mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-16 09:40:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
29,922 Commits 170 Branches 263 Tags
Commit Graph

29922 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ronald Cron
93795f2639 tls13: Improve comment about cast to uint32_t 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-07 09:57:07 +01:00
Paul Elliott
8a2062c538
Merge pull request #8892 from paul-elliott-arm/add_threading_to_drivers 
Ensure drivers have threading enabled if required
 2024-03-06 14:35:49 +00:00
Moritz Fischer
967f8cde84 library: psa_crypto: Explicitly initialize shared_secret 
When building with -Og (specifically Zephyr with
CONFIG_DEBUG_OPTIMIZATIONS=y) one observes the following warning:

'shared_secret' may be used uninitialized [-Werror=maybe-uninitialized]

Fix this by zero initializing 'shared_secret' similar to the issue
addressed in commit 2fab5c960 ("Work around for GCC bug").

Signed-off-by: Moritz Fischer <moritzf@google.com>
 2024-03-05 22:32:32 +00:00
Gilles Peskine
31403a4ca8
Merge pull request #8678 from daverodgman/quietbuild 
Make builds less verbose
 2024-03-05 18:04:16 +00:00
Gilles Peskine
71cc260563
Merge pull request #8728 from minosgalanakis/features/add_mbedtls_x509_crt_get_ca_istrue_accesor_6151 
[MBEDTLS_PRIVATE] Add mbedtls_x509_crt_get_ca_istrue() accesor
 2024-03-05 18:04:06 +00:00
Dave Rodgman
3c4166aef3
Merge pull request #8863 from minosgalanakis/feature/add_ecdh_context_5016 
[MBEDTLS_PRIVATE] Add a getter for the ECDH context->grp.id member.
 2024-03-05 16:58:13 +00:00
Minos Galanakis
581e63637a test_suite_x509parse: Added test-case for legacy certificate 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-05 14:39:23 +00:00
Paul Elliott
053b7886e5 Ensure drivers have threading enabled if required 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2024-03-05 14:27:23 +00:00
Ronald Cron
2e7dfd5181 tls13: Remove unnecessary cast from size_t to uint32_t 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-05 13:48:11 +01:00
Minos Galanakis
87b4f6d86c x509: Reworded documentation bits. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-05 11:05:51 +00:00
Gilles Peskine
d06244b813
Merge pull request #8821 from davidhorstmann-arm/fix-config-bitflag 
Update `SSL_SERIALIZED_SESSION_CONFIG_BITFLAG` with new flags
 2024-03-05 09:59:42 +00:00
Gilles Peskine
8462146d01
Merge pull request #8867 from gilles-peskine-arm/psa_key_attributes-remove_core 
Merge psa_core_key_attributes_t back into psa_key_attributes_t
 2024-03-05 09:59:24 +00:00
Paul Elliott
634f4d6d7d
Merge pull request #8846 from gilles-peskine-arm/ecp-write-ext-3.6 
Introduce mbedtls_ecp_write_key_ext
 2024-03-04 14:56:55 +00:00
Ronald Cron
987cf898db ssl_helpers: Restore rng_seed incrementation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-04 10:24:27 +01:00
Gilles Peskine
fad79fcdd9 Merge remote-tracking branch 'development' into ecp-write-ext-3.6 
Conflicts:
* library/pk.c: mbedtls_pk_wrap_as_opaque() changed in the feature branch
  and was removed in the target branch.
 2024-03-04 08:52:08 +01:00
Minos Galanakis
79ee110446 Added changelog 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-04 02:22:01 +00:00
Minos Galanakis
a83ada4eba tests: Added test for mbedtls_x509_crt_get_ca_istrue() 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-04 02:22:01 +00:00
Minos Galanakis
2abbac74dc x509: Added mbedtls_x509_crt_get_ca_istrue() API accessor. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-04 02:22:01 +00:00
Minos Galanakis
3cfdd73dfa Changelog: Added changelog for mbedtls_ecdh_get_grp_id. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-02 09:14:13 +00:00
Ronald Cron
e93cd1b580 tests: ssl: Free write/read test buffers 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 19:30:00 +01:00
Valerio Setti
ada2ec3482 psa_crypto_stubs/changelog: fix typos 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-01 18:04:14 +01:00
Ronald Cron
aab4a546bf tests: Set the default conf then customize 
Set the default conf then customize, not the
other way around.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 17:09:22 +01:00
Ronald Cron
10b040fa6f tests: ssl_helpers: Rename rng_get to mbedtls_test_random 
mbedtls_test_ as the prefix for test APIs
_random like in mbedtls_ctr/hmac_drbg_random

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 17:00:38 +01:00
Manuel Pégourié-Gonnard
e33b349c90
Merge pull request #8864 from valeriosetti/issue8848 
Deprecate or remove mbedtls_pk_wrap_as_opaque
 2024-03-01 15:54:32 +00:00
David Horstmann
71fa1a94e7 Fix code style 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 12:32:18 +00:00
David Horstmann
76ba26a542 Fixup: add peer_cert_digest_type to comment 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 12:03:35 +00:00
David Horstmann
7335082ef6 Add ChangeLog entry for ssl serialization bitflags 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 11:31:03 +00:00
David Horstmann
f686f1dc17 Fix naming inconsistencies in config bits 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-01 11:20:32 +00:00
Ronald Cron
fcbf776d06 tests: ssl: Restore write_early_data test function 
For negative testing of early data (tests
related to max_early_data_size in this PR), restore
the test function to write early data that was
first introduced to be able to test the reading
of early data with the writing part and was
removed (as not used anymore) by the PR 8760.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 10:00:47 +01:00
Ronald Cron
25ad10a920 tests: ssl: Improve tls13_srv_max_early_data_size() 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
19bfe0a631 tls13: Rename early_data_count to total_early_data_size 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
70eab45ba6 tls13: generic: Fix log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
dc81b7343f tests: srv max early data size: Add reach_max test arg 
Add the reach_max flag argument for the
test13_srv_max_early_data_size test
function. Non zero value only valid in case
of TEST_EARLY_DATA_ACCEPTED scenario.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
01d273d31f Enforce maximum size of early data in case of HRR 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
919e596c05 Enforce maximum size of early data when rejected 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
2160bfe4e2 tests: ssl: Test enforcement of maximum early data size 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:16 +01:00
Ronald Cron
8571804382 tls13: srv: Enforce maximum size of early data 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:29:09 +01:00
Ronald Cron
c286519747 tls13: srv: Do not forget to include max_early_data_size in the ticket 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:03:51 +01:00
Ronald Cron
26a9811027 ssl: Add early_data_count field 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:03:51 +01:00
Ronald Cron
5d3036e6d5 tests: ssl: Add max_early_data_size option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-01 09:03:51 +01:00
Dave Rodgman
79aaaa46e9 Fix formatting 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 18:41:36 +00:00
David Horstmann
531aca2810 Fix missing fields in ssl session struct comment 
The endpoint and version were factorized out into the main session.
Update the session struct comment to reflect these new fields, as was
previously missed.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 18:14:28 +00:00
David Horstmann
cb01b361e1 Move session descriptions into a single comment 
Describe the TLS 1.2, TLS 1.3 and full session structs in the same
place for ease of reference.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 18:10:13 +00:00
David Horstmann
80a9668762 Add config guards to session struct comments 
This shows which fields of the session are dependent on which config
options.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 18:00:32 +00:00
David Horstmann
e59f970f28 Move session functions to same part of file 
Ensure that session save and load functions are not scattered
throughout ssl_tls.c but are in the same part of the file.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 17:50:44 +00:00
David Horstmann
92b258bb50 Update ssl session serialization config bitflag 
Add config bits for server name indication, early data and record size
limit, which all cause the serialized session to be structured
differently.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 17:41:31 +00:00
David Horstmann
5c5a32f52a Add session config bit for KEEP_PEER_CERTIFICATE 
This config option decides whether the session stores the entire
certificate or just a digest of it, but was missing from the
serialization config bitflag.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-02-29 17:41:31 +00:00
Valerio Setti
d32dd08934 changelog: fix description 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-29 16:28:03 +01:00
Valerio Setti
1a58e9a232 psa_util: change guard for mbedtls_psa_get_random() to CRYPTO_CLIENT 
This commit also:
- updates changelog
- add a stub function to be used in component_test_psa_crypto_client()
  test

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-02-29 16:14:29 +01:00
Dave Rodgman
87218b364d blank line for readability 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-02-29 15:02:30 +00:00