lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-19 01:04:04 +03:00
Code
33,152 Commits 172 Branches 267 Tags
Commit Graph

7110 Commits

Author SHA1 Message Date
Valerio Setti
b8621b6f9d ssl_ciphersuites: remove references to DHE-RSA key exchanges 
In this commit also MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED is removed.
This cause some code in "ssl_ciphersuites_internal.h" and
"ssl_tls12_server.c" to became useless, so these blocks are removed
as well.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
Valerio Setti
89743b5db5 ssl_tls: remove code related to DHE-RSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
David Horstmann
be658c47c8
Merge pull request #9938 from bjwtaylor/ssl-ticket-api 
Move ssl_ticket to the PSA API
 2025-02-05 10:41:09 +00:00
Ben Taylor
d0498803a1 Correct typos in comments 
Correct the typos in the mbedtls_ssl_ticket_setup function docs

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-02-03 11:35:34 +00:00
Harry Ramsey
2547ae9fcc Move SSL macro checks from TF-PSA-Crypto to Mbed TLS 
This commit moves macro checks specifically for Mbed TLS from
TF-PSA-Crypto to Mbed TLS where they more approriately belong.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-01-31 13:58:43 +00:00
Ben Taylor
0c29cf87b1 Move ssl_ticket to the PSA API 
Convert the mbedtl_ssl_ticket_setup function to use the TF_PSA_Crypto
API.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-01-30 08:22:40 +00:00
Manuel Pégourié-Gonnard
28905b76fa Remove mention of USE_PSA_CRYPTO in documentation 
This was the last occurrence found by:

    git grep -c 'MBEDTLS_USE_PSA_CRYPTO' library include

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:44:08 +01:00
Manuel Pégourié-Gonnard
48e0e3a356 Rm dead !USE_PSA code: check_config.h 
Manual, as most expressions were too complex for unifdef. Most of those
were or had a part like "we need XXX or USE_PSA" (where XXX was Cipher
or MD) and those are always satisfied now.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:15:21 +01:00
Manuel Pégourié-Gonnard
11ae619e77 Rm dead !USE_PSA code: SSL headers (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl*.h

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:15:04 +01:00
Manuel Pégourié-Gonnard
873816129e Rm dead !USE_PSA code: SSL ciphersuite (part 2) 
Manual removal as unifdef doesn't handle non-trivial expressions.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:14:56 +01:00
Manuel Pégourié-Gonnard
b18c8b957b Rm dead !USE_PSA code: SSL hooks 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl_{ticket,cookie}.[ch]

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:14:43 +01:00
Ronald Cron
189dcf630f
Merge pull request #9910 from valeriosetti/issue9684 
Remove DHE-PSK key exchange
 2025-01-27 11:15:10 +00:00
Manuel Pégourié-Gonnard
7e1154c959
Merge pull request #9906 from mpg/rm-conf-curves 
[dev] Remove deprecated function mbedtls_ssl_conf_curves()
 2025-01-27 08:21:27 +00:00
Valerio Setti
6ba324de02 mbedtls_config: remove MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 
This commit also removes its disabling from config_adjust_ssl.h

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
a07345247e check_config: remove checks for DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
6348b46c0b ssl_ciphersuites: remove references/usages of DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
48659a1f9c ssl_tls: remove usage of DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
6b64a1ba37 x509: remove definition and implementation of x509write_crt_set_serial 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-16 15:00:10 +01:00
Manuel Pégourié-Gonnard
6b720161ca Remove mbedtls_ssl_conf::curve_list 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:17:20 +01:00
Manuel Pégourié-Gonnard
93d4591255 Remove deprecated function mbedtls_ssl_conf_curves() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:06:31 +01:00
Gilles Peskine
bc7c523420 Remove uses of secp244k1 
Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will
not be implemented. (It would be K1_225 anyway, but we don't intend to
implement it anyway.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-01-08 16:51:23 +01:00
Deomid rojer Ryabkov
ac2cf1f26c Defragment incoming TLS handshake messages 
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2024-12-25 14:34:17 +02:00
Minos Galanakis
1bf85a8634 mbedtls_config: Cleaned up legacy sections. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-16 08:53:48 +00:00
Minos Galanakis
80e76b66af Moved options to new sections. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-16 08:53:47 +00:00
Minos Galanakis
acd560f887 mbedtls_config: Added new section placeholders. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-16 08:53:47 +00:00
Ronald Cron
51f228cc1b Switch to actual TF-PSA-Crypto build_info.h 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-11 22:32:45 +01:00
Ronald Cron
e11ae17c60 Split check_config.h 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-11 22:32:45 +01:00
Ronald Cron
ce3c2dd30c
Merge pull request #9806 from ronald-cron-arm/finalize-split-preparation-1 
Finalize split preparation-1
 2024-12-05 13:23:09 +00:00
Ronald Cron
6924564970 Move back timing.c to mbedtls 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-04 14:25:02 +01:00
Ronald Cron
18047f0b01 Move config_adjust_legacy_crypto.h to tf-psa-crypto 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-04 14:25:02 +01:00
Ronald Cron
80963c64eb Move hkdf.h to tf-psa-crypto 
Move hkdf.h to tf-psa-crypto as
hkdf.c was.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-04 14:25:02 +01:00
Minos Galanakis
4f619e12e7 Renamed MBEDTLS_PSA_CRYPTO_CONFIG_FILE & MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE 
Files have been renamed respectively to:
- TF_PSA_CRYPTO_CONFIG_FILE
- TF_PSA_CRYPTO_USER_CONFIG_FILE

As per design proposal:
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:57:56 +00:00
Minos Galanakis
1f0d469e1d Cleaned up MbedTLS/tf-psa-crypto configs. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:57:56 +00:00
Minos Galanakis
861b90c257 Migrated General and test configuration options (contd). 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:50:53 +00:00
Minos Galanakis
cb32d084aa crypto_config: Migrated newer configuration options. 
This commit, moves configuration entries that were not present
during the design-review.

It also updates the proposal accordingly.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:50:09 +00:00
Minos Galanakis
f33250fcc1 crypto_config: Migrated MBEDTLS_NULL_CIPHER in legacy-crypto 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:49:55 +00:00
Minos Galanakis
127ffb507c crypto_config: Migrated legacy-crypto selection options. 
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:49:08 +00:00
Minos Galanakis
a19e07fd14 crypto_config: Migrated crypto-drivers selection options. 
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:38:02 +00:00
Minos Galanakis
626439ae50 crypto_config: Migrated PSA core selection options. 
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:29:30 +00:00
Minos Galanakis
14489499e7 crypto_config: Migrated data format selection options. 
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:29:15 +00:00
Minos Galanakis
45544e0bc3 crypto_config: Migrated cryptographic mechanism selection options. 
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:29:04 +00:00
Minos Galanakis
2056958eb3 crypto_config: Migrated General and test configuration options. 
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:28:51 +00:00
Minos Galanakis
25ae42e677 crypto_config: Migrated Platform options. 
Moved configuration entries in-line with the design proposal.
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-12-04 09:28:23 +00:00
Janos Follath
2761d18c00 Add issue reference for ECP_RESTARTABLE limitations 
Add reference to github issues to give a way for users to track
progress and express interest.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-12-02 13:58:15 +00:00
Janos Follath
745e561d2d Move the psa_init() warnings to _CLI and _SRV 
Now that USA_PSA_CRYPTO is always on, users need to call psa_init() with
all protocol versions.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-12-02 13:22:34 +00:00
Janos Follath
582ecd0ce1 Remove USE_PSA references from X509 documentation 
MBEDTLS_USE_PSA_CRYPTO is now always enabled we need to update the
documentation accordingly.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-12-02 12:53:05 +00:00
Janos Follath
130ece0b6e Remove USE_PSA references from SSL documentation 
MBEDTLS_USE_PSA_CRYPTO is now always enabled we need to update the
documentation accordingly.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-12-02 12:53:05 +00:00
Janos Follath
277bba89fb Remove USE_PSA references from config documentation 
MBEDTLS_USE_PSA_CRYPTO is now always enabled we need to update the
documentation accordingly.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-12-02 12:52:59 +00:00
Ronald Cron
93ba625b96 Remove MBEDTLS_PSA_CRYPTO_CONFIG configuration option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-11-21 15:52:06 +01:00
Gilles Peskine
0068fceba3 Note the equivalence of two macros, thanks to RSA-PSK removal 
Removing the now-duplicate internal macro is left for future work.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-11-05 15:49:12 +01:00