mbedtls

Author	SHA1	Message	Date
Gilles Peskine	df6e84a447	Test the PSA alternative header configuration macros Test that MBEDTLS_PSA_CRYPTO_PLATFORM_FILE and MBEDTLS_PSA_CRYPTO_STRUCT_FILE can be set to files in a directory that comes after the standard directory in the include file search path. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-23 17:18:33 +01:00
Dave Rodgman	54647737f6	Add checks to selftest Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-10 16:16:17 +00:00
Dave Rodgman	f31c9e441b	Merge pull request #7019 from tom-cosgrove-arm/dont-use-cast-assignment-in-ssl_server2.c Don't use cast-assignment in ssl_server.c	2023-02-06 12:13:08 +00:00
Dave Rodgman	94c9c96c94	Merge pull request #6998 from aditya-deshpande-arm/fix-example-programs-usage Fix incorrect dispatch to USAGE in example programs, which causes uninitialized memory to be used	2023-02-06 09:53:50 +00:00
Tom Cosgrove	de85725507	Don't use cast-assignment in ssl_server.c Would have used mbedtls_put_unaligned_uint32(), but alignment.h is in library/. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-02-03 16:38:05 +00:00
Aditya Deshpande	9b45f6bb68	Fix more argc checks Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2023-02-03 16:15:30 +00:00
Dave Rodgman	6dd757a8ba	Fix use of sizeof without brackets Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-02 12:40:50 +00:00
Aditya Deshpande	644a5c0b2b	Fix bugs in example programs: change argc == 0 to argc < 2 Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2023-01-30 16:48:13 +00:00
Manuel Pégourié-Gonnard	aae61257d1	Merge pull request #6883 from valeriosetti/issue6843 Improve X.509 cert writing serial number management	2023-01-30 13:08:57 +01:00
Valerio Setti	af4815c6a4	x509: replace/fix name of new function for setting serial Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-01-26 17:43:09 +01:00
Pengyu Lv	e2f1dbf5ae	update docs of ssl_client2 and improve code format Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-01-16 12:38:12 +08:00
Pengyu Lv	302feb3955	add cases to test session resumption with different ticket_flags This commit add test cases to test if the check of kex change mode in SessionTicket works well. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-01-13 11:05:56 +08:00
Valerio Setti	48fdbb3940	programs: cert_write: fixed bug in parsing dec serial Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-12 17:01:45 +01:00
Valerio Setti	791bbe629d	programs: improved cert_write serial management Now it can accept serial both as decimal and hex number (only one format at a time, of course, not simultaneously). Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-12 17:01:45 +01:00
Valerio Setti	acf12fb744	x509: fix endianness and input data format for x509write_crt_set_serial_new Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-12 17:01:44 +01:00
Valerio Setti	5d164c4e23	fix: add missing deprecation guards Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-12 17:01:44 +01:00
Valerio Setti	da0afcc2fb	x509: remove direct dependency from BIGNUM_C Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-12 17:01:44 +01:00
Gilles Peskine	449bd8303e	Switch to the new code style Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-01-11 14:50:10 +01:00
Jerry Yu	a15af37867	Change time resolution of reco_delay from second to millionseconds Per gnutls anti replay issue, it needs millionsecond time delay for improve the fail rate. From test result of #6712, this can improve the fail rate from 4% to 92%. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-01-07 13:01:42 +08:00
David Horstmann	e3d8f31ba1	Workaround Uncrustify parsing of "asm" The following code: #ifndef asm #define asm __asm #endif causes Uncrustify to stop correcting the rest of the file. This may be due to parsing the "asm" keyword in the definition. Work around this by wrapping the idiom in an INDENT-OFF comment wherever it appears. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-01-03 11:07:09 +00:00
Manuel Pégourié-Gonnard	7a389ddc84	Merge pull request #6784 from valeriosetti/issue6702 Make SHA224_C/SHA384_C independent from SHA256_C/SHA512_C	2023-01-03 09:36:58 +01:00
Valerio Setti	d10e0a6341	sha: fix minor issues/typos Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-22 14:25:26 +01:00
Dave Rodgman	2038da9266	Merge pull request #6826 from daverodgman/fix_gettimeofday Fix gettimeofday overflow	2022-12-20 16:01:53 +00:00
Dave Rodgman	7796cc4f24	Fix overflow in mbedtls_timing_hardclock Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-12-20 13:12:23 +00:00
Valerio Setti	e7221a21ad	test: adjust depends.py to new SHA224/SHA384 changes Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-16 14:43:48 +01:00
Gilles Peskine	6b21820bd3	Merge pull request #6687 from gilles-peskine-arm/fuzz-cflags programs/fuzz: set sensible default CFLAGS	2022-12-15 19:47:22 +01:00
Manuel Pégourié-Gonnard	c98624af3c	Merge pull request #6680 from valeriosetti/issue6599 Allow isolation of EC J-PAKE password when used in TLS	2022-12-14 11:04:33 +01:00
Valerio Setti	46e8fd8263	test: sha: test SHA224 and SHA256 separately This is meant to adapt to the new library design in which SHA224 and SHA256 can be built independently from each other. Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-14 10:58:02 +01:00
Valerio Setti	898e7a3afe	test: sha: test SHA384 and SHA512 separately This is meant to adapt to the new library design in which SHA384 and SHA512 can be built independently from each other. Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-14 10:50:54 +01:00
Manuel Pégourié-Gonnard	ebf322ddf6	Merge pull request #6629 from concatime/cmake-config-dir Install CMake files in MbedTLS dir	2022-12-14 10:30:52 +01:00
Valerio Setti	d75c5c4405	test: pake: fail in case the opaque key is destroyed unexpectedly Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-13 11:51:32 +01:00
Valerio Setti	785116a5be	test: pake: modify opaque key verification before destruction Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-12 11:59:25 +01:00
Manuel Pégourié-Gonnard	1a100b69a4	Merge pull request #6705 from davidhorstmann-arm/code-style-script-non-corrected Add code style correction script	2022-12-09 09:41:14 +01:00
Valerio Setti	eb3f788b03	tls: pake: do not destroy password key in TLS Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-08 18:42:58 +01:00
Valerio Setti	d5fa0bfb85	test: pake: check psa key validity before destroying it Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-07 16:02:42 +01:00
Ronald Cron	fbba0e9d75	Merge pull request #6537 from yuhaoth/pr/tls13-refactor-early-data-configuration-interface TLS 1.3: Refactor early data configuration interface.	2022-12-07 09:42:12 +01:00
Jerry Yu	d146a37d56	Change the definition of max_early_data_size argument. `conf_max_early_data_size` does not reuse as en/disable. When call it, we should call `conf_early_data()` also. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-06 14:56:54 +08:00
Jerry Yu	2c93fc1544	Revert "Add reco_debug_level to reduce debug output" This reverts commit `a6934776c9`. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-06 11:05:54 +08:00
Jerry Yu	54dfcb7794	fix comments and debug info issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-05 15:43:09 +08:00
Tom Cosgrove	1797b05602	Fix typos prior to release Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-12-04 17:19:59 +00:00
Issam E. Maghni	760f3a0a48	Install CMake files in MbedTLS dir Right now, CMake files are installed in <prefix>/cmake. That being said, it gets easily bloated, and the standard is to use a directory with the same name as the project. I discovered this issue with this "bug": https://github.com/termux/termux-packages/issues/12416 The issue's author claimed that MbedTLS's files were not installed in the lib directory. But the patch applied by termux team broke CMake's search of MbedTLS config files. So I wanted to upstream the real fix here instead. Here are some examples of projects using directories: - https://github.com/xiph/flac/blob/1.4.2/CMakeLists.txt#L239 - https://gitlab.freedesktop.org/dbus/dbus/-/blob/dbus-1.15.2/CMakeLists.txt#L675 - https://github.com/catchorg/Catch2/blob/v3.2.0/CMakeLists.txt#L62 - https://github.com/capnproto/capnproto/blob/v0.10.2/c++/CMakeLists.txt#L162 Signed-off-by: Issam E. Maghni <issam.e.maghni@mailbox.org>	2022-12-04 03:00:38 +00:00
Valerio Setti	d6feb20869	test: pake: allow opaque password only when USE_PSA is enabled Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-02 14:28:49 +01:00
Jerry Yu	7854a4e019	Add max_early_data_size option for ssl_sever2 - to set max_early_data_set Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-01 23:11:48 +08:00
Jerry Yu	a6934776c9	Add reco_debug_level to reduce debug output Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-01 23:11:48 +08:00
Valerio Setti	661b9bca75	test: psa_pake: add specific log message for the opaque password Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-29 17:28:17 +01:00
Valerio Setti	77e8315f5b	fix formatting and typos Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-29 17:28:04 +01:00
Gilles Peskine	9ec14f6dcb	programs/fuzz: set sensible default CFLAGS Running make from programs/fuzz didn't set any optimization flags (running make from programs or from the root inherited the parent's optimization flags). Default to -O2. There were no -W flags. Default to -Wall -Wextra, but not -Werror in line with the other makefiles. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-29 17:23:19 +01:00
Valerio Setti	d572a82df9	tls: psa_pake: add test for opaque password Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-29 11:30:56 +01:00
Bence Szépkúti	a17d038ee1	Merge branch 'development' into pr3431	2022-11-22 15:54:52 +01:00
Ronald Cron	d12922a69a	Merge pull request #6486 from xkqian/tls13_add_early_data_indication The merge job of the internal CI ran successfully. This is good to go.	2022-11-17 12:48:50 +01:00

1 2 3 4 5 ...

2347 commits