.0 
./scripts/bump_version.sh --version 3.6.0 --so-crypto 16 --so-x509 7  --so-tls 21

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-22 11:46:25 +00:00
Minos Galanakis
2c1daef183 Assemble Changelog 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-22 11:46:25 +00:00
Minos Galanakis
96948e9a7b Merge pull request #8980 from adeaarm/fix_jinja_template 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-22 11:44:46 +00:00