mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-26 00:37:41 +03:00

Author	SHA1	Message	Date
Ronald Cron	9edf51d8cd	Merge pull request #5785 from gabor-mezei-arm/5460_unify_parsing_sig_alg_ext Unify parsing of the signature algorithms extension in TLS 1.2 and TLS 1.3 CI ABI API check job failure is expected as the PR do some changes in ssl_misc.h. @RcColes if you eventually want to request some changes, they can be done in a follow-up PR.	2022-05-17 17:01:55 +02:00
Gabor Mezei	696956da24	Typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-13 17:02:19 +02:00
Andrzej Kurek	5c65c5781f	Fix additional misspellings found by codespell Remaining hits seem to be hex data, certificates, and other miscellaneous exceptions. List generated by running codespell -w -L keypair,Keypair,KeyPair,keyPair,ciph,nd Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-05-11 21:25:54 +01:00
Shaun Case	8b0ecbccf4	Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell. Signed-off-by: Shaun Case <warmsocks@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-11 21:25:51 +01:00
Gabor Mezei	c1051b62aa	Remove `MBEDTLS_SSL_SIG_ALG_SET` macro Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:19 +02:00
Gabor Mezei	3631cf693a	Rename signiture algorithm macros to better suite with TLS 1.2 Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:19 +02:00
Gabor Mezei	a3d016ce41	Rename and rewrite `mbedtls_ssl_sig_hash_set_find` function Rename `mbedtls_ssl_sig_hash_set_find` function to a suitable name and rewrite to operate TLS signature algorithm identifiers. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	15b95a6c52	Use common macro for the invalid signiture algorithm botn in TLS 1.2 and 1.3 Introduce a new macro MBEDTLS_TLS_SIG_NONE for invalid signiture algorithm. It is intended to use in common code of TLS 1.2 and 1.3. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:18 +02:00
Gabor Mezei	078e803d2c	Unify parsing of the signature algorithms extension Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-05-11 14:29:08 +02:00
Manuel Pégourié-Gonnard	9bbb7bacae	Merge pull request #5791 from superna9999/5788-unify-non-opaque-and-opaque-psks Unify non-opaque and opaque PSKs	2022-05-09 10:15:16 +02:00
XiaokangQian	aad9b0a286	Update code base on comments Change-Id: Ibc5043154515d2801565a2b99741dfda1344211c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-09 01:11:21 +00:00
XiaokangQian	eaf3651e31	Rebase and solve conflicts Change handshake_msg related functions Share the ssl_write_sig_alg_ext Change-Id: I3d342baac302aa1d87c6f3ef75d85c7dc030070c Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-05-07 01:37:04 +00:00
Neil Armstrong	8ecd66884f	Keep raw PSK when set via mbedtls_ssl_conf_psk() and feed as input_bytes Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-05 14:01:49 +02:00
Neil Armstrong	80f6f32495	Make mbedtls_ssl_psk_derive_premaster() only for when MBEDTLS_USE_PSA_CRYPTO is not selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	044a32c4c6	Remove mbedtls_ssl_get_psk() and it's usage when MBEDTLS_USE_PSA_CRYPTO is selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	e952a30d47	Remove RAW PSK when MBEDTLS_USE_PSA_CRYPTO is selected Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Neil Armstrong	501c93220d	Import PSK as opaque PSA key for mbedtls_ssl_conf_psk() & mbedtls_ssl_set_hs_psk() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-05-04 11:08:41 +02:00
Manuel Pégourié-Gonnard	67397fa4fd	Merge pull request #5704 from mprse/mixed_psk_2cx Mixed PSK 2a, 2b, 2c: enable client/server support opaque RSA-PSK, ECDHE-PSK, DHE-PSK	2022-04-29 10:47:16 +02:00
Przemek Stekiel	169bf0b8b0	Fix comments (#endif flags) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-29 07:53:29 +02:00
Gilles Peskine	8855e36030	Merge pull request #5674 from superna9999/5668-abstract-tls-mode-cleanup Cipher cleanup: abstract TLS mode	2022-04-28 12:33:38 +02:00
Przemek Stekiel	8a4b7fd7c3	Optimize code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-28 10:21:03 +02:00
Przemek Stekiel	8abcee9290	Fix typos Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-28 09:16:28 +02:00
Neil Armstrong	2230e6c06d	Simplify PSA transform->ivlen set in ssl_tls12_populate_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-27 10:36:14 +02:00
Gilles Peskine	301711e96e	Simplify mbedtls_ssl_get_base_mode Reduce the amount of ifdef's by making the USE_PSA_CRYPTO and non-USE_PSA_CRYPTO definitions independent. No behavior change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-27 10:28:55 +02:00
Gilles Peskine	e108d987ea	Simplify mbedtls_ssl_get_mode Reduce the imbrications between preprocessor directives and C instructions. Handle encrypt-then-mac separately. No behavior change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-04-27 10:28:55 +02:00
Przemek Stekiel	99114f3084	Fix build flags for opaque/raw psk checks Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:34 +02:00
Przemek Stekiel	b293aaa61b	Enable support for psa opaque DHE-PSK key exchange on the client side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:54:33 +02:00
Przemek Stekiel	19b80f8151	Enable support for psa opaque ECDHE-PSK key exchange on the client side Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	51a1f36be0	setup_psa_key_derivation(): change salt parameter to other_secret Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:28 +02:00
Przemek Stekiel	c2033409e3	Add support for psa rsa-psk key exchange Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Przemek Stekiel	ae4ed30435	Fix naming: random bytes are the seed (not salt) in derivation process Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Przemek Stekiel	1f02703e53	setup_psa_key_derivation(): add optional salt parameter Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-04-22 14:52:27 +02:00
Manuel Pégourié-Gonnard	55132c6a9a	Merge pull request #5703 from superna9999/5322-ecdh-remove-legacy-context TLS ECDH 4: remove legacy context	2022-04-22 14:27:06 +02:00
Neil Armstrong	f2c82f0a3b	Introduce MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM macro to determine if Encrypt-then-MAC with CBC is used in a ciphersuite Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	ccc074e44d	Use correct condition to use encrypt_then_mac in ssl_tls.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	d1be7674a4	Use PSA_BLOCK_CIPHER_BLOCK_LENGTH instead of PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE in ssl_tls12_populate_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	6b27c97a91	Rename mbedtls_get_mode() to mbedtls_ssl_get_mode() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	ab555e0a6c	Rename mbedtls_get_mode_from_XXX to mbedtls_ssl_get_mode_from_XXX Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	a0eeb7f470	Remove cipher_info in ssl_tls12_populate_transform() when USE_PSA_CRYPTO is defined Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	7fea33ea4d	Use mbedtls_get_mode_from_ciphersuite() in ssl_tls12_populate_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	4bf4c8675f	Introduce mbedtls_get_mode_from_ciphersuite() by reusing mbedtls_get_mode_from_transform() logic Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:59 +02:00
Neil Armstrong	8a0f3e8cf0	Introduce mbedtls_ssl_mode_t & mbedtls_get_mode_from_transform() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-04-22 14:25:26 +02:00
XiaokangQian	4d3a60475c	Change default config version to development style Change-Id: I9c1088f235524211e727d03b96de8d82e60bd426 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-21 13:46:17 +00:00
XiaokangQian	060d867598	Update parse_key_share in server side and version config Change-Id: Ic91c061027d0ee4dca2055df21809cbb4388f3ef Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-21 09:24:56 +00:00
XiaokangQian	75d40ef8cb	Refine code base on review Remove useless hrr code Share validate_cipher_suit between client and server Fix test failure when tls13 only in server side Change-Id: I5d6a7932bd8448ebf542bc86cdcab8862bc28e9b Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 11:05:24 +00:00
XiaokangQian	8f9dfe41c0	Fix comments about coding styles and test cases Change-Id: I70ebc05e9dd9fa084d7b0ce724a25464c3425e22 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:45:50 +00:00
XiaokangQian	ed582dd023	Update based on comments Remove cookie support from server side Change code to align with coding styles Re-order functions of client_hello Change-Id: If31509ece402f8276e6cac37f261e0b166d05e18 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
XiaokangQian	c4b8c99a38	Rebase and solve conflicts and issues Change-Id: I17246c5b2f8a8ec4989c8b0b83b55cad0491b78a Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-04-20 07:43:48 +00:00
Paul Elliott	a2da9c7e45	Merge pull request #5631 from gstrauss/enum-tls-vers Unify internal/external TLS protocol version enums	2022-04-19 17:05:26 +01:00
Glenn Strauss	041a37635b	Remove some tls_ver < MBEDTLS_SSL_VERSION_TLS1_2 checks mbedtls no longer supports earlier TLS protocol versions Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-04-14 15:40:14 -04:00

1 2 3 4 5 ...

1620 Commits