lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-31 21:50:31 +03:00
Code Activity
31,194 Commits 176 Branches 276 Tags
126cfedba49b51fc96763f67bb7ceee727d6ff51
Commit Graph

2738 Commits

Author SHA1 Message Date
Andrzej Kurek
dcce505a08 Add a missing guard in an example program 
MD variable is not used in builds without MD.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-30 17:56:08 -04:00
Manuel Pégourié-Gonnard
bf22a2500b Merge pull request #6208 from AndrzejKurek/tls-tests-no-md-structured 
Remove the dependency on MD from TLS 1.2 tests
 2022-08-30 12:34:37 +02:00
Manuel Pégourié-Gonnard
a84ce3fa81 Merge pull request #6111 from superna9999/6101-programs-dont-build-with-libtestdriver-and-use-psa 
Programs don't build with libtestdriver and USE_PSA
 2022-08-30 12:29:01 +02:00
Dave Rodgman
c5e0a8a890 Add missing error message 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
64937856e0 Correct order of extended key usage attributes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
18b02d35d6 Remove redundant sig_alg argument 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
2ee7bbd10a Replace some constant values with sizeof 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
5f3f0d06e6 Address minor review comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
ec9f6b4de1 Fix minor compile errors 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Nicholas Wilson
99a96b1c22 Improve programs/cert_write with a way to set the signature digest 
This is useful for generating SHA-1 and MD5 certificates for test
purposes.  I guess RSA-PSS could be added too, but I don't need that
now.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:08:43 +01:00
Nicholas Wilson
8e5bdfbbcf Improve programs/cert_write with a way to set extended key usages 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:08:43 +01:00
Jerry Yu
c5a23a0f12 fix various issues 
- code style
- variable initialize
- update comments


Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-25 11:09:35 +08:00
Andrzej Kurek
cccb044804 Style & formatting fixes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-23 05:26:02 -04:00
Andrzej Kurek
8c95ac4500 Add missing dependencies / alternatives 
A number of places lacked the necessary dependencies on one of
the used features: MD, key exchange with certificate, 
entropy, or ETM.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-08-22 17:46:50 -04:00
Jerry Yu
5d01c05d93 fix various issues 
- wrong typo in comments
- replace psk null check with key_exchange_mode check
- set psk NULL when error return in export hs psk

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-21 12:55:01 +08:00
Jerry Yu
2b7a51ba8f Add psk_or_ephemeral mode and tests 
psk_or_ephemeral exists in theory. This change is for
improving test coverage.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-21 12:51:53 +08:00
Jerry Yu
62c8763de7 Improve macro expansion help message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-11 10:18:36 +08:00
Jerry Yu
08dccc1f75 Improve help message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-08-10 10:02:04 +08:00
Neil Armstrong
9bb8e0d3c5 Fix fuzz_privkey build without MBEDTLS_ENTROPY_C defined 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
 2022-08-08 13:56:13 +02:00
Jerry Yu
2fcb056ea9 Add requires_{any,all}_configs_enabled functions 
- requires_any_configs_enabled
- requires_all_configs_enabled
- requires_any_configs_disabled
- requires_all_configs_disabled

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-31 12:23:39 +08:00
Jan Bruckner
25fdc2addb Fix minor typos 
Signed-off-by: Jan Bruckner <jan@janbruckner.de>
 2022-07-26 10:52:46 +02:00
Jerry Yu
2b4f02d7fb Add new_session_ticket err handler 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-07-20 11:07:29 +08:00
Paul Elliott
7adb8cbc0e Revert "Add generated files for 3.2.0 release" 
This reverts commit cb21f2eab3.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-07-11 18:18:30 +01:00
Paul Elliott
cb21f2eab3 Add generated files for 3.2.0 release 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-07-11 13:56:01 +01:00
Ronald Cron
ce7d76e2ee Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr 2022-07-11 10:22:37 +02:00
Paul Elliott
41aa808a56 Merge pull request #952 from gilles-peskine-arm/stdio_buffering-setbuf 
Turn off stdio buffering with setbuf()
 2022-07-04 10:12:22 +01:00
Ronald Cron
0e39ece23f Merge pull request #5916 from yuhaoth/pr/tls13-refactor-get-sig-alg-from-pk 
Refactor signature algorithm chooser
 2022-07-04 09:10:08 +02:00
Paul Elliott
bae7a1a5a6 Merge pull request #5620 from gstrauss/dn_hints 
Add accessors to config DN hints for cert request
 2022-07-01 17:23:14 +01:00
Paul Elliott
ff15dbab4c Make definition order a bit neater 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-07-01 16:30:08 +01:00
Gilles Peskine
6d576c9646 Call setbuf when reading or writing files: programs 
After opening a file containing sensitive data, call mbedtls_setbuf() to
disable buffering. This way, we don't expose sensitive data to a memory
disclosure vulnerability in a buffer outside our control.

This commit adds a call to mbedtls_setbuf() after each call to fopen(),
but only in sample programs that were calling mbedtls_platform_zeroize().
Don't bother protecting stdio buffers in programs where application buffers
weren't protected.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 17:06:11 +02:00
Jerry Yu
cc5391048e fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:18:30 +08:00
Jerry Yu
202919c23d refine supported sig alg print 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:18:29 +08:00
Jerry Yu
64f410c246 Add tls13 sig alg parameters 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:16:09 +08:00
Jerry Yu
a1255e6b8c fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:16:09 +08:00
Jerry Yu
9bb3ee436b Revert rsa_pss_rsae_* support for tls12 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:16:08 +08:00
Jerry Yu
3896ac6e5b fix ordered sig algs fail for openssl 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:16:06 +08:00
Jerry Yu
9f4cc5ff65 Add pss_rsae sig algs into test conf 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-06-29 16:13:41 +08:00
Glenn Strauss
bd10c4e2af Test accessors to config DN hints for cert request 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-06-29 02:54:28 -04:00
Gilles Peskine
0ff241a1ea Remove largely useless bit of test log to silence GCC 12 
GCC 12 emits a warning because it thinks `buffer1` is used after having been
freed. The code is correct C because we're only using the value of
`(uintptr_t)buffer1`, not `buffer1`. However, we aren't using the value for
anything useful: it doesn't really matter if an alloc-free-alloc sequence
returns the same address twice. So don't print that bit of information, and
this way we don't need to save the old address.

Fixes #5974.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-25 14:29:23 +02:00
Ronald Cron
ba65fbbe30 Fix comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-22 17:36:12 +02:00
Ronald Cron
903c979376 programs: ssl: Add one RSA PSS signature algorithm 
Add one RSA PSS signature algorithm to the
test list of signature algorithms. This allows
certificate chains exposing an RSA key with
signatures using SHA-1 to be used in tests
where an TLS 1.3 handshake is performed.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-06-17 08:45:30 +02:00
Ronald Cron
4ccd226cbf Merge pull request #5864 from xkqian/tls13_add_comprehensive_cases 
Tls13 add comprehensive cases
 2022-06-15 09:18:11 +02:00
Gilles Peskine
f940693960 Merge pull request #5725 from tom-daubney-arm/x25519_program 
Rewrite x25519 example program
 2022-05-31 11:27:22 +02:00
XiaokangQian
d5d5b60c07 Add comprehensive test cases for TLS1.3 server side 
Change-Id: I544cb12b3ffe5edd7d59fa54342ca7db5b5c8a2a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-05-31 02:51:26 +00:00
Thomas Daubney
413550c529 Change memcmp call 
Previous call used sizeof() function which is not needed.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-05-23 16:11:31 +01:00
Pol Henarejos
7dbd5d1760 Add self tests (taken from #1549). 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-05-20 20:42:33 +02:00
Pol Henarejos
ebb3640ada Added SHA3 to benchmark. 
Taken from #1549, as it is closed.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
 2022-05-20 20:07:40 +02:00
Thomas Daubney
70c0088239 Change use of olen variables 
Removed olen variable in favour of storing olens for
client and server separately.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-05-20 18:46:10 +01:00
bootstrap-prime
6dbbf44d78 Fix typos in documentation and constants with typo finding tool 
Signed-off-by: bootstrap-prime <bootstrap.prime@gmail.com>
 2022-05-18 14:15:33 -04:00
Thomas Daubney
306a89094a Add additional error checking 
Initialise client and server secret buffers and check their
lengths.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2022-05-18 15:26:39 +01:00