mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-26 13:21:03 +03:00

Author	SHA1	Message	Date
Przemek Stekiel	14d11b0877	Enable support for psa opaque ECDHE-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:53:55 +02:00
Przemek Stekiel	19b80f8151	Enable support for psa opaque ECDHE-PSK key exchange on the client side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	aeb710fec5	Enable support for psa opaque RSA-PSK key exchange on the server side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	fc72e428ed	ssl_client2: Enable support for TLS 1.2 RSA-PSK opaque ciphersuite Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Ronald Cron	38b8aa4f63	Merge pull request #5539 from xkqian/add_client_hello_to_server Add client hello into server side	2022-04-22 10:26:00 +02:00
Manuel Pégourié-Gonnard	21f82c7510	Merge pull request #5709 from superna9999/5625-pk-opaque-rsa-tls12 RSA sign 3b: TLS 1.2 integration testing	2022-04-22 10:05:43 +02:00
Gilles Peskine	afbfed9397	Merge pull request #5582 from gilles-peskine-arm/ssl-opt-auto-psk Run ssl-opt.sh in more reduced configurations	2022-04-21 12:03:53 +02:00
XiaokangQian	318dc763a6	Fix test failure issue and update code styles Change-Id: I0b08da1b083abdb19dc383e6f4b210f66659c109 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 09:43:51 +00:00
Glenn Strauss	e3af4cb72a	mbedtls_ssl_(read\|write)_version using tls_version remove use of MBEDTLS_SSL_MINOR_VERSION_* remove use of MBEDTLS_SSL_MAJOR_VERSION_* (only remaining use is in tests/suites/test_suite_ssl.data) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00
Glenn Strauss	60bfe60d0f	mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version Store the TLS version in tls_version instead of major, minor version num Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller. Reduce size of mbedtls_ssl_ciphersuite_t members are defined using integral types instead of enums in order to pack structure and reduce memory usage by internal ciphersuite_definitions[] Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:12 -04:00
Neil Armstrong	f0b1271a42	Support RSA Opaque PK keys in ssl_server2 Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-13 10:49:25 +02:00
Gilles Peskine	99a732bf0c	Fix off-by-one in buffer_size usage The added null byte was accounted for twice, once by taking opt.buffer_size+1 when allocating the buffer and once by taking opt.buffer-1 when filling the buffer. Make opt.buffer_size the size that is actually read, it's less confusing that way. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-06 23:34:36 +02:00
Gilles Peskine	8bb96d96cd	Fix buffer size calculation Make sure that buf always has enough room for what it will contain. Before, this was not the case if the buffer was smaller than the default response, leading to memory corruption in ssl_server2. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-06 23:31:05 +02:00
Jerry Yu	79c004148d	Add PSA && TLS1_3 check_config Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 15:13:34 +08:00
Jerry Yu	3a58b462b6	add pss_rsae_sha{384,512} Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 15:13:34 +08:00
Dave Rodgman	2cecd8aaad	Merge pull request #3624 from daxtens/timeless RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test	2022-03-15 16:43:19 +00:00
Manuel Pégourié-Gonnard	10e5cdbbbf	Merge pull request #5454 from gstrauss/cert_cb-user_data server certificate selection callback	2022-03-10 11:51:42 +01:00
Manuel Pégourié-Gonnard	d815114f93	Merge pull request #5524 from mprse/tls_ecdh_2c TLS ECDH 2c: ECHDE in TLS 1.3 (client-side)	2022-03-08 11:43:45 +01:00
Andrzej Kurek	541318ad70	Refactor ssl_context_info time printing Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Andrzej Kurek	554b820747	Guard cache_timeout in ssl_server2 with MBEDTLS_HAVE_TIME Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-03-04 05:07:45 -05:00
Raoul Strackx	9ed9bc9377	programs/ssl: Fix compile errors when MBEDTLS_HAVE_TIME is not defined Signed-off-by: Raoul Strackx <raoul.strackx@fortanix.com> [dja: add some more fixes, tweak title] Signed-off-by: Daniel Axtens <dja@axtens.net>	2022-03-04 05:07:45 -05:00
Przemek Stekiel	3f076dfb6d	Fix comments for conditional compilation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-04 09:36:46 +01:00
Glenn Strauss	48a37f01b3	Add cert_cb use to programs/ssl/ssl_server2.c (for use by some tests/) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-25 19:55:53 -05:00
Przemyslaw Stekiel	169f115bf0	ssl_client2: init psa crypto for TLS 1.3 build Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>	2022-02-14 17:15:04 +01:00
Glenn Strauss	a941b62985	Create public macros for ssl_ticket key,name sizes Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 15:28:28 -05:00
Glenn Strauss	e328245618	Add test case use of mbedtls_ssl_ticket_rotate Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 14:33:16 -05:00
Manuel Pégourié-Gonnard	6f20595b6e	Merge pull request #5462 from gilles-peskine-arm/ssl-test-pkey-message-clarity Clarify key types message from ssl_client2 and ssl_server2	2022-02-03 11:33:03 +01:00
Manuel Pégourié-Gonnard	1ab2d6966c	Merge pull request #5385 from AndrzejKurek/use-psa-crypto-reduced-configs Resolve problems with reduced configs using USE_PSA_CRYPTO	2022-02-02 10:20:26 +01:00
Gilles Peskine	cc50f1be43	Fix copypasta Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-01-31 22:53:30 +01:00
Gilles Peskine	05bf89da34	Clarify key types message from ssl_client2 and ssl_server2 If no key is loaded in a slot, say "none", not "invalid PK". When listing two key types, use punctuation that's visibly a sequence separator (","). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-01-25 17:50:25 +01:00
Jerry Yu	11f0a9c2c4	fix deprecated-declarations error replace sig_hashes with sig_alg Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Manuel Pégourié-Gonnard	fcca7cfa97	Merge pull request #5428 from gstrauss/mbedtls_ssl_ciphersuite Add accessors for ciphersuite info	2022-01-24 11:13:31 +01:00
Manuel Pégourié-Gonnard	ff743a7f38	Merge pull request #5425 from gabor-mezei-arm/5181_tls_cipher_extend_testing_of_tickets TLS Cipher 1a: extend testing of tickets	2022-01-24 10:25:29 +01:00
Glenn Strauss	6eef56392a	Add tests for accessors for ciphersuite info Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-01-23 08:37:02 -05:00
Andrzej Kurek	7a58d5283b	Add missing dependencies on MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED Fix dependencies across test ssl programs. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-19 12:34:02 -05:00
Gabor Mezei	d4bea1efd5	Add ticket_aead option for ssl_server2 The ticket_aead option allows to specify the session ticket protection. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-01-12 16:21:15 +01:00
Andrzej Kurek	03e01461ad	Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO Fix library references, tests and programs. Testing is performed in the already present all.sh test. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-03 12:53:24 +01:00
Ronald Cron	6f135e1148	Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3 As we have now a minimal viable implementation of TLS 1.3, let's remove EXPERIMENTAL from the config option enabling it. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-10 13:47:55 +01:00
Paul Elliott	ef9cccaf3c	Fix printf format specifier Also mark function as printf variant so compiler will pickup any future issues. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-12-09 17:25:04 +00:00
Paul Elliott	3820c150d1	Prevent resource leak If -f was used as an argument twice to the program, then it would leak the file resource, due to overwriting it on the second pass Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-12-09 12:48:51 +00:00
Xiaofei Bai	d25fab6f79	Update based on comments Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-12-02 06:36:27 +00:00
Xiaofei Bai	6dc90da740	Rebased on `74217ee` and add fixes Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-26 08:12:43 +00:00
Xiaofei Bai	9539501120	Rebase and add fixes Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-26 08:09:26 +00:00
Xiaofei Bai	746f9481ea	Fix 1_3/13 usages in macros and function names Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>	2021-11-26 08:08:36 +00:00
XiaokangQian	4d2329fd8a	Change code based on reviews Remove support signature PKCS1 v1.5 in CertificateVerify. Remove useless server states in test script Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-25 02:21:16 +00:00
XiaokangQian	25476a48b9	Change code based on review Remove useless component in all.sh Remove use server logs in ssh-opt.sh Remove useless guards in ssl_client2.c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-23 14:01:21 +00:00
XiaokangQian	ff5f6c8bb0	Refine test code and test scripts Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-23 08:49:51 +00:00
XiaokangQian	f977e9af6d	Add componet test and rsa signature options Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-23 07:19:23 +00:00
XiaokangQian	bdf26de384	Fix test failure and remove useless code Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-22 09:52:56 +00:00
XiaokangQian	4b82ca1b70	Refine test code and test scripts Change client test code to support rsa pss signatures Add test cases for rsa pss signature in ssl-opt.sh Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2021-11-22 05:50:12 +00:00

1 2 3 4 5 ...

1073 Commits