yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
18901 commits 89 branches 205 tags 114 MiB
Commit graph

18901 commits

This branch
This branch
All branches
Author SHA1 Message Date
Przemyslaw Stekiel 0f5ecefbe9 Clean up the code 
- remove redundant local buffer
- fix code style

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-15 08:53:36 +01:00
Przemyslaw Stekiel 4b3fff43a8 Destroy ecdh_psa_privkey on HRR 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-15 08:53:26 +01:00
Paul Elliott a1dc3e5a60 Add safety to dummy_random in case of NULL context 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-02-14 18:26:21 +00:00
Przemyslaw Stekiel 169f115bf0 ssl_client2: init psa crypto for TLS 1.3 build 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-14 17:15:04 +01:00
lhuang04 86cacac91a Port ALPN support for tls13 client from tls13-prototype 
Summary:
Port ALPN implementation of tls13 client from
[tls13-prototype](https://github.com/hannestschofenig/mbedtls/blob/tls13-prototype/library/ssl_tls13_client.c#L1124).

Test Plan:

Reviewers:

Subscribers:

Tasks:

Tags:
Signed-off-by: lhuang04 <lhuang04@fb.com>
 2022-02-14 08:03:32 -08:00
Paul Elliott bb0168144e Ensure valid context is used in fuzz_dtlsserver 
A valid ctr_drbg context is now a prerequisite for using dummy_random()

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-02-14 15:57:11 +00:00
Ronald Cron 87829e5429 Fix documentation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-02-14 16:31:33 +01:00
PeterSpace c2774a3ad4 Update library/psa_its_file.c 
Signed-off-by: pespacek <peter.spacek@silabs.com>
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
 2022-02-14 12:24:56 +01:00
Przemyslaw Stekiel 4f419e55a1 ssl_tls13_write_key_share_ext: initialize key_exchange_len (compiler warning) 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-14 10:19:53 +01:00
Przemyslaw Stekiel c0824bfb11 Change mbedtls_ssl_tls13_key_schedule_stage_handshake() to use psa_raw_key_agreement() 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-14 10:19:45 +01:00
Przemyslaw Stekiel 6d6aabdb0d Remove unused function: ssl_tls13_check_ecdh_params() 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-14 10:13:10 +01:00
Przemyslaw Stekiel 9e23ddb09d Change ssl_tls13_read_public_ecdhe_share() to use PSA-specific parsing code. 
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-14 10:13:00 +01:00
Paul Elliott 51a7679a8e Ensure context is passed in to dummy_rand 
In fuzz_privkey, we switched over to using dummy_rand(), which uses
ctr_drbg internally, and thus requires an initialised ctr_drbg_context
to be passed in via p_rng when calling mbedtls_pk_parse_key().

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-02-11 19:10:14 +00:00
Ronald Cron fb84e98fb4 Add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-02-11 16:10:44 +01:00
Ronald Cron 135427cb35 Run TLS 1.3 tests when MBEDTLS_USE_PSA_CRYPTO is enabled 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-02-11 16:10:44 +01:00
Ronald Cron f6893e11c7 Finalize PSA hash operations in TLS 1.3 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-02-11 16:10:34 +01:00
Przemyslaw Stekiel ea859c24b7 Change ssl_tls13_generate_and_write_ecdh_key_exchange() to use PSA 
Generate ECDH private key using psa_generate_key()
Export the public part of the ECDH private key using psa_export_public_key()

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-11 15:17:05 +01:00
Ronald Cron 4279bac965 Document TLS 1.3 MVP limitation regarding MBEDTLS_USE_PSA_CRYPTO 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2022-02-11 15:10:22 +01:00
Gilles Peskine bebeae9428
Merge pull request #5504 from gstrauss/mbedtls_pem_get_der 
Add accessor to get der from mbedtls_pem_context
 2022-02-10 23:56:57 +01:00
Paul Elliott 00738bf65e Ensure ctr_drbg is initialised every time 
ctr_drbg is a local variable and thus needs initialisation every time
LLVMFuzzerTestOneInput() is called, the rest of the variables inside the
if(initialised) block are all static.

Add extra validation to attempt to catch this issue in future.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-02-10 18:38:53 +00:00
Przemyslaw Stekiel b15f33d496 Enable ecdh_psa_xxx fields in struct mbedtls_ssl_handshake_params for TLS 1.3 
These fields need to be enabled for 1.3 even if MBEDTLS_USE_PSA_CRYPTO isn't (1.3 should always use PSA).

Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
 2022-02-10 15:24:27 +01:00
Manuel Pégourié-Gonnard 574e538c75
Merge pull request #5522 from mpg/fixup-psa-migration 
Fixup psa migration documentation
 2022-02-10 13:41:56 +01:00
Manuel Pégourié-Gonnard 29e0e6fa3c
Merge pull request #5501 from gstrauss/ssl-ticket-rotate 
Add mbedtls_ssl_ticket_rotate() for ticket rotation
 2022-02-10 13:18:32 +01:00
Manuel Pégourié-Gonnard c70013e4bc Clarify the trailer field situation 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-10 13:16:50 +01:00
Manuel Pégourié-Gonnard c7f3254379 Clarify a sentence 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-10 13:00:33 +01:00
Manuel Pégourié-Gonnard 58d101b721 Fix a few more typos 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-10 12:58:09 +01:00
Gabor Mezei 9607ab4dbd
Prevent function not used compilation error 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-10 10:57:24 +01:00
Gabor Mezei b35759ded8
Add tests for mbedtls_psa_hkdf_expand 
The tests are based on the test of mbedtls_hkdf_expand.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-10 10:57:24 +01:00
Gabor Mezei a3eecd242c
Implement HKDF expand in TLS 1.3 based on PSA HMAC 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-10 10:57:23 +01:00
Glenn Strauss a941b62985 Create public macros for ssl_ticket key,name sizes 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-09 15:28:28 -05:00
Glenn Strauss e328245618 Add test case use of mbedtls_ssl_ticket_rotate 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-09 14:33:16 -05:00
Glenn Strauss a950938ff0 Add mbedtls_ssl_ticket_rotate for ticket rotation. 
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-09 14:33:15 -05:00
Andrzej Kurek 7db1b78fff Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO 
Duplicate a test case but with a different expected error
due to error translation to and from PSA.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-02-09 14:13:44 -05:00
Gabor Mezei 748ab4ae77
Use ASSERT_ALLOC 
Change the calloc functions to ASSERT_ALLOC to check the
return value of calloc as well.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2022-02-09 16:31:48 +01:00
Gilles Peskine 196a1c4256
Merge pull request #5517 from yuhaoth/pr/fix-client-auth-fail 
BUG fix :fix client_auth fail
 2022-02-09 13:08:12 +01:00
Jerry Yu 7840f81303 fix client_auth fail 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-09 19:43:22 +08:00
Manuel Pégourié-Gonnard 2c5fbad479
Merge pull request #5004 from mpg/doc-psa-migration 
Document PSA migration strategy
 2022-02-09 12:07:12 +01:00
Manuel Pégourié-Gonnard 62b49cd06a
Merge pull request #5472 from yuhaoth/pr/move-client-auth 
Move client_auth to handshake
 2022-02-09 10:57:00 +01:00
Manuel Pégourié-Gonnard 9193f7d836
Merge pull request #5436 from mpg/prog-hmac-cipher-psa 
PSA: example programs for HMAC and AEAD vs legacy
 2022-02-09 10:53:49 +01:00
Ronald Cron 6ca6faa67e
Merge pull request #5080 from xffbai/add-tls13-read-certificate-request 
add tls1_3 read certificate request
 2022-02-09 09:51:55 +01:00
Manuel Pégourié-Gonnard 1df23b903f Check the result of PEM decoding 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-08 14:53:50 -05:00
Manuel Pégourié-Gonnard 33ab075f45 Add success case for pem_read testing 
Currently all cases were negative, so the block that exercised
mbedtls_pem_get_der() would never be reached.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-08 14:53:50 -05:00
Glenn Strauss 72bd4e4d6a Add accessor to get buf from mbedtls_pem_context 
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2022-02-08 14:53:46 -05:00
Xiaofei Bai 7c8b6a97b9 Update CertificateRequest skip condition 
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
 2022-02-08 15:21:13 +00:00
pespacek 443c78eb83 BUGFIX: PSA test vectors use UID 1 instead of 0. 
Test vector to test rejection of uid = 0 was added.

Signed-off-by: pespacek <peter.spacek@silabs.com>
 2022-02-08 15:19:26 +01:00
pespacek d62e906b1c TEST: added psa_its_set expected failure test 
Signed-off-by: pespacek <peter.spacek@silabs.com>
 2022-02-08 15:19:26 +01:00
Jerry Yu 5c7d1cce97 fix typo error 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-08 21:08:29 +08:00
Jerry Yu 2d9a694088 change type of client_auth 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2022-02-08 21:07:10 +08:00
pespacek e990100ddb BUGFIX: psa_its_set now rejects UID = 0 
Signed-off-by: pespacek <peter.spacek@silabs.com>
 2022-02-08 14:05:41 +01:00
Manuel Pégourié-Gonnard ae1bae8412 Give a magic constant a name 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-08 11:36:28 +01:00