mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-04 08:22:09 +03:00

Author	SHA1	Message	Date
Ben Taylor	4bb98be277	initial remove of MBEDTLS_USE_PSA_CRYPTO Signed-off-by: Ben Taylor <ben.taylor@linaro.org>	2025-07-30 07:55:13 +01:00
Manuel Pégourié-Gonnard	6b8f517e4d	Avoid a useless copy in cert_{req,write} I'm just trying to have a shorter name to avoid repeating a long expression. This is a job for a pointer, not copying a struct. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-05-21 11:53:59 +02:00
Manuel Pégourié-Gonnard	bb8c0aba74	Add comment on apparent type mismatch Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-05-21 11:53:59 +02:00
Manuel Pégourié-Gonnard	8de781d99d	Remove redundant free loop This version is incomplete. I failed to noticed it when adding a more complete version, making the existing one redundant. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-05-21 11:53:59 +02:00
Manuel Pégourié-Gonnard	b095862722	Fix memory leak in cert_write & cert_req That memory leak had been present ever since the san command-line argument has been added. Tested that the following invocation is now fully valgrind clean: programs/x509/cert_write san=DN:C=NL,CN=#0000,CN=foo;DN:CN=#0000,O=foo,OU=bar,C=UK;IP:1.2.3.4;IP:4.3.2.1;URI:http\\://example.org/;URI:foo;DNS:foo.example.org;DNS:bar.example.org Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-05-12 12:34:11 +02:00
Manuel Pégourié-Gonnard	6b1147993c	Fix runtime error in cert_write & cert_req The runtime error was introduced two commits ago (while avoiding a use-after-free). Now the programs run cleanly but still leak memory. The memory leak is long pre-existing and larger than just DN components (which are made temporarily slightly worse by this commit) and will be fixed properly in the next commit. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-05-12 12:34:11 +02:00
Ben Taylor	47111a1cb1	initial remove of mbedtls_ssl_conf_rng Signed-off-by: Ben Taylor <ben.taylor@linaro.org>	2025-03-26 13:32:10 +00:00
Ben Taylor	440cb2aac2	Remove RNG from x509 and PK remove the f_rng and p_rng parameter from x509 and PK. Signed-off-by: Ben Taylor <ben.taylor@linaro.org>	2025-03-26 08:17:38 +00:00
Felix Conway	998760ae5d	Define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS in every sample program Add #define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS to every sample program before the first include so that mbedtls doesn't break with future privatization work. Signed-off-by: Felix Conway <felix.conway@arm.com>	2025-03-24 11:37:33 +00:00
Ronald Cron	5096b4cb4b	Revert "Remove mbedtls_test" This reverts commit `939ce9d0d5`. Build mbedtls_test library of objects to link with TLS and x509 test suites and programs with mbedtls framework not TF-PSA-Crypto one (when it will be there). Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-12-10 16:56:49 +01:00
Ronald Cron	6924564970	Move back timing.c to mbedtls Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-12-04 14:25:02 +01:00
David Horstmann	5b93d97b95	Update references to test helpers Replace: * tests/src -> framework/tests/src * tests/include -> framework/tests/include Except for occurrences of: * tests/src/test_helpers (since this only contains ssl_helpers.c) * tests/src/test_certs.h * tests/include/alt_dummy Signed-off-by: David Horstmann <david.horstmann@arm.com>	2024-11-18 15:50:44 +00:00
Ronald Cron	939ce9d0d5	Remove mbedtls_test Use tf_psa_crypto_test instead. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-11-14 13:52:36 +01:00
Ronald Cron	b2478989e2	cmake: GNU GCC: Set base compile options target by target Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-10-25 18:09:33 +02:00
Gilles Peskine	5dab92ee4e	CMake: support "make programs" Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-09-14 12:19:19 +02:00
Elena Uziunaite	9fc5be09cb	Replace MBEDTLS_MD_CAN_SHA1 with PSA_WANT_ALG_SHA_1 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-09-04 18:12:59 +01:00
Michael Schuster	0420093795	Adjust spacing in sample programs Signed-off-by: Michael Schuster <michael@schuster.ms>	2024-08-09 10:29:58 +01:00
Michael Schuster	8db8d6182f	Fix missing-prototype errors in sample programs Signed-off-by: Michael Schuster <michael@schuster.ms>	2024-08-09 10:29:58 +01:00
Elena Uziunaite	0916cd702f	Replace MBEDTLS_MD_CAN_SHA256 with PSA_WANT_ALG_SHA_256 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-11 11:13:35 +03:00
Gilles Peskine	3ea9450463	Merge pull request #8734 from valeriosetti/issue8564 Add test for driver-only HMAC	2024-02-14 13:43:40 +00:00
Paul Elliott	7fd162ec26	Refactor common PThreads CMake code Move the flags and find of Threads to root CMakeLists.txt, rather than duplicate these everywhere. Make explicit linking of library with PThreads use the same mechanism. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-24 18:05:53 +00:00
Valerio Setti	e35117640d	cert_[req/write]: add MD_C dependency Both programs use mbedtls_md_info_from_string() which is only available as long as MBEDTLS_MD_C is enabled. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-22 16:28:23 +01:00
Paul Elliott	85ea3e623b	Set preferences before finding Threads in CMake Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-19 15:57:22 +00:00
Paul Elliott	4068c7e47c	Link programs with pthread via cmake All programs are now linked directly with all test code, thus adding a pthread abstraction into the test code means having to link the programs with pthread (if the library is found under cmake). Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-05 21:04:52 +00:00
Tom Cosgrove	656d4b3c74	Avoid use of `ip_len` as it clashes with a macro in AIX system headers Fixes #8624 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-12-08 21:51:15 +00:00
Dave Rodgman	f8be5f6ade	Fix overlooked files Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-02 20:43:00 +00:00
Dave Rodgman	16799db69a	update headers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-02 19:47:20 +00:00
Gilles Peskine	62418dd20b	Merge pull request #8350 from waleed-elmelegy-arm/fix-null-dereference-in-x509-cert-write Fix possible NULL dereference issue in X509 cert_write program	2023-10-18 10:03:36 +00:00
David Horstmann	9534dfd15b	Reword error message on format of SAN arguments Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-10-17 14:59:31 +01:00
David Horstmann	4a493b267f	Reword error message on format of SAN arguments Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-10-17 14:57:23 +01:00
Waleed Elmelegy	5867465e90	Fix code style issue in cert_write program Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-10-13 10:03:12 +01:00
Waleed Elmelegy	eade3fedb2	Fix code style issue in cert_req program Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-10-13 09:59:19 +01:00
Waleed Elmelegy	ac97af223e	Fix possible NULL dereference issue in X509 cert_req program Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-10-12 15:46:06 +01:00
Waleed Elmelegy	1444c0eb20	Add changelog entry for x509 cert_write null dereference fix Also fix a typo in cert_write.c Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-10-12 14:31:06 +01:00
Waleed Elmelegy	476c1198e8	Fix possible NULL dereference issue in X509 cert_write program Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-10-12 14:19:25 +01:00
Gilles Peskine	dbd13c3689	Merge pull request #7662 from lpy4105/issue/renew_cert_2027-01-01 Updating crt/crl files due to expiry before 2027-01-01	2023-08-17 15:38:35 +00:00
Andrzej Kurek	312b6df38a	Add a missing guard in cert_req.c IP parsing requires x509_CRT_PARSE_C Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-07-10 08:45:30 -04:00
Andrzej Kurek	6bc7a38683	Support more SAN subtypes in cert_req.c Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-07-07 05:13:13 -04:00
Pengyu Lv	b078607f04	cert_write: Support write any for extended key usage Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-07-04 17:30:21 +08:00
Andrzej Kurek	0624e460fb	Add a guard for IP parsing in cert_req app Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-07 08:54:35 -04:00
Andrzej Kurek	cd17ecfe85	Use better IP parsing in x509 programs Remove unnecessary duplicated code. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-07 08:50:05 -04:00
Andrzej Kurek	f994bc51ad	Refactor code in cert_write.c This way is more robust. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-02 05:10:17 -04:00
Andrzej Kurek	5eebfb8fd0	Enable escaping ';' in cert_write.c SANs This might get used in URIs. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	446e53d401	Fix a code style issue Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	f70f460e5f	Fix temporary IP parsing error Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	ed557930bb	Update ip_string_to_bytes to cert_req version Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	5da1d751e9	Add missing memory deallocation Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	1bc7df2540	Add documentation and a changelog entry Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Andrzej Kurek	ccdd975286	Add a certificate exercising all supported SAN types This will be used for comparison in unit tests. Add a possibility to write certificates with SAN in cert_write. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 11:45:36 -04:00
Przemek Stekiel	758aef60c5	Add guards for mbedtls_psa_crypto_free() Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-24 08:10:01 +02:00

1 2 3 4 5 ...

299 Commits