yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
29227 commits 89 branches 205 tags 114 MiB
Commit graph

29227 commits

This branch
This branch
All branches
Author SHA1 Message Date
Valerio Setti fbefe04bf3 check_config: fix requirements for CTR_DRBG 
The module now depends on either:
- AES_C, which is the default and the preferred solution for
  backward compatibility
- CRYPTO_C + KEY_TYPE_AES + ALG_ECB_NO_PADDINTG, which is the
  new solution when AES_C is not defined

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Valerio Setti 40a93dff32 all.sh: keep CTR_DRBG enabled in test_psa_crypto_config_accel_cipher_aead() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:41 +01:00
Manuel Pégourié-Gonnard 3d12d65946
Merge pull request #8590 from valeriosetti/fix-pkcs5-pkcs12 
pkcs[5/12]: use cipher enums for encrypt and decrypt
 2023-12-04 10:03:02 +00:00
Dave Rodgman 9afc0200c7
Merge pull request #8563 from Oldes/issues-8562 
Fixed compilation for Haiku OS
 2023-12-04 09:53:08 +00:00
Yanray Wang 3d82ffce5b ssl-opt: test handshake for TLS 1.2 only cli with TLS 1.3 only srv 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-04 17:50:43 +08:00
Yanray Wang fb0f47b1f8 tls13: srv: check tls version in ClientHello with min_tls_version 
When server is configured as TLS 1.3 only and receives ClientHello
from a TLS 1.2 only client, it's expected to abort the handshake
instead of downgrading protocol to TLS 1.2 and continuing handshake.
This commit adds a check to make sure server min_tls_version always
larger than received version in ClientHello.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-04 17:50:36 +08:00
Dave Rodgman 7a2dae6442
Merge pull request #8589 from daverodgman/ct-unused 
Remove unused/non-compiling code
 2023-12-04 09:41:39 +00:00
Jerry Yu 7bb40a3650 send unexpected alert when not received eoed or app during reading early data 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-04 10:04:15 +08:00
Jerry Yu fbf039932a Send decode error alert when EOED parsing fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-04 10:00:37 +08:00
Jerry Yu 3be850782c fix various issues 
- improve comments
- rename function and macros name
- remove unnecessary comments
- remove extra empty lines
- remove unnecessary condition

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-04 09:58:54 +08:00
Thomas Daubney 10769bca9e Fix bad whitespace in keyword argument assignment 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 23:47:59 +00:00
Thomas Daubney 3a0690647e Use guess_mbedtls_root in Mbed-TLS-only script 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 18:27:25 +00:00
Thomas Daubney 04c446cc21 Modify crypto_core_directory to also return a relative path 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 17:18:38 +00:00
Valerio Setti 4577bda6d5 pkcs[5|12]: use cipher enums for encrypt and decrypt 
Instead of re-defining MBEDTLS_PKCS5_[EN/DE]CRYPT and
MBEDTLS_PKCS12_PBE_[EN/DE]CRYPT from scratch, since these values
are to be used with the mbedtls_cipher_setkey() function, ensure
that their value matches with enums in cipher.h.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-01 16:51:24 +01:00
Yanray Wang 744577a429 tls13: early_data: cli: check a PSK has been selected in EE 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 23:03:37 +08:00
Dave Rodgman f1be1f6740 Remove unused code 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-12-01 13:53:45 +00:00
Oldes Huhuman 304fa091cf Shortening a comment line 
Related to: https://github.com/Mbed-TLS/mbedtls/issues/8562

Signed-off-by: Oldes Huhuman <oldes.huhuman@gmail.com>
 2023-12-01 12:23:26 +01:00
Thomas Daubney 99030e2a50 Remove trailing whitespace 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-12-01 09:52:35 +00:00
Yanray Wang 9ae6534c20 tls13: early_data: cli: improve comment 
This commit improves comment of why we assign the identifier of the
ciphersuite in handshake to `ssl->session_negotiate`.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 17:46:08 +08:00
Yanray Wang 03a00768c0 tls13: early_data: cli: improve comment 
This commit improves comment of the check for handshake parameters
in Encrypted Extension.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 17:40:21 +08:00
Jerry Yu 0af63dc263 improve comments and output message 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 17:18:04 +08:00
Jerry Yu ee4d729555 print received early application data 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:53:50 +08:00
Jerry Yu e96551276a switch inbound transform to handshake 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:53:50 +08:00
Jerry Yu 75c9ab76b5 implement parser of eoed 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:53:50 +08:00
Jerry Yu b4ed4602f2 implement coordinate of eoed 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:34:00 +08:00
Jerry Yu d5c3496ce2 Add dummy framework of eoed state 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:32:31 +08:00
Jerry Yu 59d420f17b empty process_end_of_early_data 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:30:34 +08:00
Ronald Cron 857d29f29a
Merge pull request #8528 from yanrayw/issue/6933/parse-max_early_data_size 
TLS1.3 EarlyData: client: parse max_early_data_size
 2023-12-01 08:27:26 +00:00
Jerry Yu 9b72e39701 re-introduce process_wait_flight2 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:27:08 +08:00
Jerry Yu e32fac3d23 remove wait_flight2 state 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-12-01 16:25:16 +08:00
Dave Rodgman 422951b9ed
Merge pull request #8044 from daverodgman/msft-aarch64 
Better support for MSVC aarch64 aka ARM64 and ARM64EC
 2023-12-01 07:48:26 +00:00
Yanray Wang e72dfff1d6 tls13: early_data: cli: improve comment 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 12:05:16 +08:00
Yanray Wang 2bef7fbc8d tls13: early_data: cli: remove guard to fix failure 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-12-01 12:02:56 +08:00
Gilles Peskine 1097d4e731 Minor clarification 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 21:18:10 +01:00
Gilles Peskine c3fd0958ce typo 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 21:18:04 +01:00
Gilles Peskine 02112cc9a1 Update PBKDF2 availability for 3.5 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 21:17:55 +01:00
Gilles Peskine 3ea22dcb51 Correct function names prefixes where they diverge from module names 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 21:07:24 +01:00
Gilles Peskine dbcfc7dd95 Be more informative about "No change" 
Distinguish between interfaces that won't change in 4.0, and interfaces that
have no PSA equivalent but are likely to change in 4.0.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 21:04:06 +01:00
Thomas Daubney db80b2301c Introduce guess_tf_psa_crypto_root 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 17:33:54 +00:00
Thomas Daubney d1f2934e78 Introduce guess_mbedtls_root 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 17:27:42 +00:00
Thomas Daubney 56bee0344e Rename variable for better clarity 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 14:33:35 +00:00
Thomas Daubney 46588de8fc Improve documentation of crypto_core_directory 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 13:59:30 +00:00
Thomas Daubney 08c6dc4942 Rename project_crypto_name 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-30 13:56:09 +00:00
Gilles Peskine d79854b3f7 That's not what mbedtls_ecdh_get_params does 
Keep the discussion of how to retrieve information about a key exchange.
This doesn't seem to have equivalent legacy ECDH APIs.

Add a todo item for mbedtls_ecdh_get_params(). At this point I don't know
where it fits.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 14:01:59 +01:00
Gilles Peskine f7746bdd79 Correct lists of sign/verify functions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 14:01:44 +01:00
Gilles Peskine 951cf39b3f Corrections and clarifications around asymmetric key formats 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 14:01:20 +01:00
Gilles Peskine 4d234f1ede Editorial corrections 
Fix typos, copypasta, and other minor clarifications.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 13:59:49 +01:00
Dave Rodgman 059f66ce7c Remove redundant check 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 11:02:03 +00:00
Dave Rodgman 6eee57bc07 Merge remote-tracking branch 'origin/development' into msft-aarch64 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-30 11:01:50 +00:00
Gilles Peskine 396a2a3dcb Explain interruptible operations 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-30 11:02:06 +01:00