ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-31 10:01:22 +08:00
Code Issues Releases Wiki Activity
32,817 Commits 172 Branches 268 Tags
Commit Graph

13519 Commits

Author SHA1 Message Date
Valerio Setti
d7a465431c library: do not include dhm.c in the build 
The file was cancelled from the tf-psa-crypto repo following the removal
of MBEDTLS_DHM_C.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-05 10:11:23 +01:00
Valerio Setti
15fd5c9925 ssl: remove support for MBEDTLS_DHM_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-05 10:11:23 +01:00
Stefan Gloor
b5c079b13c fix: rename BEFORE_COLON and BC to avoid conflicts 
Namespace BEFORE_COLON and BC defines by prepending MBEDTLS_
and expanding BC to BEFORE_COLON_STR. This is to avoid naming
conflicts with third-party code. No functional change.

Signed-off-by: Stefan Gloor <stefan.gloor@siemens.com>
 2025-02-21 10:33:51 +01:00
Stefan Gloor
6a9cf11361 fix: remove superfluous BEFORE_COLON in x509_crl.c 
BEFORE_COLON and BC defines with the accompanying comment are only
required in x509_crt and x509_csr, but not used in x509_crl.c.

Signed-off-by: Stefan Gloor <stefan.gloor@siemens.com>
 2025-02-21 10:32:36 +01:00
Valerio Setti
b8621b6f9d ssl_ciphersuites: remove references to DHE-RSA key exchanges 
In this commit also MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED is removed.
This cause some code in "ssl_ciphersuites_internal.h" and
"ssl_tls12_server.c" to became useless, so these blocks are removed
as well.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
Valerio Setti
89743b5db5 ssl_tls: remove code related to DHE-RSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
David Horstmann
be658c47c8
Merge pull request #9938 from bjwtaylor/ssl-ticket-api 
Move ssl_ticket to the PSA API
 2025-02-05 10:41:09 +00:00
Harry Ramsey
2547ae9fcc Move SSL macro checks from TF-PSA-Crypto to Mbed TLS 
This commit moves macro checks specifically for Mbed TLS from
TF-PSA-Crypto to Mbed TLS where they more approriately belong.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-01-31 13:58:43 +00:00
Ben Taylor
0c29cf87b1 Move ssl_ticket to the PSA API 
Convert the mbedtl_ssl_ticket_setup function to use the TF_PSA_Crypto
API.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-01-30 08:22:40 +00:00
Manuel Pégourié-Gonnard
072c98eb75 Remove empty #if #endif block 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-29 10:40:15 +01:00
Manuel Pégourié-Gonnard
53fe26c5ad Update a function's doxygen 
There was two versions of this function with different arguments. Update
the documentation to match the signature of the function we kept.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:44:15 +01:00
Manuel Pégourié-Gonnard
c7403edad8 Rm dead !USE_PSA code: ssl_tls12_client (part 2) 
Manually handle unifdef leftovers

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:43:57 +01:00
Manuel Pégourié-Gonnard
fef408976f Rm dead !USE_PSA code: ssl_tls12_client (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls12_client.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:21:09 +01:00
Manuel Pégourié-Gonnard
8fcfcf947c Appease unifdef 
I was going to describe those changes as temporary, to be undone after
applying unifdef, but it turns out they're both in dead code, so there
will be nothing to undo after unifdef has run.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:19:35 +01:00
Manuel Pégourié-Gonnard
07a1edd590 Rm dead !USE_PSA code: ssl_tls.c (part 2) 
Manually handle more complex expressions.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:19:15 +01:00
Manuel Pégourié-Gonnard
88800ddcc6 Rm dead !USE_PSA code: ssl_tls.c (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls.c
framework/scripts/code_style.py --fix library/ssl_tls.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:18:11 +01:00
Manuel Pégourié-Gonnard
1a3959c84e Rm dead !USE_PSA code: ssl_msg.c 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_msg.c

Took care of everything in this file

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:18:02 +01:00
Manuel Pégourié-Gonnard
df5e1b6864 Rm dead !USE_PSA code: ssl_tls12_server.c (part 2) 
Manual.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:17:54 +01:00
Manuel Pégourié-Gonnard
58916768b7 Rm dead !USE_PSA code: ssl_tls12_server.c (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls12_server.c
framework/scripts/code_style.py --fix library/ssl_tls12_server.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:17:26 +01:00
Manuel Pégourié-Gonnard
0b44a81f07 Rm dead !USE_PSA code: ssl_tls13*.c part 2 
The one expression that was apparently too much for unifdef

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:15:40 +01:00
Manuel Pégourié-Gonnard
855f5bf244 Rm dead !USE_PSA code: ssl_tls13_xxx (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls13*.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:15:29 +01:00
Manuel Pégourié-Gonnard
615914b5ac Rm dead !USE_PSA code: SSL headers (part 2) 
Expression that are too complex for unifdef - please review carefully :)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:15:14 +01:00
Manuel Pégourié-Gonnard
11ae619e77 Rm dead !USE_PSA code: SSL headers (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl*.h

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:15:04 +01:00
Manuel Pégourié-Gonnard
daeaa51943 Rm dead !USE_PSA code: SSL ciphersuites (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl_ciphersuites*

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:14:50 +01:00
Manuel Pégourié-Gonnard
b18c8b957b Rm dead !USE_PSA code: SSL hooks 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl_{ticket,cookie}.[ch]

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:14:43 +01:00
Manuel Pégourié-Gonnard
f60b09b019 Rm dead !USE_PSA code: X.509 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/x509*.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:14:38 +01:00
Ronald Cron
189dcf630f
Merge pull request #9910 from valeriosetti/issue9684 
Remove DHE-PSK key exchange
 2025-01-27 11:15:10 +00:00
Manuel Pégourié-Gonnard
7e1154c959
Merge pull request #9906 from mpg/rm-conf-curves 
[dev] Remove deprecated function mbedtls_ssl_conf_curves()
 2025-01-27 08:21:27 +00:00
Valerio Setti
6348b46c0b ssl_ciphersuites: remove references/usages of DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
48659a1f9c ssl_tls: remove usage of DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
6b64a1ba37 x509: remove definition and implementation of x509write_crt_set_serial 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-16 15:00:10 +01:00
Manuel Pégourié-Gonnard
6402c35eca Remove internal helper mbedtls_ssl_get_groups() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:23:56 +01:00
Manuel Pégourié-Gonnard
6b720161ca Remove mbedtls_ssl_conf::curve_list 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:17:20 +01:00
Manuel Pégourié-Gonnard
93d4591255 Remove deprecated function mbedtls_ssl_conf_curves() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:06:31 +01:00
Gilles Peskine
bc7c523420 Remove uses of secp244k1 
Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will
not be implemented. (It would be K1_225 anyway, but we don't intend to
implement it anyway.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-01-08 16:51:23 +01:00
Janos Follath
0d28fcb082
Merge pull request #9798 from NadavTasher/feature/more-debug-prints 
Added debug print in tls13 ssl_tls13_write_key_share_ext
 2025-01-07 16:18:35 +00:00
Ronald Cron
51f228cc1b Switch to actual TF-PSA-Crypto build_info.h 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-11 22:32:45 +01:00
Ronald Cron
6a2cbe77fa Move driver wrappers generation to tf-psa-crypto 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-04 14:25:02 +01:00
Ronald Cron
6924564970 Move back timing.c to mbedtls 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-04 14:25:02 +01:00
Ronald Cron
8b592d28f9 Move psa_to_ssl_errors 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-04 14:25:02 +01:00
Ronald Cron
80963c64eb Move hkdf.h to tf-psa-crypto 
Move hkdf.h to tf-psa-crypto as
hkdf.c was.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-04 14:25:02 +01:00
SuperIlu
685d128c0f
Make mbedTLS compile with MS-DOS DJGPP 
Signed-off-by: SuperIlu <superilu@yahoo.com>
 2024-12-01 10:05:21 +01:00
Nadav Tasher
8bfa04a182 Added debug print in tls13 ssl_tls13_write_key_share_ext 
Signed-off-by: Nadav Tasher <tashernadav@gmail.com>
 2024-11-26 00:51:16 +02:00
Ronald Cron
0381a98114 cmake: Move copy of crypto libraries to mbedtls 
Move copy of crypto libraries to mbedtls as this
copy does not make sense in TF-PSA-Crypto context.
Also copy all of them, not just tfpsacrypto.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-11-14 09:28:27 +01:00
Ronald Cron
b7d0e52e16 cmake: Rename mbedcrypto target to tfpsacrypto 
Rename mbedcrypto target to tfpsacrypto and
prefix all cmake related variables with
tfpsacrypto instead of mbedcrypto.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-11-14 09:28:27 +01:00
Ronald Cron
211bf6de21 cmake: Fix config files compile definitions 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-11-14 08:52:20 +01:00
Gilles Peskine
91e7ebebfe Remove RSA_PSK suites from cipher suite lists 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-11-05 15:49:12 +01:00
Gilles Peskine
b3ec125580 Remove mentions of RSA-PSK key exchange from documentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-11-05 15:49:12 +01:00
Gilles Peskine
712e9a1c3e Remove MBEDTLS_KEY_EXCHANGE_RSA_PSK 
Remove mentions of MBEDTLS_KEY_EXCHANGE_RSA_PSK that were not guarded by the
configuration option MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED. This finishes the
removal of library code that supports the RSA-PSK key exchange in TLS 1.2.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-11-05 15:49:12 +01:00
Gilles Peskine
ac767e5c69 Remove MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED 
Remove the configuration option MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED and all
code guarded by it. This remove support for the RSA-PSK key exchange in TLS
1.2.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-11-05 15:49:01 +01:00