mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-19 05:43:14 +03:00

Author	SHA1	Message	Date
Przemek Stekiel	68a01a6720	Fix session tickets related build flags in fuzz_server and ssl_server2 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 13:30:43 +02:00
Jerry Yu	03b8f9d299	Adjust guards for `dummy_tickets` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-08 14:56:38 +08:00
Jerry Yu	25ab654781	Add dummy ticket support Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
Manuel Pégourié-Gonnard	e3358e14b2	Merge pull request #6051 from mprse/permissions_2b_v2 Permissions 2b: TLS 1.3 sigalg selection	2022-09-28 09:50:04 +02:00
Paul Elliott	2c282c9bd0	Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.	2022-09-23 15:48:33 +01:00
Manuel Pégourié-Gonnard	d433cd7d07	Merge pull request #6283 from mpg/driver-only-hashes-wrap-up Driver only hashes wrap-up	2022-09-21 08:29:46 +02:00
Ronald Cron	50969e3af5	ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 15:57:57 +02:00
Jerry Yu	7a51305478	Add multi-session tickets test Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-19 14:26:07 +08:00
Ronald Cron	be0224aef3	Merge pull request #6167 from yuhaoth/pr/finalize-tls13-session-tickets	2022-09-18 21:18:13 +02:00
Manuel Pégourié-Gonnard	e896705c1a	Take advantage of legacy_or_psa.h being public Opportunities for using the macros were spotted using: git grep -E -n -A2 'MBEDTLS_(MD\|SHA)[0-9]+_C' \| egrep 'PSA_WANT_ALG_(MD\|SHA)' then manually filtering the results. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-09-16 12:03:52 +02:00
Gilles Peskine	e9b55929dc	Remove useless platform macro redefinitions: automatic part Some source files had code to set mbedtls_xxx aliases when MBEDTLS_PLATFORM_C is not defined. These aliases are defined unconditionally by mbedtls/platform.h, so these macro definitions were redundant. Remove them. This commit used the following code: ``` perl -i -0777 -pe 's~#if !defined$MBEDTLS_PLATFORM_C$\n(#define (mbedtls\|MBEDTLS)_.\n\|#include <(stdarg\|stddef\|stdio\|stdlib\|string\|time)\.h>\n)#endif.*\n~~mg' $(git grep -l -F '#if !defined(MBEDTLS_PLATFORM_C)') ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-15 20:34:15 +02:00
Gilles Peskine	945b23c46f	Include platform.h unconditionally: automatic part We used to include platform.h only when MBEDTLS_PLATFORM_C was enabled, and to define ad hoc replacements for mbedtls_xxx functions on a case-by-case basis when MBEDTLS_PLATFORM_C was disabled. The only reason for this complication was to allow building individual source modules without copying platform.h. This is not something we support or recommend anymore, so get rid of the complication: include platform.h unconditionally. There should be no change in behavior since just including the header should not change the behavior of a program. This commit replaces most occurrences of conditional inclusion of platform.h, using the following code: ``` perl -i -0777 -pe 's!#if.\n#include "mbedtls/platform.h"\n(#else.\n(#define (mbedtls\|MBEDTLS)_.\n\|#include <(stdarg\|stddef\|stdio\|stdlib\|string\|time)\.h>\n))?#endif.*!#include "mbedtls/platform.h"!mg' $(git grep -l '#include "mbedtls/platform.h"') ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-09-15 20:33:07 +02:00
Przemek Stekiel	632939df4b	ssl_client2: print pk key name when provided using key_opaque_algs Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-15 14:16:11 +02:00
Jerry Yu	4746b10c2e	fix various issues - Format issues - Possible memory leak - Improve naming and comment issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-13 15:37:46 +08:00
Andrzej Kurek	0bc834b27f	Enable signature algorithms in ssl programs with PSA based hashes Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-12 05:37:46 -04:00
Dave Rodgman	1577c548d1	Use NULL instead of 0 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-09-09 10:22:15 +01:00
Nayna Jain	106a0afc5a	pkcs7: provide fuzz harness This allows for pkcs7 fuzz testing with OSS-Fuzz. Signed-off-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>	2022-09-01 19:45:41 -05:00
Jerry Yu	0203534c64	Add session save after got new session ticket Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-31 23:24:25 +08:00
Ronald Cron	e00d6d6b55	Merge pull request #6135 from yuhaoth/pr/tls13-finalize-external-psk-negotiation TLS 1.3: SRV: Finalize external PSK negotiation	2022-08-31 17:21:57 +02:00
Andrzej Kurek	dcce505a08	Add a missing guard in an example program MD variable is not used in builds without MD. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-30 17:56:08 -04:00
Manuel Pégourié-Gonnard	bf22a2500b	Merge pull request #6208 from AndrzejKurek/tls-tests-no-md-structured Remove the dependency on MD from TLS 1.2 tests	2022-08-30 12:34:37 +02:00
Manuel Pégourié-Gonnard	a84ce3fa81	Merge pull request #6111 from superna9999/6101-programs-dont-build-with-libtestdriver-and-use-psa Programs don't build with libtestdriver and USE_PSA	2022-08-30 12:29:01 +02:00
Dave Rodgman	c5e0a8a890	Add missing error message Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-08-30 10:25:45 +01:00
Dave Rodgman	64937856e0	Correct order of extended key usage attributes Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-08-30 10:25:45 +01:00
Dave Rodgman	18b02d35d6	Remove redundant sig_alg argument Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-08-30 10:25:45 +01:00
Dave Rodgman	2ee7bbd10a	Replace some constant values with sizeof Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-08-30 10:25:45 +01:00
Dave Rodgman	5f3f0d06e6	Address minor review comments Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-08-30 10:25:45 +01:00
Dave Rodgman	ec9f6b4de1	Fix minor compile errors Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-08-30 10:25:45 +01:00
Nicholas Wilson	99a96b1c22	Improve programs/cert_write with a way to set the signature digest This is useful for generating SHA-1 and MD5 certificates for test purposes. I guess RSA-PSS could be added too, but I don't need that now. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-08-30 10:08:43 +01:00
Nicholas Wilson	8e5bdfbbcf	Improve programs/cert_write with a way to set extended key usages Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-08-30 10:08:43 +01:00
Jerry Yu	c5a23a0f12	fix various issues - code style - variable initialize - update comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-25 11:09:35 +08:00
Andrzej Kurek	cccb044804	Style & formatting fixes Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-23 05:26:02 -04:00
Andrzej Kurek	8c95ac4500	Add missing dependencies / alternatives A number of places lacked the necessary dependencies on one of the used features: MD, key exchange with certificate, entropy, or ETM. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-08-22 17:46:50 -04:00
Jerry Yu	5d01c05d93	fix various issues - wrong typo in comments - replace psk null check with key_exchange_mode check - set psk NULL when error return in export hs psk Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-21 12:55:01 +08:00
Jerry Yu	2b7a51ba8f	Add psk_or_ephemeral mode and tests psk_or_ephemeral exists in theory. This change is for improving test coverage. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-21 12:51:53 +08:00
Jerry Yu	62c8763de7	Improve macro expansion help message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-11 10:18:36 +08:00
Jerry Yu	08dccc1f75	Improve help message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-08-10 10:02:04 +08:00
Neil Armstrong	9bb8e0d3c5	Fix fuzz_privkey build without MBEDTLS_ENTROPY_C defined Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-08-08 13:56:13 +02:00
Jerry Yu	2fcb056ea9	Add requires_{any,all}_configs_enabled functions - requires_any_configs_enabled - requires_all_configs_enabled - requires_any_configs_disabled - requires_all_configs_disabled Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-31 12:23:39 +08:00
Jan Bruckner	25fdc2addb	Fix minor typos Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2022-07-26 10:52:46 +02:00
Jerry Yu	2b4f02d7fb	Add new_session_ticket err handler Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-20 11:07:29 +08:00
Paul Elliott	7adb8cbc0e	Revert "Add generated files for 3.2.0 release" This reverts commit `cb21f2eab3`. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 18:18:30 +01:00
Paul Elliott	cb21f2eab3	Add generated files for 3.2.0 release Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 13:56:01 +01:00
Ronald Cron	ce7d76e2ee	Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr	2022-07-11 10:22:37 +02:00
Paul Elliott	41aa808a56	Merge pull request #952 from gilles-peskine-arm/stdio_buffering-setbuf Turn off stdio buffering with setbuf()	2022-07-04 10:12:22 +01:00
Ronald Cron	0e39ece23f	Merge pull request #5916 from yuhaoth/pr/tls13-refactor-get-sig-alg-from-pk Refactor signature algorithm chooser	2022-07-04 09:10:08 +02:00
Paul Elliott	bae7a1a5a6	Merge pull request #5620 from gstrauss/dn_hints Add accessors to config DN hints for cert request	2022-07-01 17:23:14 +01:00
Paul Elliott	ff15dbab4c	Make definition order a bit neater Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-01 16:30:08 +01:00
Gilles Peskine	6d576c9646	Call setbuf when reading or writing files: programs After opening a file containing sensitive data, call mbedtls_setbuf() to disable buffering. This way, we don't expose sensitive data to a memory disclosure vulnerability in a buffer outside our control. This commit adds a call to mbedtls_setbuf() after each call to fopen(), but only in sample programs that were calling mbedtls_platform_zeroize(). Don't bother protecting stdio buffers in programs where application buffers weren't protected. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 17:06:11 +02:00
Jerry Yu	cc5391048e	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-06-29 16:18:30 +08:00

... 2 3 4 5 6 ...

2405 Commits