cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-08-25 22:10:03 -04:00
Code Issues Packages Projects Releases Wiki Activity
18,186 Commits 7 Branches 115 Tags
Commit Graph

18186 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave Rodgman
08efc3d768
Merge pull request #7854 from daverodgman/fix-unused-aes-2.28 
Fix AES dependencies - build TF-M config cleanly - backport 2.28
 2023-07-03 16:48:39 +01:00
Dave Rodgman
a3fc295559
Merge pull request #7823 from SlugFiller/mbedtls-2.28 
Support compilation using CLang on Windows
 2023-07-03 09:52:03 +01:00
Tom Cosgrove
fbcb5d469b
Merge pull request #7850 from davidhorstmann-arm/2.28-fix-string-to-names-retcode 
[Backport 2.28] Fix false success return code in `mbedtls_x509_string_to_names()`
 2023-06-30 14:28:38 +01:00
Dave Rodgman
3fb807c064
Merge pull request #7761 from waleed-elmelegy-arm/crypt_and_hash-decrypt-fix_backport 
Backport 2.28: Fix crypt_and_hash decrypt issue when used with stream cipher
 2023-06-30 11:42:19 +01:00
Dave Rodgman
f72b8375d0 Fix order of endif comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 16:33:03 +01:00
Dave Rodgman
bf99828d7b Nicer formatting 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:14:41 +01:00
Dave Rodgman
173227d41e Test combinations of macros for aes.o 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:14:34 +01:00
Dave Rodgman
1d0033e1ac Improve #endif comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:13:26 +01:00
Dave Rodgman
1ce92e4887 Correct #endif comments 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:13:15 +01:00
Dave Rodgman
a4a337360d Correct comments on #endif's 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-29 12:13:08 +01:00
Dave Rodgman
94210b13eb Compile fixes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 14:08:07 +01:00
Dave Rodgman
bae79fa16e Add missing sha header includes to entropy.c 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:54:53 +01:00
Dave Rodgman
1262315a1a Fix warnings re: unused variables in pkparse and pkwrite 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:54:25 +01:00
Dave Rodgman
f488c2ca79 Add missing include for INT_MAX definition 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:35:25 +01:00
Dave Rodgman
c62e5c4885 Update changelog for 2.28 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:33:07 +01:00
Dave Rodgman
c34bea20d6 fix trailing whitespace 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:31:57 +01:00
Dave Rodgman
aac022dab4 Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:31:53 +01:00
Dave Rodgman
584b62f89e code style 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:31:29 +01:00
Dave Rodgman
9d3b63396b Fix comment 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:31:29 +01:00
Dave Rodgman
5c047d9672 More dependency fixes 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:31:29 +01:00
Dave Rodgman
36c8e581d6 Fix unused variable 
Fix when MBEDTLS_AES_SETKEY_ENC_ALT, MBEDTLS_AES_DECRYPT_ALT and
MBEDTLS_AES_ROM_TABLE set.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:31:29 +01:00
Dave Rodgman
dbae184ceb Fix unused variable if MBEDTLS_AES_SETKEY_ENC_ALT and MBEDTLS_AES_DECRYPT_ALT set 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:31:29 +01:00
Dave Rodgman
9b20aeaa17 Fix unused fn when MBEDTLS_AES_SETKEY_DEC_ALT and MBEDTLS_AES_SETKEY_ENC_ALT set 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:31:29 +01:00
Dave Rodgman
1e6f7708f2 Fix unused function when MBEDTLS_AES_SETKEY_ENC_ALT set 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-06-28 11:31:29 +01:00
David Horstmann
1e8086bd21 Add ChangeLog entry for string_to_names() fix 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-27 17:34:58 +01:00
David Horstmann
5c019e0f65 Add regression testcase for string_to_names() 
Test against a string with no '=' or ',' in it, which previously caused
mbedtls_x509_string_to_names() to return 0.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-27 17:34:58 +01:00
David Horstmann
abaea614d2 Return an error when no name is parsed 
When less than 1 RDN is successfully parsed in
mbedtls_x509_string_to_names(), return an error. Previously this
returned success when a string containing neither '=' or ',' was
supplied.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-27 17:34:58 +01:00
Waleed Elmelegy
6a4af481e1 Replace struct access with local variable 
Replace struct access with local variable to minimize
differnces with development branch.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
 2023-06-27 14:07:57 +01:00
David Horstmann
4184e5c926 Move clarification to a separate note 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-27 12:22:00 +01:00
SlugFiller
e2d0614571 Support compilation using CLang on Windows 
Signed-off-by: SlugFiller <5435495+SlugFiller@users.noreply.github.com>
 2023-06-26 19:19:56 +03:00
David Horstmann
0e93877b66 Reword the description of mbedtls_net_free() 
This makes it clearer that the context itself is not being freed.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-06-23 23:24:46 +01:00
Gilles Peskine
63b50b56cd
Merge pull request #7753 from lpy4105/backport-2.28/issue/renew_cert_2024-01-01 
Backport 2.28: Updating crt/crl files due to expiry before 2024-01-01
 2023-06-21 12:29:12 +02:00
Bence Szépkúti
e0dcd18a23
Merge pull request #7721 from DemiMarie/do-while-2.28 
[Backport 2.28] Add a do-while loop around a macro
 2023-06-21 11:31:48 +02:00
Manuel Pégourié-Gonnard
001a052e0f
Merge pull request #7712 from DemiMarie/backport-test-fix 
Backport 2.28: x509parse tests: Replace TEST_ASSERT with TEST_EQUAL
 2023-06-21 11:02:28 +02:00
Demi Marie Obenour
0e2074133a Add a do-while loop around macros 
This is good practice in C.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
 2023-06-20 11:45:26 -04:00
Demi Marie Obenour
5d7cd012ac x509parse tests: Replace TEST_ASSERT with TEST_EQUAL 
The latter gives much more informative errors.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
 2023-06-19 11:04:47 -04:00
Gilles Peskine
cc51e8a615
Merge pull request #7798 from valeriosetti/backport-7614 
Backport: crypto_config_test_driver_extension: handle PUBLIC_KEY the same way as KEY_PAIRs
 2023-06-19 16:50:15 +02:00
Valerio Setti
e20ec4f1dd crypto_config_test_driver_extension: treat PUBLIC_KEY the same way as KEY_PAIR 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-06-19 10:03:29 +02:00
Pengyu Lv
343ff1200d Fix typo and long line format 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
ea8027921b Update crl-rsa-pss-*.pem manually 
The rules will be in a seperate PR.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
a69934f249 upgrade server9-bad-saltlen.crt 
Upgrade scripts
```python
import subprocess
from asn1crypto import pem, x509,core

output_filename="server9-bad-saltlen.crt"
tmp_filename="server9-bad-saltlen.crt.tmp"
tmp1_filename="server9-bad-saltlen.crt.tmp1"

subprocess.check_call(rf''' openssl x509 -req -extfile server5.crt.openssl.v3_ext \
        -passin "pass:PolarSSLTest" -CA test-ca.crt -CAkey test-ca.key \
        -set_serial 24 -days 3650 \
        -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
        -sigopt rsa_mgf1_md:sha256 -sha256 \
        -in server9.csr -out {output_filename}
''',shell=True)

with open(output_filename,'rb') as f:
    _,_,der_bytes=pem.unarmor(f.read())
    target_certificate=x509.Certificate.load(der_bytes)

with open(tmp_filename,'wb') as f:
    f.write(target_certificate['tbs_certificate'].dump())

subprocess.check_call(rf'openssl dgst -sign test-ca.key -passin "pass:PolarSSLTest" \
                        -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 \
                        -sigopt rsa_mgf1_md:sha256 -out {tmp1_filename} {tmp_filename}',
                        shell=True)

with open(tmp1_filename,'rb') as f:
    signature_value= core.OctetBitString(f.read())

with open(output_filename,'wb') as f:
    target_certificate['signature_value']=signature_value
    f.write(pem.armor('CERTIFICATE',target_certificate.dump()))
```

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
33536d170e Update server9*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
3ed1653df4 Add server9-bad-{mgfhash,saltlen}.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
4ac61a92cc Add rules to generate server9*.crt 
Except for server9-bad-saltlen.crt and
server9-bad-mgfhash.crt.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
7d7b735514 Update server1-nospace.crt 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Jerry Yu
4e573497d7 Update v1 crt files 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
124b75a09a Update cert_example_multi_nocn.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
5539dcb2d4 Add rules to generate cert_example_multi_nocn.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
fce773e0e9 Update server5.[e]ku-*.crt 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00
Pengyu Lv
0158966a73 Add rules to generate server5.[e]ku-*.crt 
Since cert_write in mbedtls-2.28 doesn't support
write ext_key_usage extension, the commands are
added just for alignment with development.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
 2023-06-19 11:41:12 +08:00