mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00

Author	SHA1	Message	Date
Dave Rodgman	8f6094ce47	Merge pull request #7792 from robUx4/win32_winnt	2023-07-13 19:34:24 +01:00
Steve Lhomme	4000b6ec0e	Don't force the default windows version down The _WIN32_WINNT value will pick the default value for the SDK when including windows.h. Depending on its value some calls will be possible or not. Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>	2023-07-13 16:11:34 +02:00
Steve Lhomme	369d7c7148	Don't use FindFirstFileW() before Windows XP On runtime it will attempt to get FindFirstFileW() from kernel32.dll but it's not there and the DLL/program containing mbedtls will not load. Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>	2023-07-13 16:11:34 +02:00
Manuel Pégourié-Gonnard	2be8c63af7	Create psa_util_internal.h Most functions in psa_util.h are going to end up there (except those that can be static in one file), but I wanted to have separate commits for file creation and moving code around, so for now the new file's pretty empty but that will change in the next few commits. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-07-06 12:42:33 +02:00
Tom Cosgrove	836aed7cf8	Merge pull request #6003 from gstrauss/x509_time mbedtls_x509_time performance and reduce memory use	2023-07-06 09:28:14 +01:00
Valerio Setti	8c3404f3e0	x509: update ECP_LIGHT dependencies to PK_HAVE_ECC_KEYS Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-26 15:49:48 +02:00
Steve Lhomme	eb0f18acbc	Don't use inet_pton() before Windows Vista On runtime it will attempt to get inet_pton() from ws2_32.dll but it's not there and the DLL/program containing mbedtls will not load. Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>	2023-06-16 14:34:11 +02:00
Glenn Strauss	4b2a6e8df3	Reuse time when verifying certificate chain Replace mbedtls_x509_time_is_past(), mbedtls_x509_time_is_future() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-06-09 17:01:03 +01:00
Andrzej Kurek	c40a1b552c	Remove references to x509_invasive.h Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-07 08:54:34 -04:00
Andrzej Kurek	cd17ecfe85	Use better IP parsing in x509 programs Remove unnecessary duplicated code. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-07 08:50:05 -04:00
Manuel Pégourié-Gonnard	02b10d8266	Add missing include Fix build failures with config full Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	6076f4124a	Remove hash_info.[ch] Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	2d6d993662	Use MD<->PSA functions from MD light As usual, just a search-and-replace plus: 1. Removing things from hash_info.[ch] 2. Adding new auto-enable MD_LIGHT in build-info.h 3. Including md_psa.h where needed Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	8857984b2f	Replace hash_info macro with MD macro Now the MD macro also accounts for PSA-only hashes. Just a search-and-replace, plus manually removing the definition in hash_info.h. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Gilles Peskine	5c3d6e277c	Merge pull request #7575 from AndrzejKurek/URI-SAN-verification Add partial support for URI SubjectAltNames verification	2023-06-05 16:46:47 +02:00
Valerio Setti	972077820b	tls/x509: minor enhancement for using the new private key format Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-23 15:12:07 +02:00
Paul Elliott	aa266f29e6	Merge pull request #7602 from mprse/AuthorityKeyId_leak_fix Fix for memory leak while parsing AuthorityKeyId ext	2023-05-18 09:57:56 +01:00
Manuel Pégourié-Gonnard	b1c0afe484	Merge pull request #7595 from valeriosetti/deprecate_pk_ec Set mbedtls_pk_ec() as internal function when ECP_C is not defined	2023-05-17 12:27:03 +02:00
Przemek Stekiel	690ff698f7	mbedtls_x509_crt_free: release authorityCertIssuer sequence Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-16 11:08:30 +02:00
Paul Elliott	926bcb04fe	Merge pull request #7532 from AndrzejKurek/remove-leading-zeroes-ip-parsing Disallow leading zeroes when parsing IPv4 addresses	2023-05-15 13:59:10 +01:00
Valerio Setti	3f00b84dd1	pk: fix build issues Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-15 12:57:06 +02:00
Valerio Setti	77a75685ed	pk: align library and tests code to the new internal functions Note = programs are not aligned to this change because: - the original mbedtls_pk_ec is not ufficially deprecated - that function is used in tests when ECP_C is defined, so the legacy version of that function is available in that case Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-05-15 11:18:46 +02:00
Andrzej Kurek	199eab97e7	Add partial support for URI SubjectAltNames Only exact matching without normalization is supported. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-10 09:57:19 -04:00
Gilles Peskine	97edeb4fb8	Merge pull request #6866 from mprse/extract-key-ids Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2	2023-05-08 20:38:29 +02:00
Przemek Stekiel	61aed064c5	Code optimization Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-08 11:15:59 +02:00
Przemek Stekiel	ed9fb78739	Fix parsing of KeyIdentifier (tag length error case) + test Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-08 11:15:54 +02:00
Przemek Stekiel	8194285cf1	Fix parsing of authorityCertSerialNumber (use valid tags) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-03 16:19:16 +02:00
Andrzej Kurek	9c9880a63f	Explicitly exit IPv4 parsing on a fatal error This makes the function flow more readable. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-03 05:06:47 -04:00
Andrzej Kurek	6f400a376e	Disallow leading zeroes when parsing IPv4 addresses Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-01 06:23:42 -04:00
Przemek Stekiel	f5b8f78ad7	authorityCertIssuer and authorityCertSerialNumber MUST both be present or absent Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-26 08:57:32 +02:00
Przemek Stekiel	f4194944e8	Use do-while(0) format in macros Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-24 09:52:17 +02:00
Gilles Peskine	935a987b2b	Merge pull request #7436 from AndrzejKurek/x509-verify-san-ip x509 SAN IP parsing	2023-04-21 22:00:58 +02:00
Andrzej Kurek	90117db5dc	Split a complex condition into separate ones Make it more readable Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-18 10:43:35 -04:00
Andrzej Kurek	8bc2cc92b5	Refactor IPv6 parsing Make it more readable Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-18 07:26:27 -04:00
Andrzej Kurek	ea3e71fa37	Further refactor IPv4 parsing Make it more readable Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-18 05:54:50 -04:00
Przemek Stekiel	9a7a725ee7	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-17 16:06:57 +02:00
Andrzej Kurek	6cbca6dd42	Rename a variable in ipv4 and ipv6 parsing Character was too elaborate. p is used in other x509 code to step through data. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:25:00 -04:00
Andrzej Kurek	0d57896f7e	Refactor ipv6 parsing Introduce new variables to make it more readable. Clarify the calculations a bit. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:20:31 -04:00
Andrzej Kurek	7f5a1a4525	Rename ipv6 parsing variables, introduce one new one This way the names are more descriptive. j was reused later on for calculation, num_zero_groups is used instead. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:20:23 -04:00
Andrzej Kurek	06969fc3a0	Introduce a test for a sw implementation of inet_pton Create a bypass define to simulate platforms without AF_INET6. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:20:15 -04:00
Andrzej Kurek	13b8b780fe	Improve x509_inet_pton_ipv4 readability Introduce descriptive variable names. Drop the table of tens. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-13 09:19:50 -04:00
Glenn Strauss	b255e21e48	Handle endianness in x509_inet_pton_ipv6() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:43 -04:00
Glenn Strauss	6f545acfaf	Add mbedtls_x509_crt_parse_cn_inet_pton() tests Extended from https://github.com/Mbed-TLS/mbedtls/pull/2906 contributed by Eugene K <eugene.kobyakov@netfoundry.io> Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:42 -04:00
Glenn Strauss	416c295078	x509 crt verify local implementation to parse IP x509 crt verify local implementation to parse IP if inet_pton() is not portably available Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:42 -04:00
Glenn Strauss	c26bd76020	x509 crt verify SAN iPAddress Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-04-11 08:29:42 -04:00
Valerio Setti	d4a5d461de	library: add remaining changes for the new ECP_LIGHT symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-11 11:33:50 +02:00
Przemek Stekiel	725688b143	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 22:49:44 +02:00
Przemek Stekiel	294ec1274d	Remove redundant memory relase for authorityCertIssuer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	21903ec860	Fix after rebase Handle manually functions that have been moved to different locations. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Przemek Stekiel	4f3e7b934e	Fix parsing of authorityCertIssuer Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00

1 2 3 4 5 ...

424 Commits