mbedtls

mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00

Author	SHA1	Message	Date
Gilles Peskine	57e401b39f	Merge pull request #8521 from valeriosetti/issue8441 [G4] Make CTR-DRBG fall back on PSA when AES not built in	2023-12-06 18:25:44 +00:00
David Horstmann	4749007f64	Fix possible integer overflows before widening When calculating a result to go into an mbedtls_ms_time_t, make sure that arithmetic is performed at the final size to prevent overflow. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-12-06 17:22:53 +00:00
Valerio Setti	202bb71dcd	ssl_tls12_server: do not export/import opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-06 17:05:24 +01:00
Waleed Elmelegy	9aec1c71f2	Add record size checking during handshake Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-12-06 15:18:15 +00:00
Jan Bruckner	f482dcc6c7	Comply with the received Record Size Limit extension Fixes #7010 Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-12-06 15:18:08 +00:00
Manuel Pégourié-Gonnard	ad4f0ada37	Merge pull request #8514 from mschulz-at-hilscher/fixes/uninitialized-variable-in-ssl_msg Fix uninitialized variable warnings in ssl_msg.c	2023-12-06 11:06:03 +00:00
Valerio Setti	2bd53667d6	pk: guard key enrollment function with PSA_CRYPTO_CLIENT Use key enrollment function only when MBEDTLS_PSA_CRYPTO_CLIENT is enabled, i.e. when the Mbed TLS implementation of PSA Crypto is being used. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-06 11:24:50 +01:00
Jerry Yu	95648b0134	Some minor improvement - move early data check to `prepare` - avoid `((void) output_len) - replace check with `session_ticket_allow` in 2nd place Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:21:16 +08:00
Jerry Yu	c59c586ac4	change prototype of `write_early_data_ext` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:21:15 +08:00
Jerry Yu	163e12f7ff	remove assignment for `session->max_early_data_size` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:21:09 +08:00
Jerry Yu	ebe1de62f9	fix various issue - rename connection time variable - remove unnecessary comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:20:25 +08:00
Jerry Yu	9e7f9bc253	Add missing debug message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:20:22 +08:00
Jerry Yu	db97163ac7	add ticket max_early_data_size check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:20:13 +08:00
Jerry Yu	5233539d9f	share write_early_data_ext function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:50 +08:00
Jerry Yu	0069abc141	improve comments of new session ticket Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:46 +08:00
Jerry Yu	1a160703f8	set max_early_data_size of ticket to keep consistent Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:43 +08:00
Jerry Yu	f135bac89c	Add max_early_data_size check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:39 +08:00
Jerry Yu	930ce4cfac	Revert "change max_early_data_size source" This reverts commit 3d8d6a770f3a0f3045820970bc4a5d6ee7df8e10. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:36 +08:00
Jerry Yu	2f5d93b1c9	Revert "set init value for max_early_data_size in session" This reverts commit 8b02d75ed1af883e135979d24e38c0847e66fede. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:33 +08:00
Jerry Yu	d450fd25ae	change max_early_data_size source Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:31 +08:00
Jerry Yu	525990fb62	set init value for max_early_data_size in session Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:18:28 +08:00
Jerry Yu	db6fda71e5	improve early data comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:51 +08:00
Jerry Yu	10795a0c3b	replace ticket permission set Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:48 +08:00
Jerry Yu	c2b1bc4fb6	replace early data permission check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:46 +08:00
Jerry Yu	4da7c22cd6	add early data flag check function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:44 +08:00
Jerry Yu	ea96ac3da9	fix various issues - get ticket_flags with function. - improve output message and check it. - improve `ssl_server2` help message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:17:37 +08:00
Jerry Yu	3db60dfe5e	rename nst early data write function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:16:56 +08:00
Jerry Yu	fceddb310e	Add early data permission check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:14:54 +08:00
Jerry Yu	01da35e2c8	add early data extension of NST Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-06 18:14:52 +08:00
Valerio Setti	bced8bc8d7	ssl_tls12_server: export/import PK parsed key in TLS side Instead of setting both algorithm and enrollement algorithm in the PK module when parsing the key: - for Weierstrass keys we only set ECDSA algorithm, - for Montgomery keys we don't set any algorithm. Reasons: - PK module can only do ECDSA and not ECDH - ECDH is only used in TLS - Montgomery keys cannot be used to do ECDSA, while Weierstrass ones can do both ECDSA and ECDH. So the idea is that once TLS needs the key to do ECDH (either Weierstrass and Montgomery), it exports the one parsed from the PK module and then re-imports it setting proper algorithm and flags. In this way the TLS module will own the new key so it will be its duty to clear it on exit. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-06 10:40:47 +01:00
Valerio Setti	fbbafa0d2d	pkparse: do not set key algorithm for Montgomery keys in pk_ecc_set_key() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-06 10:07:34 +01:00
Ronald Cron	40f3f1c36f	Merge pull request #7058 from yuhaoth/pr/tls13-early-data-parsing-0-rtt-data TLS 1.3 EarlyData SRV: Parsing 0-RTT data	2023-12-06 06:47:32 +00:00
Jerry Yu	42020fb186	revert output message which used by testing Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-05 17:35:53 +08:00
Ronald Cron	a1e867c676	Merge pull request #8576 from yanrayw/issue/fix-tls13-session_negotiate-assignment TLS13: CLI: EarlyData: Assign ciphersuite after associated verification in EE	2023-12-05 08:31:24 +00:00
Valerio Setti	4ac2c18834	pk_wrap: try both ECDSA signature schemes in ecdsa_sign_psa() Instead of extracting key's properties in order to check whether it supports deterministic or non-deterministic ECDSA, we try both. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-05 07:59:01 +01:00
Jerry Yu	ebb1b1d48f	fix ci test failure "skip parse certificate verify" can not be changed. It is used in `Authentication: client badcert, server none` test. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-05 11:02:15 +08:00
Jerry Yu	b55f9eb5c5	fix various issues - remove unnecessary statements - improve macro name - improve output message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-05 10:27:17 +08:00
Valerio Setti	8aec84f3a7	pkwrite: minor code reshape Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 16:04:21 +01:00
Valerio Setti	83e0de8481	crypto_extra: revert changes to mbedtls_psa_random_free() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:42 +01:00
Valerio Setti	402cfba4dc	psa: free RNG implementation before checking for remaining open key slots Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:41 +01:00
Valerio Setti	5f4b28defc	ctr_drbg: add alternative PSA implementation when AES_C is not defined Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-12-04 11:04:41 +01:00
Dave Rodgman	9afc0200c7	Merge pull request #8563 from Oldes/issues-8562 Fixed compilation for Haiku OS	2023-12-04 09:53:08 +00:00
Yanray Wang	fb0f47b1f8	tls13: srv: check tls version in ClientHello with min_tls_version When server is configured as TLS 1.3 only and receives ClientHello from a TLS 1.2 only client, it's expected to abort the handshake instead of downgrading protocol to TLS 1.2 and continuing handshake. This commit adds a check to make sure server min_tls_version always larger than received version in ClientHello. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-04 17:50:36 +08:00
Jerry Yu	7bb40a3650	send unexpected alert when not received eoed or app during reading early data Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-04 10:04:15 +08:00
Jerry Yu	fbf039932a	Send decode error alert when EOED parsing fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-04 10:00:37 +08:00
Jerry Yu	3be850782c	fix various issues - improve comments - rename function and macros name - remove unnecessary comments - remove extra empty lines - remove unnecessary condition Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-04 09:58:54 +08:00
Yanray Wang	744577a429	tls13: early_data: cli: check a PSK has been selected in EE Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-01 23:03:37 +08:00
Dave Rodgman	f1be1f6740	Remove unused code Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-12-01 13:53:45 +00:00
Oldes Huhuman	304fa091cf	Shortening a comment line Related to: https://github.com/Mbed-TLS/mbedtls/issues/8562 Signed-off-by: Oldes Huhuman <oldes.huhuman@gmail.com>	2023-12-01 12:23:26 +01:00
Yanray Wang	9ae6534c20	tls13: early_data: cli: improve comment This commit improves comment of why we assign the identifier of the ciphersuite in handshake to `ssl->session_negotiate`. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-01 17:46:08 +08:00
Yanray Wang	03a00768c0	tls13: early_data: cli: improve comment This commit improves comment of the check for handshake parameters in Encrypted Extension. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-01 17:40:21 +08:00
Jerry Yu	0af63dc263	improve comments and output message Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 17:18:04 +08:00
Jerry Yu	ee4d729555	print received early application data Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:53:50 +08:00
Jerry Yu	e96551276a	switch inbound transform to handshake Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:53:50 +08:00
Jerry Yu	75c9ab76b5	implement parser of eoed Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:53:50 +08:00
Jerry Yu	b4ed4602f2	implement coordinate of eoed Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:34:00 +08:00
Jerry Yu	d5c3496ce2	Add dummy framework of eoed state Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:32:31 +08:00
Jerry Yu	59d420f17b	empty process_end_of_early_data Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:30:34 +08:00
Ronald Cron	857d29f29a	Merge pull request #8528 from yanrayw/issue/6933/parse-max_early_data_size TLS1.3 EarlyData: client: parse max_early_data_size	2023-12-01 08:27:26 +00:00
Jerry Yu	9b72e39701	re-introduce process_wait_flight2 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:27:08 +08:00
Jerry Yu	e32fac3d23	remove wait_flight2 state Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-12-01 16:25:16 +08:00
Yanray Wang	e72dfff1d6	tls13: early_data: cli: improve comment Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-01 12:05:16 +08:00
Yanray Wang	2bef7fbc8d	tls13: early_data: cli: remove guard to fix failure Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-12-01 12:02:56 +08:00
Dave Rodgman	059f66ce7c	Remove redundant check Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-30 11:02:03 +00:00
Dave Rodgman	6eee57bc07	Merge remote-tracking branch 'origin/development' into msft-aarch64 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-30 11:01:50 +00:00
Dave Rodgman	12d1c3ad4f	Use MBEDTLS_HAVE_NEON_INTRINSICS in aesce Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-30 09:38:38 +00:00
Dave Rodgman	d879b47b52	tidy up macros in mbedtls_xor Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-30 09:35:14 +00:00
Dave Rodgman	59059ec503	Merge remote-tracking branch 'origin/development' into msft-aarch64 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-30 09:34:41 +00:00
Yanray Wang	b3e207d762	tls13: early_data: cli: rename early_data parser in nst Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-30 16:49:51 +08:00
Yanray Wang	0790041dc6	Revert "tls13: early_data: cli: remove nst_ prefix" This reverts commit `3781ab40fb`. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-30 16:44:44 +08:00
Dave Rodgman	10dfe76425	Merge pull request #8573 from daverodgman/iar-aesce2 Disable hw AES on Arm for IAR	2023-11-30 08:22:09 +00:00
Yanray Wang	f4bad42670	itls13: early_data: cli: improve comment Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-30 15:58:07 +08:00
Valerio Setti	ad6d016b8f	pkwrite: fix return value in pk_get_type_ext() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-30 08:10:36 +01:00
Valerio Setti	3cc486aa11	pkparse: make pk_internal.h always available This is needed because now "pk_internal.h" contains defines for PEM strings Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-30 08:09:47 +01:00
Yanray Wang	a29db7da2e	tls13: early_data: cli: assign ciphersuite properly When early_data extension is enabled and sent in ClientHello, the client does not know if the server will accept early data and select the first proposed pre-shared key with a ciphersuite that is different from the ciphersuite associated to the selected pre-shared key. To address aforementioned case, we do associated verification when parsing early_data ext in EncryptedExtensions. Therefore we have to assign the ciphersuite in current handshake to session_negotiate later than the associated verification. This won't impact decryption of EncryptedExtensions since we compute handshake keys by the ciphersuite in handshake not via the one in session_negotiate. Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-30 14:27:38 +08:00
Valerio Setti	bcc004b549	pkwrite: some reshaping for Montgomery keys in mbedtls_pk_write_pubkey_der() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-29 17:16:55 +01:00
Valerio Setti	a4f70fe3fe	pkwrite: simplify management of opaque keys Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-29 15:05:47 +01:00
Janos Follath	c6f1637f8c	Merge pull request #8534 from paul-elliott-arm/fix_mutex_abstraction Make mutex abstraction and tests thread safe	2023-11-29 13:26:23 +00:00
Dave Rodgman	fb96d800ab	Merge pull request #8569 from yuhaoth/pr/fix-warning-on-arm64-gcc-5.4 fix build warning with arm64 gcc 5.4	2023-11-29 11:52:18 +00:00
Jerry Yu	92787e42c4	fix wrong gcc version check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-29 16:30:38 +08:00
Jerry Yu	e743aa74b5	add non-gcc arm_neon support Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-29 15:54:32 +08:00
Valerio Setti	f9362b7324	pk_internal: small renaming for mbedtls_pk_get_group_id() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-29 08:42:27 +01:00
Jerry Yu	d33f7a8c72	improve document Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-29 15:09:21 +08:00
Jerry Yu	71fada10e5	Guards neon path Old GCC(<7.3) reports warning in NEON path Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-29 10:38:07 +08:00
Jerry Yu	5b96b81980	Revert "fix build warning with arm64 gcc 5.4" This reverts commit `da3c206ebd`. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-29 10:25:00 +08:00
Valerio Setti	bcd305913f	pk: move functions to verify RFC8410 group ID to pk_internal Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-28 16:27:55 +01:00
Dave Rodgman	410ad44725	Disable hw AES on Arm for IAR Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-28 13:42:17 +00:00
Valerio Setti	d5604bacc4	pkwrite: add internal defines for proper key buffer sizes Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-28 14:10:43 +01:00
Valerio Setti	605f03cb76	pkwrite: reorganize code This commits just moves code around. The goal is to group together functions by guards and functionality: - RSA, EC, Opaque - internal VS public Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-28 12:46:39 +01:00
Manuel Pégourié-Gonnard	294f5d7ea9	Merge pull request #8540 from valeriosetti/issue8060 [G2] Make CCM and GCM work with the new block_cipher module	2023-11-28 08:18:45 +00:00
Valerio Setti	854c737db1	pk: use common header/footer macros for pkwrite and pkparse Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-28 08:37:57 +01:00
Valerio Setti	180915018d	pem: auto add newlines to header/footer in mbedtls_pem_write_buffer() Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-28 08:37:06 +01:00
Jerry Yu	da3c206ebd	fix build warning with arm64 gcc 5.4 GCC 5.4 reports below warning on Arm64 ``` warning: 'vst1q_u8' is static but used in inline function 'mbedtls_xor' which is not static ``` This inline function miss `static`, others have the keyword Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-28 14:28:03 +08:00
Dave Rodgman	4e9d5aa2ba	Merge pull request #8515 from mschulz-at-hilscher/fixes/pragma-error-gcc452 Fix compiler error on gcc 4.5.2.	2023-11-27 11:28:30 +00:00
Dave Rodgman	9fbac381e6	Merge pull request #8326 from daverodgman/aesce-thumb2 Support hw-accelerated AES on Thumb and Arm	2023-11-27 09:58:58 +00:00
Dave Rodgman	c94f8f1163	Merge pull request #8551 from daverodgman/sign-conversion-part1 Sign conversion part 1	2023-11-24 15:12:00 +00:00
Dave Rodgman	a3b80386d9	Merge remote-tracking branch 'origin/development' into sign-conversion-part1 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-24 11:27:18 +00:00
Janos Follath	905409abe2	Merge pull request #8500 from Ryan-Everett-arm/8409-make-empty-key-slots-explicit Make empty key slots explicit	2023-11-24 08:52:01 +00:00
Oldes Huhuman	1b58ecbfb0	Fixed compilation for Haiku OS Related to: https://github.com/Mbed-TLS/mbedtls/issues/8562 Signed-off-by: Oldes Huhuman <oldes.huhuman@gmail.com>	2023-11-23 22:46:20 +01:00
Paul Elliott	8c6d332c44	Fix comment typos Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-11-23 18:53:13 +00:00
Dave Rodgman	8cd4bc4ac2	Merge pull request #8124 from yanrayw/support_cipher_encrypt_only Support the negative option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT	2023-11-23 17:43:00 +00:00
Ryan Everett	2a0d4e2995	Revert "Refactor `psa_load_persistent_key_into_slot` to remove bad `goto`" This reverts commit `d69f4017fb`. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2023-11-23 16:34:35 +00:00
Dave Rodgman	c44042ddbc	Merge pull request #7905 from lpy4105/issue/misc-improvement misc improvements	2023-11-23 16:20:58 +00:00
Ryan Everett	d69f4017fb	Refactor `psa_load_persistent_key_into_slot` to remove bad `goto` Merges the two calls to `psa_copy_key_material_into_slot. Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2023-11-23 16:20:45 +00:00
Yanray Wang	3781ab40fb	tls13: early_data: cli: remove nst_ prefix Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-23 18:17:14 +08:00
Yanray Wang	d012084e91	tls13: early_data: cli: optimize code - remove unnecessary check - using local variable session Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-23 16:38:20 +08:00
Yanray Wang	690ee81533	Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only	2023-11-23 10:31:26 +08:00
Gilles Peskine	3f5e1e81b2	Merge pull request #8440 from yuhaoth/pr/fix-missing-pre_shared_key-ext-sent-mask Fix missing pre shared key ext sent mask	2023-11-22 16:40:12 +00:00
Yanray Wang	554ee62fba	tls13: early_data: fix wrong debug_ret message Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-22 18:55:03 +08:00
Yanray Wang	5da8ecffe6	tls13: nst early_data: remove duplicate code Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-22 18:52:21 +08:00
Yanray Wang	1136fad126	ssl_tls: improve readability in ssl__preset__sig_algs - fix wrong comment in #endif - no semantics changes Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-22 17:41:52 +08:00
Jerry Yu	87b5ed4e5b	Add server side end-of-early-data handler Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-22 16:48:39 +08:00
Jerry Yu	7d8c3fe12c	Add wait flight2 state. The state is come from RFC8446 section A.2 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-22 16:48:39 +08:00
Jerry Yu	4e9b70e03a	Add early transform computation when accepted Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-22 16:48:39 +08:00
Yanray Wang	69ceb391a0	ssl_tls: remove RSA sig-algs in ssl_tls12_preset_suiteb_sig_algs Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-22 16:32:55 +08:00
Yanray Wang	b1f60163ba	ssl_tls: remove RSA sig-algs in ssl_preset_suiteb_sig_algs Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-22 16:28:54 +08:00
Yanray Wang	fd25654311	ssl_tls: remove unnecessary guard Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-22 10:33:11 +08:00
Yanray Wang	365ee3eaa9	ssl_tls: return correct error code if mbedtls_calloc fails Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-22 10:33:11 +08:00
Yanray Wang	920db45818	tls13: early_data: support to parse max_early_data_size ext Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-22 10:33:11 +08:00
Dave Rodgman	e467d62042	Add casts for NEON Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-21 17:09:46 +00:00
Dave Rodgman	c37ad4432b	misc type fixes in ssl Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-21 17:09:46 +00:00
Dave Rodgman	df4d42106a	Use standard byte conversion fns in lms Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-21 17:09:46 +00:00
Dave Rodgman	a3d0f61aec	Use MBEDTLS_GET_UINTxx_BE macro Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-21 17:09:46 +00:00
Dave Rodgman	b2e8419b50	Fix types in entropy_poll.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-21 17:09:46 +00:00
Dave Rodgman	e4a6f5a7ec	Use size_t cast for pointer subtractions Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-21 17:09:46 +00:00
Manuel Pégourié-Gonnard	d4dc354185	Merge pull request #8541 from yanrayw/issue/ssl-fix-missing-guard ssl_tls: add missing macro guard	2023-11-21 14:57:47 +00:00
Ryan Everett	9f176a2766	Fix status assignments when loading persistent keys Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2023-11-21 11:49:57 +00:00
Jerry Yu	60e997205d	replace check string The output has been changed Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:25 +08:00
Jerry Yu	713ce1f889	various improvement - improve change log entry - improve comments - remove unnecessary statement - change type of client_age Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:25 +08:00
Jerry Yu	d84c14f80c	improve code style Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:24 +08:00
Jerry Yu	9cb953a402	improve document Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:24 +08:00
Jerry Yu	8e0174ac05	Add maximum ticket lifetime check Also add comments for age cast Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:24 +08:00
Jerry Yu	472a69260b	fix build failure Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:59:20 +08:00
Jerry Yu	cf9135100e	fix various issues - fix CI failure due to wrong usage of ticket_lifetime - Improve document and comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	342a555eef	rename ticket received Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	25ba4d40ef	rename `ticket_creation` to `ticket_creation_time` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	46c7926f74	Add maximum ticket lifetime check Also add comments for age cast Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	28e7c554f4	Change the bottom of tolerance window The unit of ticket time has been changed to milliseconds. And age difference might be negative Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:19 +08:00
Jerry Yu	31b601aa15	improve comments Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Jerry Yu	ec6d07870d	Replace `start` with `ticket_creation` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Jerry Yu	f16efbc78d	fix various issues - Add comments for ticket test hooks - improve code style. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Jerry Yu	cebffc3446	change time unit of ticket to milliseconds Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-11-21 09:58:18 +08:00
Valerio Setti	d0eebc1f94	ccm/gcm: improve code maintainability Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-20 15:17:53 +01:00
Gilles Peskine	473ff34d59	Merge pull request #8489 from valeriosetti/issue8482 Make CCM* and CCM independent	2023-11-20 14:07:14 +00:00
Ronald Cron	97137f91b6	Merge pull request #7071 from yuhaoth/pr/tls13-ticket-add-max_early_data_size-field TLS 1.3 EarlyData: add `max_early_data_size` field for ticket	2023-11-20 08:04:57 +00:00
Paul Elliott	5fa986c8cb	Move handling of mutex->is_valid into threading_helpers.c This is now a field only used for testing. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-11-16 15:13:05 +00:00
Ryan Everett	975d411d92	Only set slot to OCCUPIED on successful key loading Signed-off-by: Ryan Everett <ryan.everett@arm.com>	2023-11-16 13:37:51 +00:00
Valerio Setti	9b7a8b2a0c	ccm/gcm: reaplace CIPHER_C functions with BLOCK_CIPHER_C ones Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-11-16 11:48:00 +01:00
Yanray Wang	19e4dc8df7	tls: fix unused parameter in mbedtls_ssl_cipher_to_psa Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-16 18:05:51 +08:00
Yanray Wang	1a369d68aa	ssl_tls: add missing guard for mbedtls_ssl_cipher_to_psa Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-11-16 15:17:33 +08:00

1 2 3 4 5 ...

12621 commits