Jerry Yu 
							
						 
					 
					
						
						
							
						
						6916e70521 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						- adjust guards. Remove duplicate guards and adjust format.
- Return success at function end. Not `ret`
- change input len
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-10-10 21:33:51 +08:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						68a01a6720 
					 
					
						
						
							
							Fix session tickets related build flags in fuzz_server and ssl_server2  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-10-10 13:30:43 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						03b8f9d299 
					 
					
						
						
							
							Adjust guards for dummy_tickets  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-10-08 14:56:38 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						25ab654781 
					 
					
						
						
							
							Add dummy ticket support  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-10-07 10:11:05 +08:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						e3358e14b2 
					 
					
						
						
							
							Merge pull request  #6051  from mprse/permissions_2b_v2  
						
						... 
						
						
						
						Permissions 2b: TLS 1.3 sigalg selection 
						
						
					 
					
						2022-09-28 09:50:04 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Elliott 
							
						 
					 
					
						
						
							
						
						2c282c9bd0 
					 
					
						
						
							
							Merge pull request  #6180  from yuhaoth/pr/add-tls13-multiple-session-tickets  
						
						... 
						
						
						
						TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session. 
						
						
					 
					
						2022-09-23 15:48:33 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						50969e3af5 
					 
					
						
						
							
							ssl-opt.sh: TLS 1.3 opaque key: Add test with unsuitable sig alg  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-09-20 15:57:57 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						7a51305478 
					 
					
						
						
							
							Add multi-session tickets test  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-09-19 14:26:07 +08:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						e896705c1a 
					 
					
						
						
							
							Take advantage of legacy_or_psa.h being public  
						
						... 
						
						
						
						Opportunities for using the macros were spotted using:
    git grep -E -n -A2 'MBEDTLS_(MD|SHA)[0-9]+_C' | egrep 'PSA_WANT_ALG_(MD|SHA)'
then manually filtering the results.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com > 
						
						
					 
					
						2022-09-16 12:03:52 +02:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
							
						
						0bc834b27f 
					 
					
						
						
							
							Enable signature algorithms in ssl programs with PSA based hashes  
						
						... 
						
						
						
						Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com > 
						
						
					 
					
						2022-09-12 05:37:46 -04:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						e00d6d6b55 
					 
					
						
						
							
							Merge pull request  #6135  from yuhaoth/pr/tls13-finalize-external-psk-negotiation  
						
						... 
						
						
						
						TLS 1.3: SRV: Finalize external PSK negotiation 
						
						
					 
					
						2022-08-31 17:21:57 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						c5a23a0f12 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						- code style
- variable initialize
- update comments
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-08-25 11:09:35 +08:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
							
						
						8c95ac4500 
					 
					
						
						
							
							Add missing dependencies / alternatives  
						
						... 
						
						
						
						A number of places lacked the necessary dependencies on one of
the used features: MD, key exchange with certificate, 
entropy, or ETM.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com > 
						
						
					 
					
						2022-08-22 17:46:50 -04:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						5d01c05d93 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						- wrong typo in comments
- replace psk null check with key_exchange_mode check
- set psk NULL when error return in export hs psk
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-08-21 12:55:01 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						2b7a51ba8f 
					 
					
						
						
							
							Add psk_or_ephemeral mode and tests  
						
						... 
						
						
						
						psk_or_ephemeral exists in theory. This change is for
improving test coverage.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-08-21 12:51:53 +08:00 
						 
				 
			
				
					
						
							
							
								Jan Bruckner 
							
						 
					 
					
						
						
							
						
						25fdc2addb 
					 
					
						
						
							
							Fix minor typos  
						
						... 
						
						
						
						Signed-off-by: Jan Bruckner <jan@janbruckner.de > 
						
						
					 
					
						2022-07-26 10:52:46 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						0e39ece23f 
					 
					
						
						
							
							Merge pull request  #5916  from yuhaoth/pr/tls13-refactor-get-sig-alg-from-pk  
						
						... 
						
						
						
						Refactor signature algorithm chooser 
						
						
					 
					
						2022-07-04 09:10:08 +02:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						202919c23d 
					 
					
						
						
							
							refine supported sig alg print  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-06-29 16:18:29 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						64f410c246 
					 
					
						
						
							
							Add tls13 sig alg parameters  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-06-29 16:16:09 +08:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
							
						
						bd10c4e2af 
					 
					
						
						
							
							Test accessors to config DN hints for cert request  
						
						... 
						
						
						
						Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com > 
						
						
					 
					
						2022-06-29 02:54:28 -04:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						d5d5b60c07 
					 
					
						
						
							
							Add comprehensive test cases for TLS1.3 server side  
						
						... 
						
						
						
						Change-Id: I544cb12b3ffe5edd7d59fa54342ca7db5b5c8a2a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-05-31 02:51:26 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						9bc53a2e84 
					 
					
						
						
							
							Merge pull request  #5806  from josesimoes/fix-3031  
						
						... 
						
						
						
						Remove prompt to exit in all programs 
						
						
					 
					
						2022-05-12 10:50:31 +02:00 
						 
				 
			
				
					
						
							
							
								Shaun Case 
							
						 
					 
					
						
						
							
						
						8b0ecbccf4 
					 
					
						
						
							
							Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.  
						
						... 
						
						
						
						Signed-off-by: Shaun Case <warmsocks@gmail.com >
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2022-05-11 21:25:51 +01:00 
						 
				 
			
				
					
						
							
							
								josesimoes 
							
						 
					 
					
						
						
							
						
						23419560c9 
					 
					
						
						
							
							Remove prompt to exit in all programs  
						
						... 
						
						
						
						Signed-off-by: José Simões <jose.simoes@eclo.solutions > 
						
						
					 
					
						2022-05-06 17:11:22 +01:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						cb20d202d2 
					 
					
						
						
							
							Further code optimization  
						
						... 
						
						
						
						- key_opaque_set_alg_usage(): set alg/usage in loop
- key_opaque_set_alg_usage(): add key paramteter to set default alg/usage if it is not specified by command line parameters
- unify default alg/usage for client and server
- optimize opaque code on client and server side
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-05-06 09:34:30 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						296bfba924 
					 
					
						
						
							
							ssl_server2: add key_opaque_algs2 usage info  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-05-05 11:08:34 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						488efa05b6 
					 
					
						
						
							
							Fix compiler warnings: initialize local variables: psa_alg, psa_alg2, psa_usage  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-05-05 10:17:01 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						134eb8b6e2 
					 
					
						
						
							
							Fix style  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-05-05 10:17:01 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						092128324f 
					 
					
						
						
							
							ssl_client2/ss_server2: optimize code for opaque key  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-05-05 10:17:01 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						e5e9ba920f 
					 
					
						
						
							
							ssl_server2: refactor opaque code  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-05-05 10:17:01 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						b58c47a666 
					 
					
						
						
							
							ssl_server2: use key opaque algs given from command line  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-05-05 10:17:01 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						344c561292 
					 
					
						
						
							
							ssl_server2: Add support for key_opaque_algs2 command line paramtere  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-05-05 10:17:01 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						77fc9ab1ba 
					 
					
						
						
							
							Fix typos and code style  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-05-05 10:17:01 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						4ca0d72c3b 
					 
					
						
						
							
							ssl server: add key_opaque_algs command line option  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-05-05 10:17:01 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						068a13d909 
					 
					
						
						
							
							Merge pull request  #5771  from superna9999/5761-rsa-decrypt-rework-pk-wrap-as-opaque  
						
						... 
						
						
						
						RSA decrypt 0: Rework `mbedtls_pk_wrap_as_opaque()` 
						
						
					 
					
						2022-05-02 09:06:49 +02:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						94e371af91 
					 
					
						
						
							
							Update mbedtls_pk_wrap_as_opaque() usage in SSL client2 & server2  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-04-28 13:27:59 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						cb322eac6b 
					 
					
						
						
							
							Enable support for psa opaque DHE-PSK key exchange on the server side  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-22 14:54:33 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						14d11b0877 
					 
					
						
						
							
							Enable support for psa opaque ECDHE-PSK key exchange on the server side  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-22 14:53:55 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						aeb710fec5 
					 
					
						
						
							
							Enable support for psa opaque RSA-PSK key exchange on the server side  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-22 14:52:28 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						38b8aa4f63 
					 
					
						
						
							
							Merge pull request  #5539  from xkqian/add_client_hello_to_server  
						
						... 
						
						
						
						Add client hello into server side 
						
						
					 
					
						2022-04-22 10:26:00 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						21f82c7510 
					 
					
						
						
							
							Merge pull request  #5709  from superna9999/5625-pk-opaque-rsa-tls12  
						
						... 
						
						
						
						RSA sign 3b: TLS 1.2 integration testing 
						
						
					 
					
						2022-04-22 10:05:43 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						afbfed9397 
					 
					
						
						
							
							Merge pull request  #5582  from gilles-peskine-arm/ssl-opt-auto-psk  
						
						... 
						
						
						
						Run ssl-opt.sh in more reduced configurations 
						
						
					 
					
						2022-04-21 12:03:53 +02:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						318dc763a6 
					 
					
						
						
							
							Fix test failure issue and update code styles  
						
						... 
						
						
						
						Change-Id: I0b08da1b083abdb19dc383e6f4b210f66659c109
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-04-20 09:43:51 +00:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
							
						
						e3af4cb72a 
					 
					
						
						
							
							mbedtls_ssl_(read|write)_version using tls_version  
						
						... 
						
						
						
						remove use of MBEDTLS_SSL_MINOR_VERSION_*
remove use of MBEDTLS_SSL_MAJOR_VERSION_*
(only remaining use is in tests/suites/test_suite_ssl.data)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com > 
						
						
					 
					
						2022-04-14 15:40:14 -04:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
							
						
						60bfe60d0f 
					 
					
						
						
							
							mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version  
						
						... 
						
						
						
						Store the TLS version in tls_version instead of major, minor version num
Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller.
Reduce size of mbedtls_ssl_ciphersuite_t
members are defined using integral types instead of enums in
order to pack structure and reduce memory usage by internal
ciphersuite_definitions[]
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com > 
						
						
					 
					
						2022-04-14 15:40:12 -04:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						f0b1271a42 
					 
					
						
						
							
							Support RSA Opaque PK keys in ssl_server2  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-04-13 10:49:25 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						99a732bf0c 
					 
					
						
						
							
							Fix off-by-one in buffer_size usage  
						
						... 
						
						
						
						The added null byte was accounted for twice, once by taking
opt.buffer_size+1 when allocating the buffer and once by taking opt.buffer-1
when filling the buffer. Make opt.buffer_size the size that is actually
read, it's less confusing that way.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2022-04-06 23:34:36 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						8bb96d96cd 
					 
					
						
						
							
							Fix buffer size calculation  
						
						... 
						
						
						
						Make sure that buf always has enough room for what it will contain. Before,
this was not the case if the buffer was smaller than the default response,
leading to memory corruption in ssl_server2.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2022-04-06 23:31:05 +02:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						2cecd8aaad 
					 
					
						
						
							
							Merge pull request  #3624  from daxtens/timeless  
						
						... 
						
						
						
						RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test 
						
						
					 
					
						2022-03-15 16:43:19 +00:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
							
						
						554b820747 
					 
					
						
						
							
							Guard cache_timeout in ssl_server2 with MBEDTLS_HAVE_TIME  
						
						... 
						
						
						
						Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com > 
						
						
					 
					
						2022-03-04 05:07:45 -05:00