mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-09 10:01:18 +03:00

Author	SHA1	Message	Date
Harry Ramsey	fb6cea508f	Remove duplicate mbedtls/build_info.h include This commit removes duplicate includes for mbedtls/build_info.h where the file already includes common.h. Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>	2024-10-14 08:41:31 +01:00
Harry Ramsey	e8e23fb519	Include ssl_misc.h for additional SSL helper files This commit replaces #include "common.h" in favour of #include "ssl_misc.h". Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>	2024-10-11 12:21:30 +01:00
Harry Ramsey	0f6bc41a22	Update includes for each library file Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>	2024-10-09 11:18:50 +01:00
Elena Uziunaite	a6950b8ce7	Replace MBEDTLS_PK_CAN_ECDSA_SOME with PSA_HAVE_ALG_SOME_ECDSA Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-09-09 11:17:36 +01:00
Elena Uziunaite	9fc5be09cb	Replace MBEDTLS_MD_CAN_SHA1 with PSA_WANT_ALG_SHA_1 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-09-04 18:12:59 +01:00
David Horstmann	1d98d9d861	Merge pull request #9526 from mpg/refactor-tls123-verif-dev Refactor tls123 verif dev	2024-09-03 15:29:10 +00:00
Manuel Pégourié-Gonnard	9e3e991d04	Fix typos in comments Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2024-09-02 12:46:03 +02:00
Manuel Pégourié-Gonnard	19dd9f59bc	Merge 1.2 and 1.3 certificate verification Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2024-09-02 12:46:03 +02:00
Manuel Pégourié-Gonnard	7a4aa4d133	Make mbedtls_ssl_check_cert_usage() work for 1.3 Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2024-09-02 12:46:03 +02:00
Manuel Pégourié-Gonnard	94f70228e9	Clean up mbedtls_ssl_check_cert_usage() Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2024-09-02 12:46:03 +02:00
Gabor Mezei	c15ef93aa5	Replace `MBEDTLS_MD_CAN_SHA512` with `PSA_WANT_ALG_SHA_512` Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-08-28 18:20:25 +02:00
Elena Uziunaite	da41b60cef	Replace MBEDTLS_SSL_HAVE_CAMELLIA with PSA_WANT_KEY_TYPE_CAMELLIA Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-08-13 09:58:00 +01:00
Gilles Peskine	0858fdca38	Merge pull request #9189 from misch7/fix-v3.6-issues-9186-and-9188 Fix build of v3.6 (issues #9186 and #9188)	2024-08-12 09:34:17 +00:00
Michael Schuster	4394067071	Fix server mode only build of v3.6 with MBEDTLS_SSL_CLI_C unset (fixes #9186 ) Signed-off-by: Michael Schuster <michael@schuster.ms>	2024-08-09 10:27:44 +01:00
Gilles Peskine	e1171bd26f	Merge pull request #9361 from eleuzi01/replace-key-aria Replace MBEDTLS_SSL_HAVE_ARIA with PSA_WANT_KEY_TYPE_ARIA	2024-08-08 15:41:01 +00:00
Elena Uziunaite	51c85a0296	Replace MBEDTLS_SSL_HAVE_ARIA with PSA_WANT_KEY_TYPE_ARIA Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-08-07 11:33:14 +01:00
Elena Uziunaite	8dde3b3dec	Replace MBEDTLS_PK_HAVE_ECC_KEYS with PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-08-05 15:41:58 +01:00
Elena Uziunaite	74342c7c2b	Replace MBEDTLS_SSL_HAVE_CBC with PSA_WANT_ALG_CBC_NO_PADDING Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-31 16:19:15 +01:00
Elena Uziunaite	6121a344dd	Replace MBEDTLS_SSL_HAVE_AES with PSA_WANT_KEY_TYPE_AES Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-30 18:42:19 +01:00
Elena Uziunaite	b66a991f04	Replace MBEDTLS_MD_CAN_MD5 with PSA_WANT_ALG_MD5 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-18 14:31:59 +03:00
Elena Uziunaite	0916cd702f	Replace MBEDTLS_MD_CAN_SHA256 with PSA_WANT_ALG_SHA_256 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-11 11:13:35 +03:00
Ronald Cron	2cf41a273e	Merge pull request #9171 from eleuzi01/replace-mbedtls-md-can-sha384 Replace MBEDTLS_MD_CAN_SHA384 with PSA_WANT_ALG_SHA_384	2024-07-04 08:56:52 +00:00
Elena Uziunaite	b476d4bf21	Replace MBEDTLS_MD_CAN_SHA384 with PSA_WANT_ALG_SHA_384 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-03 10:20:41 +01:00
Elena Uziunaite	fcc9afaf9d	Replace MBEDTLS_MD_CAN_SHA224 with PSA_WANT_ALG_SHA_224 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-02 11:08:04 +01:00
Waleed Elmelegy	5bc5263b2c	Add code improvments and refactoring in dealing with ALPN Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Waleed Elmelegy	883f77cb08	Add mbedtls_ssl_session_set_alpn() function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-03-13 16:50:01 +00:00
Ronald Cron	fd4c0c8b3d	tls13: cli: Fix comment Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-12 17:48:18 +01:00
Ronald Cron	aa3593141b	tls13: cli: Move definition of MBEDTLS_SSL_EARLY_DATA_STATE_xyz Move definition of MBEDTLS_SSL_EARLY_DATA_STATE_xyz from ssl.h(public) to ssl_misc.h(private) even if that means we cannot use the enum type for early_data_state in ssl.h. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-12 17:48:18 +01:00
Ronald Cron	8571804382	tls13: srv: Enforce maximum size of early data Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-03-01 09:29:09 +01:00
Ronald Cron	d6d32b9210	tls13: Improve declaration and doc of early data status Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-15 17:19:14 +01:00
Ronald Cron	b9a9b1f5a5	tls13: Fix/Improve comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-15 17:19:14 +01:00
Ronald Cron	5fbd27055d	tls13: Use a flag not a counter for CCS and HRR handling Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-15 17:19:02 +01:00
Ronald Cron	90e223364c	tls13: cli: Refine early data status The main purpose of the change is to know from the status, at any point in the handshake, if early data can be sent or not and why. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Ronald Cron	fe59ff794d	tls13: Send dummy CCS only once Fix cases where the client was sending two CCS, no harm but better to send only one. Prevent to send even more CCS when early data are involved without having to add conditional state transitions. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-06 16:43:33 +01:00
Manuel Pégourié-Gonnard	32c28cebb4	Merge pull request #8715 from valeriosetti/issue7964 Remove all internal functions from public headers	2024-02-05 15:09:15 +00:00
Ronald Cron	78a38f607c	tls13: srv: Do not use early_data_status Due to the scope reduction for mbedtls_ssl_read_early_data(), on server as early data state variable we now only need a flag in the handshake context indicating if the server has accepted early data or not. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-01 20:10:35 +01:00
Ronald Cron	3b9034544e	Revert "tls13: Introduce early_data_state SSL context field" This reverts commit 0883b8b625a5531f2fc8a61b6b0417f00f76f91e. Due to the scope reduction of mbedtls_ssl_read_early_data() it is not necessary anymore to refine the usage of early_data_status/state rather the opposite. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-01 20:03:57 +01:00
Ronald Cron	0883b8b625	tls13: Introduce early_data_state SSL context field Introduce early_data_state SSL context field to distinguish better this internal state from the status values defined for the mbedtls_ssl_get_early_data_status() API. Distinguish also between the client and server states. Note that the client state are going to be documented and reworked as part of the implementation of mbedtls_ssl_write_early_data(). Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-01 16:45:04 +01:00
Ronald Cron	5d0ae9021f	tls13: srv: Refine early data status The main purpose is to know from the status if early data can be received of not and why. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2024-02-01 16:40:47 +01:00
Valerio Setti	25b282ebfe	x509: move internal functions declarations to a private header Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-19 09:07:35 +01:00
Valerio Setti	d929106f36	ssl_ciphersuites: move internal functions declarations to a private header Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-18 15:08:28 +01:00
Tom Cosgrove	f1ba1933cf	Merge pull request #8526 from yanrayw/issue/7011/send_record_size_limit_ext TLS1.3: SRV/CLI: add support for sending Record Size Limit extension	2024-01-12 13:39:15 +00:00
Waleed Elmelegy	f0ccf46713	Add minor cosmetic changes to record size limit changelog and comments Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-12 10:52:45 +00:00
Ronald Cron	ae2213c307	Merge pull request #8414 from lpy4105/issue/uniform-ssl-check-function Harmonise the names and return values of check functions in TLS code	2024-01-11 13:51:39 +00:00
Waleed Elmelegy	f501790ff2	Improve comments across record size limit changes Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:28 +00:00
Waleed Elmelegy	148dfb6457	Change record size limit writing function Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2024-01-10 16:17:27 +00:00
Yanray Wang	a8b4291836	tls13: add generic function to write Record Size Limit ext Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2024-01-10 16:17:27 +00:00
Tom Cosgrove	3a6059beca	Merge pull request #7455 from KloolK/record-size-limit/comply-with-limit Comply with the received Record Size Limit extension	2024-01-09 15:22:17 +00:00
Waleed-Ziad Maamoun-Elmelegy	e2d3db5cfc	Update mbedtls_ssl_get_output_record_size_limit signature Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Waleed-Ziad Maamoun-Elmelegy <122474370+waleed-elmelegy-arm@users.noreply.github.com>	2024-01-05 14:19:16 +00:00
Pengyu Lv	94a42ccb3e	Add tls13 in ticket flags helper function names ``` sed -i \ "s/\(mbedtls_ssl\)_\(session_\(\w_\)\?ticket\)/\1_tls13_\2/g" \ library/.[ch] ``` Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-12-08 11:12:46 +08:00

1 2 3 4 5 ...

545 Commits