lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-25 12:41:56 +03:00
Code Activity
18,797 Commits 173 Branches 268 Tags
a81aed2dae61c3f4575253ac6aaa33de6f4014d6
Commit Graph

1518 Commits

Author SHA1 Message Date
Gilles Peskine
c63a1e0e15 Fix mbedtls_ssl_get_version() for TLSv1.3 
Test it in ssl-opt.sh.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Gilles Peskine
e1a0c25f71 New function to access the TLS version from a context as an enum 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-02-21 15:14:01 +01:00
Jerry Yu
f1b23caa4e move wrong comments 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
18621dfd23 remove extra empty line 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
50f2f703a7 remove extra guards 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
840fbb2817 guards populate_transform reference 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
4f9e3efbeb move session_save/load_tls12 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
d9d91da7c7 move sig_hash_* 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
ee40f9d4b3 move get_key_exchange_md_tls12 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
9bccc4c63f move populate_transform 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
e93ffcd2c7 move tls_prf_get_type 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
392112c058 move tls12prf_from_cs 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
0b3d7c1ea1 move parse_finished 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
3c8e47bbbf move write_finished 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
2a9fff571d move wrapup 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
aef0015ba0 move wrapup_free_hs_transform 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
b7ba49ef74 move calc_finished_tls_sha384 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
615bd6f5b9 move calc_finished_tls_sha256 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
d952669ad8 move write_certificate 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
c2c673da59 move resend_hello_request 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
ce3dca4175 move psk_derive_premaster 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
c1cb384708 move calc_verify_tls_sha384 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
8392e0dae4 move calc_verify_tls_sha256 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
d62f87e151 move derive_keys 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
2a7b5ac791 move compute_master 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
d6ab235972 move use_opaque_psk 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
f009d86186 move set_handshake_prfs 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
dc7bd17d11 move tls_prf_sha256/384 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
ed14c93008 add static prototypes 
prepare for moving functions

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:01 +08:00
Jerry Yu
53d23e2c95 Guards tls_prf functions with TLS1_2 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Jerry Yu
c73c618094 Wrap function not used by test_tls13_only 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

# Conflicts:
#	library/ssl_tls13_generic.c
 2022-02-21 09:06:00 +08:00
Jerry Yu
bef175db96 Wrap derive_keys with TLS1_2 option 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Jerry Yu
db8c48aaff tls13_only:Remove unnecessary functions 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Jerry Yu
7d2396332d fix wrong setting of max_minor version 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Jerry Yu
c5aef88be6 tls13_only: guard ssl_{cli,srv}.c with TLS1_2 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Jerry Yu
c10f6b4735 tls13_only: simple test pass 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Jerry Yu
c3091b1c8c tls13_only: compile pass 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Manuel Pégourié-Gonnard
3d1f8b9c00 Merge pull request #5532 from ronald-cron-arm/tls13_and_use_psa_crypto 
Make TLS 1.3 compatible with MBEDTLS_USE_PSA_CRYPTO
 2022-02-16 17:33:47 +01:00
Ronald Cron
b788c044b7 Use PSA status to Mbed TLS error code conversion function 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-02-15 09:14:15 +01:00
Manuel Pégourié-Gonnard
e14b644f4d Merge pull request #5456 from mpg/cleanup-ecdh-psa 
Cleanup PSA-based ECDHE in TLS 1.2
 2022-02-15 09:09:07 +01:00
Ronald Cron
f6893e11c7 Finalize PSA hash operations in TLS 1.3 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-02-11 16:10:34 +01:00
Manuel Pégourié-Gonnard
62b49cd06a Merge pull request #5472 from yuhaoth/pr/move-client-auth 
Move client_auth to handshake
 2022-02-09 10:57:00 +01:00
Ronald Cron
6ca6faa67e Merge pull request #5080 from xffbai/add-tls13-read-certificate-request 
add tls1_3 read certificate request
 2022-02-09 09:51:55 +01:00
Xiaofei Bai
c234ecf695 Update mbedtls_ssl_handshake_free() and address review comments. 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
 2022-02-08 10:26:42 +00:00
Xiaofei Bai
51f515a503 update based on comments 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
 2022-02-08 07:28:04 +00:00
Manuel Pégourié-Gonnard
422370d633 Improve a comment and fix some whitespace 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-07 11:55:21 +01:00
Przemyslaw Stekiel
6928a5164d Compile mbedtls_ssl_cipher_to_psa() conditionally under MBEDTLS_USE_PSA_CRYPTO only 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-03 14:55:24 +01:00
Manuel Pégourié-Gonnard
0d63b84fa4 Add mbedtls_ssl_check_curve_tls_id() (internal) 
This can be used to validate the server's choice of group in the PSA
case (this will be done in the next commit).

Note that new function doesn't depend on ECP_C, as it only requires
mbedtls_ssl_get_groups(), which is always available. As a general rule,
functions for defining and enforcing policy in the TLS module should not
depend on low-level modules but work with TLS-level identifiers are much
as possible, and this new function follows that principle.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-03 11:08:15 +01:00
Przemyslaw Stekiel
d66387f8fa Init psa status to PSA_ERROR_CORRUPTION_DETECTED 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-03 09:16:41 +01:00
Przemyslaw Stekiel
f9cd60853f ssl_tls1X_populate_transform(): import psa keys only if alg is not MBEDTLS_SSL_NULL_CIPHER 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-01 11:25:55 +01:00