mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-12 08:21:54 +03:00

Author	SHA1	Message	Date
Tom Cosgrove	1797b05602	Fix typos prior to release Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-12-04 17:19:59 +00:00
Jerry Yu	3ce61ffca6	fix comments and function name issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-28 17:34:06 +08:00
Jerry Yu	3d9b590f02	guards transform_earlydata Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-28 17:34:06 +08:00
Dave Rodgman	bf9b23abf8	Merge pull request #6648 from gilles-peskine-arm/psa-ecb-null-0 Fix NULL+0 undefined behavior in PSA crypto ECB	2022-11-25 17:07:46 +00:00
Gilles Peskine	5a34b36bbd	Remove more now-redundant definitions of inline Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-25 13:26:44 +01:00
Manuel Pégourié-Gonnard	ef25a99f20	Merge pull request #6533 from valeriosetti/issue5847 Use PSA EC-JPAKE in TLS (1.2) - Part 2	2022-11-23 13:27:30 +01:00
Valerio Setti	d4a9b1ab8d	tls: psa_pake: remove useless defines and fix a comment Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-22 11:11:10 +01:00
Valerio Setti	6b3dab03b5	tls: psa_pake: use a single function for round one and two in key exchange read/write Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-17 17:14:54 +01:00
Valerio Setti	9bed8ec5d8	tls: psa_pake: make round two reading function symmatric to the writing one Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-17 16:36:19 +01:00
Valerio Setti	a08b1a40a0	tls: psa_pake: move move key exchange read/write functions to ssl_tls.c Inlined functions might cause the compiled code to have different sizes depending on the usage and this not acceptable in some cases. Therefore read/write functions used in the initial key exchange are moved to a standard C file. Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-17 16:34:59 +01:00
Valerio Setti	4a9caaa0c9	tls12: psa_pake: check elliptic curve's TLS ID on handshake Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-16 14:50:10 +01:00
Valerio Setti	fbbc1f3812	tls12: psa_pake: use proper defines for the output size of each step in ECJPAKE Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-16 14:49:52 +01:00
Valerio Setti	02c25b5f83	tls12: psa_pake: use common code for parsing/writing round one and round two data Share a common parsing code for both server and client for parsing round one and two. Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-16 13:56:12 +01:00
Ronald Cron	e9f92c4fbc	tls: Fix in_cid buffer size in transform structure Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-11-16 10:23:05 +01:00
Xiaokang Qian	a042b8406d	Address some format issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:16:19 +00:00
Xiaokang Qian	f447e8a8d3	Address comments base on reviews Improve early data indication check Update test case to gnutls server Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:15:36 +00:00
Xiaokang Qian	ecc2948f21	Fix format issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:15:05 +00:00
Xiaokang Qian	338f727683	Move EARLY_DATA_OFF/ON guard to ssl_misc.h Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:15:03 +00:00
Xiaokang Qian	b781a2323c	Move ssl_tls13_has_configured_ticket() back to tls13 client Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:13:51 +00:00
Xiaokang Qian	893ad81966	Remove useless early_secrets field Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:13:51 +00:00
Xiaokang Qian	0e97d4d16d	Add early data indication to client side Add fields to mbedtls_ssl_context Add write early data indication function Add check whether write early data indication Add early data option to ssl_client2 Add test cases for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:13:50 +00:00
Jerry Yu	b95dd3683b	Add missing mask set and tls13 unrecognized extension Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-08 23:51:38 +08:00
Jerry Yu	ea52ed91cf	fix typo and spell issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-08 21:01:17 +08:00
Neil Armstrong	ca7d506556	Use PSA PAKE API when MBEDTLS_USE_PSA_CRYPTO is selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com> Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-11-08 10:58:45 +01:00
Jerry Yu	d25cab0327	Refactor debug helpers for exts and hs message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-06 11:54:21 +08:00
Jerry Yu	df0ad658a3	tls13: Add allowed extesions constants. - And refactor check_received_extension Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-11-02 21:35:27 +08:00
Jerry Yu	7a485c1fdf	Add ext id and utilities - Remove `MBEDTLS_SSL_EXT_*` - Add macros and functions for translating iana identifer. - Add internal identity for extension Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	c4bf5d658e	fix various issues - Signature of - mbedtls_tls13_set_hs_sent_ext_mask - check_received_extension and issues - Also fix comment issue. - improve readablity. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	03112ae022	change input extension_type Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	0c354a211b	introduce sent/recv extensions field And remove `extensions_present` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	ffa1582793	move get_extension mask Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	d15992d3ce	fix wrong setting of unrecognized ext Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Jerry Yu	e18dc7eb9a	Add forbidden extensions check for ClientHello Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-31 16:41:42 +08:00
Ronald Cron	73fe8df922	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED to guard TLS code (both 1.2 and 1.3) specific to handshakes involving PSKs. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	e68ab4f55e	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to guard TLS code (both TLS 1.2 and 1.3) specific to handshakes involving certificates. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	41a443a68d	tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK.*ENABLED Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED instead of MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED to guard code specific to one of the TLS 1.3 key exchange mode with PSK. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	928cbd34e7	tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard code specific to the TLS 1.3 ephemeral key exchange mode. Use it also for the dependencies of TLS 1.3 only tests relying on ephemeral key exchange mode, but for tests in tls13-kex-modes.sh where the change is done later using all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	d29e13eb1b	tls: Use the same function in TLS 1.2 and 1.3 to check PSK conf Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Ronald Cron	3b056202d3	tls13: keys: Do not use `handshake->premaster` `handshake->premaster` was used to store the (EC)DHE shared secret but in TLS 1.3 there is no need to store it in a context. Futhermore, `handshake->premaster` and more specifically its sizing is TLS 1.2 specific thus better to not use it in TLS 1.3. Allocate a buffer to store the shared secret instead. Allocation instead of a stack buffer as the maintenance of the size of such buffer is harder (new elliptic curve for ECDHE, support for FFDHE ... ). Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-21 14:34:20 +02:00
Xiaokang Qian	ed3afcd6c3	Fix various typo and macro guards issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	ed0620cb13	Refine code base on comments Move code to proper macro guards protection Fix typo issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	03409290d2	Add MBEDTLS_SSL_SESSION_TICKETS guard to server name check Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	a3b451f950	Adress kinds of comments base on review Rename function name to mbedtls_ssl_session_set_hostname Add two extra check cases for server name Fix some coding styles Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	2f9efd3038	Address comments base on review Change function name to ssl_session_set_hostname() Remove hostname_len Change hostname to c_string Update test cases to multi session tickets Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:49 +00:00
Xiaokang Qian	bc663a0461	Refine code based on commnets Change code layout Change hostname_len type to size_t Fix various issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:01 +00:00
Paul Elliott	2c282c9bd0	Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.	2022-09-23 15:48:33 +01:00
Jerry Yu	f3bdf9dd51	fix various issues - improve document about configuration item. - format issue - variable type issue. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-22 23:47:14 +08:00
Jerry Yu	d0766eca58	fix various issues - Improve comments - Align count variable name to `new_session_tickets_count` - move tickets_count init to handshake init Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-22 13:21:29 +08:00
Manuel Pégourié-Gonnard	d433cd7d07	Merge pull request #6283 from mpg/driver-only-hashes-wrap-up Driver only hashes wrap-up	2022-09-21 08:29:46 +02:00
Jerry Yu	d4e7500a07	Enable multi session tickets on Server Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-09-19 14:24:03 +08:00

1 2 3 4 5 ...

435 Commits