mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-29 03:32:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
29,006 Commits 170 Branches 263 Tags
Commit Graph

29006 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Valerio Setti
c213a2e1e5 adjust_legacy_from_psa: use groups instead of curves for DH 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-06 10:49:14 +01:00
Valerio Setti
2bec5df945 psa_crypto_ffdh: fix typos 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-26 17:58:09 +01:00
Valerio Setti
0a6acf8db4 adjust_legacy_from_psa: use EC pattern for enabling builtin elements of DH 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-26 17:58:09 +01:00
Valerio Setti
c22bb7a0a4 adjust_legacy_from_psa: optimize legacy enablement also for EC key types 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-26 17:58:06 +01:00
Valerio Setti
48e4167ced adjust_legacy_from_psa: improve pattern for enabling internal symbols 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-26 10:34:32 +01:00
Valerio Setti
1a54352f5a psa_crypto_ffdh: move dhm.h inclusion to c file 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-26 09:35:18 +01:00
Valerio Setti
724a2abf01 test_suite_psa_crypto: fix typo in description 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 15:57:12 +01:00
Valerio Setti
b0498ef995 adjust_legacy_from_psa: use intermediate symbol to enable builtin support 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 15:55:33 +01:00
Valerio Setti
18371ee08f generate_tls13_compat_tests: add DH group dependency when FFDH is used 
"tls13-compat.sh" is also updated in this commit using the python
script.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 10:44:57 +01:00
Valerio Setti
05754d8e85 ssl-opt: add DH groups requirements in test cases using FFDH 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-18 09:47:00 +01:00
Valerio Setti
78aa0bc1d9 all.sh: fix tests with accelerated FFDH 
Explicitly accelerate also DH groups in those tests.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Valerio Setti
1161b44981 crypto_config_test_driver_extension: support accelaration of DH groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Valerio Setti
48a847afb7 tests: add guards for DH groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Valerio Setti
6bed64ec75 all.sh: add new component with only DH 2048 bits. 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:06 +01:00
Valerio Setti
504a10254c psa_crypto: do not validate DH groups which are not enabled 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:57:03 +01:00
Valerio Setti
e8683ce9ef ssl_test_lib: add guards for enabled DH groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:56:30 +01:00
Valerio Setti
ecaf7c5690 ssl_tls: add guards for enabled DH key types 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:56:30 +01:00
Valerio Setti
de50413009 crypto_sizes: adjust PSA_VENDOR_FFDH_MAX_KEY_BITS based on the supported groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:56:30 +01:00
Valerio Setti
4ed8daa929 psa_crypto_ffdh: add guards for enabled domain parameters 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:56:30 +01:00
Valerio Setti
fecef8bc8e config_adjust: fix adjustments between legacy and PSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 15:56:26 +01:00
Valerio Setti
bbff303fe1 crypto_config: define feature macros for DH keys 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-17 11:47:44 +01:00
Bence Szépkúti
1325942c28
Merge pull request #8707 from bensze01/new_redirect_format 
Migrate to new RTD redirect format
 2024-01-16 20:22:08 +00:00
Bence Szépkúti
333ca8fdfc Migrate to new RTD redirect format 
Migrate to the new redirect format introduced by ReadTheDocs in
readthedocs/readthedocs.org#10881

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-01-16 17:06:06 +01:00
Tom Cosgrove
bc5d9165ae
Merge pull request #8554 from yanrayw/issue/8221/fix-tls-suiteB-profile 
TLS: remove RSA signature algorithms in `suite B` profile
 2024-01-12 14:34:28 +00:00
Tom Cosgrove
f1ba1933cf
Merge pull request #8526 from yanrayw/issue/7011/send_record_size_limit_ext 
TLS1.3: SRV/CLI: add support for sending Record Size Limit extension
 2024-01-12 13:39:15 +00:00
Waleed Elmelegy
f0ccf46713 Add minor cosmetic changes to record size limit changelog and comments 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-12 10:52:45 +00:00
Waleed Elmelegy
4b09dcd19c Change renegotiation test to use G_NEXT_SRV 
Change renegotiation test to use G_NEXT_SRV
to avoid problems when sending TLS 1.3
extensions since we exceed the extension
limit in G_SRV.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-12 10:50:25 +00:00
Paul Elliott
3519cfb3d8
Merge pull request #8639 from bensze01/release_components 
Set OpenSSL/GnuTLS variables when running release components
 2024-01-11 15:38:35 +00:00
Ronald Cron
ae2213c307
Merge pull request #8414 from lpy4105/issue/uniform-ssl-check-function 
Harmonise the names and return values of check functions in TLS code
 2024-01-11 13:51:39 +00:00
Ronald Cron
7c14afcaaa
Merge pull request #8595 from yanrayw/issue/8593/srv-CH-fix-version-check 
TLS1.3: SRV: check `min_tls_version` when parsing ClientHello
 2024-01-11 13:34:09 +00:00
Waleed Elmelegy
85ddd43656 Improve record size limit changelog wording 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-11 11:07:57 +00:00
Manuel Pégourié-Gonnard
eeb96ac9fe
Merge pull request #8433 from yuhaoth/pr/add-deprecated-flag-for-sig_hashes-api 
Add deprecated flag in document for sig_hashes
 2024-01-11 09:33:10 +00:00
Waleed Elmelegy
e83be5f639 Change renegotiation tests to work with TLS 1.2 only 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 23:39:54 +00:00
Paul Elliott
f149cd1a3a
Merge pull request #8688 from jwinzig-at-hilscher/development 
Fix bug in mbedtls_x509_set_extension
 2024-01-10 16:57:16 +00:00
Waleed Elmelegy
3ff472441a Fix warning in ssl_tls13_generic.c 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
1487760b55 Change order of checking of record size limit client tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
09561a7575 Add MBEDTLS_SSL_RECORD_SIZE_LIMIT to config_adjust_ssl.h 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
a3bfdea82b Revert "Make sure record size limit is not configured without TLS 1.3" 
This reverts commit 52cac7a3e6782bbf46a76158c9034afad53981a7.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
7ae74b74cc Make sure record size limit is not configured without TLS 1.3 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
f37c70746b Add MBEDTLS_SSL_RECORD_SIZE_LIMIT to full config 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
e840263f76 Move record size limit testing to tls13 component 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
2fa99b2ddd Add tests for client complying with record size limit 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
f501790ff2 Improve comments across record size limit changes 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
9457e67afd update record size limit tests to be more consistent 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
2a2462e8f9 Add Changlog entry for record size extension 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
3a37756496 Improve record size limit tests 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:28 +00:00
Waleed Elmelegy
fbe42743eb Fix issue in checking in writing extensions 
Fix issue in checking if server received
record size limit extension.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:27 +00:00
Waleed Elmelegy
e1ac98d888 remove mbedtls_ssl_is_record_size_limit_valid function 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:27 +00:00
Waleed Elmelegy
d2fc90e024 Stop sending record size limit extension if it's not sent from client 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:27 +00:00
Waleed Elmelegy
148dfb6457 Change record size limit writing function 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2024-01-10 16:17:27 +00:00