TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-20 19:21:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,220 Commits 177 Branches 276 Tags
8ab14401d7ab556430892861ae732f4e93421468
Commit Graph

34220 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ronald Cron
8ab14401d7 ssl_server2.c: Flush stdout to improve logs timeliness 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2026-02-18 13:02:26 +01:00
Ronald Cron
1b5a0b1877 Add branch specific generate_tls_handshake_tests.py file 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2026-02-18 13:02:26 +01:00
Ronald Cron
57b29c2fe5 Introduce branch specific make_generated_files.py 
Introduce branch specific make_generated_files.py
and use it in the development branch.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2026-02-18 13:02:26 +01:00
Ronald Cron
29eb988669 Update framework pointer 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2026-02-18 13:02:24 +01:00
David Horstmann
3f2a8b0ad3 Merge pull request #10601 from davidhorstmann-arm/fix-missing-type-conversion-tls-exporter 
Fix missing type conversion in the TLS-Exporter
 2026-02-17 18:31:01 +00:00
Valerio Setti
4398e83f29 Merge pull request #10600 from gilles-peskine-arm/update-submodules-20260216 
Update submodules
 2026-02-17 11:59:40 +00:00
David Horstmann
059fe77e4b Fix missing type conversion in the TLS-Exporter 
In the TLS-Exporter for TLS 1.3 we mistakenly call PSA_HASH_LENGTH() on
an mbedtls_md_type_t when it should be called on a psa_algorithm_t.

Fortunately, these two types have almost the same values, since we have
previously aligned them to make conversion more efficient. As a result,
PSA_HASH_LENGTH() produces exactly the same value when called on an
mbedtls_md_type_t as with the equivalent psa_algorithm_t.

Thanks to this happy coincidence, fix a largely cosmetic issue (rather
than a major functional bug).

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2026-02-16 16:59:20 +00:00
David Horstmann
bac74a050c Merge pull request #10593 from gilles-peskine-arm/bump-version-202602-4.0 
Minor improvements to bump_version.sh
 2026-02-16 16:50:16 +00:00
Gilles Peskine
26e1a7c5c8 Update framework with XOF support in psasim 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-02-16 16:49:26 +01:00
Gilles Peskine
24c80cc536 Update tf-psa-crypto with mldsa-native 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-02-16 16:49:11 +01:00
Gilles Peskine
4602f36a93 Merge pull request #10596 from gilles-peskine-arm/check_committed_generated_files-mbedtls-actually_check_mbedtls 
Actually check committed generated files
 2026-02-12 15:11:38 +00:00
Gilles Peskine
d3a8582606 Actually check committed generated files 
We were accidentally running the check in TF-PSA-Crypto instead of in Mbed TLS.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-02-12 13:16:18 +01:00
Gilles Peskine
05d8c71202 Don't treat --help as an error 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-02-10 14:52:21 +01:00
Gilles Peskine
4cce03530a Remove unused variable 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-02-10 14:52:16 +01:00
Valerio Setti
2a72766d75 Merge pull request #10570 from valeriosetti/issue10349 
mbedtls 4.x does not expose mbedtls_ecp_curve_list()
 2026-02-03 11:01:11 +00:00
Valerio Setti
318e4314df changelog: add notes about helpers added to get list of known/supported TLS groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-02-02 13:38:03 +01:00
Valerio Setti
c3f585b8ee tests: ssl: fix typo in comment in test_mbedtls_ssl_get_supported_group_list 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-30 22:02:08 +01:00
Manuel Pégourié-Gonnard
75eec4b477 Merge pull request #10577 from h1wind/patch-1 
fix: Disabling the MBEDTLS_SSL_CLI_C feature caused a compilation error: unused parameter "ssl".
 2026-01-29 10:30:18 +00:00
hi
4987340d24 fix code style in ssl_msg.c and add signoff 
Signed-off-by: hi <hi@nosec.me>
 2026-01-29 14:14:02 +08:00
hi
d823908335 fix: Disabling the MBEDTLS_SSL_CLI_C feature caused a compilation error: unused parameter "ssl". 
Signed-off-by: hi <hi@nosec.me>
 2026-01-29 14:14:02 +08:00
Gilles Peskine
068ef9cbe0 Merge pull request #10511 from minosgalanakis/rework/move-psasim 
Rework/move psasim
 2026-01-28 18:05:59 +00:00
David Horstmann
d0bff58379 Merge pull request #10514 from ng-gsmk/development 
mbedtls_ssl_get_alert(): getter for fatal alerts
 2026-01-28 16:49:09 +00:00
Minos Galanakis
7663b9c727 Updated framework pointer 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2026-01-28 16:34:54 +00:00
Valerio Setti
476a2edea7 library: extend mbedtls_ssl_iana_tls_group_info_t structure 
Add new field that tells if the corresponding group is supported or not
in the current build.

Test function "test_mbedtls_ssl_get_supported_group_list" is extended
to verify this new feature.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-28 10:52:07 +01:00
Valerio Setti
9b49d5dbde library: ssl: fix documentation of IANA TLS group info 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-27 17:56:34 +01:00
Minos Galanakis
1c2b690389 Test Makefiles: Updated location of psasim 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2026-01-27 12:07:05 +00:00
Minos Galanakis
097e57874f Moved tests/psa-client-server to framework. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2026-01-27 12:07:05 +00:00
Valerio Setti
d658f3d41e tests: ssl: skip testing of MBEDTLS_SSL_IANA_TLS_GROUP_NONE 
This is already indirectly checked in 'test_mbedtls_tls_id_group_name_table'
because it's the last item of the list.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-27 12:26:21 +01:00
Nico Geyso
cc53b069d9 Improve changelog for alert getter 
Integrate suggestions by @ronald-cron-arm for changelog for alert
getter.

Signed-off-by: Nico Geyso <ng@gsmk.de>
 2026-01-27 10:48:55 +01:00
Valerio Setti
4f1e4fba80 library: ssl: make the list of "TLS ID" <-> "group name" public when possible 
This is only done when MBEDTLS_DEBUG_C is declared in order not to inflate
the library size.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-27 00:51:35 +01:00
Valerio Setti
bb4f584876 tests: ssl: improve test_mbedtls_tls_id_group_name_table() 
Check provided group_name also against the value returned from
mbedtls_ssl_get_curve_name_from_tls_id().

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-27 00:44:56 +01:00
Valerio Setti
fb317afa9f library: ssl: rework macro to define known TLS ID <-> group name list 
- let the macro be an initializer for the array of known TLS IDs, not
  a variable declarator;
- last item's group name is NULL, not an empty string
- change then name of the macro from MBEDTLS_TLS_ID_GROUP_NAME_TABLE to
  MBEDTLS_SSL_IANA_TLS_GROUPS_INFO
- define a new public structure "mbedtls_ssl_iana_tls_group_info_t" to
  hold each element of the table and that can be used the go over the
  list from user code.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-27 00:36:17 +01:00
Nico Geyso
8a3bcb1434 Fix coding style conventions for mbedtls_ssl_context 
Signed-off-by: Nico Geyso <ng@gsmk.de>
 2026-01-26 15:38:50 +01:00
Nico Geyso
6afd8367b9 remove whitespace in mbedtls_ssl_session_msg_layer 
to comply with coding style, remove blank new line for alert reset

Signed-off-by: Nico Geyso <ng@gsmk.de>
 2026-01-26 13:22:44 +01:00
Nico Geyso
4f83ebedd1 Fix outstanding code review issues 
- adjust function name to mbedtls_ssl_get_fatal_alert
- fix missing property name changes for  mbedtls_ssl_context

Signed-off-by: Nico Geyso <ng@gsmk.de>
 2026-01-26 13:15:07 +01:00
ng-gsmk
15c68993cb Apply suggestions from code review 
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: ng-gsmk <ng@gsmk.de>
 2026-01-26 13:07:26 +01:00
Valerio Setti
c87adb64f2 tests: ssl: add test for TLS-ID <-> curve-name table 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-26 11:09:20 +01:00
Valerio Setti
7ca3c602b7 library: ssl: add macro for allocating a TLS-ID <-> group-name table 
Being a macro allow the table to be instatiated only when/if necessary
by the consuming code.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-26 10:48:01 +01:00
Valerio Setti
2aecd2cd5f library|tests: ssl: remove secp256k1 from default groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-22 17:13:44 +01:00
Valerio Setti
6c5a9f04df library: ssl: improve/fix documentation of group related functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-22 17:04:46 +01:00
Valerio Setti
46a5f309d6 Merge pull request #10571 from mpg/fix-not-grep-2 
Fix more paths for "not grep"
 2026-01-22 12:52:42 +00:00
Valerio Setti
8686ad1a9e tests: ssl: add testing for mbedtls_ssl_get_supported_group_list() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-22 10:33:44 +01:00
Manuel Pégourié-Gonnard
499e3d13f7 Fix more paths for "not grep" 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2026-01-22 10:23:03 +01:00
Valerio Setti
335b1b6089 library: ssl: add missing secp256k1 to ssl_preset_default_groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-22 09:43:46 +01:00
Valerio Setti
67f30df5a1 library: ssl: use correct PSA_WANT for DH groups in ssl_preset_default_groups 
Use proper PSA_WANT_DH_RFC7919_xxx instead of PSA_WANT_ALG_FFDH.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-22 09:43:46 +01:00
Valerio Setti
2707100ab7 library: ssl: move location of ssl_preset_default_groups() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-22 09:43:45 +01:00
Valerio Setti
1ab51732e2 library: ssl: improve documentation of mbedtls_ssl_conf_groups() 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-22 09:43:18 +01:00
Valerio Setti
0c8b25a684 library: ssl: add public function to retrieve the list of supported groups 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2026-01-22 09:43:17 +01:00
Gilles Peskine
5ed5aeb4d9 Merge pull request #10569 from gilles-peskine-arm/mldsa-pqcp-add-driver-mbedtls 
CMake: Declare pqcp driver to mbedtls
 2026-01-21 12:49:34 +00:00
David Horstmann
7294fc1c1a Merge pull request #10567 from yanesca/add_clarifications_4.x 
Add miscellaneous clarifications
 2026-01-20 16:38:53 +00:00