lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-09 10:01:18 +03:00
Code
22,325 Commits 172 Branches 268 Tags
Commit Graph

1783 Commits

Author SHA1 Message Date
Jerry Yu
600ded7ea5 Reserve end tag space at sig_algs_len init. 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
a68dca24ee move overflow inside loop 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
8afd6e4308 fix typo issues in comments 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
eb821c6916 remove check_sig_hash 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
1bab301c0d Add signature algorithm supported check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
7ddc38cedb fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
4131ec1260 Add signature algorithm length check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
a69269a711 change sig_algs_len unit to byte 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
713013fa80 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
e12f1ddcfa fix check names fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
11f0a9c2c4 fix deprecated-declarations error 
replace sig_hashes with sig_alg

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
6106fdc085 fix build fail without TLS13 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
f017ee4203 merge write sig_alg of tls12 and tls13 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

# Conflicts:
#	library/ssl_misc.h
 2022-01-25 12:46:17 +08:00
Jerry Yu
1abd1bc22f Change write_sig_alg_ext of tls12 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:17 +08:00
Jerry Yu
0e5bcb6bf5 Replace directly access for sig_hashes 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-25 12:46:16 +08:00
Manuel Pégourié-Gonnard
fcca7cfa97
Merge pull request #5428 from gstrauss/mbedtls_ssl_ciphersuite 
Add accessors for ciphersuite info
 2022-01-24 11:13:31 +01:00
Manuel Pégourié-Gonnard
d2da19b8eb
Merge pull request #5380 from AndrzejKurek/key-id-encodes-owner-psa-fixes 
Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO
 2022-01-18 09:16:25 +01:00
Ronald Cron
188ed19456
Merge pull request #5351 from yuhaoth/pr/remove-duplicate-supported_group_ext 
Remove duplicate function for writing supported_groups extension
 2022-01-17 09:13:14 +01:00
Glenn Strauss
8f52690956 Add accessors for ciphersuite info 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-01-13 00:05:48 -05:00
Jerry Yu
b925f21806 fix comment issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-12 11:17:02 +08:00
Jerry Yu
1510cea0f3 fix coding style issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-12 10:56:49 +08:00
Jerry Yu
3ad14ac9e9 Add named group IANA value check 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-11 17:13:16 +08:00
Jerry Yu
f46b016058 skip some extensions if ephemeral not enabled 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-11 16:28:00 +08:00
Jerry Yu
63282b4321 Refactor write supported group 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-11 15:43:53 +08:00
Jerry Yu
7f029d8a94 fix coding style issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-01-11 11:08:53 +08:00
Andrzej Kurek
03e01461ad Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO 
Fix library references, tests and programs.
Testing is performed in the already present all.sh test.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-01-03 12:53:24 +01:00
Jerry Yu
1ea9d10687 fix test_ref_configs build fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-21 14:52:38 +08:00
Glenn Strauss
cee11296aa Reset dhm_P and dhm_G if config call repeated 
Reset dhm_P and dhm_G if call to mbedtls_ssl_config_defaults() repeated
to avoid leaking memory.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2021-12-20 20:24:56 -05:00
Jerry Yu
1753261083 change write_supported_groups_ext prototype 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-20 22:32:09 +08:00
Jerry Yu
ba07342cd6 Add generic write_supported-groups_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-12-20 22:22:15 +08:00
Gilles Peskine
a4174312da Initialize hash_len before using it 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-13 14:38:40 +01:00
Gilles Peskine
f0fd4c3aee mbedtls_ssl_parse_finished: zeroize expected finished value on error 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-13 12:36:15 +01:00
Dave Rodgman
050ad4bb50
Merge pull request #5313 from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac 
Check HMAC return values
 2021-12-13 10:51:27 +00:00
Gilles Peskine
ecf6bebb9c Catch failures of md_hmac operations 
Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that
their return values should be checked.

Do check the return values in our code. We were already doing that
everywhere for hash calculations, but not for HMAC calculations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-12-11 15:00:57 +01:00
Ronald Cron
db6adc5aad ssl: Fix some compilation guards for TLS 1.3 signature algorithms 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-10 14:25:35 +01:00
Ronald Cron
6f135e1148 Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3 
As we have now a minimal viable implementation of TLS 1.3,
let's remove EXPERIMENTAL from the config option enabling
it.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-10 13:47:55 +01:00
Manuel Pégourié-Gonnard
b873577fc3
Merge pull request #5240 from duckpowermb/development 
[session] fix a session copy bug
 2021-12-09 09:23:23 +01:00
Gilles Peskine
392113434a
Merge pull request #5263 from ronald-cron-arm/psa-test-driver_3.x 
Forward port to 3.x: Introduce PSA test driver library to test PSA configuration
 2021-12-07 12:52:20 +01:00
Ronald Cron
69a63426af psa: Fix the size of hash buffers 
Fix the size of hash buffers for PSA hash
operations.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-12-03 18:55:33 +01:00
吴敬辉
0b71611c80 [session] fix a session copy bug 
fix a possible double reference on 'ticket'
when peer_cert/peer_cert_digest calloc failed.

Signed-off-by: 吴敬辉 <11137405@vivo.com>
 2021-11-29 10:50:04 +08:00
Xiaofei Bai
6dc90da740 Rebased on 74217ee and add fixes 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
 2021-11-26 08:12:43 +00:00
Xiaofei Bai
9539501120 Rebase and add fixes 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
 2021-11-26 08:09:26 +00:00
Xiaofei Bai
746f9481ea Fix 1_3/13 usages in macros and function names 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
 2021-11-26 08:08:36 +00:00
XiaokangQian
a83014db4a TLS1.3: Add signature scheme pkcs1 v1.5 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-25 02:21:16 +00:00
Gilles Peskine
e2d707fea5
Merge pull request #4866 from gabor-mezei-arm/3649_move_constant_time_functions_into_separate_module 
Move constant-time functions into a separate module
 2021-11-24 19:33:00 +01:00
Gabor Mezei
be7b21da22
Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module 2021-11-24 10:44:13 +01:00
XiaokangQian
4b82ca1b70 Refine test code and test scripts 
Change client test code to support rsa pss signatures
Add test cases for rsa pss signature in ssl-opt.sh

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-22 05:50:12 +00:00
XiaokangQian
82d34ccf47 Add signature scheme rsa pss 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2021-11-22 05:50:12 +00:00
Ronald Cron
bb41a88f2e
Merge pull request #5120 from yuhaoth/pr/fix-memory-leak-and-version-header 
TLS1.3 :fix memory leak and version header
 2021-11-12 13:49:26 +01:00
Jerry Yu
a1a568c2f6 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-11-09 10:17:21 +08:00