TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-20 19:21:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,336 Commits 177 Branches 276 Tags
7f4fe3943d754120fa1e639ffe89402d1c436d10
Commit Graph

153 Commits

Author SHA1 Message Date
Gilles Peskine
037f3c62ff Tell MSVC to allow non-s functions where needed 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-03-04 11:32:18 +01:00
Ben Taylor
fe978ac1f3 Remove Deprecated Items From Sample Programs 
Remove the drbg module and entropy functions from the sample programs as these are
now handled by their PSA equivalents

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:22 +00:00
Anton Matkin
7a65ce6737 Unfortunately, we had two files named oid.h - one in the main repo, and one in the tf-psa-crypto repo, and these files included the mbedtls one, so I restored the header include 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 07:05:40 +02:00
Anton Matkin
bc48725b64 Include fixups (headers moves to private directory) 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 07:05:37 +02:00
Ben Taylor
4bb98be277 initial remove of MBEDTLS_USE_PSA_CRYPTO 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-30 07:55:13 +01:00
Manuel Pégourié-Gonnard
6b8f517e4d Avoid a useless copy in cert_{req,write} 
I'm just trying to have a shorter name to avoid repeating a long
expression. This is a job for a pointer, not copying a struct.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-05-21 11:53:59 +02:00
Manuel Pégourié-Gonnard
bb8c0aba74 Add comment on apparent type mismatch 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-05-21 11:53:59 +02:00
Manuel Pégourié-Gonnard
b095862722 Fix memory leak in cert_write & cert_req 
That memory leak had been present ever since the san command-line
argument has been added.

Tested that the following invocation is now fully valgrind clean:

programs/x509/cert_write san=DN:C=NL,CN=#0000,CN=foo;DN:CN=#0000,O=foo,OU=bar,C=UK;IP:1.2.3.4;IP:4.3.2.1;URI:http\\://example.org/;URI:foo;DNS:foo.example.org;DNS:bar.example.org

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-05-12 12:34:11 +02:00
Manuel Pégourié-Gonnard
6b1147993c Fix runtime error in cert_write & cert_req 
The runtime error was introduced two commits ago (while avoiding a
use-after-free). Now the programs run cleanly but still leak memory.

The memory leak is long pre-existing and larger than just DN components
(which are made temporarily slightly worse by this commit) and will be
fixed properly in the next commit.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-05-12 12:34:11 +02:00
Ben Taylor
440cb2aac2 Remove RNG from x509 and PK 
remove the f_rng and p_rng parameter from x509 and PK.

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-03-26 08:17:38 +00:00
Felix Conway
998760ae5d Define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS in every sample program 
Add #define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS to every sample program
before the first include so that mbedtls doesn't break with future
privatization work.

Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-03-24 11:37:33 +00:00
Elena Uziunaite
9fc5be09cb Replace MBEDTLS_MD_CAN_SHA1 with PSA_WANT_ALG_SHA_1 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-09-04 18:12:59 +01:00
Michael Schuster
0420093795 Adjust spacing in sample programs 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-09 10:29:58 +01:00
Michael Schuster
8db8d6182f Fix missing-prototype errors in sample programs 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-09 10:29:58 +01:00
Elena Uziunaite
0916cd702f Replace MBEDTLS_MD_CAN_SHA256 with PSA_WANT_ALG_SHA_256 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-07-11 11:13:35 +03:00
Valerio Setti
e35117640d cert_[req/write]: add MD_C dependency 
Both programs use mbedtls_md_info_from_string() which is only
available as long as MBEDTLS_MD_C is enabled.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-22 16:28:23 +01:00
Tom Cosgrove
656d4b3c74 Avoid use of ip_len as it clashes with a macro in AIX system headers 
Fixes #8624

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-12-08 21:51:15 +00:00
Dave Rodgman
16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
David Horstmann
4a493b267f Reword error message on format of SAN arguments 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-17 14:57:23 +01:00
Waleed Elmelegy
5867465e90 Fix code style issue in cert_write program 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-13 10:03:12 +01:00
Waleed Elmelegy
1444c0eb20 Add changelog entry for x509 cert_write null dereference fix 
Also fix a typo in cert_write.c

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-12 14:31:06 +01:00
Waleed Elmelegy
476c1198e8 Fix possible NULL dereference issue in X509 cert_write program 
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-10-12 14:19:25 +01:00
Pengyu Lv
b078607f04 cert_write: Support write any for extended key usage 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-07-04 17:30:21 +08:00
Andrzej Kurek
cd17ecfe85 Use better IP parsing in x509 programs 
Remove unnecessary duplicated code.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-07 08:50:05 -04:00
Andrzej Kurek
f994bc51ad Refactor code in cert_write.c 
This way is more robust.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-06-02 05:10:17 -04:00
Andrzej Kurek
5eebfb8fd0 Enable escaping ';' in cert_write.c SANs 
This might get used in URIs.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
446e53d401 Fix a code style issue 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
f70f460e5f Fix temporary IP parsing error 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
ed557930bb Update ip_string_to_bytes to cert_req version 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
5da1d751e9 Add missing memory deallocation 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
1bc7df2540 Add documentation and a changelog entry 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 15:23:56 -04:00
Andrzej Kurek
ccdd975286 Add a certificate exercising all supported SAN types 
This will be used for comparison in unit tests.
Add a possibility to write certificates with SAN
in cert_write.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-05-17 11:45:36 -04:00
Przemek Stekiel
758aef60c5 Add guards for mbedtls_psa_crypto_free() 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-04-24 08:10:01 +02:00
Przemek Stekiel
a8c560a799 Free psa crypto at the end of programs when initialized 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-04-19 10:15:26 +02:00
Przemek Stekiel
a0a1c1eab5 Move psa_crypto_init() after other init calls 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-04-17 11:10:05 +02:00
Przemek Stekiel
89c636e6cf Init PSA in ssl and x509 programs 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-04-16 22:41:52 +02:00
Andrzej Kurek
0af32483f3 Change the format of md.h include comments 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-07 03:10:28 -04:00
Andrzej Kurek
316b7dd19c Add a justification for early md.h include in programs 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-05 14:44:38 -04:00
Andrzej Kurek
eaea30d30e Remove duplicated md.h includes 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-05 14:36:51 -04:00
Andrzej Kurek
1b75e5f784 Add missing md.h includes 
MBEDTLS_MD_CAN_SHAXXX are defined there.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2023-04-04 09:55:06 -04:00
Manuel Pégourié-Gonnard
93302422fd Fix instances of old feature macros being used 
sed -i -f md.sed include/mbedtls/ssl.h library/hmac_drbg.c programs/pkey/*.c programs/x509/*.c tests/scripts/generate_pkcs7_tests.py tests/suites/test_suite_random.data

Then manually revert programs/pkey/ecdsa.c as it's using a low-level
hash API.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-24 10:43:40 +01:00
Dave Rodgman
94c9c96c94 Merge pull request #6998 from aditya-deshpande-arm/fix-example-programs-usage 
Fix incorrect dispatch to USAGE in example programs, which causes uninitialized memory to be used
 2023-02-06 09:53:50 +00:00
Aditya Deshpande
644a5c0b2b Fix bugs in example programs: change argc == 0 to argc < 2 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-01-30 16:48:13 +00:00
Valerio Setti
af4815c6a4 x509: replace/fix name of new function for setting serial 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-01-26 17:43:09 +01:00
Valerio Setti
48fdbb3940 programs: cert_write: fixed bug in parsing dec serial 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:45 +01:00
Valerio Setti
791bbe629d programs: improved cert_write serial management 
Now it can accept serial both as decimal and hex number (only one format
at a time, of course, not simultaneously).

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:45 +01:00
Valerio Setti
acf12fb744 x509: fix endianness and input data format for x509write_crt_set_serial_new 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:44 +01:00
Valerio Setti
5d164c4e23 fix: add missing deprecation guards 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:44 +01:00
Valerio Setti
da0afcc2fb x509: remove direct dependency from BIGNUM_C 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2023-01-12 17:01:44 +01:00
Gilles Peskine
449bd8303e Switch to the new code style 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-01-11 14:50:10 +01:00