lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-28 23:14:56 +03:00
Code Activity
32,911 Commits 176 Branches 276 Tags
ae567ad011abffdcad54c9ac64cf735004b7570e
Commit Graph

32911 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ronald Cron
7ef0c60260 Merge pull request #9992 from Harry-Ramsey/move-zeroize-memset-configuration 
Move zeroize memset configuration
 2025-02-19 10:11:05 +00:00
Harry Ramsey
82c42190a1 Update TF-PSA-Crypto pointer 
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-02-19 08:04:35 +00:00
Harry Ramsey
2a75a60d34 Update path to user-config-zeroize-memset.h 
This commit updates the path to user-config-zeroize-memset.h as it has
been moved to TF-PSA-Crypto.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-02-19 08:03:57 +00:00
Harry Ramsey
76e476245a Move zeroize config to TF-PSA-Crypto 
This commit moves user-config-zeroize-memset.h to TF-PSA-Crypto where it
more appropriately belongs.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-02-19 08:03:57 +00:00
Ronald Cron
39e2e4c3cb Merge pull request #9957 from valeriosetti/issue136-development 
[development] Add components-compliance.sh
 2025-02-18 09:56:47 +00:00
Valerio Setti
1e781adb62 tf-psa-crypto: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-18 06:02:01 +01:00
Valerio Setti
e06f9f3eba framework: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-17 17:43:15 +01:00
Valerio Setti
24e6ecb502 tests: move components-compliance.sh to tf-psa-crypto repo 
This file is cancelled from the Mbed TLS repo and copied to the
TF-PSA-Crypto one.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-17 17:40:08 +01:00
Deomid rojer Ryabkov
dd14c0a11e Remove in_hshdr 
The first fragment of a fragmented handshake message always starts at the beginning of the buffer so there's no need to store it.

Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2025-02-13 13:41:51 +03:00
Ronald Cron
03e704018a Merge pull request #9917 from valeriosetti/issue9685 
[development] Remove the DHE-RSA key exchange
 2025-02-09 11:43:50 +00:00
Valerio Setti
bfc1ec15e6 tf-psa-crypto: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-07 17:48:11 +01:00
Valerio Setti
683e49e781 framework: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-07 17:47:59 +01:00
Valerio Setti
c8cac1d22f changelog: add note abot DHE-RSA removal 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:12:02 +01:00
Valerio Setti
1494a09ff7 test_suite_ssl: require GCM or ChaChaPoly in handshake_serialization() 
Hanshake serialization requires that the selected ciphersuite uses
an AEAD algorithm. However, following the DHE-RSA removal, trying to
still use RSA signature might select a ciphersuite which is not using
AEAD, but CBC instead (see preference order in "ssl_ciphersuite.c").

This is especially problematic in tests scenarios where both GCM and
ChaChaPoly are disabled, so that CCM remains as the only AEAD algorithm.
Ciphersuites using RSA signature and CCM are very low on the preference
list, so very unlikely to be picked in tests. This cause a CBC one to
be selected in this case and the handshake_serialization() function
to fail.

In order to prevent failures from happening, in this commit we require
that either GCM or ChaChaPoly are enabled, so that ciphersuites using one
of these are likely to be picked.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:12:02 +01:00
Valerio Setti
d137f15e1b mbedtls_config.h: remove definition of MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:12:02 +01:00
Valerio Setti
f886924eec docs: remove references to DHE-RSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:12:01 +01:00
Valerio Setti
02ae66830e check_config.h: remove checks for DHE-RSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
Valerio Setti
8438c637ee tests: remove references to DHE-RSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
Valerio Setti
b7e2eccf1f ssl_ciphersuites: remove MBEDTLS_KEY_EXCHANGE_SOME_XXDH_1_2_ENABLED 
This symbol is unused in the code so it can be removed.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
Valerio Setti
b8621b6f9d ssl_ciphersuites: remove references to DHE-RSA key exchanges 
In this commit also MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED is removed.
This cause some code in "ssl_ciphersuites_internal.h" and
"ssl_tls12_server.c" to became useless, so these blocks are removed
as well.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
Valerio Setti
89743b5db5 ssl_tls: remove code related to DHE-RSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
Valerio Setti
98f348a2c5 ssl-opt.sh|compat.sh: remove references to DHE-RSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
Ronald Cron
0baf3611e6 Merge pull request #9940 from valeriosetti/issue94-development 
[Development] Move test_psa_*.py scripts to the framework
 2025-02-05 13:55:38 +00:00
Waleed Elmelegy
cf4e6a18e6 Remove unused variable in ssl_server.c 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2025-02-05 13:10:01 +02:00
Deomid rojer Ryabkov
eb77e5b1c7 Update the changelog message 
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2025-02-05 13:09:26 +02:00
Valerio Setti
c96d75bba3 framework: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-05 12:05:01 +01:00
Valerio Setti
da1673c013 components-compliance.sh: update references to test_psa_compliance.py 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-05 12:04:36 +01:00
Valerio Setti
2ef55352e8 components-configuration.sh: update references to test_psa_constant_names.py 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-05 12:04:36 +01:00
Valerio Setti
40e14a7559 Move files out of Mbed TLS 
The following files are moved to the framework repo (deleted here):

tests/scripts/test_psa_compliance.py
tests/scripts/test_psa_constant_names.py

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-05 12:04:36 +01:00
David Horstmann
be658c47c8 Merge pull request #9938 from bjwtaylor/ssl-ticket-api 
Move ssl_ticket to the PSA API
 2025-02-05 10:41:09 +00:00
Ronald Cron
7b4b176aca Merge pull request #9908 from Harry-Ramsey/move-configs-to-tf-psa-crypto 
Move configs to TF-PSA-Crypto
 2025-02-04 17:42:04 +00:00
Ben Taylor
7d4c48ba4f fixed trailing whitespace 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-02-04 15:27:53 +00:00
Harry Ramsey
94c386a8ea Update config paths in scripts 
This commit updates the moved config paths in multiple script files.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-02-04 12:54:15 +00:00
Harry Ramsey
c89fa17ba3 Update configs README 
This commit updates configs/ext/README.md to reflect the necessary files
which were removed from Mbed TLS.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-02-04 12:54:15 +00:00
Harry Ramsey
6e5dfa851c Move crypto configs to TF-PSA-Crypto 
This commit moves config-symmetric-only.h,
crypto-config-ccm-aes-sha256.h and crypto_config_profile_medium.h to
TF-PSA-Crypto.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-02-04 12:54:15 +00:00
Ronald Cron
2a992bf39b Merge pull request #9915 from Harry-Ramsey/move-ssl-macros-development 
Move MbedTLS Macros
 2025-02-04 10:25:05 +00:00
Ben Taylor
b6fb07bc48 Change Changelog entry to a maximum of 80 charactors 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-02-04 09:08:02 +00:00
Harry Ramsey
93a496e877 Update framework pointer 
This commit updates the framework pointer to include changes to enable
check_names.py to run independently for TF-PSA-Crypto and Mbed TLS.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-02-04 08:13:14 +00:00
Harry Ramsey
285722a3fe Update TF-PSA-Crypto pointer 
This commit updates the TF-PSA-Crypto pointer to include the moved
config files.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-02-04 08:13:11 +00:00
Ben Taylor
837130cf65 Improve Changelog and correct alg selection 
Improve the description of the API changes in the changelog and
fix some incorrect alg selection variables in ssl_server2.c.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-02-04 07:50:19 +00:00
Ben Taylor
d0498803a1 Correct typos in comments 
Correct the typos in the mbedtls_ssl_ticket_setup function docs

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-02-03 11:35:34 +00:00
Deomid rojer Ryabkov
afa11db620 Remove obselete checks due to the introduction of handhsake defragmen... 
tation. h/t @waleed-elmelegy-arm

909e71672f

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2025-02-01 15:42:43 +02:00
David Horstmann
70fbf41760 Merge pull request #9945 from minosgalanakis/update_checkboxes_crypto 
PR-Template: Updated the PR template with TF-PSA-Crypto checkbox
 2025-01-31 17:33:38 +00:00
Minos Galanakis
d5c8bf0f09 PR-Template: Updated the PR template with TF-PSA-Crypto checkbox 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-01-31 14:36:56 +00:00
Harry Ramsey
2547ae9fcc Move SSL macro checks from TF-PSA-Crypto to Mbed TLS 
This commit moves macro checks specifically for Mbed TLS from
TF-PSA-Crypto to Mbed TLS where they more approriately belong.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-01-31 13:58:43 +00:00
Ben Taylor
0c29cf87b1 Move ssl_ticket to the PSA API 
Convert the mbedtl_ssl_ticket_setup function to use the TF_PSA_Crypto
API.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-01-30 08:22:40 +00:00
Manuel Pégourié-Gonnard
9c2afb44bb Merge pull request #9923 from mpg/use-psa-crypto 
Rm dead !USE_PSA_CRYPTO code from the library
 2025-01-29 13:34:13 +00:00
Ronald Cron
ed445089c2 Merge pull request #9916 from valeriosetti/issue9688 
Migrate DHE test cases to ECDHE
 2025-01-29 09:59:22 +00:00
Manuel Pégourié-Gonnard
072c98eb75 Remove empty #if #endif block 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-29 10:40:15 +01:00
Ronald Cron
d883ba75cc Merge pull request #9633 from gabor-mezei-arm/9143_update_depends.py_curves_domain 
Update the `curves` domain to use PSA macros in `depends.py`
 2025-01-29 07:23:44 +00:00