Jerry Yu 
							
						 
					 
					
						
						
							
						
						a69269a711 
					 
					
						
						
							
							change sig_algs_len unit to byte  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-25 12:46:17 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						713013fa80 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-25 12:46:17 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						e12f1ddcfa 
					 
					
						
						
							
							fix check names fail  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-25 12:46:17 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						11f0a9c2c4 
					 
					
						
						
							
							fix deprecated-declarations error  
						
						... 
						
						
						
						replace sig_hashes with sig_alg
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-25 12:46:17 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						6106fdc085 
					 
					
						
						
							
							fix build fail without TLS13  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-25 12:46:17 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						f017ee4203 
					 
					
						
						
							
							merge write sig_alg of tls12 and tls13  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
# Conflicts:
#	library/ssl_misc.h 
						
						
					 
					
						2022-01-25 12:46:17 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						1abd1bc22f 
					 
					
						
						
							
							Change write_sig_alg_ext of tls12  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-25 12:46:17 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						0e5bcb6bf5 
					 
					
						
						
							
							Replace directly access for sig_hashes  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-25 12:46:16 +08:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						fcca7cfa97 
					 
					
						
						
							
							Merge pull request  #5428  from gstrauss/mbedtls_ssl_ciphersuite  
						
						... 
						
						
						
						Add accessors for ciphersuite info 
						
						
					 
					
						2022-01-24 11:13:31 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						d2da19b8eb 
					 
					
						
						
							
							Merge pull request  #5380  from AndrzejKurek/key-id-encodes-owner-psa-fixes  
						
						... 
						
						
						
						Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO 
						
						
					 
					
						2022-01-18 09:16:25 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						188ed19456 
					 
					
						
						
							
							Merge pull request  #5351  from yuhaoth/pr/remove-duplicate-supported_group_ext  
						
						... 
						
						
						
						Remove duplicate function for writing supported_groups extension 
						
						
					 
					
						2022-01-17 09:13:14 +01:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
							
						
						8f52690956 
					 
					
						
						
							
							Add accessors for ciphersuite info  
						
						... 
						
						
						
						Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com > 
						
						
					 
					
						2022-01-13 00:05:48 -05:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						b925f21806 
					 
					
						
						
							
							fix comment issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-12 11:17:02 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						1510cea0f3 
					 
					
						
						
							
							fix coding style issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-12 10:56:49 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						3ad14ac9e9 
					 
					
						
						
							
							Add named group IANA value check  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-11 17:13:16 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						f46b016058 
					 
					
						
						
							
							skip some extensions if ephemeral not enabled  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-11 16:28:00 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						63282b4321 
					 
					
						
						
							
							Refactor write supported group  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-11 15:43:53 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						7f029d8a94 
					 
					
						
						
							
							fix coding style issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-01-11 11:08:53 +08:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
							
						
						03e01461ad 
					 
					
						
						
							
							Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO  
						
						... 
						
						
						
						Fix library references, tests and programs.
Testing is performed in the already present all.sh test.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com > 
						
						
					 
					
						2022-01-03 12:53:24 +01:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						1ea9d10687 
					 
					
						
						
							
							fix test_ref_configs build fail  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-21 14:52:38 +08:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
							
						
						cee11296aa 
					 
					
						
						
							
							Reset dhm_P and dhm_G if config call repeated  
						
						... 
						
						
						
						Reset dhm_P and dhm_G if call to mbedtls_ssl_config_defaults() repeated
to avoid leaking memory.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com > 
						
						
					 
					
						2021-12-20 20:24:56 -05:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						1753261083 
					 
					
						
						
							
							change write_supported_groups_ext prototype  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-20 22:32:09 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						ba07342cd6 
					 
					
						
						
							
							Add generic write_supported-groups_ext  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-20 22:22:15 +08:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						a4174312da 
					 
					
						
						
							
							Initialize hash_len before using it  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2021-12-13 14:38:40 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						f0fd4c3aee 
					 
					
						
						
							
							mbedtls_ssl_parse_finished: zeroize expected finished value on error  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2021-12-13 12:36:15 +01:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						050ad4bb50 
					 
					
						
						
							
							Merge pull request  #5313  from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac  
						
						... 
						
						
						
						Check HMAC return values 
						
						
					 
					
						2021-12-13 10:51:27 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						ecf6bebb9c 
					 
					
						
						
							
							Catch failures of md_hmac operations  
						
						... 
						
						
						
						Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that
their return values should be checked.
Do check the return values in our code. We were already doing that
everywhere for hash calculations, but not for HMAC calculations.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2021-12-11 15:00:57 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						db6adc5aad 
					 
					
						
						
							
							ssl: Fix some compilation guards for TLS 1.3 signature algorithms  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2021-12-10 14:25:35 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						6f135e1148 
					 
					
						
						
							
							Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3  
						
						... 
						
						
						
						As we have now a minimal viable implementation of TLS 1.3,
let's remove EXPERIMENTAL from the config option enabling
it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2021-12-10 13:47:55 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						b873577fc3 
					 
					
						
						
							
							Merge pull request  #5240  from duckpowermb/development  
						
						... 
						
						
						
						[session] fix a session copy bug 
						
						
					 
					
						2021-12-09 09:23:23 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						392113434a 
					 
					
						
						
							
							Merge pull request  #5263  from ronald-cron-arm/psa-test-driver_3.x  
						
						... 
						
						
						
						Forward port to 3.x: Introduce PSA test driver library to test PSA configuration 
						
						
					 
					
						2021-12-07 12:52:20 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						69a63426af 
					 
					
						
						
							
							psa: Fix the size of hash buffers  
						
						... 
						
						
						
						Fix the size of hash buffers for PSA hash
operations.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2021-12-03 18:55:33 +01:00 
						 
				 
			
				
					
						
							
							
								吴敬辉 
							
						 
					 
					
						
						
							
						
						0b71611c80 
					 
					
						
						
							
							[session] fix a session copy bug  
						
						... 
						
						
						
						fix a possible double reference on 'ticket'
when peer_cert/peer_cert_digest calloc failed.
Signed-off-by: 吴敬辉 <11137405@vivo.com > 
						
						
					 
					
						2021-11-29 10:50:04 +08:00 
						 
				 
			
				
					
						
							
							
								Xiaofei Bai 
							
						 
					 
					
						
						
							
						
						6dc90da740 
					 
					
						
						
							
							Rebased on  74217ee and add fixes  
						
						... 
						
						
						
						Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com > 
						
						
					 
					
						2021-11-26 08:12:43 +00:00 
						 
				 
			
				
					
						
							
							
								Xiaofei Bai 
							
						 
					 
					
						
						
							
						
						9539501120 
					 
					
						
						
							
							Rebase and add fixes  
						
						... 
						
						
						
						Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com > 
						
						
					 
					
						2021-11-26 08:09:26 +00:00 
						 
				 
			
				
					
						
							
							
								Xiaofei Bai 
							
						 
					 
					
						
						
							
						
						746f9481ea 
					 
					
						
						
							
							Fix 1_3/13 usages in macros and function names  
						
						... 
						
						
						
						Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com > 
						
						
					 
					
						2021-11-26 08:08:36 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						a83014db4a 
					 
					
						
						
							
							TLS1.3: Add signature scheme pkcs1 v1.5  
						
						... 
						
						
						
						Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2021-11-25 02:21:16 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						e2d707fea5 
					 
					
						
						
							
							Merge pull request  #4866  from gabor-mezei-arm/3649_move_constant_time_functions_into_separate_module  
						
						... 
						
						
						
						Move constant-time functions into a separate module 
						
						
					 
					
						2021-11-24 19:33:00 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						be7b21da22 
					 
					
						
						
							
							Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module  
						
						
						
						
					 
					
						2021-11-24 10:44:13 +01:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						4b82ca1b70 
					 
					
						
						
							
							Refine test code and test scripts  
						
						... 
						
						
						
						Change client test code to support rsa pss signatures
Add test cases for rsa pss signature in ssl-opt.sh
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2021-11-22 05:50:12 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						82d34ccf47 
					 
					
						
						
							
							Add signature scheme rsa pss  
						
						... 
						
						
						
						Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2021-11-22 05:50:12 +00:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						bb41a88f2e 
					 
					
						
						
							
							Merge pull request  #5120  from yuhaoth/pr/fix-memory-leak-and-version-header  
						
						... 
						
						
						
						TLS1.3 :fix memory leak and version header 
						
						
					 
					
						2021-11-12 13:49:26 +01:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						a1a568c2f6 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-11-09 10:17:21 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						ba9c727e94 
					 
					
						
						
							
							fix memory leak issue  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-10-30 20:23:45 +08:00 
						 
				 
			
				
					
						
							
							
								Brett Warren 
							
						 
					 
					
						
						
							
						
						e0edc8407b 
					 
					
						
						
							
							Add mbedtls_ssl_conf_groups to API  
						
						... 
						
						
						
						mbedtls_ssl_conf_groups allows supported groups for key
sharing to be configured via their IANA NamedGroup ID.
This is added in anticipation of PQC and Hybrid key
sharing algorithms being integrated into Mbed TLS.
mbedtls_ssl_conf_curves is deprecated in favor of
mbedtls_ssl_conf_groups. handshake_init has been
modified to translate and copy curves configured
via conf_curves into a heap allocatied array of
NamedGroup IDs. This allows the refactoring of code
interacting with conf_curve related variables (such
as curve_list) to use NamedGroup IDs while retaining
the deprecated API.
Signed-off-by: Brett Warren <brett.warren@arm.com > 
						
						
					 
					
						2021-10-29 11:27:00 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						90437e3762 
					 
					
						
						
							
							Rename constant-time functions to have mbedtls_ct prefix  
						
						... 
						
						
						
						Rename functions to better suite with the module name.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-10-20 11:59:27 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						9202ba37b1 
					 
					
						
						
							
							Merge pull request  #4960  from mpg/cleanup-tls-cipher-psa-3.x  
						
						... 
						
						
						
						Clean up some remnants of TLS pre-1.2 support 
						
						
					 
					
						2021-10-19 21:59:15 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						765862c4f3 
					 
					
						
						
							
							Move mbedtls_cf_memcmp to a new public header  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2021-10-19 12:22:25 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						6210320215 
					 
					
						
						
							
							Merge pull request  #4989  from AndrzejKurek/remove-ssl-export-keys  
						
						... 
						
						
						
						Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on 
						
						
					 
					
						2021-10-18 17:53:56 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						e23bba04ee 
					 
					
						
						
							
							Merge pull request  #4927  from yuhaoth/pr/add-tls13-serverhello-utils  
						
						... 
						
						
						
						TLS 1.3: ServerHello: add  utils functions used by ServerHello
Regarding the merge job, there was only one of the failure we currently encounter on almost all PR (Session resume using tickets, DTLS: openssl client test case see #5012 ) thus we can consider that this PR passed CI. 
						
						
					 
					
						2021-10-11 11:01:11 +02:00