mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-05-02 16:22:15 +02:00

Author	SHA1	Message	Date
Ben Taylor	fe978ac1f3	Remove Deprecated Items From Sample Programs Remove the drbg module and entropy functions from the sample programs as these are now handled by their PSA equivalents Signed-off-by: Ben Taylor <ben.taylor@linaro.org>	2026-01-14 13:01:22 +00:00
Ronald Cron	b91117c32f	Merge pull request #10402 from ronald-cron-arm/remove-legacy-crypto-options Remove legacy crypto options	2025-09-17 18:46:05 +00:00
Valerio Setti	91c0945def	tests: fix alg and usage for some ECDHE-ECDSA opaque key tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-09-16 16:12:07 +02:00
Ronald Cron	feb5e26619	Cleanup following the removal of MBEDTLS_ECP_DP_.*_ENABLED options Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2025-09-16 15:53:43 +02:00
Valerio Setti	d0d0791aed	remove usage of secp192[k\|r]1 curves Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-08-06 09:15:35 +02:00
Valerio Setti	70a4a31cb5	remove secp224[k\|r]1 curves Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-08-06 09:15:35 +02:00
Ben Taylor	4bb98be277	initial remove of MBEDTLS_USE_PSA_CRYPTO Signed-off-by: Ben Taylor <ben.taylor@linaro.org>	2025-07-30 07:55:13 +01:00
Ben Taylor	361ce2b484	Rename mbedtls_pk_setup_opaque to mbedtls_pk_wrap_psa Signed-off-by: Ben Taylor <ben.taylor@linaro.org>	2025-07-24 08:25:28 +01:00
Felix Conway	858b829436	Add define to fuzz/common.c and ssl/ssl_test_lib.c Signed-off-by: Felix Conway <felix.conway@arm.com>	2025-03-25 10:06:53 +00:00
Gabor Mezei	e99e591179	Remove key exchange based on encryption/decryption Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2025-03-20 17:53:07 +01:00
Gilles Peskine	bc7c523420	Remove uses of secp244k1 Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will not be implemented. (It would be K1_225 anyway, but we don't intend to implement it anyway.) Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2025-01-08 16:51:23 +01:00
Gabor Mezei	c15ef93aa5	Replace `MBEDTLS_MD_CAN_SHA512` with `PSA_WANT_ALG_SHA_512` Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2024-08-28 18:20:25 +02:00
Elena Uziunaite	0916cd702f	Replace MBEDTLS_MD_CAN_SHA256 with PSA_WANT_ALG_SHA_256 Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>	2024-07-11 11:13:35 +03:00
Valerio Setti	90eca2adb0	ssl_test_lib: add guards for pk_wrap_as_opaque() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-28 10:45:43 +01:00
Valerio Setti	7541ebea52	programs: remove usage of mbedtls_pk_wrap_as_opaque() from tests This is replaced with: mbedtls_pk_get_psa_attributes() + mbedtls_pk_import_into_psa() + mbedtls_pk_setup_opaque(). Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-02-27 10:44:33 +01:00
Gilles Peskine	72da8b3521	Don't authorize private access to fields where not actually needed Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2024-02-22 12:07:29 +01:00
Paul Elliott	54ad01efed	Merge remote-tracking branch 'upstream/development' into make_tests_thread_safe	2024-02-09 14:33:58 +00:00
Janos Follath	7a28738205	Merge pull request #8636 from paul-elliott-arm/new_test_thread_interface New test thread interface	2024-02-08 12:35:40 +00:00
Valerio Setti	e8683ce9ef	ssl_test_lib: add guards for enabled DH groups Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-17 15:56:30 +01:00
Paul Elliott	17c119a5e3	Migrate to threading_helpers.h Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-05 21:04:52 +00:00
Paul Elliott	4580d4d829	Add accessor helpers for mbedtls_test_info Step one of being able to control access to mbedtls_test_info with a mutex. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2024-01-05 19:13:43 +00:00
Paul Elliott	f25d831123	Ensure mutex test mutex gets free'd Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-11-23 18:49:43 +00:00
Dave Rodgman	16799db69a	update headers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-02 19:47:20 +00:00
Valerio Setti	dda0019e2e	ssl_test_lib: fix rebase error Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 10:22:51 +02:00
Valerio Setti	5bdebb2004	ssl_test_lib: fix variable naming for curve group Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:13:57 +02:00
Valerio Setti	fb6356f003	ssl_test_lib: simplify function which prints supported curves Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:13:57 +02:00
Valerio Setti	deb676442d	ssl_test_lib: manage FFDH keys the same way as ECC ones Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:13:57 +02:00
Valerio Setti	acd32c005f	programs: add helper functions for supported EC curves - get full list, or - get TLS ID from name Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-10 09:13:57 +02:00
Przemek Stekiel	68e7544de8	parse_groups: curve -> group adaptations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-06 12:16:44 +02:00
Przemek Stekiel	45255e4c71	Adapt names (curves -> groups) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:26:26 +02:00
Przemek Stekiel	7d42c0d0e5	Code cleanup #2 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-13 12:30:40 +02:00
Przemek Stekiel	75a5a9c205	Code cleanup Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-13 09:57:23 +02:00
Przemek Stekiel	ff9fcbcace	ssl_client2, ssl_server2: code optimization + guards adaptation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:53:40 +02:00
Przemek Stekiel	da4fba64b8	Further code optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	e7db09bede	Move FFDH helper functions and macros to more suitable locations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Manuel Pégourié-Gonnard	bef824d394	SSL: use MD_CAN macros Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Gilles Peskine	449bd8303e	Switch to the new code style Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-01-11 14:50:10 +01:00
Ronald Cron	50969e3af5	ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-09-20 15:57:57 +02:00
Przemek Stekiel	cb20d202d2	Further code optimization - key_opaque_set_alg_usage(): set alg/usage in loop - key_opaque_set_alg_usage(): add key paramteter to set default alg/usage if it is not specified by command line parameters - unify default alg/usage for client and server - optimize opaque code on client and server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-06 09:34:30 +02:00
Przemek Stekiel	76a41f5a52	ssl_test_lib: fix compilation flags for default config Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	01396a16da	ssl_test_lib: add function translate given opaque algoritms to psa Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	77fc9ab1ba	Fix typos and code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Przemek Stekiel	85d692d1c4	ssl client/server: add parsing function for key_opaque_algs command line option Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-05-05 10:17:01 +02:00
Raoul Strackx	9ed9bc9377	programs/ssl: Fix compile errors when MBEDTLS_HAVE_TIME is not defined Signed-off-by: Raoul Strackx <raoul.strackx@fortanix.com> [dja: add some more fixes, tweak title] Signed-off-by: Daniel Axtens <dja@axtens.net>	2022-03-04 05:07:45 -05:00
Mateusz Starzyk	6c2e9b6048	Add MBEDTLS_ALLOW_PRIVATE_ACCESS to test programs Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>	2021-05-21 18:10:44 +02:00
Gilles Peskine	e374b95fe1	Detect and report mutex usage errors in SSL test programs Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-02-22 19:24:03 +01:00
Gilles Peskine	53dea743d5	SSL test programs: allow for test hooks init and error reports Create utility functions to set up test hooks and report errors that the test hooks might detect. Call them in ssl_client2 and ssl_server2. Test hooks are potentially enabled by compiling with MBEDTLS_TEST_HOOKS. This commit only sets up the functions. It doesn't make them do anything yet. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-02-22 19:24:03 +01:00
Gilles Peskine	8eb2943705	Support mbedtls_psa_get_random() in SSL test programs The SSL test programs can now use mbedtls_psa_get_random() rather than entropy+DRBG as a random generator. This happens if the configuration option MBEDTLS_USE_PSA_CRYPTO is enabled, or if MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is set at build time. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-02-16 15:39:48 +01:00
Gilles Peskine	aaedbdcfd6	Refuse reproducible mode with MBEDTLS_USE_PSA_CRYPTO With MBEDTLS_USE_PSA_CRYPTO, some of the randomness for the TLS connection is generated inside the PSA crypto subsystem, which has no reproducible mode. Whether there is a nonzero amount of randomness coming from inside the PSA subsystem rather than from the random generator set by mbedtls_ssl_conf_rng() depends on the choice of cipher suite and other connection parameters as well as the level of support for MBEDTLS_USE_PSA_CRYPTO. Rather than give unreliable results, conservatively abort with a clear error message. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-02-03 13:55:22 +01:00
Gilles Peskine	ba74904c48	SSL test programs: support HMAC_DRBG Support HMAC_DRBG in ssl_client2 and ssl_server2, in addition to CTR_DRBG. CTR_DRBG is still used if present, but it's now possible to run the SSL test programs with CTR_DRBG disabled. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-01-13 20:30:03 +01:00

1 2

57 Commits