yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
29262 commits 89 branches 205 tags 114 MiB
Commit graph

12752 commits

Author SHA1 Message Date
Ronald Cron d6d32b9210 tls13: Improve declaration and doc of early data status 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-15 17:19:14 +01:00
Ronald Cron b9a9b1f5a5 tls13: Fix/Improve comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-15 17:19:14 +01:00
Ronald Cron 84dfbf488a tls13: client: Add comment about early data in 2nd ClientHello 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-15 17:19:14 +01:00
Ronald Cron 5fbd27055d tls13: Use a flag not a counter for CCS and HRR handling 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-15 17:19:02 +01:00
Ronald Cron e273f7203d tls13: client: Improve CCS handling 
Call unconditionally the CCS writing function
when sending a CCS may be necessary in the
course of an handshake. Enforce in the writing
function and only in the writing function that
only one CCS is sent.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-14 10:24:00 +01:00
Xiaokang Qian b62732e1d6 tls13: cli: Add mbedtls_ssl_write_early_data() API 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-07 08:06:46 +01:00
Ronald Cron 90e223364c tls13: cli: Refine early data status 
The main purpose of the change is to
know from the status, at any point in
the handshake, if early data can be
sent or not and why.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Ronald Cron fe59ff794d tls13: Send dummy CCS only once 
Fix cases where the client was sending
two CCS, no harm but better to send only one.

Prevent to send even more CCS when early data
are involved without having to add conditional
state transitions.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-06 16:43:33 +01:00
Manuel Pégourié-Gonnard 5c9cc0b30f
Merge pull request #8727 from ronald-cron-arm/tls13-ignore-early-data-when-rejected 
TLS 1.3: SRV: Ignore early data when rejected
 2024-02-06 13:16:03 +00:00
Ronald Cron 71c6e65d83 tls13: ssl_msg.c: Improve/add comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-05 16:54:37 +01:00
Ronald Cron 31e2d83eee tls13: srv: Improve coding 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-05 16:45:57 +01:00
Manuel Pégourié-Gonnard 32c28cebb4
Merge pull request #8715 from valeriosetti/issue7964 
Remove all internal functions from public headers
 2024-02-05 15:09:15 +00:00
Janos Follath 747bedb0b0
Merge pull request #8733 from ivq/gcm_ad_len_check 
Add back restriction on AD length of GCM
 2024-02-05 13:33:58 +00:00
Jerry Yu f57d14bed4 Ignore early data app msg before 2nd client hello 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Jerry Yu 263dbf7167 tls13: srv: Do not allow early data indication in 2nd ClientHello 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Ronald Cron 1483dc3bde tls13: cli: Indicate early data only in first ClientHello 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Ronald Cron 2995d35ac3 tls13: srv: Deprotect and discard early data records 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Jerry Yu 4caf3ca08c tls13: srv: Add discard_early_data_record SSL field 
Add discard_early_data_record in SSL context for
the record layer to know if it has to discard
some potential early data record and how.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-02 17:31:20 +01:00
Ronald Cron 78a38f607c tls13: srv: Do not use early_data_status 
Due to the scope reduction for
mbedtls_ssl_read_early_data(), on
server as early data state variable
we now only need a flag in the
handshake context indicating if
the server has accepted early data
or not.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 20:10:35 +01:00
Ronald Cron 3b9034544e Revert "tls13: Introduce early_data_state SSL context field" 
This reverts commit 0883b8b625.
Due to the scope reduction of mbedtls_ssl_read_early_data()
it is not necessary anymore to refine the usage
of early_data_status/state rather the opposite.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 20:03:57 +01:00
Ronald Cron 164537c4a6 tls13: early data: Improve, add comments 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 19:52:30 +01:00
Ronald Cron ed7d4bfda5 tls13: srv: Simplify mbedtls_ssl_read_early_data() API 
Do not progress the handshake in the API, just
read early data if some has been detected by
a previous call to mbedtls_ssl_handshake(),
mbedtls_ssl_handshake_step(),
mbedtls_ssl_read() or mbedtls_ssl_write().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:45:07 +01:00
Ronald Cron 0883b8b625 tls13: Introduce early_data_state SSL context field 
Introduce early_data_state SSL context field to
distinguish better this internal state from
the status values defined for the
mbedtls_ssl_get_early_data_status() API.
Distinguish also between the client and
server states. Note that the client state
are going to be documented and reworked
as part of the implementation of
mbedtls_ssl_write_early_data().

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:45:04 +01:00
Ronald Cron 7b6ee9482e tls13: srv: Reject early data in case of HRR 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu d9ca354dbd tls13: srv: Add mbedtls_ssl_read_early_data() API 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu 6a5904db45 tls13: srv: Move early data size check placeholder 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Jerry Yu 739a1d4246 tls: Add internal function ssl_read_application_data() 
The function will be used by
mbedtls_ssl_read_early_data() as well.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Ronald Cron 5d0ae9021f tls13: srv: Refine early data status 
The main purpose is to know from the status
if early data can be received of not and
why.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-02-01 16:40:47 +01:00
Ronald Cron 11cc41265b
Merge pull request #8711 from ronald-cron-arm/tls13-ticket-and-early-data-unit-test 
Add TLS 1.3 ticket and early data unit tests
 2024-02-01 13:15:55 +00:00
Paul Elliott cb88c4945a
Merge pull request #8754 from Redfoxymoon/development 
fix build for midipix
 2024-02-01 10:01:49 +00:00
Dave Rodgman dae21d3808 Support SHA-512 hwcap detection on old libc 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-30 15:31:42 +00:00
Ørjan Malde 2a6cb5c881 fix build for midipix 
Signed-off-by: Ørjan Malde <red@foxi.me>
 2024-01-30 14:50:23 +01:00
Paul Elliott 47c74a4773
Merge pull request #8741 from Ryan-Everett-arm/add-locking-macros 
Add macros for locking/unlocking the key slot mutex
 2024-01-26 13:53:38 +00:00
Dave Rodgman 935182fe2b
Merge pull request #1158 from daverodgman/mbedtls-3.5.2rc 
Mbedtls 3.5.2rc
 2024-01-25 12:22:54 +00:00
Dave Rodgman f5e231ca84
Merge pull request #8719 from daverodgman/iar-codegen 
Improve codegen of unaligned access for IAR and gcc
 2024-01-25 08:31:45 +00:00
Ryan Everett 3877d4858b Refactor macros 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-24 13:26:26 +00:00
Dave Rodgman 13f2f4e7f1 Merge remote-tracking branch 'restricted/development' into mbedtls-3.5.2rc 2024-01-24 09:49:15 +00:00
Ryan Everett cb05ce30e9 Minor fixes to locking macros 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-23 19:25:10 +00:00
Ryan Everett 90afb132e0 Add ..._GOTO_EXIT macro 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-23 18:34:55 +00:00
Ryan Everett d6d6a76e46 Add ..._GOTO_RETURN macro 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-01-23 18:32:42 +00:00
Chien Wong 019c2a7817
Handle sizeof(size_t) > sizeof(uint64_t) 
Signed-off-by: Chien Wong <m@xv97.com>
 2024-01-23 21:38:06 +08:00
Janos Follath aa3fa98bc4
Merge pull request #8726 from v1gnesh/patch-1 
Update entropy_poll.c to allow build in z/OS
 2024-01-23 12:43:18 +00:00
Dave Rodgman c64280a2d7 Fix comment typo 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-23 10:05:08 +00:00
Dave Rodgman 00b530e395 Limit compiler hint to compilers that are known to benefit from it 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-23 09:41:34 +00:00
Dave Rodgman e23d6479cc Bump version 
./scripts/bump_version.sh --version 3.5.1

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2024-01-22 15:45:49 +00:00
Janos Follath b4b8f3df3b RSA: improve readability 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath 47ee770812 RSA: remove unneeded temporaries 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath e6750b2a0b RSA: document Montgomery trick in unblind 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath a62a554071 Fix style 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00
Janos Follath 100dcddfca Make local function static 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2024-01-22 15:33:19 +00:00