lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-09 10:01:18 +03:00
Code
32,322 Commits 172 Branches 268 Tags
Commit Graph

347 Commits

Author SHA1 Message Date
XiaokangQian
cfd925f3e8 Fix comments and remove hrr related code 
Change-Id: Iab1fc5415b3b7f7b5bcb0a41a01f4234cc3497d6
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 07:45:50 +00:00
XiaokangQian
9b5d04b078 Share parse_key_share() between client and server 
Change-Id: I3fd2604296dc0e1e8380f5405429a6b0feb6e981
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 07:43:48 +00:00
XiaokangQian
8840888fbc Fix some CI issues 
Change-Id: I68ee024f29b7b8dd586f2c45e91950657e76bad8
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 07:43:48 +00:00
XiaokangQian
c5763b5efd Change some code style 
Change-Id: I67bb642e81693489345867ca87d7e9daa22f83ea
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 07:43:48 +00:00
XiaokangQian
3207a32b1e Fix unused parameter issue and not defined cookie issue 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 07:43:48 +00:00
XiaokangQian
7807f9f5c9 Add client hello into server side 
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
 2022-04-20 07:43:48 +00:00
Ronald Cron
8f6d39a81d Make some handshake TLS 1.3 utility routines available for TLS 1.2 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-29 14:42:17 +02:00
Ronald Cron
5b98ac9c64 TLS 1.3: Move PSA ECDH private key destroy to dedicated function 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-29 14:42:17 +02:00
Ronald Cron
63d97ad0bb
Merge pull request #5559 from yuhaoth/pr/add-rsae-sha384-sha512 
Add rsae sha384 sha512
 2022-03-29 14:01:51 +02:00
Jerry Yu
6c6f10265d fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-25 11:09:50 +08:00
Jerry Yu
f8aa9a44aa fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 20:54:38 +08:00
Jerry Yu
8c3388620d create sig_alg decode function 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 13:34:04 +08:00
Jerry Yu
0c23fc39c3 fix various guards issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-23 12:20:01 +08:00
Jerry Yu
cef3f33012 Guard rsa sig algs with rsa_c and pkcs1_v{15,21} 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 23:16:42 +08:00
Jerry Yu
e91a51a539 Refactor get_sig_alg_from pk 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 21:42:50 +08:00
Jerry Yu
3616533d26 tls13:remove ec check from validate certification 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 19:46:05 +08:00
Jerry Yu
dddf5a0e18 Refactor get_sig_alg_from_pk 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:47:19 +08:00
Jerry Yu
406cf27cb5 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:14:53 +08:00
Jerry Yu
8beb9e173d Change prototype of pk_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
67eced0132 replace pk_sign with pk_sign_ext 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
3a58b462b6 add pss_rsae_sha{384,512} 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:34 +08:00
Jerry Yu
919130c035 Add rsa_pss_rsae_sha256 support 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-03-22 15:13:33 +08:00
Ronald Cron
a8b38879e1 Move state change from CLIENT_CERTIFICATE_VERIFY to its main handler 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-10 13:58:17 +01:00
Ronald Cron
7a94aca81a Move state change from CLIENT_CERTIFICATE to its main handler 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-10 13:58:04 +01:00
Ronald Cron
5bb8fc830a Call Certificate writing generic handler only if necessary 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-09 07:51:52 +01:00
Ronald Cron
9f55f6316e Move state change from CSS states to their main handler 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-09 07:51:52 +01:00
Ronald Cron
66dbf9118e TLS 1.3: Do not send handshake data in handshake step handlers 
Send data (call to mbedtls_ssl_flush_output()) only from
the loop over the handshake steps. That way, we do not
have to take care of the partial writings (MBEDTLS_ERR_SSL_WANT_WRITE
error code) on the network in handshake step handlers.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-09 07:51:52 +01:00
Ronald Cron
9df7c80c78 TLS 1.3: Always go through the CLIENT_CERTIFICATE state 
Even if certificate authentication is disabled at build
time, go through the MBEDTLS_SSL_CLIENT_CERTIFICATE state.
It simplifies overall the code for a small code size
cost when certificate authentication is disabled at build
time. Furthermore that way we have only one point in the
code where we switch to the handshake keys for record
encryption.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-03-09 07:50:08 +01:00
Manuel Pégourié-Gonnard
d815114f93
Merge pull request #5524 from mprse/tls_ecdh_2c 
TLS ECDH 2c: ECHDE in TLS 1.3 (client-side)
 2022-03-08 11:43:45 +01:00
Jerry Yu
71f36f1d2e change alert message type 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-23 17:34:29 +08:00
Jerry Yu
0b7b101b3b fix warnings 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-23 12:26:48 +08:00
Jerry Yu
2ff6ba1df0 Remove rsa_pss_rsae_sha256 support. 
Sign rsa is not thread safe. Remove it from current code.
And a thread-safe version should be re-introduce in future.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-23 10:38:25 +08:00
Jerry Yu
782720787f Refactor write_certificate_verify 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:28:13 +08:00
Jerry Yu
2124d05e06 Add sha384 and sha512 case 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
d66409ae92 Add non support sig alg check and test 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
c8d8d4e01a fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
7db5b8f68c add rsa_pss_rsae_sha256 write support 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
3391ac00d3 fix various issue 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
ca133a34c5 Change state machine 
Skip CertificateVerfiy if empty certificate or no
CertificateRequest received.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
537530d57a Add certificate request echo 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
3e536442f5 fix various issues 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
7399d0d806 refactor write certificate 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
32e0c2d526 fix server only build fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
90f152dfac fix psk only build fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
8511f125af Add certificteVerify 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
5cc3506c9f Add write certificate and client handler 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
566c781290 Add dummy state for client_certifiate 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-22 10:17:58 +08:00
Jerry Yu
fb4b6478ee tls13_only: improve guards of files. 
To improve readability of the preprocess guards.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-21 09:06:00 +08:00
Przemyslaw Stekiel
4b3fff43a8 Destroy ecdh_psa_privkey on HRR 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-15 08:53:26 +01:00
Ronald Cron
6ca6faa67e
Merge pull request #5080 from xffbai/add-tls13-read-certificate-request 
add tls1_3 read certificate request
 2022-02-09 09:51:55 +01:00