yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
19427 commits 1 branch 0 tags 94 MiB
Commit graph

736 commits

Author SHA1 Message Date
Gilles Peskine
43b0943736
Merge pull request #1946 from hanno-arm/alert_reentrant 
Make mbedtls_ssl_send_alert_message() reentrant
 2022-04-12 11:05:20 +02:00
Manuel Pégourié-Gonnard
eaf3086831
Merge pull request #1133 from RonEld/1805 
Fix Shared Library compilation issue with Cmake
 2022-04-11 09:31:59 +02:00
Dave Rodgman
f945e0a475 Update ChangeLog.d/alert_reentrant.txt 
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-04-08 12:59:30 +01:00
Hanno Becker
8813c03cb0 Add ChangeLog entry 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-04-08 12:16:55 +01:00
Glenn Strauss
236e17ec26 Introduce mbedtls_ssl_hs_cb_t typedef 
Inline func for mbedtls_ssl_conf_cert_cb()

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-04-07 14:18:30 -04:00
Gilles Peskine
a91b68564c
Merge pull request #5429 from yuhaoth/pr/fix-parallel-build-fail-of-cmake_out_source 
fix parallel build fail of cmake out source
 2022-04-07 16:21:43 +02:00
Manuel Pégourié-Gonnard
33a9d61885
Merge pull request #5638 from paul-elliott-arm/ssl_cid_accessors 
Accessors to own CID within mbedtls_ssl_context
 2022-04-01 11:36:00 +02:00
Paul Elliott
0113cf1022 Add accessor for own cid to ssl context 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-03-31 19:21:41 +01:00
Manuel Pégourié-Gonnard
3304f253d7
Merge pull request #5653 from paul-elliott-arm/handshake_over 
Add mbedtls_ssl_is_handshake_over()
 2022-03-30 12:16:40 +02:00
Paul Elliott
571f1187b6
Merge pull request #5642 from mprse/ecp_export 
Add ECP keypair export function
 2022-03-29 17:19:04 +01:00
Dave Rodgman
1c41501949
Merge pull request #5632 from tom-cosgrove-arm/seclib-667-sha512-acceleration-mbedtls-internal 
SECLIB-667: Accelerate SHA-512 with A64 crypto extensions
 2022-03-29 15:34:12 +01:00
Ronald Cron
63d97ad0bb
Merge pull request #5559 from yuhaoth/pr/add-rsae-sha384-sha512 
Add rsae sha384 sha512
 2022-03-29 14:01:51 +02:00
Przemek Stekiel
2076cbe511 Add function name to changelog 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-28 07:22:11 +02:00
Tom Cosgrove
87fbfb5d82 SECLIB-667: Accelerate SHA-512 with A64 crypto extensions 
Provide an additional pair of #defines, MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
and MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. At most one of them may be
specified. If used, it is necessary to compile with -march=armv8.2-a+sha3.

The MBEDTLS_SHA512_PROCESS_ALT and MBEDTLS_SHA512_ALT mechanisms
continue to work, and are mutually exclusive with SHA512_USE_A64_CRYPTO.

There should be minimal code size impact if no A64_CRYPTO option is set.

The SHA-512 implementation was originally written by Simon Tatham for PuTTY,
under the MIT licence; dual-licensed as Apache 2 with his kind permission.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-03-23 21:40:53 +00:00
Paul Elliott
93ba3e3918 Add mbedtls_ssl_is_handshake_over() function 
Add function to query if SSL handshake is over or not, in order to
determine when to stop calling mbedtls_ssl_handshake_step among other
things. Document function, and add warnings that the previous method of
ascertaining if handshake was over is now deprecated, and may break in
future releases.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-03-22 22:47:49 +00:00
Jerry Yu
8beb9e173d Change prototype of pk_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Paul Elliott
a5bebc297b Add changelog entry 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-03-21 15:27:25 +00:00
Przemek Stekiel
815af94905 Add ChangeLog file 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-18 15:10:31 +01:00
Ron Eldor
183264cb95 Fix shared library link error with cmake on Windows 
Set the library path as the current binary dir

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-03-17 12:07:50 +00:00
Dave Rodgman
2cecd8aaad
Merge pull request #3624 from daxtens/timeless 
RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test
 2022-03-15 16:43:19 +00:00
Dave Rodgman
868d38f50f
Merge pull request #5547 from tom-cosgrove-arm/seclib-667-sha256-acceleration-mbedtls-internal 
SECLIB-667: Accelerate SHA-256 with A64 crypto extensions
 2022-03-14 12:57:37 +00:00
Manuel Pégourié-Gonnard
c11bffe989
Merge pull request #5139 from mprse/key_der_ecc 
PSA: implement key derivation for ECC keys
 2022-03-14 09:17:13 +01:00
Przemek Stekiel
b38f797a24 Add change log entry for psa ECC key derivation 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-03-11 14:12:34 +01:00
Jerry Yu
7599f3109a Update changelog entry 
Remove internal details. Add the condition of the bug.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-11 16:30:20 +08:00
Gilles Peskine
81d903f5aa
Merge pull request #5510 from SiliconLabs/feature/PSEC-3269-MD-X.509-hashing 
feat: MD: X.509 hashing
 2022-03-10 20:16:43 +01:00
Manuel Pégourié-Gonnard
10e5cdbbbf
Merge pull request #5454 from gstrauss/cert_cb-user_data 
server certificate selection callback
 2022-03-10 11:51:42 +01:00
Dave Rodgman
73e91e13a6
Merge pull request #2229 from RonEld/fix_test_md_api_violation 
Fix test md api violation
 2022-03-10 09:21:47 +00:00
Paul Elliott
17f452aec4
Merge pull request #5448 from lhuang04/tls13_alpn 
Port ALPN support for tls13 client from tls13-prototype
 2022-03-08 17:53:38 +00:00
Jerry Yu
6dd2e34848 Add changelog entry 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-08 14:56:31 +08:00
Gilles Peskine
15364ffb03
Merge pull request #5579 from SiliconLabs/erase_secret_before_free 
Erase secrets in allocated memory before freeing said memory
 2022-03-07 17:04:04 +01:00
Tom Cosgrove
70245bee01 Add ChangeLog entry for fix to mbedtls_md_process() test 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-03-04 16:48:49 +00:00
Andrzej Kurek
3475b26375 Add a changelog entry 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-03-04 05:07:45 -05:00
Gilles Peskine
d929dbbb25
Merge pull request #5368 from mfil/feature/additional_md_getters 
Add function to get message digest info from context
 2022-03-02 16:44:26 +01:00
Gilles Peskine
5459a15863
Merge pull request #5365 from Tachi107/msvc-utf-8 
build(msvc): always assume source files are in UTF-8
 2022-03-02 16:42:33 +01:00
Glenn Strauss
6989407261 Add accessor to retrieve SNI during handshake 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-25 19:55:53 -05:00
Glenn Strauss
36872dbd0b Provide means to reset handshake cert list 
Extend mbedtls_ssl_set_hs_own_cert() to reset handshake cert list
if cert provided is null.  Previously, mbedtls_ssl_set_hs_own_cert()
only provided a way to append to the handshake certificate list,
without providing a way to replace the handshake certificate list.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-25 19:55:48 -05:00
Glenn Strauss
2ed95279c0 Add server certificate selection callback 
https://github.com/ARMmbed/mbedtls/issues/5430

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-25 17:31:49 -05:00
Steven Cooreman
4b94f10b93 Add changelog entry for zeroizing key buffers before freeing 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
 2022-02-25 16:53:11 +01:00
Andrzej Kurek
a0237f86d3 Add missing key destruction calls in ssl_write_client_key_exchange 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-25 04:36:40 -05:00
Andrea Pappacoda
9202909d07
build(msvc): always assume source files are in UTF-8 
Fixes https://github.com/ARMmbed/mbedtls/issues/4205

Signed-off-by: Andrea Pappacoda <andrea@pappacoda.it>
 2022-02-23 23:13:09 +01:00
Gilles Peskine
9cb08822a1 Minor clarification 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:02 +01:00
Gilles Peskine
80dae04f24 Make user_data fields private 
Add accessor functions.

Add unit tests for the accessor functions.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Gilles Peskine
c63a1e0e15 Fix mbedtls_ssl_get_version() for TLSv1.3 
Test it in ssl-opt.sh.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Gilles Peskine
e1a0c25f71 New function to access the TLS version from a context as an enum 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Gilles Peskine
915896f03c Add accessor function from mbedtls_ssl_context to the configuration 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Gilles Peskine
69477b5706 Add a field for application data to TLS structures 
In structure types that are passed to user callbacks, add a field that the
library won't ever care about. The application can use this field to either
identify an instance of the structure with a handle, or store a pointer to
extra data.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Tom Cosgrove
f3ebd90a1c SECLIB-667: Accelerate SHA-256 with A64 crypto extensions 
Provide an additional pair of #defines, MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
and MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. At most one of them may be
specified. If used, it is necessary to compile with -march=armv8-a+crypto.

The MBEDTLS_SHA256_PROCESS_ALT and MBEDTLS_SHA256_ALT mechanisms
continue to work, and are mutually exclusive with A64_CRYPTO.

There should be minimal code size impact if no A64_CRYPTO option is set.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-02-21 08:37:26 +00:00
Manuel Pégourié-Gonnard
4fa604cc3b
Merge pull request #5511 from SiliconLabs/feature/PSEC-3195-PSA-test-suites-NOT-using-UID-0 
feat: Update test_suite_psa_its to NOT use UID=0
 2022-02-17 11:49:33 +01:00
Manuel Pégourié-Gonnard
3d1f8b9c00
Merge pull request #5532 from ronald-cron-arm/tls13_and_use_psa_crypto 
Make TLS 1.3 compatible with MBEDTLS_USE_PSA_CRYPTO
 2022-02-16 17:33:47 +01:00
Manuel Pégourié-Gonnard
e14b644f4d
Merge pull request #5456 from mpg/cleanup-ecdh-psa 
Cleanup PSA-based ECDHE in TLS 1.2
 2022-02-15 09:09:07 +01:00