lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity
17,833 Commits 176 Branches 276 Tags
3584ae4d5fffb366988c3875e599c51677d9777c
Commit Graph

17833 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hanno Becker
5d045a8b89 Stick to 'ephemeral' instead of ECDHE for TLS 1.3 key exchanges 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
674f9480cf Fix typo: algorithmc -> algorithms 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
d4fa9bc710 Remove outdated mentioning of version-specific ciphersuite config 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
a2535931ac Add Doxygen documentation for TLS 1.3 key exchange macros 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
932064d660 Add ssl-opt.sh tests for ssl_client/server TLS 1.3 kex parameters 
Those tests are so far only checking that ssl_client2/ssl_server2
recognize the arguments, nothing more.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
2c0f697fbc Support TLS 1.3 key exchange config in ssl_client2/ssl_server2 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:31:14 +01:00
Hanno Becker
71f1ed66c2 Add identifiers and API for configuration of TLS 1.3 key exchanges 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
e2defad0bb Fix indentation of pre-existing code-block in ssl_tls.c 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
ae336852c5 Add ssl-opt.sh run to TLS 1.3 test in all.sh 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
e486b2d7bb Document use of mbedtls_ssl_conf_ciphersuites() for TLS 1.3 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
8ca26923eb Add TLS 1.3 ciphersuites 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:28:45 +01:00
Hanno Becker
e043d15d75 Turn comments of 1.3 record transforms into Doxygen documentation 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-12 06:22:52 +01:00
Dave Rodgman
2aec149e13 Merge pull request #4248 from hanno-arm/tls13_populate_transform 
Fix and test compliance of TLS 1.3 record protection
 2021-08-11 16:41:51 +01:00
Jerry Yu
0402979ed3 Add openssl/gnutls tls1.3 feature tests. 
Add functions and test cases to make sure
tls1.3 is available in openssl/gnutls

Change-Id: I797d15117a8de96614f392e6bb2ed16b6d71ba69
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2021-08-11 18:09:49 +08:00
Hanno Becker
deb68ce2d1 Fix guard around TLS 1.3 SigAlg configuration 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 16:04:05 +01:00
Yuto Takano
d73cec1e09 Add newline at end of list-identifiers.sh 
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
 2021-08-10 15:45:28 +01:00
Yuto Takano
ac72fac465 Put back list-identifiers.sh as a thin wrapper around the python script 
Signed-off-by: Yuto Takano <yuto.takano@arm.com>
 2021-08-10 15:09:16 +01:00
Hanno Becker
9c6aa7bb9a Add default values for TLS 1.3 SigAlg configuration 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 13:55:49 +01:00
Hanno Becker
11ceadd382 Add cmdline param for TLS 1.3 sig alg config to ssl_{client,server}2 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 13:55:46 +01:00
Hanno Becker
1cd6e0021f Add experimental API for configuration of TLS 1.3 sig algs 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 13:55:43 +01:00
Mateusz Starzyk
e0f5227550 Add CCM test for calling finish without any input. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:31:57 +02:00
Hanno Becker
551265f879 Add TLS 1.3 IANA signature-algorithm values 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-08-10 13:03:48 +01:00
Mateusz Starzyk
8fb1754e1a Add short description for CCM test functions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
f442de69eb Add tests for CCM corner cases. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
bccbf88bc3 Rename CCM test functions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
2f1754916c Improve comment on local_output. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
a42f9537b5 Improve documentation for CCM's processed variable. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
b73c3ec1bc Restore MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED as default ret. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
62d22f9782 Use additional state in CCM to track auth data input. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
4f2dd8aada Fix errors returned by CCM functions. 
Add new error code for calling functions in wrong order.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 14:00:14 +02:00
Mateusz Starzyk
f337850738 Use const size buffer for local output in CCM decryption. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:59:36 +02:00
Mateusz Starzyk
c562788068 Fix local buffer allocation conditions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk
ceb5bc6150 Fix typos. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk
8788906947 Add CCM test for edge cases. 
Cover:
- not calling auth data update
- not calling cipher text update
- exceeding configured auth data length
- exceeding configured cipher text length

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk
c8bdf36a72 Validate tag pointer in ccm function. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk
1bda9451ef Factor out common code from ccm decrypt functions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk
eb395c00c9 Move 'Authenticated decryption' comment. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk
22f7a35ca4 Do not use output buffer for internal XOR during decryption. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:58:39 +02:00
Mateusz Starzyk
36d3b89c84 Verify input data lengths. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk
2d5652acee Move ccm error state handling. 
Remove error clearing from ccm_starts() and ccm_set_lengths().
Add error check in ccm_update_ad(), ccm_update() and ccm_finish().

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk
5d97601e81 Remove ccm input validation. 
VALIDATE and VALIDATE_RET macros are obsolete.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk
ca9dc8d1d7 Rename ccm_calculate_first_block function. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk
c52220d775 Clear temporary buffer after block crypt operation. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk
a9cbdfbb34 Replace ccm status flags with bitshifts. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk
4df9ac4882 Reorganize ccm context structure. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk
de7a83da0d Add changelog for chunked CCM implementation. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk
27a1bef89d Tidy up test functions. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk
29ec75b34e Add multipart testing to CCM* tests. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk
663055f784 Remove UPDATE_CBC macro and working b buffer. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00
Mateusz Starzyk
25a3dfe7dd Add multipart tests for ccm suite. 
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
 2021-08-10 13:56:37 +02:00