cfd925f3e8
Fix comments and remove hrr related code
...
Change-Id: Iab1fc5415b3b7f7b5bcb0a41a01f4234cc3497d6
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com >
2022-04-20 07:45:50 +00:00
9b5d04b078
Share parse_key_share() between client and server
...
Change-Id: I3fd2604296dc0e1e8380f5405429a6b0feb6e981
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com >
2022-04-20 07:43:48 +00:00
8840888fbc
Fix some CI issues
...
Change-Id: I68ee024f29b7b8dd586f2c45e91950657e76bad8
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com >
2022-04-20 07:43:48 +00:00
c5763b5efd
Change some code style
...
Change-Id: I67bb642e81693489345867ca87d7e9daa22f83ea
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com >
2022-04-20 07:43:48 +00:00
3207a32b1e
Fix unused parameter issue and not defined cookie issue
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com >
2022-04-20 07:43:48 +00:00
7807f9f5c9
Add client hello into server side
...
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com >
2022-04-20 07:43:48 +00:00
8f6d39a81d
Make some handshake TLS 1.3 utility routines available for TLS 1.2
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-03-29 14:42:17 +02:00
5b98ac9c64
TLS 1.3: Move PSA ECDH private key destroy to dedicated function
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-03-29 14:42:17 +02:00
63d97ad0bb
Merge pull request #5559 from yuhaoth/pr/add-rsae-sha384-sha512
...
Add rsae sha384 sha512
2022-03-29 14:01:51 +02:00
6c6f10265d
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-25 11:09:50 +08:00
f8aa9a44aa
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-23 20:54:38 +08:00
8c3388620d
create sig_alg decode function
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-23 13:34:04 +08:00
0c23fc39c3
fix various guards issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-23 12:20:01 +08:00
cef3f33012
Guard rsa sig algs with rsa_c and pkcs1_v{15,21}
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-22 23:16:42 +08:00
e91a51a539
Refactor get_sig_alg_from pk
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-22 21:42:50 +08:00
3616533d26
tls13:remove ec check from validate certification
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-22 19:46:05 +08:00
dddf5a0e18
Refactor get_sig_alg_from_pk
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-22 15:47:19 +08:00
406cf27cb5
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-22 15:14:53 +08:00
8beb9e173d
Change prototype of pk_sign_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-22 15:13:34 +08:00
67eced0132
replace pk_sign with pk_sign_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-22 15:13:34 +08:00
3a58b462b6
add pss_rsae_sha{384,512}
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-22 15:13:34 +08:00
919130c035
Add rsa_pss_rsae_sha256 support
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-03-22 15:13:33 +08:00
a8b38879e1
Move state change from CLIENT_CERTIFICATE_VERIFY to its main handler
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-03-10 13:58:17 +01:00
7a94aca81a
Move state change from CLIENT_CERTIFICATE to its main handler
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-03-10 13:58:04 +01:00
5bb8fc830a
Call Certificate writing generic handler only if necessary
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-03-09 07:51:52 +01:00
9f55f6316e
Move state change from CSS states to their main handler
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-03-09 07:51:52 +01:00
66dbf9118e
TLS 1.3: Do not send handshake data in handshake step handlers
...
Send data (call to mbedtls_ssl_flush_output()) only from
the loop over the handshake steps. That way, we do not
have to take care of the partial writings (MBEDTLS_ERR_SSL_WANT_WRITE
error code) on the network in handshake step handlers.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-03-09 07:51:52 +01:00
9df7c80c78
TLS 1.3: Always go through the CLIENT_CERTIFICATE state
...
Even if certificate authentication is disabled at build
time, go through the MBEDTLS_SSL_CLIENT_CERTIFICATE state.
It simplifies overall the code for a small code size
cost when certificate authentication is disabled at build
time. Furthermore that way we have only one point in the
code where we switch to the handshake keys for record
encryption.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-03-09 07:50:08 +01:00
d815114f93
Merge pull request #5524 from mprse/tls_ecdh_2c
...
TLS ECDH 2c: ECHDE in TLS 1.3 (client-side)
2022-03-08 11:43:45 +01:00
71f36f1d2e
change alert message type
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-23 17:34:29 +08:00
0b7b101b3b
fix warnings
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-23 12:26:48 +08:00
2ff6ba1df0
Remove rsa_pss_rsae_sha256 support.
...
Sign rsa is not thread safe. Remove it from current code.
And a thread-safe version should be re-introduce in future.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-23 10:38:25 +08:00
782720787f
Refactor write_certificate_verify
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:28:13 +08:00
2124d05e06
Add sha384 and sha512 case
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
d66409ae92
Add non support sig alg check and test
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
c8d8d4e01a
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
7db5b8f68c
add rsa_pss_rsae_sha256 write support
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
3391ac00d3
fix various issue
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
ca133a34c5
Change state machine
...
Skip CertificateVerfiy if empty certificate or no
CertificateRequest received.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
537530d57a
Add certificate request echo
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
3e536442f5
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
7399d0d806
refactor write certificate
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
32e0c2d526
fix server only build fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
90f152dfac
fix psk only build fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
8511f125af
Add certificteVerify
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
5cc3506c9f
Add write certificate and client handler
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
566c781290
Add dummy state for client_certifiate
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-22 10:17:58 +08:00
fb4b6478ee
tls13_only: improve guards of files.
...
To improve readability of the preprocess guards.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2022-02-21 09:06:00 +08:00
4b3fff43a8
Destroy ecdh_psa_privkey on HRR
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com >
2022-02-15 08:53:26 +01:00
6ca6faa67e
Merge pull request #5080 from xffbai/add-tls13-read-certificate-request
...
add tls1_3 read certificate request
2022-02-09 09:51:55 +01:00