yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
22267 commits 89 branches 205 tags 114 MiB
Commit graph

9836 commits

Author SHA1 Message Date
Werner Lewis e4c0a6c3ba Change cast to correct type 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-11-24 16:18:06 +00:00
Werner Lewis 1a277d9ad6 Replace comparison with XOR 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-11-24 16:18:06 +00:00
Werner Lewis d391b8ce61 Change types and move const before type 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-11-24 16:18:06 +00:00
Werner Lewis 9fa91ebcb9 Use modulus structure in mbedtls_mpi_mod_raw_add 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-11-24 16:18:06 +00:00
Werner Lewis 0eea827cbd Rename MPI_CORE(add_mod) to mbedtls_mpi_mod_raw_add 
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
 2022-11-24 16:18:06 +00:00
Hanno Becker a45b6fee91 Extract MPI_CORE(add_mod) from the prototype 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-24 16:17:49 +00:00
Ronald Cron 4cf77e99ab
Merge pull request #6621 from ronald-cron-arm/tls13-early-data-write 
TLS 1.3: Add definition of mbedtls_ssl_{write,read}_early_data
 2022-11-24 09:58:07 +01:00
Janos Follath 531a871b88
Merge pull request #6235 from tom-cosgrove-arm/issue-6231-core-sub-int 
Bignum: extract core_sub_int from the prototype
 2022-11-23 13:32:02 +00:00
Ronald Cron 4a8c9e2cff tls13: Add definition of mbedtls_ssl_{write,read}_early_data 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-11-23 14:29:37 +01:00
Manuel Pégourié-Gonnard ef25a99f20
Merge pull request #6533 from valeriosetti/issue5847 
Use PSA EC-JPAKE in TLS (1.2) - Part 2
 2022-11-23 13:27:30 +01:00
Ronald Cron 1d1d53622f
Merge pull request #6490 from xkqian/tls13_parse_early_data_indication_ee 
The internal CI merge job ran successfully.
 2022-11-23 12:31:25 +01:00
Ronald Cron cb0e680779
Merge pull request #6476 from yuhaoth/pr/fix-tls13-mbedtls_ssl_is_handshake_over 
TLS 1.3: Fix tls13 mbedtls ssl is handshake over
 2022-11-23 12:12:02 +01:00
Xiaokang Qian b157e915ad Move the early data status set afeter all of the extensions parse 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-23 08:12:26 +00:00
Xiaokang Qian e861ba01d4 Remove the duplicate early_data_status check 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-23 03:21:02 +00:00
Xiaokang Qian ca09afc60a Remove useless function and parse early data in ee 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-23 02:16:49 +00:00
Valerio Setti 99d88c1ab4 tls: psa_pake: fix missing casting in mbedtls_psa_ecjpake_write_round 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-22 16:03:43 +01:00
Tom Cosgrove 452c99c173 Use mbedtls_mpi_core_sub_int() in mbedtls_mpi_sub_abs() 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-22 14:58:15 +00:00
Tom Cosgrove f7ff4c9a11 Tidy up, remove MPI_CORE(), and apply the naming convention 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-22 14:58:15 +00:00
Hanno Becker d9b2348d8f Extract MPI_CORE(sub_int) from the prototype 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-11-22 14:58:15 +00:00
Gilles Peskine 4f19d86e3f
Merge pull request #6608 from mprse/ecjpake_password_fix 
Make a copy of the password key in operation object while setting j-pake password
 2022-11-22 14:52:12 +01:00
Valerio Setti d4a9b1ab8d tls: psa_pake: remove useless defines and fix a comment 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-22 11:11:10 +01:00
Xiaokang Qian 8bee89994d Add parse function for early data in encrypted extentions 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2022-11-22 09:40:07 +00:00
Przemek Stekiel 0bdec19c93 Further optimizations of pake set_password implementation 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-22 09:10:35 +01:00
Jerry Yu fdd24b8c49 Revert change in flight transmit 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-22 14:08:03 +08:00
Gilles Peskine 339406daf9
Merge pull request #6609 from gilles-peskine-arm/mpi_sint-min-ub 
Fix undefined behavior in bignum: NULL+0 and -most-negative-sint
 2022-11-21 19:51:58 +01:00
Przemek Stekiel ad0f357178 Optimize pake code that sets/use password key 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-21 15:04:37 +01:00
Przemek Stekiel e2d6b5f45b psa_key_slot_get_slot_number: Move documentation to header file 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-21 15:03:52 +01:00
Valerio Setti 5151bdf46e tls: psa_pake: add missing braces 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-21 14:30:02 +01:00
Valerio Setti 79f6b6bb1b tls: psa_pake: fixing mbedtls_psa_ecjpake_write_round() 
It might happen that the psa_pake_output() function returns
elements which are not exactly 32 or 65 bytes as expected, but
1 bytes less.
As a consequence, insted of hardcoding the expected value for
the length in the output buffer, we write the correct one as
obtained from psa_pake_output()

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-21 14:17:03 +01:00
Dave Rodgman 9e1836cc16
Merge pull request #6593 from Mbed-TLS/fix_tls12_sent_sigalgs 
Fix TLS1.2 signature algorithms list entry getting overwritten by length.
 2022-11-21 10:09:57 +00:00
Jerry Yu 9b421456b0 Revert change in dtls1.2 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu 668070d5f4 Remove unnecessary replace 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu a8d3c5048f Rename new session ticket name for TLS 1.3 
NewSessionTicket is different with TLS 1.2.
It should not share same state.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu cfda4bbeac Replace handshake over in flight transmit 
Fix deadloop in DTLS resumption test.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:35 +08:00
Jerry Yu 1fb3299ad7 Replace internal usage of is_handshake_over. 
NEW_SESSION_TICKETS* are processed in handshake_step.
Change the stop condition from `mbedtls_ssl_is_handshake_over`
to directly check.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Jerry Yu 5ed73ff6de Add NEW_SESSION_TICKET* into handshake over states 
All state list after HANDSHAKE_OVER as is_handshakeover

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Jerry Yu 6848a61922 Revert "Replace internal usage of mbedtls_ssl_is_handshake_over" 
This reverts commit 1d3ed2975e7ef0d84050a3aece02eec1f890dec3.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Jerry Yu e219c11b4e Replace internal usage of mbedtls_ssl_is_handshake_over 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-11-19 20:12:34 +08:00
Valerio Setti 61ea17d30a tls: psa_pake: fix return values in parse functions 
Ensure they all belong to the MBEDTLS_ERR_SSL_* group

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-18 12:11:00 +01:00
Valerio Setti aca21b717c tls: psa_pake: enforce not empty passwords 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-17 18:20:50 +01:00
Valerio Setti 819de86895 tls: removed extra white spaces and other minor fix 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-17 18:05:19 +01:00
Valerio Setti 6b3dab03b5 tls: psa_pake: use a single function for round one and two in key exchange read/write 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-17 17:14:54 +01:00
Valerio Setti 9bed8ec5d8 tls: psa_pake: make round two reading function symmatric to the writing one 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-17 16:36:19 +01:00
Valerio Setti 30ebe11f86 tls: psa_pake: add a check on read size on both rounds 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-17 16:35:02 +01:00
Valerio Setti a988364767 tls: psa_pake: fix missing new round one parsing function on tls12 server 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-17 16:35:02 +01:00
Valerio Setti a08b1a40a0 tls: psa_pake: move move key exchange read/write functions to ssl_tls.c 
Inlined functions might cause the compiled code to have different sizes
depending on the usage and this not acceptable in some cases.
Therefore read/write functions used in the initial key exchange are
moved to a standard C file.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
 2022-11-17 16:34:59 +01:00
Andrzej Kurek ec71b0937f Introduce a test for single signature algorithm correctness 
The value of the first sent signature algorithm is overwritten.
This test forces only a single algorithm to be sent and then
validates that the client received such algorithm.
04 03 is the expected value for SECP256R1_SHA256.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-11-17 14:58:14 +00:00
Paul Elliott 96a0fd951f Fix signature algorithms list entry getting overwritten by length. 
Fix bug whereby the supported signature algorithm list sent by the
server in the certificate request would not leave enough space for the
length to be written, and thus the first element would get overwritten,
leaving two random bytes in the last entry.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-11-17 14:58:14 +00:00
Przemek Stekiel 369ae0afc3 Zeroize pake password buffer before free 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-17 14:14:31 +01:00
Przemek Stekiel 152ae07682 Change password ec j-pake operation fields to more suitable 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2022-11-17 13:24:36 +01:00