1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-05 19:01:12 +03:00
Commit Graph

222 Commits

Author SHA1 Message Date
5b84ae14e9 Replace __attribute__((nonstring)) with macro MBEDTLS_ATTRIBUTE_UNTERMINATED_STRING
This macro applies __attribute__((nonstring)) when using a compiler that supports it

Signed-off-by: Felix Conway <felix.conway@arm.com>
2025-06-20 11:48:16 +01:00
79b513894a Add __attribute__ ((nonstring)) to remove unterminated-string-initialization warning
Signed-off-by: Felix Conway <felix.conway@arm.com>
2025-06-20 11:48:16 +01:00
dba07e152e Add missing ifdef for mbedtls_ssl_tls13_exporter
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
2025-04-16 14:48:14 +02:00
af2035fcad Fix mistake in previous comment change
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
2025-03-28 17:08:12 +01:00
ee33b31f0b Fix HkdfLabel comment
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
2025-03-28 17:08:12 +01:00
5826883ca5 Allow maximum label length in Hkdf-Expand-Label
Previously, the length of the label was limited to the maximal length
that would be used in the TLS 1.3 key schedule. With the keying material
exporter, labels of up to 249 bytes may be used.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
2025-03-28 17:08:12 +01:00
28916ac8fe Increase allowed output size of HKDF-Expand-Label
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
2025-03-28 17:06:48 +01:00
7b72220d42 Fix coding style
Signed-off-by: Max Fillinger <max@max-fillinger.net>
2025-03-28 16:53:58 +01:00
334c367052 Simplify mbedtls_ssl_tls13_exporter
RFC 8446 made it look like we can't use Derive-Secret for the second
step, but actually, Transcript-Hash and Hash are the same thing, so we
can.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
2025-03-28 16:53:57 +01:00
bd81c9d0f7 Implement TLS-Exporter feature
The TLS-Exporter is a function to derive shared symmetric keys for the
server and client from the secrets generated during the handshake.
It is defined in RFC 8446, Section 7.5 for TLS 1.3 and in RFC 5705 for
TLS 1.2.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
2025-03-28 16:53:57 +01:00
0b44a81f07 Rm dead !USE_PSA code: ssl_tls13*.c part 2
The one expression that was apparently too much for unifdef

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2025-01-28 16:15:40 +01:00
855f5bf244 Rm dead !USE_PSA code: ssl_tls13_xxx (part 1)
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls13*.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2025-01-28 16:15:29 +01:00
80963c64eb Move hkdf.h to tf-psa-crypto
Move hkdf.h to tf-psa-crypto as
hkdf.c was.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-12-04 14:25:02 +01:00
0f6bc41a22 Update includes for each library file
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
2024-10-09 11:18:50 +01:00
32c28cebb4 Merge pull request #8715 from valeriosetti/issue7964
Remove all internal functions from public headers
2024-02-05 15:09:15 +00:00
b4f5076270 debug: move internal functions declarations to an internal header file
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-18 15:30:46 +01:00
384fbde49a library/tests: replace md_psa.h with psa_util.h as include file for MD conversion
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 13:27:32 +01:00
8860021abc Fix false claim of variables used unitialised
GCC with TSan + O3 causes an error where it claims key_len and iv_len
may be used uninitialised. This is, as far as I can tell incorrect (the
only way it could not be set is in the error case, and then it is not
used), however the simplest option seemed to be just to fix it.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2023-12-18 14:49:34 +00:00
ce38adb731 Fix header in ssl_tls13_keys.c
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 10:29:25 +00:00
16799db69a update headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
56e9011bde Add casting size_t to int
Signed-off-by: Mehmet Cagri Aksoy <mcagriaksoy@yandex.com>
2023-10-11 15:28:06 +02:00
66f9b3f810 Add casting size_t to int
Signed-off-by: Mehmet Cagri Aksoy <mcagriaksoy@yandex.com>
2023-10-11 15:26:23 +02:00
2eab462a8c Fix IAR warnings
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-10-05 13:30:37 +01:00
ca8c61b815 Provide and use internal function mbedtls_zeroize_and_free()
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-17 15:17:40 +01:00
461d59b2f8 Merge pull request #7858 from mprse/ffdh_tls13_v2_f
Make use of FFDH keys in TLS 1.3 - follow-up
2023-07-07 16:19:35 +02:00
3d0c8255aa Merge pull request #7825 from daverodgman/cipher_wrap_size
Cipher wrap size improvement
2023-07-05 15:45:48 +01:00
7ac93bea8c Adapt names: dh -> xxdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:26:26 +02:00
d5f79e7297 Adapt functions names for ffdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:26:26 +02:00
6f199859b6 Adapt handshake fields to ffdh
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-07-05 09:25:00 +02:00
56b159a12a Merge pull request #7627 from mprse/ffdh_tls13_v2
Make use of FFDH keys in TLS 1.3 v.2
2023-07-03 10:12:33 +02:00
ef2f3697ec Fix direct reference to cipher_info->key_bitlen
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-06-24 17:31:08 +01:00
1e4a030b00 Fix wrong array size calculation in error translation code
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-13 05:46:47 -04:00
0064484a70 Optimize error translation code size
Introducing an intermediate function
saves code size that's otherwise taken by excessive,
repeated arguments in each place that
was translating errors.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-06-13 05:46:46 -04:00
75a5a9c205 Code cleanup
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-13 09:57:23 +02:00
c89f3ea9f2 Add support for FFDH in TLS 1.3
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-06-06 12:31:08 +02:00
02b10d8266 Add missing include
Fix build failures with config full

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
1f2a587cdf Use actual function instead of static inline
Large static inline functions used from several translation units in the
library are bad for code size as we end up with multiple copies. Use the
actual function instead. There's already a comment that says so.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
2d6d993662 Use MD<->PSA functions from MD light
As usual, just a search-and-replace plus:

1. Removing things from hash_info.[ch]
2. Adding new auto-enable MD_LIGHT in build-info.h
3. Including md_psa.h where needed

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-06-06 10:33:54 +02:00
123cde824c Improve code styles(line numbers) for tls13_key.c
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-04-10 08:27:51 +00:00
080a22ba75 ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-22 10:48:34 +01:00
0c8ec3983e ssl_tls: fix proper guards for accelerated ECDH
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-03-22 10:48:34 +01:00
8a045ce5e6 Unify PSA to Mbed TLS error translation
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2023-03-03 05:23:44 -05:00
70341c17b7 Merge pull request #6773 from yanrayw/6675-change-early_secrets-to-local
TLS 1.3: Key Generation: Change tls13_early_secrets to local variable
2023-02-14 09:03:32 +01:00
6b980011e5 Replace session_negotiate->ciphersuite with handshake->ciphersuite_info->id
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-02-08 05:47:48 +00:00
f206c1493b Remove duplicate mbedtls_platform_zeroize for tls13_early_secrets
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-02-03 13:55:47 +08:00
a12cecbe47 Modify some comments in ssl_tls13_keys.c
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-02-01 14:29:51 +08:00
ef5ec8f5ba Rename static functions in ssl_tls13_keys.c
As some static functions are only used inside ssl_tls13_keys.c,
the prefix mbedtls_ should be removed. Furthermore, code format is
also maintained to fix code style.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-01-12 15:11:03 +08:00
0540211078 Enhancement: change some functions to static in ssl_tls13_keys.c
Since some functions are only used in ssl_tls13_keys.c not by any
other modules, those functions are changed to static.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-01-12 14:54:26 +08:00
16c895dff3 TLS1.3: zeroize tls13_early_secrets after its lifetime
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-01-12 14:27:06 +08:00
bae9e74d39 Enhancement: change tls13_early_secrets to local variable
Since tls13_early_secrets is only temperately used in the function,
there is no need to keep it in the handshake context.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
2023-01-12 14:27:06 +08:00