ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-10-21 06:21:07 +08:00
Code Issues Releases Wiki Activity
33,639 Commits 176 Branches 276 Tags
eca92dcdeb1aee4f1a73f2cd5bf2ee462525475f
Commit Graph

13704 Commits

Author SHA1 Message Date
Anton Matkin
6eb5335ef0 Fixed issues with policy verification, since wildcard JPAKE policy is now disallowed, changed to concrete jpake algorithm (with SHA256 hash) 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:48 +02:00
Anton Matkin
1b70084bd9 TF-PSA-Crypto submodule link fixup 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:45 +02:00
Manuel Pégourié-Gonnard
5b74c79f00 Merge pull request #10298 from bjwtaylor/remove-deprecated-items 
Remove deprecated items
 2025-08-11 07:13:08 +00:00
Ben Taylor
5a27010fab Remove group_list_heap_allocated 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-08 08:33:03 +01:00
Gilles Peskine
627d653863 Merge pull request #10282 from bjwtaylor/switch-to-mbedtls_pk_sigalg_t 
Switch to mbedtls pk sigalg t
 2025-08-07 11:06:31 +00:00
Ben Taylor
ed0db45b63 Completely remove sig_algs_heap_allocated 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 09:40:42 +01:00
Ben Taylor
8dfed9fc15 Remove pointer cast in mbedtls_x509_oid_get_sig_alg 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
8b3b7e5cac Update further type mismatches 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
6816fd781e Adjust for change in mbedtls_pk_verify_new function prototype 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
7573321f61 Fix style issues 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
8e832b6594 Add sigalg types to x509_crt.c 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
1c118a564d reverted enum in pk_verify_new 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
b2eecc621d switch to mbedtls_pk_sigalg_t 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
500e497c05 Fix code style issues 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
adf5d537b2 Fix code style 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
d95ea27e8c Create new enum mbedtls_pk_sigalg_t 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Valerio Setti
a2a1c084ef mbedtls_check_config: remove reference to MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-06 15:00:08 +02:00
Ben Taylor
6023652711 Remove additional references to sig_algs_heap_allocated 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-06 08:28:43 +01:00
Valerio Setti
d0d0791aed remove usage of secp192[k|r]1 curves 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-06 09:15:35 +02:00
Valerio Setti
70a4a31cb5 remove secp224[k|r]1 curves 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-06 09:15:35 +02:00
Ben Taylor
9f54408c31 Remove sig_algs_heap_allocated=0 as it is always 0 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-05 08:28:33 +01:00
Ben Taylor
8b91436903 Remove paragraph in comments as it is no longer required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-05 08:22:10 +01:00
Ben Taylor
27a4cc9de2 Remove mbedtls_ssl_conf_sig_hashes from comments 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-04 15:13:34 +01:00
Ben Taylor
9db2e91cfe Fix style issues 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-01 11:45:14 +01:00
Ben Taylor
73de8aa8c6 Removal of sig_hashes in ssl.h 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-01 11:45:14 +01:00
Ben Taylor
01bf8bafcd removed mbedtls_ssl_conf_sig_hashes and temporarily re-add sig_hashes 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-01 11:45:14 +01:00
Ben Taylor
b98aa51128 correct logic in ssl_msg 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-01 11:45:14 +01:00
Ben Taylor
4a43804d69 Remove deprecated items 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-01 11:45:14 +01:00
Anton Matkin
72d6030f89 Combine psa_pake_set_password_key and psa_pake_setup into a single function 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-01 09:21:17 +02:00
Gilles Peskine
3e23cdc754 Merge pull request #10313 from ronald-cron-arm/dependency-on-generated-files-dev 
cmake: library: Fix potential concurrent file generation
 2025-07-30 11:44:18 +00:00
Gilles Peskine
db99ca95a7 Merge remote-tracking branch 'development' into dependency-on-generated-files-dev 2025-07-30 11:16:34 +02:00
Gilles Peskine
bb9ca493a1 Merge pull request #10271 from bjwtaylor/new-mbedtls_pk_sigalg_t 
Update functions to use alias
 2025-07-30 08:09:59 +00:00
Ben Taylor
73b3987291 Correct rebase and add in additional type cast 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-29 07:54:44 +01:00
Ben Taylor
d3ae1701f3 Remove pragmas and use alias 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-29 07:54:44 +01:00
Ben Taylor
1c1535f153 Make pragmas more specific 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-29 07:54:43 +01:00
Ben Taylor
04b03d7712 Replace Werror removal with pragma 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-29 07:54:43 +01:00
Gilles Peskine
1819a915bc Include limits.h where needed 
This will be needed when TF-PSA-Crypto's `build_info.h` stops including
`limits.h`, which it currently does by accident because it includes
`check_config.h` which wants `limits.h` to check `CHAR_BIT`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-07-28 15:45:12 +02:00
Gilles Peskine
ac637ac9f8 Make check_config.h private 
`check_config.h` only needs to run once on the configuration. It doesn't
need to run every time an application is built. It used to be public up to
Mbed TLS 2.x because it was included from `config.h`, and users could
substitute that file completely and should still include `check_config.h`
from their file. But since Mbed TLS 3.x, including `check_config.h` is a
purely internal thing (done in `build_info.h`). So make the file itself
purely internal.

We don't need to include `check_config.h` when building every library file,
just one: `mbedtls_config.c`, that's its job.

Give the file a unique name, to avoid any clashes with TF-PSA-Crypto's
`check_config.h`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-07-28 15:45:12 +02:00
Gilles Peskine
018e09872d New source file for configuration checks 
This will be populated in subsequent commits.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-07-28 15:45:12 +02:00
Ronald Cron
8719c2f00b ssl_misc.h: Update PKCS1 dependencies 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-07-24 08:42:16 +02:00
Bence Szépkúti
27125ceacf Update references to tf-psa-crypto/core/common.h 
This commit was generated using the following command:

sed -i 's/\(^\|[^_]\)common\.h/\1tf_psa_crypto_common.h/g' \
    $(git ls-files .                                       \
        ':!:programs/fuzz'                                 \
        ':!:tests/psa-client-server'                       \
        ':!:tf-psa-crypto'                                 \
        ':!:framework')                                    \
    $(git grep -l 'tf-psa-crypto/core/common.h')

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-07-21 20:02:30 +02:00
Ronald Cron
a2c37b3b2d cmake: library: Add custom targets for generated files 
Add a custom target that depends on TLS
generated files, and make both the static and
shared crypto libraries depend on it.

This ensures that when both libraries are built,
the files are not generated concurrently
by the static and shared library targets.

Do the same for the x509 libraries.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-07-21 09:49:14 +02:00
Ronald Cron
ed4a10661c cmake: library: Remove unnecessary link_to_source 
If we do not generate error.c, version_features.c, ...
then they are supposed to be in the source tree.
The CMake build get them from here and there is no
need for a symbolic link or a copy in the build tree.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-07-21 09:48:29 +02:00
Ben Taylor
0de87611bb Remove additional calls to mbedtls_pk_verify_ext 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-21 07:53:15 +01:00
Ben Taylor
306ffd3a36 Switch to mbedtls_pk_verify_new 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-21 07:53:15 +01:00
Ben Taylor
1030f80a0b Add private include to additional files 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-17 15:22:08 +01:00
Minos Galanakis
83bef5b66a Merge tag 'mbedtls-4.0.0-beta' into mbedtls-4.0.0-beta-mergeback 
Mbed TLS 4.0.0-beta
 2025-07-07 17:40:18 +03:00
Manuel Pégourié-Gonnard
921331867d Merge pull request #10197 from gilles-peskine-arm/ssl_helpers-split_perform_handshake-dev 
Break down mbedtls_test_ssl_perform_handshake
 2025-06-30 09:39:29 +00:00
Minos Galanakis
09dc57d323 Version Bump 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-06-27 12:17:28 +01:00
Minos Galanakis
ed87da7ad7 Merge remote-tracking branch 'restricted/development-restricted' into future_rc 
As set by process the tf-psa-crypto submodule is set
to point to tf-psa-crypto-release-sync input.
 2025-06-27 10:50:33 +01:00