lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity
28,537 Commits 174 Branches 272 Tags
981ec147448829de901b75d1756867506ee42a1a
Commit Graph

28537 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pengyu Lv
829dd2048a ssl: use MBEDTLS_SSL_HAVE_* in ssl_ciphersuites.c 
Mainly done by the commands, with some manual adjust.

```
sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c
```

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 12:01:26 +08:00
Pengyu Lv
f1b86b088f ssl: add macro to indicate CBC mode is available 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 11:28:42 +08:00
Pengyu Lv
e870cc8c86 ssl: add macro for available key types 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 11:28:36 +08:00
Yanray Wang
7b320fa7c9 ssl-opt.sh: fix typo 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 10:33:32 +08:00
Pengyu Lv
fe03a4071b ssl_helper: fix missin initialization of cli_log_obj 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-08 10:30:48 +08:00
Yanray Wang
8636d471b3 config-tfm.h: License Change 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-08 10:07:03 +08:00
Yanray Wang
30769696e7 Merge remote-tracking branch 'origin/development' into adjust_tfm_configs 2023-11-08 10:00:24 +08:00
Matthias Schulz
c55b500343 Changed notes in x509_csr.h to better describe the behavior of mbedtls_x509_csr_parse_der and mbedtls_x509_csr_parse_der_with_ext_cb. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-07 16:47:37 +01:00
Matthias Schulz
e92f6dcf5c New test cases requested in https://github.com/Mbed-TLS/mbedtls/pull/8378#discussion_r1383779861 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-07 15:16:35 +01:00
Tom Cosgrove
53199b1c0a Merge pull request #6720 from yuhaoth/pr/tls13-early-data-receive-0_rtt-and-eoed 
TLS 1.3: EarlyData SRV: Write early data extension  in EncryptedExtension
 2023-11-07 13:59:13 +00:00
Dave Rodgman
7604915cce Update Changelog with bugfix entry 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-07 12:33:17 +00:00
Yanray Wang
4995e0c31b cipher.c: return error for ECB-decrypt under BLOCK_CIPHER_NO_DECRYPT 
- fix remaining dependency in test_suite_psa_crypto.data

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 17:51:32 +08:00
Tom Cosgrove
4122c16abd Merge pull request #6945 from lpy4105/issue/6935/ticket_flags-kex-mode-determination 
TLS 1.3: SRV: Check ticket_flags on kex mode determination when resumption
 2023-11-07 09:26:21 +00:00
Jerry Yu
7cca7f6820 move ext print to the end of write client hello 
pre_shared_key extension is done at the end. The
information should be print after that

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-07 15:19:13 +08:00
Jerry Yu
1ccd6108e8 Revert "fix miss sent extensions mask" 
This reverts commit 06b364fdfd.

It has been set in write_binders

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-07 14:57:44 +08:00
Jerry Yu
7ef9fd8989 fix various issues 
- Debug message
- Improve comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-07 14:31:37 +08:00
Jerry Yu
2bea94ce2e check the ticket version unconditional 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-07 14:18:17 +08:00
Yanray Wang
0751761b49 max_early_data_size: rename configuration function 
Rename mbedtls_ssl_tls13_conf_max_early_data_size as
mbedtls_ssl_conf_max_early_data_size since in the future
this may not be specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 11:49:34 +08:00
Yanray Wang
d5ed36ff24 early data: rename configuration function 
Rename mbedtls_ssl_tls13_conf_early_data as
mbedtls_ssl_conf_early_data since in the future this may not be
specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 11:49:24 +08:00
Pengyu Lv
4ebf86e780 tls13-misc: Do not check kex mode for some cases 
Ephemeral is preferred over pure PSK, the change is
to make CI happy.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-07 10:14:32 +08:00
Pengyu Lv
44670c6eda Revert "TLS 1.3: SRV: Don't select ephemeral mode on resumption" 
This reverts commit dadeb20383.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-07 09:58:53 +08:00
Pengyu Lv
1f00926142 Change base config to full 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-11-07 09:55:11 +08:00
Gilles Peskine
a1023e2bd6 programs/test/metatest indirectly includes library/common.h 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
4bc873f0a1 Add missing program to .gitignore 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
102aea2ba8 Add metatests for mutex usage 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
f0d5cf9a0c Don't use %llx in printf 
We still do MinGW builds on our CI whose printf doesn't support it!

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
a1dfa14c06 Fix cast from pointer to integer of different size 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
ee8109541a Don't cast a function pointer to a data pointer 
That's nonstandard. Instead, convert to an integer.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
6aa9f32124 Use casts when doing nonstandard pointer conversions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
6848d1709b Run metatests in selected components 
Run metatests in some components, covering both GCC and Clang, with ASan,
MSan or neither.

Note that this commit does not cover constant-flow testing builds or Valgrind.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
69e8db0366 Strengthen against Clang optimizations 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
b0f0a64de0 Metatests for basic Asan and Msan features 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
f109664448 Script to run all the metatests (with platform filtering) 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:18 +01:00
Gilles Peskine
80ba832be6 Metatests for null pointer dereference 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:09 +01:00
Gilles Peskine
f309fbf0d5 Validate that test_fail causes a test failure 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:09 +01:00
Gilles Peskine
33406b645d Add a metatest program 
This program can be used to validate that things that should be detected as
test failures are indeed caught, either by setting the test result to
MBEDTLS_TEST_RESULT_FAILED or by aborting the program.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:09 +01:00
Dave Rodgman
b578514b03 Merge pull request #8470 from gilles-peskine-arm/check-files-license 
Check copyright statements and SPDX license statements
 2023-11-06 17:07:54 +00:00
Dave Rodgman
4b67ac8adf Merge pull request #8444 from Mbed-TLS/cvv-code-size 
code size for mbedtls_cipher_validate_values
 2023-11-06 12:50:37 +00:00
Dave Rodgman
2ef7c30775 Update BRANCHES 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-06 11:47:15 +00:00
Paul Elliott
e03270f2e0 Merge pull request #8391 from paul-elliott-arm/full_no_platform 
Add full_no_platform config preset
 2023-11-06 11:35:28 +00:00
Manuel Pégourié-Gonnard
964dee6b3f Merge pull request #8442 from lpy4105/issue/8355/driver-only-cipher_aead-x509 
X.509: Support driver-only cipher+aead
 2023-11-06 09:10:57 +00:00
Yanray Wang
bc29aefdea all.sh: test BLOCK_CIPHER_NO_DECRYPT in build_aes_variations 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 11:14:38 +08:00
Jerry Yu
9e47b268c4 Revert "ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only" 
This reverts commit cfe68a0cb6.

As commit 5eb2b02862, this line is used to report test suite name.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-06 10:53:43 +08:00
Jerry Yu
50d07bdeec Add test-suite parameter to filter tests 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-06 10:49:01 +08:00
Yanray Wang
53479573a0 ChangeLog: rewrite ChangeLog for block-cipher-no-decrypt 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00
Yanray Wang
0d76b6ef76 Return an error if asking for decrypt under BLOCK_CIPHER_NO_DECRYPT 
If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is enabled, but decryption is
still requested in some incompatible modes, we return an error of
FEATURE_UNAVAILABLE as additional indication.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00
Yanray Wang
956aa00202 check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT with PSA 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00
Yanray Wang
f149640021 all.sh: add components to test BLOCK_CIPHER_NO_DECRYPT with PSA 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00
Yanray Wang
de0e2599ad cipher_wrap.c: remove unnecessary NO_DECRYPT guard for DES 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00
Yanray Wang
f24bbd987a dh_client.c: modify prompt message 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00