PK restartable operations are now implemented using PSA interruptible
ones, so mbedtls_ecp_set_max_ops() can be removed in favor of
psa_interruptible_set_max_ops().
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
We no longer use decrypt TLS 1.2 (never did in 1.3) so we no longer need
this path. Further simplifications could probably be made (we currently
have an enum type with only one possible value...) but for now I'm
trying to keep changes minimal.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
* development-restricted:
Add missing credit for set_hostname issue
Add changelog entry for TLS 1.2 Finished fix
TLS1.2: Check for failures in Finished calculation
ssl_session_reset: preserve HOSTNAME_SET flag
Document the need to call mbedtls_ssl_set_hostname
Improve documentation of mbedtls_ssl_set_hostname
Changelog entries for requiring mbedls_ssl_set_hostname() in TLS clients
Add a note about calling mbedtls_ssl_set_hostname to mbedtls_ssl_setup
mbedtls_ssl_set_hostname tests: add tests with CA callback
Call mbedtls_ssl_set_hostname in the generic endpoint setup in unit tests
Require calling mbedtls_ssl_set_hostname() for security
Create error code for mbedtls_ssl_set_hostname not called
Keep track of whether mbedtls_ssl_set_hostname() has been called
Access ssl->hostname through abstractions in certificate verification
mbedtls_ssl_set_hostname tests: baseline
Add a flags field to mbedtls_ssl_context
Automate MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK dependency
Make guards more consistent between X.509-has-certs and SSL-has-certs
Fix Doxygen markup
Make ticket_alpn field private
Conflicts:
programs/ssl/ssl_test_common_source.c
Add the option MBEDTLS_SSL_KEYING_MATERIAL_EXPORT to mbedtls_config.h
to control if the function mbedtls_ssl_export_keying_material() should
be available. By default, the option is disabled.
This is because the exporter for TLS 1.2 requires client_random and
server_random need to be stored after the handshake is complete.
Signed-off-by: Max Fillinger <max@max-fillinger.net>
The TLS-Exporter in TLS 1.2 requires client_random and server_random.
Unless MBEDTLS_SSL_CONTEXT_SERIALIZATION is defined, these aren't stored
after the handshake is completed.
Therefore, mbedtls_ssl_export_keying_material() exists only if either
MBEDTLS_SSL_CONTEXT_SERIALIZATION is defined or MBEDTLS_SSL_PROTO_TLS1_2
is *not* defined.
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Add #define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS to every sample program
before the first include so that mbedtls doesn't break with future
privatization work.
Signed-off-by: Felix Conway <felix.conway@arm.com>
Fix some build errors when MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED is false
but MBEDTLS_X509_CRT_PARSE_C is enabled. This is not a particularly useful
configuration, but for quick testing, it's convenient for it to work.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Improve the description of the API changes in the changelog and
fix some incorrect alg selection variables in ssl_server2.c.
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will
not be implemented. (It would be K1_225 anyway, but we don't intend to
implement it anyway.)
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This reverts commit 939ce9d0d5.
Build mbedtls_test library of objects to link
with TLS and x509 test suites and programs
with mbedtls framework not TF-PSA-Crypto
one (when it will be there).
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This is harmless, but we might as well remove the unreachable line. If we
ever add a break to the loop and we don't think of changing the surrounding
code, it would make more sense not to set exit_code to SUCCESS.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
If MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE happens during the handshake, don't
show it as an "error". It might be an error, but it might also be a fact of
life if it happens during the second or more handshake: it can be a
duplicated packet or a close_notify alert from the previous connection,
which is hard to avoid and harmless.
Fixes#9652.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In Mbed TLS 4.0, all cryptography goes through PSA, so calling
psa_crypto_init() is now mandatory before starting a TLS connection (as was
the case in Mbed TLS 3.x with MBEDTLS_USE_PSA_CRYPTO enabled).
Switch the TLS sample programs to calling psa_crypto_init() unconditionally.
Otherwise TLS 1.3 connections fail, and (D)TLS 1.2 connections soon will.
This commit omits the test programs ssl_client2 and ssl_server2, which don't
require a change right now. They will be covered when we make
MBEDTLS_USE_PSA_CRYPTO always on.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
