db9a38c672
Move contatnt-time memcmp functions to the contant-time module
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com >
2021-09-28 16:16:14 +02:00
d9a94fe3d0
Add counter length macro
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-28 20:10:26 +08:00
4836952f9d
fix tls1_3 prefix issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:34:58 +08:00
b65eb2f3cf
Revert "tls13: add generate handshake keys"
...
This reverts commit f02ca4158674b974ae103849c43e0c92efc40e8c.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:34:58 +08:00
e3131ef7f3
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:34:58 +08:00
a63de352dc
Revert "tls13: add ecdh_read_public"
...
This reverts commit 6a9d2ee4df88028e352e50d4f48687ce5b0f26ac.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:34:58 +08:00
000f976070
Rename get_handshake_transcript
...
- Remove tls13 prefix
- Remove TLS1_3 macro wrap
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:34:58 +08:00
c7875b5f11
add set in/out transform utils
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:34:58 +08:00
d3f73349a7
tls13: add ecdh_read_public
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:34:58 +08:00
7bea4bac96
tls13: add checksum of handshake message
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:34:58 +08:00
4925ef5da1
tls13: add generate handshake keys
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:34:58 +08:00
89ea321d96
tls13: add key_schedule_stage_early_data
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:34:58 +08:00
24c0ec31f9
tls13: add get_handshake_transcript
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:34:58 +08:00
bbd5a3fded
fix pending_alert issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:25:38 +08:00
394ece6cdd
Add function for set pending alert flag
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:25:38 +08:00
e7047819ee
add pend fatal alert
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-27 16:25:38 +08:00
bdc71888fc
Remove restartable and everest from tls1.3
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-14 19:33:31 +08:00
b60e3cf424
fix various issues
...
- format problems
- name conversion issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-08 16:41:02 +08:00
56fc07f7ae
add key_share extension
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-08 10:37:20 +08:00
e226cef124
Add NamedGroup IANA values and helper functions
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-08 09:52:15 +08:00
26f4d15d13
Add key exchange modes helper functions
...
Add helper functions for `tls13_kex_modes`
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-08 09:52:15 +08:00
8c02bb4b71
fix various comment issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 21:52:26 +08:00
2c0fbf3405
modify proc_chk macros
...
- change the parameter
- remove debug output
- remove return value modify
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:20 +08:00
a2cf7bd243
fix comment issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:20 +08:00
67d4ed5b22
force change state type
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:20 +08:00
159c5a0e12
fix comments issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:20 +08:00
e41dec0158
Rename write signature algorithms function
...
To keep similar name with other place.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:20 +08:00
eecfbf001c
fix format issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:20 +08:00
995ecd396f
fix wrong iana values and comments
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:20 +08:00
5cc8f0a0d8
Add simple document for tls13 functions
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:20 +08:00
275619336a
fix name conversion issue for tls13 server entry
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:20 +08:00
f443681f56
fix function name conversion issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:20 +08:00
6f13f64aa6
fix various format issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:19 +08:00
8e7ca0432e
fix extensions_present issues
...
fix comments for the mask values. follow same order
as IANA values.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:19 +08:00
bc20bdd3a9
Implement write_partial with dummy exts
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:19 +08:00
93bcd61a41
Add field into handshake params
...
Add `extensions_present` field. It represents
which are present.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:19 +08:00
65dd2ccfe6
Add dummy stages for client_hello_process
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:19 +08:00
beb3f41f2f
Add handshake_set_state helper function
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-09-03 16:29:19 +08:00
5e344563e4
Merge pull request #4858 from hanno-arm/upstream_tls13_transforms
...
Upstream TLS 1.3 record transformations structure fields
2021-08-12 12:29:54 +02:00
409c8f6e1b
Merge pull request #4851 from hanno-arm/hs_msg_without_checksum
...
Add handshake message writing variant that doesn't update checksum
2021-08-12 11:54:10 +02:00
e043d15d75
Turn comments of 1.3 record transforms into Doxygen documentation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com >
2021-08-12 06:22:52 +01:00
2aec149e13
Merge pull request #4248 from hanno-arm/tls13_populate_transform
...
Fix and test compliance of TLS 1.3 record protection
2021-08-11 16:41:51 +01:00
3aa186f946
Add transforms to be used for TLS 1.3
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com >
2021-08-10 09:24:19 +01:00
b9930e7d70
Add dummy tls1.3 handshake dispatch functions
...
Base on version config, `handshack_{clinet,server}_step`
will call different step function. TLS1.3 features will
be gradully added base on it.
And a new test cases is added to make sure it reports
`feature is not available`.
Change-Id: I4f0e36cb610f5aa59f97910fb8204bfbf2825949
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-08-10 13:34:32 +08:00
60835a88c3
Add config check utils functions
...
Check configuration parameter in structure setup
function to make sure the config data is available
and valid.
Current implementation checks the version config.
Available version configs are
- tls1_3 only
- tls1_2 only
issues: #4844
Change-Id: Ia762bd3d817440ae130b45f19b80a2868afae924
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com >
2021-08-10 13:34:32 +08:00
f3cce8b0e1
Add handshake message writing variant that doesn't update checksum
...
The helper `mbedtls_ssl_write_handshake_msg` writes a handshake message
and updates the handshake transcript.
With TLS 1.3, we need finer control over the checksum: updating
at message granularity is not sufficient. To allow for manual maintenance
of the checksum in those cases, refine `mbedtls_ssl_write_handshake_msg()`
into `mbedtls_ssl_write_handshake_msg_ext()` which takes a parameter
determining whether the checksum should be updated.
Signed-off-by: Hanno Becker <hanno.becker@arm.com >
2021-08-07 14:29:49 +01:00
bd25755d2a
Rename ssl_populate_transform() -> ssl_tls12_populate_transform()
...
In TLS 1.2 specific code, the internal helper functions
ssl_populate_transform() builds an SSL transform structure,
representing a specific record protection mechanism.
In preparation for a subsequent commit which will introduce
a similar helper function specific to TLS 1.3, this commmit
renames ssl_populate_transform() to ssl_tls12_populate_transform().
Signed-off-by: Hanno Becker <hanno.becker@arm.com >
2021-08-02 04:52:45 +01:00
b637150dfe
Merge pull request #4730 from TRodziewicz/finish_removing_tls_1.0_and_1.1
...
Remove all TLS 1.0 and 1.1 instances and add some compatibility tests
2021-07-27 09:42:53 +02:00
299510e889
Correction to comments and changelog removed
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com >
2021-07-09 16:55:11 +02:00
458280e67c
Correction to outdated comment
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com >
2021-07-07 11:33:06 +02:00
