mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-19 01:04:04 +03:00

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	28f8e205eb	Merge pull request #9872 from rojer/tls_hs_defrag_in Defragment incoming TLS handshake messages	2025-02-24 09:28:11 +01:00
Harry Ramsey	2547ae9fcc	Move SSL macro checks from TF-PSA-Crypto to Mbed TLS This commit moves macro checks specifically for Mbed TLS from TF-PSA-Crypto to Mbed TLS where they more approriately belong. Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>	2025-01-31 13:58:43 +00:00
Manuel Pégourié-Gonnard	072c98eb75	Remove empty #if #endif block Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-29 10:40:15 +01:00
Manuel Pégourié-Gonnard	53fe26c5ad	Update a function's doxygen There was two versions of this function with different arguments. Update the documentation to match the signature of the function we kept. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-28 16:44:15 +01:00
Manuel Pégourié-Gonnard	615914b5ac	Rm dead !USE_PSA code: SSL headers (part 2) Expression that are too complex for unifdef - please review carefully :) Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-28 16:15:14 +01:00
Manuel Pégourié-Gonnard	11ae619e77	Rm dead !USE_PSA code: SSL headers (part 1) unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl*.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-28 16:15:04 +01:00
Deomid rojer Ryabkov	3dfe75e115	Remove mbedtls_ssl_reset_in_out_pointers Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>	2025-01-26 11:12:21 +02:00
Manuel Pégourié-Gonnard	6402c35eca	Remove internal helper mbedtls_ssl_get_groups() Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-14 12:23:56 +01:00
Manuel Pégourié-Gonnard	6b720161ca	Remove mbedtls_ssl_conf::curve_list Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-14 12:17:20 +01:00
Deomid rojer Ryabkov	ac2cf1f26c	Defragment incoming TLS handshake messages Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>	2024-12-25 14:34:17 +02:00
Ronald Cron	51f228cc1b	Switch to actual TF-PSA-Crypto build_info.h Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-12-11 22:32:45 +01:00
Harry Ramsey	fb6cea508f	Remove duplicate mbedtls/build_info.h include This commit removes duplicate includes for mbedtls/build_info.h where the file already includes common.h. Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>	2024-10-14 08:41:31 +01:00
Harry Ramsey	e8e23fb519	Include ssl_misc.h for additional SSL helper files This commit replaces #include "common.h" in favour of #include "ssl_misc.h". Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>	2024-10-11 12:21:30 +01:00
Harry Ramsey	0f6bc41a22	Update includes for each library file Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>	2024-10-09 11:18:50 +01:00
Elena Uziunaite	a6950b8ce7	Replace MBEDTLS_PK_CAN_ECDSA_SOME with PSA_HAVE_ALG_SOME_ECDSA Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-09-09 11:17:36 +01:00
Elena Uziunaite	9fc5be09cb	Replace MBEDTLS_MD_CAN_SHA1 with PSA_WANT_ALG_SHA_1 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-09-04 18:12:59 +01:00
David Horstmann	1d98d9d861	Merge pull request #9526 from mpg/refactor-tls123-verif-dev Refactor tls123 verif dev	2024-09-03 15:29:10 +00:00
Manuel Pégourié-Gonnard	9e3e991d04	Fix typos in comments Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2024-09-02 12:46:03 +02:00
Manuel Pégourié-Gonnard	19dd9f59bc	Merge 1.2 and 1.3 certificate verification Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2024-09-02 12:46:03 +02:00
Manuel Pégourié-Gonnard	7a4aa4d133	Make mbedtls_ssl_check_cert_usage() work for 1.3 Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2024-09-02 12:46:03 +02:00
Manuel Pégourié-Gonnard	94f70228e9	Clean up mbedtls_ssl_check_cert_usage() Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2024-09-02 12:46:03 +02:00
Gabor Mezei	c15ef93aa5	Replace `MBEDTLS_MD_CAN_SHA512` with `PSA_WANT_ALG_SHA_512` Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-08-28 18:20:25 +02:00
Elena Uziunaite	da41b60cef	Replace MBEDTLS_SSL_HAVE_CAMELLIA with PSA_WANT_KEY_TYPE_CAMELLIA Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-08-13 09:58:00 +01:00
Gilles Peskine	0858fdca38	Merge pull request #9189 from misch7/fix-v3.6-issues-9186-and-9188 Fix build of v3.6 (issues #9186 and #9188)	2024-08-12 09:34:17 +00:00
Michael Schuster	4394067071	Fix server mode only build of v3.6 with MBEDTLS_SSL_CLI_C unset (fixes #9186 ) Signed-off-by: Michael Schuster <michael@schuster.ms>	2024-08-09 10:27:44 +01:00
Gilles Peskine	e1171bd26f	Merge pull request #9361 from eleuzi01/replace-key-aria Replace MBEDTLS_SSL_HAVE_ARIA with PSA_WANT_KEY_TYPE_ARIA	2024-08-08 15:41:01 +00:00
Elena Uziunaite	51c85a0296	Replace MBEDTLS_SSL_HAVE_ARIA with PSA_WANT_KEY_TYPE_ARIA Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-08-07 11:33:14 +01:00
Elena Uziunaite	8dde3b3dec	Replace MBEDTLS_PK_HAVE_ECC_KEYS with PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-08-05 15:41:58 +01:00
Elena Uziunaite	74342c7c2b	Replace MBEDTLS_SSL_HAVE_CBC with PSA_WANT_ALG_CBC_NO_PADDING Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-31 16:19:15 +01:00
Elena Uziunaite	6121a344dd	Replace MBEDTLS_SSL_HAVE_AES with PSA_WANT_KEY_TYPE_AES Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-30 18:42:19 +01:00
Elena Uziunaite	b66a991f04	Replace MBEDTLS_MD_CAN_MD5 with PSA_WANT_ALG_MD5 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-18 14:31:59 +03:00
Elena Uziunaite	0916cd702f	Replace MBEDTLS_MD_CAN_SHA256 with PSA_WANT_ALG_SHA_256 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-11 11:13:35 +03:00
Ronald Cron	2cf41a273e	Merge pull request #9171 from eleuzi01/replace-mbedtls-md-can-sha384 Replace MBEDTLS_MD_CAN_SHA384 with PSA_WANT_ALG_SHA_384	2024-07-04 08:56:52 +00:00
Elena Uziunaite	b476d4bf21	Replace MBEDTLS_MD_CAN_SHA384 with PSA_WANT_ALG_SHA_384 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-03 10:20:41 +01:00
Elena Uziunaite	fcc9afaf9d	Replace MBEDTLS_MD_CAN_SHA224 with PSA_WANT_ALG_SHA_224 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-02 11:08:04 +01:00
Waleed Elmelegy	5bc5263b2c	Add code improvments and refactoring in dealing with ALPN Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	883f77cb08	Add mbedtls_ssl_session_set_alpn() function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Ronald Cron	fd4c0c8b3d	tls13: cli: Fix comment Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-12 17:48:18 +01:00
Ronald Cron	aa3593141b	tls13: cli: Move definition of MBEDTLS_SSL_EARLY_DATA_STATE_xyz Move definition of MBEDTLS_SSL_EARLY_DATA_STATE_xyz from ssl.h(public) to ssl_misc.h(private) even if that means we cannot use the enum type for early_data_state in ssl.h. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-12 17:48:18 +01:00
Ronald Cron	8571804382	tls13: srv: Enforce maximum size of early data Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 09:29:09 +01:00
Ronald Cron	d6d32b9210	tls13: Improve declaration and doc of early data status Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-15 17:19:14 +01:00
Ronald Cron	b9a9b1f5a5	tls13: Fix/Improve comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-15 17:19:14 +01:00
Ronald Cron	5fbd27055d	tls13: Use a flag not a counter for CCS and HRR handling Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-15 17:19:02 +01:00
Ronald Cron	90e223364c	tls13: cli: Refine early data status The main purpose of the change is to know from the status, at any point in the handshake, if early data can be sent or not and why. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	fe59ff794d	tls13: Send dummy CCS only once Fix cases where the client was sending two CCS, no harm but better to send only one. Prevent to send even more CCS when early data are involved without having to add conditional state transitions. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Manuel Pégourié-Gonnard	32c28cebb4	Merge pull request #8715 from valeriosetti/issue7964 Remove all internal functions from public headers	2024-02-05 15:09:15 +00:00
Ronald Cron	78a38f607c	tls13: srv: Do not use early_data_status Due to the scope reduction for mbedtls_ssl_read_early_data(), on server as early data state variable we now only need a flag in the handshake context indicating if the server has accepted early data or not. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-01 20:10:35 +01:00
Ronald Cron	3b9034544e	Revert "tls13: Introduce early_data_state SSL context field" This reverts commit 0883b8b625a5531f2fc8a61b6b0417f00f76f91e. Due to the scope reduction of mbedtls_ssl_read_early_data() it is not necessary anymore to refine the usage of early_data_status/state rather the opposite. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-01 20:03:57 +01:00
Ronald Cron	0883b8b625	tls13: Introduce early_data_state SSL context field Introduce early_data_state SSL context field to distinguish better this internal state from the status values defined for the mbedtls_ssl_get_early_data_status() API. Distinguish also between the client and server states. Note that the client state are going to be documented and reworked as part of the implementation of mbedtls_ssl_write_early_data(). Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-01 16:45:04 +01:00
Ronald Cron	5d0ae9021f	tls13: srv: Refine early data status The main purpose is to know from the status if early data can be received of not and why. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-01 16:40:47 +01:00

1 2 3 4 5 ...

556 Commits