600ded7ea5
Reserve end tag space at sig_algs_len init.
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
a68dca24ee
move overflow inside loop
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
8afd6e4308
fix typo issues in comments
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
eb821c6916
remove check_sig_hash
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
1bab301c0d
Add signature algorithm supported check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
7ddc38cedb
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
4131ec1260
Add signature algorithm length check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
a69269a711
change sig_algs_len unit to byte
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
713013fa80
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
e12f1ddcfa
fix check names fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
11f0a9c2c4
fix deprecated-declarations error
...
replace sig_hashes with sig_alg
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
6106fdc085
fix build fail without TLS13
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
f017ee4203
merge write sig_alg of tls12 and tls13
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
# Conflicts:
# library/ssl_misc.h
2022-01-25 12:46:17 +08:00
1abd1bc22f
Change write_sig_alg_ext of tls12
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:17 +08:00
0e5bcb6bf5
Replace directly access for sig_hashes
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-25 12:46:16 +08:00
fcca7cfa97
Merge pull request #5428 from gstrauss/mbedtls_ssl_ciphersuite
...
Add accessors for ciphersuite info
2022-01-24 11:13:31 +01:00
d2da19b8eb
Merge pull request #5380 from AndrzejKurek/key-id-encodes-owner-psa-fixes
...
Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO
2022-01-18 09:16:25 +01:00
188ed19456
Merge pull request #5351 from yuhaoth/pr/remove-duplicate-supported_group_ext
...
Remove duplicate function for writing supported_groups extension
2022-01-17 09:13:14 +01:00
8f52690956
Add accessors for ciphersuite info
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com >
2022-01-13 00:05:48 -05:00
b925f21806
fix comment issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-12 11:17:02 +08:00
1510cea0f3
fix coding style issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-12 10:56:49 +08:00
3ad14ac9e9
Add named group IANA value check
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-11 17:13:16 +08:00
f46b016058
skip some extensions if ephemeral not enabled
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-11 16:28:00 +08:00
63282b4321
Refactor write supported group
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-11 15:43:53 +08:00
7f029d8a94
fix coding style issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-01-11 11:08:53 +08:00
03e01461ad
Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO
...
Fix library references, tests and programs.
Testing is performed in the already present all.sh test.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com >
2022-01-03 12:53:24 +01:00
1ea9d10687
fix test_ref_configs build fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-12-21 14:52:38 +08:00
cee11296aa
Reset dhm_P and dhm_G if config call repeated
...
Reset dhm_P and dhm_G if call to mbedtls_ssl_config_defaults() repeated
to avoid leaking memory.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com >
2021-12-20 20:24:56 -05:00
1753261083
change write_supported_groups_ext prototype
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-12-20 22:32:09 +08:00
ba07342cd6
Add generic write_supported-groups_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-12-20 22:22:15 +08:00
a4174312da
Initialize hash_len before using it
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-12-13 14:38:40 +01:00
f0fd4c3aee
mbedtls_ssl_parse_finished: zeroize expected finished value on error
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-12-13 12:36:15 +01:00
050ad4bb50
Merge pull request #5313 from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac
...
Check HMAC return values
2021-12-13 10:51:27 +00:00
ecf6bebb9c
Catch failures of md_hmac operations
...
Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that
their return values should be checked.
Do check the return values in our code. We were already doing that
everywhere for hash calculations, but not for HMAC calculations.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-12-11 15:00:57 +01:00
db6adc5aad
ssl: Fix some compilation guards for TLS 1.3 signature algorithms
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-12-10 14:25:35 +01:00
6f135e1148
Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3
...
As we have now a minimal viable implementation of TLS 1.3,
let's remove EXPERIMENTAL from the config option enabling
it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-12-10 13:47:55 +01:00
b873577fc3
Merge pull request #5240 from duckpowermb/development
...
[session] fix a session copy bug
2021-12-09 09:23:23 +01:00
392113434a
Merge pull request #5263 from ronald-cron-arm/psa-test-driver_3.x
...
Forward port to 3.x: Introduce PSA test driver library to test PSA configuration
2021-12-07 12:52:20 +01:00
69a63426af
psa: Fix the size of hash buffers
...
Fix the size of hash buffers for PSA hash
operations.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-12-03 18:55:33 +01:00
0b71611c80
[session] fix a session copy bug
...
fix a possible double reference on 'ticket'
when peer_cert/peer_cert_digest calloc failed.
Signed-off-by: 吴敬辉 <11137405@vivo.com >
2021-11-29 10:50:04 +08:00
6dc90da740
Rebased on 74217ee
and add fixes
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com >
2021-11-26 08:12:43 +00:00
9539501120
Rebase and add fixes
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com >
2021-11-26 08:09:26 +00:00
746f9481ea
Fix 1_3/13 usages in macros and function names
...
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com >
2021-11-26 08:08:36 +00:00
a83014db4a
TLS1.3: Add signature scheme pkcs1 v1.5
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com >
2021-11-25 02:21:16 +00:00
e2d707fea5
Merge pull request #4866 from gabor-mezei-arm/3649_move_constant_time_functions_into_separate_module
...
Move constant-time functions into a separate module
2021-11-24 19:33:00 +01:00
be7b21da22
Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module
2021-11-24 10:44:13 +01:00
4b82ca1b70
Refine test code and test scripts
...
Change client test code to support rsa pss signatures
Add test cases for rsa pss signature in ssl-opt.sh
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com >
2021-11-22 05:50:12 +00:00
82d34ccf47
Add signature scheme rsa pss
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com >
2021-11-22 05:50:12 +00:00
bb41a88f2e
Merge pull request #5120 from yuhaoth/pr/fix-memory-leak-and-version-header
...
TLS1.3 :fix memory leak and version header
2021-11-12 13:49:26 +01:00
a1a568c2f6
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-11-09 10:17:21 +08:00