lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity
31,650 Commits 176 Branches 276 Tags
514e62c8332fb1121d98a7215b99f9d87d9173f2
Commit Graph

141 Commits

Author SHA1 Message Date
Michael Schuster
0420093795 Adjust spacing in sample programs 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-09 10:29:58 +01:00
Michael Schuster
8db8d6182f Fix missing-prototype errors in sample programs 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-09 10:29:58 +01:00
Elena Uziunaite
0916cd702f Replace MBEDTLS_MD_CAN_SHA256 with PSA_WANT_ALG_SHA_256 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-11 11:13:35 +03:00
Valerio Setti
e35117640d cert_[req/write]: add MD_C dependency 
Both programs use mbedtls_md_info_from_string() which is only
available as long as MBEDTLS_MD_C is enabled.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-22 16:28:23 +01:00
Tom Cosgrove
656d4b3c74 Avoid use of ip_len as it clashes with a macro in AIX system headers 
Fixes #8624

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-12-08 21:51:15 +00:00
Dave Rodgman
16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
David Horstmann
4a493b267f Reword error message on format of SAN arguments 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-17 14:57:23 +01:00
Waleed Elmelegy
5867465e90 Fix code style issue in cert_write program 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-13 10:03:12 +01:00
Waleed Elmelegy
1444c0eb20 Add changelog entry for x509 cert_write null dereference fix 
Also fix a typo in cert_write.c

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-12 14:31:06 +01:00
Waleed Elmelegy
476c1198e8 Fix possible NULL dereference issue in X509 cert_write program 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-12 14:19:25 +01:00
Pengyu Lv
b078607f04 cert_write: Support write any for extended key usage 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-07-04 17:30:21 +08:00
Andrzej Kurek
cd17ecfe85 Use better IP parsing in x509 programs 
Remove unnecessary duplicated code.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-07 08:50:05 -04:00
Andrzej Kurek
f994bc51ad Refactor code in cert_write.c 
This way is more robust.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-02 05:10:17 -04:00
Andrzej Kurek
5eebfb8fd0 Enable escaping ';' in cert_write.c SANs 
This might get used in URIs.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
446e53d401 Fix a code style issue 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
f70f460e5f Fix temporary IP parsing error 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
ed557930bb Update ip_string_to_bytes to cert_req version 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
5da1d751e9 Add missing memory deallocation 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
1bc7df2540 Add documentation and a changelog entry 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
ccdd975286 Add a certificate exercising all supported SAN types 
This will be used for comparison in unit tests.
Add a possibility to write certificates with SAN
in cert_write.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 11:45:36 -04:00
Przemek Stekiel
758aef60c5 Add guards for mbedtls_psa_crypto_free() 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-04-24 08:10:01 +02:00
Przemek Stekiel
a8c560a799 Free psa crypto at the end of programs when initialized 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-04-19 10:15:26 +02:00
Przemek Stekiel
a0a1c1eab5 Move psa_crypto_init() after other init calls 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-04-17 11:10:05 +02:00
Przemek Stekiel
89c636e6cf Init PSA in ssl and x509 programs 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-04-16 22:41:52 +02:00
Andrzej Kurek
0af32483f3 Change the format of md.h include comments 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-07 03:10:28 -04:00
Andrzej Kurek
316b7dd19c Add a justification for early md.h include in programs 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-05 14:44:38 -04:00
Andrzej Kurek
eaea30d30e Remove duplicated md.h includes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-05 14:36:51 -04:00
Andrzej Kurek
1b75e5f784 Add missing md.h includes 
MBEDTLS_MD_CAN_SHAXXX are defined there.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-04 09:55:06 -04:00
Manuel Pégourié-Gonnard
93302422fd Fix instances of old feature macros being used 
sed -i -f md.sed include/mbedtls/ssl.h library/hmac_drbg.c programs/pkey/*.c programs/x509/*.c tests/scripts/generate_pkcs7_tests.py tests/suites/test_suite_random.data

Then manually revert programs/pkey/ecdsa.c as it's using a low-level
hash API.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-24 10:43:40 +01:00
Dave Rodgman
94c9c96c94 Merge pull request #6998 from aditya-deshpande-arm/fix-example-programs-usage 
Fix incorrect dispatch to USAGE in example programs, which causes uninitialized memory to be used
 2023-02-06 09:53:50 +00:00
Aditya Deshpande
644a5c0b2b Fix bugs in example programs: change argc == 0 to argc < 2 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-01-30 16:48:13 +00:00
Valerio Setti
af4815c6a4 x509: replace/fix name of new function for setting serial 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-01-26 17:43:09 +01:00
Valerio Setti
48fdbb3940 programs: cert_write: fixed bug in parsing dec serial 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:45 +01:00
Valerio Setti
791bbe629d programs: improved cert_write serial management 
Now it can accept serial both as decimal and hex number (only one format
at a time, of course, not simultaneously).

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:45 +01:00
Valerio Setti
acf12fb744 x509: fix endianness and input data format for x509write_crt_set_serial_new 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:44 +01:00
Valerio Setti
5d164c4e23 fix: add missing deprecation guards 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:44 +01:00
Valerio Setti
da0afcc2fb x509: remove direct dependency from BIGNUM_C 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:44 +01:00
Gilles Peskine
449bd8303e Switch to the new code style 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-01-11 14:50:10 +01:00
Tom Cosgrove
1797b05602 Fix typos prior to release 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-12-04 17:19:59 +00:00
Dave Rodgman
55fd0b9fc1 Merge pull request #6121 from daverodgman/pr277 
cert_write - add a way to set extended key usages - rebase
 2022-10-31 13:27:49 +00:00
Dave Rodgman
66e05505b6 Support generating DER format certificates 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-10-27 17:41:40 +01:00
Gilles Peskine
945b23c46f Include platform.h unconditionally: automatic part 
We used to include platform.h only when MBEDTLS_PLATFORM_C was enabled, and
to define ad hoc replacements for mbedtls_xxx functions on a case-by-case
basis when MBEDTLS_PLATFORM_C was disabled. The only reason for this
complication was to allow building individual source modules without copying
platform.h. This is not something we support or recommend anymore, so get
rid of the complication: include platform.h unconditionally.

There should be no change in behavior since just including the header should
not change the behavior of a program.

This commit replaces most occurrences of conditional inclusion of
platform.h, using the following code:

```
perl -i -0777 -pe 's!#if.*\n#include "mbedtls/platform.h"\n(#else.*\n(#define (mbedtls|MBEDTLS)_.*\n|#include <(stdarg|stddef|stdio|stdlib|string|time)\.h>\n)*)?#endif.*!#include "mbedtls/platform.h"!mg' $(git grep -l '#include "mbedtls/platform.h"')
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-09-15 20:33:07 +02:00
Dave Rodgman
1577c548d1 Use NULL instead of 0 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-09-09 10:22:15 +01:00
Dave Rodgman
c5e0a8a890 Add missing error message 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
64937856e0 Correct order of extended key usage attributes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
18b02d35d6 Remove redundant sig_alg argument 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
2ee7bbd10a Replace some constant values with sizeof 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
5f3f0d06e6 Address minor review comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Dave Rodgman
ec9f6b4de1 Fix minor compile errors 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:25:45 +01:00
Nicholas Wilson
99a96b1c22 Improve programs/cert_write with a way to set the signature digest 
This is useful for generating SHA-1 and MD5 certificates for test
purposes.  I guess RSA-PSS could be added too, but I don't need that
now.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-08-30 10:08:43 +01:00