mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-06 21:40:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
30,666 Commits 170 Branches 263 Tags
Commit Graph

30666 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
BensonLiou
368debd384 Merge branch 'development' of https://github.com/Mbed-TLS/mbedtls into random_bye_on_hrr 2024-03-14 11:42:25 +08:00
Gilles Peskine
5c77ad0f4f
Merge pull request #8926 from gilles-peskine-arm/lcov-cannot-write-investigation 
Work around a bug in ancient lcov
 2024-03-13 17:52:15 +00:00
Waleed Elmelegy
b28ab0a45a Fix code style in ssl_tls.c 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
daa4da781a Increase ALPN length in saved session to 2 bytes 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
5bc5263b2c Add code improvments and refactoring in dealing with ALPN 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
7dfba34475 Fix possible overflow in ALPN length when saving session 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
75e33fa12e Fix code style in ssl_tls.c 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
fe9ae085e3 Update serialized session description with ALPN information 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
1102563685 Add ALPN bit flag to session header 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
883f77cb08 Add mbedtls_ssl_session_set_alpn() function 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Waleed Elmelegy
2824a209bc Add ALPN information in session tickets 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-03-13 16:50:01 +00:00
Gilles Peskine
539d7d54af Work around a bug in ancient lcov 
lcov had a bug whereby it tries to create the output file relative to /
if it has emitted a warning. We do CI runs on Ubuntu 16.04 which is too
old to have the fix. As a quick fix for the CI, work around the bug.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-13 17:19:17 +01:00
Ryan Everett
f111f35478 Add test cases for concurrently_use_same_persistent_key 
There is a 1-1 correlation between these test cases and the test cases for import_and_exercise_key.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-13 14:31:11 +00:00
Ryan Everett
50619991c8 Add test function for concurrently using the same persistent key 
The thread functions can also be used in future tests for other key types
and other test scenarios

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-13 14:31:11 +00:00
Ryan Everett
fbf815d9cb Add key_destroyable parameter to key export smoke tests 
These are only called from mbedtls_test_psa_exercise_key

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-13 14:31:11 +00:00
Ryan Everett
73e4ea37f4 Add key_destroyable parameter to non-raw key agreement smoke tests 
All current usages have this parameter set to 0 (this means the tests are unchanged).
Remove the GENERIC_ERROR return behaviour, in favour of returning the actual status.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-13 14:31:11 +00:00
Dave Rodgman
775c7768ee
Merge pull request #8877 from gilles-peskine-arm/split-minimal-3.6 
Create a minimal framework submodule
 2024-03-13 14:30:09 +00:00
David Horstmann
0634168296 Reference issue #3266 
This is the issue that tracks incomplete support for buffer overlap, so
we should refer to it when we discuss partial support whenever
MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS is set.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-13 14:12:10 +00:00
David Horstmann
eff3d1ebb5 Use the exact phrase 'shared memory' 
This allows people searching for this phrase to find this ChangeLog
entry.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-13 14:12:10 +00:00
David Horstmann
5aef299006
Merge pull request #1197 from tom-daubney-arm/buffer_sharing_cleanup 
Buffer sharing cleanup
 2024-03-13 13:55:47 +00:00
David Horstmann
4407aba552 Mention the CVE number that is fixed 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-13 13:34:31 +00:00
David Horstmann
7fc35a5ea1 Reword ChangeLog entry. Specifically: 
* Fix a grammatical typo
* Mention shared memory
* Mention overlap support in the security section
* Improve wording

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-13 13:30:55 +00:00
Paul Elliott
0493ab56a4 Add PSA threaded init tests 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-03-13 12:39:02 +00:00
Paul Elliott
838886da64 Protect the key slot management initialised flag 
Use the global data mutex, as the key slot mutex has to be held in some
of the functions where we are testing the flag, and we already hold the
global data mutex when calling the functions where the flag is set.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-03-13 12:39:02 +00:00
Paul Elliott
47cee8e2ee Add mbedtls_psa_crypto_init_subsystem() 
Internal only for now, but can be made external with some more
work. Break up psa_crypto_init into chunks to prevent deadlocks when
initialising RNG, likewise break up mbedtls_crypto_free() to stop having
to hold more than one mutex at a time.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-03-13 12:39:02 +00:00
BensonLiou
bedd2519e6 fix code style 
Signed-off-by: BensonLiou <momo1208@gmail.com>
 2024-03-13 20:31:24 +08:00
Gilles Peskine
93b282232f missing word 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-13 13:08:57 +01:00
Ronald Cron
40043d03a5
Merge pull request #8884 from ronald-cron-arm/improve-early-data-status 
TLS 1.3: CLI: Split early data user status and internal state
 2024-03-13 11:59:49 +00:00
Dave Rodgman
e95bf79754
Merge pull request #8922 from daverodgman/gcc-o3 
Fix gcc -O3 warnings
 2024-03-13 11:47:14 +00:00
Thomas Daubney
dca796b966 Remove further instance of LOCAL_OUTPUT_WITH_COPY 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-03-13 10:59:19 +00:00
Manuel Pégourié-Gonnard
fb84c7681c
Merge pull request #8889 from gilles-peskine-arm/pk-psa-bridge-3.6-doc 
Document PK-PSA bridge functions
 2024-03-13 10:55:36 +00:00
Bence Szépkúti
ae0d97ab8b Update compilers list in docs and changelog 
Drop support for MSVC 2013, 2015 and Arm Compiler 5

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-03-13 11:23:16 +01:00
Bence Szépkúti
0719d7c3d8 Update the MSBuild toolset versions to VS2017 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-03-13 11:23:16 +01:00
Bence Szépkúti
fac1122b85 Rename solution files to referece VS2017 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-03-13 11:23:16 +01:00
Dave Rodgman
60c2f47f98
Merge pull request #8888 from minosgalanakis/features/add_ssl_session_accessor_8529 
[MBEDTLS_PRIVATE] Add accessor for session and ciphersuite_id
 2024-03-13 10:02:15 +00:00
Dave Rodgman
386c39f2d5 Check gcc version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-03-13 09:55:33 +00:00
Paul Elliott
4de4cc4a29
Merge pull request #8891 from Ryan-Everett-arm/document-SE_C-not-threadsafe 
Officially document non thread-safety of MBEDTLS_PSA_CRYPTO_SE_C
 2024-03-13 09:42:49 +00:00
Valerio Setti
864a50b7c8 pk: uniformly guard set/get enrollment algorithm calls with CRYPTO_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-13 09:52:36 +01:00
Valerio Setti
13beaa2e60 psa_crypto_stubs: extend stub functions for the CRYPTO_CLIENT tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-13 09:52:36 +01:00
Valerio Setti
63097759f8 all.sh: modify/add test components for CRYPTO_CLIENT 
The already existing component_test_psa_crypto_client() is renamed
as component_test_default_psa_crypto_client_without_crypto_provider()
while component_build_full_psa_crypto_client_without_crypto_provider()
was added.

- Both of them check that the missing symbols at link time (if any)
  belong to the psa_xxx() family.
- The former builds with default config + CRYPTO_CLIENT - CRYPTO_C and
  then runs test suites.
- The latter only perform the builds using the full config and then
  it checks that PK-PSA bridge functions are present.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-13 09:52:36 +01:00
Valerio Setti
c4c1d3af34 pk: use CRYPTO_CLIENT as guard for PK-PSA bridge functions instead of CRYPTO_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-13 09:52:36 +01:00
Gilles Peskine
e29b4b42b7 Fix copypasta 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-13 09:33:03 +01:00
Manuel Pégourié-Gonnard
3b20bda352
Merge pull request #8899 from gilles-peskine-arm/pk_copy_public_from_psa 
New function mbedtls_pk_copy_public_from_psa
 2024-03-13 06:56:17 +00:00
Gilles Peskine
68f46414cb
Merge pull request #8894 from daverodgman/quietbuild2 
Follow-up non-verbose logs
 2024-03-13 00:50:42 +00:00
David Horstmann
80a5dbd1cd Regenerate PSA wrappers for new PSA functions 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-12 17:02:48 +00:00
Thomas Daubney
4bc77c402d Remove LOCAL_OUTPUT_ALLOC_WITH_COPY 
It is no longer needed and should be removed.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-03-12 17:01:11 +00:00
Ryan Everett
8163028fbd Add key_destroyable parameter to raw key agreement smoke tests 
All current usages have this parameter set to 0 (meaning the behaviour
of these tests hasn't changed). We also now return the actual error code, not GENERIC_ERROR

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ryan Everett
c1cc6686f0 Add key_destroyable parameter to key derivation smoke tests 
All current usages have this parameter set to 0 (in this case the behaviour of
the test is unchanged)

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ryan Everett
d48fc102d3 Add key_destroyable parameter to exercise_asymmetric_encryption_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00
Ryan Everett
6edd40819e Add key_destroyable parameter to exercise_signature_key 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-12 17:01:09 +00:00