u-boot.git/lib/mbedtls, branch v2025.01

mbedtls: remove MBEDTLS_HAVE_TIME

2024-12-06T23:47:23Z

When MbedTLS TLS features were added MBEDTLS_HAVE_TIME was defined as part of enabling https:// support. However that pointed to the wrong function which could crash if it received a NULL pointer. Looking closer that function is not really needed, as it only seems to increase the RNG entropy by using 4b of the current time and date. The reason that was enabled is that lwIP was unconditionally requiring it, although it's configurable and can be turned off. Since lwIP doesn't use that field anywhere else, make it conditional and disable it from our config. Fixes: commit a564f5094f62 ("mbedtls: Enable TLS 1.2 support") Reported-by: Heinrich Schuchardt Signed-off-by: Ilias Apalodimas Reviewed-by: Heinrich Schuchardt Acked-by: Jerome Forissier

mbedtls: Enable TLS 1.2 support

2024-11-13T01:09:52Z

Since lwIP and mbedTLS have been merged we can tweak the config options and enable TLS1.2 support. Add RSA and ECDSA by default and enable enough block cipher modes of operation to be comatible with modern TLS requirements and webservers Reviewed-by: Raymond Mao Acked-by: Jerome Forissier Signed-off-by: Ilias Apalodimas

mbedtls: fix defects in coverity scan

2024-10-18T20:18:12Z

Fixes of unreleased buffer, deadcode and wrong variable type detected by coverity scan. Addresses-Coverity-ID: 510809: Resource leaks (RESOURCE_LEAK) Addresses-Coverity-ID: 510806: Control flow issues (DEADCODE) Addresses-Coverity-ID: 510794 Control flow issues (NO_EFFECT) Signed-off-by: Raymond Mao

asn1_decoder: add build options for ASN1 decoder

2024-10-14T23:58:51Z

When building with MbedTLS, we are using MbedTLS to decode ASN1 data for x509, pkcs7 and mscode. Introduce _LEGACY and _MBEDTLS kconfigs for ASN1 decoder legacy and MbedTLS implementations respectively. Signed-off-by: Raymond Mao Reviewed-by: Ilias Apalodimas

mbedtls: add RSA helper layer on MbedTLS

2024-10-14T23:58:50Z

Add RSA helper layer on top on MbedTLS PK and RSA library. Introduce _LEGACY and _MBEDTLS kconfigs for RSA helper legacy and MbedTLS implementations respectively. Signed-off-by: Raymond Mao Acked-by: Ilias Apalodimas

lib/crypto: Adapt mscode_parser to MbedTLS

2024-10-14T23:58:49Z

Previous patch has introduced MbedTLS porting layer for mscode parser, here to adjust the header and makefiles accordingly. Adding _LEGACY Kconfig for legacy mscode implementation. Signed-off-by: Raymond Mao

mbedtls: add MSCode parser porting layer

2024-10-14T23:58:48Z

Add porting layer for MSCode on top of MbedTLS ASN1 library. Introduce _MBEDTLS kconfigs for MSCode MbedTLS implementation. Signed-off-by: Raymond Mao Acked-by: Ilias Apalodimas

mbedtls: add PKCS7 parser porting layer

2024-10-14T23:58:46Z

Add porting layer for PKCS7 parser on top of MbedTLS PKCS7 library. Introduce _LEGACY and _MBEDTLS kconfigs for PKCS7 parser legacy and MbedTLS implementations respectively. Signed-off-by: Raymond Mao Reviewed-by: Ilias Apalodimas

mbedtls: add X509 cert parser porting layer

2024-10-14T23:58:44Z

Add porting layer for X509 cert parser on top of MbedTLS X509 library. Introduce _LEGACY and _MBEDTLS kconfigs for X509 cert parser legacy and MbedTLS implementations respectively. Signed-off-by: Raymond Mao

mbedtls: add public key porting layer

2024-10-14T23:58:43Z

Add porting layer for public key on top of MbedTLS X509 library. Introduce _LEGACY and _MBEDTLS kconfigs for public key legacy and MbedTLS implementations respectively. Signed-off-by: Raymond Mao Reviewed-by: Ilias Apalodimas