TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-03 02:56:55 +02:00
Code Issues Packages Projects Releases Wiki Activity
34,195 Commits 179 Branches 280 Tags
75b8b0f4d95d6c1520c7ec0016ecbc18cde95e8e
Commit Graph

34195 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ronald Cron
75b8b0f4d9 Add unit test with TLS 1.2 nego after HRR 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2026-02-26 14:15:30 +01:00
David Horstmann
5e54829b68 Merge pull request #1471 from yanesca/1427_buffer_underflow 
Fix buffer underflow in `x509_inet_pton_ipv6()`
 2026-02-16 11:58:35 +00:00
Janos Follath
50376926a7 inet_pton: simplify IPv4 walkback loop 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-02-12 08:11:37 +00:00
Janos Follath
57f189887b Add ChangeLog entry 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-02-12 08:11:37 +00:00
Janos Follath
1a127e3c89 inet_pton: fix buggy condition 
The flawed condition made us accept invalid IPv6 addresses and in some
cases lead to a buffer underread.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-02-12 08:11:37 +00:00
Janos Follath
d5e7465ea0 inet_pton: help ASan find the underflow 
The generated unit tests have the input parameters in large stack
buffers and therefore ASan doesn't notice under or overflows in them.
Copy the input parameter into a locally allocated buffer to trigger ASan
if something goes wrong.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-02-12 08:11:37 +00:00
Janos Follath
346720d674 Add ASan to test_sw_inet_pton 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-02-12 08:11:37 +00:00
Janos Follath
f7b4b5aac0 Add malicious ip test for inet_pton 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-02-11 16:34:04 +00:00
Manuel Pégourié-Gonnard
75eec4b477 Merge pull request #10577 from h1wind/patch-1 
fix: Disabling the MBEDTLS_SSL_CLI_C feature caused a compilation error: unused parameter "ssl".
 2026-01-29 10:30:18 +00:00
hi
4987340d24 fix code style in ssl_msg.c and add signoff 
Signed-off-by: hi <hi@nosec.me>
 2026-01-29 14:14:02 +08:00
hi
d823908335 fix: Disabling the MBEDTLS_SSL_CLI_C feature caused a compilation error: unused parameter "ssl". 
Signed-off-by: hi <hi@nosec.me>
 2026-01-29 14:14:02 +08:00
Gilles Peskine
068ef9cbe0 Merge pull request #10511 from minosgalanakis/rework/move-psasim 
Rework/move psasim
 2026-01-28 18:05:59 +00:00
David Horstmann
d0bff58379 Merge pull request #10514 from ng-gsmk/development 
mbedtls_ssl_get_alert(): getter for fatal alerts
 2026-01-28 16:49:09 +00:00
Minos Galanakis
7663b9c727 Updated framework pointer 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2026-01-28 16:34:54 +00:00
Minos Galanakis
1c2b690389 Test Makefiles: Updated location of psasim 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2026-01-27 12:07:05 +00:00
Minos Galanakis
097e57874f Moved tests/psa-client-server to framework. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2026-01-27 12:07:05 +00:00
Nico Geyso
cc53b069d9 Improve changelog for alert getter 
Integrate suggestions by @ronald-cron-arm for changelog for alert
getter.

Signed-off-by: Nico Geyso <ng@gsmk.de>
 2026-01-27 10:48:55 +01:00
Nico Geyso
8a3bcb1434 Fix coding style conventions for mbedtls_ssl_context 
Signed-off-by: Nico Geyso <ng@gsmk.de>
 2026-01-26 15:38:50 +01:00
Nico Geyso
6afd8367b9 remove whitespace in mbedtls_ssl_session_msg_layer 
to comply with coding style, remove blank new line for alert reset

Signed-off-by: Nico Geyso <ng@gsmk.de>
 2026-01-26 13:22:44 +01:00
Nico Geyso
4f83ebedd1 Fix outstanding code review issues 
- adjust function name to mbedtls_ssl_get_fatal_alert
- fix missing property name changes for  mbedtls_ssl_context

Signed-off-by: Nico Geyso <ng@gsmk.de>
 2026-01-26 13:15:07 +01:00
ng-gsmk
15c68993cb Apply suggestions from code review 
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: ng-gsmk <ng@gsmk.de>
 2026-01-26 13:07:26 +01:00
Valerio Setti
46a5f309d6 Merge pull request #10571 from mpg/fix-not-grep-2 
Fix more paths for "not grep"
 2026-01-22 12:52:42 +00:00
Manuel Pégourié-Gonnard
499e3d13f7 Fix more paths for "not grep" 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2026-01-22 10:23:03 +01:00
Gilles Peskine
5ed5aeb4d9 Merge pull request #10569 from gilles-peskine-arm/mldsa-pqcp-add-driver-mbedtls 
CMake: Declare pqcp driver to mbedtls
 2026-01-21 12:49:34 +00:00
David Horstmann
7294fc1c1a Merge pull request #10567 from yanesca/add_clarifications_4.x 
Add miscellaneous clarifications
 2026-01-20 16:38:53 +00:00
Gilles Peskine
abf6c3a9fb CMake: Declare pqcp driver to mbedtls 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-01-20 12:27:43 +01:00
Janos Follath
2b9f62a1be programs/README.md clarify security remark 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-01-20 10:39:40 +00:00
Janos Follath
a852e72746 SECURITY.md: make x509 data section more readable 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-01-20 10:38:16 +00:00
Janos Follath
7a9eceb53c Clarify purpose and suitability of sample programs 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-01-19 14:46:44 +00:00
Janos Follath
b712065a2e Clarify CRL security guarantees 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-01-19 14:42:11 +00:00
Valerio Setti
069cfbd43c Merge pull request #10564 from valeriosetti/issue10380-mbedtls 
Remove unused script `set_psa_test_dependencies.py`
 2026-01-16 15:11:14 +00:00
Gilles Peskine
d49372176f Merge pull request #10551 from bjwtaylor/remove-drbg-modules 
Remove use of DRBG modules from sample programs
 2026-01-15 12:14:24 +00:00
Ben Taylor
fe3f378eec Restore mbedtls_memory_buffer_alloc_free_and_self_test, as it is still required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-15 08:38:06 +00:00
Ben Taylor
4569547e59 Add fixes for defines in selftest 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-15 07:56:29 +00:00
Ben Taylor
842d2d948c Re-add mbedtls_entropy_self_test_wrapper 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:18:33 +00:00
Ben Taylor
b300692011 Remove some headers from ssl_test_lib.h, as they are no longer required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:09:15 +00:00
Ben Taylor
dcf7670825 Add further rng removals highlighted by the ci 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:23 +00:00
Ben Taylor
7d71244dc3 Remove rng_context_t, as it is no longer useful 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:23 +00:00
Ben Taylor
767a3655e5 Remove f_rng p_rng, as these are no longer used 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:23 +00:00
Ben Taylor
b6cccdf8b5 Replace mbedtls_psa_get_random 
Replace mbedtls_psa_get_random with psa_generate_random, as this is a backwards
compatibility layer that is now longer required

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:23 +00:00
Ben Taylor
552f31410c Re-add the HMAC_DRBG and CTR_DRBG are cryptographic modules as they are still required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:22 +00:00
Ben Taylor
79002cc990 Remove rng_get from sample programs, as it is no longer required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:22 +00:00
Ben Taylor
99ec289535 Remove duplicated reproducable 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:22 +00:00
Ben Taylor
eace7ca23f Remove double initialisation of psa 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:22 +00:00
Ben Taylor
fe978ac1f3 Remove Deprecated Items From Sample Programs 
Remove the drbg module and entropy functions from the sample programs as these are
now handled by their PSA equivalents

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:22 +00:00
Valerio Setti
4e2584d681 tests: scripts: remove set_psa_test_dependencies.py 
This script was used in the past, but it has since been replaced with
other scripts and nowadays it's no more used anywhere.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-14 13:34:32 +01:00
Ronald Cron
6370f1c59c Merge pull request #10507 from minosgalanakis/rework/component-configuration-crypto-cmake 
Migrate configuration-crypto components to cmake
 2026-01-14 07:33:06 +00:00
Valerio Setti
69e117fee0 Merge pull request #10562 from mpg/fix-not-grep 
all.sh: fix file paths for "not grep"
 2026-01-13 22:08:18 +00:00
Manuel Pégourié-Gonnard
21fa4896b1 all.sh: fix file paths for "not grep" 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2026-01-13 11:24:14 +01:00
Valerio Setti
1919ee4bb4 Merge pull request #10533 from bjwtaylor/remove-pk_get_name 
Replace mbedtls_pk_get_name with pk_key_type_to_string
 2026-01-13 10:11:51 +00:00