token2/mbedtls
0
0
Fork 0
mirror of https://github.com/token2/mbedtls.git synced 2026-03-13 11:14:05 -07:00
Code Issues Packages Projects Releases Wiki Activity
33,782 Commits 174 Branches 272 Tags
development
Commit Graph

714 Commits

Author SHA1 Message Date
Anton Matkin
6eb5335ef0 Fixed issues with policy verification, since wildcard JPAKE policy is now disallowed, changed to concrete jpake algorithm (with SHA256 hash) 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:48 +02:00
Anton Matkin
1b70084bd9 TF-PSA-Crypto submodule link fixup 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:45 +02:00
Ben Taylor
cdc191b500 Correct code style 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-30 07:55:14 +01:00
Ben Taylor
98ecfdb440 corrected code style 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-30 07:55:14 +01:00
Ben Taylor
62278dc93d remove MBEDTLS_USE_PSA_CRYPTO from ssl progs 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-30 07:55:14 +01:00
Ben Taylor
6bcdd67f83 Update ssl progs to restore build 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-30 07:55:14 +01:00
Ben Taylor
4bb98be277 initial remove of MBEDTLS_USE_PSA_CRYPTO 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-30 07:55:13 +01:00
Ben Taylor
c801d3293e include private pk.h internally 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-17 15:18:53 +01:00
Manuel Pégourié-Gonnard
92a9bd345c Remove call to pk_decrypt() in ssl_server2 
We no longer use decrypt TLS 1.2 (never did in 1.3) so we no longer need
this path. Further simplifications could probably be made (we currently
have an enum type with only one possible value...) but for now I'm
trying to keep changes minimal.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-05-20 12:04:26 +02:00
Max Fillinger
22728dc5e3 Use mbedtls_calloc, not regular calloc 
Also fix the allocation size.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
144cccecb7 Fix memory leak in example programs 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 17:08:12 +01:00
Max Fillinger
2fe35f61bf Create MBEDTLS_SSL_KEYING_MATERIAL_EXPORT option 
Add the option MBEDTLS_SSL_KEYING_MATERIAL_EXPORT to mbedtls_config.h
to control if the function mbedtls_ssl_export_keying_material() should
be available. By default, the option is disabled.

This is because the exporter for TLS 1.2 requires client_random and
server_random need to be stored after the handshake is complete.

Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 16:53:58 +01:00
Max Fillinger
281fb79116 Remove TLS 1.2 Exporter if we don't have randbytes 
The TLS-Exporter in TLS 1.2 requires client_random and server_random.
Unless MBEDTLS_SSL_CONTEXT_SERIALIZATION is defined, these aren't stored
after the handshake is completed.

Therefore, mbedtls_ssl_export_keying_material() exists only if either
MBEDTLS_SSL_CONTEXT_SERIALIZATION is defined or MBEDTLS_SSL_PROTO_TLS1_2
is *not* defined.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:58 +01:00
Max Fillinger
dbe864569e Fix typos in comments 
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:58 +01:00
Max Fillinger
7b72220d42 Fix coding style 
Signed-off-by: Max Fillinger <max@max-fillinger.net>
 2025-03-28 16:53:58 +01:00
Max Fillinger
32ba7f4a17 Add TLS-Exporter options to ssl_server2 
The program prints out the derived symmetric key for testing purposes.

Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
 2025-03-28 16:53:57 +01:00
Ben Taylor
47111a1cb1 initial remove of mbedtls_ssl_conf_rng 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 13:32:10 +00:00
Ben Taylor
440cb2aac2 Remove RNG from x509 and PK 
remove the f_rng and p_rng parameter from x509 and PK.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 08:17:38 +00:00
Gabor Mezei
e99e591179 Remove key exchange based on encryption/decryption 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-03-20 17:53:07 +01:00
Ben Taylor
0cfe54e4e0 remove RNG parameters from SSL API's 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-10 13:24:31 +00:00
Valerio Setti
73cd415c0b programs: remove DHM_C from ssl_client2 and ssl_server2 
MBEDTLS_DHM_C is being removed so all its occurencies should be removed
as well.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-05 10:11:22 +01:00
Ben Taylor
837130cf65 Improve Changelog and correct alg selection 
Improve the description of the API changes in the changelog and
fix some incorrect alg selection variables in ssl_server2.c.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-02-04 07:50:19 +00:00
Ben Taylor
0c29cf87b1 Move ssl_ticket to the PSA API 
Convert the mbedtl_ssl_ticket_setup function to use the TF_PSA_Crypto
API.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-01-30 08:22:40 +00:00
Elena Uziunaite
8d8620bf18 Address review comments: add PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-09-09 11:18:10 +01:00
Elena Uziunaite
a6950b8ce7 Replace MBEDTLS_PK_CAN_ECDSA_SOME with PSA_HAVE_ALG_SOME_ECDSA 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-09-09 11:17:36 +01:00