yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
16827 commits 89 branches 205 tags 114 MiB
Commit graph

4782 commits

Author SHA1 Message Date
Gilles Peskine 69813477b0
Merge pull request #4758 from paul-elliott-arm/fix_cipher_output_size 
Fix divide by zero if macro used with wrong key type
 2021-07-30 18:56:18 +02:00
Dave Rodgman 677c6c4cac
Merge pull request #4801 from hanno-arm/ssl_session_exported_private 
Explicitly mark fields as private via MBEDTLS_PRIVATE(...)
 2021-07-30 14:39:07 +01:00
Manuel Pégourié-Gonnard b637150dfe
Merge pull request #4730 from TRodziewicz/finish_removing_tls_1.0_and_1.1 
Remove all TLS 1.0 and 1.1 instances and add some compatibility tests
 2021-07-27 09:42:53 +02:00
Gilles Peskine 3b9bea0757
Merge pull request #4750 from yutotakano/fix-reserved-identifier-clash 
Replace reserved identifier clashes with suitable replacements
 2021-07-22 16:20:56 +02:00
Hanno Becker 0379942744 Explicitly mark mbedtls_ssl_config.respect_cli_pref as private 
This was always intended to be explicitly marked private.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-07-22 11:37:05 +01:00
Hanno Becker 95832d8872 Explicitly mark mbedtls_ssl_session.exported as private 
This was an oversight during concurrent merging
in the run-up to Mbed TLS 3.0.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-07-22 11:37:01 +01:00
Paul Elliott 6603e2b81c Add fix to update output size macro as well. 
Same issue with zero block length applies here.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-07-14 12:39:54 +01:00
Paul Elliott c22950c9d0 Change PSA Cipher macro safety to use block length 
Although checking if the key was symmetric was correct, its easier to
read if we just check the block length is not zero before we use it in a
division.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-07-14 12:39:54 +01:00
Yuto Takano 538a0cbcf4 Replace _RR with prec_RR to prevent reserved identifier clashes 
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
 2021-07-14 10:20:09 +01:00
Archana ef6aa5c46d Support Curve448 via the PSA API 
Enable Curve448 support
Add test vectors to evaluate
* RFC 7748
* a known-answer public key export test.
* a known-answer ECDH (X448) test.

Signed-off-by: Archana <archana.madhavan@silabs.com>
 2021-07-12 08:07:14 +05:30
Paul Elliott a02003babe Fix divide by zero if macro used with wrong key 
If PSA_CIPHER_ENCRYPT_OUTPUT_SIZE was called on a non symmetric key,
then a divide by zero could happen, as PSA_CIPHER_BLOCK_LENGTH will
return 0 for such a key, and PSA_ROUND_UP_TO_MULTIPLE will divide by the
block length.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2021-07-07 17:24:46 +01:00
Dave Rodgman 1bc9e934e2 Manual updates to version information 
This covers a few files that were missed by scripts/bump_version.sh

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-07-01 09:26:12 +01:00
Dave Rodgman 9f5774f56d
Merge pull request #4739 from gabor-mezei-arm/3258_fp30_implement_one-shot_MAC_and_cipher 
Implement one-shot cipher
 2021-06-30 17:04:23 +01:00
Dave Rodgman 0a7ff4a4e2
Merge pull request #4741 from gabor-mezei-arm/3267_fp30_sign_verify_key_policies 
Key policy extension for PSA_KEY_USAGE_SIGN/VERIFY_HASH
 2021-06-30 14:50:57 +01:00
gabor-mezei-arm 47060db199 Give a better name for struct member 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-30 10:45:58 +02:00
Dave Rodgman dc1a3b2d70
Merge pull request #4724 from hanno-arm/ssl_hs_parse_error_3_0 
Cleanup SSL error code space
 2021-06-30 09:02:55 +01:00
gabor-mezei-arm 42cdb2a90b
Fix struct initialization 
Fix initialization of mbedtls_psa_cipher_operation_t by not initializing the mbedtls_cipher_context_t typed field completely.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 19:49:00 +02:00
gabor-mezei-arm 43110b6b2c Do key usage policy extension when loading keys 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 17:05:49 +02:00
gabor-mezei-arm 86bf008782 Extend PSA_USAGE_SIGN/VERIFY_HASH key policies 
According to the PSA specification the PSA_USAGE_SIGN_HASH has the
permission to sign a message as PSA_USAGE_SIGN_MESSAGE. Similarly the
PSA_USAGE_VERIFY_HASH has the permission to verify a message as
PSA_USAGE_VERIFY_MESSAGE. These permission will also be present when
the application queries the usage flags of the key.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
 2021-06-29 17:01:48 +02:00
Dave Rodgman c628fc980f Correct and clarify the SSL error code documentation 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-29 14:36:19 +01:00
Dave Rodgman 03edc8614f Fix docs in error.h 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-29 11:06:18 +01:00
Dave Rodgman bb05cd09b7 Remove MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-29 10:41:06 +01:00
Dave Rodgman 53c8689e88 Introduce new TLS error codes 
Introduce new codes:
* MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION
* MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL

These are returned when the corresponding alert is raised.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-29 10:02:06 +01:00
Dave Rodgman 096c41111e Remove MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-29 09:52:06 +01:00
Ronald Cron 8682faeb09
Merge pull request #4694 from gilles-peskine-arm/out_size-3.0 
Add output size parameter to signature functions
 2021-06-29 09:43:17 +02:00
Dave Rodgman 55a4d938d0
Merge pull request #4589 from bensze01/split_config 
Add a level of indirection to config file inclusion
 2021-06-28 17:54:51 +01:00
Bence Szépkúti e55a821f0e Remove explicit link to MBEDTLS_CONFIG_FILE 
This symbol is not declared in our code, so trying to explicitly
link to it causes a doxygen error.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 15:15:56 +01:00
Bence Szépkúti 5e2743f284 Mention MBEDTLS_CONFIG_FILE in build_info.h docs 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 14:32:01 +01:00
Bence Szépkúti 9cd7065307 No other headers are included by mbedtls_config.h 
These have been moved to build_info.h. Update the documentation to
reflect this.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 14:29:42 +01:00
TRodziewicz 2abf03c551 Remove all TLS 1.0 and 1.1 instances and add some compatibility tests 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-28 14:36:37 +02:00
Hanno Becker b561bedadd Make MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE more generic 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker 90d59dddf5 Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker c3411d4041 Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker 9ed1ba5926 Rename MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE 
New name MBEDTLS_ERR_SSL_BAD_CERTIFICATE

Also, replace some instances of MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE
by MBEDTLS_ERR_SSL_DECODE_ERROR and MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER
as fit.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker 5697af0d3d Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker cbc8f6fd5d Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2021-06-28 12:35:08 +01:00
Hanno Becker a0ca87eb68 Remove MBEDTLS_ERR_SSL_BAD_HS_FINISHED 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker d200296f17 Remove MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker d934a2aafc Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker d3eec78258 Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker 666b5b45f7 Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker 029cc2f97b Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker b24e74bff7 Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP error code 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker d01fc5f583 Introduce MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE error code 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker 241c19707b Remove MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker bc00044279 Rename MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION 
New name is MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker 93636cce4a Add MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Hanno Becker 2fe5f61e1a Add generic codes for syntactic and semantic message parsing errors 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-28 12:35:07 +01:00
Bence Szépkúti 1b2a8836c4 Correct documentation references to Mbed TLS 
Use the correct formatting of the product name in the documentation.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 10:37:19 +01:00
Bence Szépkúti a1d1f5b84f Fix typo 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2021-06-28 09:49:04 +01:00