ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-10-19 19:53:48 +08:00
Code Issues Releases Wiki Activity
33,962 Commits 176 Branches 276 Tags
development
Commit Graph

13739 Commits

Author SHA1 Message Date
Ben Taylor
91b8310e54 Remove internal deprecated items 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-07 08:19:44 +01:00
Ben Taylor
7e8e438fce Replace cases of time_t with mbedtls_time_t 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-29 14:24:47 +01:00
David Horstmann
ee1991a387 Merge pull request #10408 from ronald-cron-arm/historical-libmbedcryto 
Restore historical libmbedcrypto.* libraries
 2025-09-29 08:41:06 +00:00
Gilles Peskine
562763b5bd Add dependency of mbedtls_config on generated config check headers 
Fix the build of libmbedx509 when generated files are not already present.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-24 17:20:35 +02:00
Gilles Peskine
cc1ac1d3dc CMake: support generated headers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-24 17:20:35 +02:00
Gilles Peskine
24d058bc6c Enable checks for bad options in the config file 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-24 17:20:35 +02:00
Gilles Peskine
d57a0985ab Add dependency of tf_psa_crypto_config on generated config check headers 
Fix the build of libtfpsacrypto when generated files are not already present.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-22 15:52:06 +02:00
Ronald Cron
35d59c6cb6 cmake: Install libmbedcrypto.* libraries 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-22 15:08:39 +02:00
Ronald Cron
466a1a29d9 cmake: Provide the crypto libs under their historical name 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-22 14:34:55 +02:00
Ronald Cron
c09a84e285 cmake: library: Rework and improve the copy of the crypto libraries 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-22 14:34:55 +02:00
Ronald Cron
879cba1a67 cmake: Introduce version and soversion variables 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-22 14:34:55 +02:00
Ronald Cron
8df65636fd Clarify target name for library generated files 
The target mbedtls_generated_files_target could
be misinterpreted as the target covering all project
generated files, but it does not.

It is specifically the target for files generated
to build the mbedtls library.

Rename it to libmbedtls_generated_files_target
and align x509.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-22 14:03:18 +02:00
Gilles Peskine
6712f1b6af Use --list-for-cmake with generate_config_checks.py 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-19 13:36:25 +02:00
Gilles Peskine
67b115cfda Register crypto's generate_config_files.py outputs as generated files 
Mbed TLS needs to know the generated files of TF-PSA-Crypto. There's no
mechanism for TF-PSA-Crypto to declare them.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-19 13:36:24 +02:00
Gilles Peskine
b53b443f8e Register generate_config_files.py outputs as generated files 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-19 13:36:24 +02:00
Ronald Cron
b91117c32f Merge pull request #10402 from ronald-cron-arm/remove-legacy-crypto-options 
Remove legacy crypto options
 2025-09-17 18:46:05 +00:00
Ronald Cron
3091e40774 Remove usage of old crypto options in public headers 
The remaining occurences were related to
dead code.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-17 16:06:31 +02:00
Valerio Setti
bc611fe44c [tls12|tls13]_server: fix usage being checked on the certificate key 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-09-16 16:12:07 +02:00
Valerio Setti
7b2d72aaf0 ssl: replace PSA_ALG_ECDSA with MBEDTLS_PK_ALG_ECDSA 
When the key is parsed from PK it is assigned the pseudo-alg
MBEDTLS_PK_ALG_ECDSA. Trying to run "mbedtls_pk_can_do_psa" with an hardcoded
deterministc/randomized ECDSA can make the function to fail if the proper
variant is not the one also used by PK.
This commit fixes this problem.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-09-16 16:12:07 +02:00
Valerio Setti
0009b042ac library: ssl: replace mbedtls_pk_can_do_ext with mbedtls_pk_can_do_psa 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-09-16 16:12:07 +02:00
Ronald Cron
feb5e26619 Cleanup following the removal of MBEDTLS_ECP_DP_.*_ENABLED options 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
0dd31fe523 Introduce MBEDTLS_SSL_NULL_CIPHERSUITES 
The support for TLS ciphersuites without
encryption does not rely anymore on the
MBEDTLS_CIPHER_NULL_CIPHER feature of
the cipher module. Introduce a specific
config option to enable these ciphersuites
and use it instead of MBEDTLS_CIPHER_NULL_CIPHER.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ben Taylor
337161eb41 Remove comment referencing ECDH 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
5cdbe30804 replace MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED with MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 
After the ECDH keyexchange removal the two became synonyms so the former can
be removed.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
4d7f715c07 Remove further symbols that are not required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
558766d814 Remove additional ifdef's 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
15f1d7f812 Remove support for static ECDH cipher suites 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Anton Matkin
92129adcf2 Removed the whitespace which is causing CI to fail 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 16:09:09 +02:00
Anton Matkin
8135b84ed2 Fixed incorrect usage of key derivation procedures 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 16:09:09 +02:00
Anton Matkin
8e4d8c9227 Update ssl_tls.c to use psa_pake_get_shared_key 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 16:09:09 +02:00
Anton Matkin
7a65ce6737 Unfortunately, we had two files named oid.h - one in the main repo, and one in the tf-psa-crypto repo, and these files included the mbedtls one, so I restored the header include 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 07:05:40 +02:00
Anton Matkin
bc48725b64 Include fixups (headers moves to private directory) 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 07:05:37 +02:00
David Horstmann
6ff9c89648 Merge pull request #10361 from bensze01/runtime-version-interface 
Simplify runtime version info string methods
 2025-08-27 14:59:15 +00:00
Ben Taylor
3f523748e0 Add const to serial argument in mbedtls_x509write_crt_set_serial_raw 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-18 13:47:50 +01:00
Bence Szépkúti
b2ba9fa68b Simplify runtime version info string methods 
Return a const char* instead of taking a char* as an argument.

This aligns us with the interface used in TF PSA Crypto.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-08-18 11:39:45 +02:00
Anton Matkin
6eb5335ef0 Fixed issues with policy verification, since wildcard JPAKE policy is now disallowed, changed to concrete jpake algorithm (with SHA256 hash) 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:48 +02:00
Anton Matkin
1b70084bd9 TF-PSA-Crypto submodule link fixup 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:45 +02:00
Manuel Pégourié-Gonnard
5b74c79f00 Merge pull request #10298 from bjwtaylor/remove-deprecated-items 
Remove deprecated items
 2025-08-11 07:13:08 +00:00
Ben Taylor
5a27010fab Remove group_list_heap_allocated 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-08 08:33:03 +01:00
Gilles Peskine
627d653863 Merge pull request #10282 from bjwtaylor/switch-to-mbedtls_pk_sigalg_t 
Switch to mbedtls pk sigalg t
 2025-08-07 11:06:31 +00:00
Ben Taylor
ed0db45b63 Completely remove sig_algs_heap_allocated 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 09:40:42 +01:00
Ben Taylor
8dfed9fc15 Remove pointer cast in mbedtls_x509_oid_get_sig_alg 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
8b3b7e5cac Update further type mismatches 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
6816fd781e Adjust for change in mbedtls_pk_verify_new function prototype 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
7573321f61 Fix style issues 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
8e832b6594 Add sigalg types to x509_crt.c 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
1c118a564d reverted enum in pk_verify_new 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
b2eecc621d switch to mbedtls_pk_sigalg_t 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
500e497c05 Fix code style issues 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
adf5d537b2 Fix code style 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00