Jerry Yu 
							
						 
					 
					
						
						
							
						
						08aed4def9 
					 
					
						
						
							
							fix comments and time_t type issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-07-20 11:07:29 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						a0446a0344 
					 
					
						
						
							
							Add check_return flag  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-07-20 11:07:29 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						4e6c42a533 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						- wrong typo
- unnecessary comments/debug code
- wrong location
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-07-20 11:07:29 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						cb3b1396f3 
					 
					
						
						
							
							move resume psk ticket computation to end  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-07-20 11:07:29 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						af2c0c8dd6 
					 
					
						
						
							
							fix various comment/format issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-07-20 11:07:29 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						a357cf4d4c 
					 
					
						
						
							
							Rename new_session_ticket state  
						
						... 
						
						
						
						Both client and server side use
`MBEDTLS_SSL_NEW_SESSION_TICKET` now
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-07-20 11:07:29 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						f8a4994ec7 
					 
					
						
						
							
							Add tls13 new session ticket parser  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-07-20 11:07:29 +08:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						ce7d76e2ee 
					 
					
						
						
							
							Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr  
						
						
						
						
					 
					
						2022-07-11 10:22:37 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						81a334fc02 
					 
					
						
						
							
							tls13: Fix buffer overread checks in ssl_tls13_parse_alpn_ext()  
						
						... 
						
						
						
						Some coding style alignement as well.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-06-28 09:21:13 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						fb508b8f21 
					 
					
						
						
							
							tls13: Move state changes up to state main handler  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-06-28 09:21:13 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						5afb904022 
					 
					
						
						
							
							tls13: Move out of place handshake field reset  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-06-28 09:18:42 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						828aff6ead 
					 
					
						
						
							
							tls13: Rename server_hello_coordinate to preprocess_server_hello  
						
						... 
						
						
						
						Rename server_hello_coordinate to preprocess_server_hello
as it is more aligned with what the function does.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-06-28 09:18:42 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						db5dfa1f1c 
					 
					
						
						
							
							tls13: Move ServerHello fetch to the ServerHello top handler  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-06-28 09:18:42 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						9d6a545714 
					 
					
						
						
							
							tls13: Re-organize EncryptedExtensions message parsing code  
						
						... 
						
						
						
						Align the organization of the EncryptedExtensions
message parsing code with the organization of the
other message parsing codes.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-06-28 09:18:42 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						c80835943c 
					 
					
						
						
							
							tls13: Fix pointer calculation before space check  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-06-28 09:18:42 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						2827106199 
					 
					
						
						
							
							tls13: Add missing buffer overread check  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-06-28 09:18:42 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						1938588e80 
					 
					
						
						
							
							tls13: Align some debug messages with TLS 1.2 ones  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-06-24 12:06:46 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						a3115dc0e6 
					 
					
						
						
							
							Mark static int SSL functions CHECK_RETURN_CRITICAL  
						
						... 
						
						
						
						Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com > 
						
						
					 
					
						2022-06-20 21:12:52 +02:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						23c5be6b94 
					 
					
						
						
							
							Enable SNI test for both tls12 and tls13  
						
						... 
						
						
						
						Change-Id: Iae5c39668db7caa1a59d7e67f226a5286d91db22
CustomizedGitHooks: yes
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-06-07 09:43:13 +00:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						e3d67cb263 
					 
					
						
						
							
							Improve readability  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-05-19 15:33:10 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						e8c1fca67c 
					 
					
						
						
							
							move trafic set to generic  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-05-18 16:57:45 +08:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						696956da24 
					 
					
						
						
							
							Typo  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-05-13 17:02:19 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						078e803d2c 
					 
					
						
						
							
							Unify parsing of the signature algorithms extension  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-05-11 14:29:08 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						93a13f2c38 
					 
					
						
						
							
							Share magic word of HRR  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-05-09 15:48:59 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						f86eb75c58 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-05-06 11:16:55 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						e110d258d9 
					 
					
						
						
							
							Add set outbound transform  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-05-05 19:59:59 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						89e103c54c 
					 
					
						
						
							
							tls13: Share write ecdh_key_exchange function  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-04-22 16:45:01 +08:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						38b8aa4f63 
					 
					
						
						
							
							Merge pull request  #5539  from xkqian/add_client_hello_to_server  
						
						... 
						
						
						
						Add client hello into server side 
						
						
					 
					
						2022-04-22 10:26:00 +02:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						0803755347 
					 
					
						
						
							
							Update code base on review comments  
						
						... 
						
						
						
						Refine named_group parsing
Refine cipher_suites parsing
Remove hrr related part
Share code between client and server side
Some code style changes
Change-Id: Ia9ffd5ef9c0b64325f633241e0ea1669049fe33a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-04-20 07:50:14 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						9b5d04b078 
					 
					
						
						
							
							Share parse_key_share() between client and server  
						
						... 
						
						
						
						Change-Id: I3fd2604296dc0e1e8380f5405429a6b0feb6e981
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-04-20 07:43:48 +00:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						fd8cbda3ec 
					 
					
						
						
							
							Remove ECDH code specific to TLS 1.3  
						
						... 
						
						
						
						ECDH operations in TLS 1.3 are now done through PSA.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-04-19 18:31:24 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						fd6193c285 
					 
					
						
						
							
							ssl_tls13_client: Add downgrade attack protection  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-04-19 18:31:24 +02:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
							
						
						cd78df6aa4 
					 
					
						
						
							
							handshake->min_minor_ver to ->min_tls_version  
						
						... 
						
						
						
						Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com > 
						
						
					 
					
						2022-04-14 15:40:14 -04:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
							
						
						e3af4cb72a 
					 
					
						
						
							
							mbedtls_ssl_(read|write)_version using tls_version  
						
						... 
						
						
						
						remove use of MBEDTLS_SSL_MINOR_VERSION_*
remove use of MBEDTLS_SSL_MAJOR_VERSION_*
(only remaining use is in tests/suites/test_suite_ssl.data)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com > 
						
						
					 
					
						2022-04-14 15:40:14 -04:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
							
						
						60bfe60d0f 
					 
					
						
						
							
							mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version  
						
						... 
						
						
						
						Store the TLS version in tls_version instead of major, minor version num
Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller.
Reduce size of mbedtls_ssl_ciphersuite_t
members are defined using integral types instead of enums in
order to pack structure and reduce memory usage by internal
ciphersuite_definitions[]
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com > 
						
						
					 
					
						2022-04-14 15:40:12 -04:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						1b05aff3ad 
					 
					
						
						
							
							Merge pull request  #5624  from superna9999/5312-tls-server-ecdh  
						
						... 
						
						
						
						TLS ECDH 3b: server-side static ECDH (1.2) 
						
						
					 
					
						2022-04-07 11:46:25 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						a9f9335ee9 
					 
					
						
						
							
							ssl_tls13_generate_and_write_ecdh_key_exchange(): remove redundant check  
						
						... 
						
						
						
						This check can be removed as if the buffer is too small for the key, then export will fail.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-04 17:32:30 +02:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						91477a7964 
					 
					
						
						
							
							Switch handshake->ecdh_bits to size_t and remove now useless cast & limit checks  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-03-31 15:24:18 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						6476726ce4 
					 
					
						
						
							
							Fix comments  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-31 14:13:57 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						ba120bb228 
					 
					
						
						
							
							ssl_tls13_client.c: Fix ciphersuite final validation  
						
						... 
						
						
						
						As we may offer ciphersuites not compatible with
TLS 1.3 in the ClientHello check that the selected
one is compatible with TLS 1.3.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-31 09:35:33 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						9847338429 
					 
					
						
						
							
							ssl_tls13_client.c: Add check in supported_versions parsing  
						
						... 
						
						
						
						Add check in ServerHello supported_versions parsing
that the length of the extension data is exactly
two.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-31 09:33:41 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						a77fc2756e 
					 
					
						
						
							
							ssl_tls13_client.c: versions ext writing : Fix available space check  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-31 09:27:35 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						da41b38c42 
					 
					
						
						
							
							Improve and fix comments  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-30 14:10:03 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						dbe87f08ec 
					 
					
						
						
							
							Propose TLS 1.3 and TLS 1.2  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-29 18:58:31 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						9f0fba374c 
					 
					
						
						
							
							Add logic to switch to TLS 1.2  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-29 18:58:31 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						27c85e743f 
					 
					
						
						
							
							ssl_tls.c: Unify TLS 1.2 and TLS 1.3 SSL state logs  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-29 18:58:31 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						11e1857f5e 
					 
					
						
						
							
							ssl_client.c: Fix key share code guards  
						
						... 
						
						
						
						In TLS 1.3 key sharing is not restricted to key
exchange with certificate authentication. It
happens in the PSK and ephemeral key exchange
mode as well where there is no certificate
authentication.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-29 18:58:31 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						3d580bf4bd 
					 
					
						
						
							
							Move TLS 1.3 client hello writing to new TLS 1.2 and 1.3 client file  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-29 17:00:29 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						8f6d39a81d 
					 
					
						
						
							
							Make some handshake TLS 1.3 utility routines available for TLS 1.2  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-29 14:42:17 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						7ffe7ebe38 
					 
					
						
						
							
							ssl_tls13_client.c: Add some MBEDTLS_SSL_PROTO_TLS1_3 guards  
						
						... 
						
						
						
						Add some MBEDTLS_SSL_PROTO_TLS1_3 guards that will
be necessary when the ClientHello writing code is
made available when MBEDTLS_SSL_PROTO_TLS1_2 is
enabled.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-03-29 14:42:17 +02:00