mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 09:40:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
28,001 Commits 170 Branches 263 Tags
Commit Graph

2559 Commits

Author SHA1 Message Date
Thomas Daubney
1fd916a1a3 Address review comments 
- make operation name more generic
- make use of psa_hash_abort

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-07-25 16:10:48 +01:00
Thomas Daubney
9520df7580 Fix code style 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-07-25 10:56:54 +01:00
Thomas Daubney
1db78fa32a Demonstrate algorithm agility 
Define HALH_ALG to the desired PSA algorithm
to demostrate the ease of swapping algorithms
with the PSA API.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-07-24 16:49:14 +01:00
Thomas Daubney
f7348ae1fc Improve program from first round review comments 
Following an initial review:
- Swap printf for mbedtls_printf
- Remove MBEDTLS_xxx dependencies
- Demonstrate correct buffer sizing

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-07-24 12:18:40 +01:00
Thomas Daubney
209c9c9492 Bring code-style up-to-date 
This PR was originally created before the code
style was changed. This commit updates the style.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-07-18 14:59:45 +01:00
Hannes Tschofenig
f8b9ebf297 Add example program for PSA hash 
This commit adds the example program for PSA
hash as well as the relevant changes to
CMakeLists.txt and the Makefile.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-07-18 13:55:36 +01:00
Manuel Pégourié-Gonnard
828b3acd6b
Merge pull request #7848 from valeriosetti/issue7749 
driver-only ECC: EPCf.TLS testing
 2023-07-18 10:33:21 +02:00
Dave Rodgman
91d9daf2b3
Merge pull request #7925 from hasheddan/dtls-server-order 
Fix order of steps in DTLS server example program
 2023-07-17 09:41:43 +01:00
Daniel Mangum
af2f7a6fcb Fix order of steps in DTLS server example program 
Fixes the numbered order of steps in the DTLS server example program.

Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com>
 2023-07-14 12:00:33 -04:00
Andrzej Kurek
312b6df38a Add a missing guard in cert_req.c 
IP parsing requires x509_CRT_PARSE_C
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-07-10 08:45:30 -04:00
Valerio Setti
dda0019e2e ssl_test_lib: fix rebase error 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 10:22:51 +02:00
Valerio Setti
5bdebb2004 ssl_test_lib: fix variable naming for curve group 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Valerio Setti
fb6356f003 ssl_test_lib: simplify function which prints supported curves 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Valerio Setti
deb676442d ssl_test_lib: manage FFDH keys the same way as ECC ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Valerio Setti
acd32c005f programs: add helper functions for supported EC curves 
- get full list, or
- get TLS ID from name

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Manuel Pégourié-Gonnard
461d59b2f8
Merge pull request #7858 from mprse/ffdh_tls13_v2_f 
Make use of FFDH keys in TLS 1.3 - follow-up
 2023-07-07 16:19:35 +02:00
Dave Rodgman
c4749b1c66
Merge pull request #7584 from gilles-peskine-arm/fuzz-file-open-fail 
Fuzz programs: print an error if loading the reproducer fails
 2023-07-07 11:51:59 +01:00
Andrzej Kurek
6bc7a38683 Support more SAN subtypes in cert_req.c 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-07-07 05:13:13 -04:00
Agathiyan Bragadeesh
77b0d645f5 Add gitignore anchors to denote generated files 
These anchors encapsulate gitignore patterns which typically ignore
files generated, so that scripts can be used to comment and uncomment
these patterns for releases when we need the generated files in the
repository.

Signed-off-by: Agathiyan Bragadeesh <agabra02@e127300.arm.com>
 2023-07-06 17:58:18 +01:00
Przemek Stekiel
68e7544de8 parse_groups: curve -> group adaptations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-06 12:16:44 +02:00
Przemek Stekiel
45255e4c71 Adapt names (curves -> groups) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-05 09:26:26 +02:00
Pengyu Lv
b078607f04 cert_write: Support write any for extended key usage 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-07-04 17:30:21 +08:00
Manuel Pégourié-Gonnard
56b159a12a
Merge pull request #7627 from mprse/ffdh_tls13_v2 
Make use of FFDH keys in TLS 1.3 v.2
 2023-07-03 10:12:33 +02:00
Dave Rodgman
c23d2222ea
Merge pull request #7728 from waleed-elmelegy-arm/crypt_and_hash-decrypt-fix 
Fix crypt_and_hash decrypt issue when used with stream cipher
 2023-06-30 11:42:35 +01:00
Andrzej Kurek
60de0b198a Move the overallocation test to test suites 
This way the compiler does not complain about
an overly large allocation made.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
aae3208c29 Add an mbedtls_calloc(SIZE_MAX/2, SIZE_MAX/2) test 
It should return NULL and not a valid pointer.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
e35f3a23be Add a calloc selftest for more than a page 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
ecaf6fb8b2 Documentation and cosmetic fixes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
9032711dc7 Move the calloc buffer initialization test to selftest.c 
This way it's more in line with the 2.28 version.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Manuel Pégourié-Gonnard
39a0a76fcc SSL programs: improve command-line error reporting 
Every now and then, I see of these programs failing with a super-long
usage message that gives no clue as to what went wrong. (Recently it
happened with a test case in ssl-opt.sh with a fairly long command line
that was entirely correct, except some options were not valid in this
config - the test should have been skipped but wasn't due to some other
bug. It took me longer to figure out than it should have, and could have
if the program had simply reported which param was not recognized.)

Also, have an explicit "help" command, separate "help_ciphersuites", and
have default usage message that's not multiple screens long.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-27 09:28:24 +02:00
Manuel Pégourié-Gonnard
3eea9a461c SSL programs: allow invoking without arguments 
All options have reasonable default so the programs don't need arguments
to do something useful.

It is widely accepted for programs that can work without arguments need
not insist on the user passing arguments, see 'ls', 'wc', 'sort', 'more'
and any number of POSIX utilities that all work without arguments.

It is also the historical behaviour of those programs, and something
relied one by at least a few team members.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-26 11:29:35 +02:00
Manuel Pégourié-Gonnard
0b74434e2a SSL programs: group options processing in 1 place 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-26 11:28:00 +02:00
Paul Elliott
458b96b1a7
Merge pull request #7638 from AndrzejKurek/cert-apps-use-ips 
Use better IP parsing in x509 apps
 2023-06-20 17:21:04 +01:00
Przemek Stekiel
7d42c0d0e5 Code cleanup #2 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-13 12:30:40 +02:00
Przemek Stekiel
75a5a9c205 Code cleanup 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-13 09:57:23 +02:00
Waleed Elmelegy
46549cb5fa Replace function calls in crypt_and_hash program with locals 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-06-12 14:53:02 +01:00
Waleed Elmelegy
7d39cc410c Fix crypt_and_hash decrypt issue when used with stream cipher 
crypt_and_hash decryption fails when used with a stream cipher
mode of operation due to the input not being multiple of block
size, this only applies to block cipher modes and not stream
ciphers.This change exempts CTR, CFB & OFB modes from this check.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-06-09 16:58:23 +01:00
Dave Rodgman
05d71ffe5b Merge remote-tracking branch 'origin/development' into sha3-updated 2023-06-07 18:02:04 +01:00
Andrzej Kurek
0624e460fb Add a guard for IP parsing in cert_req app 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-07 08:54:35 -04:00
Andrzej Kurek
cd17ecfe85 Use better IP parsing in x509 programs 
Remove unnecessary duplicated code.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-07 08:50:05 -04:00
Przemek Stekiel
ff9fcbcace ssl_client2, ssl_server2: code optimization + guards adaptation 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:53:40 +02:00
Przemek Stekiel
da4fba64b8 Further code optimizations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:09 +02:00
Przemek Stekiel
316c19ef93 Adapt guards, dependencies + optimizations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:09 +02:00
Przemek Stekiel
e7db09bede Move FFDH helper functions and macros to more suitable locations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:08 +02:00
Przemek Stekiel
6d7da5ee1e Add FFDH support in client2, server2 applications 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:08 +02:00
Gilles Peskine
84b547b5ee
Merge pull request #7400 from AndrzejKurek/cert-write-sans 
Add a possibility to generate certificates with a Subject Alternative Name
 2023-06-05 15:38:38 +02:00
Andrzej Kurek
f994bc51ad Refactor code in cert_write.c 
This way is more robust.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-02 05:10:17 -04:00
Dave Rodgman
7f97675b64
Merge pull request #5237 from davidhorstmann-arm/demo-out-of-tree 2023-05-19 21:27:24 +01:00
Andrzej Kurek
5eebfb8fd0 Enable escaping ';' in cert_write.c SANs 
This might get used in URIs.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
446e53d401 Fix a code style issue 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00