TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-20 19:21:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,306 Commits 177 Branches 276 Tags
ed0aebd2c5aed88a32b637143d280e56827e0004
Commit Graph

2980 Commits

Author SHA1 Message Date
Ronald Cron
b5749b88f6 Merge pull request #10576 from ronald-cron-arm/dtls-client-hello-defragmentation 
Add support for (D)TLS 1.2 client hello defragmentation
 2026-03-10 14:46:07 +00:00
Ronald Cron
ae82217476 programs: metatest: Add tf-psa-crypto/platform as include dir 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2026-03-09 08:28:51 +01:00
Ronald Cron
1ef64a73e4 programs: metatest: Remove include path duplication 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2026-03-09 08:28:51 +01:00
Gilles Peskine
037f3c62ff Tell MSVC to allow non-s functions where needed 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-03-04 11:32:18 +01:00
Gilles Peskine
64ff7fc1dc Stop using MBEDTLS_PRINTF_SIZET 
Since Mbed TLS 3.6.0, all officially supported versions of Visual Studio
a printf function family that is sufficiently compliant to C99 for our
purposes, in particular supporting `%zu` for `size_t`. The only platform
without `%zu` that we semi-officially support is older versions of MinGW,
still used in our CI. MinGW provides either a Windows legacy printf or a
standards-compliant printf depending on the value of
`__USE_MINGW_ANSI_STDIO` when compiling each C file. Force the use of the
compliant version. Don't rely on `MBEDTLS_PRINTF_SIZET`, which is defined in
`<mbedtls/debug.h>` and no longer considers the Windows legacy version in
Mbed TLS >= 4.1.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-02-26 19:56:23 +00:00
Bence Szépkúti
c2cb8565a5 Merge pull request #10607 from gilles-peskine-arm/timing-use-mstime 
Simplify MBEDTLS_TIMING_C to use mbedtls_ms_time()
 2026-02-26 14:38:50 +00:00
Ronald Cron
2e9b9681e6 ssl_server2.c: DTLS: Attempt to read the response to the close notification 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2026-02-23 12:12:36 +01:00
Gilles Peskine
e2b04b6847 Don't use printf("%llu") 
We can't easily printf a `long long` on MingW yet, pending the work on
https://github.com/Mbed-TLS/TF-PSA-Crypto/issues/675 for which this is an
early stage. A `long` is enough here anyway.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-02-19 16:53:52 +01:00
Gilles Peskine
5890b22b82 Fix a build error with MSVC 
Also fixes a minor bug on Windows with timers running over ~49 days.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-02-19 16:53:52 +01:00
Ronald Cron
8ab14401d7 ssl_server2.c: Flush stdout to improve logs timeliness 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2026-02-18 13:02:26 +01:00
David Horstmann
7294fc1c1a Merge pull request #10567 from yanesca/add_clarifications_4.x 
Add miscellaneous clarifications
 2026-01-20 16:38:53 +00:00
Janos Follath
2b9f62a1be programs/README.md clarify security remark 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-01-20 10:39:40 +00:00
Janos Follath
7a9eceb53c Clarify purpose and suitability of sample programs 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2026-01-19 14:46:44 +00:00
Ben Taylor
fe3f378eec Restore mbedtls_memory_buffer_alloc_free_and_self_test, as it is still required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-15 08:38:06 +00:00
Ben Taylor
4569547e59 Add fixes for defines in selftest 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-15 07:56:29 +00:00
Ben Taylor
842d2d948c Re-add mbedtls_entropy_self_test_wrapper 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:18:33 +00:00
Ben Taylor
b300692011 Remove some headers from ssl_test_lib.h, as they are no longer required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:09:15 +00:00
Ben Taylor
dcf7670825 Add further rng removals highlighted by the ci 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:23 +00:00
Ben Taylor
7d71244dc3 Remove rng_context_t, as it is no longer useful 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:23 +00:00
Ben Taylor
767a3655e5 Remove f_rng p_rng, as these are no longer used 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:23 +00:00
Ben Taylor
b6cccdf8b5 Replace mbedtls_psa_get_random 
Replace mbedtls_psa_get_random with psa_generate_random, as this is a backwards
compatibility layer that is now longer required

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:23 +00:00
Ben Taylor
552f31410c Re-add the HMAC_DRBG and CTR_DRBG are cryptographic modules as they are still required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:22 +00:00
Ben Taylor
79002cc990 Remove rng_get from sample programs, as it is no longer required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:22 +00:00
Ben Taylor
99ec289535 Remove duplicated reproducable 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:22 +00:00
Ben Taylor
eace7ca23f Remove double initialisation of psa 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:22 +00:00
Ben Taylor
fe978ac1f3 Remove Deprecated Items From Sample Programs 
Remove the drbg module and entropy functions from the sample programs as these are
now handled by their PSA equivalents

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-14 13:01:22 +00:00
Ben Taylor
085aef59ca Change function name from mbedtls_pk_key_type_to_string to mbedtls_x509_pk_type_as_string 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-12 08:19:07 +00:00
Ben Taylor
837a3cec40 rename function 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-12 08:19:07 +00:00
Ben Taylor
2481daa309 Replace mbedtls_pk_get_name with pk_key_type_to_string 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2026-01-12 08:19:07 +00:00
Gilles Peskine
4ffb299208 Remove local copies of makefile helpers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-01-08 14:57:50 +01:00
Gilles Peskine
e23b6e4dc8 Use the crypto makefile helpers in tf-psa-crypto 
Now that the crypto files have been moved to the crypto repository, consume
them there.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-01-08 14:57:50 +01:00
Ronald Cron
67152f3049 Merge pull request #10543 from gilles-peskine-arm/split-crypto-makefiles 
Split crypto part of Mbed TLS makefiles
 2026-01-07 15:18:32 +00:00
Gilles Peskine
cffc11878f Move crypto-specific code from programs/Makefile to a new file 
The new file is in Mbed TLS for now. Once we have finished moving code to
it, it will move to TF-PSA-Crypto.

What got moved:

* List of generated .c files in crypto
* Rules to build generated .c files in crypto
* List of apps in crypto
* Rules to build apps in crypto

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-01-07 11:17:43 +01:00
Gilles Peskine
d9c6a411c6 Introduce intermediate variables for various TF-PSA-Crypto lists 
Use separate variables for the crypto part of lists of generated C files,
generated objects, sample programs and test data files.

No behavior change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-01-07 11:17:43 +01:00
Gilles Peskine
d0f6b5476d Don't call SHA3 selftest when SHA3 is accelerated 
`mbedtls_sha3_self_test` only exists in the built-in implementation.

The SHA3 self-test won't run until the tf-psa-crypto submodule moves past
https://github.com/Mbed-TLS/TF-PSA-Crypto/pull/618

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2026-01-06 17:05:58 +01:00
Pengyu Lv
d86c4ae1d2 Fix dependencies in programs/Makefile 
Make fuzz depend on MBEDLIBS to avoid multiple instances for
generation the library files.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2025-12-04 17:07:05 +01:00
Ben Taylor
6efe52473c revert change to gmtime arguments int ssl_context_info.c 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-29 14:24:47 +01:00
Ben Taylor
7e8e438fce Replace cases of time_t with mbedtls_time_t 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-29 14:24:47 +01:00
David Horstmann
ee1991a387 Merge pull request #10408 from ronald-cron-arm/historical-libmbedcryto 
Restore historical libmbedcrypto.* libraries
 2025-09-29 08:41:06 +00:00
Manuel Pégourié-Gonnard
355b00e8e0 Fix includes in udp_proxy.c 
The program uses atoi() unconditionally, so it should include stdlib.h
unconditionally. Previously this happened to be indirectly included by
some other header (via pk.h via ssl.h) but we should not rely on that.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-09-26 12:11:03 +02:00
Ronald Cron
35d59c6cb6 cmake: Install libmbedcrypto.* libraries 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-22 15:08:39 +02:00
Ronald Cron
a33b371f36 programs/tests/dlopen.c: Prioritize libtfpsacrypto.so 
Prioritize libtfpsacrypto.so over libmbedcrypto.so
as the crypto library to load to be sure we test
the loading of libtfpsacrypto.so.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-22 14:34:56 +02:00
Ronald Cron
b91117c32f Merge pull request #10402 from ronald-cron-arm/remove-legacy-crypto-options 
Remove legacy crypto options
 2025-09-17 18:46:05 +00:00
Valerio Setti
91c0945def tests: fix alg and usage for some ECDHE-ECDSA opaque key tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-09-16 16:12:07 +02:00
Ronald Cron
feb5e26619 Cleanup following the removal of MBEDTLS_ECP_DP_.*_ENABLED options 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
eb16a9d9ea Prepare for the removal of MBEDTLS_PLATFORM_GET_ENTROPY_ALT 
We cannot remove it completely yet.
It must remain in config.py so that it is not
included in the full configuration.
A temporary exception is required for it in
analyze_outcomes.py.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-10 15:23:32 +02:00
Gilles Peskine
f0b8364cff Allow metatest.c to use crypto internal headers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-06 18:39:39 +02:00
Ben Taylor
a8a9beccc2 Remove MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS from ssl_test_lib.h as it is not required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-01 08:21:24 +01:00
Ben Taylor
69aa8d08e0 Remove MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS from ssl_clinet.c as it it not required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-01 08:21:24 +01:00
Ben Taylor
f19a900ed5 Temporarily include private symbols in sample programs 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-01 08:21:24 +01:00