ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-19 06:58:24 +08:00
Code Issues Releases Wiki Activity
32,763 Commits 172 Branches 268 Tags
Commit Graph

13524 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
28f8e205eb
Merge pull request #9872 from rojer/tls_hs_defrag_in 
Defragment incoming TLS handshake messages
 2025-02-24 09:28:11 +01:00
Deomid rojer Ryabkov
dd14c0a11e Remove in_hshdr 
The first fragment of a fragmented handshake message always starts at the beginning of the buffer so there's no need to store it.

Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2025-02-13 13:41:51 +03:00
Valerio Setti
b8621b6f9d ssl_ciphersuites: remove references to DHE-RSA key exchanges 
In this commit also MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED is removed.
This cause some code in "ssl_ciphersuites_internal.h" and
"ssl_tls12_server.c" to became useless, so these blocks are removed
as well.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
Valerio Setti
89743b5db5 ssl_tls: remove code related to DHE-RSA 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-06 10:05:58 +01:00
Waleed Elmelegy
cf4e6a18e6 Remove unused variable in ssl_server.c 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2025-02-05 13:10:01 +02:00
David Horstmann
be658c47c8
Merge pull request #9938 from bjwtaylor/ssl-ticket-api 
Move ssl_ticket to the PSA API
 2025-02-05 10:41:09 +00:00
Deomid rojer Ryabkov
afa11db620 Remove obselete checks due to the introduction of handhsake defragmen... 
tation. h/t @waleed-elmelegy-arm

909e71672f

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2025-02-01 15:42:43 +02:00
Harry Ramsey
2547ae9fcc Move SSL macro checks from TF-PSA-Crypto to Mbed TLS 
This commit moves macro checks specifically for Mbed TLS from
TF-PSA-Crypto to Mbed TLS where they more approriately belong.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-01-31 13:58:43 +00:00
Ben Taylor
0c29cf87b1 Move ssl_ticket to the PSA API 
Convert the mbedtl_ssl_ticket_setup function to use the TF_PSA_Crypto
API.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-01-30 08:22:40 +00:00
Manuel Pégourié-Gonnard
072c98eb75 Remove empty #if #endif block 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-29 10:40:15 +01:00
Manuel Pégourié-Gonnard
53fe26c5ad Update a function's doxygen 
There was two versions of this function with different arguments. Update
the documentation to match the signature of the function we kept.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:44:15 +01:00
Manuel Pégourié-Gonnard
c7403edad8 Rm dead !USE_PSA code: ssl_tls12_client (part 2) 
Manually handle unifdef leftovers

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:43:57 +01:00
Manuel Pégourié-Gonnard
fef408976f Rm dead !USE_PSA code: ssl_tls12_client (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls12_client.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:21:09 +01:00
Manuel Pégourié-Gonnard
8fcfcf947c Appease unifdef 
I was going to describe those changes as temporary, to be undone after
applying unifdef, but it turns out they're both in dead code, so there
will be nothing to undo after unifdef has run.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:19:35 +01:00
Manuel Pégourié-Gonnard
07a1edd590 Rm dead !USE_PSA code: ssl_tls.c (part 2) 
Manually handle more complex expressions.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:19:15 +01:00
Manuel Pégourié-Gonnard
88800ddcc6 Rm dead !USE_PSA code: ssl_tls.c (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls.c
framework/scripts/code_style.py --fix library/ssl_tls.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:18:11 +01:00
Manuel Pégourié-Gonnard
1a3959c84e Rm dead !USE_PSA code: ssl_msg.c 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_msg.c

Took care of everything in this file

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:18:02 +01:00
Manuel Pégourié-Gonnard
df5e1b6864 Rm dead !USE_PSA code: ssl_tls12_server.c (part 2) 
Manual.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:17:54 +01:00
Manuel Pégourié-Gonnard
58916768b7 Rm dead !USE_PSA code: ssl_tls12_server.c (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls12_server.c
framework/scripts/code_style.py --fix library/ssl_tls12_server.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:17:26 +01:00
Manuel Pégourié-Gonnard
0b44a81f07 Rm dead !USE_PSA code: ssl_tls13*.c part 2 
The one expression that was apparently too much for unifdef

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:15:40 +01:00
Manuel Pégourié-Gonnard
855f5bf244 Rm dead !USE_PSA code: ssl_tls13_xxx (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/ssl_tls13*.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:15:29 +01:00
Manuel Pégourié-Gonnard
615914b5ac Rm dead !USE_PSA code: SSL headers (part 2) 
Expression that are too complex for unifdef - please review carefully :)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:15:14 +01:00
Manuel Pégourié-Gonnard
11ae619e77 Rm dead !USE_PSA code: SSL headers (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl*.h

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:15:04 +01:00
Manuel Pégourié-Gonnard
daeaa51943 Rm dead !USE_PSA code: SSL ciphersuites (part 1) 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl_ciphersuites*

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:14:50 +01:00
Manuel Pégourié-Gonnard
b18c8b957b Rm dead !USE_PSA code: SSL hooks 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO {library,include/mbedtls}/ssl_{ticket,cookie}.[ch]

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:14:43 +01:00
Manuel Pégourié-Gonnard
f60b09b019 Rm dead !USE_PSA code: X.509 
unifdef -m -DMBEDTLS_USE_PSA_CRYPTO library/x509*.c

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-28 16:14:38 +01:00
Deomid rojer Ryabkov
b70e76a1e6 Add a safety check for in_hsfraglen 
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2025-01-27 22:37:53 +04:00
Ronald Cron
189dcf630f
Merge pull request #9910 from valeriosetti/issue9684 
Remove DHE-PSK key exchange
 2025-01-27 11:15:10 +00:00
Manuel Pégourié-Gonnard
7e1154c959
Merge pull request #9906 from mpg/rm-conf-curves 
[dev] Remove deprecated function mbedtls_ssl_conf_curves()
 2025-01-27 08:21:27 +00:00
Deomid rojer Ryabkov
aaa152ed91 Allow fragments less HS msg header size (4 bytes) 
Except the first

Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2025-01-26 11:12:25 +02:00
Deomid rojer Ryabkov
3dfe75e115 Remove mbedtls_ssl_reset_in_out_pointers 
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2025-01-26 11:12:21 +02:00
Valerio Setti
6348b46c0b ssl_ciphersuites: remove references/usages of DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
48659a1f9c ssl_tls: remove usage of DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Deomid rojer Ryabkov
cad11ada7f Review comments 
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2025-01-18 15:59:29 +02:00
Valerio Setti
6b64a1ba37 x509: remove definition and implementation of x509write_crt_set_serial 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-16 15:00:10 +01:00
Manuel Pégourié-Gonnard
6402c35eca Remove internal helper mbedtls_ssl_get_groups() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:23:56 +01:00
Manuel Pégourié-Gonnard
6b720161ca Remove mbedtls_ssl_conf::curve_list 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:17:20 +01:00
Manuel Pégourié-Gonnard
93d4591255 Remove deprecated function mbedtls_ssl_conf_curves() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:06:31 +01:00
Gilles Peskine
bc7c523420 Remove uses of secp244k1 
Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will
not be implemented. (It would be K1_225 anyway, but we don't intend to
implement it anyway.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-01-08 16:51:23 +01:00
Janos Follath
0d28fcb082
Merge pull request #9798 from NadavTasher/feature/more-debug-prints 
Added debug print in tls13 ssl_tls13_write_key_share_ext
 2025-01-07 16:18:35 +00:00
Deomid rojer Ryabkov
ac2cf1f26c Defragment incoming TLS handshake messages 
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
 2024-12-25 14:34:17 +02:00
Ronald Cron
51f228cc1b Switch to actual TF-PSA-Crypto build_info.h 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-11 22:32:45 +01:00
Ronald Cron
6a2cbe77fa Move driver wrappers generation to tf-psa-crypto 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-04 14:25:02 +01:00
Ronald Cron
6924564970 Move back timing.c to mbedtls 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-04 14:25:02 +01:00
Ronald Cron
8b592d28f9 Move psa_to_ssl_errors 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-04 14:25:02 +01:00
Ronald Cron
80963c64eb Move hkdf.h to tf-psa-crypto 
Move hkdf.h to tf-psa-crypto as
hkdf.c was.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-12-04 14:25:02 +01:00
SuperIlu
685d128c0f
Make mbedTLS compile with MS-DOS DJGPP 
Signed-off-by: SuperIlu <superilu@yahoo.com>
 2024-12-01 10:05:21 +01:00
Nadav Tasher
8bfa04a182 Added debug print in tls13 ssl_tls13_write_key_share_ext 
Signed-off-by: Nadav Tasher <tashernadav@gmail.com>
 2024-11-26 00:51:16 +02:00
Ronald Cron
0381a98114 cmake: Move copy of crypto libraries to mbedtls 
Move copy of crypto libraries to mbedtls as this
copy does not make sense in TF-PSA-Crypto context.
Also copy all of them, not just tfpsacrypto.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-11-14 09:28:27 +01:00
Ronald Cron
b7d0e52e16 cmake: Rename mbedcrypto target to tfpsacrypto 
Rename mbedcrypto target to tfpsacrypto and
prefix all cmake related variables with
tfpsacrypto instead of mbedcrypto.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-11-14 09:28:27 +01:00