mbedtls

Author	SHA1	Message	Date
Jerry Yu	537530d57a	Add certificate request echo Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	3e536442f5	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	a23b9d954c	fix undefine error Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	22abd06cd0	Add rsa key check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	aa6214a571	add empty client certificate tests Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	7399d0d806	refactor write certificate Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	1bb5a1ffe3	Implement received sig_algs check Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	32e0c2d526	fix server only build fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	90f152dfac	fix psk only build fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	72637c734b	fix write certificate fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	c19884f487	change expect exit value Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	25e0ddcf47	Add client certificate file Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	8511f125af	Add certificteVerify Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	5cc3506c9f	Add write certificate and client handler Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	200b47b8f5	Add more tests for CertificateRequest Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	566c781290	Add dummy state for client_certifiate Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:58 +08:00
Jerry Yu	960bc28bcc	Add tests for no middlebox mode Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-22 10:17:57 +08:00
Ronald Cron	4579a972bf	Merge pull request #5426 from gilles-peskine-arm/ssl-get-version-3.1 Add accessors to mbedtls_ssl_context: user data, version ABI-API-checking fails which was expected as this PR adds a new field in mbedtls_ssl_context and mbedtls_ssl_config.	2022-02-21 17:03:24 +01:00
Manuel Pégourié-Gonnard	e3a2dd787e	Merge pull request #5521 from AndrzejKurek/rsa-pss-use-psa Make RSA-PSS verification use PSA with MBEDTLS_USE_PSA_CRYPTO	2022-02-21 16:58:57 +01:00
Gabor Mezei	4fded1359a	Use PSA_INIT() Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:47:24 +01:00
Gabor Mezei	d860e0f18b	Add comment Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	0e7c6f4961	Check return value of psa_destroy_key Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	26c6741c58	Add better name for variable. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	320d21cecf	Update documentation Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:39 +01:00
Gabor Mezei	c5efb8e58b	Use PSA error code Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:38 +01:00
Gabor Mezei	5d7d201b87	Update test Testing the hash length in this context is not applicable because there is no way to specify it when calling mbedtls_psa_hkdf_extract. Change to test invalid `alg` parameter. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:46:33 +01:00
Gabor Mezei	ebc9368173	typo Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:44:51 +01:00
Gabor Mezei	298a2d6109	Use ASSERT_ALLOC Change the calloc functions to ASSERT_ALLOC to check the return value of calloc as well. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:43:52 +01:00
Gabor Mezei	89c1a95f8f	Delete leftover code Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:42:59 +01:00
Gabor Mezei	b1f53976ee	Add documentation for mbedtls_psa_hkdf_extract Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:42:59 +01:00
Gabor Mezei	62bf024025	Make the mbedtls_psa_hkdf_extract function more PSA compatible Change the return value to `psa_status_t`. Add `prk_size` and `prk_len` parameters. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:42:57 +01:00
Gabor Mezei	73cb6f54de	Add tests for mbedtls_psa_hkdf_extrct The tests are based on the the test of mbedtls_hkdf_extract. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:41:42 +01:00
Gabor Mezei	9f4bb319c9	Implement HKDF extract in TLS 1.3 based on PSA HMAC Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2022-02-21 15:23:29 +01:00
Gilles Peskine	57bf02bd58	ssl_conf_{min,max}_version documentation: update for 1.3 and improve Mention that TLS 1.3 is supported, in addition to (D)TLS 1.2. Improve and clarify the documentation. In particular, emphasise that the minor version numbers are the internal numbers which are off by one from the human numbers. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:02 +01:00
Gilles Peskine	ce4f00de69	Reference get_version_number from the conf_xxx_version documentation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:02 +01:00
Gilles Peskine	d44e050339	get_version_number documentation: explicitly mention VERSION_UNKNOWN Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:02 +01:00
Gilles Peskine	860429f8af	Add version number debug check to the GnuTLS interop test as well Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:02 +01:00
Gilles Peskine	9cb08822a1	Minor clarification Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:02 +01:00
Gilles Peskine	ded2a42ac1	Use a union instead of casts Same intended semantics, no casts. Limitation: this doesn't work on architectures where sizeof(uintptr_t) < sizeof(void*), which is somewhat weird but possible if pointers contain redundant information. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:02 +01:00
Gilles Peskine	1e265d2e68	Fix swapped documentation of set_user_data_{n,p} Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:02 +01:00
Gilles Peskine	49d7ddf7f3	Serializing a context does not save the user data The user data is typically a pointer to a data structure or a handle which may no longer be valid after the session is restored. If the user data needs to be preserved, let the application do it. This way, it is a conscious decision for the application to save/restore either the pointer/handle itself or the object it refers to. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	80dae04f24	Make user_data fields private Add accessor functions. Add unit tests for the accessor functions. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	66971f8ab1	Add prototype for automatically generated debug helper Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	c63a1e0e15	Fix mbedtls_ssl_get_version() for TLSv1.3 Test it in ssl-opt.sh. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	1255b0de98	Positive unit testing for SSL context version functions Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	e1a0c25f71	New function to access the TLS version from a context as an enum Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	915896f03c	Add accessor function from mbedtls_ssl_context to the configuration Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Gilles Peskine	69477b5706	Add a field for application data to TLS structures In structure types that are passed to user callbacks, add a field that the library won't ever care about. The application can use this field to either identify an instance of the structure with a handle, or store a pointer to extra data. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-21 15:14:01 +01:00
Tom Cosgrove	b9987fc344	Handle MBEDTLS_SHA256_USE_A64_* on Windows on ARM64 too Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-02-21 12:26:11 +00:00
Paul Elliott	436b72690d	Merge pull request #5362 from yuhaoth/pr/enable-tls13-only-build TLS1.3:Enable tls13 only build	2022-02-21 11:22:37 +00:00

... 9 10 11 12 13 ...

19355 commits