ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-06-23 21:50:34 +08:00
Code Issues Releases Wiki Activity
33,322 Commits 173 Branches 268 Tags
Commit Graph

33322 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Max Fillinger
f2dda15ce8 Add label length argument to tls_prf_generic() 
This way, it's not required that the label is null-terminated. This
allows us to avoid an allocation in
mbedtls_ssl_tls12_export_keying_material().

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:58 +01:00
Max Fillinger
48150f5dc3 Store randbytes for TLS 1.2 TLS-Exporter 
Previously, if MBEDTLS_SSL_CONTEXT_SERIALIZATION is not defined,
randbytes are not stored after the handshake is done, but they are
needed for TLS-Exporter in TLS 1.2.

This commit also saves randbytes if MBEDTLS_SSL_PROTO_TLS1_2 is defined.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:58 +01:00
Max Fillinger
e10c9849e2 Fix coding style 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 16:53:58 +01:00
Max Fillinger
29beade80f Fix build when one of TLS 1.2 or 1.3 is disabled 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 16:53:58 +01:00
Max Fillinger
7b72220d42 Fix coding style 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 16:53:58 +01:00
Max Fillinger
9073e041fc Fix TLS exporter changelog entry 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 16:53:58 +01:00
Max Fillinger
ae7d66a1d5 Fix doxygen comment parameter name 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 16:53:57 +01:00
Max Fillinger
5561994020 Fix typos in comment 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 16:53:57 +01:00
Max Fillinger
9c9989fc6d Fix mismatches in function declarations 
Missed some const keywords in function declarations.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Max Fillinger
91cff4406b Fix key_len check in TLS-Exporter 
The length of the generated key must fit into a uint16_t, so it must not
be larger than 0xffff.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Max Fillinger
81dfc8830b Actually set exporter defaults in ssl_client2 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Max Fillinger
334c367052 Simplify mbedtls_ssl_tls13_exporter 
RFC 8446 made it look like we can't use Derive-Secret for the second
step, but actually, Transcript-Hash and Hash are the same thing, so we
can.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Max Fillinger
c7986427d4 Add test for TLS-Exporter in TLS 1.3 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Max Fillinger
136fe9e4be Fix commented out function declaration 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Max Fillinger
b84cb4b049 Add changelog entry for TLS-Exporter feature 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Max Fillinger
b2718e17e6 Add TLS-Exporter options to ssl_client2 
Prints out the exported key on the command line for testing purposes.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Max Fillinger
32ba7f4a17 Add TLS-Exporter options to ssl_server2 
The program prints out the derived symmetric key for testing purposes.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Max Fillinger
bd81c9d0f7 Implement TLS-Exporter feature 
The TLS-Exporter is a function to derive shared symmetric keys for the
server and client from the secrets generated during the handshake.
It is defined in RFC 8446, Section 7.5 for TLS 1.3 and in RFC 5705 for
TLS 1.2.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Ronald Cron
3189752b2f
Merge pull request #10073 from felixc-arm/remove-inject-entropy 
[development] Remove MBEDTLS_PSA_INJECT_ENTROPY
 2025-03-28 13:22:00 +00:00
Felix Conway
1459e75d3d Update tf-psa-crypto pointer 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-03-28 10:36:00 +00:00
Manuel Pégourié-Gonnard
064f68ec85
Merge pull request #10032 from valeriosetti/psasim-doc-update 
psasim: update README file
 2025-03-28 09:11:13 +00:00
Felix Conway
48426b12ef Add MBEDTLS_PSA_INJECT_ENTROPY back into config-split.md 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-03-28 09:01:32 +01:00
Felix Conway
133f7aab2c Add MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES to ignore list for CI 
With the removal of the component_test_psa_inject_entropy test,
MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES is no longer set in any tests, and so
the CI will complain unless it is added to the ignore list.

Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-03-28 09:01:32 +01:00
Felix Conway
92efce2b84 [development] Remove code relating to MBEDTLS_PSA_INJECT_ENTROPY 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-03-28 09:01:05 +01:00
Ben Taylor
b430f8235c removed whitespace 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-28 07:47:50 +00:00
Ben Taylor
d1c2d254ca Add ChangeLog for rng removal 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-28 07:47:50 +00:00
Manuel Pégourié-Gonnard
e57ea21a1c
Merge pull request #10042 from bjwtaylor/remove-ssl-conf 
Remove mbedtls_ssl_conf_rng()
 2025-03-27 14:05:42 +00:00
Ben Taylor
05a978752b Remove MBEDTLS_PK_RSA_ALT 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-27 09:53:46 +00:00
David Horstmann
06bdb16719
Merge pull request #10000 from bjwtaylor/remove-sample-programs 
Delete some sample programs
 2025-03-27 09:47:10 +00:00
Manuel Pégourié-Gonnard
df9491fe16
Merge pull request #10093 from mpg/2.28-eol-dev 
The LTS branch 2.28 is now EOL
 2025-03-27 09:47:00 +00:00
Ben Taylor
7a84f0f3a9 removed rng parameters from struct mbedtls_ssl_config 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-27 09:34:21 +00:00
Ronald Cron
f19a08fb96
Merge pull request #10062 from ronald-cron-arm/check-generated-files 
Companion PR of "Add check generated files and check code style test components"
#201-merge==#201-head thus not updating the TF-PSA-Crypto pointer to #201-merge
#10062-merge==#10062-head and the merge queue is empty thus merging directly, not through the merge queue.
 2025-03-27 10:24:06 +01:00
Ronald Cron
b9d7b5f165 Update TF-PSA-Crypto pointer 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
4cd8fbbb2d Use TF_PSA_CRYPTO_ROOT_DIR 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
aa5c159e36 all.sh: check generated files: Use make_generated_files.py 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
99226e9b9b cmake: Generate test_keys.h and test_certs.h in the build tree 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
81a674eee8 Adapt to generate_config_tests.py changes 
Adapt builds and check-generated-files.sh to the fact
that generate_config_tests.py does not generate
test_suite_config.psa_boolean.data in Mbed TLS 4.x
context anymore.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
a1e1c2ce3c Update framework pointer 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
ddbf729ef7 Add directory and list arguments to generate_visualc_files.pl 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
6bf29fd417
Merge pull request #10050 from valeriosetti/issue8151-development 
[development] Remove the dynamic SE interface in 4.0
 2025-03-26 17:07:00 +00:00
David Horstmann
82bac6e076
Merge pull request #1334 from davidhorstmann-arm/add-missing-credit 
Add missing credit for `set_hostname` issue
 2025-03-26 14:09:47 +00:00
Ben Taylor
cd2660fb0e fixed code style 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:34:03 +00:00
Ben Taylor
8224e71262 remove NULL guard 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:34:03 +00:00
Ben Taylor
c12152e53e corrected style 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:34:03 +00:00
Ben Taylor
b9f83b3d07 Remove srand from fuzz 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:34:03 +00:00
Ben Taylor
03c05c336e Remove additional line 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:34:03 +00:00
Ben Taylor
fb68b8cf57 Remove empty ifdef 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:34:03 +00:00
Ben Taylor
9774e9a176 corrected code style 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:34:03 +00:00
Ben Taylor
1f091466c1 tidy up syntax 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:34:03 +00:00
Ben Taylor
1cd1e01897 Correct code style 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:34:03 +00:00