mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-30 06:33:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
24,304 Commits 170 Branches 263 Tags
Commit Graph

2367 Commits

Author SHA1 Message Date
Andrzej Kurek
68327748d3 Add missing dependencies 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-10-19 08:35:08 -04:00
Yanray Wang
ff4181e246 Fix build error in cmake while printing digital build version 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2022-10-18 18:20:40 +08:00
Yanray Wang
d976673dd6 Add build version to the output of ssl_client2 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2022-10-18 10:53:49 +08:00
Ronald Cron
49e4184812
Merge pull request #6299 from xkqian/tls13_add_servername_check 
Add server name check when proposing pre-share key
 2022-10-13 16:00:59 +02:00
Gilles Peskine
0fe6631486
Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 
Include platform.h unconditionally
 2022-10-13 10:19:22 +02:00
Xiaokang Qian
bc663a0461 Refine code based on commnets 
Change code layout
Change hostname_len type to size_t
Fix various issues

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:06:01 +00:00
Xiaokang Qian
adf84a4a8c Remove public api mbedtls_ssl_reset_hostname() 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:05:11 +00:00
Xiaokang Qian
fb8ac46add Change the name of servername when re-connect 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:44 +00:00
Xiaokang Qian
281fd1bdd8 Add server name check when proposeing pre-share key 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-10-12 11:03:41 +00:00
Gilles Peskine
8fd3254cfc
Merge pull request #6374 from mprse/enc_types 
Test TLS 1.2 builds with each encryption type
 2022-10-12 12:45:50 +02:00
Jerry Yu
c79742303d Remove unnecessary empty line and fix format issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-11 21:22:33 +08:00
Przemek Stekiel
d61a4d3d1a Fix missing guard and double-space 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-11 09:40:40 +02:00
Jerry Yu
6916e70521 fix various issues 
- adjust guards. Remove duplicate guards and adjust format.
- Return success at function end. Not `ret`
- change input len

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-10 21:33:51 +08:00
Przemek Stekiel
68a01a6720 Fix session tickets related build flags in fuzz_server and ssl_server2 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-10-10 13:30:43 +02:00
Jerry Yu
03b8f9d299 Adjust guards for dummy_tickets 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-08 14:56:38 +08:00
Jerry Yu
25ab654781 Add dummy ticket support 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-10-07 10:11:05 +08:00
Manuel Pégourié-Gonnard
e3358e14b2
Merge pull request #6051 from mprse/permissions_2b_v2 
Permissions 2b: TLS 1.3 sigalg selection
 2022-09-28 09:50:04 +02:00
Paul Elliott
2c282c9bd0
Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets 
TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.
 2022-09-23 15:48:33 +01:00
Manuel Pégourié-Gonnard
d433cd7d07
Merge pull request #6283 from mpg/driver-only-hashes-wrap-up 
Driver only hashes wrap-up
 2022-09-21 08:29:46 +02:00
Ronald Cron
50969e3af5 ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-09-20 15:57:57 +02:00
Jerry Yu
7a51305478 Add multi-session tickets test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-19 14:26:07 +08:00
Ronald Cron
be0224aef3
Merge pull request #6167 from yuhaoth/pr/finalize-tls13-session-tickets 2022-09-18 21:18:13 +02:00
Manuel Pégourié-Gonnard
e896705c1a Take advantage of legacy_or_psa.h being public 
Opportunities for using the macros were spotted using:

    git grep -E -n -A2 'MBEDTLS_(MD|SHA)[0-9]+_C' | egrep 'PSA_WANT_ALG_(MD|SHA)'

then manually filtering the results.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-09-16 12:03:52 +02:00
Gilles Peskine
e9b55929dc Remove useless platform macro redefinitions: automatic part 
Some source files had code to set mbedtls_xxx aliases when
MBEDTLS_PLATFORM_C is not defined. These aliases are defined unconditionally
by mbedtls/platform.h, so these macro definitions were redundant. Remove
them.

This commit used the following code:
```
perl -i -0777 -pe 's~#if !defined\(MBEDTLS_PLATFORM_C\)\n(#define (mbedtls|MBEDTLS)_.*\n|#include <(stdarg|stddef|stdio|stdlib|string|time)\.h>\n)*#endif.*\n~~mg' $(git grep -l -F '#if !defined(MBEDTLS_PLATFORM_C)')
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-09-15 20:34:15 +02:00
Gilles Peskine
945b23c46f Include platform.h unconditionally: automatic part 
We used to include platform.h only when MBEDTLS_PLATFORM_C was enabled, and
to define ad hoc replacements for mbedtls_xxx functions on a case-by-case
basis when MBEDTLS_PLATFORM_C was disabled. The only reason for this
complication was to allow building individual source modules without copying
platform.h. This is not something we support or recommend anymore, so get
rid of the complication: include platform.h unconditionally.

There should be no change in behavior since just including the header should
not change the behavior of a program.

This commit replaces most occurrences of conditional inclusion of
platform.h, using the following code:

```
perl -i -0777 -pe 's!#if.*\n#include "mbedtls/platform.h"\n(#else.*\n(#define (mbedtls|MBEDTLS)_.*\n|#include <(stdarg|stddef|stdio|stdlib|string|time)\.h>\n)*)?#endif.*!#include "mbedtls/platform.h"!mg' $(git grep -l '#include "mbedtls/platform.h"')
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-09-15 20:33:07 +02:00
Przemek Stekiel
632939df4b ssl_client2: print pk key name when provided using key_opaque_algs 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-09-15 14:16:11 +02:00
Jerry Yu
4746b10c2e fix various issues 
- Format issues
- Possible memory leak
- Improve naming and comment issues

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-09-13 15:37:46 +08:00
Andrzej Kurek
0bc834b27f Enable signature algorithms in ssl programs with PSA based hashes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-09-12 05:37:46 -04:00
Dave Rodgman
1577c548d1 Use NULL instead of 0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-09-09 10:22:15 +01:00
Nayna Jain
106a0afc5a pkcs7: provide fuzz harness 
This allows for pkcs7 fuzz testing with OSS-Fuzz.

Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
 2022-09-01 19:45:41 -05:00
Jerry Yu
0203534c64 Add session save after got new session ticket 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-31 23:24:25 +08:00
Ronald Cron
e00d6d6b55
Merge pull request #6135 from yuhaoth/pr/tls13-finalize-external-psk-negotiation 
TLS 1.3: SRV: Finalize external PSK negotiation
 2022-08-31 17:21:57 +02:00
Andrzej Kurek
dcce505a08 Add a missing guard in an example program 
MD variable is not used in builds without MD.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-30 17:56:08 -04:00
Manuel Pégourié-Gonnard
bf22a2500b
Merge pull request #6208 from AndrzejKurek/tls-tests-no-md-structured 
Remove the dependency on MD from TLS 1.2 tests
 2022-08-30 12:34:37 +02:00
Manuel Pégourié-Gonnard
a84ce3fa81
Merge pull request #6111 from superna9999/6101-programs-dont-build-with-libtestdriver-and-use-psa 
Programs don't build with libtestdriver and USE_PSA
 2022-08-30 12:29:01 +02:00
Dave Rodgman
c5e0a8a890 Add missing error message 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
64937856e0 Correct order of extended key usage attributes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
18b02d35d6 Remove redundant sig_alg argument 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
2ee7bbd10a Replace some constant values with sizeof 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
5f3f0d06e6 Address minor review comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
ec9f6b4de1 Fix minor compile errors 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Nicholas Wilson
99a96b1c22 Improve programs/cert_write with a way to set the signature digest 
This is useful for generating SHA-1 and MD5 certificates for test
purposes.  I guess RSA-PSS could be added too, but I don't need that
now.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:08:43 +01:00
Nicholas Wilson
8e5bdfbbcf Improve programs/cert_write with a way to set extended key usages 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:08:43 +01:00
Jerry Yu
c5a23a0f12 fix various issues 
- code style
- variable initialize
- update comments


Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-25 11:09:35 +08:00
Andrzej Kurek
cccb044804 Style & formatting fixes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-23 05:26:02 -04:00
Andrzej Kurek
8c95ac4500 Add missing dependencies / alternatives 
A number of places lacked the necessary dependencies on one of
the used features: MD, key exchange with certificate, 
entropy, or ETM.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-22 17:46:50 -04:00
Jerry Yu
5d01c05d93 fix various issues 
- wrong typo in comments
- replace psk null check with key_exchange_mode check
- set psk NULL when error return in export hs psk

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-21 12:55:01 +08:00
Jerry Yu
2b7a51ba8f Add psk_or_ephemeral mode and tests 
psk_or_ephemeral exists in theory. This change is for
improving test coverage.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-21 12:51:53 +08:00
Jerry Yu
62c8763de7 Improve macro expansion help message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-11 10:18:36 +08:00
Jerry Yu
08dccc1f75 Improve help message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-10 10:02:04 +08:00