Jerry Yu 
							
						 
					 
					
						
						
							
						
						f86eb75c58 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-05-06 11:16:55 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						e110d258d9 
					 
					
						
						
							
							Add set outbound transform  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-05-05 19:59:59 +08:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
							
						
						07c641605e 
					 
					
						
						
							
							Rename mbedtls_ssl_transform minor_ver to tls_version  
						
						... 
						
						
						
						Store the TLS version in tls_version instead of minor version number.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com > 
						
						
					 
					
						2022-04-14 15:23:54 -04:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						29e7ca89d5 
					 
					
						
						
							
							Fix typo  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-03-29 17:08:49 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						c09437526c 
					 
					
						
						
							
							Remove commented out code  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-03-29 17:08:15 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						ed6d6589b3 
					 
					
						
						
							
							Use hash algoritm for parameter instead of HMAC  
						
						... 
						
						
						
						To be compatible with the other functions `mbedtls_psa_hkdf_extract` and
`mbedtls_psa_hkdf_expand` use hash algorithm for parameter.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-03-26 17:28:06 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						07732f7015 
					 
					
						
						
							
							Translate from mbedtls_md_type_t to psa_algorithm_t  
						
						... 
						
						
						
						Do the translation as early as possible from mbedtls_md_type_t to psa_algorithm_t.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-03-26 17:04:19 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						5d9a1fe9e9 
					 
					
						
						
							
							PSA code depends on MBEDTLS_SSL_PROTO_TLS1_3  
						
						... 
						
						
						
						With TLS 1.3 support MBEDTLS_PSA_CRYPTO_C is enabled so PSA support
is always enabled.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-03-26 15:47:15 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						58db65354b 
					 
					
						
						
							
							Use the PSA-based HKDF functions  
						
						... 
						
						
						
						Use the `mbedtls_psa_hkdf_extract` and `mbedtls_psa_hkdf_expand`
functions in the HKDF handling.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-03-21 17:00:53 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						8d4bc5eeb9 
					 
					
						
						
							
							Merge pull request  #5481  from gabor-mezei-arm/5401_implement_hkdf_extract_based_on_psa_hmac  
						
						... 
						
						
						
						HKDF 1a: Implement Extract in TLS 1.3 based on PSA HMAC 
						
						
					 
					
						2022-03-17 11:55:48 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						d815114f93 
					 
					
						
						
							
							Merge pull request  #5524  from mprse/tls_ecdh_2c  
						
						... 
						
						
						
						TLS ECDH 2c: ECHDE in TLS 1.3 (client-side) 
						
						
					 
					
						2022-03-08 11:43:45 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						d860e0f18b 
					 
					
						
						
							
							Add comment  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-21 15:46:39 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						0e7c6f4961 
					 
					
						
						
							
							Check return value of psa_destroy_key  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-21 15:46:39 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						26c6741c58 
					 
					
						
						
							
							Add better name for variable.  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-21 15:46:39 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						c5efb8e58b 
					 
					
						
						
							
							Use PSA error code  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-21 15:46:38 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						89c1a95f8f 
					 
					
						
						
							
							Delete leftover code  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-21 15:42:59 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						62bf024025 
					 
					
						
						
							
							Make the mbedtls_psa_hkdf_extract function more PSA compatible  
						
						... 
						
						
						
						Change the return value to `psa_status_t`.
Add `prk_size` and `prk_len` parameters.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-21 15:42:57 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						9f4bb319c9 
					 
					
						
						
							
							Implement HKDF extract in TLS 1.3 based on PSA HMAC  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-21 15:23:29 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						8e3602569b 
					 
					
						
						
							
							Typo  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-17 11:50:02 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						8d5a4cbfdb 
					 
					
						
						
							
							Check return value of psa_destroy_key  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-15 16:23:17 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						833713c35c 
					 
					
						
						
							
							Add better name for variable  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-15 16:16:08 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						c0824bfb11 
					 
					
						
						
							
							Change mbedtls_ssl_tls13_key_schedule_stage_handshake() to use psa_raw_key_agreement()  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-02-14 10:19:45 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						9607ab4dbd 
					 
					
						
						
							
							Prevent function not used compilation error  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-10 10:57:24 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						a3eecd242c 
					 
					
						
						
							
							Implement HKDF expand in TLS 1.3 based on PSA HMAC  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-02-10 10:57:23 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						f9cd60853f 
					 
					
						
						
							
							ssl_tls1X_populate_transform(): import psa keys only if alg is not MBEDTLS_SSL_NULL_CIPHER  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-02-01 11:25:55 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						77aec8d181 
					 
					
						
						
							
							Rename ssl_psa_status_to_mbedtls->psa_ssl_status_to_mbedtls  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 20:22:53 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						89dad93a78 
					 
					
						
						
							
							Rename psa_status_to_mbedtls->ssl_psa_status_to_mbedtls and add conversion for PSA_ERROR_INVALID_SIGNATURE  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 15:39:24 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						f57b45660d 
					 
					
						
						
							
							Rename tls_mbedtls_cipher_to_psa() to be consistent with function naming convention.  
						
						... 
						
						
						
						New function name:  mbedtls_ssl_cipher_to_psa().
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 15:38:29 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						9b22c2b1e6 
					 
					
						
						
							
							Rename: mbedtls_cipher_to_psa -> tls_mbedtls_cipher_to_psa  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 15:38:29 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						6be9cf542f 
					 
					
						
						
							
							Cleanup the code  
						
						... 
						
						
						
						Use conditional compilation for psa and mbedtls code (MBEDTLS_USE_PSA_CRYPTO).
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 15:38:29 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						fe7397d8a7 
					 
					
						
						
							
							Fix key attributes encrypt or decrypt only (not both)  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 15:38:29 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						dd7b501c92 
					 
					
						
						
							
							Move PSA init after taglen is set  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 15:38:29 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						e87475d834 
					 
					
						
						
							
							Move psa_status_to_mbedtls to ssl_misc.h  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 15:38:29 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						1fe065b235 
					 
					
						
						
							
							Fix conditional compilation (MBEDTLS_USE_PSA_CRYPTO)  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 15:38:29 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						76e1583483 
					 
					
						
						
							
							Convert psa status to mbedtls  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 15:38:28 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						11a33e6d90 
					 
					
						
						
							
							Use PSA_BITS_TO_BYTES macro to convert key bits to bytes  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 15:38:28 +01:00 
						 
				 
			
				
					
						
							
							
								Przemyslaw Stekiel 
							
						 
					 
					
						
						
							
						
						ae77b0ab28 
					 
					
						
						
							
							mbedtls_ssl_tls13_populate_transform: store the en/decryption keys and alg in the new fields  
						
						... 
						
						
						
						Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-01-31 15:38:28 +01:00 
						 
				 
			
				
					
						
							
							
								lhuang04 
							
						 
					 
					
						
						
							
						
						a3890a3427 
					 
					
						
						
							
							Swap the client and server random for TLS 1.3  
						
						... 
						
						
						
						Summary:
Test Plan:
Reviewers:
Subscribers:
Tasks:
Tags:
Signed-off-by: lhuang04 <lhuang04@fb.com > 
						
						
					 
					
						2022-01-27 06:00:43 -08:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						6f135e1148 
					 
					
						
						
							
							Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3  
						
						... 
						
						
						
						As we have now a minimal viable implementation of TLS 1.3,
let's remove EXPERIMENTAL from the config option enabling
it.
Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2021-12-10 13:47:55 +01:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						a5563f6115 
					 
					
						
						
							
							move position of base_key init  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-10 18:14:36 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						b737f6a9be 
					 
					
						
						
							
							move base_key init  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-10 17:55:59 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						9c07473ebc 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-10 17:12:43 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						889b3b76da 
					 
					
						
						
							
							fix clang build fail  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-10 12:57:45 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						4a2fa5d0aa 
					 
					
						
						
							
							Move erase handshake secrets  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-10 10:37:14 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						27224f58be 
					 
					
						
						
							
							fix coding style issue  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-10 10:33:27 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						23ab7a46a3 
					 
					
						
						
							
							move zeroize master secrets  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-10 10:33:27 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						2c70a39d97 
					 
					
						
						
							
							move zeroize randbytes  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-10 10:33:27 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						6eaa41c15e 
					 
					
						
						
							
							Fix overflow error  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2021-12-06 18:16:30 +08:00 
						 
				 
			
				
					
						
							
							
								Xiaofei Bai 
							
						 
					 
					
						
						
							
						
						d25fab6f79 
					 
					
						
						
							
							Update based on comments  
						
						... 
						
						
						
						Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com > 
						
						
					 
					
						2021-12-02 06:36:27 +00:00 
						 
				 
			
				
					
						
							
							
								Xiaofei Bai 
							
						 
					 
					
						
						
							
						
						feecbbbb93 
					 
					
						
						
							
							Fix some variable names in code comment  
						
						... 
						
						
						
						Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com > 
						
						
					 
					
						2021-11-26 08:08:36 +00:00