432 Commits

Author	SHA1	Message	Date
Yanray Wang	b3e207d762	tls13: early_data: cli: rename early_data parser in nst ... Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-30 16:49:51 +08:00
Yanray Wang	0790041dc6	Revert "tls13: early_data: cli: remove nst_ prefix" ... This reverts commit 3781ab40fb. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-30 16:44:44 +08:00
Yanray Wang	3781ab40fb	tls13: early_data: cli: remove nst_ prefix ... Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-23 18:17:14 +08:00
Yanray Wang	d012084e91	tls13: early_data: cli: optimize code ... - remove unnecessary check - using local variable session Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-23 16:38:20 +08:00
Yanray Wang	554ee62fba	tls13: early_data: fix wrong debug_ret message ... Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-22 18:55:03 +08:00
Yanray Wang	5da8ecffe6	tls13: nst early_data: remove duplicate code ... Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-22 18:52:21 +08:00
Yanray Wang	920db45818	tls13: early_data: support to parse max_early_data_size ext ... Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-22 10:33:11 +08:00
Jerry Yu	8e0174ac05	Add maximum ticket lifetime check ... Also add comments for age cast Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:24 +08:00
Jerry Yu	cf9135100e	fix various issues ... - fix CI failure due to wrong usage of ticket_lifetime - Improve document and comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	342a555eef	rename ticket received ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	46c7926f74	Add maximum ticket lifetime check ... Also add comments for age cast Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	cebffc3446	change time unit of ticket to milliseconds ... Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Tom Cosgrove	53199b1c0a	Merge pull request #6720 from yuhaoth/pr/tls13-early-data-receive-0_rtt-and-eoed ... TLS 1.3: EarlyData SRV: Write early data extension in EncryptedExtension	2023-11-07 13:59:13 +00:00
Dave Rodgman	4eb44e4780	Standardise some more headers ... Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-03 12:15:12 +00:00
Dave Rodgman	16799db69a	update headers ... Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-02 19:47:20 +00:00
Jerry Yu	960b7ebbcf	move psk check to EE message on client side ... early_data extension is sent in EE. So it should not be checked in SH message. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-01 10:32:18 +08:00
Dave Rodgman	2eab462a8c	Fix IAR warnings ... Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-10-05 13:30:37 +01:00
Gilles Peskine	e820c0abc8	Update spelling "mbed TLS" to "Mbed TLS" ... The official spelling of the trade mark changed from all-lowercase "mbed" to normal proper noun capitalization "Mbed" a few years ago. We've been using the new spelling in new text but still have the old spelling in a lot of text. This commit updates most occurrences of "mbed TLS": ``` sed -i -e 's/mbed TLS/Mbed TLS/g' $(git ls-files ':!ChangeLog' ':!tests/data_files/**' ':!tests/suites/*.data' ':!programs/x509/*' ':!configs/tfm*') ``` Justification for the omissions: * `ChangeLog`: historical text. * `test/data_files/**`, `tests/suites/*.data`, `programs/x509/*`: many occurrences are significant names in certificates and such. Changing the spelling would invalidate many signatures and tests. * `configs/tfm*`: this is an imported file. We'll follow the upstream updates. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-09-12 19:18:17 +02:00
Valerio Setti	c9ae862225	tls: use TLS 1.3 guards in ssl_tls13 modules ... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-25 11:23:50 +02:00
Valerio Setti	ea59c43499	tls: fix a comment a rename a variable/symbol ... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-25 11:14:03 +02:00
Valerio Setti	3d237b5ff1	ssl_misc: fix guards for PSA data used in XXDH key exchanges ... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-07 19:02:16 +02:00
Przemek Stekiel	408569f91a	Adapt function name: mbedtls_ssl_tls13_generate_and_write_dh_key_exchange ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-06 12:16:44 +02:00
Przemek Stekiel	7ac93bea8c	Adapt names: dh -> xxdh ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:26:26 +02:00
Przemek Stekiel	d5f79e7297	Adapt functions names for ffdh ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:26:26 +02:00
Przemek Stekiel	6f199859b6	Adapt handshake fields to ffdh ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-07-05 09:25:00 +02:00
Valerio Setti	dbd01cb677	tls13: fix guards for PSA error translating function ... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-04 09:18:52 +02:00
Manuel Pégourié-Gonnard	56b159a12a	Merge pull request #7627 from mprse/ffdh_tls13_v2 ... Make use of FFDH keys in TLS 1.3 v.2	2023-07-03 10:12:33 +02:00
Przemek Stekiel	a05e9c1ec8	Fix selection of default FFDH group ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-15 17:07:16 +02:00
Przemek Stekiel	7d42c0d0e5	Code cleanup #2 ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-13 12:30:40 +02:00
Andrzej Kurek	a6033ac431	Add missing guards in tls 1.3 ... Error translation is only used with these defines on. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-13 05:46:47 -04:00
Andrzej Kurek	1e4a030b00	Fix wrong array size calculation in error translation code ... Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-13 05:46:47 -04:00
Andrzej Kurek	0064484a70	Optimize error translation code size ... Introducing an intermediate function saves code size that's otherwise taken by excessive, repeated arguments in each place that was translating errors. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-13 05:46:46 -04:00
Przemek Stekiel	75a5a9c205	Code cleanup ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-13 09:57:23 +02:00
Przemek Stekiel	29c219c285	Combine mbedtls_ssl_tls13_generate_and_write_ecdh/ffdh_key_exchange functions ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	c89f3ea9f2	Add support for FFDH in TLS 1.3 ... Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Manuel Pégourié-Gonnard	02b10d8266	Add missing include ... Fix build failures with config full Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	1f2a587cdf	Use actual function instead of static inline ... Large static inline functions used from several translation units in the library are bad for code size as we end up with multiple copies. Use the actual function instead. There's already a comment that says so. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	2d6d993662	Use MD<->PSA functions from MD light ... As usual, just a search-and-replace plus: 1. Removing things from hash_info.[ch] 2. Adding new auto-enable MD_LIGHT in build-info.h 3. Including md_psa.h where needed Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
YxC	da609130f3	fix: correct calling to time function in tls13 client&server ... Call `mbedtls_time` to handle the case when MBEDTLS_PLATFORM_TIME_MACRO is defined Signed-off-by: Yuxiang Cao <yuxiang.cao@fortanix.com>	2023-05-22 13:22:00 -07:00
Xiaokang Qian	91bb3f0665	Wrap lines in library/ssl_tls13_client.c ... Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	958b6ffe98	Wrap lines which exceed 80 chars in ssl_tls13_client.c ... Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:27:52 +00:00
Ronald Cron	eff5673e09	Improve and align variable names for supported versions data ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	b828c7d3de	Fix, improve and add comments ... Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	47dce630f4	tls13: Add function to search for a supported_versions extension ... Move in a dedicated function the search for the supported_versions extension in a list of extensions, to be able to use it on server side as well. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:17 +02:00
Valerio Setti	080a22ba75	ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability ... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	0c8ec3983e	ssl_tls: fix proper guards for accelerated ECDH ... Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	90df310d89	ssl_tls13: fix guards for accel ECDH ... These changes fix all failures found in test_suite_ssl Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Jan Bruckner	1a38e54436	Changes from 2nd review ... Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-15 14:15:11 +01:00
Jan Bruckner	a0589e75a0	Changes from review ... Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-15 11:04:45 +01:00
Jan Bruckner	151f64283f	Add parsing for Record Size Limit extension in TLS 1.3 ... Fixes #7007 Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-14 08:41:25 +01:00