mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-12 08:21:54 +03:00

Author	SHA1	Message	Date
Valerio Setti	dbd01cb677	tls13: fix guards for PSA error translating function Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-04 09:18:52 +02:00
Manuel Pégourié-Gonnard	56b159a12a	Merge pull request #7627 from mprse/ffdh_tls13_v2 Make use of FFDH keys in TLS 1.3 v.2	2023-07-03 10:12:33 +02:00
Przemek Stekiel	a05e9c1ec8	Fix selection of default FFDH group Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-15 17:07:16 +02:00
Przemek Stekiel	7d42c0d0e5	Code cleanup #2 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-13 12:30:40 +02:00
Andrzej Kurek	a6033ac431	Add missing guards in tls 1.3 Error translation is only used with these defines on. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-13 05:46:47 -04:00
Andrzej Kurek	1e4a030b00	Fix wrong array size calculation in error translation code Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-13 05:46:47 -04:00
Andrzej Kurek	0064484a70	Optimize error translation code size Introducing an intermediate function saves code size that's otherwise taken by excessive, repeated arguments in each place that was translating errors. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-13 05:46:46 -04:00
Przemek Stekiel	75a5a9c205	Code cleanup Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-13 09:57:23 +02:00
Przemek Stekiel	29c219c285	Combine mbedtls_ssl_tls13_generate_and_write_ecdh/ffdh_key_exchange functions Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	c89f3ea9f2	Add support for FFDH in TLS 1.3 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Manuel Pégourié-Gonnard	02b10d8266	Add missing include Fix build failures with config full Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	1f2a587cdf	Use actual function instead of static inline Large static inline functions used from several translation units in the library are bad for code size as we end up with multiple copies. Use the actual function instead. There's already a comment that says so. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
Manuel Pégourié-Gonnard	2d6d993662	Use MD<->PSA functions from MD light As usual, just a search-and-replace plus: 1. Removing things from hash_info.[ch] 2. Adding new auto-enable MD_LIGHT in build-info.h 3. Including md_psa.h where needed Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-06 10:33:54 +02:00
YxC	da609130f3	fix: correct calling to time function in tls13 client&server Call `mbedtls_time` to handle the case when MBEDTLS_PLATFORM_TIME_MACRO is defined Signed-off-by: Yuxiang Cao <yuxiang.cao@fortanix.com>	2023-05-22 13:22:00 -07:00
Xiaokang Qian	91bb3f0665	Wrap lines in library/ssl_tls13_client.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:29:17 +00:00
Xiaokang Qian	958b6ffe98	Wrap lines which exceed 80 chars in ssl_tls13_client.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-04-10 08:27:52 +00:00
Ronald Cron	eff5673e09	Improve and align variable names for supported versions data Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	b828c7d3de	Fix, improve and add comments Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	47dce630f4	tls13: Add function to search for a supported_versions extension Move in a dedicated function the search for the supported_versions extension in a list of extensions, to be able to use it on server side as well. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:17 +02:00
Valerio Setti	080a22ba75	ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	0c8ec3983e	ssl_tls: fix proper guards for accelerated ECDH Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	90df310d89	ssl_tls13: fix guards for accel ECDH These changes fix all failures found in test_suite_ssl Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Jan Bruckner	1a38e54436	Changes from 2nd review Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-15 14:15:11 +01:00
Jan Bruckner	a0589e75a0	Changes from review Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-15 11:04:45 +01:00
Jan Bruckner	151f64283f	Add parsing for Record Size Limit extension in TLS 1.3 Fixes #7007 Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-14 08:41:25 +01:00
Jan Bruckner	5a3629b613	Fix debug print of encrypted extensions Perform debug print of encrypted extensions buffer only after the buffer length was checked successfully Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-14 08:41:25 +01:00
Dave Rodgman	5e5aa4a4e6	Merge pull request #7218 from tom-cosgrove-arm/fix-typos-230307 Fix typos in development prior to release	2023-03-08 17:19:59 +00:00
Tom Cosgrove	5c8505f061	Fix typos Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-07 11:39:52 +00:00
Andrzej Kurek	8a045ce5e6	Unify PSA to Mbed TLS error translation Move all error translation utilities to psa_util.c. Introduce macros and functions to avoid having a local copy of the error translating function in each place. Identify overlapping errors and introduce a generic function. Provide a single macro for all error translations (unless one file needs a couple of different ones). Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-03 05:23:44 -05:00
Manuel Pégourié-Gonnard	63e33dd175	Fix unchecked return value Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-22 10:09:40 +01:00
Manuel Pégourié-Gonnard	43cc127d3a	Fix code style Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Manuel Pégourié-Gonnard	b8b07aa24a	Handle errors from functions that now return int A few functions were changed from returning void to returning int three commits ago. Make sure their callers check the return values. This commits was basically a matter of declaring newly-int-returning functions MBEDTLS_CHECK_RETURN_CRITICAL and then fixing the resulting warnings. A few functions had to be made int in the process; they were applied the same process as well. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-02-21 15:39:12 +01:00
Xiaokang Qian	0de0d863b6	Rebase code to restore reco-delay and fix some style issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 07:41:42 +00:00
Xiaokang Qian	8dc4ce76c7	Fix various coding style and comment issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	6b980011e5	Replace session_negotiate->ciphersuite with handshake->ciphersuite_info->id Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	53c4c27d35	Update the comment of ciphersuite check for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	64bc9bc33d	Add comments to describe the early data behavior-encrypt/rejected... Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	e04afdc44f	Refine the condition of whether re-generate early keys Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	eb31cbc791	Share the hash check code between ticket and external psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	4ef8ba2938	Assign the ciphersuite in finalize_hrr{server_hello} Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	bb883244aa	Remove useless comments of outbound switch Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	02f5e14073	Combine the alert check of selected_id and ciphercuite Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	934ce6f6a9	Rename the finalize_client{server}_hello() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	ac4c625dea	Add hash check of ciphersuite for ticket psk Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	6be8290aba	Change to CCS after client hello only if we offer early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	7179f810f1	Restore the empty lines Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	b58462157e	Refine the ciphersuite and select id check for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	7892b6caad	Refine the comment about generating early secrects in post server hello Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	bd0ab06d50	Skip CCS once we proposed early data even it is rejected Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00
Xiaokang Qian	f6d8fd3d6b	Improve the coding style of new lines Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-02-08 05:47:48 +00:00

1 2 3 4 5 ...

407 Commits