mbedtls

mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00

Author	SHA1	Message	Date
Ronald Cron	fb39f15fa1	ssl_tls.c: Use ETM status only in CBC mode case Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-25 16:50:18 +01:00
Ronald Cron	862902dd57	ssl_srv.c: Mark ETM as disabled if cipher is not CBC Encrypt-Then-Mac (ETM) is supported in Mbed TLS TLS 1.2 server only for the CBC cipher mode thus make it clear in the SSL context. The previous code was ok as long as the check of the ETM status was done only in the case of the CBC cipher mode but fragile as #5573 revealed. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-25 16:50:18 +01:00
Manuel Pégourié-Gonnard	cefa904759	Merge pull request #5622 from paul-elliott-arm/timing_delay_accessor Accessor for mbedtls_timing_delay_context final delay	2022-03-25 09:14:41 +01:00
Ronald Cron	90045241e7	Merge pull request #5659 from yuhaoth/pr/fix-wrong-check-certificate-verify TLS1.3: Fix incorrect check for certificate verify	2022-03-25 08:35:41 +01:00
Manuel Pégourié-Gonnard	5e4bf95d09	Merge pull request #5602 from superna9999/5174-md-hmac-dtls-cookies MD: HMAC in DTLS cookies	2022-03-23 13:05:24 +01:00
Jerry Yu	3616533d26	tls13:remove ec check from validate certification Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-03-22 19:46:05 +08:00
Neil Armstrong	488a40eecb	Rename psa_hmac to psa_hmac_key in mbedtls_ssl_cookie_ctx Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-22 10:41:38 +01:00
Paul Elliott	b9af2db4cf	Add accessor for timing final delay Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-03-21 15:26:19 +00:00
Neil Armstrong	79daea25db	Handle and return translated PSA errors in ssl_cookie.c Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-21 12:05:51 +01:00
Neil Armstrong	2d5e343c75	Use inline PSA code instead of using ssl_cookie_hmac in mbedtls_ssl_cookie_write() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-21 11:39:52 +01:00
Manuel Pégourié-Gonnard	f4042f076b	Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac TLS record HMAC	2022-03-21 11:36:44 +01:00
Manuel Pégourié-Gonnard	706f6bae27	Merge pull request #5518 from superna9999/5274-ecdsa-signing PK: ECDSA signing	2022-03-21 09:57:57 +01:00
Manuel Pégourié-Gonnard	472044f21e	Merge pull request #5525 from superna9999/5161-pk-rsa-encryption PK: RSA encryption	2022-03-21 09:57:38 +01:00
Ronald Cron	8d7afc642c	Merge pull request #5523 from ronald-cron-arm/one-flush-output-development TLS 1.3: One flush output	2022-03-21 08:44:04 +01:00
Neil Armstrong	62e6ea2c22	Avoid spurious write to *olen in PSA version of rsa_encrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 15:39:49 +01:00
Neil Armstrong	17a0655c8d	Add documentation to find_ecdsa_private_key() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 15:27:38 +01:00
Neil Armstrong	05132ed490	md_alg is used in ecdsa_sign_wrap(), cleanup code Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 15:14:57 +01:00
Neil Armstrong	cb753a6945	Use mbedtls_eckey_info directly in ecdsa_sign_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 15:14:48 +01:00
Manuel Pégourié-Gonnard	e5b53193e0	Merge pull request #5636 from mprse/tls_ecdh_2b TLS ECDH 2b: client-side static ECDH (1.2)	2022-03-18 11:36:53 +01:00
Neil Armstrong	29c0c040fc	Only make PSA HMAC key exportable when NULL or CBC & not EtM in ssl_tls12_populate_transform() This requires moving the HMAC init after CIPHER init. Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:10:09 +01:00
Neil Armstrong	9ebb9ff60c	Reduce HMAC buffer usage in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:09:58 +01:00
Neil Armstrong	72c2f76c43	Assume MAC key length is always exactly the output size in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:09:36 +01:00
Neil Armstrong	36cc13b340	Use PSA defines for buffers in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 11:09:20 +01:00
Neil Armstrong	ae57cfd3e7	Use psa_ssl_status_to_mbedtls in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 10:00:10 +01:00
Neil Armstrong	28d9c631b8	Fix comments in PSA version of mbedtls_ct_hmac() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-18 10:00:10 +01:00
Manuel Pégourié-Gonnard	8d4bc5eeb9	Merge pull request #5481 from gabor-mezei-arm/5401_implement_hkdf_extract_based_on_psa_hmac HKDF 1a: Implement Extract in TLS 1.3 based on PSA HMAC	2022-03-17 11:55:48 +01:00
Manuel Pégourié-Gonnard	15c0e39fff	Merge pull request #5519 from superna9999/5150-pk-rsa-decryption PK: RSA decryption	2022-03-17 11:02:13 +01:00
Manuel Pégourié-Gonnard	7c92fe966a	Merge pull request #5614 from gabor-mezei-arm/5203_tls_cipher_tickets_use_psa_for_protection TLS Cipher 2a: tickets: use PSA for protection	2022-03-17 09:50:09 +01:00
Manuel Pégourié-Gonnard	560ef5975c	Merge pull request #5613 from mprse/tls_ecdh_2a TLS ECDH 2a: server-side ECDHE-ECDSA and ECDHE-RSA (1.2)	2022-03-17 09:29:41 +01:00
Przemek Stekiel	068a6b4013	ssl_check_server_ecdh_params():Adapt build flags Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-17 07:54:09 +01:00
Neil Armstrong	da1d80db19	Use mbedtls_rsa_info directly in rsa_encrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-16 15:36:32 +01:00
Neil Armstrong	7b1dc85919	Simplify padding check and get rid of psa_sig_md in rsa_encrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-16 15:36:06 +01:00
Neil Armstrong	6b03a3de5c	Use mbedtls_rsa_info directly in rsa_decrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-16 15:31:07 +01:00
Neil Armstrong	8e80504b46	Simplify padding check and get rid of psa_sig_md in rsa_decrypt_wrap() Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-16 15:30:31 +01:00
Gabor Mezei	103e08aab9	Fix return value handling Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-16 13:45:41 +01:00
Przemek Stekiel	561a42392a	ssl_parse_signature_algorithm(): refactor PSA CRYPTO code - use mbedtls_ecp_point_write_binary() instead mbedtls_mpi_write_binary(). - add check for ECDH curve type in server's certificate Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 13:16:24 +01:00
Gabor Mezei	5b8b890a61	Check PSA functions' return value before converting Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-16 12:56:58 +01:00
Gabor Mezei	36c9f51ef2	Use size_t instead of int to silence compiler warnings Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-16 12:55:32 +01:00
Gabor Mezei	4f4bac7e22	Remove blank lines Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-03-16 12:54:27 +01:00
Przemek Stekiel	dd482bfd6a	Modify own_pubkey_max_len calculation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 11:43:22 +01:00
Przemek Stekiel	a4e15cc0d5	Fix comment: add fields size Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 11:32:42 +01:00
Przemek Stekiel	855938e17d	Move mbedtls_ecdh_setup() to no-psa path Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 11:29:29 +01:00
Przemek Stekiel	338b61d6e4	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 11:24:09 +01:00
Przemek Stekiel	d905d33488	ssl_write_client_key_exchange(): enable psa support for ECDH-ECDSA and ECDH-RSA key exchange Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 09:50:56 +01:00
Przemek Stekiel	ea4000f897	ssl_parse_signature_algorithm(): populate psa handshake fields when psa crypto is enabled Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-16 09:49:33 +01:00
Dave Rodgman	2cecd8aaad	Merge pull request #3624 from daxtens/timeless RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test	2022-03-15 16:43:19 +00:00
Przemek Stekiel	ce1d792315	Remove duplicated code Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-03-14 16:16:25 +01:00
Neil Armstrong	169e61add6	Zeroise stack buffer containing private key Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-14 14:26:49 +01:00
Neil Armstrong	3aca61fdfc	Zeroise stack buffer containing private key Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>	2022-03-14 14:24:48 +01:00
Dave Rodgman	868d38f50f	Merge pull request #5547 from tom-cosgrove-arm/seclib-667-sha256-acceleration-mbedtls-internal SECLIB-667: Accelerate SHA-256 with A64 crypto extensions	2022-03-14 12:57:37 +00:00

1 2 3 4 5 ...

8357 commits