mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-25 13:43:31 +00:00

Author	SHA1	Message	Date
Ronald Cron	89089cc69b	tls13: srv: Factorize ciphersuite selection code Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 08:43:41 +01:00
Ronald Cron	f7e9916b3d	tls13: srv: Fix MBEDTLS_SSL_SESSION_TICKETS guard position Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 08:43:41 +01:00
Ronald Cron	12e72f1664	tls13: srv: Always parse the pre-shared key extension Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 08:43:41 +01:00
Ronald Cron	7a30cf5954	tls13: srv: Stop earlier identity check If an identity has been determined as a ticket identity but the ticket is not usable, do not try to check if the identity is that of an external provided PSK. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 08:43:41 +01:00
Ronald Cron	fbae94a52f	tls13: srv: Improve ticket identity check return values Improve the values returned by ssl_tls13_offered_psks_check_identity_match_ticket(). Distinguish between the two following cases: 1) the PSK identity is not a valid ticket identity 2) the PSK identity is a valid ticket identity but the ticket cannot be used for session resumption. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 08:43:41 +01:00
Ronald Cron	3cdcac5647	tls13: srv: Fix return value Fix the value returned by ssl_tls13_offered_psks_check_identity_match_ticket() when there is no ticket parser function defined or no time. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 08:43:41 +01:00
Ronald Cron	6e31127f08	tls13: srv: Define specific return macros for binder check Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-08 08:43:41 +01:00
Ronald Cron	139a4185b1	Merge pull request #8587 from yanrayw/issue/4911/ssl_setup-check-RNG-configuration TLS: check RNG when calling mbedtls_ssl_setup()	2024-03-08 07:38:39 +00:00
Ronald Cron	93795f2639	tls13: Improve comment about cast to uint32_t Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-07 09:57:07 +01:00
Ryan Everett	63c1cf7eaa	Remove MBEDTLS_THREADING_C check in check_test_dependencies At the moment our tests only check for MBEDTLS_THREADIN_PTHREAD Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-06 16:46:15 +00:00
Paul Elliott	16d5160504	Allow the use of threading dependancies in PSA tests. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-03-06 16:46:15 +00:00
Ryan	b0b3c0d80a	Disable MBEDTLS_SELF_TEST in the TSan config Enabling this causes TSan warnings, as some self-tests use unprotected globals (see X_count variables in ecp.c). This isn't an issue, as these globals are only read in self tests, which do not use threads. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-06 16:46:08 +00:00
Ryan	2066d0451f	Add test cases for concurrently_generate_keys For every generate_key test there is now a concurrently_generate_keys test. 8 threads per test, and 5 repetitions. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-06 16:46:00 +00:00
Ryan	3a1b786d5d	Add a concurrent key generation test function Split into n threads, each thread will repeatedly generate, exercise and destroy a key. Then join the threads, and ensure using PSA_DONE that no keys still exist. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2024-03-06 16:45:36 +00:00
Paul Elliott	8a2062c538	Merge pull request #8892 from paul-elliott-arm/add_threading_to_drivers Ensure drivers have threading enabled if required	2024-03-06 14:35:49 +00:00
Dave Rodgman	5ba2b2b8cc	Ensure blocksize is compile-time const when DES not present Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-06 11:38:49 +00:00
Dave Rodgman	7f86d356b1	Improve PBKDF2 with CMAC perf by ~16% 10x perf in cmac_multiply_by_u; 2% uplift in AES-CMAC benchmarks Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-06 11:17:16 +00:00
Moritz Fischer	967f8cde84	library: psa_crypto: Explicitly initialize shared_secret When building with -Og (specifically Zephyr with CONFIG_DEBUG_OPTIMIZATIONS=y) one observes the following warning: 'shared_secret' may be used uninitialized [-Werror=maybe-uninitialized] Fix this by zero initializing 'shared_secret' similar to the issue addressed in commit 2fab5c960 ("Work around for GCC bug"). Signed-off-by: Moritz Fischer <moritzf@google.com>	2024-03-05 22:32:32 +00:00
Gilles Peskine	31403a4ca8	Merge pull request #8678 from daverodgman/quietbuild Make builds less verbose	2024-03-05 18:04:16 +00:00
Gilles Peskine	71cc260563	Merge pull request #8728 from minosgalanakis/features/add_mbedtls_x509_crt_get_ca_istrue_accesor_6151 [MBEDTLS_PRIVATE] Add mbedtls_x509_crt_get_ca_istrue() accesor	2024-03-05 18:04:06 +00:00
Dave Rodgman	3c4166aef3	Merge pull request #8863 from minosgalanakis/feature/add_ecdh_context_5016 [MBEDTLS_PRIVATE] Add a getter for the ECDH context->grp.id member.	2024-03-05 16:58:13 +00:00
Minos Galanakis	581e63637a	test_suite_x509parse: Added test-case for legacy certificate Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2024-03-05 14:39:23 +00:00
Paul Elliott	053b7886e5	Ensure drivers have threading enabled if required Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-03-05 14:27:23 +00:00
Ronald Cron	2e7dfd5181	tls13: Remove unnecessary cast from size_t to uint32_t Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-05 13:48:11 +01:00
Minos Galanakis	87b4f6d86c	x509: Reworded documentation bits. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2024-03-05 11:05:51 +00:00
Gilles Peskine	d06244b813	Merge pull request #8821 from davidhorstmann-arm/fix-config-bitflag Update `SSL_SERIALIZED_SESSION_CONFIG_BITFLAG` with new flags	2024-03-05 09:59:42 +00:00
Gilles Peskine	8462146d01	Merge pull request #8867 from gilles-peskine-arm/psa_key_attributes-remove_core Merge psa_core_key_attributes_t back into psa_key_attributes_t	2024-03-05 09:59:24 +00:00
Dave Rodgman	a38fad9dad	Adjust defaults Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-04 18:27:32 +00:00
Gilles Peskine	ddbe4ae901	Fix intended code blocks that were not suitably indented Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-03-04 18:30:09 +01:00
Paul Elliott	634f4d6d7d	Merge pull request #8846 from gilles-peskine-arm/ecp-write-ext-3.6 Introduce mbedtls_ecp_write_key_ext	2024-03-04 14:56:55 +00:00
Ronald Cron	987cf898db	ssl_helpers: Restore rng_seed incrementation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-04 10:24:27 +01:00
Gilles Peskine	fad79fcdd9	Merge remote-tracking branch 'development' into ecp-write-ext-3.6 Conflicts: * library/pk.c: mbedtls_pk_wrap_as_opaque() changed in the feature branch and was removed in the target branch.	2024-03-04 08:52:08 +01:00
Minos Galanakis	79ee110446	Added changelog Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2024-03-04 02:22:01 +00:00
Minos Galanakis	a83ada4eba	tests: Added test for `mbedtls_x509_crt_get_ca_istrue()` Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2024-03-04 02:22:01 +00:00
Minos Galanakis	2abbac74dc	x509: Added `mbedtls_x509_crt_get_ca_istrue()` API accessor. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2024-03-04 02:22:01 +00:00
Minos Galanakis	3cfdd73dfa	Changelog: Added changelog for `mbedtls_ecdh_get_grp_id`. Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>	2024-03-02 09:14:13 +00:00
Ronald Cron	e93cd1b580	tests: ssl: Free write/read test buffers Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 19:30:00 +01:00
Ronald Cron	7c07aab72e	tests: write early data: Improve tls13_cli_max_early_data_size Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 19:07:40 +01:00
Ronald Cron	ae6f9a58a9	tests: write early data: Allocate buffer to write/read Allocate the buffer to write/read early data. That way in ASan builds. buffer overwrite/overread can be detected. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 19:07:34 +01:00
Valerio Setti	ada2ec3482	psa_crypto_stubs/changelog: fix typos Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-03-01 18:04:14 +01:00
Ronald Cron	aab4a546bf	tests: Set the default conf then customize Set the default conf then customize, not the other way around. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 17:09:22 +01:00
Ronald Cron	10b040fa6f	tests: ssl_helpers: Rename rng_get to mbedtls_test_random mbedtls_test_ as the prefix for test APIs _random like in mbedtls_ctr/hmac_drbg_random Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 17:00:38 +01:00
Manuel Pégourié-Gonnard	e33b349c90	Merge pull request #8864 from valeriosetti/issue8848 Deprecate or remove mbedtls_pk_wrap_as_opaque	2024-03-01 15:54:32 +00:00
Dave Rodgman	8a4df2293a	Adjust default unroll settings Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2024-03-01 15:12:59 +00:00
Ronald Cron	5dbfcceb81	tls13: cli: Fix error code not checked Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 15:15:30 +01:00
Ronald Cron	de9b03dcba	tls13: Rename early_data_count to total_early_data_size Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 15:14:17 +01:00
Ronald Cron	aad8523764	tests: ssl: Test enforcement of maximum early data size Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 15:10:22 +01:00
Ronald Cron	62f971aa60	tls13: cli: Enforce maximum size of early data Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 15:10:22 +01:00
Ronald Cron	a4f0a71a01	ssl: Add early_data_count field Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 15:10:22 +01:00
Ronald Cron	5c4fc9156b	tests: ssl: Add max_early_data_size option Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 15:10:22 +01:00

1 2 3 4 5 ...

29981 Commits