lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-24 01:41:35 +03:00
Code Activity
26,813 Commits 173 Branches 268 Tags
d26a3d6da72e12e93d3384939bcc4241e47bcc99
Commit Graph

2458 Commits

Author SHA1 Message Date
Tom Cosgrove
17d5081ffb Merge pull request #8099 from gilles-peskine-arm/split-config_psa-prepare 
Prepare to split config_psa.h
 2023-08-22 07:30:46 +00:00
Gilles Peskine
796bc2b8f9 Merge pull request #7486 from AndrzejKurek/calloc-also-zeroizes 
Document mbedtls_calloc zeroization
 2023-08-21 15:47:21 +00:00
Gilles Peskine
9af413bcc5 Don't try to include mbedtls/config_*.h 
They're included by build_info.h and must not be included directly.

Currently, this only concerns one file: config_psa.h. It's technically a bug
to include it, but a harmless one because that header has already been
included by build_info.h except in configurations where it
effectively had no effect (enabling PSA options with PSA turned off).

We plan to split config_psa.h into multiple headers that are less
independent, which could make the inclusion more problematic.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-21 16:12:36 +02:00
Gilles Peskine
dbd13c3689 Merge pull request #7662 from lpy4105/issue/renew_cert_2027-01-01 
Updating crt/crl files due to expiry before 2027-01-01
 2023-08-17 15:38:35 +00:00
Gilles Peskine
d370f93898 Merge pull request #7898 from AndrzejKurek/csr-rfc822-dn 
OPC UA - add support for RFC822 and DirectoryName SubjectAltNames when generating CSR's
 2023-08-16 09:19:46 +00:00
Manuel Pégourié-Gonnard
660bbf2470 test: disable BIGNUM support on the test ecc_no_bignum component 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-10 06:43:23 +02:00
Paul Elliott
2f12a29cdd Merge pull request #7896 from AgathiyanB/gitignore-generated-files-toggle 
Add script to toggle ignoring generated files
 2023-08-09 14:54:32 +00:00
Gowtham Suresh Kumar
186731b22a Fix warnings from clang-16 
Running clang-16 on mbedtls reports warnings of type "-Wstrict-prototypes".
This patch fixes these warnings by adding void to functions with no
arguments. The generate_test_code.py is modified to insert void into test
functions with no arguments in *.function files.

Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
 2023-07-26 17:11:51 +01:00
Manuel Pégourié-Gonnard
828b3acd6b Merge pull request #7848 from valeriosetti/issue7749 
driver-only ECC: EPCf.TLS testing
 2023-07-18 10:33:21 +02:00
Dave Rodgman
91d9daf2b3 Merge pull request #7925 from hasheddan/dtls-server-order 
Fix order of steps in DTLS server example program
 2023-07-17 09:41:43 +01:00
Daniel Mangum
af2f7a6fcb Fix order of steps in DTLS server example program 
Fixes the numbered order of steps in the DTLS server example program.

Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com>
 2023-07-14 12:00:33 -04:00
Andrzej Kurek
312b6df38a Add a missing guard in cert_req.c 
IP parsing requires x509_CRT_PARSE_C
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-07-10 08:45:30 -04:00
Valerio Setti
dda0019e2e ssl_test_lib: fix rebase error 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 10:22:51 +02:00
Valerio Setti
5bdebb2004 ssl_test_lib: fix variable naming for curve group 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Valerio Setti
fb6356f003 ssl_test_lib: simplify function which prints supported curves 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Valerio Setti
deb676442d ssl_test_lib: manage FFDH keys the same way as ECC ones 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Valerio Setti
acd32c005f programs: add helper functions for supported EC curves 
- get full list, or
- get TLS ID from name

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-10 09:13:57 +02:00
Manuel Pégourié-Gonnard
461d59b2f8 Merge pull request #7858 from mprse/ffdh_tls13_v2_f 
Make use of FFDH keys in TLS 1.3 - follow-up
 2023-07-07 16:19:35 +02:00
Dave Rodgman
c4749b1c66 Merge pull request #7584 from gilles-peskine-arm/fuzz-file-open-fail 
Fuzz programs: print an error if loading the reproducer fails
 2023-07-07 11:51:59 +01:00
Andrzej Kurek
6bc7a38683 Support more SAN subtypes in cert_req.c 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-07-07 05:13:13 -04:00
Agathiyan Bragadeesh
77b0d645f5 Add gitignore anchors to denote generated files 
These anchors encapsulate gitignore patterns which typically ignore
files generated, so that scripts can be used to comment and uncomment
these patterns for releases when we need the generated files in the
repository.

Signed-off-by: Agathiyan Bragadeesh <agabra02@e127300.arm.com>
 2023-07-06 17:58:18 +01:00
Przemek Stekiel
68e7544de8 parse_groups: curve -> group adaptations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-06 12:16:44 +02:00
Przemek Stekiel
45255e4c71 Adapt names (curves -> groups) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-07-05 09:26:26 +02:00
Pengyu Lv
b078607f04 cert_write: Support write any for extended key usage 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-07-04 17:30:21 +08:00
Manuel Pégourié-Gonnard
56b159a12a Merge pull request #7627 from mprse/ffdh_tls13_v2 
Make use of FFDH keys in TLS 1.3 v.2
 2023-07-03 10:12:33 +02:00
Dave Rodgman
c23d2222ea Merge pull request #7728 from waleed-elmelegy-arm/crypt_and_hash-decrypt-fix 
Fix crypt_and_hash decrypt issue when used with stream cipher
 2023-06-30 11:42:35 +01:00
Andrzej Kurek
60de0b198a Move the overallocation test to test suites 
This way the compiler does not complain about
an overly large allocation made.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
aae3208c29 Add an mbedtls_calloc(SIZE_MAX/2, SIZE_MAX/2) test 
It should return NULL and not a valid pointer.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
e35f3a23be Add a calloc selftest for more than a page 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
ecaf6fb8b2 Documentation and cosmetic fixes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Andrzej Kurek
9032711dc7 Move the calloc buffer initialization test to selftest.c 
This way it's more in line with the 2.28 version.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-27 09:26:08 -04:00
Paul Elliott
458b96b1a7 Merge pull request #7638 from AndrzejKurek/cert-apps-use-ips 
Use better IP parsing in x509 apps
 2023-06-20 17:21:04 +01:00
Przemek Stekiel
7d42c0d0e5 Code cleanup #2 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-13 12:30:40 +02:00
Przemek Stekiel
75a5a9c205 Code cleanup 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-13 09:57:23 +02:00
Waleed Elmelegy
46549cb5fa Replace function calls in crypt_and_hash program with locals 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-06-12 14:53:02 +01:00
Waleed Elmelegy
7d39cc410c Fix crypt_and_hash decrypt issue when used with stream cipher 
crypt_and_hash decryption fails when used with a stream cipher
mode of operation due to the input not being multiple of block
size, this only applies to block cipher modes and not stream
ciphers.This change exempts CTR, CFB & OFB modes from this check.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-06-09 16:58:23 +01:00
Dave Rodgman
05d71ffe5b Merge remote-tracking branch 'origin/development' into sha3-updated 2023-06-07 18:02:04 +01:00
Andrzej Kurek
0624e460fb Add a guard for IP parsing in cert_req app 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-07 08:54:35 -04:00
Andrzej Kurek
cd17ecfe85 Use better IP parsing in x509 programs 
Remove unnecessary duplicated code.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-07 08:50:05 -04:00
Przemek Stekiel
ff9fcbcace ssl_client2, ssl_server2: code optimization + guards adaptation 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:53:40 +02:00
Przemek Stekiel
da4fba64b8 Further code optimizations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:09 +02:00
Przemek Stekiel
316c19ef93 Adapt guards, dependencies + optimizations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:09 +02:00
Przemek Stekiel
e7db09bede Move FFDH helper functions and macros to more suitable locations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:08 +02:00
Przemek Stekiel
6d7da5ee1e Add FFDH support in client2, server2 applications 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-06-06 12:31:08 +02:00
Gilles Peskine
84b547b5ee Merge pull request #7400 from AndrzejKurek/cert-write-sans 
Add a possibility to generate certificates with a Subject Alternative Name
 2023-06-05 15:38:38 +02:00
Andrzej Kurek
f994bc51ad Refactor code in cert_write.c 
This way is more robust.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-02 05:10:17 -04:00
Dave Rodgman
7f97675b64 Merge pull request #5237 from davidhorstmann-arm/demo-out-of-tree 2023-05-19 21:27:24 +01:00
Andrzej Kurek
5eebfb8fd0 Enable escaping ';' in cert_write.c SANs 
This might get used in URIs.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
446e53d401 Fix a code style issue 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
f70f460e5f Fix temporary IP parsing error 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00