Jerry Yu 
							
						 
					 
					
						
						
							
						
						f3b46b5082 
					 
					
						
						
							
							Add debug message  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-06-29 16:16:05 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						f55886a217 
					 
					
						
						
							
							fix various issues  
						
						... 
						
						
						
						Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-06-29 16:13:46 +08:00 
						 
				 
			
				
					
						
							
							
								Jerry Yu 
							
						 
					 
					
						
						
							
						
						f0cda410a4 
					 
					
						
						
							
							remove default sig_hashes  
						
						... 
						
						
						
						And add pss_rsae_* sig_algs to fix
`Handshake TLS 1.3` test fails, which
is part of `test_suite_ssl`
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com > 
						
						
					 
					
						2022-06-29 16:13:45 +08:00 
						 
				 
			
				
					
						
							
							
								Glenn Strauss 
							
						 
					 
					
						
						
							
						
						999ef70b27 
					 
					
						
						
							
							Add accessors to config DN hints for cert request  
						
						... 
						
						
						
						mbedtls_ssl_conf_dn_hints()
mbedtls_ssl_set_hs_dn_hints()
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com > 
						
						
					 
					
						2022-06-28 12:43:59 -04:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						9f1176a793 
					 
					
						
						
							
							Move preferred_hash_for_sig_alg() check after ssl_pick_cert() and check if hash alg is supported with mbedtls_pk_can_do_ext()  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-06-28 18:12:17 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						b94854f8e3 
					 
					
						
						
							
							Merge pull request  #5973  from ronald-cron-arm/tls13-misc-tests  
						
						... 
						
						
						
						TLS 1.3: Enable and add tests 
						
						
					 
					
						2022-06-28 09:15:17 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						ad8c17b9c6 
					 
					
						
						
							
							tls: Add overread/overwrite check failure tracking  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-06-27 09:28:49 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						1938588e80 
					 
					
						
						
							
							tls13: Align some debug messages with TLS 1.2 ones  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2022-06-24 12:06:46 +02:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						0b776e282a 
					 
					
						
						
							
							Change some comments for alpn  
						
						... 
						
						
						
						Change-Id: Idf066e94cede9d26aa41d632c3a81dafcee38587
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-06-24 09:04:59 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						95d5f549f1 
					 
					
						
						
							
							Fix coding styles  
						
						... 
						
						
						
						Change-Id: I0ac8ddab13767b0188112dfbbdb2264d36ed230a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-06-24 05:42:15 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						c740345c5b 
					 
					
						
						
							
							Adress review comments  
						
						... 
						
						
						
						Change Code styles
Add test cases
Change-Id: I022bfc66fe509fe767319c4fe5f2541ee05e96fd
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-06-23 03:24:12 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						acb3992251 
					 
					
						
						
							
							Add ALPN extension to the server side  
						
						... 
						
						
						
						CustomizedGitHooks: yes
Change-Id: I6fe1516963e7b5727710872ee91fea7fc51d2776
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-06-22 06:34:58 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						a3115dc0e6 
					 
					
						
						
							
							Mark static int SSL functions CHECK_RETURN_CRITICAL  
						
						... 
						
						
						
						Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com > 
						
						
					 
					
						2022-06-20 21:12:52 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						66b0d61718 
					 
					
						
						
							
							Add comments when can_do() is safe to use  
						
						... 
						
						
						
						Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com > 
						
						
					 
					
						2022-06-20 21:12:29 +02:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						75fe8c7e54 
					 
					
						
						
							
							Change place of ssl_tls13_check_ephemeral_key_exchange  
						
						... 
						
						
						
						Change-Id: Id49172f7375e2a0771ad1216fb7eead808f0db3e
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-06-15 09:42:45 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						129aeb9b0e 
					 
					
						
						
							
							Update test cases and support sni ca override  
						
						... 
						
						
						
						Change-Id: I6052acde0b0ec1c25537f8dd81a35562da05a393
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-06-02 09:29:18 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						f2a942073e 
					 
					
						
						
							
							Fix SNI test failure  
						
						... 
						
						
						
						Change-Id: Id3fce36af9bc52cac858b473168451945aa974f4
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-05-30 08:07:16 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						9b2b7716b0 
					 
					
						
						
							
							Change mbedtls_ssl_parse_server_name_ext base on comments  
						
						... 
						
						
						
						Change-Id: I4ae831925cb1899afafb7dc626bfad9be24a5c8c
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-05-30 08:07:16 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						40a3523eb7 
					 
					
						
						
							
							Add support of server name extension to server side  
						
						... 
						
						
						
						Change-Id: Iccf5017e306ba6ead2e1026a29f397ead084cc4d
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-05-30 08:07:16 +00:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						8395d7a37d 
					 
					
						
						
							
							Change guard of mbedtls_ssl_cipher_to_psa() with USE_PSA_CRYPTO || SSL_PROTO_TLS1_3  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-05-18 13:24:34 +02:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						9edf51d8cd 
					 
					
						
						
							
							Merge pull request  #5785  from gabor-mezei-arm/5460_unify_parsing_sig_alg_ext  
						
						... 
						
						
						
						Unify parsing of the signature algorithms extension in TLS 1.2 and TLS 1.3
CI ABI API check job failure is expected as the PR do some changes in ssl_misc.h.
@RcColes if you eventually want to request some changes, they can be done in a follow-up PR. 
						
						
					 
					
						2022-05-17 17:01:55 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						696956da24 
					 
					
						
						
							
							Typo  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-05-13 17:02:19 +02:00 
						 
				 
			
				
					
						
							
							
								Andrzej Kurek 
							
						 
					 
					
						
						
							
						
						5c65c5781f 
					 
					
						
						
							
							Fix additional misspellings found by codespell  
						
						... 
						
						
						
						Remaining hits seem to be hex data, certificates,
and other miscellaneous exceptions.
List generated by running codespell -w -L 
keypair,Keypair,KeyPair,keyPair,ciph,nd
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com > 
						
						
					 
					
						2022-05-11 21:25:54 +01:00 
						 
				 
			
				
					
						
							
							
								Shaun Case 
							
						 
					 
					
						
						
							
						
						8b0ecbccf4 
					 
					
						
						
							
							Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell.  
						
						... 
						
						
						
						Signed-off-by: Shaun Case <warmsocks@gmail.com >
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com > 
						
						
					 
					
						2022-05-11 21:25:51 +01:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						c1051b62aa 
					 
					
						
						
							
							Remove MBEDTLS_SSL_SIG_ALG_SET macro  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-05-11 14:29:19 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						3631cf693a 
					 
					
						
						
							
							Rename signiture algorithm macros to better suite with TLS 1.2  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-05-11 14:29:19 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						a3d016ce41 
					 
					
						
						
							
							Rename and rewrite mbedtls_ssl_sig_hash_set_find function  
						
						... 
						
						
						
						Rename `mbedtls_ssl_sig_hash_set_find` function to a suitable name
and rewrite to operate TLS signature algorithm identifiers.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-05-11 14:29:18 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						15b95a6c52 
					 
					
						
						
							
							Use common macro for the invalid signiture algorithm botn in TLS 1.2 and 1.3  
						
						... 
						
						
						
						Introduce a new macro MBEDTLS_TLS_SIG_NONE for invalid signiture algorithm.
It is intended to use in common code of TLS 1.2 and 1.3.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-05-11 14:29:18 +02:00 
						 
				 
			
				
					
						
							
							
								Gabor Mezei 
							
						 
					 
					
						
						
							
						
						078e803d2c 
					 
					
						
						
							
							Unify parsing of the signature algorithms extension  
						
						... 
						
						
						
						Signed-off-by: Gabor Mezei <gabor.mezei@arm.com > 
						
						
					 
					
						2022-05-11 14:29:08 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						9bbb7bacae 
					 
					
						
						
							
							Merge pull request  #5791  from superna9999/5788-unify-non-opaque-and-opaque-psks  
						
						... 
						
						
						
						Unify non-opaque and opaque PSKs 
						
						
					 
					
						2022-05-09 10:15:16 +02:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						aad9b0a286 
					 
					
						
						
							
							Update code base on comments  
						
						... 
						
						
						
						Change-Id: Ibc5043154515d2801565a2b99741dfda1344211c
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-05-09 01:11:21 +00:00 
						 
				 
			
				
					
						
							
							
								XiaokangQian 
							
						 
					 
					
						
						
							
						
						eaf3651e31 
					 
					
						
						
							
							Rebase and solve conflicts  
						
						... 
						
						
						
						Change handshake_msg related functions
Share the ssl_write_sig_alg_ext
Change-Id: I3d342baac302aa1d87c6f3ef75d85c7dc030070c
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com > 
						
						
					 
					
						2022-05-07 01:37:04 +00:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						8ecd66884f 
					 
					
						
						
							
							Keep raw PSK when set via mbedtls_ssl_conf_psk() and feed as input_bytes  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-05-05 14:01:49 +02:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						80f6f32495 
					 
					
						
						
							
							Make mbedtls_ssl_psk_derive_premaster() only for when MBEDTLS_USE_PSA_CRYPTO is not selected  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-05-04 11:08:41 +02:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						044a32c4c6 
					 
					
						
						
							
							Remove mbedtls_ssl_get_psk() and it's usage when MBEDTLS_USE_PSA_CRYPTO is selected  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-05-04 11:08:41 +02:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						e952a30d47 
					 
					
						
						
							
							Remove RAW PSK when MBEDTLS_USE_PSA_CRYPTO is selected  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-05-04 11:08:41 +02:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						501c93220d 
					 
					
						
						
							
							Import PSK as opaque PSA key for mbedtls_ssl_conf_psk() & mbedtls_ssl_set_hs_psk()  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-05-04 11:08:41 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						67397fa4fd 
					 
					
						
						
							
							Merge pull request  #5704  from mprse/mixed_psk_2cx  
						
						... 
						
						
						
						Mixed PSK 2a, 2b, 2c: enable client/server support opaque RSA-PSK, ECDHE-PSK, DHE-PSK 
						
						
					 
					
						2022-04-29 10:47:16 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						169bf0b8b0 
					 
					
						
						
							
							Fix comments (#endif flags)  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-29 07:53:29 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						8855e36030 
					 
					
						
						
							
							Merge pull request  #5674  from superna9999/5668-abstract-tls-mode-cleanup  
						
						... 
						
						
						
						Cipher cleanup: abstract TLS mode 
						
						
					 
					
						2022-04-28 12:33:38 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						8a4b7fd7c3 
					 
					
						
						
							
							Optimize code  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-28 10:21:03 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						8abcee9290 
					 
					
						
						
							
							Fix typos  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-28 09:16:28 +02:00 
						 
				 
			
				
					
						
							
							
								Neil Armstrong 
							
						 
					 
					
						
						
							
						
						2230e6c06d 
					 
					
						
						
							
							Simplify PSA transform->ivlen set in ssl_tls12_populate_transform()  
						
						... 
						
						
						
						Signed-off-by: Neil Armstrong <narmstrong@baylibre.com > 
						
						
					 
					
						2022-04-27 10:36:14 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						301711e96e 
					 
					
						
						
							
							Simplify mbedtls_ssl_get_base_mode  
						
						... 
						
						
						
						Reduce the amount of ifdef's by making the USE_PSA_CRYPTO and
non-USE_PSA_CRYPTO definitions independent.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2022-04-27 10:28:55 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						e108d987ea 
					 
					
						
						
							
							Simplify mbedtls_ssl_get_mode  
						
						... 
						
						
						
						Reduce the imbrications between preprocessor directives and C instructions.
Handle encrypt-then-mac separately.
No behavior change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2022-04-27 10:28:55 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						99114f3084 
					 
					
						
						
							
							Fix build flags for opaque/raw psk checks  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-22 14:54:34 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						b293aaa61b 
					 
					
						
						
							
							Enable support for psa opaque DHE-PSK key exchange on the client side  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-22 14:54:33 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						19b80f8151 
					 
					
						
						
							
							Enable support for psa opaque ECDHE-PSK key exchange on the client side  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-22 14:52:28 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						51a1f36be0 
					 
					
						
						
							
							setup_psa_key_derivation(): change salt parameter to other_secret  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-22 14:52:28 +02:00 
						 
				 
			
				
					
						
							
							
								Przemek Stekiel 
							
						 
					 
					
						
						
							
						
						c2033409e3 
					 
					
						
						
							
							Add support for psa rsa-psk key exchange  
						
						... 
						
						
						
						Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com > 
						
						
					 
					
						2022-04-22 14:52:27 +02:00