mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-15 14:42:28 +00:00

Author	SHA1	Message	Date
Wenxing Hou	3b9de38208	Make clienthello comment clear Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>	2023-12-14 22:44:08 +08:00
Joakim Andersson	b349108b99	library: Move mbedtls_ecc helper functions to psa_util Move the mbedtls_ecc helper functions from psa_core to psa_util. These files are not implemented as part of the PSA API and should not be part of the PSA crypto implementation. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>	2023-12-14 13:55:11 +01:00
Dave Rodgman	69928dbe86	Fix compile warning from IAR Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-14 12:09:18 +00:00
Dave Rodgman	650674bb41	Add MBEDTLS_BSWAPxx intrinsics for IAR Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-14 12:08:57 +00:00
Dave Rodgman	f3c04f3f47	Better definition of MBEDTLS_IS_BIG_ENDIAN for IAR Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-14 12:08:57 +00:00
Manuel Pégourié-Gonnard	1f67363d6a	Merge pull request #8616 from lpy4105/issue/8553/test-driver-only-rsa Add test for driver-only RSA (crypto only)	2023-12-14 11:05:55 +00:00
Manuel Pégourié-Gonnard	001fb73131	Merge pull request #8612 from valeriosetti/issue8601 Quit using enrollment in pkparse	2023-12-13 14:55:34 +00:00
David Horstmann	5a945f584e	Put local output status in scope This means that a unique name is no longer needed. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-13 14:09:08 +00:00
David Horstmann	d57c0731c9	Remove spaces around token-pasting macro operator Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-13 14:03:40 +00:00
Manuel Pégourié-Gonnard	ea6b3c030d	Merge pull request #8605 from valeriosetti/issue8600 Quit using enrollment alg in for ECDSA in PK	2023-12-12 16:53:15 +00:00
Joakim Andersson	c5b7285da9	library: Remove unused psa_crypto_core.h include Remove unused psa_crypto_core.h include. The PSA util file provides helper functions when using the PSA API. It should not rely on PSA internal headers, and instead only use public headers. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>	2023-12-11 21:25:44 +01:00
David Horstmann	bf4ec79085	Make return statuses unique in FREE_LOCAL_OUTPUT() Previously the return from psa_crypto_local_output_free() had a fixed name, which meant that multiple outputs would cause redefinitions of the same variable. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-11 17:58:56 +00:00
David Horstmann	3e72db4f51	Improve FREE_LOCAL_INPUT() and FREE_LOCAL_OUTPUT() * Set swapped pointers to NULL when the buffers are freed. * Change example name <buffer> to <input> and <output> to reduce confusion. * Document assumptions of FREE_LOCAL_ macros. * Add comment on error case in FREE_LOCAL_OUTPUT(), explaining why it's okay to mask the existing status code. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-11 17:58:56 +00:00
David Horstmann	00d7a04b82	Add more information to comment on test hooks Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-11 17:58:56 +00:00
David Horstmann	d596862418	Remove unnecessary include directory from CMake Since psa_crypto.c does not include tests/include/test/memory.h, we do not need the tests/include include path. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-11 17:58:56 +00:00
David Horstmann	513101b00f	Add MBEDTLS_PSA_COPY_CALLER_BUFFERS config option This allows us to entirely remove copying code, where the convenience macros are used for copying. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-11 17:58:56 +00:00
David Horstmann	e9a88ab0d5	Use macros to manage buffer copies Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-11 17:58:56 +00:00
David Horstmann	e138dce329	Change to use test-hook-based approach Since we are applying hooks transparently to all tests, we cannot setup and teardown test hooks in the tests. Instead we must do this in the test wrappers which are used to pre-poison and unpoison memory. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-11 17:58:56 +00:00
David Horstmann	c6977b4899	Copy input and output in psa_cipher_encrypt() Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-11 17:58:56 +00:00
David Horstmann	372b8bb6c5	Add memory poisoning hooks Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-11 17:58:56 +00:00
Tom Cosgrove	656d4b3c74	Avoid use of `ip_len` as it clashes with a macro in AIX system headers Fixes #8624 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-12-08 21:51:15 +00:00
Pengyu Lv	f75893bb36	Update comments Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 17:40:00 +08:00
Pengyu Lv	e9efbc2aa5	Error out when get domain_parameters is not supported From time being, domain_parameters could not be extracted from driver. We need to return error to indicate this situation. This is temporary and would be fixed after #6494. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 17:30:26 +08:00
Janos Follath	f7f88d6443	Fix style Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-12-08 08:41:08 +00:00
Janos Follath	8209ff335e	Make local function static Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-12-08 08:41:08 +00:00
Pengyu Lv	94a42ccb3e	Add tls13 in ticket flags helper function names ``` sed -i \ "s/\(mbedtls_ssl\)_\(session_\(\w_\)\?ticket\)/\1_tls13_\2/g" \ library/.[ch] ``` Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 11:12:46 +08:00
Yanray Wang	90acdc65e5	tl13: srv: improve comment Improve comment when received version 1.2 of the protocol while TLS 1.2 is disabled on server side. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-08 11:00:38 +08:00
Yanray Wang	2bef917a3c	tls13: srv: return BAD_PROTOCOL_VERSION if chosen unsupported version Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-08 11:00:35 +08:00
Yanray Wang	177e49ad7a	tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-08 11:00:33 +08:00
Yanray Wang	408ba6f7b8	tls13: srv: replace with internal API to check is_tls12_enabled Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-08 11:00:30 +08:00
Pengyu Lv	abd844f379	Fix wrong format in the function doc Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	02e72f65da	Reword return value description for mbedtls_ssl_tls13_is_kex_mode_supported Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	bc4aab7673	Add "_is_" to functions ssl_tls13_key_exchange_._available Done by command: ``` sed -i \ "s/ssl_tls13_key_exchange_\(.\)_available/ssl_tls13_key_exchange_is_\1_available/g" \ library/*.[ch] ``` Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	b2cfafbb9e	Consistent renaming Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	2333b826f4	tls13: srv: rename mbedtls_ssl_tls13_check_kex_modes The function is renamed to `mbedtls_ssl_tls13_is_kex_mode_supported` and the behaviour is reversed. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	0a1ff2b969	Consistent renaming Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	4f537f73fa	tls13: rename mbedtls_ssl_session_check_ticket_flags The function is renamed to mbedtls_ssl_session_ticket_has_flags. Descriptions are added. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:58 +08:00
Pengyu Lv	d72e858fd1	tls13: srv: rename ssl_tls13_ticket_permission_check The function is renamed to ssl_tls13_ticket_is_kex_mode_permitted Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:57 +08:00
Pengyu Lv	fc2cb9632b	tls13: rename mbedtls_ssl_conf_tls13_check_kex_modes The function is renamed to mbedtls_ssl_conf_tls13_is_kex_mode_enabled. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:57 +08:00
Pengyu Lv	60a22567e4	tls13: change return value of mbedtls_ssl_conf_tls13_check_kex_modes To keep the convention in TLS code, check functions should return 0 when check is successful. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:57 +08:00
Pengyu Lv	981ec14744	tls13: rename ssl_tls13_check_*_key_exchange functions Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 10:01:57 +08:00
Waleed Elmelegy	419f841511	Skip checking on maximum fragment length during handshake MbedTLS currently does not support maximum fragment length during handshake so we skip it for now. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-07 18:33:42 +00:00
Ronald Cron	90d07118ad	Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket	2023-12-07 09:25:35 +00:00
Gilles Peskine	f3ccfddb45	Merge pull request #8615 from davidhorstmann-arm/fix-cast-potential-overflow Fix possible integer overflows	2023-12-07 00:42:10 +00:00
Gilles Peskine	57e401b39f	Merge pull request #8521 from valeriosetti/issue8441 [G4] Make CTR-DRBG fall back on PSA when AES not built in	2023-12-06 18:25:44 +00:00
David Horstmann	4749007f64	Fix possible integer overflows before widening When calculating a result to go into an mbedtls_ms_time_t, make sure that arithmetic is performed at the final size to prevent overflow. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-06 17:22:53 +00:00
Valerio Setti	202bb71dcd	ssl_tls12_server: do not export/import opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-06 17:05:24 +01:00
Waleed Elmelegy	9aec1c71f2	Add record size checking during handshake Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-06 15:18:15 +00:00
Jan Bruckner	f482dcc6c7	Comply with the received Record Size Limit extension Fixes #7010 Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-12-06 15:18:08 +00:00
Manuel Pégourié-Gonnard	ad4f0ada37	Merge pull request #8514 from mschulz-at-hilscher/fixes/uninitialized-variable-in-ssl_msg Fix uninitialized variable warnings in ssl_msg.c	2023-12-06 11:06:03 +00:00

... 3 4 5 6 7 ...

12802 Commits